HOWTO Trac and Subversion VM
From RHLUG
This article is a simple list of tasks for creating a simple throw-away VM to host Subversion and Trac for a project. Authentication will be required to access Subversion or Trac, and all communication will be HTTPS encrypted.
Contents |
[edit] E-mail Darryl Mouck
Send Darryl an e-mail message asking for a VM:
I'd like to request a virtual machine for use in my team project for <your course here>. We just need a single machine to use for Subversion and Trac. We need Ubuntu Linux server edition (this will be a headless machine) with a single public IP address (team members need access from off-campus). We will need the VM for <your duration here> quarters; it is simply for source control for the duration of the project. The hostname for the machine should be <your hostname here>. Thanks, <your name here>
[edit] Install some packages
SSH into your VM with the credentials Darryl e-mailed you. Start by changing your password with the passwd command. Then run the following:
$ sudo aptitude install apache2 libapache2-mod-python libapache2-svn ssl-cert trac vim
(You may want to substitute some other editor for vim. Use whatever editor you like instead of vim in the following commands. If you don't have a favorite editor, the preinstalled nano editor will do.)
[edit] Initialize Subversion and Trac
Create the repository and Trac project by running the following commands:
$ sudo mkdir /var/lib/svn /var/lib/trac $ sudo svnadmin create /var/lib/svn/repos $ sudo trac-admin /var/lib/trac/repos initenv $ sudo trac-admin /var/lib/trac/repos permission add your-username TRAC_ADMIN
The Trac command will prompt you for your Subversion repository location (/var/lib/svn/repos) and your project name (which you get to provide). Leave the other settings at their default values.
[edit] Configure Apache
Set permissions so that Apache can modify it:
$ sudo chown -R www-data:www-data /var/lib/svn $ sudo chown -R www-data:www-data /var/lib/trac
Now create an Apache virtual host for your project:
$ sudo vim /etc/apache2/sites-available/trac
Enter the following, modifying as specified:
<VirtualHost *:443>
ServerAdmin your-username@rose-hulman.edu
ServerName your-hostname.csse.rose-hulman.edu
DocumentRoot /var/www
ErrorLog /var/log/apache2/error.trac.log
CustomLog /var/log/apache2/access.trac.log combined
SSLEngine on
# Use self-signed certificates in the default location
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
<Location /project>
SetHandler mod_python
PythonInterpreter main_interpreter
PythonHandler trac.web.modpython_frontend
PythonOption TracEnv /var/lib/trac/repos
PythonOption TracUriRoot /project
</Location>
<Location /svn>
DAV svn
SVNPath /var/lib/svn/repos
</Location>
<Location />
AuthType Basic
AuthName "Your Project Name"
AuthUserFile /etc/apache2/dav_svn.passwd
Require valid-user
</Location>
# From the default-ssl config file
BrowserMatch ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
</VirtualHost>
And another to redirect to the HTTPS version:
<VirtualHost *:80>
DocumentRoot /var/www
ServerAdmin your-username@rose-hulman.edu
ServerName your-hostname.csse.rose-hulman.edu
ErrorLog /var/log/apache2/error.redirect.log
CustomLog /var/log/apache2/access.redirect.log combined
RewriteEngine On
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
</VirtualHost>
Create the password file:
$ sudo htpasswd -c /etc/apache2/dav_svn.passwd your-username
Add additional users with the command htpasswd /etc/apache2/dav_svn.passwd new-username. Consult the htpasswd man page for how to remove users.
And create some self-signed SSL certificates:
$ sudo make-ssl-cert generate-default-snakeoil --force-overwrite
Now enable the two sites:
$ sudo a2enmod rewrite $ sudo a2enmod ssl $ sudo a2dissite default $ sudo a2ensite redirect $ sudo a2ensite trac $ sudo service apache2 restart
[edit] Create Repository Contents
You'll need to manually create the tags, branches, and trunk directories in the root of your repository.
$ cd $ svn co https://<your-vm-hostname>.csse.rose-hulman.edu/svn svn $ cd svn $ svn mkdir tags branches trunk $ svn ci -m "Initial revision"
[edit] Configure Trac
Trac can be configured to sent notifications via e-mail, which is quite helpful if you are using the ticket system extensively. Note that the following configuration will only work when sending to on-campus addresses (rhspam.rose-hulman.edu is the campus Barracuda spam filter; it is only authorized to deliver mail within campus).
$ sudo vim /var/lib/trac/repos/conf/trac.ini
You need to replace the [notification] block (line 54) with the following:
[notification] admit_domains = always_notify_owner = true always_notify_reporter = true always_notify_updater = true ignore_domains = mime_encoding = base64 smtp_always_bcc = smtp_always_cc = smtp_default_domain = rose-hulman.edu smtp_enabled = true smtp_from = trac@<your-hostname>.csse.rose-hulman.edu smtp_from_name = <your-project-name> Trac smtp_password = smtp_port = 25 smtp_replyto = <your-username>@rose-hulman.edu smtp_server = rhspam.rose-hulman.edu smtp_subject_prefix = [<shortened-version-of-your-project-name>] smtp_user = ticket_subject_template = $prefix #$ticket.id: $summary use_public_cc = true use_short_addr = false use_tls = false
[edit] Other tweaks
The maximum attachment size for wiki pages can be upped by increasing the max_size setting on line 3.
If you are using Trac in a trusted environment (only team members have access) you can set render_unsafe_content on lines 4 and 16 to true to remove some annoying security restrictions. (The restrictions are in place by default to prevent cross site scripting attacks.)
You'll want to change the header logo settings starting on line 25 to remove the default nag message.
