Nginx SSL Proxy for FIsheye

Question

I've scoured the internet, and stumbled across Fisheye + Nginx Reverse Proxy many times, but it doesn't seem to be answering my question. I have Atlassian's FIsheye up and running. Right now, Fisheye is listening on port 8060, and there is an nginx reverse proxy up and running that allows me to access it via port 80.

I've also set up the nginx proxy to proxy SSL connection (from port 443) to the fisheye port, but the connection is being refused. There is lots of stuff out there that says to try various things, but so far none of them have solved my problem.

Atlassians answer is to try using Apache, which I will do if I have to. It just bugs me that I should have to run apache when I have nginx proxying all sorts of other applications on various servers. Nginx is what I know better, and what I would prefer to stick with.

Without further ado, here are my configs.

Fisheye config.xml (I've included what I think are the relevant sections):

<?xml version="1.0" encoding="UTF-8"?>
<config control-bind="127.0.0.1:8059" version="1.0" admin-hash="REDACTED" timezone="America/Indianapolis">
<web-server site-url="https://crucible.domain.com" context="/">
    <http bind=":8060" proxy-port="443" proxy-scheme="https" proxy-host="crucible.domain.com"/>    
</web-server>

And my nginx config file:

server {
  listen 443;
  listen [::]:443;
  listen 80;
  listen [::]:80;

  server_name  crucible.domain.com;

  ssl on;
  ssl_certificate           /etc/nginx/crucible.domain.com.crt;
  ssl_certificate_key       /etc/nginx/crucible.domain.com.key;
  ssl_session_cache         shared:SSL:10m;
  ssl_session_timeout       5m;
  ssl_protocols             SSLv3 TLSv1 TLSv1.1 TLSv1.2;
  ssl_ciphers               HIGH:!aNULL:!MD5;
  ssl_prefer_server_ciphers on;
    index  index.html index.htm index.php;

  access_log            /var/log/nginx/ssl-crucible.domain.com.access.log;
  error_log             /var/log/nginx/ssl-crucible.domain.com.error.log;

  location / {
    proxy_set_header X-Forwarded-Host $host;
    proxy_set_header X-Forwarded-Server $host;                                                             
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Host $http_host;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_pass http://127.0.0.1:8060;                                             
    proxy_buffering off;
    proxy_redirect off;
    } 
}

The non-ssl redirect is working swimmingly. The SSL redirect gives me connection refused:

~$ wget https://crucible.domain.com
--2014-05-25 14:55:03--  https://crucible.domain.com/
Resolving crucible.domain.com... X.X.X.X
Connecting to crucible.domain.com|X.X.X.X|:443... failed: Connection refused.

There are no errors in either the fisheye or the nginx logs that I can find anywhere.

Any advice or help will be greatly appreciated.

Through the course of troubleshooting this, I've restarted both nginx and fisheye multiple times. So yes. — Kirk, May 26 '14 at 00:11
As of right now, iptables is flushed -- no rules in effect. No SELinux / apparmor, nothing like that. — Kirk, May 26 '14 at 00:13
At this point [you should probably share](http://meta.serverfault.com/q/963/126632) the actual domain name/IP address. Without them there is virtually nothing else we are likely to be able to suggest. — Michael Hampton, May 26 '14 at 00:16

Nginx SSL Proxy for FIsheye

0 Answers0