Saturday, August 29, 2009

Apache.org hit by SSH key compromise

The open-source Apache Software Foundation pulled its Apache.org Web site offline for about three hours today because of server hack caused by a compromised SSH key.

A brief message posted on the site made it clear the compromise was “not due to any software exploits in Apache itself”, but was actually caused by a compromised SSH key.

See the initial report from Apache.

Source: ZDnet

Monday, August 17, 2009

Belajar guna SVN

Dulu masa berjinak2 guna FreeBSD, aku disuruh belajar update ports guna CVSup. Lepas tu sekarang aku disuruh belajar pasal SVN. Rupe2nye bendalah ni purpose dia lebih kurang sama je, cuma fungsi dan kemampuan yang berlainan. CVSup, SVN, git ni duduk dalam satu kategori iaitu SCM atau Source Control Management.

Bendalah2 ni akan synchronize kan source2 application yang ada dalam directory kita dengan yang ada kat server developer. Kalau untuk development, dia akan synchronizekan source2 yang kita develop kat local dengan server punya source (sebagai kemaskini, atau dalam bahasa lain, revision).

Bagi sape2 yang nak berjinak dengan SVN dan nak tau fungsi, keupayaan, dan syntax SVN ni, bleh la rajin2kan diri baca kat sini

Saturday, August 15, 2009

Redmine and SVN installation/configuration

Install all packages needed for redmine and svn:
$ sudo aptitude install ruby rubygems ruby1.8-dev libgemplugin-ruby libgemplugin-ruby1.8 \
mysql-server libruby-extras libruby1.8-extras rubygems1.8 rails \
subversion rake apache2-threaded-dev apache2 libapache-dbi-perl \
libapache2-mod-perl2 libdigest-sha1-perl libapache2-svn libdbd-mysql-perl
Install and configure redmine (version 0.8.4 as this tutorial took place, please refer to http://rubyforge.org/frs/?group_id=1850 for latest version):
$ mkdir /var/www/redmine
$ cd /var/www/redmine
$ sudo wget http://rubyforge.org/frs/download.php/56909/redmine-0.8.4.tar.gz
$ sudo tar xvfz redmine-0.8.4.tar.gz
$ sudo mv redmine-0.8.4/* .;rm redmine-0.8.4.tar.gz -rf
$ sudo rm -rf redmine-0.8.4/
$ sudo chown www-data:www-data * . -R
Create MySQL database for redmine:
$ sudo mysql -uroot -p
mysql> create database redmine character set utf8;
Copy and edit file database.yml
$ sudo cp config/database.yml.example config/database.yml
$ sudo nano config/database.yml

EDIT:

production:
adapter: mysql
database: redmine
host: 127.0.0.1
username: your-mysql-username
password: your-mysql-password
encoding: utf8

Run the rake command for “production” setting:
$ sudo rake db:migrate RAILS_ENV=”production”
$ sudo rake redmine:load_default_data RAILS_ENV=”production”

Install passenger (aka mod_rails):
$ gem install passenger (It’ll take a while)
$ sudo /var/lib/gems/1.8/gems/passenger-2.2.4/bin/passenger-install-apache2-module

Create/Open and add the ‘LoadModule’ in /etc/apache2/mods-available/passenger.load:
$ sudo nano /etc/apache2/mods-available/passenger.load
LoadModule passenger_module /var/lib/gems/1.8/gems/passenger-2.2.4/ext/apache2/mod_passenger.so

Create/Open and add new module in /etc/apache2/mods-available/passenger.conf:
$ sudo nano /etc/apache2/mods-available/passenger.conf
PassengerRoot /var/lib/gems/1.8/gems/passenger-2.2.4
PassengerRuby /usr/bin/ruby1.8

Enable the passenger for apache module:
$ sudo a2enmod passenger

Copy the Redmine.pm file into the apache perl5 library:
$ sudo cp /var/www/redmine/extra/svn/Redmine.pm /usr/lib/perl5/Apache

Create and add the following in /etc/apache2/sites-available/redmine (you might need to change the bold text):
$ sudo nano /etc/apache2/sites-available/redmine
NameVirtualHost *

ServerName redmine.yourURL
DocumentRoot /var/www/redmine/public
ServerAdmin [email protected]
LogLevel warn
ErrorLog /var/log/apache2/redmine_error
CustomLog /var/log/apache2/redmine_access combined

Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all


Create and add the following in /etc/apache2/sites-available/svn (you might need to change the bold text):
$ sudo nano /etc/apache2/sites-available/svn
NameVirtualHost *
PerlLoadModule Apache::Redmine

ServerName svn.yourURL
ServerAdmin [email protected]
ErrorLog /var/log/apache2/svn_error
CustomLog /var/log/apache2/svn_access combined


DAV svn
SVNParentPath “/var/svn/”

AuthType Basic
AuthName redmine
Require valid-user

PerlAccessHandler Apache::Authn::Redmine::access_handler
PerlAuthenHandler Apache::Authn::Redmine::authen_handler

RedmineDSN DBI:mysql:database=redmine;host=localhost

RedmineDbUser mysql-user
RedmineDbPass mysql-password


Restart the Apache Server:
$ sudo /etc/init.d/apache2 restart

Create svn root repository directory and set the permission:
$ sudo mkdir /var/svn
$ sudo chmod 0755 /var/svn

Configure Apache to serve the svn repositories through DAV:
$ sudo a2enmod dav
$ sudo a2enmod dav_svn
$ sudo a2enmod perl
$ sudo a2ensite svn
$ sudo /etc/init.d/apache2 reload

Edit the Apache sites-enabled:
$ cd /etc/apache2/sites-enabled
$ sudo rm 000-defaults
$ sudo ln -s ../sites-available/redmine 000-redmine
$ sudo /etc/init.d/apache2 reload

Now lets get the redmine server up:
$ sudo ruby /var/www/redmine/script/server -e production

Done!, now you can go to the redmine page through this address
http://redmine:3000/

NOTE: You can put the repository creation script into the cron job for schedule checking to make sure the Redmine project and create repositories accordingly.
$ sudo nano /etc/cron.d/redmine

and put this line into it
10 * * * * root ruby /var/www/redmine/extra/svn/reposman.rb –redmine redmine.yourURL –svn-dir /var/svn –owner www-data –url http://svn.yourURL/ >> /var/log/reposman.log” > /etc/cron.d/redmine

References:
  1. http://lordsauron.wordpress.com/2008/12/10/redmine-08x-installation-tutorial/
  2. http://wiki.ousli.org/index.php/RedmineUbuntu
  3. http://blog.itsmine.co.uk/2009/01/22/howto-install-subversion-and-redmine-on-centos5-rhel5/