Monday, September 17, 2007

Installing Trac on FreeBSD 6.2

Trac is a project which integrates SCM & project management. Trac can help you stay more organized keeping your wiki, roadmap, tickets, and source information in one location.

Installing trac

cd /usr/ports/www/trac
make install clean
I left the default options in config screen


Setup a basic trac site for the example svn repository created in Setting up a Subversion Server on FreeBSD 6.2

cd /usr/local
mkdir trac
cd trac
mkdir MyRepoName
trac-admin MyRepoName initenv
chown -R www /usr/local/trac


Installing mod_python

cd /usr/ports/www/mod_python3
make install clean


To configure mod_python for trac I followed steps from TracModPython

vi /usr/local/etc/apache22/httpd.conf
LoadModule python_module libexec/apache22/mod_python.so
PythonOption mod_python.mutex_directory "/tmp"
PythonOption mod_python.mutex_locks 8


Configure trac with the same access as that given to the svn repository in Setting up a Subversion Server on FreeBSD 6.2

vi /usr/local/etc/apache22/Includes/trac.conf

SetHandler mod_python
PythonHandler trac.web.modpython_frontend
PythonOption TracEnv /usr/local/trac/MyRepoName
PythonOption TracUriRoot /trac/MyRepoName
AuthType Basic
AuthName "trac access"
AuthUserFile /usr/local/svn-repositories/conf/htpasswd
Require valid-user
SSLRequireSSL


apachectl graceful

https://192.168.0.100/trac/MyRepoName
Accept the certificate and enter your username and password, you should now see your trac site.
Posted by at

Setting up a Subversion Server on FreeBSD 6.2

I wanted the svn server to only be accessed through SSL and with some form of basic authentication.


Install FreeBSD to a VPC or a machine and login as root or a user in the wheel group and become su.
If your not sitting at the machine or your running in a vpc id recommend downloading PuTTY and using a ssh session to your FreeBSD machine.
Configure system
edit /etc/hosts file after the 127 loopback I added this, it is required for starting apache, needs to be able to resolve its dns
vi /etc/hosts
192.168.0.100 svn
Get the ports tree to the machine:
portsnap fetch
portsnap extract
Install OpenSSL
cd /usr/ports/security/openssl
make install clean
Install Apache
cd /usr/ports/www/apache22
make install clean
Configure Apache
add accf_http_load="YES" to loader.conf
vi /boot/loader.conf
accf_http_load="YES"
Configure SSL keys
cd /usr/local/etc/apache22
mkdir ssl.key
mkdir ssl.crt
/usr/local/bin/openssl req -new -x509 -days 365 -keyout ./ssl.key/server.key -out ./ssl.crt/server.crt -subj '/CN=Test-Only Certificate'
cp ./ssl.crt/server.crt server.crt
/usr/local/bin/openssl rsa -in ssl.key/server.key -out server.key
cp /usr/local/etc/apache22/extra/httpd-ssl.conf /usr/local/etc/apache22/Includes
Launch Apache at system startup
cp /usr/local/etc/rc.d/apache22 /usr/local/etc/rc.d/apache22.sh
vi /etc/rc.conf
Add apache22_enable="YES" to the end of the file.
Start up the apache server
/usr/local/sbin/apachectl start
Browse to your computer through http and https, you should see the It Works! page on both.
Install Subversion with mod_dav_svn, apache2 support and without Berkeley DB support
cd /usr/ports/devel/subversion
make -DWITH_MOD_DAV_SVN -DWITHOUT_BDB -DWITH_APACHE2_APR
make install clean
Setup a Subversion Repository
cd /usr/local
mkdir svn-repositories
cd svn-repositories
mkdir repos
cd repos
mkdir MyRepoName
/usr/local/bin/svnadmin create MyRepoName
Setup the auth file for access to the repository
cd /usr/local/svn-repositories
mkdir conf
cd conf
htpasswd -c -m -b htpasswd user1 pass1
htpasswd -m -b htpasswd user2 pass2
htpasswd -m -b htpasswd user3 pass3
etc. You get the idea
Change the owner of the svn-repositories directory to nobody
chown -R nobody /usr/local/svn-repositories
Add a location to your apache conf file to point to the Subversion Repository Directory, using SVNParentPath lets you create as many repositories as you would like in that path and they are all configured with the same settings in the apache conf.
vi /usr/local/etc/apache22/Includes/svn.conf

DAV svn
SVNParentPath /usr/local/svn-repositories/repos
AuthType Basic
AuthName "Subversion repository"
AuthUserFile /usr/local/svn-repositories/conf/htpasswd
Require valid-user
SSLRequireSSL

/usr/local/sbin/apachectl restart
Browse to https://192.168.0.100/svn/MyRepoName
Accept the certificate and enter your username and password, you should now have a working subversion server.
To ensure you are using the most current OpenSSL library you can check the version you are running in Apache by doing the following:

/usr/local/bin/openssl s_client -connect 192.168.0.100:443
[Enter]
GET / HTTP/1.0
[Enter]
[Enter]
The results should look similar to the following:
HTTP/1.1 200 OK
Date: Tue, 03 Apr 2007 12:07:18 GMT
Server: Apache/2.2.4 (FreeBSD) mod_ssl/2.2.4 OpenSSL/0.9.8e DAV/2 SVN/1.4.3
Last-Modified: Sat, 20 Nov 2004 20:16:24 GMT
ETag: "c21e-2c-4c23b600"
Accept-Ranges: bytes
Content-Length: 44
Connection: close
Content-Type: text/html



That is it for now on this topic, if anyone has corrections or opinions on how to improve this mini guide please leave them.


References:
Custom-Compiling Apache and Subversion
Using Subversion for Collaborative Development
Posted by at

FreeBSD Ports Collection, getting and keeping them up to date

To get the port tree for the first time:

portsnap fetch
portsnap extract

you will now have the ports tree at /usr/ports

To update the ports tree:

portsnap fetch
portsnap update


Typical install of a port

cd /usr/local/security/openssl
make install clean


Uninstall a port

cd /usr/local/security/openssl
make deinstall


The portmanager utility allows you to keep your installed ports up to date:

cd /usr/ports/ports-mgmt/portmanager
make install


To see if any installed ports are out of date:

portmanager -s

To upgrade all installed ports convient for those of us who would rather just have the system brought up to date without much ado:

portmanager -u

Interesting tidbit from the portmanager manual, portmanager comes with a pretty impressive safety net:

With the normal "make install clean" method of adding ports there is a critical step, after a port is made, the old port must be deinstalled then the new port installed in its place. If for some reason the new port fails to install you are left with neither your old port, nor the new one. It is for this reason portmanager makes a package from your old port before removing it, and if the new port fails to install correctly portmanager will reinstall your old port from that package.

Even if you out of portmanager at the crucial moment between removal of the old port and installation of the new port portmanager may still install the original from the backup package, this is not guaranteed though, so only at this step it is recommended not to terminate portmanager. Every other point in time it is perfectly safe to abort, , kill, etc., during program operation. Your ports collection will not be harmed!

Of course there are other ways to keep your ports tree in up to date. Here are couple articles on ports I just found from a google search that might prove useful, portupgrade and Ports Tricks.

Searching the ports tree for keywords

cd /usr/ports
make search key=rails more


Leave me a comment if you have any suggestions or know of any better ways to keep your ports collection up to date.
Posted by at
Subscribe to: Posts (Atom)