Skip to content

Tomcat 8.5.4 on Fedora behind Nginx

Install Oracle Java

1
2
3
4
5
6
#install jdk
wget --no-cookies --no-check-certificate --header "Cookie: gpw_e24=http%3A%2F%2Fwww.oracle.com%2F; oraclelicense=accept-securebackup-cookie" "http://download.oracle.com/otn-pub/java/jdk/8u102-b14/jdk-8u102-linux-i586.rpm"
#install jre
wget --no-cookies --no-check-certificate --header "Cookie: gpw_e24=http://www.oracle.com/ oraclelicense=accept-securebackup-cookie" "http://download.oracle.com/otn-pub/java/jdk/8u102-b14/jre-8u102-linux-i586.rpm"
#enable firefox plugin
alternatives --install /usr/lib/mozilla/plugins/libjavaplugin.so libjavaplugin.so /usr/java/jdk1.8.0_102/jre/lib/i386/libnpjp2.so 20000

Tip

URL for JDK and JRE is best obtained directly from oracle website

Download Tomcat

1
2
3
4
su
mkdir /opt/tomcat/ && cd /opt/tomcat
wget http://mirror.ox.ac.uk/sites/rsync.apache.org/tomcat/tomcat-8/v8.5.4/bin/apache-tomcat-8.5.4.zip
wget https://www.apache.org/dist/tomcat/tomcat-8/v8.5.4/bin/apache-tomcat-8.5.4.zip.md5

Check MD5

1
2
3
cat apache-tomcat-8.5.4.zip.md5
md5sum apache-tomcat-8.5.4.zip
unzip apache-tomcat-8.5.4.zip

Create a TOMCAT Group and User then grant access

1
2
3
4
5
6
7
groupadd tomcat
useradd -M -s /bin/nologin -g tomcat -d /opt/tomcat tomcat
cd /opt/tomcat
chgrp -R tomcat conf
chmod g+rwx conf
chmod g+r conf/*
chown -R tomcat bin/ webapps/ work/ temp/ logs/

Create Service for Tomcat

nano /etc/systemd/system/tomcat.service
/etc/systemd/system/tomcat.service
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
## Systemd unit file for tomcat
[Unit]
Description=Apache Tomcat Web Application Container
After=syslog.target network.target

[Service]
Type=forking

ExecStart=/opt/tomcat/apache-tomcat-8.5.4/bin/startup.sh
ExecStop=/opt/tomcat/apache-tomcat-8.5.4/bin/shutdown.sh

User=tomcat
Group=tomcat

[Install]
WantedBy=multi-user.target

1
2
systemctl start tomcat.service
systemctl enable tomcat.service

Alternative start and stop

1
2
3
4
5
6
cd apache-tomcat-8.5.4/bin
chmod 700 /opt/tomcat/apache-tomcat-8.5.4/bin/*.sh
ln -s /opt/tomcat/apache-tomcat-8.5.4/bin/startup.sh /usr/bin/tomcatup
ln -s /opt/tomcat/apache-tomcat-8.5.4/bin/shutdown.sh /usr/bin/tomcatdown
tomcatup
tomcatdown

Change port

nano /opt/tomcat/apache-tomcat-8.5.4/conf/server.xml

Around line 69 is the connector tag where the port=8080 is specified. For this example lets change it to 8081. After change the connector tag in server.xml will look as below:

/opt/tomcat/apache-tomcat-8.5.4/conf/server.xml
1
2
3
<Connector port="8081" protocol="HTTP/1.1"
               connectionTimeout="20000"
               redirectPort="8443" >;

Add tomcat Users

Open tomcat-users.xml and add new users before tag

nano /opt/tomcat/apache-tomcat-8.5.4/conf/tomcat-users.xml
sample user:
/opt/tomcat/apache-tomcat-8.5.4/conf/tomcat-users.xml
1
2
3
4
<role rolename="admin-gui"/><br>
<user username="admin" password="some admin password" roles="admin-gui"/><br>
<role rolename="manager-gui"/><br>
<user username="jhondoe" password="some password" roles="manager-gui"/>

Test

1
2
3
4
touch /opt/tomcat/apache-tomcat-8.5.4/webapps/ROOT/testankit.jsp
nano /opt/tomcat/apache-tomcat-8.5.4/webapps/ROOT/testankit.jsp
#restart tomcat
systemctl restart tomcat.service

Open the browser and enter http://localhost:8080 (or whatever port you have configured Tomcat on.)

Configure Nginx Reverse Proxy for Tomcat

  • Configure the dynamic DNS. Steps will be as per my previous post. For purpose of this step I will be assuming you created a DDNS named tomcat.yoursite.com

  • Update /etc/hosts to include tomcat.yoursite.com

/etc/hosts
1
2
3
sudo nano /etc/hosts
#Make an entry in your hosts
127.0.0.1  localhost.localdomain localhost your.seafile.com your.blog.com tomcat.yoursite.com
  • Now create nginx conf file using sudo nano /etc/nginx/conf.d/tomcat.conf as shown below:
/etc/nginx/conf.d/tomcat.conf
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
upstream tomcat {
server 127.0.0.1:8081;
}

server {
      listen      80;
      server_name tomcat.yoursite.com;
      access_log  /var/log/nginx/tomcat.access.log;
      error_log   /var/log/nginx/tomcat.error.log;
      proxy_buffers 16 64k;
      proxy_buffer_size 128k;

        location / {
          proxy_pass  http://tomcat;
          proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
          proxy_redirect off;
          proxy_set_header    Host            $host;
          proxy_set_header    X-Real-IP       $remote_addr;
          proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
          proxy_set_header    X-Forwarded-Proto https;
      }
  }
  • Finally reload and restart services
1
2
3
sudo systemctl daemon-reload
sudo systemctl start nginx.service
sudo systemctl start tomcat.service
Comments from Disqus

As I plan to move away from disqus comment system, I am just including the screenshots of comments just so any information shared by or to the readers is retained.

Disqus Comments Disqus Comments