Installing Redmine on Debian 7.5

Redmine is a flexible project management web application with issue and time tracking ability. The development server caters for the hosting of the project management system and also allows for access to it over the HTTPS protocol.

Installing Redmine

To install Redmine, we execute the following command in a “root” shell.

apt-get install redmine redmine-mysql

When we are prompted to configure the Redmine database making use of dbconfig-common, we select yes.

Setting up the Redmine database

When prompted to select the database type to be used, select the mysql option. Next, enter the password for the “root” database user of the MySQL database server. Finally, enter a password for the “redmine_default” database user.

Installing Redmine dependencies

To manage the gems dependencies, Redmine uses Bundler, which is installed by executing the following command in a “root” shell.

gem install bundler

Once the installation of Bundler is complete, we can install all the gems required by executing the following command in a “root” shell.

bundle install --without development test

If you receive an error message stating Could not locate Gemfile, ensure that you are in the directory where Redmine is installed; the default for the debian package of Redmine is /usr/share/redmine

Installing the Apache Module

Redmine uses the Passenger Apache Module, which is installed by executing the following command in a “root” shell.

apt-get install libapache2-mod-passenger

Setting up the Redmine virtual host

To use the Redmine application in our virtual host, some permissions and ownership needs to be set on the web application by executing the following command in a “root” shell.

chown -R www-data:www-data /usr/share/redmine/public/

Virtual Host settings

The virtual host will use the IP address 192.168.100.16, using the certificate in /etc/ssl/CA/certs/sitename.cert and the private key in /etc/ssl/CA/private/sitename.key.nopass. Authentication and authorization is handled inside of the Redmine application.

Virtual Host Configuration

<VirtualHost 192.168.100.16:80>
    RewriteEngine on
    ReWriteCond %{SERVER_PORT} !^443$
    RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R,L]
</VirtualHost>

<VirtualHost 192.168.100.16:443>
    ServerName sitename
    ServerAdmin webmaster@domain

    SSLEngine On
    SSLCertificateFile /etc/ssl/CA/certs/sitename.cert
    SSLCertificateKeyFile /etc/ssl/CA/private/sitename.key.nopass

    BrowserMatch "MSIE [2-6]" \
        nokeepalive ssl-unclean-shutdown \
        downgrade-1.0 force-response-1.0
    BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown

    ErrorDocument 404 /404.html
    ErrorDocument 500 /500.html

    DocumentRoot /usr/share/redmine/public
    <Directory /usr/share/redmine/public>
        RailsBaseURI /
        PassengerResolveSymlinksInDocumentRoot on
        AllowOverride None
    </Directory>

    ErrorLog ${APACHE_LOG_DIR}/sitename/error.log
    CustomLog ${APACHE_LOG_DIR}/sitename/access.log combined
</VirtualHost>

Enabling the Virtual Host

To enable the virtual host, we execute the following command in a “root” shell.

a2ensite sitename

To reload the configuration, we execute the following command in a “root” shell.

service apache2 reload

Installing Mercurial on Debian 7.5

Mercurial is a software versioning and revision control system to maintain current and historical versions of files such as source code, web pages, and documentation. The development server caters for the hosting of the version control system and also allows for access to it over the HTTPS protocol.

Installing Mercurial

To install Mercurial, we execute the following command in a “root” shell.

apt-get install mercurial mercurial-common

Creating the Mercurial repository

To create the container and set the appropriate ownership and permissions for our Mercurial repositories, we execute the following commands in a “root” shell.

mkdir -p /home/hg
chown www-data:www-data /home/hg
chmod 700 /home/hg

Installing the Apache Module

To enable the submission of files to Mercurial over WebDAV, we install the necessary module by executing the following in a “root” shell.

apt-get install libapache2-mod-wsgi

Configuring Apache

To configure Mercurial, we will host it on a secure virtual host on Apache.

Configuring Apache Module

To configure the module, we will be hosting the files hgweb.config and hgweb.cgi in a directory cgi-bin, which is created by executing the following commands in a “root” shell.

mkdir /home/www-data/sitename
mkdir /home/www-data/sitename/cgi-bin
chown -R www-data:www-data /home/www-data/sitename
chmod -R 770 /home/www-data/sitename

Next, we will create the hgweb.config file, which will contain the following.

[web]
style = monoblue
allow_push = *
push_ssl = true
[paths]
/ = /home/hg/*

Next, we will edit the hgweb.cgi file to contain the following, after copying the example file by executing the following command in a “root” shell.

cp /usr/share/doc/mercurial/examples/hgweb.cgi /home/www-data/sitename/cgi-bin/
#!/usr/bin/env python
#
# An example hgweb CGI script, edit as necessary
# See also http://mercurial.selenic.com/wiki/PublishingRepositories

# Path to repo or hgweb config to serve (see 'hg help hgweb')
config = "/home/www-data/sitename/cgi-bin/hgweb.config"

# Uncomment and adjust if Mercurial is not installed system-wide
# (consult "installed modules" path from 'hg debuginstall'):
#import sys; sys.path.insert(0, "/path/to/python/lib")

# Uncomment to send python tracebacks to the browser if an error occurs:
import cgitb; cgitb.enable()

from mercurial import demandimport; demandimport.enable()
from mercurial.hgweb import hgweb, wsgicgi
application = hgweb(config)
wsgicgi.launch(application)

Finally, we will set the necessary ownership and permissions on the hgweb.config and hgweb.cgi by executing the following commands in a “root” shell.

chown -R www-data:www-data /home/www-data/sitename/cgi-bin
chmod 760 hgweb.cgi
chmod 660 hgweb.config

Virtual Host settings

The virtual host will use the IP address 192.168.100.15, using the certificate in /etc/ssl/CA/certs/sitename.cert and the private key in /etc/ssl/CA/private/sitename.key.nopass. Authentication will also be required using a htpasswd file in /etc/apache2/security/htpasswd.sitename.

To create this htpasswd file, we execute the following command in a “root” shell.

htpasswd -c /etc/apache2/security/htpasswd.sitename admin

We will then be prompted to enter a password for the user admin, and using these credentials we will be able to access the Mercurial web interface.

Virtual Host Configuration

<VirtualHost 192.168.100.15:80>
    RewriteEngine on
    ReWriteCond %{SERVER_PORT} !^443$
    RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R,L]
</VirtualHost>

<VirtualHost 192.168.100.15:443>
    ServerName sitename
    ServerAdmin webmaster@domain

    SSLEngine On
    SSLCertificateFile /etc/ssl/CA/certs/sitename.cert
    SSLCertificateKeyFile /etc/ssl/CA/private/sitename.key.nopass

    BrowserMatch "MSIE [2-6]" \
        nokeepalive ssl-unclean-shutdown \
        downgrade-1.0 force-response-1.0
    BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown

    DocumentRoot /home/www-data/sitename
    <Directory /home/www-data/sitename>
        Options SymLinksIfOwnerMatch
        AllowOverride None
        Order allow,deny
        Allow from all
    </Directory>

    Alias /static /usr/share/mercurial/templates/static
    <Directory /usr/share/mercurial/templates/static>
        Options SymLinksIfOwnerMatch
        AllowOverride None
        Order allow,deny
        Allow from all
    </Directory>


    ScriptAlias / /home/www-data/sitename/cgi-bin/hgweb.cgi
    <Location />
        AuthType Basic
        AuthName "Mercurial Repository"
        AuthUserFile /etc/apache2/security/htpasswd.sitename
        Require valid-user
    </Location>

    ErrorLog ${APACHE_LOG_DIR}/sitename/error.log
    CustomLog ${APACHE_LOG_DIR}/sitename/access.log combined
</VirtualHost>

Enabling the Virtual Host

To enable the virtual host, we execute the following command in a “root” shell.

a2ensite sitename

To reload the configuration, we execute the following command in a “root” shell.

service apache2 reload

Setting up your own development server in Debian

In this series of articles, we will be setting up a new development environment under Debian 7.5. This will include a base server operating system, GUI Desktop Environment, Network Time Server, DNS server, Mail server, Database server and Web server. We will also be hosting our own Version Control System with integration into a Project Management and Issue and Time Tracking solution. We will also require our own Certificate Authority to request and sign digital certificates to use on our internal network and web server.

Operating System and Desktop Environment

As stated above, we will be making use of Debian 7.5 for our server operating system and either log in remotely to a shell over SSH or directly via a Desktop Environment.

Our Desktop Environment will be LXDE, due to the fact that it is designed to work well with computers on the lower end of the performance spectrum – in my case, I am running my Debian server on a Pentium IV 1.7GHz with 512MB of RAM and 2 drives of 40GB and 160GB each – the latter being used as my data drive and the former to host the operating system. We’ll also be installing Gnome and KDE as well, which are both very common Desktop Environments.

Network Time

For us to be able to broadcast Coordinated Universal Time on our internal network, we will be using NTP.

DNS Server

For us to be able to host domains on our internal network, we will be using Bind.

Mail Server

For us to be able to send and receive email messages on our internal network, we will be using Exim 4 with ClamAV, SpamAssassin and Greylistd enabled.

Data storage

For us to be able to provide data storage for our applications, we will be making use of

  • Relational databases;
  • In-memory object caching; and
  • NoSQL databases.

Relational database

MySQL Server 5.5 will provide our relational database back-end and we will be administering it through a web front-end making use of phpMyAdmin.

Object-caching

Memcached will provide our object-caching back-end and we will be administering it through a web front-end making use of phpMemcachedAdmin.

NoSQL database

MongoDB will provide our NoSQL database back-end and we will be administering it through a web front-end making use of RockMongo.

Web Server

The web front-ends will be hosted on Apache 2.2, with virtual hosts configured for each specific web front-end and SSL certificates securing the communication between the web front-ends and clients.

Java Application Server

Tomcat will provide our Java Application Server functionality.

Zend Framework

Zend Framework 2 is an open source framework for developing web applications and services using PHP 5.3+. Apigility provides the functionality to implement a WebAPI on top of the Zend Framework.

Version Control System

For us to provide our own version control system, we will be using Subversion and Mercurial and also enable access to it over the HTTPS protocol.

Project Management and Issue and Time Tracking

For us to provide our project management solution, we will be using Redmine and configure access to both Subversion and Mercurial as well as enable access to it over the HTTPS protocol.


The articles will be published in the order below and as these become available, I will update the list with the appropriate links.

At the end of this series, we will have a comprehensive development server for internal use. A note on this, we are setting up the server behind an existing firewall making use of the 192.168.100.x range of IP addresses.