FusionForge

Installing/FromSource

From FusionForge Wiki
Revision as of 13:44, 23 October 2014 by Lolando (talk | contribs) (5.3: Added detailed install process for "offline" RHEL6 server)

Jump to: navigation, search

FusionForge master

This applies to the next version (which will be 5.4 or maybe 6.0):

System requirements / dependencies

FusionForge is mainly developed on Linux systems, but it should run on other Unix variants as well.

The minimal required components are Apache 2, PHP 5 and PostgreSQL 8.x.

Other components may be needed depending on the extra features you need: Mailman for mailing-lists, CVS, Subversion, Git, Mercurial or Bazaar for version control, and so on.

Debian and Fedora/CentOS/RHEL

Just run:

./autoinstall/install-src.sh

openSUSE

zypper install -y make gettext-runtime php5 php5-gettext php5-posix php5-pgsql \
    apache2 apache2-mod_php5 postgresql-server \
    subversion

# html-purifier:
zypper install php5-pear
pear channel-discover htmlpurifier.org
pear install hp/HTMLPurifier

If you want additional features:

  • lists
zypper install mailman postfix
  • shell
zypper install openssh
  • plugin-scmcvs:
zypper instal cvs rcs perl-IPC-Run perl-URI 
  • plugin-scmsvn:
zypper instal subversion-server
# aka mod_dav_svn; depends on viewvc(!)
  • plugin-scmgit:
zypper install git git-web
  • plugin-moinmoin: no 'moin' package :/
zypper install apache2-mod_wsgi python-psycopg2
  • plugin-mediawiki: no mediawiki package :/

Install

Cf. GUM

TODO: move GUM here

5.3

For a manual installation, check the install-ng script.

Note: the next FusionForge version will come with an improved install system.

Step by step RPM-based installation process for offline CentOS 6/RHEL 6

This section was written as a summary of one installation process where the server was behind a strict corporate firewall that didn't have access to the net, but could only use official packages from Red Hat EL 6. Therefore, it will be longer than most installations would be, and involve manual downloading of some packages.

Build local packages

  • In a checkout of the code (on the Branch_5_3 branch, or from a released tarball), run
    • make -f Makefile.rh fusionforge
    • make -C 3rd-party -f Makefile.rh

Obtain external packages

You'll need some external packages not found in the RHEL 6 repositories (use rpmfind.net to download them):

  • cronolog-1.6.2-10.el6.x86_64.rpm
  • libnss-pgsql-1.5.0-0.9.beta.fc20.src.rpm
  • perl-Sort-Versions-1.5-1.2.el6.rf.noarch.rpm
  • php-process-5.3.3-26.el6.x86_64.rpm
  • cvsgraph-1.6.1-8.el6.x86_64.rpm
  • mediawiki119-1.19.18-1.el6.noarch.rpm
  • perl-Text-Autoformat-1.666.0-1.el6.rfx.noarch.rpm
  • viewvc-1.1.22-1.el6.noarch.rpm
  • git-1.7.3.4-1.el6.rfx.x86_64.rpm
  • perl-Git-1.7.3.4-1.el6.rfx.x86_64.rpm
  • perl-Text-Reform-1.20-1.el6.rfx.noarch.rpm
  • gitweb-1.7.3.4-1.el6.rfx.x86_64.rpm
  • perl-Mail-Sendmail-0.79-12.el6.noarch.rpm
  • php-mbstring-5.3.3-26.el6.x86_64.rpm

Set up a local repository

  • Create a /root/packages/ directory, with noarch, src and x86_64 subdirs.
  • Move the *.rpm files generated and downloaded during the previous steps into the appropriate subdir: *.noarch.rpm goes into noarch, and so on.
  • Set up the appropriate metadata in the repository:
    • createrepo /root/packages/noarch
    • createrepo /root/packages/src
    • createrepo /root/packages/x86_64
  • Reference the local repository: create a /etc/yum.repos.d/local.repo file with the following content:
 [local]
 name=FusionForge-related packages for $basearch
 baseurl=file:///root/packages/$basearch
 enabled=1
 gpgcheck=0
 protect=1
 [localnoarch]
 name=FusionForge-related packages for noarch
 baseurl=file:///root/packages/noarch
 enabled=1
 gpgcheck=0
 protect=1

Install the packages

  • Install the external packages first:
 yum install php-pgsql-5.3.3-26.el6 php-common-5.3.3-26.el6 php-gd-5.3.3-26.el6 php-mbstring-5.3.3-26.el6 php-5.3.3-26.el6 php-mysql-5.3.3-26.el6php-xml-5.3.3-26.el6 php-ldap-5.3.3-26.el6 cronolog cvsgraph git-1.7.3.4-1 gitweb-1.7.3.4-1 mediawiki119-1.19.18-1 perl-Git-1.7.3.4-1 perl-Mail-Sendmail perl-Sort-Versions perl-Text-Autoformat perl-Text-Reform php-mbstring-5.3.3-26 php-process-5.3.3-26 viewvc nscd ImageMagick
  • Then install the FusionForge packages (be sure to replace the admin password):
 export FFORGE_DB=gforge
 export FFORGE_USER=gforge
 export FFORGE_ADMIN_USER=admin
 export FFORGE_ADMIN_PASSWORD=adminpassword
 yum install -y --skip-broken fusionforge fusionforge-plugin-scmsvn fusionforge-plugin-online_help fusionforge-plugin-authldap fusionforge-plugin-scmgit fusionforge-plugin-blocks fusionforge-plugin-mediawiki

Some configuration

  • Create a /etc/gforge/config.ini.d/zzz-local.ini file, with the following content:
 [core]
 ; use_ssl=no
 ; use_shell=yes
 default_language=French
 default_timezone=Europe/Paris
 default_country_code=FR
 forge_name="Your name here"
 use_manual_uploads=no
 [mediawiki]
 src_path=/usr/share/mediawiki119
 allow_uploads=yes
 [scmgit]
 use_ssh=yes
 use_dav=no
 [scmsvn]
 use_ssh=yes
 use_dav=no

See Configuration for details on those variables.

  • Some PHP parameters need to be adapted in /etc/php.ini, in particular to allow handling reasonably large files. Note that all three of the following parameters have an impact on the maximal size of uploaded files:
 upload_max_filesize = 50M
 memory_limit = 128M
 post_max_size = 128M
  • Generate and install SSL certificates and keys; the location of the related files is referenced in /etc/gforge/httpd.conf.d/ssl-on.inc.
  • Disable the default HTTPS virtualhost (to leave only the FusionForge one): in /etc/httpd/conf.d/ssl.conf, uncomment the ServerName line and ensure it points at a different hostname (www.example.com:443 is fine). Restart Apache afterwards (service httpd restart).
  • Some symbolic links need to be adapted for gitweb; depending on the version, the packages don't always ship the files in the same location. The following works for version 1.7.3.4-1 of the Git (and related) packages:
 cd /usr/share/gforge/src/plugins/scmgit
 rm gitweb.cgi gitweb.css gitweb.js git-logo.png git-favicon.png
 ln -s /usr/share/gitweb/gitweb.cgi .
 ln -s /usr/share/gitweb/static/* .
  • For Mediawiki, you need to configure a list of allowed file extensions for file uploads. This happens in /etc/gforge/plugins/mediawiki/LocalSettings.php:
 $wgFileExtensions = array(’png’, ’gif’, ’jpg’, ’jpeg’,
   ’jp2’, ’webp’, ’ppt’, ’pdf’, ’psd’, ’mp3’, ’xls’,
   ’xlsx’, ’swf’, ’doc’,’docx’, ’odt’, ’odc’, ’odp’,
   ’odg’, ’mpp’);
  • Optionnally, configure some initial content for the Mediawikis: on an existing Mediawiki instance, write a few pages, then export them using the Special:Export page. You'll get an XML file; save it as /etc/gforge/plugins/mediawiki/initial-content.xml.

Shell accounts

In order to ensure privilege separation on the server, the Subversion and Git repositories need to be accessed through SSH, with one Unix user corresponding to each FusionForge user. This involves tying the Unix authentication into the FusionForge database, with the libnss-pgsql module. This module must first be installed, then configured.

  • Build and install libnss-pgsql:
 yum install -y gcc postgresql-devel xmlto rpm-build
 rpmbuild --rebuild /root/packages/src/libnss-pgsql-*.src.rpm
 yum localinstall -y /root/rpmbuild/RPMS/x86_64/libnss-pgsql-*.x86_64.rpm
  • Create a /etc/nss-pgsql.conf file with the following contents:
 #----------------- DB connection
 connectionstring  =  user=gforge dbname=gforge
 #----------------- NSS queries
 getpwnam        = SELECT login AS username,passwd,gecos,('/var/lib/gforge/chroot/home/users/' || login) AS homedir,shell,uid,gid FROM nss_passwd WHERE login = $1
 getpwuid        = SELECT login AS username,passwd,gecos,('/var/lib/gforge/chroot/home/users/' || login) AS  homedir,shell,uid,gid FROM nss_passwd WHERE uid = $1
 #allusers        = SELECT login AS username,passwd,gecos,('/var/lib/gforge/chroot/home/users/' || login) AS homedir,shell,uid,gid FROM nss_passwd
 getgroupmembersbygid = SELECT login AS username FROM nss_passwd WHERE gid = $1
 getgrnam = SELECT name AS groupname,'x',gid,ARRAY(SELECT user_name FROM nss_usergroups WHERE nss_usergroups.gid =  nss_groups.gid) AS members FROM nss_groups WHERE name = $1
 getgrgid = SELECT name AS groupname,'x',gid,ARRAY(SELECT user_name FROM nss_usergroups WHERE nss_usergroups.gid = nss_groups.gid) AS members FROM nss_groups WHERE gid = $1
 #allgroups = SELECT name AS groupname,'x',gid,ARRAY(SELECT user_name FROM nss_usergroups WHERE nss_usergroups.gid  = nss_groups.gid) AS members FROM nss_groups
 groups_dyn = SELECT ug.gid FROM nss_usergroups ug, nss_passwd p WHERE ug.uid = p.uid AND p.login = $1 AND ug.gid <> $2
  • Create a /etc/nss-pgsql-root.conf file with the following contents:
 #----------------- DB connection
 shadowconnectionstring =  user= dbname=gforge
 #----------------- NSS queries
 shadowbyname    = SELECT login AS shadow_name, passwd AS shadow_passwd, 14087 AS shadow_lstchg, 0 AS shadow_min, 99999 AS shadow_max, 7 AS shadow_warn,  AS shadow_inact,  AS shadow_expire,  AS shadow_flag FROM nss_passwd  WHERE login = $1
 shadow          = SELECT login AS shadow_name, passwd AS shadow_passwd, 14087 AS shadow_lstchg, 0 AS shadow_min, 99999 AS shadow_max, 7 AS shadow_warn,  AS shadow_inact,  AS shadow_expire,  AS shadow_flag FROM nss_passwd
  • Enable usage of libnss-pgsql: in /etc/nsswitch.conf, add "pgsql" on the passwd, shadow and group lines:
 sed -i -e 's/^passwd:.*/passwd: files pgsql/' /etc/nsswitch.conf
 sed -i -e 's/^shadow:.*/shadow: files pgsql/' /etc/nsswitch.conf
 sed -i -e 's/^group:.*/group:  files pgsql/' /etc/nsswitch.conf
  • Enable nscd:
 chkconfig nscd on
  • If nscd can't use the socket that would allow it to connect to the PostgreSQL database, disable SELinux:
 sed -i -e s/SELINUX=enforcing/SELINUX=permissive/ /etc/selinux/config

(Note that you'll need to reboot after that change.)

5.0 (obsolete)

Manual install on Debian 5.0 Lenny

Here are instructions for installation on a Debian system :

  • BASIC PREPARATIONS
    • Create a hostname for your web site (ex. FORGE.YOURSITE.COM)
    • Configure Apache to answer to requests for this hostname
    • Test Apache by browsing to your URL to see the default Apache "It works." page
    • Do the following steps as root user
  • INSTALL EXIM4
apt-get update
apt-get install exim4
  • INSTALL MAILMAN
apt-get install mailman
  • Create required mailman list and start mailman
newlist mailman
/etc/init.d/mailman start
  • INSTALL POSTGRESQL(latest version)
apt-get install postgresql
  • Test using Create Language:
su postgres
createlang plpgsql template1
exit
  • Change authentication method for pgsql:
cp /etc/postgresql/8.3/main/pg_hba.conf /etc/postgresql/8.3/main/pg_hba.confbak
nano  /etc/postgresql/8.3/main/pg_hba.conf

Change:

All other connections by UNIX sockets
local  all  all        '''ident sameuser'''

All IPv4 connections from localhost
host  all  all  127.0.0.1  255.255.255.255  '''ident sameuser'''

All IPv6 localhost connections
host  all  all  ::1  ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff  '''ident sameuser'''
host  all  all    ::ffff:127.0.0.1/128  '''ident sameuser'''

To:

All other connections by UNIX sockets
local  all  all        '''password'''

All IPv4 connections from localhost
host  all  all  127.0.0.1  255.255.255.255  '''password'''

All IPv6 localhost connections
host  all  all  ::1  ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff  '''password'''
host  all  all    ::ffff:127.0.0.1/128  '''password'''
  • INSTALL PHP5

Edit /etc/apt/sources.list and add the following and save:

# PHP5 Source
deb http://packages.dotdeb.org stable all
deb-src http://packages.dotdeb.org stable all

As the root user, execute:

apt-get update
	
apt-get install libapache2-mod-php5 libapache2-mod-perl2 php5 php5-cli 
php5-common php5-curl php5-dev php5-gd php5-imap php5-ldap php5-mhash 
php5-mysql php5-odbc php5-xsl

Some packages may fail, but as they do, remove them from your list of installations until apt-get install runs successfully. There are only a couple of core modules that are required.

To check your version of PHP, issue the following command:

php -v

To test PHP, do the following:

cd /var/www (if www is not your webroot, substitute)
nano test.php (creates file called test.php)

Add the following to the file:

<?php
phpinfo();
?>

Browse to your webroot with your web browser: http://yoursite.com/test.php You should see php configuration information on the screen. If you do, then you can be certain php is running on your server and is being loaded into Apache correctly. For security purposes, make sure you DELETE the test.php file immediately.

  • INSTALL SVN
apt-get install subversion


  • INSTALL WEBMIN
deb http://download.webmin.com/download/repository sarge contrib
apt-get update
apt-get install webmin

OR

wget http://prdownloads.sourceforge.net/webadmin/webmin_1.470_all.deb
dpkg --install webmin_1.470_all.deb

If Debian complains about missing dependencies, you can install them with the command:

apt-get install perl libnet-ssleay-perl openssl libauthen-pam-perl 
libpam-runtime libio-pty-perl libmd5-perl

Download POSTGRESQL Webmin Module This will help in administering the database via a GUI if you aren't comfortable using commands.

  • INSTALL FUSIONFORGE

Visit Installing/DebianRepositories or Installing/UbuntuRepositories for additional install packages

deb http://fusionforge.fusionforge.org/debian lenny main
deb-src http://fusionforge.fusionforge.org/debian lenny main

wget -q http://fusionforge.fusionforge.org/key -O- | sudo apt-key add -
apt-get update
apt-get install gforge

Package Maintainer's Version for all prompts

  • INSTALL SCM PLUGIN
apt-get install gforge-plugin-scmsvn
  • INSTALL MEDIAWIKI PLUGIN
apt-get install gforge-plugin-mediawiki

Enable wiki for project by navigating to Project>Admin>Edit Public Info and check off the box for Mediawiki

Procedure by Narayan Raum and Chris Barnes at the University of Florida.

Back to Installing