= Using Tracd with Nginx in Cluster Mode =
I am intensely dissatisfied with Trac and Apache.  We have multiple vhosts, and multiple trac sites per vhost.  When we tried upgrading form Subverison 1.2.3 we hit [http://trac.edgewall.org/ticket/2611# this bug].
 * apache/mod_python still occasionally segfaults.
 * apache/mod_python was causing strange occasional delays. (Likely related to the segfaults).
 * We would like to upgrade to SVN 1.4

'''Caveat''': Only use this with PostgreSQL.  If you want to do this, but are on SQLite, then use Pacopablos [http://trac-hacks.org/wiki/SqliteToPgScript Sqlite-to-Pg].  We use it here, and it's great.

== Tracd ==
Run multiple tracd instances.  This offers a speed benefit if you use [http://fasterfox.mozdev.org/ FasterFox], as well as good multi-user concurrency responsiveness.

Using the Gentoo init system, it was easy to create simple init scripts (which I attatched to this page). Here is a simplified example, which makes for easier wiki'ing

`start-meta-site.sh`
{{{
#!sh
INSTANCES="3050 3051 3052 3053 3054 3055 3056"
USER="apache"
VERSION="0.10.1"
#ENV="/var/live/trac"
PIDFILE="/var/live/run/tracd"
### Extra Args here, for instance --basic-auth
#ARGS="--basic-auth=${ENV},${ENV}/vccbob.pwd,FarQ"
ARGS="-e /var/live/trac"
PYTHON_EGG_CACHE="/var/live/egg_cache"

function start(){
    export PYTHON_EGG_CACHE
    for I in $INSTANCES; do
        su ${USER} -c "/usr/bin/tracd -d -p ${I} --pidfile=${PIDFILE}.${I} --protocol=http ${ARGS} ${ENV}"
        done
}

function stop(){
   for x in `ls ${PIDFILE}.*}`; do
       kill `cat ${x}`
       done
}
}}}

`start-single-site.sh`
{{{
#!sh
INSTANCES="3050 3051 3052"
USER="apache"
VERSION="0.10.1"
ENV="/var/lib/trac-single"
PIDFILE="/var/lib/trac-single/run"
### Extra Args here, for instance --basic-auth
#ARGS="--basic-auth=${ENV},${ENV}/vccbob.pwd,FarQ"
ARGS="--basic-auth=${ENV},${ENV}/vccbob.pwd,FarQ ${ENV}"
PYTHON_EGG_CACHE="${ENV}/egg_cache"

function start(){
    export PYTHON_EGG_CACHE
    for I in $INSTANCES; do
        su ${USER} -c "/usr/bin/tracd -d -p ${I} --pidfile=${PIDFILE}.${I} --protocol=http ${ARGS} ${ENV}"
        done
}

function stop(){
   for x in `ls ${PIDFILE}.*}`; do
       kill `cat ${x}`
       done
}


}}}

== Nginx ==
Get [http://www.nginx.net/ Nginx], the Excellent Apache Replacement by [http://sysoev.ru/en/ Igor Sysoev].  Install it.  I use Gentoo, and all of my examples are based on Gentoo.  Gentoo packagers create /etc/nginx.

/etc/nginx/nginx.conf
{{{ 
http {
  include         /etc/nginx/mime.types;
  default_type    application/octet-stream;

  include         /etc/nginx/nginx-defaults.conf;

  upstream live_trachosts_com {
          server  127.0.0.1:3050;
          server  127.0.0.1:3051;
          #[... up to the number of instance, or more, if you want to be free to add more ...]
  }
  
  server {
          listen          192.168.1.254:80;
          server_name     live.trachosts.com live;
  
          access_log      /var/log/nginx/live.access.log main;
          error_log       /var/log/nginx/live.error_log info;
  
          location / {
                  proxy_pass      http://live_trachosts_com;
                  include         /etc/nginx/proxy.conf;
          }
  
  }
}}}

== Nginx + SSL ==
You might be asking about ssl - here is what we do for ssl:
/etc/nginx/nginx.conf
{{{ 
http {
  include         /etc/nginx/mime.types;
  default_type    application/octet-stream;

  include         /etc/nginx/nginx-defaults.conf;

  upstream live_trachosts_com {
          server  127.0.0.1:3050;
          server  127.0.0.1:3051;
          #[... up to the number of instance, or more, if you want to be free to add more ...]
  }
  
  server {
          listen          192.168.1.254:80;
          server_name     live.trachosts.com live;
  
          access_log      /var/log/nginx/live.access.log main;
          error_log       /var/log/nginx/live.error_log info;
  
          location / {
                  rewrite         ^/(.*)$ https://imrlive.com/$1 redirect;
          }
  
  }
  server {
          listen          192.168.1.254:443;
          server_name     live.trachosts.com live;
  
          access_log      /var/log/nginx/live.access.log main;
          error_log       /var/log/nginx/live.error_log info;
  
          ssl                  on;
          ssl_certificate      /etc/nginx/ssl/_nginx.cert;
          ssl_certificate_key  /etc/nginx/ssl/traclive.key;
          keepalive_timeout    70;
          add_header           Front-End-Https    on;

          location / {
                  proxy_pass      http://live_trachosts_com;
                  include         /etc/nginx/proxy.conf;
          }
  
  }
}
}}}


== Subversion ==
 We still need to get access to subversion via Apache mod_dav_svn.  I created a vhost in apache for _only_ the svn URLs.  Other people will not use this setup, which is good for them.

{{{
Listen 127.0.0.1:80
<VirtualHost *:80>
    ServerAdmin webmaster@trachosts.com
    ServerName trachosts.com
    DocumentRoot "/var/www/live.trachosts.com/htdocs"

    <Directory "/var/www/live.trachosts.com/htdocs">
        Options FollowSymLinks
        AllowOverride None
        Order allow,deny
        Allow from all
    </Directory>

  # Subversion Configuration
  <IfModule mod_dav_svn.c>
      <Location /svn>
          DAV svn 
          SVNParentPath /var/live/svn
          AuthType Basic
          AuthName "Client Trac Sites - Subversion Repository"
          AuthUserFile /var/live/conf/users
           <IfModule !mod_authz_svn.c>
              AuthzSVNAccessFile /var/live/conf/svnauthz
          </IfModule>
          Require valid-user
      </Location>
  </IfModule>
</VirtualHost>
}}}

Add this to the server section of the Nginx config. (in the :80 line, or the :443, whatever)
{{{
location /svn {
        proxy_pass      http://127.0.0.1:80;
        include         /etc/nginx/proxy.conf;
}
}}}

== Todo ==
 * Nginx Authentication Howto
 * Post the actualy config files ''somewhere''.