Redmine Server.
https://github.com/feurig/redmine-configuration/blob/main/README.md
Suspect Devices maintains a git backup server for repositories hosted by github and bitbucket. This site uses Redmine to track issues and work.
Tasks
- Backup repositories hosted elsewhere.
- Consolidate work into active/inactive projects
- Track issues (ticketing)
- Document server setup.
Server configuration
This server is running on a Ubuntu 18.04 container because redmine requires a version of Ruby that is behind the new LTS (20.04). We will revisit this next spring.
apt-get install postgresql
apt-get install apache2 libapache2-mod-passenger
apt-get install redmine-pgsql
apt-get install redmine
cp /usr/share/doc/redmine/examples/apache2-passenger-host.conf /etc/apache2/sites-available/redmine.conf
nano /etc/apache2/sites-available/redmine.conf
a2enmod passenger
a2ensite redmine.conf
a2dissite 000-default
service apache2 reload
update.sh
apt-get install git
cp /usr/share/redmine/config/configuration.yml.example /etc/redmine/default/configuration.yml
nano /etc/redmine/default/configuration.yml
... add git command here ...
scm_git_command: git
...
service redmine restart
mkdir /var/git
chown -R www-data:www-data /var/git/
vipw
su - www-data
mkdir /var/www/.ssh
chown www-data:www-data /var/www
su - www-data
ssh-genkey
vi /etc/cron.d/sync_git_repos
*/2 * * * * www-data /var/www/bin/update-repos.py
Making redmine less ugly.
Redmine makes it fairly easy to theme using css to override its defaults.
cd /usr/share/redmine/public/themes/
ls
mkdir susdev
chown www-data susdev
mkdir susdev/stylesheets/
mkdir susdev/images
ls
cd susdev/images/
wget https://serverdocs.suspectdevices.com/serverdocs/chrome/site/sd_logo_sm.png
wget https://serverdocs.suspectdevices.com/serverdocs/chrome/site/sd_logo_sm.png --no-check-certificate
nano ../stylesheets/application.css
ls
nano ../stylesheets/application.css
chown -R www-data:www-data ../../susdev
Adding SSL to the site
sudo bash
make-ssl-cert generate-default-snakeoil --force-overwrite
cd /etc/apache2/
ls
a2enmod ssl
nano sites-enabled/redmine.conf
apache2ctl configtest
apache2ctl restart
Getting a certificate from letsencrypt
the EFF provides a certificate and a program to set it up from letsencrypt
apt-get install certbot
cd /usr/share/redmine/public
mkdir -p .well-known/acme-challenge/
echo hello> .well-known/acme-challenge/test
root@emile:/usr/share/redmine/public# chown -R www-data:www-data .well-known/
certbot certonly --manual
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Create a file containing just this data:
KncX49YdVo125HQZiI1qYbSZxIPIUPMmcJUg2thHHCs.yoObxAOItnb_LvbpT7eCOZwNmD_ROuCOAkQqFAoKSTc
And make it available on your web server at this URL:
http://git.suspectdevices.com/.well-known/acme-challenge/KncX49YdVo125HQZiI1qYbSZxIPIUPMmcJUg2thHHCs
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Press Enter to Continue
echo KncX49YdVo125HQZiI1qYbSZxIPIUPMmcJUg2thHHCs.yoObxAOItnb_LvbpT7eCOZwNmD_ROuCOAkQqFAoKSTc>/usr/share/redmine/public/.well-known/acme-challenge/KncX49YdVo125HQZiI1qYbSZxIPIUPMmcJUg2thHHCs
chown www-data:www-data /usr/share/redmine/public/.well-known/acme-challenge/KncX49YdVo125HQZiI1qYbSZxIPIUPMmcJUg2thHHCs
nano /etc/apache2/sites-enabled/redmine.conf
... replace the top portion of the original virtualhost config with the following ....
<VirtualHost *:80>
Redirect permanent "/" "https://git.suspectdevices.com/"
</VirtualHost>
<VirtualHost *:443>
ServerName git.suspectdevices.com
SSLEngine on
#SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
#SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
SSLCertificateFile /etc/letsencrypt/live/git.suspectdevices.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/git.suspectdevices.com/privkey.pem
# this is the passenger config
... and save it ....
apache2ctl configtest
apache2ctl restart
Creating scripts clone and update the repositories
both bitbucket and git have apis that allow you to list the repositories for each user without needing to authenticate (and expose your credentials). There are limitations but they are worth exploring.
apt-get install python-github
apt-get install python-bitbucket
su -l www-data
python
Set up email
Debians postfix installer makes it very easy to install postfix configured as a null client. When installing select Satelite and provide your domain name and relay host.
apt-get install postfix
Things that are done in redmine.
- Set passwords and add admin users.
- Add projects and add repositories to them.
- Remove repo browsing from anonymous / non project users.
- Activate theme.
- USE IT!