Skip to content

Instantly share code, notes, and snippets.

@avoidik
Created May 5, 2024 21:29
Show Gist options
  • Save avoidik/39f6777dfa16cc9734dfd84d3de7f431 to your computer and use it in GitHub Desktop.
Save avoidik/39f6777dfa16cc9734dfd84d3de7f431 to your computer and use it in GitHub Desktop.
Jira in Docker on bare AWS EC2 instance

Jira on AWS

Prerequisites

  • VPC with two public subnets
  • A bunch of security groups (WAN to ALB, ALB to EC2, EC2 to RDS, RDS to EC2, EC2 to WAN)
  • ALB and Target Group (Health check on / for 200,302)
  • Route53 Hosted Zone (Public) and A-record to ALB
  • ACM certificate (DNS validation)
  • RDS Instance with Subnet group
  • IAM Instance Profile (AmazonSSMManagedInstanceCore, inline kms:Decrypt and secretsmanager:GetSecretValue)

Minimal config

EC2

#cloud-config

package_update: false
package_upgrade: false

ssh_authorized_keys:
  - 'ssh-ed25519 ... '

runcmd:
  - while fuser /var/lib/rpm/.rpm.lock > /dev/null 2>&1 ; do sleep 1 ; done
  - dnf install -y docker
  - systemctl enable docker.service
  - systemctl start docker.service
  - usermod -a -G docker ec2-user
  - dnf install -y postgresql15
  - wget https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64 -qO /usr/bin/yq
  - chmod +x /usr/bin/yq

Test connection to RDS

$ PGPASSWORD="$(aws secretsmanager get-secret-value --secret-id 'rds!db-d81525e6-9e56-46b9-85ca-67fe487ed6c9' --region eu-south-2 --query 'SecretString' | yq e 'from_json | .password')" \
   psql \
   --host=jira.xyz.eu-south-2.rds.amazonaws.com \
   --port=5432 \
   --username=postgres \
   --dbname=jiradb

Run Jira

$ docker volume create --name jiraVolume
$ docker run \
  -d \
  -v jiraVolume:/var/atlassian/application-data/jira \
  --name='jira' \
  -p 8080:8080 \
  --restart unless-stopped \
  -e ATL_PROXY_NAME='jira.ahe.em' \
  -e ATL_PROXY_PORT='443' \
  -e ATL_TOMCAT_SCHEME='https' \
  -e ATL_TOMCAT_SECURE='true' \
  -e ATL_JDBC_URL='jdbc:postgresql://jira.xyz.eu-south-2.rds.amazonaws.com:5432/jiradb' \
  -e ATL_JDBC_USER='postgres' \
  -e ATL_DB_DRIVER='org.postgresql.Driver' \
  -e ATL_DB_TYPE='postgres72' \
  -e ATL_JDBC_SECRET_CLASS='com.atlassian.secrets.store.aws.AwsSecretsManagerStore' \
  -e ATL_JDBC_PASSWORD='{"region": "eu-south-2", "secretId": "rds!db-d81525e6-9e56-46b9-85ca-67fe487ed6c9", "secretPointer": "/password"}' \
  -e ATL_FORCE_CFG_UPDATE='true' \
  atlassian/jira-software

References

https://atlassian.github.io/data-center-helm-charts/containers/JIRA/

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment