Personal tools
You are here: Home Software Development Auth Install JetBrains Hub on CentOS v7.1

Install JetBrains Hub on CentOS v7.1

JetBrains Hub v1.0

This documents installing JetBrains Hub v1.0 on a CentOS v7.1 VM. The VM has a Nginx reverse proxy in front of it to provide TLS offload and certificate management.

The Hub server doesn't have any pre-requisites other than a JVM. It doesn't seem to need a database server.

OpenJDK

 

Install the latest OpenJDK:

# yum install java-1.8.0-openjdk-headless

Hub

Create a Hub user account. The server will run as this identity. This installation puts the 'hub' home directory on the 'srv' filesystem which has sufficient disk space.

# adduser -c "Jetbrains Hub" -m -d /srv/hub -r hub

Extract the Hub distribution archive into the hub user directory (as the hub user - not as root) into a directory with a version number. Symlink a fixed name to point to this versioned directory. This will allow upgrades to be done easily in the future, as well as meeting the requirement of absolute paths for the systemd configuration. These commands are done as the 'hub' user in the hub home directory ('/srv/hub').

$ unzip hub-ring-bundle-1.0.507.zip -d hub-1.0.507
$ ln -s hub-1.0.507 hub

Create directories in the 'hub' home directory for data that is persisted between versions of hub installations (these will be selected during first time startup (bellow)):

$ mkdir data backup log tmp

Create a systemd service file '/lib/systemd/system/hub.service':

[Unit]
Description=JetBrains Hub
Requires=network.target
After=syslog.target network.target

[Service]
Type=forking
ExecStart=/srv/hub/hub/bin/hub.sh start
ExecStop=/srv/hub/hub/bin/hub.sh stop
User=hub

[Install]
WantedBy=multi-user.target
Start the service
# systemctl enable hub
# systemctl start hub

Firewall

Over and above standard firewall access (ssh, dns, http, local smtp); allow ingress for:

  1. http for the main web interface (port 8080)
ip4 rules:
-A tcpIn -p tcp  -m tcp --source 10.20.7.0/24 --dport 8080 -m conntrack --ctstate NEW -j ACCEPT

Note: If you are using the standard firewall then

# firewall-cmd --zone=public --permanent --add-port=8080/tcp
# firewall-cmd  --reload

Reverse proxy  

 

Use the configuration below to create a reverse proxy in front of the service. This handles the TLS/SSL offload. This will connect to the hub service on port 8080. It will provide access to the service with the URL https://hub.lucidsolutions.co.nz.

Logs

The following symlink is handy for logging:

# ln -s /srv/hub/log /var/log/hub

Initial Setup

 

hub - 2015-08-16_171430.png

 

 

 

Links

Appendices

Nginx

The following nginx configuration is used as a reverse proxy in front of Hub:

server {
    listen [::]:80;
    server_name          hub.lucidsolutions.co.nz;
    location / {
        # redirect to secure page [permanent | redirect]
        rewrite ^ https://hub.lucidsolutions.co.nz$request_uri? permanent;
    }
}

map $http_upgrade $connection_upgrade {
    default upgrade;
    '' '';
}


server {
    listen               [::]:443;
    server_name          hub.lucidsolutions.co.nz;
    keepalive_timeout    70;

    ssl                  on;
    ssl_certificate      certs/hub.lucidsolutions.co.nz.startssl.crt;
    ssl_certificate_key  certs/hub.lucidsolutions.co.nz.key;

    access_log  /var/log/nginx/hub.lucidsolutions.co.nz.access.log  main;

    location / {
        proxy_pass            http://10.20.21.3:8080/;
        proxy_http_version    1.1;
        proxy_read_timeout    1200;
        proxy_connect_timeout 240;

        proxy_set_header      Host              $host;
        proxy_set_header      X-Real-IP         $remote_addr;
        proxy_set_header      X-Forwarded-For   $proxy_add_x_forwarded_for;
        proxy_set_header      X-Forwarded-Host  $host;
        proxy_set_header      X-Forwarded-Proto $scheme;
        proxy_set_header      Upgrade           $http_upgrade;
        proxy_set_header      Connection        $connection_upgrade;

        client_max_body_size  100M;
    }
}

 

hub.sh help

$ ./hub.sh help

Usage:
  /bin/sh /srv/hub/hub-1.0.507/bin/hub.sh <command>

<command> can be one of the following:

  configure
    configures Hub, call "help configure" for details

  start
    starts Hub in background, call "help start" for details

  run
    runs Hub in the current console

  status
    prints Hub status, call "help status" for details

  stop
    shuts Hub down, call "help stop" for details

  restart
    restarts Hub in background, call "help restart" for details

  rerun
    reruns Hub in the current console, call "help rerun" for details

  dump
    provides some Hub debug info, call "help dump" for details

  kill
    kills Hub process

  java
    manages the path to the Java for Hub, call "help java" for details

  help
    prints usage text

  help <command name>
    prints usage text for the specified command

 

Document Actions