Archive

Posts Tagged ‘Apache’

How-To Set Up SVN and Trac

February 2, 2010 16 comments

What are SVN and Trac?

SVN: is a free/open-source Version Control System. Subversion (SVN) manages files and directories over time. Files are placed into a central repository and every change every made to the files or directories are remembered.

Trac: is an enhanced wiki and issue tracking system for software development projects. It provides a Graphical front end to SVN where diffs in files can be obtained. It cannot update the SVN repository. It simply provides a Project Management interface, wiki, ticketing system, and SVN front end.

Installation

sudo apt-get install apache2
sudo apt-get install subversion
sudo apt-get install libapache2-svn
sudo apt-get install trac
sudo apt-get install libapache2-mod-fastcgi libapache2-mod-fcgid

Setting Up SVN and Trac

To make things simple and flexible in case you want to make some changes in the future, configurations will be set in individual files, i.e. as virtual sites, then they will be enabled/disabled when needed.

1-Creating SVN Repository:

cd /var
sudo mkdir MyProjects
cd MyProjects
sudo mkdir svn
cd svn
sudo svnadmin create SVN_Project_01
sudo chown -R www-data.www-data /var/MyProjects

2-Setting Up Trac

cd /var/MyProjects/
sudo mkdir trac
cd trac
sudo trac-admin Trac_Project_01 initenv
-->Project Name [My Project]>
-->Database connection string [sqlite:db/trac.db] (choose defaults)
-->Repository type [svn]>
-->Path to repository [/path/to/repos]> /var/MyProjects/svn/SVN_Project_01
sudo chown -R www-data.www-data /var/MyProjects
sudo trac-admin /var/MyProjects/trac/Trac_Project_01 permission add username MILESTONE_ADMIN REPORT_ADMIN ROADMAP_ADMIN TICKET_ADMIN TRAC_ADMIN

Setting Up Apache:

At this stage, we need to secure the web access to the repository so only authorized persons who can modify it, enable the SSL mode so connection is encrypted, and modify apache configurations accordingly:

Securing Web Access

  1. Enable the Authenticated Access by adding a username and password:
    sudo htpasswd -cb /etc/apache2/passwords username password
    
  2. Enabling the SSL Module:
    Refer to this blog: How-To Enable SSL on Apache2 Server

Trac Configurations

Note: You will need to download the Trac package and link to the cgi-bin/trac.cgi and cgi-bin/trac.fcgi in the configuration.
In my case, this the path to these files after extracting:

ls /usr/local/Trac-0.11.6/cgi-bin

Create the following files or you may create one of them:

Track through CGI
cd /etc/apache2/sites-available/
cat > svn.cgi
##SVN

<Location /MyProjects/svn/SVN_Project_01>
	DAV svn
	SVNPath /var/MyProjects/svn/SVN_Project_01

	AuthType Basic
	AuthName "Subversion Repository - SVN_Project_01"
	AuthUserFile /etc/apache2/.htpasswd

#	<LimitExcept GET PROPFIND OPTIONS REPORT>
		Require valid-user
		SSLRequireSSL
#	</LimitExcept>
</Location>


##Trac

ScriptAlias /MyProjects/trac /usr/local/Trac-0.11.6/cgi-bin/trac.cgi
<Location /MyProjects/trac>
	SetEnv TRAC_ENV_PARENT_DIR /var/MyProjects/trac
</Location>

<Location "/MyProjects/trac">
        SSLRequireSSL
        AuthType Basic
        AuthName "Trac Login for Projectname Website"
        AuthUserFile /etc/apache2/.htpasswd
        Require valid-user
</Location>


<Location "/MyProjects/trac/Trac_Project_01/login">
	SSLRequireSSL
	AuthType Basic
	AuthName "Trac Login for Projectname Website"
	AuthUserFile /etc/apache2/.htpasswd
	Require valid-user
</Location>
Track through FCGI
cd /etc/apache2/sites-available/
cat > svn.fcgi
##SVN

<Location /MyProjects/svn/SVN_Project_01>
	DAV svn
	SVNPath /var/MyProjects/svn/SVN_Project_01

	AuthType Basic
	AuthName "Subversion Repository - SVN_Project_01"
	AuthUserFile /etc/apache2/.htpasswd

#	<LimitExcept GET PROPFIND OPTIONS REPORT>
		Require valid-user
		SSLRequireSSL
#	</LimitExcept>
</Location>



##Trac

ScriptAlias /MyProjects/trac /usr/local/Trac-0.11.6/cgi-bin/trac.fcgi
##fastcgi
#FastCgiConfig -initial-env TRAC_ENV=/var/MyProjects/trac/Trac_Project_01
#FastCgiConfig -initial-env TRAC_ENV_PARENT_DIR=/var/MyProjects/trac

##fcgi
DefaultInitEnv TRAC_ENV_PARENT_DIR /var/MyProjects/trac

#<Location "/MyProjects/trac">
	##fastcgi
	#SetEnv TRAC_ENV_PARENT_DIR "/var/MyProjects/trac"
	#SetEnv TRAC_ENV "/var/MyProjects/trac/Trac_Project_01"
	#AddHandler fastcgi-script .fcgi

	#AuthType Basic
        #AuthName "Trac Repository - Trac_Project_01"
        #AuthUserFile /etc/apache2/.htpasswd
	#Require valid-user
	#SSLRequireSSL
#</Location>

<Location "/MyProjects/trac/Trac_Project_01/login">
	SSLRequireSSL
	AuthType Basic
	AuthName "Trac Login for Projectname Website"
	AuthUserFile /etc/apache2/.htpasswd
	Require valid-user
</Location>

Track through FastCGI
cd /etc/apache2/sites-available/
cat > svn.fastcgi
##SVN

<Location /MyProjects/svn/SVN_Project_01>
	DAV svn
	SVNPath /var/MyProjects/svn/SVN_Project_01

	AuthType Basic
	AuthName "Subversion Repository - SVN_Project_01"
	AuthUserFile /etc/apache2/.htpasswd

#	<LimitExcept GET PROPFIND OPTIONS REPORT>
		Require valid-user
		SSLRequireSSL
#	</LimitExcept>
</Location>



##Trac

ScriptAlias /MyProjects/trac /usr/local/Trac-0.11.6/cgi-bin/trac.fcgi
#FastCgiConfig -initial-env TRAC_ENV=/var/MyProjects/trac/Trac_Project_01
FastCgiConfig -initial-env TRAC_ENV_PARENT_DIR=/var/MyProjects/trac

#DefaultInitEnv TRAC_ENV /var/MyProjects/trac/Trac_Project_01

<Location "/MyProjects/trac">
	#SetEnv TRAC_ENV_PARENT_DIR "/var/MyProjects/trac"
	#SetEnv TRAC_ENV "/var/MyProjects/trac/Trac_Project_01"
	AddHandler fastcgi-script .fcgi

	#AuthType Basic
        #AuthName "Subversion Repository - SVN_Project_01"
        #AuthUserFile /etc/apache2/.htpasswd
	#Require valid-user
	#SSLRequireSSL
</Location>

<Location "/MyProjects/trac/Trac_Project_01/login">
	SSLRequireSSL
	AuthType Basic
	AuthName "Trac Login for Projectname Website"
	AuthUserFile /etc/apache2/.htpasswd
	Require valid-user
</Location>
Track through Python
cd /etc/apache2/sites-available/
cat > svn.python
##SVN

<Location /MyProjects/svn/SVN_Project_01>
	DAV svn
	SVNPath /var/MyProjects/svn/SVN_Project_01
	
	AuthType Basic
	AuthName "Subversion Repository - SVN_Project_01"
	AuthUserFile /etc/apache2/.htpasswd
	
#	<LimitExcept GET PROPFIND OPTIONS REPORT>
		Require valid-user
		SSLRequireSSL
#	</LimitExcept>
</Location>


##Trac

<Location /MyProjects/trac>
	SetHandler mod_python
	PythonInterpreter main_interpreter
	PythonHandler trac.web.modpython_frontend
	PythonOption TracEnvParentDir /var/MyProjects/trac
	PythonOption TracUriRoot /MyProjects/trac
	
	#SSLRequireSSL
	#AuthType Basic
	#AuthName "Trac Login for Projectname Website"
	#AuthUserFile /etc/apache2/.htpasswd
	#Require valid-user
</Location>

<Location "/MyProjects/trac/Trac_Project_01/login">
	SSLRequireSSL
	AuthType Basic
	AuthName "Trac Login for Projectname Website"
	AuthUserFile /etc/apache2/.htpasswd
	Require valid-user
</Location>

After that, you will need to enable ONLY one of them:

sudo a2ensite svn.cgi

Or

sudo a2ensite svn.fcgi

Or

sudo a2ensite svn.fastcgi

Or

sudo a2ensite svn.python

Finally, reload apache server:

sudo /etc/init.d/apache2 reload

Try to open these links:
https://localhost/MyProjects/svn/SVN_Project_01
https://localhost/MyProjects/trac

Next

You will need to configure your prefered IDE with the created SVN repository if it supports the synchronization with SVN repositories. In my case as a Java/Java EE Developer, I’ ll refer to the most known open IDEs which are: NetBeans and Eclipse. SVN is just a little part of them to control versioning!

Hence, this would help you get a well managed and organized development environment!

___________________

References

https://help.ubuntu.com/community/UbuntuTracHowto
http://wiki.kartbuilding.net/index.php/Trac_and_SVN
http://trac.edgewall.org/wiki/TracGuide

How-To Enable SSL on Apache2 Server

January 13, 2010 2 comments

Why to Enable SSL Mode?

Without digressing too much in the Security topic, SSL (Secure Socket Layer) is a cryptographic protocol that provides security for communications over networks such as the Internet. Therefore, you will need such a protocol to protect your connection with the web server by encrypting the information being exchanged. So, if a sniffer drops into the connection then that information is not compromised. e.g. remotely logging in to your machine requires from you to submit your username and password. If the connection is not encrypted using one of the cryptographic protocols then such must-be-kept-secret information is exposed and imagine the impact on your system if such info was in somebody’s hand!

So, let’s discuss the steps of how to enable the SSL mode:

  1. Generate a Self-Signed Certificate
    cd /etc/apache2/
    sudo mkdir certs
    cd ./certs
    sudo openssl req -new -x509 -nodes -days 365 -out server.crt -keyout server.key
    
  2. Encrypt the Private Key (Optional)
    The way of doing it is by passing a “passphrase“:

    sudo openssl rsa -des3 -in server.key -out server.key
    

    Note: I tend not to do this step due to the fact that when Apache2 is restarted you will be asked to type the passphrase again. Therefore, I just change the key and certificate files permission so they are only read by Apache2!

  3. Enable the SSL Modules
    You can either enable the SSL Module by running these commands:

    sudo a2enmod ssl
    sudo /etc/init.d/apache2 restart
    

    OR if you are curious about what it does you can do the following steps instead:

    cd /etc/apache2/mods-enabled
    sudo ln -s /etc/apache2/mods-available/ssl.load ./
    sudo /etc/init.d/apache2 restart
    
  4. Create the SSL Site
    sudo pico /etc/apache2/sites-available/MySSL
    
    ##################################
    ##-->@Author Husain Al-Khamis<--##
    ##################################
    <VirtualHost "*:443">
            ServerAdmin webmaster@localhost
    
            DocumentRoot /var/www
    
            ##-->Me<--##
    
            SSLEngine on
            SSLCertificateFile /etc/apache2/certs/server.crt
            SSLCertificateKeyFile /etc/apache2/certs/server.key
    
            ##-->Me<--##
    
            <Directory "/">
                    Options FollowSymLinks
                    AllowOverride None
            </Directory>
            <Directory "/var/www/">
                    Options Indexes FollowSymLinks MultiViews
                    AllowOverride None
                    Order allow,deny
                    allow from all
            </Directory>
    
            ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
            <Directory "/usr/lib/cgi-bin">
                    AllowOverride None
                    Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
                    Order allow,deny
                    Allow from all
            </Directory>
    
            ErrorLog /var/log/apache2/error.log
    
            # Possible values include: debug, info, notice, warn, error, crit,
            # alert, emerg.
            LogLevel warn
    
            CustomLog /var/log/apache2/access.log combined
    
        Alias /doc/ "/usr/share/doc/"
        <Directory "/usr/share/doc/">
            Options Indexes MultiViews FollowSymLinks
            AllowOverride None
            Order deny,allow
            Deny from all
            Allow from 127.0.0.0/255.0.0.0 ::1/128
        </Directory>
    
  5. Listen on Port 443
    Open ports.conf:

    	sudo pico /etc/apache2/ports.conf
    	

    And add the following:

    	<IfModule mod_ssl.c>
    		# SSL name based virtual hosts are not yet supported, therefore no
    		# NameVirtualHost statement here
    		NameVirtualHost *:443
    		Listen 443
    	</IfModule>
    
  6. Enable the SSL Site
    Same as in step# 3, you can either perform these commands

    sudo a2ensite MySSL
    sudo /etc/init.d/apache2 restart
    

    OR alternatively, you can do it manually in this way:

    sudo pico /etc/apache2/apache2.conf
    

    And add the following to the end of it:

    # Include the secured host configurations:
    Include /etc/apache2/sites-available/MySSL
    

    Then, Restart Apache2:

    sudo /etc/init.d/apache2 restart
    

So, have a secure web surfing!

How-To Deploy Roller 4 on GlassFish V3

December 10, 2009 7 comments

I’ve just started blogging seriously. Many free blogging tool providers are available. Widely known are the WordPress and Blogger. For some reasons, I decided to use WordPress as my main blogging tool.

I’ve given some thoughts to start developing a Web-based Blogging Tool just to have some hands-on experience on the Web Development and Design process. Besides, as I advocate the Open Source Community I would like to make a humble contribution to this great community.

I was wondering which platform on which I should rely to start developing this project. From my notice, most web applications nowadays are developed in PHP. PHP has been used very widely by the public. Well, PHP is a very cool scripting language and I’ve always looked forward to learning it. But, as it is a top priority to my career path is to have a solid development background using Java/J2EE technology, I’ve decided to start a project for developing a Java Web-based Blogging Application. Fortunately, somebody already started developing such a project long time ago, since 2002. This application is sponsored by Apache Software Foundation and is called Roller Weblogger.

So, trying to make Roller up and running, we need to download a Java Web Server to be the deploying environment for Roller. You can download Tomcat and use it as a Web Server to deploy Roller. Refer to this Installation Guide to deploy Roller on Tomcat.

In my case, I decided to use GlassfishV3 due to the features and frameworks bundled with. Here, I’ll explain step by step how to install GlassfishV3, deploy Roller on it, and avoid a possible problem that might hinder the deployment process!

So, let’s start!

STEP 1: GlassfishV3

STEP 1.1: Download GlassfishV3

Download GlassFishV3 Prelude or Preview. Compare between them here.

Refer to Comment#:1

STEP 1.2: Install/Configure GlassfishV3

Install GlassfishV3 by simply running the script. It is not a big deal just follow the instructions!

STEP 1.3: Start GlassfishV3

Go to where Glassfish binary files are:

cd $GF_HOME/glassfish/bin
  • To start the domain:
    ./asadmin start-domain
  • To stop the domain:
    ./asadmin stop-domain

Or alternatively, I prefer to start/stop the server by running these: “log will be output to the screen, so you can monitor it

  • To start the server:
    ./startserv
  • To stop server:
    ./stopserv

Now, you can reach the Admin Console at:

For further details, have a look at the GlassfishV3 Quick Start Guide!

STEP 2: MySQL JDBC Connection

STEP 2.1: Download Connector/J

You will need to download the MySQL JDBC Connector to allow Roller interact with the MySQL Database Server. Here, I used the MySQL Connector/J 5.1.10.

Place the Connector/J in:

cp mysql-connector-java-5.1.10-bin.jar $GF_HOME/glassfish/lib/

STEP 2.2: Provide JNDI

In GlassfishV3:

  • Create JDBC Connection Pool: (Admin GUI -> Application Server -> Resources -> JDBC -> Connection Pools)

  • Create JDBC Resources (Admin GUI -> Application Server -> Resources -> JDBC -> JDBC Resources)

Restart Glassfish and Ping the JDBC Connection!

STEP 3: Roller 4

STEP 3.1: Download Roller

Download Roller from here.
For more detailed information about installation refer to the Roller Installation Guide!

STEP 3.2: Create Database
mysql -u root -p

password: *****
create database rollerdb;

grant all on rollerdb.* to scott@'%' identified by 'tiger';

grant all on rollerdb.* to scott@localhost identified by 'tiger';

quit
STEP 3.3: Create roller-custom.properties

To connect to the MySQL database you should create the roller-custom.properties file in either 2 ways “as far as I noticed“:

  • Roller will interact with database Directly:
    installation.type=auto
    database.configurationType=jdbc
    database.jdbc.driverClass=com.mysql.jdbc.Driver
    database.jdbc.connectionURL=jdbc:mysql://localhost:3306/rollerdb
    database.jdbc.username=scott
    database.jdbc.password=tiger
    
    mail.configurationType=properties
    mail.hostName=smtp-server.example.com
    mail.username=scott
    mail.password=tiger

    Place it in:

    mv roller-custom.properties $ROLLER_DIR/WEB-INF/classes/
  • Roller will interact with database through the JNDI:
    installation.type=auto
    database.configurationType=jndi
    database.jndi.name=jdbc/rollerdb
    
    mail.configurationType=jndi
    mail.jndi.name=mail/Session
    mail.configurationType=properties
    mail.hostName=smtp-server.example.com
    mail.username=scott
    mail.password=tiger

    Place it in:

    mv roller-custom.properties $ROLLER_DIR/WEB-INF/classes/

    Make sure that the following Descriptor is placed in this directory:

    ls $ROLLER_DIR/WEB-INF/sun-web.xml
STEP 3.4: Deploy Roller

Deployment must be easy and straightforward too from the Admin GUI, or You can place the $ROLLER_DIR in the autodeploy directory if you want just to try it out.

STEP 4: A Problem To Be Avoid

I only got Roller and GlassFishV3 working together by disabling the following JPA configuration and setting its flag to false and then adding it to “roller-custom.properties“:
openjpa.QueryCompilationCache=false

Enjoy blogging 😉