Customizations for a Trac & Git install

I spent 2 days setting up my trac server the way I wanted it. Here’s what I did.

These instructions will help you get going faster than I did. There are a few things that need to be tweaked to get it working, and a couple of modules that will make administration easier.

My setup has the following requirements:
No anonymous/public access, SSL traffic, accountmanager plugin to add and configure users through the trac webadmin interface, and gitplugin for use with a Git repository.

These instructions also assume that you are using a Trac appliance AMI at Amazon Web Services from Turnkey Linux which is built on Ubuntu 10.04.1 JeOS.

Change the hostname through webmin to the fully qualified name that you want to use.

Confirm that both /var/spool/postfix/etc/hosts and /etc/hosts use the hostname.
/var/spool/postfix/etc/hosts didn’t seem to get updated properly and was using “trac” as hostname.

General Options:
Set postfix to use hostname
Internet Hostname of this mail system: Default (provided by this system)
the appliance is configured for “localhost” which causes a SMTP 550 invalid HELO rejection

Installed AccountManagerPlugin

$ easy_install

sub-plugins (assuming the use of htpasswd file for user store)

Configure Accounts:
You want to use htpasswd as password store which is located at /etc/trac/htpasswd

$ chgrp www-data /etc/trac
$ chown www-data /etc/trac
$ chgrp www-data /etc/trac/htpasswd
$ chown www-data /etc/trac/htpasswd

In Trac webadmin interface -> Admin/Accounts/Configuration

filename /etc/trac/htpasswd

DISABLE TRAC’s login so you can use the form based login.

$ nano /var/local/lib/trac/git-/conf/trac.ini

and make sure the following line is in the components section

trac.web.auth.loginmodule = disabled

Comment out Trac’s HTTPD CONF so that Apache does not do the authentication and popup an http dialog.

$ nano /etc/trac/apache.conf

comment out the “Require valid-user” like the example below.

    AuthType Basic
    AuthName "Trac"
    AuthUserFile /etc/trac/htpasswd
#    Require valid-user

Installed NoAnonymousAccess Trac Plugin

$ easy_install

Installed IniAdminPlugin Trac Plugin

$ easy_install

Configure Notifications in Trac:
In Trac webadmin interface -> Admin/trac.ini notification tab (or do through the actual trac.ini file)
Set always notify owner: True
Set smtp_from_name (username@host.domain.tld – that you set in previous setep in webmin)
Set smtp_from (username@host.domain.tld – that you set in previous step in webmin)

Configure Apache2 to redirect all traffic from HTTP to SSL (HTTPS)

$ nano /etc/trac/apache.conf

edit the virtual host for port 80 like so that it looks something like:

     ServerName hostname.domain.tld
     Redirect / https://hostname.domain.tld
#    UseCanonicalName Off
#    ServerAdmin  webmaster@localhost

the hostname.domain.tld is what you set the hostname in previous sections above. All browser requests to HTTP will now automatically be redirected to HTTPS.

You must restart both postfix and apache after making most of the changes above, so if something doesn’t work, try restarting the services. You should do this at the very end anyway.

$ service apache2 restart
$ service postfix restart

One final note is that you’ll want to set the user permissions in trac to what ever you prefer. I removed all permissions from anonymous and added all permissions to authenticated users with a few exceptions.

$ trac-admin /var/local/lib/trac/git- permission remove anonymous '*'

The code above is the easy to remove permissions for anonymous.

There is no easy way to add all the permissions to authenticated users however….a little bit of a time consumer.

Hope that helps!

Leave a Reply


I'm currently available
for Lotus Notes / Domino consulting engagements.


Connect with me: