Trac and his friends Gitolite, Nginx and UWSGI
Everyone probably knows the wonderful OpenSource project Trac , which allows you to organize the workflow in software development. However, its deployment and configuration is not an easy task. Information on the Internet is scattered and often outdated. I was able to verify this myself by setting up Trac integrated with Gitolite on a bunch of Nginx + UWSGI.
After a short overture with a tambourine, I was born this document which is almost a step-by-step instruction for deploying the Trac project. Hope this comes in handy for someone else.
The instruction is aimed at a user with basic Linux administration knowledge and the Python package installation system. I will say right away that the deployment process on a system with a freshly installed Ubuntu 12.04 distribution is described, however, I think the information will be useful for fans of other Linux assemblies.
Follow these steps if Trac is not installed on your system:
Now you need to initialize the project location directory. Follow these steps:
Everything is quite trivial, except for manipulating the tracsys group and assigning rights to the project directory. But this affected the integration with gitolite and the organization of hosting a project based on the Nginx + UWSGI bundle.
UWSGI is a WSGI application server. To run our Trac project under it, you need to present it in the form of a WSGI application. It is not difficult to do this using the script below. Copy it to the file /home/trac/wsgi_trac.py , make the user trac the owner. Next, you need to create the Nginx and UWSGI configuration files. For Nginx, the file is standard in such cases, but for UWSGI there are subtleties. Our WSGI will be started with the rights of the user trac and group tracsys. The wsgi_trac.nginx and wsgi_trac.uwsgi configuration files are listed below.
If Nginx and / or UWSGI are not installed, install them. With symlinks, activate the configuration files and restart the services.
The Trac 1.0 distribution does not include a component that would allow you to manage user accounts. For this, various plugins are used. In our example, we will use the plugin AccountManagerPlugin . Download it and build it like an egg distribution. Copy the resulting file with the extension .egg to the plugins directory, in our case it is / var / www / trac / plugins . Add a file trac.ini line.
A file in the HtDigest format will be used to store passwords , for this we add the following lines to the trac.ini file as well.
After that, the item allowing you to register the user will appear in the web interface. Register the user. And run the command to appoint him an administrator.
Now we have an admin, by going under which you can create, delete and assign rights to other users. Please note that a link to the new user registration form has been activated in the web interface, disable it if the user does not have an independent registration for the project. You can already do this in the admin section of the plug-in management by unchecking the c RegistrationModule in the configuration form of the AccountManagerPlugin plug -in .
There is a great Gitolite tool for managing Git repositories , which can also be integrated with Trac projects. To do this, follow these steps:
The next step is to initialize the gitolite working directory as the git user. This will open the configuration file where you need to fix the line '$ REPO_UMASK = 0077;' to '$ REPO_UMASK = 0007;'. If vim is having trouble, just press ZZ. You can change the mask later by editing the file /home/gitolite/.gitolite.rc . Assign the directory with repositories the same rights as those assigned to the directory with the Trac project.
It remains to enable integration with Git of our Trac project. To do this, add the following lines to trac.ini .
Now in the admin panel, in the Repositories section, connect the test repository gitolite /home/gitolite/repositories/testing.git with the name testing, and the control repository / home / gitolite / repositories / gitolite-admin.git with the name gitolite-admin . If everything was done correctly, the Source Code section will appear in the menu of the web interface in which they will both be present. Everything is fine, but I would like to manage Gitolite repositories through the interface of our Trac project. Not a problem, the trac-GitolitePlugin plugin will help in this matter . Download it from the above page and build it like an egg distribution. Copy the resulting file to the plugins directory and activate by adding the following lines to the trac.ini file .
After that, a new section will appear in the admin panel where you can add users to Gitolite and assign them rights to the repositories. However, during the first user addition, I got an error when executing the git clone command git @ localhost: gitolite-admin.git / tmp / bla-bla. I had to run this command from under the user trac and confirm the addition of the key manually, then everything worked without problems.
It remains to implement one of the most interesting integration features of Trac and Git, which is closing a ticket by specifying a code word in the commit. For example, a commit that contains the line “close # 777” will automatically close the corresponding ticket. To do this, first you will need to activate the CommitTicketUpdater component through the admin panel or by adding trac.ini to the file following lines.
Next, download Python script implements corresponding hook example directory / var / www / trac / hooks . It has a configuration section that needs to be configured based on the location and configuration of a specific Trac project. In our case, it will look something like this:
Gitolite has its own system for organizing hooks, correctly registered, they work for all repositories they control, which is exactly what you need. To do this, create a ~ / .gitolite / hooks / post-receive file with the following contents as user git:
And finally, activate this hook by executing the following commands.
I hope my article will help someone deal with this issue or at least save time.
After a short overture with a tambourine, I was born this document which is almost a step-by-step instruction for deploying the Trac project. Hope this comes in handy for someone else.
The instruction is aimed at a user with basic Linux administration knowledge and the Python package installation system. I will say right away that the deployment process on a system with a freshly installed Ubuntu 12.04 distribution is described, however, I think the information will be useful for fans of other Linux assemblies.
Initialization of the Trac project
Follow these steps if Trac is not installed on your system:
- install the Python Pip ;
- install Babel , if necessary interface localization;
- install Trac itself with the version, the article describes the installation of version 1.0 .
sudo apt-get install python-pip
sudo pip install babel
sudo pip install "Trac==1.0"
Now you need to initialize the project location directory. Follow these steps:
- create trac user ;
- create tracsys groups and include trac and yourself in it;
- prepare a place for the placement of the project;
- initialize the project directory;
- appoint owner and necessary rights;
- run, see what happened.
sudo adduser --disabled-password --gecos 'Trac' trac
sudo addgroup tracsys
sudo adduser trac tracsys
sudo adduser `whoami` tracsys
sudo mkdir -p /var/www/trac
sudo trac-admin /var/www/trac initenv
sudo chown -R nobody:tracsys /var/www/trac
sudo chmod -R g+rwXs /var/www/trac
tracd -p 8000 /var/www/trac/
Everything is quite trivial, except for manipulating the tracsys group and assigning rights to the project directory. But this affected the integration with gitolite and the organization of hosting a project based on the Nginx + UWSGI bundle.
Hosting with Nginx and UWSGI
UWSGI is a WSGI application server. To run our Trac project under it, you need to present it in the form of a WSGI application. It is not difficult to do this using the script below. Copy it to the file /home/trac/wsgi_trac.py , make the user trac the owner. Next, you need to create the Nginx and UWSGI configuration files. For Nginx, the file is standard in such cases, but for UWSGI there are subtleties. Our WSGI will be started with the rights of the user trac and group tracsys. The wsgi_trac.nginx and wsgi_trac.uwsgi configuration files are listed below.
wsgi_trac.py
import os
import sys
import trac.web.main
sys.stdout=sys.stderr
os.environ['TRAC_ENV'] = '/var/www/trac'
application = trac.web.main.dispatch_request
wsgi_trac.nginx
server {
listen 80;
server_name trac.local;
location / {
include uwsgi_params;
uwsgi_pass 127.0.0.1:5544;
}
}
wsgi_trac.uwsgi
[uwsgi]
uid=trac
gid=tracsys
chmod-socket=777
chown-socket=trac
chdir = /home/trac
socket = 127.0.0.1:5544
module = wsgi_trac:application
processes = 2
master = 1
If Nginx and / or UWSGI are not installed, install them. With symlinks, activate the configuration files and restart the services.
sudo apt-get install nginx uwsgi uwsgi-plugin-python
sudo ln -s /home/trac/wsgi_trac.nginx /etc/nginx/sites-enabled/trac.conf
sudo ln -s /home/trac/wsgi_trac.uwsgi /etc/uwsgi/apps-enabled/trac.ini
sudo service nginx restart
sudo service uwsgi restart
Installing the AccountManagerPlugin Plugin
The Trac 1.0 distribution does not include a component that would allow you to manage user accounts. For this, various plugins are used. In our example, we will use the plugin AccountManagerPlugin . Download it and build it like an egg distribution. Copy the resulting file with the extension .egg to the plugins directory, in our case it is / var / www / trac / plugins . Add a file trac.ini line.
[components]
trac.web.auth.LoginModule = disabled
acct_mgr.web_ui.LoginModule = enabled
acct_mgr.web_ui.RegistrationModule = enabled
A file in the HtDigest format will be used to store passwords , for this we add the following lines to the trac.ini file as well.
[account-manager]
authentication_url =
force_passwd_change = False
hash_method = HtDigestHashMethod
htdigest_realm = trac
htpasswd_hash_type = crypt
password_file = /var/www/trac/db/users.htdigest
password_store = HtDigestStore
persistent_sessions = False
refresh_passwd = False
user_lock_max_time = 0
verify_email = False
After that, the item allowing you to register the user will appear in the web interface. Register the user. And run the command to appoint him an administrator.
trac-admin /var/www/trac permission add <имя зарегистрированного пользователя> TRAC_ADMIN
Now we have an admin, by going under which you can create, delete and assign rights to other users. Please note that a link to the new user registration form has been activated in the web interface, disable it if the user does not have an independent registration for the project. You can already do this in the admin section of the plug-in management by unchecking the c RegistrationModule in the configuration form of the AccountManagerPlugin plug -in .
Gitolite Integration
There is a great Gitolite tool for managing Git repositories , which can also be integrated with Trac projects. To do this, follow these steps:
- deploy the Gitolite distribution, create a git user with the working directory / home / gitolite and add it to the tracsys group ;
- Create SSH keys for the trac user and copy the public key to /tmp/trac.pub ;
sudo apt-get install gitolite
sudo adduser --home /home/gitolite --disabled-password --gecos 'Git' git
sudo adduser git tracsys
sudo su trac
cd ~
ssh-keygen -t rsa
cp ~/.ssh/id_rsa.pub /tmp/trac.pub
exit
The next step is to initialize the gitolite working directory as the git user. This will open the configuration file where you need to fix the line '$ REPO_UMASK = 0077;' to '$ REPO_UMASK = 0007;'. If vim is having trouble, just press ZZ. You can change the mask later by editing the file /home/gitolite/.gitolite.rc . Assign the directory with repositories the same rights as those assigned to the directory with the Trac project.
sudo su git
cd ~
gl-setup /tmp/trac.pub
exit
sudo chown -R git:tracsys /home/gitolite/repositories/
sudo chmod -R g+rwXs /home/gitolite/repositories/
It remains to enable integration with Git of our Trac project. To do this, add the following lines to trac.ini .
[components]
tracopt.versioncontrol.git.* = enabled
[trac]
repository_type = git
Now in the admin panel, in the Repositories section, connect the test repository gitolite /home/gitolite/repositories/testing.git with the name testing, and the control repository / home / gitolite / repositories / gitolite-admin.git with the name gitolite-admin . If everything was done correctly, the Source Code section will appear in the menu of the web interface in which they will both be present. Everything is fine, but I would like to manage Gitolite repositories through the interface of our Trac project. Not a problem, the trac-GitolitePlugin plugin will help in this matter . Download it from the above page and build it like an egg distribution. Copy the resulting file to the plugins directory and activate by adding the following lines to the trac.ini file .
[components]
trac_gitolite.* = enabled
[trac]
permission_policies = GitolitePermissionPolicy, AuthzPolicy, DefaultPermissionPolicy, LegacyAttachmentPolicy
[trac-gitolite]
admin_reponame = gitolite-admin
admin_real_reponame = gitolite-admin
admin_ssh_path = git@localhost:gitolite-admin.git
admin_system_user = trac
default_private = True
all_includes_anonymous = False
After that, a new section will appear in the admin panel where you can add users to Gitolite and assign them rights to the repositories. However, during the first user addition, I got an error when executing the git clone command git @ localhost: gitolite-admin.git / tmp / bla-bla. I had to run this command from under the user trac and confirm the addition of the key manually, then everything worked without problems.
It remains to implement one of the most interesting integration features of Trac and Git, which is closing a ticket by specifying a code word in the commit. For example, a commit that contains the line “close # 777” will automatically close the corresponding ticket. To do this, first you will need to activate the CommitTicketUpdater component through the admin panel or by adding trac.ini to the file following lines.
[components]
tracopt.ticket.commit_updater.* = enabled
Next, download Python script implements corresponding hook example directory / var / www / trac / hooks . It has a configuration section that needs to be configured based on the location and configuration of a specific Trac project. In our case, it will look something like this:
# config
TRAC_ENV = '/var/www/trac'
GIT_PATH = '/usr/bin/git'
TRAC_ADMIN = '/usr/local/bin/trac-admin'
#REPO_NAME = '(default)'
# if you are using gitolite or sth similar, you can get the repo name from envir
REPO_NAME = os.getenv('GL_REPO')
Gitolite has its own system for organizing hooks, correctly registered, they work for all repositories they control, which is exactly what you need. To do this, create a ~ / .gitolite / hooks / post-receive file with the following contents as user git:
#!/bin/bash
python /var/www/trac/hooks/trac-post-receive-hook-0.12-new-commits-from-all-branches.py
And finally, activate this hook by executing the following commands.
sudo su git
cd ~/.gitolite/hooks/
chmod 755 post-receive
gl-setup
Conclusion
I hope my article will help someone deal with this issue or at least save time.