Install JetBrains Hub on CentOS v7.1
JetBrains Hub v1.0
This documents installing JetBrains Hub v1.0 on a CentOS v7.1 VM. The VM has a Nginx reverse proxy in front of it to provide TLS offload and certificate management.
The Hub server doesn't have any pre-requisites other than a JVM. It doesn't seem to need a database server.
OpenJDK
Install the latest OpenJDK:
# yum install java-1.8.0-openjdk-headless
Hub
Create a Hub user account. The server will run as this identity. This installation puts the 'hub' home directory on the 'srv' filesystem which has sufficient disk space.
# adduser -c "Jetbrains Hub" -m -d /srv/hub -r hub
Extract the Hub distribution archive into the hub user directory (as the hub user - not as root) into a directory with a version number. Symlink a fixed name to point to this versioned directory. This will allow upgrades to be done easily in the future, as well as meeting the requirement of absolute paths for the systemd configuration. These commands are done as the 'hub' user in the hub home directory ('/srv/hub').
$ unzip hub-ring-bundle-1.0.507.zip -d hub-1.0.507 $ ln -s hub-1.0.507 hub
Create directories in the 'hub' home directory for data that is persisted between versions of hub installations (these will be selected during first time startup (bellow)):
$ mkdir data backup log tmp
Create a systemd service file '/lib/systemd/system/hub.service':
[Unit] Description=JetBrains Hub Requires=network.target After=syslog.target network.target [Service] Type=forking ExecStart=/srv/hub/hub/bin/hub.sh start ExecStop=/srv/hub/hub/bin/hub.sh stop User=hub [Install] WantedBy=multi-user.targetStart the service
# systemctl enable hub # systemctl start hub
Firewall
Over and above standard firewall access (ssh, dns, http, local smtp); allow ingress for:
- http for the main web interface (port 8080)
-A tcpIn -p tcp -m tcp --source 10.20.7.0/24 --dport 8080 -m conntrack --ctstate NEW -j ACCEPT
Note: If you are using the standard firewall then
# firewall-cmd --zone=public --permanent --add-port=8080/tcp # firewall-cmd --reload
Reverse proxy
Use the configuration below to create a reverse proxy in front of the service. This handles the TLS/SSL offload. This will connect to the hub service on port 8080. It will provide access to the service with the URL https://hub.lucidsolutions.co.nz.
Logs
The following symlink is handy for logging:
# ln -s /srv/hub/log /var/log/hub
Initial Setup
Links
- https://www.jetbrains.com/hub/
- https://www.jetbrains.com/hub/help/1.0/Installing-Hub-with-Zip-Distribution.html
- Web sockets support:
- http://nginx.com/blog/websocket-nginx/
- https://confluence.jetbrains.com/pages/viewpage.action?pageId=56688959
- http://blog.jetbrains.com/teamcity/2015/10/teamcity-hub-plugin/
Appendices
Nginx
The following nginx configuration is used as a reverse proxy in front of Hub:
server { listen [::]:80; server_name hub.lucidsolutions.co.nz; location / { # redirect to secure page [permanent | redirect] rewrite ^ https://hub.lucidsolutions.co.nz$request_uri? permanent; } } map $http_upgrade $connection_upgrade { default upgrade; '' ''; } server { listen [::]:443; server_name hub.lucidsolutions.co.nz; keepalive_timeout 70; ssl on; ssl_certificate certs/hub.lucidsolutions.co.nz.startssl.crt; ssl_certificate_key certs/hub.lucidsolutions.co.nz.key; access_log /var/log/nginx/hub.lucidsolutions.co.nz.access.log main; location / { proxy_pass http://10.20.21.3:8080/; proxy_http_version 1.1; proxy_read_timeout 1200; proxy_connect_timeout 240; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; client_max_body_size 100M; } }
hub.sh help
$ ./hub.sh help Usage: /bin/sh /srv/hub/hub-1.0.507/bin/hub.sh <command> <command> can be one of the following: configure configures Hub, call "help configure" for details start starts Hub in background, call "help start" for details run runs Hub in the current console status prints Hub status, call "help status" for details stop shuts Hub down, call "help stop" for details restart restarts Hub in background, call "help restart" for details rerun reruns Hub in the current console, call "help rerun" for details dump provides some Hub debug info, call "help dump" for details kill kills Hub process java manages the path to the Java for Hub, call "help java" for details help prints usage text help <command name> prints usage text for the specified command