Redmine

h1. HowTo Install Redmine 4.0.0 on Fedora 29

{{toc}}

h2.  System Requirements

It is assumed that the Server Edition is installed on the system in this guide.

h3. Updating the System

It is recommended to install Redmine on an update system. To ensure that all installed packages are up-to-date issue the following command:

<pre>> dnf update

</pre>

h3. Installing Dependencies

A number of dependencies need to be installed:

<pre>> dnf install rubygem-bundler

> dnf install rubygem-rails

> dnf install ruby-devel rubygem-rmagick

> dnf install gcc redhat-rpm-config

> dnf groupinstall "C Development Tools and Libraries"

> dnf groupinstall "Development Tools"

</pre>

Database adapter for PostgreSQL:

<pre>> dnf install rubygem-pg

</pre>

Database adapter for MySQL:

<pre>> dnf install rubygem-mysql2

</pre>

Database adapter for MS SQL:

The Fedora distribution has no ruby software package for @tiny_tds@. The following dependency is needed for the build:

<pre>> dnf install freetds-devel

> # Now the build should work

> bundle install --without development test

</pre>

The list of dependencies may not complete. Problems of the installation or build of a compoment can be solved by installing the necessary dependency.

h2. Step 1 - Obtaining Redmine

Get the Redmine source code by downloading the packaged release.

<pre>> dnf install wget

> mkdir /var/www

> cd /var/www

> wget http://www.redmine.org/releases/redmine-4.0.0.tar.gz

> tar xf redmine-4.0.0.tar.gz

</pre>

At this guide is accepted that the location of the Redmine source code is:

<pre>/var/www/redmine-4.0.0

</pre>

For example the nginx configuration refer to the path @/var/www/redmine-4.0.0@.

h2. Setp 2 - Setup a local database

This section discribes the setup of a database server that will be configured to allow access from the localhost.

h3. PostgreSQL

The followings commands are for installing the packages, initializing the database, enable and start the postgresql server, switch the user to interact with @postgres@, create an empty database and accompanying user.

<pre>> dnf install postgresql-server postgresql-contrib

> postgresql-setup --initdb --unit postgresql

 * Initializing database in '/var/lib/pgsql/data'

 * Initialized, logs are in /var/lib/pgsql/initdb_postgresql.log

>

> systemctl enable postgresql

> systemctl start postgresql

> su - postgres

> psql

psql (10.6)

Type "help" for help.

postgres=# CREATE ROLE redmine LOGIN ENCRYPTED PASSWORD 'my_secret' NOINHERIT VALID UNTIL 'infinity';

CREATE ROLE

postgres=# CREATE DATABASE redmine WITH ENCODING='UTF8' OWNER=redmine;

CREATE DATABASE

postgres=# \q

> exit

</pre>

Edit the file @/var/lib/pgsql/data/pg_hba.conf@ to specify that the client has to supply password processed with MD5 algorithm:

<pre>#host    all             all             127.0.0.1/32            ident

host    all             all             127.0.0.1/32            md5

# IPv6 local connections:

#host    all             all             ::1/128                 ident

host    all             all             ::1/128                 md5

</pre>

You can check the access with the following command:

<pre>> su - postgres

> psql -h localhost -U redmine redmine

</pre>

The appropriate Redmine database configuration file for local access is:

<pre>> cat /var/www/redmine-4.0.0/config/database.yml

# PostgreSQL configuration

production:

  adapter: postgresql

  database: redmine

  host: localhost

  username: redmine

  password: "my_secret"

  encoding: utf8

  schema_search_path: public

</pre>

If you want to use IPv4 you have to specify @localhost4@ as hostname.

h3. MySQL

Install the MySQL repositry

<pre>> dnf -y install https://dev.mysql.com/get/mysql80-community-release-fc29-1.noarch.rpm

</pre>

If you prefer to stick to MySQL 5.7

<pre>> dnf config-manager --set-enabled mysql57-community

> dnf config-manager --set-disabled mysql80-community

</pre>

Install the MySQL server package, start the MySQL server and autostart the daemon on boot

<pre>> dnf -y install mysql-community-server

> systemctl start mysqld.service

> systemctl enable mysqld.service

</pre>

Get your generated random root password you will need it at the next step.

<pre>> grep 'A temporary password is generated for root@localhost' /var/log/mysqld.log |tail -1

</pre>

Start the secure installation assistant to

* change root password

* remove anonymous users

* disallow root login remotely

* remove test database and access to it

* reload privilege tables

<pre>> mysql_secure_installation

</pre>

Creation of user and database for Redmine

<pre>> mysql -h localhost -u root -p

Enter password:

...

mysql> CREATE DATABASE redmine CHARACTER SET utf8mb4;

mysql> CREATE USER 'redmine'@'localhost' IDENTIFIED BY 'my_secret';

mysql> GRANT ALL PRIVILEGES ON redmine.* TO 'redmine'@'localhost';

mysql> \q

</pre>

The appropriate Redmine database configuration file for local accessing the MySQL database is:

<pre>> cat /var/www/redmine-4.0.0/config/database.yml

# MySQL configuration

production:

  adapter: mysql2

  database: redmine

  host: localhost

  username: redmine

  password: "my_secret"

</pre>

h2. Step 3 to Step 9

For Step 3 to Step 9 follow the [[RedmineInstall#Step-3-Database-connection-configuration|generic installation instructions]]. Following is the overview of the commands:

<pre>> bundle install --without development test

> bundle exec rake generate_secret_token

> RAILS_ENV=production bundle exec rake db:migrate

> RAILS_ENV=production bundle exec rake redmine:load_default_data

> mkdir -p tmp tmp/pdf public/plugin_assets

> chown -R redmine:redmine files log tmp public/plugin_assets

> chmod -R 755 files log tmp public/plugin_assets

> find files log tmp public/plugin_assets -type f -exec chmod -x {} +

> bundle exec rails server webrick -e production

</pre>

* Tip:

> Over one ssh-tunnel you can easily connect to Port 3000 of the WEBrick web server.

> 

> <pre>> ssh root@<redmine-host.domain> -L 3000:localhost:3000</pre>

> 

> Open the local webbrower to show the URL 'http://localhost:3000':

> 

> <pre>> firefox localhost:3000</pre>

h2. Firewall

Open the firewall for https:

<pre>> firewall-cmd --add-service=https

> firewall-cmd --permanent --add-service=https

</pre>

h2. Web Server

h3. Nginx/Passenger

The Fedora @nginx@ package do not include Passenger, so you have to build @nginx@ with the passenger module. The guide assume that the sources are extracted under the directory @/opt@ . The @nginx@ software will be installed at @/opt/ngnix@. At the time of writting that guide this was the current stable releases of @passenger@ and @nginx@:

* passenger-6.0.0

* nginx-1.14.2

h4. Downloading the sources:

<pre>Passenger

> cd /opt

> wget https://s3.amazonaws.com/phusion-passenger/releases/passenger-6.0.0.tar.gz

> tar xf passenger-6.0.0.tar.gz

Nginx

> wget http://nginx.org/download/nginx-1.14.2.tar.gz

> mkdir /opt/src

> cd /opt/src

> tar xf nginx-1.14.2.tar.gz

</pre>

h4. Installing additional packages

For the build of @passenger@ and @nginx@ the following additional packages are needed to be installed:

<pre>> dnf install install gcc-c++ libcurl-devel openssl-devel zlib-devel

</pre>

h4. Execute the ruby script for building and installing

The simplest way to build and install the @nginx@ web server with the @passenger@ module is to run the script @passenger-install-nginx-module@.

<pre>> /opt/passenger-6.0.0/bin

> ./passenger-install-nginx-module --prefix=/opt/nginx --nginx-source-dir=/opt/src/nginx-1.14.2 --languages ruby

</pre>

With the same @passenger@ locality the installer modify the @nginx@ configuration file @/opt/nginx/conf/nginx.conf@ and output the same text:

<pre>  http {

      ...

      passenger_root /opt/passenger-6.0.0;

      passenger_ruby /usr/bin/ruby;

      ...

  }

</pre>

h4. Add a systemd service file

To start the @nginx@ process during the boot add the file @/usr/lib/systemd/system/nginx.service@ with the following content:

<pre>[Unit]

Description=The nginx HTTP and reverse proxy server

After=network.target remote-fs.target nss-lookup.target

[Service]

Type=forking

#PIDFile=/run/nginx.pid

PIDFile=/opt/nginx/logs/nginx.pid

# Nginx will fail to start if /run/nginx.pid already exists but has the wrong

# SELinux context. This might happen when running `nginx -t` from the cmdline.

# https://bugzilla.redhat.com/show_bug.cgi?id=1268621

ExecStartPre=/usr/bin/rm -f /opt/nginx/logs/nginx.pid

#ExecStartPre=/usr/sbin/nginx -t

#ExecStart=/usr/sbin/nginx

ExecStartPre=/opt/nginx/sbin/nginx -t

ExecStart=/opt/nginx/sbin/nginx -c /opt/nginx/conf/nginx.conf

ExecReload=/bin/kill -s HUP $MAINPID

KillSignal=SIGQUIT

TimeoutStopSec=5

KillMode=mixed

PrivateTmp=true

[Install]

WantedBy=multi-user.target

</pre>

The paths are modified to start the executable @/opt/nginx/sbin/nginx@.

<pre>> systemctl start nginx

> systemctl enable nginx

</pre>

h4. Nginx Configuration

For http add the two lines and comment out the four lines:

<pre>    server {

        listen       80;

...

        root         /var/www/redmine-4.0.0/public;

        passenger_enabled on;

        #location / {

        #    root   html;

        #    index  index.html index.htm;

        #}

...

       }

</pre>

For https add you can use lines like this:

<pre>    # HTTPS server

    #

    server {

        listen       443 ssl;

        server_name  my_web_serv.domain;

        ssl_certificate      /etc/ssl/certs/my_web_serv.pem;

        ssl_certificate_key  /etc/ssl/private/privkey.pem;

        root         /var/www/redmine-4.0.0/public;

        passenger_enabled on;

    }

</pre>

h3. Apache

<pre>> gem install passenger

> dnf install apr-util-devel openssl-devel httpd-devel libcurl-devel

> /usr/local/bin/passenger-install-apache2-module</pre>