
JetBrains Hub as a docker container

This Dockerfile allows you to build images to deploy your own Hub instance. It has been tested on Fedora 23 and CentOS 7.

Please remember to back up your data directories often, especially before upgrading to a newer version.

Test it

  1. Install docker.
  2. Run the container. (Stop with CTRL-C.)
docker run -it -p 8080:8080 agross/hub
  1. Open your browser and navigate to http://localhost:8080.

Run it as service on systemd

  1. Decide where to put Hub data and logs. Set domain name/server name and the public port.

  1. Create directories to store data and logs outside of the container.
mkdir --parents "$HUB_DATA/backups" \
                "$HUB_DATA/conf" \
                "$HUB_DATA/data" \
  1. Set permissions.

The Dockerfile creates a hub user and group. This user has a UID and GID of 4000. Make sure to add a user to your host system with this UID and GID and allow this user to read and write to $HUB_DATA and $HUB_LOGS. The name of the host user and group in not important.

# Create hub group and user in docker host, e.g.:
groupadd --gid 4000 --system hub
useradd --uid 4000 --gid 4000 --system --shell /sbin/nologin --comment "JetBrains Hub" hub

# 4000 is the ID of the hub user and group created by the Dockerfile.
chown -R 4000:4000 "$HUB_DATA" "$HUB_LOGS"
  1. Create your container.

Note: The :z option on the volume mounts makes sure the SELinux context of the directories are set appropriately.

/etc/localtime needs to be bind-mounted to use the same time zone as your docker host.

docker create -it -p $PORT:8080 \
                  -v /etc/localtime:/etc/localtime:ro \
                  -v "$HUB_DATA/backups:/hub/backups:z" \
                  -v "$HUB_DATA/conf:/hub/conf:z" \
                  -v "$HUB_DATA/data:/hub/data:z" \
                  -v "$HUB_LOGS:/hub/logs:z" \
                  --name hub \
  1. Create systemd unit, e.g. /etc/systemd/system/hub.service.
cat <<EOF > "/etc/systemd/system/hub.service"
Description=JetBrains Hub

# When docker stop is executed, the docker-entrypoint.sh trap + wait combination
# will generate an exit status of 143 = 128 + 15 (SIGTERM).
# More information: http://veithen.github.io/2014/11/16/sigterm-propagation.html
ExecStart=/usr/bin/docker start --attach=true hub
ExecStop=/usr/bin/docker stop --time=60 hub


systemctl enable hub.service
systemctl start hub.service
  1. Setup logrotate, e.g. /etc/logrotate.d/hub.
cat <<EOF > "/etc/logrotate.d/hub"
  rotate 7
  1. Add nginx configuration, e.g. /etc/nginx/conf.d/hub.conf.
cat <<EOF > "/etc/nginx/conf.d/hub.conf"
upstream hub {
  server localhost:$PORT;

server {
  listen           80;
  listen      [::]:80;

  server_name $DOMAIN;

  access_log  /var/log/nginx/$DOMAIN.access.log;
  error_log   /var/log/nginx/$DOMAIN.error.log;

  # Do not limit upload.
  client_max_body_size 0;

  # Required to avoid HTTP 411: see issue #1486 (https://github.com/dotcloud/docker/issues/1486)
  chunked_transfer_encoding on;

  location / {
    proxy_pass http://hub;

    proxy_set_header Host \$host;
    proxy_set_header X-Real-IP \$remote_addr;
    proxy_set_header X-Forwarded-Host \$http_host;
    proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto \$scheme;
    proxy_http_version 1.1;

nginx -s reload

Make sure SELinux policy allows nginx to access port $PORT (the first part of -p $PORT:8080 of step 3).

if [ $(semanage port --list | grep --count "^http_port_t.*$PORT") -eq 0 ]; then
  if semanage port --add --type http_port_t --proto tcp $PORT; then
    echo Added port $PORT as a valid port for nginx:
    semanage port --list | grep ^http_port_t
    >&2 echo Could not add port $PORT as a valid port for nginx. Please add it yourself. More information: http://axilleas.me/en/blog/2013/selinux-policy-for-nginx-and-gitlab-unix-socket-in-fedora-19/
  echo Port $PORT is already a valid port for nginx:
  semanage port --list | grep ^http_port_t
  1. Configure Hub.

Follow the steps of the installation instructions for JetBrains Hub using paths inside the docker container located under

  • /hub/backups,
  • /hub/data,
  • /hub/logs and
  • /hub/temp.
  1. Update to a newer version.
docker pull agross/hub

systemctl stop hub.service

# Back up $HUB_DATA.
tar -zcvf "hub-data-$(date +%F-%H-%M-%S).tar.gz" "$HUB_DATA"

docker rm hub

# Repeat step 4 and create a new image.
docker create ...

systemctl start hub.service

Building and testing the Dockerfile

  1. Build the Dockerfile.
docker build --tag agross/hub:testing .

docker images
# Should contain:
# REPOSITORY                        TAG                 IMAGE ID            CREATED             VIRTUAL SIZE
# agross/hub                   testing             0dcb8bf6093f        49 seconds ago      405.4 MB
  1. Prepare directories for testing.

mkdir --parents "$TEST_DIR/backups" \
                "$TEST_DIR/conf" \
                "$TEST_DIR/data" \
chown -R 4000:4000 "$TEST_DIR"
  1. Run the container built in step 1.

Note: The :z option on the volume mounts makes sure the SELinux context of the directories are set appropriately.

docker run -it --rm \
               --name hub-testing \
               -p 8080:8080 \
               -v "$TEST_DIR/backups:/hub/backups:z" \
               -v "$TEST_DIR/conf:/hub/conf:z" \
               -v "$TEST_DIR/data:/hub/data:z" \
               -v "$TEST_DIR/logs:/hub/logs:z" \
  1. Open a shell to your running container.
docker exec -it hub-testing bash
  1. Run bash instead of starting Hub.

Note: The :z option on the volume mounts makes sure the SELinux context of the directories are set appropriately.

docker run -it -v "$TEST_DIR/backups:/hub/backups:z" \
               -v "$TEST_DIR/conf:/hub/conf:z" \
               -v "$TEST_DIR/data:/hub/data:z" \
               -v "$TEST_DIR/logs:/hub/logs:z" \
               agross/hub:testing bash

Without mounted data directories:

docker run -it agross/hub:testing bash
  1. Clean up after yourself.
docker ps -aq --no-trunc --filter ancestor=agross/hub:testing | xargs --no-run-if-empty docker rm
docker images -q --no-trunc agross/hub:testing | xargs --no-run-if-empty docker rmi
rm -rf "$TEST_DIR"