Server Installation/trac
Aus Opennet
Version vom 31. Mai 2014, 13:18 Uhr von MathiasMahnke (Diskussion | Beiträge)
Software zum Betrieb von Opennet DEV trac Umgebung (Hilfsmittel für Entwickler).
Installation
- Installation trac (incl. subversion)
- Installation trac-git (git Plugin)
- Installation trac-bitten (Continuous Integration)
- Installation trac-announcer (Benachrichtigungssystem)
- Installation libapache2-mod-wsgi (Apache Modul)
- Vorbereitung Verzeichnisse: mkdir /var/www/trac
Konfiguration
- Anlegen einer neuen Projektumgebung:
trac-admin /var/www/trac/ initenv Project name [My Project]> Opennet Development Database connection string [sqlite:db/trac.db]> trac-admin /var/www/trac/ deploy /tmp/trac mv /tmp/trac/* /var/www/trac/ chown -R www-data:www-data /var/www/trac/
- Konfiguration der Projektumgebung in /var/www/trac/conf/trac.ini
[components] webadmin.* = enabled tracext.git.* = enabled bitten.* = enabled announcer.* = enabled [notifications] always_notify_owner = false always_notify_reporter = false always_notify_updater = false email_sender = SendmailEmailSender sendmail_path = /usr/sbin/sendmail smtp_enabled = true smtp_from = dev@opennet-initiative.de smtp_from_name = Opennet Development smtp_replyto = admin@opennet-initiative.de [project] descr = Opennet Development footer = <a href="https://www.opennet-iniative.de/">Opennet Initiative e.V.</a> icon = site/favicon.ico url = https://dev.opennet-initiative.de [ticket] default_component = on_test default_type = task [header_logo] alt = Opennet Development link = / src = site/Opennet_logo_quer.gif [timeline] ticket_show_details = true [trac] base_url = https://dev.opennet-initiative.de/ [wiki] ignore_missing_pages = true [announcer] email_enabled = true use_threaded_delivery = true always_notify_owner = true always_notify_reporter = true always_notify_updater = true always_notify_cc = true always_notify_component_owner = true email_from = dev@opennet-initiative.de email_from_name = Opennet Development email_to = dev email_replyto = email_address_resolvers = SpecifiedEmailResolver, SessionEmailResolver email_subject_prefix = Opennet DEV-
- Admin Nutzer für Projektumgebung:
trac-admin /var/www/trac/ > permission add <adminname>.client.on TRAC_ADMIN > exit
- Einbindung in Apache Webserver:
WSGIScriptAlias /trac /var/www/trac/cgi-bin/trac.wsgi Alias /trac/chrome/ /var/www/trac/htdocs/ <Directory /var/www/trac/cgi-bin/trac.wsgi> WSGIApplicationGroup %{GLOBAL} Order deny,allow Allow from all </Directory>
- Login in Apache Webserver (HTTP als HTTPS-Redirect)
Redirect permanent /login https://dev.opennet-initiative.de/login
- Login in Apache Webserver (HTTPS mit Client-Zertifikat)
<Location "/login"> # client cert auth SSLVerifyClient optional SSLVerifyDepth 3 # forward auth to cgi SSLUserName SSL_CLIENT_S_DN_CN # allow specific cert CN #check disabled, rights granted inside trac - mathias mahnke 2014/04/26 #SSLRequire %{SSL_CLIENT_S_DN_CN} in {"<adminname1>.client.on","<adminname2>.client.on"} # client cert error handling RewriteEngine on RewriteCond %{SSL:SSL_CLIENT_VERIFY} !=SUCCESS RewriteRule .? - [F] ErrorDocument 403 "You need a certificate issued by Opennet Client Sub-CA to access this site." </Location>
- Anlegen eines Git Repositories:
mkdir /var/git/<on_projectname> cd /var/git/<on_projectname> git --bare init git update-server-info cd hooks mv post-update.sample post-update
- nun via Trac Admin Webinterface in Projektumgebung einbinden sowie:
trac-admin /var/www/trac/ changeset added "<on_projectname>" echo "exec trac-admin /var/www/trac/ changeset added \"<on_projectname>\"" >> /var/git/<on_projectname>/hooks/post-update
- sonstige Trac Nacharbeiten:
- Berechtigungen TICKET_CREATE u. TICKET_APPEND für Anonymous erlauben
- Site Logo setzen, Wiki Startseite bearbeiten
- Anlegen einer Gitolite Umgebung siehe Server Installation/gitolite
- Einbinden von Bitten u. Trac-Announcer, Projektumgebung aktualisieren:
trac-admin /var/www/trac/ upgrade trac-admin /var/www/trac wiki upgrade trac-admin /var/www/trac/ deploy /tmp/trac cp -R /tmp/trac/* /var/www/trac/ chown -R www-data:www-data /var/www/trac/ ln -s /usr/share/javascript/flot/jquery.flot.js /var/www/trac/htdocs/bitten/ ln -s /usr/share/javascript/excanvas/excanvas.js /var/www/trac/htdocs/bitten/
- Einbindung von Bitten, Repository Alias "(default") setzen sowie Rechte BUILD_ADMIN an Nutzer und BUILD_VIEW an Anonymous nach Bedarf vergeben
Betrieb
- Nutzer anlegen: Anmeldung erfolgt über Opennet CA Zertifikate der Client Sub-CA. Rechtevergabe per trac-admin.
- Repository anlegen: Git anlegen siehe Server Installation/gitolite, Einbindung per Trac Webadmin GUI sowie Veröffentlichung via Apache Config vornehmen.