Changes between Initial Version and Version 1 of TracOnRhel4WithoutYum

Timestamp:

Sep 28, 2006, 2:27:53 PM (18 years ago)

Author:

jon@…

Comment:

My personal experiences with installing Trac on Redhat Enterprise Linux (version 4) without Yum.

TracOnRhel4WithoutYum

@@ +1 @@
+= Trac on Red Hat Enterprise Linux 4 WITHOUT using YUM=
+
+Because of the environment I'm setting up my Trac, I had no external internet access, barring an SFTP pipe.
+
+Here's what I did.
+
+== Installing Files ==
+
+ * Install the standard RHEL 4 system, with the Web Server functionality. I needed it for the rest of the sites I was putting together.
+ * Install Subversion, mod_dav_svn and Python (if you've not already installed them - I wasn't making notes at this point!)
+ * Install the following packages (and I know it's overkill, but I wanted to be sure I had everything I needed). These were all on the RH disks.
+   * libdbi-dbd-pgsql
+   * perl-DBD-Pg
+   * php-pgsql
+   * postgresql
+   * postgresql-contrib
+   * postgresql-docs
+   * postgresql-libs
+   * postgresql-perl
+   * postgresql-pl
+   * postgresql-python
+   * postgresql-server
+ * Download and install pyPgSql - I think this was on Sourceforge. 
+ * Download and install ClearSilver - I didn't do this bit, a collegue did.
+ * Download and install trac from this site
+
+== Creating your Paths ==
+
+{{{
+mkdir /var/www/auth
+mkdir /var/svn
+mkdir /var/svn/repo
+mkdir /var/svn/trac
+}}}
+
+== Creating your groups and users ==
+
+Obviously, if you already have your users, you don't need to do this part.
+
+{{{
+groupadd MyRepo_Access
+}}}
+
+This is the group to which all users who can access your Repo should belong, for SVN+SSH protocol, or just SVN.`
+
+{{{
+useradd Fred_Bloggs -G MyRepo_Access
+passwd Fred_Bloggs
+}}}
+
+At this point, create a password for the user Fred_Bloggs - I'll use Fred_Bloggs_Password for the purposes of this document
+
+== Creating the Support Files for Subversion ==
+
+{{{
+svnadmin create /var/svn/repo/MyRepo
+chown -R apache.MyRepo_Access /var/svn/repo/MyRepo
+chmod -R g+rw /var/svn/repo/MyRepo
+chmod -R g+s /var/svn/repo/MyRepo
+# This means all the files will have the effective permissions of "group" as "owner" - I think!
+}}}
+
+== Creating the Support Structure for Postgres ==
+
+{{{
+# At this point - assign a password to the user MyRepo - I'll use MyRepoPassword for this document
+su - postgres -c 'createuser  -E -P -A -D  MyRepoUser'
+}}}
+
+These switches mean: 
+
+ * -E = Encrypt password 
+ * -P = Assign a password 
+ * -A = Not an admin (and can't create users) 
+ * -D = Can't create other databases
+
+{{{
+su - postgres -c 'createdb MyRepoDB'
+}}}
+
+By keeping this all the same, it's a security hole, but easier to remember. Adjust according to your local policies!
+
+The default install of postgres does not allow you to connect to the server using TCP/IP Sockets. You'll need to adjust the following files:
+
+ * /var/lib/pgsql/data/pg_hba.conf
+
+{{{
+host all all 127.0.0.1 255.255.255.255 md5
+local all all md5
+}}}
+
+ * /etc/init.d/postgres
+
+Find the line
+
+{{{
+$SU -l postgres -c "$PGENGINE/postmaster -p ${PGPORT} -D '${PGDATA}' ${PGOPTS} &" >> $PGLOG 2>&1 < /dev/null
+}}}
+
+Replace it with 
+{{{
+$SU -l postgres -c "$PGENGINE/postmaster -i -p ${PGPORT} -D '${PGDATA}' ${PGOPTS} &" >> $PGLOG 2>&1 < /dev/null
+}}}
+
+(Note the additional -i which allows "Internet" traffic - I think. This was the main blocker for me.)
+
+== Create your Trac ==
+
+trac-admin will not create a repository if the path already exists (although I have seen a patch which changes this statement), so the first line in the following statements will remove the folder if you've already tried to make something there.
+
+{{{
+rm -Rf /var/svn/trac/MyRepo
+trac-admin /var/svn/trac/MyRepo initenv "My Trac Project" postgres://MyRepoUser:MyRepoPassword@localhost/MyRepoDB svn /var/svn/repo/MyRepo /usr/share/trac/templates
+}}}
+
+System user accounts are not the same as the user accounts for your site. If you've got users who you want to be able to use only specific functions on trac, then use this command
+
+{{{
+htpasswd -nb Site_Username Site_Password >> /var/www/auth/MyRepo.htpasswd 
+}}}
+
+== Setup Apache ==
+
+The default install path for the trac CGI files are in /usr/share/trac/cgi-bin. These need to be copied to the relevant path for your Trac install, and renamed (if you've got multiple Trac installations.)
+
+{{{
+cp /usr/share/trac/cgi-bin/trac.*cgi /var/www/cgi-bin
+mv /var/www/cgi-bin/trac.fcgi /var/www/cgi-bin/MyRepo.fcgi
+mv /var/www/cgi-bin/trac.cgi /var/www/cgi-bin/MyRepo.cgi
+}}}
+
+I don't actually know what the benefits of FCGI over CGI are, so I've made configs for them both. Create a file in /etc/httpd.d/conf.d/Trac_MyRepo.conf
+
+{{{
+<LocationMatch /cgi-bin/MyRepo\.f?cgi>
+    SetEnv TRAC_ENV /var/svn/trac/MyRepo
+</LocationMatch>
+<LocationMatch /cgi-bin/MyRepo\.f?cgi/login>
+    # Remove the # sign below to require SSL.
+    # SSLRequireSSL
+
+    AuthType Basic
+    AuthName "MyRepo Trac Login"
+    AuthUserFile /var/www/auth/MyRepo.htpasswd
+    Require valid-user
+</LocationMatch>
+<IfModule mod_python.c>
+        <Location /cgi-bin/MyRepo.cgi>
+            SetHandler mod_python
+            PythonHandler trac.web.modpython_frontend
+            PythonOption TracEnv /var/svn/trac/MyRepo
+        </Location>
+        <Location /cgi-bin/MyRepo.cgi/login>
+          # Remove the # sign below to require SSL.
+          # SSLRequireSSL
+
+          AuthType Basic
+          AuthName "MyRepo Trac Login"
+          AuthUserFile /var/www/auth/MyRepo.htpasswd
+          Require valid-user
+        </Location>
+</IfModule>
+}}}
+
+Finally, restart your HTTPD service with 
+
+{{{
+service httpd restart
+}}}