Installing Redmine on Linux Ubuntu with transparent domain authentication (Apache, Passenger, RVM, MySQL)

  • Tutorial
With this post, I would like to start a series of articles on how we adapted the Redmine task tracker to our needs.

About 2 years ago, I had to change my profile quite a lot, and from system administration to go into development on the Ruby on Rails framework. It was necessary to adapt Redmine to the needs of a fairly large IT department, and then to the needs of the company as a whole. Then, I was faced with the relative simplicity of installing “Redmine”. And a comprehensive article for beginners was sorely missed!

There are several ways to install a ROR application, which is Redmine. This article will discuss the installation of Apache on a web server using Passenger and RVM. As a database server, we still use "MySQL" (or rather MariaDB), although we are thinking about moving to "PostgreSQL".


Apache


Install the Apache web server:

#apt-get install apache2

The main reason Apache is used is the presence of a module for transparent authentication in the Windows domain. We initially wanted to simplify the use of Redmine. No need to enter a password twice was a big plus.

Immediately configure the Apache virtual hosts. First, configure virtual hosts without the support of "Ruby". Just to verify that Apache is working correctly and configure the transparent authentication module in the Windows domain.

Create a folder where the “Redmine” distribution will be:

#mkdir /usr/share/srv-redmine/redmine-2.3

We create a link from the directory “/ var / www” (the directory in which Apache sites usually lie) to the folder with our future distribution “Redmine”:

#ln -s /usr/share/srv-redmine/redmine-2.3 /var/www/srv-redmine

Create a virtual host file:

#touch /etc/apache2/sites-available/redmine

Fill the file with the following contents (configure the virtual host):


    ServerName redmine.local
    ServerAdmin support@redmine.local
    DocumentRoot /var/www/srv-redmine/public
    Options Indexes ExecCGI FollowSymLinks
    
        AllowOverride all
        Options -MultiViews
    

The domain name "redmine.local" must be defined (resolved) on the network where you will use "Redmine".

We include our site:

#a2ensite redmine

A package that implements the a2ensite command may not be installed on Ubuntu. In this case, a prompt will appear in the console on how to install it.

Restart apache:

#service apache2 restart

To verify that the virtual host is configured correctly. Create an “index.html” file with arbitrary content in the virtual host directory.

#touch /usr/share/srv-redmine/redmine-2.3/public/index.html

Having opened the browser page "http: //redmine.local", we should see the contents of our file.

Domain transparent authentication module

Sadly, we did not find such a module under "ngix". Probably for this reason, we are still using Apache.

Download the module, unpack it somewhere. I usually unpack it in my home directory:

#cd ~
#wget http://modntlm.sourceforge.net/mod_ntlm2.tar.gz
#tar -zxvf ./mod_ntlm2.tar.gz

Install the package to compile the modules:

#apt-get install apache2-prefork-dev

There is subtlety with this module. It does not authenticate logins that are too long. Therefore, if the company has employees with logins like "rimsky-korsakov", then before compiling the module you need to change the maximum login length in the file "ntlmssp.inc.c" by editing the line "define MAX_USERLEN 32"

Go to the unzipped directory. Compile the module:

#cd mod_ntlm2
#apxs2 -i -a -c mod_ntlm.c

During compilation, warning errors may occur. This is normal.

In the virtual host settings, we add directives that are responsible for authentication. The virtual host file should now look like this:


    ServerName redmine.local
    ServerAdmin support@redmine.local
    DocumentRoot /var/www/srv-redmine/public
    Options Indexes ExecCGI FollowSymLinks
    
        AllowOverride all
        Options -MultiViews
    
        AuthType NTLM
        NTLMAuth on
        NTLMAuthoritative on
        NTLMDomain OUR_DOMAIN.LOCAL
        NTLMServer dc1.our_domain.local
        NTLMBackup dc2.our_domain.local
        require valid-user
    
   

During operation, it was observed that this module can significantly slow down the return of static data. Therefore, we configured the module so that it only connected on the authentication page in "Redmine". All other authentication work is implemented by our transparent authentication plugin .

MySQL (MariaDB)


Install the Mysql database server.

MySQL is outdated, so it’s better to fork it with MariaDB. At some stage, we moved from the first to the second, without experiencing problems. In terms of installation and configuration for both database servers, everything is about the same.

#apt-get install mysql-server

We connect to the server with the password entered during the installation phase:

#mysql -uroot -pour_password

Create an empty database for Redmine and assign privileges:

create database redmine character set utf8;
create user 'redmine'@'localhost' identified by 'password_for_redmine_user';
grant all privileges on redmine.* to 'redmine'@'localhost';
exit;

RVM


In a nutshell, “RVM” allows you to install different versions of Ruby on the same computer. We are constantly arguing with my colleague, but do we need RVM on a production server?

There is no direct need for it, but I love it because it allows you to greatly simplify the installation of "Ruby". In “Ubuntu” there are not always the latest packages with “Ruby”, but in “RVM” there are! In general, we use RVM.

To install “RVM” you need to install “Curl”:

#apt-get install curl

Then we exit the root user and then run as a regular user:

$curl -L https://get.rvm.io | bash -s stable

After installation, RVM will tell us what other packages need to be delivered to Ubuntu. At the time of writing, these were the following packages:

#apt-get install build-essential openssl libreadline6 libreadline6-dev curl git-core zlib1g zlib1g-dev libssl-dev libyaml-dev libsqlite3-dev sqlite3 libxml2-dev libxslt-dev autoconf libc6-dev ncurses-dev automake libtool bison subversion

Install "ruby-1.9.3", but first you need to install "ruby-1.8.7", otherwise nothing.
If the message “RVM is not a function, selecting rubies with 'rvm use ...' will not work” flies, then you need to run the command “/ bin / bash --login”. And then you can work with "RVM":

$rvm install ruby-1.8.7-head
$rvm use ruby-1.8.7-head
$rvm install ruby-1.9.3-head
$rvm use ruby 1.9.3-head --default
$rvm gemset create rails3
$rvm use 1.9.3-head@rails3 --default

When I mastered RVM, this post really helped me: http://habrahabr.ru/post/120504/ .

Passenger


Passenger is an Apache module that allows you to run Ruby applications. RVM allows you to compile Passenger for a specific gem. After compilation, RVM will advise how to connect Passenger to Apache.

#apt-get install libapache2-mod-passenger
$gem install passenger
$rvmsudo /home/user/.rvm/gems/ruby-1.9.3-head@rails3/gems/passenger-4.0.8/bin/passenger-install-apache2-module
#apt-get install libcurl4-openssl-dev

The version of Passenger is subject to change. Therefore, you need to make sure the path is correct (in the 3rd team).

In the corresponding Apache directories, we create module configuration files and module loading files:

#touch /etc/apache2/mods-available/passenger.load

We write the following contents into the file:

LoadModule passenger_module /home/user/.rvm/gems/ruby-1.9.3-head@rails3/gems/passenger-4.0.8/buildout/apache2/mod_passenger.so

Configuration file:

#touch /etc/apache2/mods-available/passenger.conf

The contents of the configuration file:


PassengerRoot /home/user/.rvm/gems/ruby-1.9.3-head@rails3/gems/passenger-4.0.8
PassengerDefaultRuby /home/user/.rvm/wrappers/ruby-1.9.3-head@rails3/ruby

After compiling Passenger, RVM will generate the correct contents of these files. You only need to create files and copy the contents.

We connect our module:

#a2enmod passenger

Immediately change the configuration file "Apache". Now we have Passenger:


    ServerName redmine.local
    ServerAdmin support@redmine.local
    DocumentRoot /var/www/srv-redmine/public
    Options Indexes ExecCGI FollowSymLinks
    PassengerResolveSymlinksInDocumentRoot on
    RailsEnv production
    RailsBaseURI /
    
        AllowOverride all
        Options -MultiViews
    
        AuthType NTLM
        NTLMAuth on
        NTLMAuthoritative on
        NTLMDomain OUR_DOMAIN.LOCAL
        NTLMServer dc1.our_domain.local
        NTLMBackup dc2.our_domain.local
        require valid-user
    
   

Restart Apache:

#service apache2 restart


Redmine


We take the latest version of "Redmine" from the SVN repository. SVN client may not be installed on Ubuntu. Then you need to install it.

#cd /usr/share/srv-redmine
#svn co http://redmine.rubyforge.org/svn/branches/2.3-stable redmine-2.3
#chmod 775 -R /usr/share/srv-redmine/redmine-2.3
#chown -R www-data:user /usr/share/srv-redmine/redmine-2.3

user - this is the user under whom we installed "RVM".

Install "Rmagic" and the package without which gem will not be installed .

#sudo apt-get install librmagick-ruby1.8
#sudo apt-get install libmagick9-dev
#sudo apt-get install libmagickcore-dev libmagickwand-dev

or like this (depending on the version of "Ubuntu"):

#sudo apt-get install graphicsmagick-libmagick-dev-compat
#sudo apt-get install libmagickwand-dev

We change the settings for connecting “Redmine” to the database. In our case, this is "MySQL":
$cd /usr/share/srv-redmine/redmine-2.3/config

Change the file “database.yml”:

production:
  adapter: mysql2
  database: redmine
  host: localhost
  username: redmine
  password: password_for_redmine_user
  encoding: utf8

At the same time, we configure the sending of e-mail messages from Redmine. File "configuration.yml":

production:
   email_delivery:
     delivery_method: :smtp
     smtp_settings:
       address: "smtp_server"
       port: 25
       domain: "mail_domain_name"
       authentication: none

We have a mail server configured that does not require authentication within the network. Therefore, the file is like that. Your file may be different. More details can be found here: http://www.redmine.org/projects/redmine/wiki/EmailConfiguration

Install all the jams that are required by "Redmine":

$cd /usr/share/srv-redmine/redmine-2.3
$bundle install --without development test

Out of the box “Redmine” allows non-transparent authentication in the domain. To do this, use the net-ldap jam. This jam contains one very serious mistake.

You need to find this jam in the jamset and fix the file with the handles according to this commit .

Otherwise, when certain data in Cyrillic is requested from LDAP, unforeseen errors may occur.

Then everything is according to the Redmine installation instructions :

Generate a secret key:

rake generate_secret_token

We create plates in our database:

RAILS_ENV=production rake db:migrate

Fill the database with basic data:

RAILS_ENV=production REDMINE_LANG=ru rake redmine:load_default_data


Actually that's all. We restart "Apache". Everything should work.

#service apache restart

What other ways to install Redmine


You can just download “Bitnami Stack” .

You can install “Redmine” from the repositories: “apt-get install redmine”. Ubuntu has it, but not always fresh.

I prefer to go through a more complicated installation path, but have a deeper understanding of my server.

Hope this article is helpful.

Also popular now: