Project

General

Profile

Install Redmine 34 on RHEL74 » History » Revision 20

Revision 19 (Christophe de Dinechin, 2018-02-02 14:39) → Revision 20/24 (Christophe de Dinechin, 2018-02-02 15:37)

h1. Install Redmine 3.4 on RHEL7.4 

 Here is a procedure that worked for me to install Redmine 3.5 on RHEL 7.4. These instructions work as for Feb 1st, 2018. 
 I also chose to install with Postgres 10 to migrate an existing instance, although I believe it works with the default Postgres 9.2. 

 h2. Dependencies 

 Install the required packages. 
 <pre> 
 % sudo yum -y install zlib-devel curl-devel openssl-devel httpd-devel apr-devel apr-util-devel mysql-devel postgresql-devel ImageMagick-devel 
 </pre> 

 h2. Choice of database 

 Install your database of choice. I've mostly tested with Postgres 10. 

 h3. Postgres 10 

 You can upgrade to Postgres 10 if you need for example to transfer an existing database. 
 <pre> 
 # More recent Postgres 10 
 % sudo yum -y install https://download.postgresql.org/pub/repos/yum/10/redhat/rhel-7-x86_64/pgdg-redhat10-10-1.noarch.rpm 
 % sudo yum install -y postgresql10-server postgresql10 postgres-devel 
 % export PATH=/usr/pgsql-10/bin/:$PATH 
 % postgresql-10-setup initdb 
 </pre> 

 Note that the @postgres-devel@ package is still required for the @bundle install@ step below, and I am not sure if that step works with Postgres 10. 

 Like for Postgres 9, you need to add @trust@ for local IPv6 connexions in @/var/lib/pgsql/10/data/pg_hba.conf@: 

 <pre> 
 # TYPE    DATABASE          USER              ADDRESS                   METHOD 

 # "local" is for Unix domain socket connections only 
 local     all               all                                       peer 
 # IPv4 local connections: 
 host      all               all               127.0.0.1/32              trust 
 # IPv6 local connections: 
 host      all               all               ::1/128                   trust 
 </pre> 

 You can then start the database server: 
 <pre> 
 % sudo systemctl start postgresql-10 
 % sudo systemctl enable postgresql-10 
 </pre> 

 Check that you can connect to the database, then create the @redmine@ user and a @redmine@ database: 
 <pre> 
 % sudo su - postgres 
 % export PATH=/usr/pgsql-10/bin/:$PATH 
 % psql 
 postgres=# alter role postgres with encrypted password 'insert-your-postgres-password-here'; 
 postgres=# create user redmine with encrypted password 'insert-your-redmine-password-here'; 
 postgres=# create database redmine with encoding 'UTF-8' owner redmine; 
 </pre> 

 If you get an error related to the encoding (I only had that on Postgres 9): 
 <pre> 
 ERROR:    new encoding (UTF8) is incompatible with the encoding of the template database (SQL_ASCII) 
 HINT:    Use the same encoding as in the template database, or use template0 as template. 
 </pre> 

 then you should explicitly use @template0@: 
 <pre> 
 postgres=# create database redmine with template=template0 encoding 'UTF-8' owner redmine; 
 </pre> 

 h3. Postgres 9.2.23 

 Postgres 9.2.23 is what you get directly when installing with @yum@ in RHEL 7.4: 
 <pre> 
 # Default Postgres 9.2.23 
 % sudo yum -y install postgresql postgresql-server postgresql-devel 
 % postgresql-setup initdb 
 % sudo systemctl start postgresql 
 % sudo systemctl enable postgresql 
 </pre> 

 I have not been able to have Redmine connect to the database without altering @/var/lib/pgsql/data/pg_hba.conf@ to have @trust@ for local IPv6 connnexions: 

 <pre> 
 # TYPE    DATABASE          USER              ADDRESS                   METHOD 

 # "local" is for Unix domain socket connections only 
 local     all               all                                       peer 
 # IPv4 local connections: 
 host      all               all               127.0.0.1/32              trust 
 # IPv6 local connections: 
 host      all               all               ::1/128                   trust 
 </pre> 

 I suspect this is wrong, but I don't know how to do it "right", and that's also how it's configured in the Redmine docker containers I looked at. 

 Create user and database like in the previous section. 

 h3. For MySQL / MariaDB 

 Installing and starting the database server 
 <pre> 
 # MariaDB (formerly MySQL) 
 % sudo yum -y install mariadb mariadb-devel 
 % sudo systemctl start mariadb 
 % sudo systemctl enable mariadb 
 </pre> 

 Then you can setup the original database: 
 <pre> 
 % mysql -u root -p 
 MariaDB [(none)]> set password for 'root'@'localhost' = password('insert-your-password-here'); 
 MariaDB [(none)]> create database redmine character set utf8; 
 MariaDB [(none)]> create user 'redmine'@'localhost' identified by 'somepass'; 
 MariaDB [(none)]> grant all privileges on redmine.* to 'redmine'@'localhost'; 
 </pre> 

 Note: The rest of this setup assumes Postgres, will need to be updated with MariaDB instructions as well. 

 h2. Upgrade Ruby 

 The default @ruby@ is 2.0.0p648. If you keep that version, @gem install passenger@ fails. 

 <pre> 
 % sudo yum install -y gcc 
 % cd /usr/local/src 
 % wget https://cache.ruby-lang.org/pub/ruby/2.5/ruby-2.5.0.tar.gz 
 % tar xvfz ruby-2.5.0.tar.gz 
 % cd ruby-2.5.0/ 
 % ./configure 
 % make 
 % sudo make install 
 </pre> 

 Verify that you have Ruby 2.5 installed after that:  
 <pre> 
 % export PATH=/usr/local/bin:$PATH 
 % ruby -v 
 ruby 2.5.0p0 (2017-12-25 revision 61468) [x86_64-linux] 
 </pre> 

 h2. Install passenger and Gem bundler: 

 With Ruby 2.5, we can install Passenger: 
 <pre> 
 % gem install passenger 
 gem install passenger 
 Fetching: rack-2.0.3.gem (100%) 
 Successfully installed rack-2.0.3 
 Fetching: passenger-5.2.0.gem (100%) 
 Building native extensions. This could take a while... 
 Successfully installed passenger-5.2.0 
 Parsing documentation for rack-2.0.3 
 Installing ri documentation for rack-2.0.3 
 Parsing documentation for passenger-5.2.0 
 Installing ri documentation for passenger-5.2.0 
 Done installing documentation for rack, passenger after 53 seconds 
 2 gems installed 
 </pre> 

 Install Gem bundler: 
 <pre> 
 % gem install bundler 
 Fetching: bundler-1.16.1.gem (100%) 
 Successfully installed bundler-1.16.1 
 Parsing documentation for bundler-1.16.1 
 Installing ri documentation for bundler-1.16.1 
 Done installing documentation for bundler after 5 seconds 
 1 gem installed 
 </pre> 

 h2. Check out Redmine 

 Add a @redmine@ user 

 <pre> 
 % sudo useradd redmine 
 </pre> 

 Install @svn@ to be able to checkout Redmine: 
 <pre> 
 % sudo yum -y install svn 
 </pre> 

 Check out the version of Redmine you want, here with version 3.4: 
 <pre> 
 % su redmine 
 % cd /var/www 
 % svn co http://svn.redmine.org/redmine/branches/3.4-stable redmine 
 </pre> 

 h2. Database configuration 

 The database configuration for Redmine is in @/var/www/redmine/config/database.yml@. There is a template in that directory which you can edit. 

 <pre> 
 % cd /var/www/redmine/config/ 
 % cp database.yml.example database.yml 
 </pre> 

 Edit @database.yml@ to contain the correct information regarding your installation. For Postgres: 

 <pre> 
 production: 
   adapter: postgresql 
   database: redmine 
   host: localhost 
   username: redmine 
   password: insert-your-password-here 
 </pre> 

 (Note that you always have the choice of running the database in some other host than @localhost@) 

 h2. Install dependencies using the Gem bundler 

 This step will look at the dependencies specified in the @Gemfile@: 

 <pre> 
 % cd /var/www/redmine 
 % bundle install 
 </pre> 

 You may have a message about YARD recommending you use the following command: 
 <pre> 
 % yard config --gem-install-yri 
 Updated ~/.gemrc: 'gem: --document=yri' 
 </pre> 

 h2. Setup the production environment  

 Update @/var/www/redmine/config/environment.rb@, adding the following statement: 
 <pre> 
 ENV['RAILS_ENV'] ||= 'production' 
 </pre> 

 Generate a secret token: 
 <pre> 
 % RAILS_ENV=production bundle exec rake generate_secret_token 
 </pre> 

 Run the database migration step: 
 <pre> 
 % RAILS_ENV=production bundle exec rake db:migrate 
 </pre> 

 h2. Start the server 

 Note that you may want to open the firewall for that port using @firewall-config@ or @firewall-cmd@, e.g. 
 <pre> 
 % sudo firewall-cmd    --zone=public --add-port=3000/tcp --permanent 
 </pre> 

 You can now attempt to run the application: 
 <pre> 
 % sudo su - redmine 
 % cd /var/www/redmine 
 % /usr/local/bin/ruby bin/rails server -b 0.0.0.0 -e production 
 => Booting WEBrick 
 => Rails 4.2.8 application starting in production on http://0.0.0.0:3000 
 => Run `rails server -h` for more startup options 
 => Ctrl-C to shutdown server 
 [2018-02-01 12:49:02] INFO    WEBrick 1.4.2 
 [2018-02-01 12:49:02] INFO    ruby 2.5.0 (2017-12-25) [x86_64-linux] 
 [2018-02-01 12:49:02] INFO    WEBrick::HTTPServer#start: pid=21470 port=3000 
 </pre> 


 h2. Optional installations 

 If you are using a revision control system, you may want something like (pick which ones apply): 
 <pre> 
 % yum -y install darcs hg cvs bzr git 
 </pre> 

 h2. Add a systemd service 

 You can optionally ensure your server starts automatically by creating a systemd service for it in @ /usr/lib/systemd/system/redmine.service@. 

 <pre> 
 [Unit] 
 Description=Redmine server 
 After=network.target remote-fs.target nss-lookup.target 

 [Service] 
 Type=simple 
 User=redmine 
 Group=redmine 
 EnvironmentFile=/etc/sysconfig/httpd 
 ExecStart=/usr/local/bin/ruby /var/www/redmine/bin/rails server -b 0.0.0.0 -e production 
 TimeoutSec=300 
 ExecStop=/bin/kill -WINCH ${MAINPID} 

 [Install] 
 WantedBy=multi-user.target 
 </pre> 

 h2. Adding https support 

 This is assuming you want to connect directly using the server name. Create a file named for example @/etc/httpd/conf.d/redmine.conf@, containing: 

 <pre> 
 <VirtualHost *:443> 
   ServerName my-server-name@my-domain.com 
   ServerAdmin my-admin-name@my-domain.com 
   ErrorLog "logs/redmine_error_log" 

   SSLEngine on 
   SSLCertificateFile /etc/pki/tls/certs/ca.crt 
   SSLCertificateKeyFile /etc/pki/tls/private/ca.key 

   DocumentRoot /var/www/redmine/public 

   <Directory /var/www/redmine/public> 
     AllowOverride all 
     Options -MultiViews 
   </Directory> 

 </VirtualHost> 
 </pre> 

 Note that you need to have created the certificates (plenty of resources on the web on how to do that) 

 Add the following in @/var/www/redmine/public/.htaccess@: 

 <pre> 
 # General Apache options 
 <IfModule cgi_module> 
     AddHandler cgi-script .cgi 
 </IfModule> 
 <IfModule mod_fastcgi.c> 
     AddHandler fastcgi-script .fcgi 
 </IfModule> 
 <IfModule mod_fcgid.c> 
     AddHandler fcgid-script .fcgi 
 </IfModule> 
 Options +FollowSymLinks +ExecCGI 

 # If you don't want Rails to look in certain directories, 
 # use the following rewrite rules so that Apache won't rewrite certain requests 
 # 
 # Example: 
 #     RewriteCond %{REQUEST_URI} ^/notrails.* 
 #     RewriteRule .* - [L] 

 # Redirect all requests not available on the filesystem to Rails 
 # By default the cgi dispatcher is used which is very slow 
 # 
 # For better performance replace the dispatcher with the fastcgi one 
 # 
 # Example: 
 #     RewriteRule ^(.*)$ dispatch.fcgi [QSA,L] 
 RewriteEngine On 

 # If your Rails application is accessed via an Alias directive, 
 # then you MUST also set the RewriteBase in this htaccess file. 
 # 
 # Example: 
 #     Alias /myrailsapp /path/to/myrailsapp/public 
 #     RewriteBase /myrailsapp 

 RewriteRule ^$ index.html [QSA] 
 RewriteRule ^([^.]+)$ $1.html [QSA] 
 RewriteCond %{REQUEST_FILENAME} !-f 
 <IfModule cgi_module> 
     RewriteRule ^(.*)$ dispatch.cgi [QSA,L] 
 </IfModule> 
 <IfModule mod_fastcgi.c> 
     RewriteRule ^(.*)$ dispatch.fcgi [QSA,L] 
 </IfModule> 
 <IfModule mod_fcgid.c> 
     RewriteRule ^(.*)$ dispatch.fcgi [QSA,L] 
 </IfModule> 

 # In case Rails experiences terminal errors 
 # Instead of displaying this message you can supply a file here which will be rendered instead 
 # 
 # Example: 
 ErrorDocument 500 /500.html 
 </pre> 

 Finally, you need a @/var/www/redmine/public/dispatch.cgi@ script: 
 <pre> 
 #!/usr/local/bin/ruby                                                                                                                                                                                           

 require File.dirname(__FILE__) + '/../config/boot' 
 require File.dirname(__FILE__) + '/../config/environment' 

 class Rack::PathInfoRewriter 
   def initialize(app) 
     @app = app 
   end 

   def call(env) 
     env.delete('SCRIPT_NAME') 
     parts = env['REQUEST_URI'].split('?') 
     env['PATH_INFO'] = parts[0] 
     env['QUERY_STRING'] = parts[1].to_s 
     @app.call(env) 
   end 
 end 

 Rack::Handler::CGI.run Rack::PathInfoRewriter.new(RedmineApp::Application) 
 </pre> 

 You also need to make sure that Apache is allowed to execute all that part: 

 <pre> 
 % cd /var/www/redmine/public 
 % sudo chown -R apache:apache . 
 % sudo chmod +x dispatch.cgi 
 </pre> 

 Finally, it's necessary to create an SELinux policy allowing that CGI script to run, otherwise you will get an internal server error: 

 <pre> 
 % sudo semanage boolean -m --on httpd_enable_cgi 
 % sudo semanage fcontext -a -t httpd_sys_script_exec_t /var/www/redmine/public 
 % sudo restorecon /var/www/redmine/public 
 % sudo setsebool -P httpd_can_network_connect 1 
 % sudo setsebool -P httpd_can_network_connect_db 1 
 % ausearch -c 'dispatch.cgi' --raw | audit2allow -M my-dispatchcgi 
 % semodule -i my-dispatchcgi.pp 
 </pre>