October 22, 2013 at 04:19Installing Redmine on Linux Ubuntu with transparent domain authentication (Apache, Passenger, RVM, MySQL)
- Tutorial
With this post, I would like to start a series of articles on how we adapted the Redmine task tracker to our needs.
About 2 years ago, I had to change my profile quite a lot, and from system administration to go into development on the Ruby on Rails framework. It was necessary to adapt Redmine to the needs of a fairly large IT department, and then to the needs of the company as a whole. Then, I was faced with the relative simplicity of installing “Redmine”. And a comprehensive article for beginners was sorely missed!
There are several ways to install a ROR application, which is Redmine. This article will discuss the installation of Apache on a web server using Passenger and RVM. As a database server, we still use "MySQL" (or rather MariaDB), although we are thinking about moving to "PostgreSQL".
Install the Apache web server:
The main reason Apache is used is the presence of a module for transparent authentication in the Windows domain. We initially wanted to simplify the use of Redmine. No need to enter a password twice was a big plus.
Immediately configure the Apache virtual hosts. First, configure virtual hosts without the support of "Ruby". Just to verify that Apache is working correctly and configure the transparent authentication module in the Windows domain.
Create a folder where the “Redmine” distribution will be:
We create a link from the directory “/ var / www” (the directory in which Apache sites usually lie) to the folder with our future distribution “Redmine”:
Create a virtual host file:
Fill the file with the following contents (configure the virtual host):
The domain name "redmine.local" must be defined (resolved) on the network where you will use "Redmine".
We include our site:
A package that implements the a2ensite command may not be installed on Ubuntu. In this case, a prompt will appear in the console on how to install it.
Restart apache:
To verify that the virtual host is configured correctly. Create an “index.html” file with arbitrary content in the virtual host directory.
Having opened the browser page "http: //redmine.local", we should see the contents of our file.
Sadly, we did not find such a module under "ngix". Probably for this reason, we are still using Apache.
Download the module, unpack it somewhere. I usually unpack it in my home directory:
Install the package to compile the modules:
There is subtlety with this module. It does not authenticate logins that are too long. Therefore, if the company has employees with logins like "rimsky-korsakov", then before compiling the module you need to change the maximum login length in the file "ntlmssp.inc.c" by editing the line "define MAX_USERLEN 32"
Go to the unzipped directory. Compile the module:
During compilation, warning errors may occur. This is normal.
In the virtual host settings, we add directives that are responsible for authentication. The virtual host file should now look like this:
During operation, it was observed that this module can significantly slow down the return of static data. Therefore, we configured the module so that it only connected on the authentication page in "Redmine". All other authentication work is implemented by our transparent authentication plugin .
Install the Mysql database server.
MySQL is outdated, so it’s better to fork it with MariaDB. At some stage, we moved from the first to the second, without experiencing problems. In terms of installation and configuration for both database servers, everything is about the same.
We connect to the server with the password entered during the installation phase:
Create an empty database for Redmine and assign privileges:
In a nutshell, “RVM” allows you to install different versions of Ruby on the same computer. We are constantly arguing with my colleague, but do we need RVM on a production server?
There is no direct need for it, but I love it because it allows you to greatly simplify the installation of "Ruby". In “Ubuntu” there are not always the latest packages with “Ruby”, but in “RVM” there are! In general, we use RVM.
To install “RVM” you need to install “Curl”:
Then we exit the root user and then run as a regular user:
After installation, RVM will tell us what other packages need to be delivered to Ubuntu. At the time of writing, these were the following packages:
Install "ruby-1.9.3", but first you need to install "ruby-1.8.7", otherwise nothing.
If the message “RVM is not a function, selecting rubies with 'rvm use ...' will not work” flies, then you need to run the command “/ bin / bash --login”. And then you can work with "RVM":
When I mastered RVM, this post really helped me: http://habrahabr.ru/post/120504/ .
Passenger is an Apache module that allows you to run Ruby applications. RVM allows you to compile Passenger for a specific gem. After compilation, RVM will advise how to connect Passenger to Apache.
The version of Passenger is subject to change. Therefore, you need to make sure the path is correct (in the 3rd team).
In the corresponding Apache directories, we create module configuration files and module loading files:
We write the following contents into the file:
Configuration file:
The contents of the configuration file:
After compiling Passenger, RVM will generate the correct contents of these files. You only need to create files and copy the contents.
We connect our module:
Immediately change the configuration file "Apache". Now we have Passenger:
Restart Apache:
We take the latest version of "Redmine" from the SVN repository. SVN client may not be installed on Ubuntu. Then you need to install it.
user - this is the user under whom we installed "RVM".
Install "Rmagic" and the package without which gem will not be installed .
or like this (depending on the version of "Ubuntu"):
We change the settings for connecting “Redmine” to the database. In our case, this is "MySQL":
Change the file “database.yml”:
At the same time, we configure the sending of e-mail messages from Redmine. File "configuration.yml":
We have a mail server configured that does not require authentication within the network. Therefore, the file is like that. Your file may be different. More details can be found here: http://www.redmine.org/projects/redmine/wiki/EmailConfiguration
Install all the jams that are required by "Redmine":
Out of the box “Redmine” allows non-transparent authentication in the domain. To do this, use the net-ldap jam. This jam contains one very serious mistake.
You need to find this jam in the jamset and fix the file with the handles according to this commit .
Otherwise, when certain data in Cyrillic is requested from LDAP, unforeseen errors may occur.
Then everything is according to the Redmine installation instructions :
Generate a secret key:
We create plates in our database:
Fill the database with basic data:
Actually that's all. We restart "Apache". Everything should work.
You can just download “Bitnami Stack” .
You can install “Redmine” from the repositories: “apt-get install redmine”. Ubuntu has it, but not always fresh.
I prefer to go through a more complicated installation path, but have a deeper understanding of my server.
Hope this article is helpful.
About 2 years ago, I had to change my profile quite a lot, and from system administration to go into development on the Ruby on Rails framework. It was necessary to adapt Redmine to the needs of a fairly large IT department, and then to the needs of the company as a whole. Then, I was faced with the relative simplicity of installing “Redmine”. And a comprehensive article for beginners was sorely missed!
There are several ways to install a ROR application, which is Redmine. This article will discuss the installation of Apache on a web server using Passenger and RVM. As a database server, we still use "MySQL" (or rather MariaDB), although we are thinking about moving to "PostgreSQL".
Apache
Install the Apache web server:
#apt-get install apache2
The main reason Apache is used is the presence of a module for transparent authentication in the Windows domain. We initially wanted to simplify the use of Redmine. No need to enter a password twice was a big plus.
Immediately configure the Apache virtual hosts. First, configure virtual hosts without the support of "Ruby". Just to verify that Apache is working correctly and configure the transparent authentication module in the Windows domain.
Create a folder where the “Redmine” distribution will be:
#mkdir /usr/share/srv-redmine/redmine-2.3
We create a link from the directory “/ var / www” (the directory in which Apache sites usually lie) to the folder with our future distribution “Redmine”:
#ln -s /usr/share/srv-redmine/redmine-2.3 /var/www/srv-redmine
Create a virtual host file:
#touch /etc/apache2/sites-available/redmine
Fill the file with the following contents (configure the virtual host):
ServerName redmine.local
ServerAdmin support@redmine.local
DocumentRoot /var/www/srv-redmine/public
Options Indexes ExecCGI FollowSymLinks
AllowOverride all
Options -MultiViews
The domain name "redmine.local" must be defined (resolved) on the network where you will use "Redmine".
We include our site:
#a2ensite redmine
A package that implements the a2ensite command may not be installed on Ubuntu. In this case, a prompt will appear in the console on how to install it.
Restart apache:
#service apache2 restart
To verify that the virtual host is configured correctly. Create an “index.html” file with arbitrary content in the virtual host directory.
#touch /usr/share/srv-redmine/redmine-2.3/public/index.html
Having opened the browser page "http: //redmine.local", we should see the contents of our file.
Domain transparent authentication module
Sadly, we did not find such a module under "ngix". Probably for this reason, we are still using Apache.
Download the module, unpack it somewhere. I usually unpack it in my home directory:
#cd ~
#wget http://modntlm.sourceforge.net/mod_ntlm2.tar.gz
#tar -zxvf ./mod_ntlm2.tar.gz
Install the package to compile the modules:
#apt-get install apache2-prefork-dev
There is subtlety with this module. It does not authenticate logins that are too long. Therefore, if the company has employees with logins like "rimsky-korsakov", then before compiling the module you need to change the maximum login length in the file "ntlmssp.inc.c" by editing the line "define MAX_USERLEN 32"
Go to the unzipped directory. Compile the module:
#cd mod_ntlm2
#apxs2 -i -a -c mod_ntlm.c
During compilation, warning errors may occur. This is normal.
In the virtual host settings, we add directives that are responsible for authentication. The virtual host file should now look like this:
ServerName redmine.local
ServerAdmin support@redmine.local
DocumentRoot /var/www/srv-redmine/public
Options Indexes ExecCGI FollowSymLinks
AllowOverride all
Options -MultiViews
AuthType NTLM
NTLMAuth on
NTLMAuthoritative on
NTLMDomain OUR_DOMAIN.LOCAL
NTLMServer dc1.our_domain.local
NTLMBackup dc2.our_domain.local
require valid-user
During operation, it was observed that this module can significantly slow down the return of static data. Therefore, we configured the module so that it only connected on the authentication page in "Redmine". All other authentication work is implemented by our transparent authentication plugin .
MySQL (MariaDB)
Install the Mysql database server.
MySQL is outdated, so it’s better to fork it with MariaDB. At some stage, we moved from the first to the second, without experiencing problems. In terms of installation and configuration for both database servers, everything is about the same.
#apt-get install mysql-server
We connect to the server with the password entered during the installation phase:
#mysql -uroot -pour_password
Create an empty database for Redmine and assign privileges:
create database redmine character set utf8;
create user 'redmine'@'localhost' identified by 'password_for_redmine_user';
grant all privileges on redmine.* to 'redmine'@'localhost';
exit;
RVM
In a nutshell, “RVM” allows you to install different versions of Ruby on the same computer. We are constantly arguing with my colleague, but do we need RVM on a production server?
There is no direct need for it, but I love it because it allows you to greatly simplify the installation of "Ruby". In “Ubuntu” there are not always the latest packages with “Ruby”, but in “RVM” there are! In general, we use RVM.
To install “RVM” you need to install “Curl”:
#apt-get install curl
Then we exit the root user and then run as a regular user:
$curl -L https://get.rvm.io | bash -s stable
After installation, RVM will tell us what other packages need to be delivered to Ubuntu. At the time of writing, these were the following packages:
#apt-get install build-essential openssl libreadline6 libreadline6-dev curl git-core zlib1g zlib1g-dev libssl-dev libyaml-dev libsqlite3-dev sqlite3 libxml2-dev libxslt-dev autoconf libc6-dev ncurses-dev automake libtool bison subversion
Install "ruby-1.9.3", but first you need to install "ruby-1.8.7", otherwise nothing.
If the message “RVM is not a function, selecting rubies with 'rvm use ...' will not work” flies, then you need to run the command “/ bin / bash --login”. And then you can work with "RVM":
$rvm install ruby-1.8.7-head
$rvm use ruby-1.8.7-head
$rvm install ruby-1.9.3-head
$rvm use ruby 1.9.3-head --default
$rvm gemset create rails3
$rvm use 1.9.3-head@rails3 --default
When I mastered RVM, this post really helped me: http://habrahabr.ru/post/120504/ .
Passenger
Passenger is an Apache module that allows you to run Ruby applications. RVM allows you to compile Passenger for a specific gem. After compilation, RVM will advise how to connect Passenger to Apache.
#apt-get install libapache2-mod-passenger
$gem install passenger
$rvmsudo /home/user/.rvm/gems/ruby-1.9.3-head@rails3/gems/passenger-4.0.8/bin/passenger-install-apache2-module
#apt-get install libcurl4-openssl-dev
The version of Passenger is subject to change. Therefore, you need to make sure the path is correct (in the 3rd team).
In the corresponding Apache directories, we create module configuration files and module loading files:
#touch /etc/apache2/mods-available/passenger.load
We write the following contents into the file:
LoadModule passenger_module /home/user/.rvm/gems/ruby-1.9.3-head@rails3/gems/passenger-4.0.8/buildout/apache2/mod_passenger.so
Configuration file:
#touch /etc/apache2/mods-available/passenger.conf
The contents of the configuration file:
PassengerRoot /home/user/.rvm/gems/ruby-1.9.3-head@rails3/gems/passenger-4.0.8
PassengerDefaultRuby /home/user/.rvm/wrappers/ruby-1.9.3-head@rails3/ruby
After compiling Passenger, RVM will generate the correct contents of these files. You only need to create files and copy the contents.
We connect our module:
#a2enmod passenger
Immediately change the configuration file "Apache". Now we have Passenger:
ServerName redmine.local
ServerAdmin support@redmine.local
DocumentRoot /var/www/srv-redmine/public
Options Indexes ExecCGI FollowSymLinks
PassengerResolveSymlinksInDocumentRoot on
RailsEnv production
RailsBaseURI /
AllowOverride all
Options -MultiViews
AuthType NTLM
NTLMAuth on
NTLMAuthoritative on
NTLMDomain OUR_DOMAIN.LOCAL
NTLMServer dc1.our_domain.local
NTLMBackup dc2.our_domain.local
require valid-user
Restart Apache:
#service apache2 restart
Redmine
We take the latest version of "Redmine" from the SVN repository. SVN client may not be installed on Ubuntu. Then you need to install it.
#cd /usr/share/srv-redmine
#svn co http://redmine.rubyforge.org/svn/branches/2.3-stable redmine-2.3
#chmod 775 -R /usr/share/srv-redmine/redmine-2.3
#chown -R www-data:user /usr/share/srv-redmine/redmine-2.3
user - this is the user under whom we installed "RVM".
Install "Rmagic" and the package without which gem will not be installed .
#sudo apt-get install librmagick-ruby1.8
#sudo apt-get install libmagick9-dev
#sudo apt-get install libmagickcore-dev libmagickwand-dev
or like this (depending on the version of "Ubuntu"):
#sudo apt-get install graphicsmagick-libmagick-dev-compat
#sudo apt-get install libmagickwand-dev
We change the settings for connecting “Redmine” to the database. In our case, this is "MySQL":
$cd /usr/share/srv-redmine/redmine-2.3/config
Change the file “database.yml”:
production:
adapter: mysql2
database: redmine
host: localhost
username: redmine
password: password_for_redmine_user
encoding: utf8
At the same time, we configure the sending of e-mail messages from Redmine. File "configuration.yml":
production:
email_delivery:
delivery_method: :smtp
smtp_settings:
address: "smtp_server"
port: 25
domain: "mail_domain_name"
authentication: none
We have a mail server configured that does not require authentication within the network. Therefore, the file is like that. Your file may be different. More details can be found here: http://www.redmine.org/projects/redmine/wiki/EmailConfiguration
Install all the jams that are required by "Redmine":
$cd /usr/share/srv-redmine/redmine-2.3
$bundle install --without development test
Out of the box “Redmine” allows non-transparent authentication in the domain. To do this, use the net-ldap jam. This jam contains one very serious mistake.
You need to find this jam in the jamset and fix the file with the handles according to this commit .
Otherwise, when certain data in Cyrillic is requested from LDAP, unforeseen errors may occur.
Then everything is according to the Redmine installation instructions :
Generate a secret key:
rake generate_secret_token
We create plates in our database:
RAILS_ENV=production rake db:migrate
Fill the database with basic data:
RAILS_ENV=production REDMINE_LANG=ru rake redmine:load_default_data
Actually that's all. We restart "Apache". Everything should work.
#service apache restart
What other ways to install Redmine
You can just download “Bitnami Stack” .
You can install “Redmine” from the repositories: “apt-get install redmine”. Ubuntu has it, but not always fresh.
I prefer to go through a more complicated installation path, but have a deeper understanding of my server.
Hope this article is helpful.