I just setup Trac and Subversion on Ubuntu. I decided to proxy tracd behind Nginx so that I could use SSL. I used ssh to access svn. I got email and commit hooks for everything working. I used runit to run tracd. In all, it took me about four days. Here's a brain dump of my notes:
Set up Trac and Subversion:Here's the most important part of Nginx's sites-available/default:
Setup runit:
touch /etc/inittab # Latest Ubuntu uses "upstart" instead of the sysv init.
apt-get install runit
initctl start runsvdir
initctl status runsvdir
While still on oldserver, I took care of some Trac setup:
Setup permissions:
See: http://trac.edgewall.org/wiki/TracPermissions
trac-admin:
permission list
permission remove anonymous '*'
permission remove authenticated '*'
permission add authenticated BROWSER_VIEW CHANGESET_VIEW FILE_VIEW LOG_VIEW MILESTONE_VIEW REPORT_SQL_VIEW REPORT_VIEW ROADMAP_VIEW SEARCH_VIEW TICKET_CREATE TICKET_MODIFY TICKET_VIEW TIMELINE_VIEW WIKI_CREA
TE WIKI_MODIFY WIKI_VIEW
Note: The above matches the default, but with no anonymous access.
permission add jj TRAC_ADMIN
Went through the admin section in the GUI and setup everything.
Fixed inconsistent version field ("" vs. None):
sqlite3 db/trac.db:
update ticket set version = null;
apt-get install subversion-tools python-subversion
apt-get install python-pysqlite2
easy_install docutils:
/usr/bin/rst2newlatex.py
/usr/bin/rst2xml.py
/usr/bin/rstpep2html.py
/usr/bin/rst2s5.py
/usr/bin/rst2latex.py
/usr/bin/rst2pseudoxml.py
/usr/bin/rst2html.py
easy_install pygments:
/usr/bin/pygmentize
easy_install pytz
Setup users:
Used "adduser" to create users.
Grabbed their passwords from /etc/shadow on oldserver.
addgroup committers
Added the users to the committers group.
Setup svn:
mkdir -p /var/lib/svn
svnadmin create /var/lib/svn/example
Copied our svn repository db from oldserver to /var/lib/svn/example/db.
chgrp -R committers /var/lib/svn/example/db
Setup trac:
easy_install Trac:
/usr/bin/trac-admin
/usr/bin/tracd
+Genshi-0.5.1-py2.5-linux-i686.egg
mkdir -p /var/lib/trac
cd /var/lib/trac
trac-admin example initenv:
I pointed it at the svn repo path, but otherwise used the default
settings.
Copied stuff from our trac instance on oldserver to
/var/lib/trac/example/attachments and /var/lib/trac/example/db.
I chose not to keep our trac.ini since Trac has changed so much.
I chose not to keep our passwords file since they were too easy.
htpasswd -c /var/lib/trac/example/conf/users.htpasswd jj
Edited /var/lib/trac/example/conf/trac.ini.
adduser trac # Used a throwaway password.
vipw # Changed home to /var/lib/trac and set shell to /bin/false.
chown -R trac:trac /var/lib/trac # Per the instructions. Weird.
find /var/lib/trac/example/attachments -type d -exec chmod 755 '{}' \;
find /var/lib/trac/example/attachments -type f -exec chmod 644 '{}' \;
trac-admin /var/lib/trac/example resync
Setup trac under runit:
Setup logging:
mkdir -p /etc/sv/trac/log
mkdir -p /var/log/trac
cat > /etc/sv/trac/log/run << __END__
#!/bin/sh
exec 2>&1
exec chpst -u trac:trac svlogd -tt /var/log/trac
__END__
chmod +x /etc/sv/trac/log/run
chown -R trac:trac /var/log/trac
Setup trac:
cat > /etc/sv/trac/run << __END__
#!/bin/sh
exec 2>&1
exec chpst -u trac:trac tracd -s --hostname=localhost --port 9115 --basic-auth='*',/var/lib/trac/example/conf/users.htpasswd,'24 Hr. Diner' /var/lib/trac/example
__END__
chmod +x /etc/sv/trac/run
ln -s /etc/sv/trac /etc/service/
Setup Nginx to proxy to Trac and handle SSL:
cd /etc/nginx
openssl req -new -x509 -nodes -out development.example.com.crt \
-keyout development.example.com.key
Edit sites-available/default.
/etc/init.d/nginx restart
Setup post-commit hook:
cd /var/lib/svn/example/hooks
wget http://trac.edgewall.org/browser/trunk/contrib/trac-post-commit-hook?format=txt \
-O trac-post-commit-hook
chmod +x trac-post-commit-hook
cp post-commit.tmpl post-commit
chmod +x post-commit
Edited post-commit.
mkdir /var/lib/trac/example/.egg-cache
chown -R trac:committers \
/var/lib/trac/example/.egg-cache \
/var/lib/trac/example/db
chmod 775 /var/lib/trac/example/.egg-cache \
/var/lib/trac/example/db
chmod 664 /var/lib/trac/example/db/trac.db
Setup trac notifications:
Edit /var/lib/trac/example/conf/trac.ini.
sv restart trac
# Put Trac on HTTPS on port 9443.Here's the most important part of svn's post-commit hook:
server {
listen 9443;
server_name development.example.com;
access_log /var/log/nginx/development.access.log;
error_log /var/log/nginx/development.error.log;
ssl on;
ssl_certificate /etc/nginx/development.example.com.crt;
ssl_certificate_key /etc/nginx/development.example.com.key;
ssl_session_timeout 5m;
ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
ssl_prefer_server_ciphers on;
location / {
root html;
index index.html index.htm;
proxy_pass http://127.0.0.1:9115;
}
}
REPOS="$1"Here are the changes I made to trac.ini:
REV="$2"
MAILING_LIST="commits@example.com"
TRAC_ENV="/var/lib/trac/example"
/usr/share/subversion/hook-scripts/commit-email.pl "$REPOS" "$REV" \
"$MAILING_LIST"
/usr/bin/python /var/lib/svn/example/hooks/trac-post-commit-hook \
-p "$TRAC_ENV" -r "$REV"
===================================================================Wow, that was painful!
--- var/lib/trac/example/conf/trac.ini (revision 464)
+++ var/lib/trac/example/conf/trac.ini (revision 475)
@@ -58,13 +58,13 @@
mime_encoding = base64
smtp_always_bcc =
smtp_always_cc =
-smtp_default_domain =
-smtp_enabled = false
-smtp_from = trac@localhost
+smtp_default_domain = example.com
+smtp_enabled = true
+smtp_from = trac@development.example.com
smtp_from_name =
smtp_password =
smtp_port = 25
-smtp_replyto = trac@localhost
+smtp_replyto = ops@example.com
smtp_server = localhost
smtp_subject_prefix = __default__
smtp_user =
@@ -152,7 +152,7 @@
authz_file =
authz_module_name =
auto_reload = False
-base_url =
+base_url = https://development.example.com:9443
check_auth_ip = true
database = sqlite:db/trac.db
default_charset = iso-8859-15
@@ -166,7 +166,7 @@
repository_type = svn
show_email_addresses = false
timeout = 20
-use_base_url_for_redirect = False
+use_base_url_for_redirect = True
[wiki]
ignore_missing_pages = false
Comments
If you don't know how to install Python egg's via easy_install, start with:
Setup distutils:
wget http://peak.telecommunity.com/dist/ez_setup.py
python ez_setup.py
You can use naraio. It comes with Apache, subversion, trac and openldap . Naraio is very in installation with
trac and subversion.
You can download from http://opensourcedevelopment.net
Regards