How to Setup Archiva Behind Apache

For those who need an industry grade Archiva installation and http://localhost:8181/ is not good enough.

Apache Archiva Behind Mummy Apache

We want to install Apache Archiva so that an Apache Web Server acts to proxy the requests received from the internet. We benefit from a cleaner URL and HTTPS (SSL) becomes an option when hiding behind Apache’s huge skirts.

https://www.build-business-websites.co.uk/artifacts/

This works when you want to put Archiva in the cloud, or we want it accessible to our extranet, or indeed like above, the source is open to the whole internet.

Artifactory and Nexus are harder (relatively) to proxy – but Archiva, being in the Apache family, is incredibly easy.

1. Tell Archiva the Base Url

Archiva needs to create appropriate links to images, css and javascript files, so it needs to know the base url being used.

Go to the /home/archiva/conf/archiva.xml file and add one line inside the <ui> xml block telling Archiva the url.

<webapp>
<ui>
<showFindArtifacts>true</showFindArtifacts>
<appletFindEnabled>true</appletFindEnabled>
<disableEasterEggs>false</disableEasterEggs>
<disableRegistration>false</disableRegistration>
<applicationUrl>https://www.build-business-websites.co.uk/artifacts</applicationUrl>
</ui>
</webapp>

Note that there is no trailing forward slash at the end of the url – this is important.

2. Tell Apache to Proxy Requests for Archiva

Apache acts like a P.O Box. It delivers inbound messages to and from a configured location leaving external actors none the wiser as to the actual address involved.

In fact Archiva can run on a different host on the other side of the world – such is the power of proxying. In our case, Archiva and Apache are on the same host.

As we are running HTTPS we put the proxy directives into the default-ssl.conf in the /etc/apache2/sites-available folder.

##### ========================================================= ####
##### Configuration that hides Archiva Behind This Apache Proxy ####
##### ========================================================= ####

<Proxy http://localhost:8181/artifacts*>
   Order deny,allow
   Allow from all
</Proxy>

ProxyPass         /artifacts  http://localhost:8181 nocanon
ProxyPassReverse  /artifacts  http://localhost:8181
ProxyPassReverse  /artifacts  http://www.build-business-websites.co.uk/artifacts

Again be careful to respect the lack of forward slashes.
Important – this may not work https://www.build-business-websites.co.uk/artifacts in your browser. Archiva says Loading .. loading .. but nothing happens.

Make sure your access url ends in a forward slash like this https://www.build-business-websites.co.uk/artifacts/

3. Setting the Forwarded Proto Headers

When middleware like Tomcat, Jenkins, MediaWiki, Jira, Bugzilla receive HTTP traffic from an original HTTPS source request, they like to have the 2 headers below set.

If your default-ssl.conf file has them set then you are all good, if it doesn’t, you may consider adding it in.

RequestHeader set X-Forwarded-Proto "https"
RequestHeader set X-Forwarded-Port "443"

Leave a Reply

Your email address will not be published. Required fields are marked *