I spent 2 days setting up my trac server the way I wanted it. Here's what I did.
These instructions will help you get going faster than I did. There are a few things that need to be tweaked to get it working, and a couple of modules that will make administration easier.
My setup has the following requirements:
No anonymous/public access, SSL traffic, accountmanager plugin to add and configure users through the trac webadmin interface.
Change the hostname through webmin to the fully qualified name that you want to use.
Confirm that both /var/spool/postfix/etc/hosts and /etc/hosts use the hostname.
/var/spool/postfix/etc/hosts didn't seem to get updated properly and was using "trac" as hostname.
POSTFIX CHANGES
General Options:
Set postfix to use hostname
Set the field "Internet Hostname of this mail system:" to -> Default (provided by this system)
By default, the appliance is configured for "localhost" which is not actually the default which causes mail from the server to be rejected with a SMTP 550 invalid HELO rejection
sub-plugins: (assuming the use htpasswd file for user store)
AccountManagerAdminPage
AccountManager
HTPasswdStore
AccountChangeListener
AccountChangeNotificationAdminPanel
AccountModule
LoginModule
Configure Accounts:
Used htpasswd as password store
Set /etc/trac/htpasswd as store file.
Configure Notifications in Trac:
In Trac webadmin interface -> Admin/trac.ini notification tab (or do through the actual trac.ini file)
Set always notify owner: True
Set smtp_from_name (username@host.domain.tld - that you set in previous setep in webmin)
Set smtp_from (username@host.domain.tld - that you set in previous step in webmin)
Configure Apache2 to redirect all traffic from HTTP to SSL (HTTPS)
$ nano /etc/trac/apache.conf
edit the virtual host for port 80 like so that it looks something like:
<VirtualHost *:80>
ServerName hostname.domain.tld
Redirect / https://hostname.domain.tld
# UseCanonicalName Off
# ServerAdmin webmaster@localhost
</VirtualHost>
the hostname.domain.tld is what you set the hostname in previous sections above. All browser requests to HTTP on port 80 will now automatically be redirected to HTTPS on 443.
You must restart both postfix and apache after making most of the changes above, so if something doesn't work, try restarting the services. You should do this at the very end anyway.
$ service apache2 restart
$ service postfix restart
One final note is that you'll want to set the user permissions in trac to what ever you prefer. I removed all permissions from anonymous and added all permissions to authenticated users with a few exceptions.
Edit /etc/apt/sources.list.d/sources.list and replace cdn with http:
deb http://archive.turnkeylinux.org/debian wheezy main
deb http://http.debian.net/debian wheezy main
#deb http://cdn.debian.net/debian wheezy main
deb http://http.debian.net/debian wheezy contrib
#deb http://cdn.debian.net/debian wheezy contrib
# deb http://cdn.debian.net/debian wheezy non-free
Comments
Trac customizations to get started
I spent 2 days setting up my trac server the way I wanted it. Here's what I did.
These instructions will help you get going faster than I did. There are a few things that need to be tweaked to get it working, and a couple of modules that will make administration easier.
My setup has the following requirements:
No anonymous/public access, SSL traffic, accountmanager plugin to add and configure users through the trac webadmin interface.
Change the hostname through webmin to the fully qualified name that you want to use.
Confirm that both /var/spool/postfix/etc/hosts and /etc/hosts use the hostname.
/var/spool/postfix/etc/hosts didn't seem to get updated properly and was using "trac" as hostname.
POSTFIX CHANGES
General Options:
Set postfix to use hostname
Set the field "Internet Hostname of this mail system:" to -> Default (provided by this system)
By default, the appliance is configured for "localhost" which is not actually the default which causes mail from the server to be rejected with a SMTP 550 invalid HELO rejection
TRAC PLUGINS:
Installed AccountManagerPlugin
sub-plugins: (assuming the use htpasswd file for user store)
AccountManagerAdminPage
AccountManager
HTPasswdStore
AccountChangeListener
AccountChangeNotificationAdminPanel
AccountModule
LoginModule
Configure Accounts:
Used htpasswd as password store
Set /etc/trac/htpasswd as store file.
In Trac webadmin interface -> Admin/Accounts/Configuration
set HTPASSWDSTORE = true (1)
filename: /etc/trac/htpasswd
DISABLE TRAC's login so you can use the form based login.
and make sure the following line is in the components section
[components]
trac.web.auth.loginmodule = disabled
Comment out Trac's HTTPD CONF so that Apache does not do the authentication and popup an http dialog.
comment out the "Require valid-user" like the example below.
<LocationMatch "/[^/]+/login">
AuthType Basic
AuthName "Trac"
AuthUserFile /etc/trac/htpasswd
# Require valid-user
</LocationMatch>
Installed NoAnonymousAccess Trac Plugin
Installed IniAdminPlugin Trac Plugin
Configure Notifications in Trac:
In Trac webadmin interface -> Admin/trac.ini notification tab (or do through the actual trac.ini file)
Set always notify owner: True
Set smtp_from_name (username@host.domain.tld - that you set in previous setep in webmin)
Set smtp_from (username@host.domain.tld - that you set in previous step in webmin)
Configure Apache2 to redirect all traffic from HTTP to SSL (HTTPS)
edit the virtual host for port 80 like so that it looks something like:
<VirtualHost *:80>
ServerName hostname.domain.tld
Redirect / https://hostname.domain.tld
# UseCanonicalName Off
# ServerAdmin webmaster@localhost
</VirtualHost>
the hostname.domain.tld is what you set the hostname in previous sections above. All browser requests to HTTP on port 80 will now automatically be redirected to HTTPS on 443.
You must restart both postfix and apache after making most of the changes above, so if something doesn't work, try restarting the services. You should do this at the very end anyway.
One final note is that you'll want to set the user permissions in trac to what ever you prefer. I removed all permissions from anonymous and added all permissions to authenticated users with a few exceptions.
The code above is the easy way to remove permissions for anonymous.
There is no easy way to add all the permissions to authenticated users however....a little bit of a time consumer.
Hope that helps!
how to upgrade Trac Version
how to upgrade Trac?
Removing default projects
These commands will remove the hello world or any other projects from the installation
rm -rf /var/local/lib/trac/* rm -rf /etc/trac/*.ini find /srv/repos/ -maxdepth 2 -mindepth 2 -type d -exec rm -rf {} \;Heads-up: update sources broken
Can't install packages? Updates not working?
Edit /etc/apt/sources.list.d/sources.list and replace cdn with http:
Docker image has Apache SSL configuration issue!
The Docker image turnkeylinux/trac-14.0 has an issue with the Apache SSL configuration.
See this URL: https://www.turnkeylinux.org/forum/support/20151112/tkl-trac-14-applianc...
Cheers,
Matt