Atlassian Applications in Azure – Part 4, Crowd

It’s never a party until you have Crowd, so lets go through this one as well.

Crowd on Linux / Azure the atlassian directions.

https://confluence.atlassian.com/display/CROWD/Crowd+Documentation

Note – need to have the Java Development Kit installed on the server before running through the install

We’ll get started on the crowd server “Crowd01” and get that Java installed.

Gregorys-MacBook-Pro:~ gvandenham$ ssh -p 53877 gvandenham@191.237.xx.xx
The authenticity of host ‘[191.237.xx.xx]:53877 ([191.237.xx.xx]:53877)’ can’t be established.
RSA key fingerprint is 11:c7:14:dc:14:03:f7:74:xx:xx:xx:xx:xx:xx:xx:xx.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added ‘[191.237.xx.xx]:53877’ (RSA) to the list of known hosts.
gvandenham@191.237.xx.xx’s password:
[gvandenham@Crowd01 ~]$

[gvandenham@Crowd01 ~]$ sudo yum install java-sdk

Copy the crowd install file from Atlasssian over to the crowd server. We’ll use the below command to copy.

scp -P 53877 atlassian-crowd-2.8.3.tar.gz gvandenham@sprocket.cloudapp.net:/home/gvandenham/CrowdInstall/

Gregorys-MacBook-Pro:downloads gvandenham$ scp -P 53877 atlassian-crowd-2.8.3.tar.gz gvandenham@sprocket.cloudapp.net:/home/gvandenham/CrowdInstall/
The authenticity of host ‘[sprocket.cloudapp.net]:53877 ([191.237.xx.xx]:53877)’ can’t be established.
RSA key fingerprint is 11:c7:14:dc:14:03:f7:74:xx:xx:xx:xx:xx:xx:xx:xx.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added ‘[sprocketdc1.cloudapp.net]:53877’ (RSA) to the list of known hosts.
gvandenham@sprocket.cloudapp.net’s password:
atlassian-crowd-2.8.3.tar.gz 73% 105MB 2.0MB/s 00:18 ETA

Browse to the directory, and change the file security.

gvandenham@Crowd01 ~]$ cd CrowdInstall
[gvandenham@Crowd01 CrowdInstall]$ ls
atlassian-crowd-2.8.3.tar.gz –> note its red – non executable.
[gvandenham@Crowd01 CrowdInstall]$ chmod a+x atlassian-crowd-2.8.3.tar.gz
[gvandenham@Crowd01 CrowdInstall]$ ls
atlassian-crowd-2.8.3.tar.gz –> note its now green – executable.
[gvandenham@Crowd01 CrowdInstall]$

Create home directory for crowd to live in-
[gvandenham@Crowd01 CrowdInstall]$ sudo -u root mkdir /var/Crowd_Home

Expand Crowd files into the new crowd home folder –
[gvandenham@Crowd01 CrowdInstall]$ sudo -u root tar -xvf atlassian-crowd-2.8.3.tar.gz -C /var/Crowd_Home/

Browse over and verify the directory contents
[gvandenham@Crowd01 CrowdInstall]$ cd /var/Crowd_Home/
[gvandenham@Crowd01 Crowd_Home]$ ls
atlassian-crowd-2.8.3
[gvandenham@Crowd01 Crowd_Home]$ cd atlassian-crowd-2.8.3/
[gvandenham@Crowd01 atlassian-crowd-2.8.3]$ ls
apache-tomcat client demo-webapp start_crowd.sh
build.bat crowd-openidclient-webapp etc stop_crowd.bat
build.properties crowd-openidserver-webapp licenses stop_crowd.sh
build.sh crowd-webapp README.txt
build.xml demo-src start_crowd.bat
[gvandenham@Crowd01 atlassian-crowd-2.8.3]$

Go in and edit the crowd-init.properties file to set the home location. \crowd-webapp\WEB-INF\classes\ … forgive me, i was browsing lazily as I took a look to see what was there.

[gvandenham@Crowd01 atlassian-crowd-2.8.3]$ cd crowd-webapp
[gvandenham@Crowd01 crowd-webapp]$ ls
about.jsp console index.jsp META-INF template WEB-INF
[gvandenham@Crowd01 crowd-webapp]$ cd WEB-INF
[gvandenham@Crowd01 WEB-INF]$ ls
classes crowd.tld decorators.xml lib sitemesh.xml urlrewrite.xml web.xml
[gvandenham@Crowd01 WEB-INF]$ cd classes
[gvandenham@Crowd01 classes]$ ls
applicationContext-CrowdBootstrap.xml freemarker.properties
applicationContext-CrowdConsoleClient.xml help-paths.properties
applicationContext-CrowdSecurity.xml johnson-config.xml
applicationContext-CrowdWeb.xml log4j.properties
appserver-dependencies.xml logging.properties
atlassian-bundled-plugins.zip struts.properties
com struts.xml
crowd-ehcache.xml supportedDatabases.properties
crowd-init.properties system-ui-plugin.xml
database-defaults system-web-resources.xml

Vi edit the crowd-init.properties file (note: if you Vi and at the bottom of the screen you see read only, use sudo -u root vi ….)

[gvandenham@Crowd01 classes]$ vi crowd-init.properties

crowd1

Remove the # (comment, and adjust the home directory to match what we created. (i= insert, esc=stop insert, ZZ (cap) = save and exit)

Ok, time for a little break from this server to hop onto the postgresql server and create a database and allow the connection.

We already modified postgresql.conf during the confluence install to allow connections on all of its ip addresses. So, lets focus on allowing connections from the jira server.

[gvandenham@PostGresDB1 var]$ sudo vi /var/lib/pgsql/data/pg_hba.conf
add a host line to IPv4 with the IP address of the jira host that is connecting and since its using a password, method is md5. save the file and restart the service.

crowd2

gvandenham@PostGresDB1 ~]$ sudo service postgresql restart
Redirecting to /bin/systemctl restart postgresql.service
[gvandenham@PostGresDB1 ~]$
gvandenham@PostGresDB1 ~]$ sudo -u root su – postgres
Last login: Sun Jun 28 15:48:35 UTC 2015 on pts/0
-bash-4.2$ psql
psql (9.2.10)
Type “help” for help.

postgres=# create role crowdly login password ‘yourstrongpasswordhere’;
CREATE ROLE
postgres=# create database crowddb encoding ‘UTF8’ owner crowdly;
CREATE DATABASE
postgres=# \l
List of databases
Name | Owner | Encoding | Collate | Ctype | Access privileges
———–+———-+———-+————-+————-+———————–
confdb | conf | UTF8 | en_US.UTF-8 | en_US.UTF-8 |
crowddb | crowd | UTF8 | en_US.UTF-8 | en_US.UTF-8 |
jiradb | conf | UTF8 | en_US.UTF-8 | en_US.UTF-8 |
postgres | postgres | UTF8 | en_US.UTF-8 | en_US.UTF-8 |
template0 | postgres | UTF8 | en_US.UTF-8 | en_US.UTF-8 | =c/postgres +
| | | | | postgres=CTc/postgres
template1 | postgres | UTF8 | en_US.UTF-8 | en_US.UTF-8 | =c/postgres +
| | | | | postgres=CTc/postgres
(6 rows)

postgres=#

ok, now that we have that squared away, back to the crowd server.

We can just fire it up, or we can go through and create a service account and an automated startup.

https://confluence.atlassian.com/display/CROWD/Setting+Crowd+to+Run+Automatically+and+Use+an+Unprivileged+System+User+on+UNIX

lets just fire it up for right now, because I’m dying to see this work, aren’t you?

[gvandenham@Crowd01 var]$ cd /var/Crowd_Home/atlassian-crowd-2.8.3/
[gvandenham@Crowd01 atlassian-crowd-2.8.3]$ ls
apache-tomcat client demo-webapp start_crowd.sh
build.bat crowd-openidclient-webapp etc stop_crowd.bat
build.properties crowd-openidserver-webapp licenses stop_crowd.sh
build.sh crowd-webapp README.txt
build.xml demo-src start_crowd.bat
[gvandenham@Crowd01 atlassian-crowd-2.8.3]$
[gvandenham@Crowd01 atlassian-crowd-2.8.3]$ sudo -u root ./start_crowd.sh
[sudo] password for gvandenham:
Using CATALINA_BASE: /var/Crowd_Home/atlassian-crowd-2.8.3/apache-tomcat
Using CATALINA_HOME: /var/Crowd_Home/atlassian-crowd-2.8.3/apache-tomcat
Using CATALINA_TMPDIR: /var/Crowd_Home/atlassian-crowd-2.8.3/apache-tomcat/temp
Using JRE_HOME: /
Using CLASSPATH: /var/Crowd_Home/atlassian-crowd-2.8.3/apache-tomcat/bin/bootstrap.jar:/var/Crowd_Home/atlassian-crowd-2.8.3/apache-tomcat/bin/tomcat-juli.jar
Tomcat started.
[gvandenham@Crowd01 atlassian-crowd-2.8.3]$

One last thing to do… the port open in Azure on the server. http://localhost:8095/crowd

crowd3

Now – lets browse and take a look to see what we have.

crowd4

License her up – just grab your license from my.atlassian.com.
crowd5

New Installation, please:
crowd6

Configure the database connection:
crowd7

Give the system a name:
crowd8

You can initially skip mail configuration:
crows9

Configure the internal directory service:
crowd10

Following regexp will check on these requirements:
(?=^.{8,}$)(?=.*\d)(?=.*[!@#$%^&*]+)(?![.\n])(?=.*[A-Z])(?=.*[a-z]).*$

The password length must be greater than or equal to 8
The password must contain one or more uppercase characters
The password must contain one or more lowercase characters
The password must contain one or more numeric values
The password must contain one or more special characters

Get yourself setup as the default administrator:
crowd11

OpenID? hmmm… we’ll pass for a little on that one.

crows12

You’ve done it!

crowd13

Well, not so fast

Here’s a quick tip to get you started on your way to LDAP authentication using Active Directory.

crowd14



Leave a Reply

Your email address will not be published. Required fields are marked *