Edgewall Software

Changes between Version 5 and Version 6 of Trac0.11OnUbuntuHardy


Ignore:
Timestamp:
Jun 7, 2008 10:53:56 AM (6 years ago)
Author:
ThurnerRupert
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • Trac0.11OnUbuntuHardy

    v5 v6  
    1 = trac 0.11 rc1 on Ubuntu 8.04 Server, without mod_python (because of bugs), multiple repositories and authentication = 
    2  
    3 This guide shows all the steps to correctly install a Trac system on a Ubuntu 8.04 Server. If you have any corrections, be sensible and document it here. This guide is based on [wiki:TracOnUbuntuHardy Johannes' original] covering trac 0.10 (Ubuntu stock). 
    4  
    5 Differences from Johannes' guide 
    6  * trac 0.11 rc1 (obviously) 
    7  * No mod_python (there are some bugs related to it) - using CGI instead to keep it simple (you can try FastCGI, WSGI or mod_python if you want later - it's just a matter of changing Apache configuration) 
    8  * Multiple projects are implemented under a single Subversion repository 
    9  
    10 Enjoy and comment! 
    11  
    12 == Benefits of this approach == 
    13  * Access to SVN paths are always consistant 
    14  * ... 
    15  
    16 == Needed software == 
    17  
    18 Throughout the guide, we'll need to install some packages from Ubuntu repositories. Let's install what we need to get Trac running first so we can download the rest of the packages while we install and configure Trac. You may want to exchange SQLite for one of the [DatabaseBackend]s, but we'll be using SQLite on this guide. 
    19  
    20 {{{ 
    21  $ sudo apt-get install python-setuptools genshi python-pysqlite2 subversion 
    22 }}} 
    23  
    24 After it's installed, you can start getting the rest of the packages and carry on with the guide as APT does its work. 
    25  
    26 {{{ 
    27  $ sudo apt-get install libapache2-svn apache2 
    28 }}} 
    29  
    30  
    31 == Subversion == 
    32  
    33 We will have a single subversion repository for all trac environments, each environment residing in a subdirectory in our subversion tree. 
    34  
    35 The idea with our subversion installation is to have a main directory and several repositories under it. We'll be setting {{{/svn}}} as our subversion parent dir and then create {{{/svn/project1}}}, {{{/svn/project2}}}, etc as needed. This second step will configure subversion, set apache to use mod_dav_svn and enable Basic authentication. 
    36  
    37  * We start by apt-getting the packages 
    38  
    39  {{{ 
    40  $ sudo apt-get install subversion libapache2-svn 
    41  }}} 
    42  
    43  * Our next task is to create the subversion repository, and add a dummy project named test to it: 
    44  
    45  {{{ 
    46  $ sudo mkdir /var/lib/svn 
    47  $ sudo ln -s /var/lib/svn /svn 
    48  $ sudo svnadmin create /svn 
    49  $ sudo chmod -R 777 /var/lib/svn 
    50  $ sudo chown -R www-data:www-data /var/lib/svn 
    51  
    52  $ mkdir /tmp/svn 
    53  $ mkdir /tmp/svn/test 
    54  $ mkdir /tmp/svn/test/branches 
    55  $ mkdir /tmp/svn/test/tags 
    56  $ mkdir /tmp/svn/test/trunks 
    57  
    58  $ svn import /tmp/svn file:///svn -m "initial import" 
    59  }}} 
    60  
    61  
    62 == trac == 
    63  
    64 Trac installation is straightforward once setuptools is installed. 
    65  
    66  {{{ 
    67  $ sudo easy_install Trac==0.11rc1 
    68  }}} 
    69  
    70 Trac needs a directory to put the environments on where apache can read/write. We'll also add a symlink to this directory so it's easier to get there: 
    71  
    72  {{{ 
    73  $ sudo mkdir /var/lib/trac 
    74  $ sudo chown -R www-data:www-data /var/lib/trac 
    75  $ sudo ln -s /var/lib/trac/ /trac 
    76  }}} 
    77  
    78 Let's initialize the trac environment for our test project. The only thing I had to fill in here was the name of my project and the path to my subversion repository: 
    79  
    80  {{{ 
    81  $ trac-admin /trac/test initenv 
    82  Project Name [My Project]> Test 
    83  Database connection string [sqlite:db/trac.db]> 
    84  Repository type [svn]> 
    85  Path to repository [/path/to/repos]> /svn/teste 
    86  Templates directory [/usr/share/trac/templates]> 
    87  Congratulations! 
    88  }}} 
    89  
    90 If you haven't been congratulated at the end, there's something wrong. You can test your new Trac setup by issuing: 
    91 {{{ 
    92  $ sudo tracd --port 8080 /trac/test 
    93 }}} 
    94  
    95 Then point your browser to http://localhost:8080/ . You should see the list of available projects (with only the one you just created). Click on it, and go to Browse source. Everything should be fine. 
    96  
    97  * We will not use tracd's digest authentication support. 
    98  
    99  
    100 == Apache == 
    101  
    102 If you are going to use TracStandalone, stop right here. Everything is set. This guide won't cover how to set tracd up. 
    103  
    104  apt-get configures everything you need and your webroot will be configured to {{{/var/www}}}. Ubuntu (actually, Debian) divides apache websites (virtualhost) in a set of directories under {{{/etc/apache2/sites-available}}} and has two utilities to configure them: {{{a2ensite}}} and {{{a2dissite}}}. We'll make use of these tools throughout this guide. 
    105  
    106 === Setting up Apache+SVN === 
    107  
    108 If you want to keep SVN access local only, you can skip to the next subsection. 
    109  
    110 We'll now configure {{{mod_dav_svn}}}. We start by editing {{{/etc/apache2/mods-enabled/dav_svn.conf}}} 
    111  
    112  {{{ 
    113  $ sudo vim /etc/apache2/mods-enabled/dav_svn.conf 
    114  }}} 
    115  
    116  This file probably has already a set of directives in it. I just show here the final version without the comments and changed to enable Basic authentication: 
    117  
    118  {{{ 
    119 <Location /svn> 
    120   DAV svn 
    121   SVNPath /svn 
    122   SVNListParentPath Off 
    123  
    124   AuthType Basic 
    125   AuthName "Subversion Repository" 
    126   AuthUserFile /etc/apache2/dav_svn.passwd 
    127   AuthzSVNAccessFile /etc/apache2/authz_svn.access 
    128  
    129   Require valid-user 
    130 </Location> 
    131 }}} 
    132  
    133  * The next step is to create a user for subversion. 
    134  
    135  {{{ 
    136  $ sudo htpasswd -cm /etc/apache2/dav_svn.passwd johndoe 
    137  New password: my_password 
    138  Re-type new password: my_password 
    139  }}} 
    140  
    141  * Additionally we'll create the authorization file for our users 
    142  
    143  {{{ 
    144  $ sudo vim /etc/apache2/authz_svn.access 
    145  }}} 
    146  
    147  * And add the following rule for our user. In this case, we'll be allowing him full access to the {{{teste}}} repository. 
    148  
    149  {{{ 
    150  [svn:/test] 
    151  johndoe = rw 
    152  }}} 
    153  
    154  * Finally we restart apache. 
    155  
    156  {{{ 
    157  $ sudo /etc/init.d/apache2 restart 
    158  * Restarting web server apache2 
    159    ...done. 
    160  }}} 
    161  
    162  We can now point a browser to http://localhost/svn and an authentication pop-up should appear and, after that, our repository. Our projects will be located at http://localhost/svn/projectname. Now is a good time to read some more on the "Per-Directory Access Control" part of the subversion book. One big part of the security involved in this installation only has to do with Subversion so some reading on [http://svnbook.red-bean.com/en/1.0/svn-book.html#svn-ch-6-sect-4.4.2 Per-Directory Access Control] might be useful at this time. In particular, if you want people to access only some of the projects, you '''must''' configure this. 
    163  
    164  
    165 === Trac on Apache === 
    166  
    167  
    168 Now we need another site for apache: 
    169  
    170  {{{ 
    171  $ sudo vim /etc/apache2/sites-available/trac 
    172  }}}  
    173  
    174  * And add the following code to it: 
    175  
    176  {{{ 
    177 Alias /trac/[^/]+/chrome/common /usr/share/python-support/trac/trac/htdocs 
    178  
    179 <Directory "/usr/share/python-support/trac/trac/htdocs"> 
    180   Order allow,deny 
    181   Allow from all 
    182 </Directory> 
    183  
    184 ScriptAlias /trac /usr/lib/cgi-bin/trac.cgi 
    185  
    186 <Location /trac> 
    187   SetEnv TRAC_ENV_PARENT_DIR "/boreste/trac" 
    188 </Location> 
    189  
    190 <LocationMatch "/trac/[^/]+/login"> 
    191   AuthType Basic 
    192   AuthName "Trac" 
    193   AuthUserFile /etc/apache2/dav_svn.passwd 
    194   SVNPath /svn 
    195   AuthzSVNAccessFile /etc/apache2/authz_svn.access 
    196   Require valid-user 
    197 </LocationMatch> 
    198  }}} 
    199  
    200 We must give Apache permission to read and write your trac environment: 
    201  
    202 {{{ 
    203  $ sudo chown -R www-data.www-data /trac 
    204 }}} 
    205  
    206 Let's now enable this site: 
    207  
    208  {{{ 
    209  $ sudo a2ensite trac 
    210  Site trac installed; run /etc/init.d/apache2 reload to enable. 
    211  }}} 
    212  
    213 At this point we are still without any authentication. We'll start by removing permissions to the anonymous user, allowing him only to see the initial page. Then we'll also set our main user as the trac's root: 
    214  
    215  {{{ 
    216  $ sudo trac-admin /trac/test permission remove anonymous BROWSER_VIEW CHANGESET_VIEW FILE_VIEW LOG_VIEW MILESTONE_VIEW REPORT_SQL_VIEW REPORT_VIEW ROADMAP_VIEW SEARCH_VIEW TICKET_CREATE TICKET_MODIFY TICKET_VIEW TIMELINE_VIEW WIKI_CREATE WIKI_MODIFY 
    217  
    218  $ sudo trac-admin /trac/teste permission add johndoe TRAC_ADMIN 
    219  }}} 
    220  
    221  Let's now reload apache: 
    222  
    223  {{{ 
    224  $ sudo  /etc/init.d/apache2 reload 
    225  Reloading web server config...                                                     [ OK ] 
    226  }}} 
    227  
    228  You can now check http://localhost/trac and you should see a list with all the projects for which you have a trac environment set. clicking on one of them will get you to a page where you could have a small description of your project but you won't see any other links (important ones at least). Try to login to see the differences. 
    229  
    230 If performance bugs you, then head to TracGuide, TracInstall, TracFastCgi, TracModPython or [wiki:TracModWSGI] 
     1moved to wiki:0.11/TracOnUbuntuHardy