This will delete the page "unprivileged-recipe". Please be certain.
unprivileged-recipe
bill-auger edited this page 8 years ago
PAGURE SETUP
this recipe should be sufficient to setup a new debian9 server or migrate existing data to a new machine
- all persistent data is stored out of tree to ease migrations
- PAGURE_USER and GITOLITE_USER are not the same user so that GITOLITE_USER can be confined to a git-shell
set some convenience vars
$ PAGURE_USER='user-who-runs-pagure-web-server'
$ GITOLITE_USER='the-gitolite-user' # (e.g. 'git')
$ PAGURE_DATA_DIR=/path/to/large/disk
$ GITOLITE_HOME_DIR=/path/to/gitolite/user/home
prepare the system
$ su -c 'apt install libffi-dev libjpeg-dev libgit2-dev virtualenv libpython2.7-dev gitolite3'
$ su -c "adduser $GITOLITE_USER"
$ su $PAGURE_USER
$ cd /path/to/build/dir
$ git clone https://pagure.io/pagure.git
configure gitolite
* NOTE: apt will create a default user named gitolite3 with home at /var/lib/gitolite3
dpkg-reconfigure to create or use existing user with any name (e.g. git) with any home (e.g. /home/git/)
user home must match $GITOLITE_HOME_DIR above
* NOTE: on initial install you will need a .gitolite.rc - there are examples under files/ for gitolite v2 and v3
be sure that UMASK is set to 0002 (rwxrwxr.x) so that $PAGURE_USER (in the git group) has rw access
and git-daemon has read access
$ su -c 'dpkg-reconfigure gitolite3'
$ su -c 'deluser gitolite3'
$ su -c 'rm -rf /var/lib/gitolite'
$ su -c 'adduser $PAGURE_USER $GITOLITE_USER'
$ su $GITOLITE_USER
//$ mkdir -p $PAGURE_DATA_DIR/{docs,forks,tickets,requests} # may not need this - gitolite created these in its repo dir
$ rm $GITOLITE_HOME_DIR/.gitolite.rc'
$ mv $GITOLITE_HOME_DIR/.gitolite/conf/gitolite.conf $PAGURE_DATA_DIR/gitolite.conf'
$ mv $GITOLITE_HOME_DIR/.gitolite/keydir/ $PAGURE_DATA_DIR/keydir/'
$ mv $GITOLITE_HOME_DIR/repositories/ $PAGURE_DATA_DIR/repos/'
$ ln -s $PAGURE_DATA_DIR/gitolite.rc $GITOLITE_HOME_DIR/.gitolite.rc'
$ ln -s $PAGURE_DATA_DIR/gitolite.conf $GITOLITE_HOME_DIR/.gitolite/conf/gitolite.conf'
$ ln -s $PAGURE_DATA_DIR/keydir $GITOLITE_HOME_DIR/.gitolite/keydir'
$ ln -s $PAGURE_DATA_DIR/repos $GITOLITE_HOME_DIR/repositories'
chroot into python environment
$ su $PAGURE_USER
$ cd pagure
$ virtualenv pagure_env
$ source ./pagure_env/bin/activate
install python dependencies
$ pip install pygit2==0.24.* # installed version of libgit2
$ pip install -r requirements.txt
prepare the database
$ python createdb.py
configure pagure
* NOTE: on initial install you will need notabug_config.py or customize pagure/default_config.orig.py
$ echo "APP_DOMAIN = 'notabug.org'" > $PAGURE_DATA_DIR/default_config.py
$ echo "PAGURE_DATA_DIR = '$PAGURE_DATA_DIR'" >> $PAGURE_DATA_DIR/default_config.py
$ echo "GITOLITE_HOME_DIR = '$GITOLITE_HOME_DIR'" >> $PAGURE_DATA_DIR/default_config.py
$ cat $PAGURE_DATA_DIR/notabug_config.py >> $PAGURE_DATA_DIR/default_config.py
$ nano $PAGURE_DATA_DIR/default_config.orig.py # tweak for current environment
$ su $PAGURE_USER
$ mv pagure/default_config.py pagure/default_config.orig.py
$ ln -s $PAGURE_DATA_DIR/default_config.py pagure/default_config.py
launch the application at http://127.0.0.1:5000
$ ./runserver.py
To get some profiling information you can also run it as:
$ ./runserver.py --profile
###CONFIG TODO:
# real db - multiple keys
# gitolite config - multiple keys
# eventsource - multiple keys
# webhooks and redis - multiple keys
# email - multiple keys
SHOW_PROJECTS_INDEX = ['repos', 'myrepos', 'myforks']
GIT_URL_SSH = 'ssh://git@' + APP_DOMAIN + '/'
GIT_URL_GIT = 'git://' + APP_DOMAIN + '/'
ADMIN_GROUP = 'sysadmin-main' # None ???
SSH_KEYS = {'RSA': {'fingerprint': '<foo>', 'pubkey': '<bar>'}}
SESSION_COOKIE_SECURE = False # should always be set to True in production
FEATURES TODO:
# BLACKLISTED_PROJECTS , ALLOWED_PREFIX , BLACKLISTED_GROUPS would be relevant for re-routing repos urls
Delete Page