Install Redmine 34 on RHEL74 » History » Revision 20
Revision 19 (Christophe de Dinechin, 2018-02-02 14:39) → Revision 20/24 (Christophe de Dinechin, 2018-02-02 15:37)
h1. Install Redmine 3.4 on RHEL7.4
Here is a procedure that worked for me to install Redmine 3.5 on RHEL 7.4. These instructions work as for Feb 1st, 2018.
I also chose to install with Postgres 10 to migrate an existing instance, although I believe it works with the default Postgres 9.2.
h2. Dependencies
Install the required packages.
<pre>
% sudo yum -y install zlib-devel curl-devel openssl-devel httpd-devel apr-devel apr-util-devel mysql-devel postgresql-devel ImageMagick-devel
</pre>
h2. Choice of database
Install your database of choice. I've mostly tested with Postgres 10.
h3. Postgres 10
You can upgrade to Postgres 10 if you need for example to transfer an existing database.
<pre>
# More recent Postgres 10
% sudo yum -y install https://download.postgresql.org/pub/repos/yum/10/redhat/rhel-7-x86_64/pgdg-redhat10-10-1.noarch.rpm
% sudo yum install -y postgresql10-server postgresql10 postgres-devel
% export PATH=/usr/pgsql-10/bin/:$PATH
% postgresql-10-setup initdb
</pre>
Note that the @postgres-devel@ package is still required for the @bundle install@ step below, and I am not sure if that step works with Postgres 10.
Like for Postgres 9, you need to add @trust@ for local IPv6 connexions in @/var/lib/pgsql/10/data/pg_hba.conf@:
<pre>
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all peer
# IPv4 local connections:
host all all 127.0.0.1/32 trust
# IPv6 local connections:
host all all ::1/128 trust
</pre>
You can then start the database server:
<pre>
% sudo systemctl start postgresql-10
% sudo systemctl enable postgresql-10
</pre>
Check that you can connect to the database, then create the @redmine@ user and a @redmine@ database:
<pre>
% sudo su - postgres
% export PATH=/usr/pgsql-10/bin/:$PATH
% psql
postgres=# alter role postgres with encrypted password 'insert-your-postgres-password-here';
postgres=# create user redmine with encrypted password 'insert-your-redmine-password-here';
postgres=# create database redmine with encoding 'UTF-8' owner redmine;
</pre>
If you get an error related to the encoding (I only had that on Postgres 9):
<pre>
ERROR: new encoding (UTF8) is incompatible with the encoding of the template database (SQL_ASCII)
HINT: Use the same encoding as in the template database, or use template0 as template.
</pre>
then you should explicitly use @template0@:
<pre>
postgres=# create database redmine with template=template0 encoding 'UTF-8' owner redmine;
</pre>
h3. Postgres 9.2.23
Postgres 9.2.23 is what you get directly when installing with @yum@ in RHEL 7.4:
<pre>
# Default Postgres 9.2.23
% sudo yum -y install postgresql postgresql-server postgresql-devel
% postgresql-setup initdb
% sudo systemctl start postgresql
% sudo systemctl enable postgresql
</pre>
I have not been able to have Redmine connect to the database without altering @/var/lib/pgsql/data/pg_hba.conf@ to have @trust@ for local IPv6 connnexions:
<pre>
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all peer
# IPv4 local connections:
host all all 127.0.0.1/32 trust
# IPv6 local connections:
host all all ::1/128 trust
</pre>
I suspect this is wrong, but I don't know how to do it "right", and that's also how it's configured in the Redmine docker containers I looked at.
Create user and database like in the previous section.
h3. For MySQL / MariaDB
Installing and starting the database server
<pre>
# MariaDB (formerly MySQL)
% sudo yum -y install mariadb mariadb-devel
% sudo systemctl start mariadb
% sudo systemctl enable mariadb
</pre>
Then you can setup the original database:
<pre>
% mysql -u root -p
MariaDB [(none)]> set password for 'root'@'localhost' = password('insert-your-password-here');
MariaDB [(none)]> create database redmine character set utf8;
MariaDB [(none)]> create user 'redmine'@'localhost' identified by 'somepass';
MariaDB [(none)]> grant all privileges on redmine.* to 'redmine'@'localhost';
</pre>
Note: The rest of this setup assumes Postgres, will need to be updated with MariaDB instructions as well.
h2. Upgrade Ruby
The default @ruby@ is 2.0.0p648. If you keep that version, @gem install passenger@ fails.
<pre>
% sudo yum install -y gcc
% cd /usr/local/src
% wget https://cache.ruby-lang.org/pub/ruby/2.5/ruby-2.5.0.tar.gz
% tar xvfz ruby-2.5.0.tar.gz
% cd ruby-2.5.0/
% ./configure
% make
% sudo make install
</pre>
Verify that you have Ruby 2.5 installed after that:
<pre>
% export PATH=/usr/local/bin:$PATH
% ruby -v
ruby 2.5.0p0 (2017-12-25 revision 61468) [x86_64-linux]
</pre>
h2. Install passenger and Gem bundler:
With Ruby 2.5, we can install Passenger:
<pre>
% gem install passenger
gem install passenger
Fetching: rack-2.0.3.gem (100%)
Successfully installed rack-2.0.3
Fetching: passenger-5.2.0.gem (100%)
Building native extensions. This could take a while...
Successfully installed passenger-5.2.0
Parsing documentation for rack-2.0.3
Installing ri documentation for rack-2.0.3
Parsing documentation for passenger-5.2.0
Installing ri documentation for passenger-5.2.0
Done installing documentation for rack, passenger after 53 seconds
2 gems installed
</pre>
Install Gem bundler:
<pre>
% gem install bundler
Fetching: bundler-1.16.1.gem (100%)
Successfully installed bundler-1.16.1
Parsing documentation for bundler-1.16.1
Installing ri documentation for bundler-1.16.1
Done installing documentation for bundler after 5 seconds
1 gem installed
</pre>
h2. Check out Redmine
Add a @redmine@ user
<pre>
% sudo useradd redmine
</pre>
Install @svn@ to be able to checkout Redmine:
<pre>
% sudo yum -y install svn
</pre>
Check out the version of Redmine you want, here with version 3.4:
<pre>
% su redmine
% cd /var/www
% svn co http://svn.redmine.org/redmine/branches/3.4-stable redmine
</pre>
h2. Database configuration
The database configuration for Redmine is in @/var/www/redmine/config/database.yml@. There is a template in that directory which you can edit.
<pre>
% cd /var/www/redmine/config/
% cp database.yml.example database.yml
</pre>
Edit @database.yml@ to contain the correct information regarding your installation. For Postgres:
<pre>
production:
adapter: postgresql
database: redmine
host: localhost
username: redmine
password: insert-your-password-here
</pre>
(Note that you always have the choice of running the database in some other host than @localhost@)
h2. Install dependencies using the Gem bundler
This step will look at the dependencies specified in the @Gemfile@:
<pre>
% cd /var/www/redmine
% bundle install
</pre>
You may have a message about YARD recommending you use the following command:
<pre>
% yard config --gem-install-yri
Updated ~/.gemrc: 'gem: --document=yri'
</pre>
h2. Setup the production environment
Update @/var/www/redmine/config/environment.rb@, adding the following statement:
<pre>
ENV['RAILS_ENV'] ||= 'production'
</pre>
Generate a secret token:
<pre>
% RAILS_ENV=production bundle exec rake generate_secret_token
</pre>
Run the database migration step:
<pre>
% RAILS_ENV=production bundle exec rake db:migrate
</pre>
h2. Start the server
Note that you may want to open the firewall for that port using @firewall-config@ or @firewall-cmd@, e.g.
<pre>
% sudo firewall-cmd --zone=public --add-port=3000/tcp --permanent
</pre>
You can now attempt to run the application:
<pre>
% sudo su - redmine
% cd /var/www/redmine
% /usr/local/bin/ruby bin/rails server -b 0.0.0.0 -e production
=> Booting WEBrick
=> Rails 4.2.8 application starting in production on http://0.0.0.0:3000
=> Run `rails server -h` for more startup options
=> Ctrl-C to shutdown server
[2018-02-01 12:49:02] INFO WEBrick 1.4.2
[2018-02-01 12:49:02] INFO ruby 2.5.0 (2017-12-25) [x86_64-linux]
[2018-02-01 12:49:02] INFO WEBrick::HTTPServer#start: pid=21470 port=3000
</pre>
h2. Optional installations
If you are using a revision control system, you may want something like (pick which ones apply):
<pre>
% yum -y install darcs hg cvs bzr git
</pre>
h2. Add a systemd service
You can optionally ensure your server starts automatically by creating a systemd service for it in @ /usr/lib/systemd/system/redmine.service@.
<pre>
[Unit]
Description=Redmine server
After=network.target remote-fs.target nss-lookup.target
[Service]
Type=simple
User=redmine
Group=redmine
EnvironmentFile=/etc/sysconfig/httpd
ExecStart=/usr/local/bin/ruby /var/www/redmine/bin/rails server -b 0.0.0.0 -e production
TimeoutSec=300
ExecStop=/bin/kill -WINCH ${MAINPID}
[Install]
WantedBy=multi-user.target
</pre>
h2. Adding https support
This is assuming you want to connect directly using the server name. Create a file named for example @/etc/httpd/conf.d/redmine.conf@, containing:
<pre>
<VirtualHost *:443>
ServerName my-server-name@my-domain.com
ServerAdmin my-admin-name@my-domain.com
ErrorLog "logs/redmine_error_log"
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/ca.crt
SSLCertificateKeyFile /etc/pki/tls/private/ca.key
DocumentRoot /var/www/redmine/public
<Directory /var/www/redmine/public>
AllowOverride all
Options -MultiViews
</Directory>
</VirtualHost>
</pre>
Note that you need to have created the certificates (plenty of resources on the web on how to do that)
Add the following in @/var/www/redmine/public/.htaccess@:
<pre>
# General Apache options
<IfModule cgi_module>
AddHandler cgi-script .cgi
</IfModule>
<IfModule mod_fastcgi.c>
AddHandler fastcgi-script .fcgi
</IfModule>
<IfModule mod_fcgid.c>
AddHandler fcgid-script .fcgi
</IfModule>
Options +FollowSymLinks +ExecCGI
# If you don't want Rails to look in certain directories,
# use the following rewrite rules so that Apache won't rewrite certain requests
#
# Example:
# RewriteCond %{REQUEST_URI} ^/notrails.*
# RewriteRule .* - [L]
# Redirect all requests not available on the filesystem to Rails
# By default the cgi dispatcher is used which is very slow
#
# For better performance replace the dispatcher with the fastcgi one
#
# Example:
# RewriteRule ^(.*)$ dispatch.fcgi [QSA,L]
RewriteEngine On
# If your Rails application is accessed via an Alias directive,
# then you MUST also set the RewriteBase in this htaccess file.
#
# Example:
# Alias /myrailsapp /path/to/myrailsapp/public
# RewriteBase /myrailsapp
RewriteRule ^$ index.html [QSA]
RewriteRule ^([^.]+)$ $1.html [QSA]
RewriteCond %{REQUEST_FILENAME} !-f
<IfModule cgi_module>
RewriteRule ^(.*)$ dispatch.cgi [QSA,L]
</IfModule>
<IfModule mod_fastcgi.c>
RewriteRule ^(.*)$ dispatch.fcgi [QSA,L]
</IfModule>
<IfModule mod_fcgid.c>
RewriteRule ^(.*)$ dispatch.fcgi [QSA,L]
</IfModule>
# In case Rails experiences terminal errors
# Instead of displaying this message you can supply a file here which will be rendered instead
#
# Example:
ErrorDocument 500 /500.html
</pre>
Finally, you need a @/var/www/redmine/public/dispatch.cgi@ script:
<pre>
#!/usr/local/bin/ruby
require File.dirname(__FILE__) + '/../config/boot'
require File.dirname(__FILE__) + '/../config/environment'
class Rack::PathInfoRewriter
def initialize(app)
@app = app
end
def call(env)
env.delete('SCRIPT_NAME')
parts = env['REQUEST_URI'].split('?')
env['PATH_INFO'] = parts[0]
env['QUERY_STRING'] = parts[1].to_s
@app.call(env)
end
end
Rack::Handler::CGI.run Rack::PathInfoRewriter.new(RedmineApp::Application)
</pre>
You also need to make sure that Apache is allowed to execute all that part:
<pre>
% cd /var/www/redmine/public
% sudo chown -R apache:apache .
% sudo chmod +x dispatch.cgi
</pre>
Finally, it's necessary to create an SELinux policy allowing that CGI script to run, otherwise you will get an internal server error:
<pre>
% sudo semanage boolean -m --on httpd_enable_cgi
% sudo semanage fcontext -a -t httpd_sys_script_exec_t /var/www/redmine/public
% sudo restorecon /var/www/redmine/public
% sudo setsebool -P httpd_can_network_connect 1
% sudo setsebool -P httpd_can_network_connect_db 1
% ausearch -c 'dispatch.cgi' --raw | audit2allow -M my-dispatchcgi
% semodule -i my-dispatchcgi.pp
</pre>