Project

General

Profile

HowTo configure Redmine for advanced git integration » History » Version 6

Felix Schäfer, 2010-07-19 10:12

1 1 Felix Schäfer
h1. HowTo configure Redmine for advanced git integration
2
3 3 Felix Schäfer
{{>TOC}}
4
5 1 Felix Schäfer
h2. Scope
6
7
This HowTo explains how to serve git repositories on apache through the http-based "git-smart-http protocol":http://progit.org/2010/03/04/smart-http.html introduced in git 1.6.6. The git-smart-http offers various advantages over ssh or git-based access: you can use redmine access control as-is, no need for extra ssh keys or whatnot, you can secure it through SSL as needed, and there's generally less problems with firewalls and https/https ports than exist with ssh and git ports. git-smart-http also doesn't have some of the drawbacks of its "dumb" predecessor, as it doesn't require any complex DAV setup.
8
9 4 Felix Schäfer
This HowTo is mainly written from memory and was conducted on a setup which was already serving [[Repositories_access_control_with_apache_mod_dav_svn_and_mod_perl|svn repositories integrated with redmine]], so it might be possible that I forgot some things or take them for granted. This is a wiki page, feel free to correct or amend anything you find lacking :-) You can also "drop me a line":/users/3866".
10 1 Felix Schäfer
11
h2. Prerequisites
12
13
* Apache with mod_perl (access control)
14
* git (version at least 1.6.6)
15
* A way to serve git-smart-http
16
** mod_cgi (or mod_cgid) if you want to use the stock "git-http-backend":http://www.kernel.org/pub/software/scm/git/docs/git-http-backend.html
17
** a rack server if you want to use "grack":http://github.com/schacon/grack (basically a rack wrapper around the right git commands)
18
19 6 Felix Schäfer
You should already have a rack server to run redmine, and that's why I chose grack as the backend and which I will describe in this tutorial. Using the stock git-http-backend should be quite straightforward though (skip the [[HowTo_configure_Redmine_for_advanced_git_integration#Install-grack|grack installation]] part and get your install with the git-http-backend going (the "git-http-backend manpage":http://www.kernel.org/pub/software/scm/git/docs/git-http-backend.html has some examples), when that's done go on with the [[HowTo_configure_Redmine_for_advanced_git_integration#Access-control|access control]] part).
20 2 Felix Schäfer
21
h2. Install grack
22 1 Felix Schäfer
23 3 Felix Schäfer
h3. Get the sources
24 2 Felix Schäfer
25
Fetch grack from its "github repository":http://github.com/schacon/grack, I checked out mine to @/var/www/git.myhost.com@:
26
27 5 Holger Just
<pre><code class="bash">git clone http://github.com/schacon/grack.git /var/www/git.myhost.com</code></pre>
28 1 Felix Schäfer
29 3 Felix Schäfer
h3. Configuration
30
31 2 Felix Schäfer
Edit the @config.ru@ file and adapt it to your local configuration. @project_root@ must contain the path to the directory containing your git repositories, @git_path@ must obviously contain the path to the git, mine looks like this (on gentoo):
32
33
<pre><code class="ruby">$LOAD_PATH.unshift File.expand_path(File.dirname(__FILE__) + '/lib')
34
35
use Rack::ShowExceptions
36
37
require 'lib/git_http'
38
39
config = {
40
  :project_root => "/var/git/git.myhost.com",
41
  :git_path => '/usr/libexec/git-core/git',
42
  :upload_pack => true,
43
  :receive_pack => true,
44
}
45
46
run GitHttp::App.new(config)</code></pre>
47 1 Felix Schäfer
48 3 Felix Schäfer
h3. Integrate with Apache
49
50
You could obviously use any rack server you like at this point, but the access control mechanism @Redmine.pm@ is written for apache with mod_perl, so you will at least need to reverse proxy your rack server through apache. My rack server of choice is "passenger":http://modrails.com/ (solid performance, apache module, mostly simple configuration) and it is already configured on my system. As passenger installation and configuration is not within the scope of this HowTo, please refer to the "passenger documentation":http://modrails.com/documentation.html or to the passenger installation guide from your distribution.
51
52 2 Felix Schäfer
There's a little more work to do here to get passenger to work with this, you will need to create the directories @public@ and @tmp@ in the grack directory. Please also be aware that in the standard configuration, passenger will run the grack application with the same user and group owning the @config.ru@ file. This user must have read- and write-access as needed to the git repositories!
53
54
The last step is to configure an apache vhost to serve the application:
55
56
<pre><code class="apache"><VirtualHost yo.ur.i.p:80>
57
    ServerName git.myhost.com
58
59
    ServerAdmin root@myhost.com
60
    DocumentRoot "/var/www/git.myhost.com/public"
61
62
    <Directory "/var/www/git.myhost.com/public">
63
        Options None
64
        AllowOverride None
65
        Order allow,deny
66
        Allow from all
67
    </Directory>
68
</VirtualHost></code></pre>
69
70 1 Felix Schäfer
At this point, if you have a repository in @/var/git/git.myhost.com/myrepo@, you should be able to access it through @http://git.myhost.com/myrepo@, for example @git ls-remote http://git.myhost.com/myrepo@ should show you some information about the repository.
71 3 Felix Schäfer
72
h2. Access control
73
74
You now have a working git server, albeit with no access control. Currently, the shipped perl module for access control @Redmine.pm@ (in @extra/svn/@ in your redmine directory) does not support access control for the git-smart-http protocol, the patch in #4905 aims to implement that.
75
76
h3. Applying the patch
77
78
Download the latest (or better: correct) version of the patch from #4905 to your redmine directory. In the redmine directory, apply the patch: @patch -p1 < the-patch-file.patch@ should work (if it tells you stuff about being unable to apply a hunk, the patch is incompatible with your @Redmine.pm@ version, if it says other stuff, try @patch -p0 < the-patch-file.patch@, if it still borks, ask for advice on #4905).
79
80
You will possibly still need to edit the file from here, because the current version of the patch only works for repositories served from @http://git.myhost.com/git/myrepo@ though the above example uses @http://git.myhost.com/myrepo@. Search around line 280 for the following line:
81
82
<pre><code class="perl">my $is_read_only = $uri !~ /^\/git\/.*\/[^\/]*git\-receive\-pack$/o;</code></pre>
83
84
Change the first part of the Regex @\/git@ to whatever sub-URI your repositories reside under (make sure to escape your @/@s!), in my case they are under @/@ so I deleted that part entirely:
85
86
<pre><code class="perl">my $is_read_only = $uri !~ /^\/.*\/[^\/]*git\-receive\-pack$/o;</code></pre>
87
88
h3. Configuring Apache
89
90
You now have to make Apache aware of your new authentication module (if you already had done this step for subversion integration, you can go to the @Location@ directives directly). Copy or link @Redmine.pm@ (from your @extra/svn/@ directory) to @/usr/lib/perl5/Apache/Redmine.pm@ or wherever your distribution puts its apache perl modules (e.g. gentoo puts them in @/usr/lib64/perl5/vendor_perl/5.8.8/Apache/@).
91
92
Having done that, reload apache to make sure everything in the patching phase went well (if not, remove the link or the file create in the step just before and restart apache to get apache back up, try to find the error in your Redmine.pm file). Now edit your vhost configuration to look somewhat like (same as above but with more stuff):
93
94
<pre><code class="apache"><VirtualHost yo.ur.i.p:80>
95
    ServerName git.myhost.com
96
97
    ServerAdmin root@myhost.com
98
    DocumentRoot "/var/www/git.myhost.com/public"
99
100
    PerlLoadModule Apache::Redmine
101
102
    <Directory "/var/www/git.myhost.com/public">
103
        Options None
104
        AllowOverride None
105
        Order allow,deny
106
        Allow from all
107
    </Directory>
108
109
    <Location "/">
110
        AuthType Basic
111
        AuthName "Redmine git repositories"
112
        Require valid-user
113
114
        PerlAccessHandler Apache::Authn::Redmine::access_handler
115
        PerlAuthenHandler Apache::Authn::Redmine::authen_handler
116
117
        ## for mysql
118
        RedmineDSN "DBI:mysql:database=databasename;host=my.db.server"
119
        ## for postgres
120
        # RedmineDSN "DBI:Pg:dbname=databasename;host=my.db.server"
121
        ## for SQLite3
122
        # RedmineDSN "DBI:SQLite:dbname=database.db"
123
124
        RedmineDbUser "redmine"
125
        RedmineDbPass "password"
126
        RedmineGitSmartHttp yes
127
    </Location>
128
</VirtualHost></code></pre>
129
130
Reload your apache, and everything should be good and well :-)
131
132
h2. Known issues
133
134
Currently none…