How to Install Tomcat with Nginx as a Reverse Proxy on Ubuntu 18.04

Apache Tomcat is a free and open-source Java Servlet that provides a Java HTTP web server environment to run Java application. It is simple, easy to use and one of the most widely used web servers in the world. Tomcat acts as a development server that can be used to test and build applications that use JSF 2, servlets/JSP, or other Java-based dynamic Web technologies.

In this tutorial, we will explain how to install the latest version of Apache Tomcat on Ubuntu 18.04 server.

Requirements

  • A server running on Ubuntu 18.04.
  • A static IP address is configured on your server.
  • A root password is configured on your server.

Installing Java

Apache Tomcat required Java version 8 or higher to be installed on your server. If not installed, you can install it with the following command:

# apt-get install default-jdk -y

Once installed, check the version of the Java with the following command:

# java --version

You should get the following output:

openjdk 11.0.4 2019-07-16
OpenJDK Runtime Environment (build 11.0.4+11-post-Ubuntu-1ubuntu218.04.3)
OpenJDK 64-Bit Server VM (build 11.0.4+11-post-Ubuntu-1ubuntu218.04.3, mixed mode, sharing)

Downloading Tomcat

Before starting, you will need to create a group and user that will run the Tomcat service.

You can create it with the following command:

# groupadd tomcat
# useradd -s /bin/false -g tomcat -d /home/tomcat tomcat

Next, download the latest version of the Apache Tomcat with the following command:

# wget http://mirrors.estointernet.in/apache/tomcat/tomcat-9/v9.0.26/bin/apache-tomcat-9.0.26.zip

Once downloaded, unzip the downloaded file with the following command:

# unzip apache-tomcat-9.0.26.zip

Next, move the extracted directory to /home/ directory:

 mv apache-tomcat-9.0.26 /home/tomcat 

Next, change the ownership of /home/tomcat directory to tomcat with the following command:

# chown -R tomcat:tomcat /home/tomcat
# chmod -R 755 /home/tomcat/

Configuring Tomcat Web Management Interface

In order to access the Tomcat web management interface, you will need to add a user and password to access the manager-gui and admin-gui. You can do this by editing the file /home/tomcat/conf/tomcat-users.xml:

 nano /home/tomcat/conf/tomcat-users.xml 

Add the following lines above the line </tomcat-users>:

<role rolename="manager-gui"/>
<role rolename="admin-gui"/>
<user username="admin" password="your-password" roles="manager-gui,admin-gui"/>

Save and close the file when you are finished.

Next, you will need to allow Tomcat Manager and Host Manager to be accessible from your remote IP address.

For the host manage app, edit the following file:

 nano /home/tomcat/webapps/host-manager/META-INF/context.xml 

Add your remote machine IP address from where you want to access the host manager app:

<Context antiResourceLocking="false" privileged="true" >
  <Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1|your-remote-system-ip" />

For manager app, edit the following file:

 nano /home/tomcat/webapps/manager/META-INF/context.xml 

Add your remote machine IP address from where you want to access the manager app:

<Context antiResourceLocking="false" privileged="true" >
  <Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1|your-remote-system-ip" />

Create the Systemd Service File for Tomcat

Next, you will need to create a systemd service file to manage the Tomcat service. You can create it with the following command:

# nano /etc/systemd/system/tomcat.service

Add the following lines:

[Unit]
Description=Tomcat servlet container
After=network.target

[Service]
Type=forking

User=tomcat
Group=tomcat

Environment="JAVA_HOME=/usr/lib/jvm/default-java"
Environment="JAVA_OPTS=-Djava.security.egd=file:///dev/urandom"

Environment="CATALINA_BASE=/home/tomcat"
Environment="CATALINA_HOME=/home/tomcat"
Environment="CATALINA_PID=/home/tomcat/temp/tomcat.pid"
Environment="CATALINA_OPTS=-Xms512M -Xmx1024M -server -XX:+UseParallelGC"

ExecStart=/home/tomcat/bin/startup.sh
ExecStop=/home/tomcat/bin/shutdown.sh

[Install]
WantedBy=multi-user.target

Save and close the file. Then, reload the systemd daemon and start the Tomcat service with the following commands:

# systemctl daemon-reload
# systemctl start tomcat

You can also verify the Tomcat service with the following command:

# systemctl status tomcat

You should get the following output:

● tomcat.service - Tomcat servlet container
   Loaded: loaded (/etc/systemd/system/tomcat.service; disabled; vendor preset: enabled)
   Active: active (running) since Sun 2019-10-06 06:57:39 UTC; 19s ago
  Process: 17893 ExecStart=/home/tomcat/bin/startup.sh (code=exited, status=0/SUCCESS)
 Main PID: 17903 (java)
    Tasks: 43 (limit: 1114)
   CGroup: /system.slice/tomcat.service
           └─17903 /usr/lib/jvm/default-java/bin/java -Djava.util.logging.config.file=/home/tomcat/conf/logging.properties -Djava.util.logging.

Oct 06 06:57:39 ubuntu1804 systemd[1]: Starting Tomcat servlet container...
Oct 06 06:57:39 ubuntu1804 startup.sh[17893]: Tomcat started.
Oct 06 06:57:39 ubuntu1804 systemd[1]: Started Tomcat servlet container.

Accessing the Tomcat Web Interface

Tomcat is now installed and running on the port 8080. Open your web browser and type the URL http://your-server-ip:8080. You will be redirected to the Tomcat dashboard as shown below:

Now, click on the Manager App or Host Manager. You will be asked to provide a username and password as shown in the following screen:

Provide your admin username, password and click on the Sign in button. You will be redirected to the Manager App or Host Manager dashboard:

or

 

Configure Nginx as a Reverse Proxy

You can also configure Nginx as a reverse proxy for the Tomcat server. So Nginx will accept all requests over port 80 instead of the Tomcat server.

First, install Nginx webserver with the following command:

# apt-get install nginx -y

Once installed, create a new virtual host configuration file for Tomcat.

 nano /etc/nginx/sites-available/tomcat.conf 

Add the following lines:

upstream tomcat {
  server 127.0.0.1:8080 weight=100 max_fails=5 fail_timeout=5;
}

server {
  listen          80;
  server_name     your-domain.com;

  location / {
        proxy_set_header X-Forwarded-Host $host;
        proxy_set_header X-Forwarded-Server $host;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_pass http://tomcat/;
  }
}

Save and close the file. Then, enable the Nginx virtual host file and restart the Nginx webserver to apply the configuration:

ln -s /etc/nginx/sites-available/tomcat.conf /etc/nginx/sites-enabled/
systemctl restart nginx

Congratulations! You can now access your Tomcat server using the URL http://your-domain.com without specifying the Tomcat port 8080.

To write a comment on this article, fill out the form below. Fields marked with an asterisk (*) are required.