Blog Navigation
Recommended
Latest Activity
Phil explains how to write a scalable SNMP Trap and Inform message receiver in Java using SNMP4J. He also explains what SNMP is and surrounding ideas such as TCP and UDP.
Installing Gitorious on CentOS 5.6 x64
There are many reasons why you might be reading this post, but likely, you’re trying to figure out how to install this complex heap of code (that has its root node removed, no doubt, ha ha). If you didn’t get my last joke, I feel sorry for you, but the show must go on.
Gitorious is an open source repository management system similar to Trac on SVN. The software looks really nice (gitorious.org), and it has a lot of built in features for managing git repositories. For those of you who are not familiar with coding, code repositories are often set up to enable many coders to work on the same project simultaneously (different portions of course). Repositories also enable versioning so that you can easily revert to an older copy of your code base if something breaks along the way. Repositories are often centralized so that only a single location has to be backed up, in this case Gitorious centralizes git repositories.
Truthfully, there are three memorable software programs that have been notoriously difficult to install and configure in my experience, these are as follows:
With all of the above said, the installation process of gitorious isn’t for the leisure system administrator to install. This took me approximately 3 days of research to successfully install and understand. I installed it on a separate system only because I didn’t want it hurting any of my existing production systems. In the end, I’m glad I did this because I learned that Ruby isn’t very memory efficient and this application easily eats up most of the 1GB of ram allocated to it in a VPS (Virtual Private Server). And with this said, I invite you to continue reading if you really want to know how to install this software.
Update 6/14: After a few requests, I’ve decided that I will provide a Gitorious installation service on your CentOS server. I will be happy to install Gitorious and make it work (as described below) for a one time paypal payment of $100. For details, contact me directly (see my contact page).
LAST UPDATE: 6/8/2011 – Suggestions from Gitorious Discussion Group
Before I begin, I’d like to note that although I used OpenVZ for my deployment of Gitorious, it should work on Xen and other platforms (even dedicated servers). I say should because I originally deployed this on Amazon Web Services, and the installation process had a few changes here and there (due to errors with package dependencies, etc) when I finally moved it over to OpenVZ. The procedure below was used for an OpenVZ machine as detailed below. Finally, my last note is that you can expect this installation process to take roughly an hour or two to complete as a lower bound (provided everything goes well).
I decided to use a VPS from chicagovps to host this software program because of a good past experience with them. Although I normally bash OpenVZ virtualization (with really good reasons because Xen is better), I chose to use OpenVZ since it is typically faster and I wanted performance. OpenVZ doesn’t have swap space, and its memory management isn’t that great, so in the end, applications can use almost 3x the amount of memory on OpenVZ VPS containers compared to running on equivalent Xen containers. I can easily see Xen requiring less than 384MB of dedicated Ram for Gitorious. On OpenVZ, I strongly suggest not getting less than 1GB of dedicated memory. With ChicagoVPS, I got the professional package, and my memory usage hovers around 800MB for this install. For the Operating System, I chose the CentOS 5.5 x64 template and using yum update, the operating system became CentOS 5.6. Everything below is performed as root unless otherwise noted.
The first thing that I did was set my DNS to have 2 A-records pointing to the hostname of my server (string.matthouse.us), and another that points to the future Gitorious website URL (git.matthouse.us). After that was done, I logged into the VPS and set up public keys for the root account to make logging into the machine easier in the future. I’ve written two blogs about public key authentication, so I won’t detail this portion of the process (that’s optional anyways). I’d also recommend setting up a secure root password (also mentioned sometime in the past).
Next, I’d recommend disabling SELinux if it is enabled, thankfully, on VPS nodes, its typically disabled out of the box. If you’re on Xen, you might want to make and enable a swap file (which I detailed on my AWS install of Tomcat blog). The next step is to execute the following commands, which remove common packages that you won’t need and turn off common services which you won’t use. In this stack of commands, you will also need to edit the SSH configuration to disable DNS lookups, which in my experience speeds up the login process to SSH by a lot!
yum remove -y samba-common bind-libs dnsmasq portmap postgresql-libs nscd service atd stop chkconfig atd off service nfslock stop chkconfig nfslock off service rpcidmapd stop chkconfig rpcidmapd off service bluetooth stop chkconfig bluetooth off service anacron stop chkconfig anacron off service gpm stop chkconfig gpm off service hidd stop chkconfig hidd off service pcscd stop chkconfig pcscd off service portmap stop chkconfig portmap off service avahi-daemon stop chkconfig avahi-daemon off service pcscd stop chkconfig pcscd off service sendmail start chkconfig sendmail on vim /etc/ssh/sshd_config #uncomment UseDNS and change to no UseDNS no service sshd restart
Next, we need to enable the RPMForge repository. I enable the EPEL and REMI repositories later on, but at this point, if those are enabled, you will hit a certain known bug with MySQL that has yet to be fixed by CentOS.
http://rpmrepo.org/RPMforge/Using wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el5.rf.i386.rpm rpm -ivh rpmforge-release-0.5.2-2.el5.rf.i386.rpm
Now lets update the system and install some required packages. This should take roughly 10 or 15 minutes.
yum update -y yum groupinstall -y "Development tools" "Development Libraries" yum install -y git-core git-svn java-1.6.0-openjdk vim-* apg pcre pcre-devel zlib zlib-devel libyaml-devel GeoIP-devel sphinx mysql-devel mysql-server mysql
At this point, I configure MySQL before adding other software that triggers bugs with its initial setup phase.
service mysqld start /usr/bin/mysql_secure_installation
In the secure installation, I set the root password of MySQL to something tricky and I answer yes to all of the prompts.
The next step is to add some configuration to the my.cnf file to minimize the footprint of MySQL (which will still use a lot of memory on OpenVZ).
[mysqld] datadir=/var/lib/mysql socket=/var/lib/mysql/mysql.sock user=mysql old_passwords=1 max_connections = 5 key_buffer = 1K read_buffer_size = 1K max_allowed_packet = 512K thread_stack = 16K table_cache = 32 sort_buffer = 16K net_buffer_length = 1K thread_stack = 4K query_cache_type = 1 query_cache_limit = 1K query_cache_size = 1K innodb_buffer_pool_size = 1K innodb_additional_mem_pool = 1K # Disabling symbolic-links is recommended to prevent assorted security risks; # to do so, uncomment this line: # symbolic-links=0 [mysqld_safe] log-error=/var/log/mysqld.log pid-file=/var/run/mysqld/mysqld.pid
At this point, lets restart mysql.
service mysqld restart
Now let’s install Ruby Enterprise Edition. The enterprise version of Ruby is still free, but it uses older, more stable components of Ruby, it’s also focused towards memory conservation (although it still compares to Java’s memory appetite). I would strongly recommend not using any other version/distribution of Ruby since I found many compatibility errors that caused me to have to start all over again many times! Remember that # is a comment and the command line will NOT process the command.
#- get latest stable ruby enterprise (the rubylang 1.9 branch will not work properly) #-http://www.rubyenterpriseedition.com/download.html wget http://rubyenterpriseedition.googlecode.com/files/ruby-enterprise-1.8.7-2011.03.tar.gz tar xzf ruby-enterprise-1.8.7-2011.03.tar.gz cd ruby-enterprise-1.8.7-2011.03 ./installer #(accept the defaults, 2 prompts will come up)
Next, we need to configure ruby and path variables. Follow the comments in my notes.
cd /opt ln -s ruby-enterprise-1.8.7-2011.03 ruby vim /etc/profile #add the following to /etc/profile [ "$EUID" = "0" ] pathmunge /opt/ruby/bin export RAILS_ENV=production export PATH=/usr/local/sphinx/bin:/usr/local/bin:$PATH export _JAVA_OPTIONS=-Xmx64m export MAGICK_HOME=/usr/local export DYLD_LIBRARY_PATH=/usr/local/lib
Strange enough, later on, another bug will surface where the profile isn’t read to setup these paths and options. Therefore, I also added the following to my internal documentation install script.
vim /etc/bashrc
#add to the very bottom
pathmungea () {
if ! echo $PATH | /bin/egrep -q "(^|:)$1($|:)" ; then
if [ "$2" = "after" ] ; then
PATH=$PATH:$1
else
PATH=$1:$PATH
fi
fi
}
pathmungea /opt/ruby/bin
export RAILS_ENV=production
export PATH=/usr/local/sphinx/bin:/usr/local/bin:$PATH
export _JAVA_OPTIONS=-Xmx64m
export MAGICK_HOME=/usr/local
export DYLD_LIBRARY_PATH=/usr/local/lib
unset pathmungea
At this point, restart the shell that you’re in to pick up the new path information. You might want to reboot, but that isn’t necessary at this point. After the restart, we need to install ImageMagick.
#Imagemagick on yum is outdated, so a bug will show up if we don’t do this for now. cd ~ yum install -y tcl-devel libpng-devel libjpeg-devel ghostscript-devel bzip2-devel freetype-devel libtiff-devel #wget url to ImageMagick download wget ftp://ftp.imagemagick.org/pub/ImageMagick/ImageMagick-6.7.0-2.tar.gz tar xzf ImageMagick-6.7.0-2.tar.gz cd ImageMagick-6.7.0-2 ./configure --prefix=/usr/local --with-bzlib=yes --with-fontconfig=yes --with-freetype=yes --with-gslib=yes --with-gvc=yes --with-jpeg=yes --with-jp2=yes --with-png=yes --with-tiff=yes make make install
Up next, we need to install some ruby gems. This list isn’t comprehensive (there will be more to come later), but it will get us started. I omitted mongrel as a webserver (which would come at this step according to other guides) because I intend on using Apache. I also know that echoe, textpow, and oniguruma are either included or incompatible with this version of Ruby, so they were omitted. I didn’t find any problems at the end without them, so I’m assuming they were extras.
UPDATE 6/8: You probably don’t need to do this since bundle exec (below) will cover this for you. You will need to run “gem install bundle” instead at this step.
gem install sphinx rmagick ultrasphinx mime-types chronic ruby-hmac daemons mime-types BlueCloth ruby-yadis ruby-openid rspec rspec-rails RedCloth stompserver --no-ri --no-rdoc
Now let’s add the extra repositories and fix some centos bugs. Don’t worry if the packages aren’t found.
#fix some centos bugs: yum remove perl-Net-SSLeay perl-IO-Socket-SSL #install some repositories wget http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-4.noarch.rpm wget http://rpms.famillecollet.com/enterprise/remi-release-5.rpm rpm -Uvh remi-release-5*.rpm epel-release-5*.rpm
Finally, its time to move onto the installation of gitorious. The su command will drop you into a shell owned by git (cool huh?).
useradd -d /home/git git su git cd ~ mkdir log mkdir conf git clone git://gitorious.org/gitorious/mainline.git gitorious cd gitorious/ mkdir -p tmp/pids exit #(exit here will return to root) ln -s /home/git/gitorious/script/gitorious /usr/local/bin/gitorious cd /home/git/gitorious/ chmod ug+x script/* chmod -R g+w config/ log/ public/ tmp/
Next, we need to modify several files and begin preparing Gitorious to run.
Update 6/8/11: When getting to the gem install portions, you probably only need to run the bundle commands, skipping the gem commands all together.
su git #modify each vim'd file appropriately vim /home/git/gitorious/doc/templates/centos/git-daemon RUBY_HOME="/opt/ruby" GITORIOUS_HOME="/home/git/gitorious" vim /home/git/gitorious/doc/templates/centos/git-ultrasphinx GITORIOUS_HOME="/home/git/gitorious" vim /home/git/gitorious/doc/templates/centos/git-poller RUBY_HOME="/opt/ruby" GITORIOUS_HOME="/home/git/gitorious" export _JAVA_OPTIONS=-Xmx64m vim /home/git/gitorious/doc/templates/centos/stomp RUBY_HOME="/opt/ruby" GEMS_HOME="/opt/ruby" GITORIOUS_HOME="/home/git/gitorious" exit #return to root #next as root: gem install --no-ri --no-rdoc -v 1.5.0 json gem install --no-ri --no-rdoc -v 1.3.1.1 rdiscount cd /home/git/gitorious bundle install bundle exec rake gems:install gem install --no-ri --no-rdoc -v 0.8.7 rake gem install --no-ri --no-rdoc -v 1.1.0 daemons gem uninstall rake -v 0.9.1 gem uninstall daemons -v 1.1.3 gem uninstall geoip #select all gem install --no-ri --no-rdoc -v 0.8.9 geoip gem install --no-ri --no-rdoc -v 1.0 raspell cp config/database.sample.yml config/database.yml cp config/gitorious.sample.yml config/gitorious.yml cp config/broker.yml.example config/broker.yml su git mkdir /home/git/data mkdir /home/git/data/repositories mkdir /home/git/data/tarballs mkdir /home/git/data/tarball-work chown -R git:git /home/git/data #enable key management mkdir /home/git/.ssh chmod -R 700 /home/git/.ssh touch /home/git/.ssh/authorized_keys chmod 600 /home/git/.ssh/authorized_keys chmod -R 700 /home/git/data exit #back to root #permissions fix: chown -R git:git /home/git chmod 711 /home/git
At this point, we need to make a secret cookie for a configuration file, make note of the output from this command.
apg -m 64 #sample output below, DON’T use it! [root@string ~]# apg -m 64 SwouncievNivJucivrevnisfookEcnasiarHamgogdipmopyicbyctyikBagArim gronugAmIsUkDifpoyftEggobviuzIpArgecHewElsOcubnuejEtDecerlyooHib smivyecivfalakMarfAvikokip^ojyorwahonkIrEdeibZepbivsaftIdmapmic) frivetcetEceivepJuxNeipnidzaroyffAgVevfuIvDesemAfyacAppAtdeavays wenEjUcoofnafryefGewboshkyersufcawJontIavZenFeifWoitGejEajnoiWry sawidHewofOkheTwiOjFigWigbobinCushBurnErnodedLuenAtTeyznoynoryop
There are several ruby environments for different modes of Ruby, these are Test, Development, and Production. Although we have to set up the Development and Test environments (mostly to avoid errors and warnings), I will only use the Production Environment in the end. Also, don’t use the key above, or below, I just inserted it to give you an idea of how it should look.
vim /home/git/gitorious/config/gitorious.yml #For production, development, and test sections: #copy paste exactly (new lines count), if you get an error below, this file will be where to look. development: cookie_secret: SwouncievNivJucivrevnisfookEcnasiarHamgogdipmopyicbyctyikBagArimgronugAmIsUkDifpoyftEggobviuzIpArgecHewElsOcubnuejEtDecerlyooHibsmivyecivfalakMarfAvikokip^ojyorwahonkIrEdeibZepbivsaftIdmapmic)frivetcetEceivepJuxNeipnidzaroyffAgVevfuIvDesemAfyacAppAtdeavayswenEjUcoofnafryefGewboshkyersufcawJontIavZenFeifWoitGejEajnoiWrysawidHewofOkheTwiOjFigWigbobinCushBurnErnodedLuenAtTeyznoynoryop repository_base_path: "/home/git/data/repositories" extra_html_head_data: system_message: gitorious_client_port: 80 gitorious_client_host: git.matthouse.us gitorious_host: git.matthouse.us gitorious_user: git exception_notification_emails: admin@matthouse.us mangle_email_addresses: true public_mode: true locale: en archive_cache_dir: "/home/git/data/tarballs" archive_work_dir: "/home/git/data/tarball-work" only_site_admins_can_create_projects: true hide_http_clone_urls: false is_gitorious_dot_org: false test: cookie_secret: SwouncievNivJucivrevnisfookEcnasiarHamgogdipmopyicbyctyikBagArimgronugAmIsUkDifpoyftEggobviuzIpArgecHewElsOcubnuejEtDecerlyooHibsmivyecivfalakMarfAvikokip^ojyorwahonkIrEdeibZepbivsaftIdmapmic)frivetcetEceivepJuxNeipnidzaroyffAgVevfuIvDesemAfyacAppAtdeavayswenEjUcoofnafryefGewboshkyersufcawJontIavZenFeifWoitGejEajnoiWrysawidHewofOkheTwiOjFigWigbobinCushBurnErnodedLuenAtTeyznoynoryop repository_base_path: "/home/git/data/repositories" extra_html_head_data: system_message: gitorious_client_port: 80 gitorious_client_host: git.matthouse.us gitorious_host: git.matthouse.us gitorious_user: git exception_notification_emails: admin@matthouse.us mangle_email_addresses: true public_mode: true locale: en archive_cache_dir: "/home/git/data/tarballs" archive_work_dir: "/home/git/data/tarball-work" only_site_admins_can_create_projects: true hide_http_clone_urls: false is_gitorious_dot_org: false production: cookie_secret: SwouncievNivJucivrevnisfookEcnasiarHamgogdipmopyicbyctyikBagArimgronugAmIsUkDifpoyftEggobviuzIpArgecHewElsOcubnuejEtDecerlyooHibsmivyecivfalakMarfAvikokip^ojyorwahonkIrEdeibZepbivsaftIdmapmic)frivetcetEceivepJuxNeipnidzaroyffAgVevfuIvDesemAfyacAppAtdeavayswenEjUcoofnafryefGewboshkyersufcawJontIavZenFeifWoitGejEajnoiWrysawidHewofOkheTwiOjFigWigbobinCushBurnErnodedLuenAtTeyznoynoryop repository_base_path: "/home/git/data/repositories" extra_html_head_data: system_message: gitorious_client_port: 80 gitorious_client_host: git.matthouse.us gitorious_host: git.matthouse.us gitorious_user: git exception_notification_emails: admin@matthouse.us mangle_email_addresses: true public_mode: true locale: en archive_cache_dir: "/home/git/data/tarballs" archive_work_dir: "/home/git/data/tarball-work" only_site_admins_can_create_projects: true hide_http_clone_urls: false is_gitorious_dot_org: false
Now let’s configure the broker. For a while, I was confused about why other guides had me install both stomp and activemq. It turns out that you only need one or the other. For me, stomp was more memory friendly, so I choose that. Towards the end of this blow, I also provide the procedure for installing ActiveMQ (which doesn’t pertain to what I’m installing). If you want ActiveMQ, you simply have to replace “stomp” below with “activemq” to get this to work I believe (although I didn’t test that) and install ActiveMQ around this point (as detailed at the end).
vim /home/git/gitorious/config/broker.yml
production:
adapter: stomp
development:
adapter: stomp
test:
adapter: stomp
Now let’s go through some more commands, including database configuration. Replace the
f
#permissions fix: chown -R git:git /home/git mysql -uroot –p’<ROOT’S MYSQL PASSWORD>' create database gitorious; create database gitorious_test; create database gitorious_dev; CREATE user 'git'@'localhost' IDENTIFIED BY '<PASWORD>'; GRANT ALL ON gitorious.* TO 'git'@'localhost'; GRANT ALL ON gitorious_test.* TO 'git'@'localhost'; GRANT ALL ON gitorious_dev.* TO 'git'@'localhost'; FLUSH privileges; exit;
One more major edit to a file to go! Once again, replace
vim /home/git/gitorious/config/database.yml development: adapter: mysql database: gitorious_dev username: git password: <PASWORD> host: localhost encoding: utf8 test: adapter: mysql database: gitorious_test username: git password: <PASWORD> host: localhost encoding: utf8 production: adapter: mysql database: gitorious username: git password: <PASWORD> host: localhost encoding: utf8
Now some more commands to configure gitorious. I was a little obsessive with fixing permissions (since I did a lot as root), but I wanted to make sure that I wouldn’t hit unknown errors and bugs.
#fix permissions cd /home chown -R git:git /home/git cd /home/git chmod -R 755 data chmod 755 gitorious cd /home/git/gitorious bundle exec rake db:create:all bundle exec rake db:setup bundle exec rake db:migrate #fix permissions cd /home chown -R git:git /home/git cd /home/git chmod -R 755 data chmod 755 gitorious
It’s now time to start some services related to Gitorious. Make sure that there are no errors in this section. I recommend executing line by line.
ln -s /home/git/gitorious/doc/templates/centos/git-daemon /etc/init.d/git-daemon chmod +x /etc/init.d/git-daemon chkconfig --add git-daemon service git-daemon start ln -s /home/git/gitorious/doc/templates/centos/stomp /etc/init.d/stomp chmod +x /etc/init.d/stomp chkconfig --add stomp service stomp start ln -s /home/git/gitorious/doc/templates/centos/git-poller /etc/init.d/git-poller chmod +x /etc/init.d/git-poller chkconfig --add git-poller service git-poller start
At this point, we can get into the Apache configuration. To download from gitorious, we need mod_xsendfile. To the best of my knowledge, Gitorious drops the executable bit off from the tar archives it creates, so the files cannot be accessed traditionally. This presents a problem and this modification makes the files downloadable without the executable bit being set.
yum install -y httpd httpd-devel mod_xsendfile #mod qos for sloworis attack control and DOS attack control cd ~ mkdir apachemod cd apachemod wget http://sourceforge.net/projects/mod-qos/files/mod_qos-9.57.tar.gz/download tar xzf mod_qos-9.57.tar.gz cd mod_qos-9.57/apache2 apxs -i -c mod_qos.c chmod 755 /usr/lib64/httpd/modules/mod_qos.so #configure xsendfile vim /etc/httpd/conf.d/xsendfile.conf #add below LoadModule line XSendFile on XSendFilePath /home/git/data/tarballs #UPDATE 6/8/11: Add a path to the repositories folder for git to work over http. XSendFilePath /home/git/data/repositories #install ruby Passenger to make Ruby applications work on Apache. /opt/ruby-enterprise-1.8.7-2011.03/bin/passenger-install-apache2-module #accept the defaults
At this point, we now need to configure Apache. I do this with a two file approach separating the website configuration from the server configuration. If you copy paste my httpd.conf file, it will serve you well, provided you change the “ServerAdmin” and “ServerName” directives (options). The same isn’t true of my host.conf file, you’re going to have to modify that for your particular installation.
cd /etc/httpd/conf
vim httpd.conf
### Section 1: Global Environment
ServerTokens OS
ServerRoot "/etc/httpd"
PidFile run/httpd.pid
Timeout 120
KeepAlive Off
MaxKeepAliveRequests 100
KeepAliveTimeout 15
Listen 80
LoadModule auth_basic_module modules/mod_auth_basic.so
LoadModule auth_digest_module modules/mod_auth_digest.so
LoadModule authn_file_module modules/mod_authn_file.so
LoadModule authn_alias_module modules/mod_authn_alias.so
LoadModule authn_anon_module modules/mod_authn_anon.so
LoadModule authn_dbm_module modules/mod_authn_dbm.so
LoadModule authn_default_module modules/mod_authn_default.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule authz_user_module modules/mod_authz_user.so
LoadModule authz_owner_module modules/mod_authz_owner.so
LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
LoadModule authz_dbm_module modules/mod_authz_dbm.so
LoadModule authz_default_module modules/mod_authz_default.so
LoadModule ldap_module modules/mod_ldap.so
LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
LoadModule include_module modules/mod_include.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule logio_module modules/mod_logio.so
LoadModule env_module modules/mod_env.so
LoadModule ext_filter_module modules/mod_ext_filter.so
LoadModule mime_magic_module modules/mod_mime_magic.so
LoadModule expires_module modules/mod_expires.so
LoadModule deflate_module modules/mod_deflate.so
LoadModule headers_module modules/mod_headers.so
LoadModule usertrack_module modules/mod_usertrack.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule mime_module modules/mod_mime.so
LoadModule dav_module modules/mod_dav.so
LoadModule status_module modules/mod_status.so
LoadModule autoindex_module modules/mod_autoindex.so
LoadModule info_module modules/mod_info.so
LoadModule dav_fs_module modules/mod_dav_fs.so
LoadModule vhost_alias_module modules/mod_vhost_alias.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule dir_module modules/mod_dir.so
LoadModule actions_module modules/mod_actions.so
LoadModule speling_module modules/mod_speling.so
LoadModule userdir_module modules/mod_userdir.so
LoadModule alias_module modules/mod_alias.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule cache_module modules/mod_cache.so
LoadModule suexec_module modules/mod_suexec.so
LoadModule disk_cache_module modules/mod_disk_cache.so
LoadModule file_cache_module modules/mod_file_cache.so
#LoadModule mem_cache_module modules/mod_mem_cache.so
LoadModule cgi_module modules/mod_cgi.so
LoadModule version_module modules/mod_version.so
#LoadModule cern_meta_module modules/mod_cern_meta.so
#LoadModule asis_module modules/mod_asis.so
LoadModule unique_id_module modules/mod_unique_id.so
LoadModule qos_module /usr/lib64/httpd/modules/mod_qos.so
LoadModule passenger_module /opt/ruby/lib/ruby/gems/1.8/gems/passenger-3.0.7/ext/apache2/mod_passenger.so
PassengerRoot /opt/ruby/lib/ruby/gems/1.8/gems/passenger-3.0.7
PassengerRuby /opt/ruby/bin/ruby
Include conf.d/*.conf
#ExtendedStatus On
User apache
Group apache
### Section 2: 'Main' server configuration
ServerAdmin admin@matthouse.us
ServerName string.matthouse.us:80
UseCanonicalName Off
DocumentRoot "/var/www/html"
<Directory />
Options FollowSymLinks
AllowOverride All
</Directory>
<IfModule mod_userdir.c>
UserDir public_html
</IfModule>
DirectoryIndex index.html index.html.var index.htm
AccessFileName .htaccess
<Files ~ "^.ht"> #deny serving ht files
Order allow,deny
Deny from all
</Files>
TypesConfig /etc/mime.types
DefaultType text/plain
<IfModule mod_mime_magic.c>
# MIMEMagicFile /usr/share/magic.mime
MIMEMagicFile conf/magic
</IfModule>
HostnameLookups Off
#EnableMMAP off
#EnableSendfile off
ErrorLog logs/error_log
LogLevel warn
LogFormat "%h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i"" combined
LogFormat "%h %l %u %t "%r" %>s %b" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
#LogFormat "%h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i" %I %O" combinedio
#CustomLog logs/access_log common
#CustomLog logs/referer_log referer
#CustomLog logs/agent_log agent
CustomLog logs/access_log combined
ServerSignature On
Alias /icons/ "/var/www/icons/"
<Directory "/var/www/icons">
Options Indexes MultiViews
AllowOverride None
Order allow,deny
Allow from all
</Directory>
#
# WebDAV module configuration section.
#
<IfModule mod_dav_fs.c>
# Location of the WebDAV lock database.
DAVLockDB /var/lib/dav/lockdb
</IfModule>
ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
<Directory "/var/www/cgi-bin">
AllowOverride All
Options None
Order allow,deny
Allow from all
</Directory>
# Redirect permanent /foo http://www.example.com/bar
# Directives controlling the display of server-generated directory listings.
IndexOptions FancyIndexing VersionSort NameWidth=* HTMLTable
AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip
AddIconByType (TXT,/icons/text.gif) text/*
AddIconByType (IMG,/icons/image2.gif) image/*
AddIconByType (SND,/icons/sound2.gif) audio/*
AddIconByType (VID,/icons/movie.gif) video/*
AddIcon /icons/binary.gif .bin .exe
AddIcon /icons/binhex.gif .hqx
AddIcon /icons/tar.gif .tar
AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
AddIcon /icons/a.gif .ps .ai .eps
AddIcon /icons/layout.gif .html .shtml .htm .pdf
AddIcon /icons/text.gif .txt
AddIcon /icons/c.gif .c
AddIcon /icons/p.gif .pl .py
AddIcon /icons/f.gif .for
AddIcon /icons/dvi.gif .dvi
AddIcon /icons/uuencoded.gif .uu
AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
AddIcon /icons/tex.gif .tex
AddIcon /icons/bomb.gif core
AddIcon /icons/back.gif ..
AddIcon /icons/hand.right.gif README
AddIcon /icons/folder.gif ^^DIRECTORY^^
AddIcon /icons/blank.gif ^^BLANKICON^^
DefaultIcon /icons/unknown.gif
#AddDescription "GZIP compressed document" .gz
#AddDescription "tar archive" .tar
#AddDescription "GZIP compressed tar archive" .tgz
ReadmeName README.html
HeaderName HEADER.html
IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t
AddLanguage ca .ca
AddLanguage cs .cz .cs
AddLanguage da .dk
AddLanguage de .de
AddLanguage el .el
AddLanguage en .en
AddLanguage eo .eo
AddLanguage es .es
AddLanguage et .et
AddLanguage fr .fr
AddLanguage he .he
AddLanguage hr .hr
AddLanguage it .it
AddLanguage ja .ja
AddLanguage ko .ko
AddLanguage ltz .ltz
AddLanguage nl .nl
AddLanguage nn .nn
AddLanguage no .no
AddLanguage pl .po
AddLanguage pt .pt
AddLanguage pt-BR .pt-br
AddLanguage ru .ru
AddLanguage sv .sv
AddLanguage zh-CN .zh-cn
AddLanguage zh-TW .zh-tw
LanguagePriority en ca cs da de el eo es et fr he hr it ja ko ltz nl nn no pl pt pt-BR ru sv zh-CN zh-TW
ForceLanguagePriority Prefer Fallback
AddDefaultCharset UTF-8
#AddType application/x-tar .tgz
#AddEncoding x-compress .Z
#AddEncoding x-gzip .gz .tgz
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
AddHandler cgi-script .cgi .pl
#AddHandler send-as-is asis
AddHandler type-map var
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml
# 1) plain text 2) local redirects 3) external redirects
#ErrorDocument 500 "The server made a boo boo."
#ErrorDocument 404 /missing.html
#ErrorDocument 404 "/cgi-bin/missing_handler.pl"
#ErrorDocument 402 http://www.example.com/subscription_info.html
Alias /error/ "/var/www/error/"
<IfModule mod_negotiation.c>
<IfModule mod_include.c>
<Directory "/var/www/error">
AllowOverride None
Options IncludesNoExec
AddOutputFilter Includes html
AddHandler type-map var
Order allow,deny
Allow from all
LanguagePriority en es de fr
ForceLanguagePriority Prefer Fallback
</Directory>
# ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var
# ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var
# ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var
# ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var
# ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var
# ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var
# ErrorDocument 410 /error/HTTP_GONE.html.var
# ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var
# ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var
# ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var
# ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var
# ErrorDocument 415 /error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var
# ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var
# ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var
# ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var
# ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var
# ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var
</IfModule>
</IfModule>
BrowserMatch "Mozilla/2" nokeepalive
BrowserMatch "MSIE 4.0b2;" nokeepalive downgrade-1.0 force-response-1.0
BrowserMatch "RealPlayer 4.0" force-response-1.0
BrowserMatch "Java/1.0" force-response-1.0
BrowserMatch "JDK/1.0" force-response-1.0
BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully
BrowserMatch "MS FrontPage" redirect-carefully
BrowserMatch "^WebDrive" redirect-carefully
BrowserMatch "^WebDAVFS/1.[0123]" redirect-carefully
BrowserMatch "^gnome-vfs/1.0" redirect-carefully
BrowserMatch "^XML Spy" redirect-carefully
BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully
<IfModule prefork.c>
StartServers 1
MinSpareServers 1
MaxSpareServers 1
ServerLimit 128
MaxClients 128
MaxRequestsPerChild 1000
</IfModule>
### Section 3: CONF STUFF
Include conf/host.conf
Next is the virtual host configuration. I chose to use https / ssl with a self-signed certificate, so that procedure is below. The following probably won’t be a perfect cut / paste for you, but it will be close enough provided you fill in the blanks. If you wish to not use https, simply copy the basic host.conf file and remove the SSL elements (including the port 443 stuff).
cd ~ yum install –y mod_ssl openssl openssl genrsa -out ca.key 2048 openssl req -new -key ca.key -out ca.csr #Enter in the information #sample information #Country Name (2 letter code) [GB]:US #State or Province Name (full name) [Berkshire]:NEW YORK #Locality Name (eg, city) [Newbury]:GREAT VALLEY #Organization Name (eg, company) [My Company Ltd]:MATTHOUSE #Organizational Unit Name (eg, section) []: #Common Name (eg, your name or your server's hostname) []:string.matthouse.us #Email Address []:admin@matthouse.us # #Please enter the following 'extra' attributes to be sent with your certificate request #A challenge password []: #An optional company name []: openssl x509 -req -days 365 -in ca.csr -signkey ca.key -out ca.crt cp ca.crt /etc/pki/tls/certs cp ca.key /etc/pki/tls/private/ca.key cp ca.csr /etc/pki/tls/private/ca.csr mv /etc/httpd/conf.d/ssl.conf /etc/httpd/conf.d/ssl.conf.disabled
Now we make the virtualhost include file.
vim /etc/httpd/conf/host.conf
#enable ~user home directories.
<Directory /home/*/public_html>
Options MultiViews Indexes SymLinksIfOwnerMatch Includes ExecCGI
AllowOverride All
Order allow,deny
Allow from all
</Directory>
NameVirtualHost *:80
<VirtualHost *:80>
ServerName string.matthouse.us
ServerAlias www.string.matthouse.us
ServerAdmin admin@matthouse.us
DocumentRoot /var/www
ErrorLog /var/www/error.log
CustomLog /var/www/access.log combined
</VirtualHost>
<VirtualHost *:80>
ServerName git.matthouse.us
ServerAdmin admin@matthouse.us
DocumentRoot /home/git/gitorious/public
ErrorLog /var/www/errorgit.log
CustomLog /var/www/accessgit.log combined
#customlog is good for awstats software
<Directory /home/git/gitorious/public>
AllowOverride all
Options -MultiViews
</Directory>
</VirtualHost>
LoadModule ssl_module modules/mod_ssl.so
Listen 443
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
SSLPassPhraseDialog builtin
SSLSessionCache shmcb:/var/cache/mod_ssl/scache(512000)
SSLSessionCacheTimeout 300
SSLMutex default
SSLRandomSeed startup file:/dev/urandom 256
SSLRandomSeed connect builtin
SSLCryptoDevice builtin
NameVirtualHost *:443
<VirtualHost *:443>
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/ca.crt
SSLCertificateKeyFile /etc/pki/tls/private/ca.key
SSLProtocol all -SSLv2
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
ServerName git.matthouse.us
ServerAdmin admin@matthouse.us
DocumentRoot /home/git/gitorious/public
ErrorLog /var/www/errorgit.log
CustomLog /var/www/accessgit.log combined
<Directory /home/git/gitorious/public>
AllowOverride all
Options -MultiViews
</Directory>
</VirtualHost>
At this point, test the Apache server configuration and start it. Then we will fix permissions once more.
service httpd configtest service httpd start #fix permissions again cd /home chmod 711 git chown -R git:git git
It’s now time to add a Gitorious user!
su git cd ~/gitorious env RAILS_ENV=production script/create_admin #sample Type in Administrator's e-mail: admin@matthouse.us Type in Administrator's password: <APASSWORD> Admin user created successfully. exit #exit back to root
Next, if you wish to disable most of the SSL links on your Gitorious install, do the following (I did this). In the install that I did, I enabled SSL so that for the few links that went to https sites, Gitorious would continue to work (with a few warnings of course because self-signed certificates aren’t trusted and I’m not paying for a trusted rapidssl certificate for how little I am going to use Gitorious myself).
UPDATE 6/8/11: The SSLRequirement directive is no longer required in production.rb (below). Instead, add “disable_ssl” OR “enable_ssl” as a line to the file /home/git/gitorious/config/gitorious.yml (as the git user).
#disable SSL links (for the most part su git vim ~/gitorious/config/environments/production.rb #add the following line somewhere in the file at the top: SslRequirement.disable_ssl_check = true exit #exit back to root
It’s now time to configure ultrasphinx. I believe that this is used mostly for indexing and searching the Gitorious site, but it could be used for other functionality too.
cd /home/git/gitorious
export RAILS_ENV=production
export PATH=/usr/local/sphinx/bin:$PATH
bundle exec rake ultrasphinx:configure RAILS_ENV=production
bundle exec rake ultrasphinx:index RAILS_ENV=production
bundle exec rake ultrasphinx:daemon:start RAILS_ENV=production
#the following command builds the sphinx dictionary. For me it seg faults, but gets rid of a pesky dictionary error.
cd /home/git/gitorious
aspell config dict-dir
/usr/lib64/aspell-0.60
cp vendor/plugins/ultrasphinx/examples/ap.multi /usr/lib64/aspell-0.60/
#the next command segfaults, but it makes an annoying error go away in a log
bundle exec rake ultrasphinx:spelling:build
#due to some deprecation in code, the following two changes need to happen:
vim /home/git/gitorious/config/ultrasphinx/production.conf
#change "address" to "listen" due to deprecation
listen = 0.0.0.0
#change memlimit from 256 to 64 to conserve memory
indexer {
mem_limit = 64M
#Finally, we need to make git-ultrasphinx a daemon.
ln -s /home/git/gitorious/doc/templates/centos/git-ultrasphinx /etc/init.d/git-ultrasphinx
chmod +x /etc/init.d/git-ultrasphinx
#make mysqld and httpd start automatically
chkconfig mysqld on
chkconfig httpd on
#a few bug fixes
ln -s /usr/local/bin/gitorious /usr/bin
#install imagemagick via yum
#yes, we compiled from source to get rid of an error… but gitorious will have other errors if we don’t
yum –y install ImageMagick
#One last time, I will fix the permissions
cd /home
chown -R git:git /home/git
cd /home/git
chmod -R 755 data
chmod 755 gitorious
We now need to install memcached for Gitorious. I originally thought this was strictly for performance, but Gitorious expects it to be installed. I use the remi repository for this since the other repositories have broken dependencies.
yum install -y --enablerepo=remi memcached service memcached start chkconfig memcached on
At this point, everything is almost configured fully. I don’t start the git daemons / services automatically with chkconfig because they won’t run at system startup (I don’t know why). Therefore, I created a special script and made that start automatically upon reboot using the cron daemon (using the @reboot option).
vim /root/startup.sh #!/bin/sh /etc/init.d/stomp start /etc/init.d/git-daemon start /etc/init.d/git-poller start /etc/init.d/git-ultrasphinx start
crontab –e #add the following to root’s crontab MAILTO="" @reboot /root/startup.sh
Next, we need to index the Gitorious site every hour.
su git crontab –e #add the following to git’s cron, which indexes the site every hour MAILTO="" * */1 * * * cd /home/git/gitorious && /opt/ruby/bin/rake ultrasphinx:index RAILS_ENV=production exit #exit to root
Finally, reboot the VPS. With any luck, everything will work once its rebooted. I went to the site and tested the following functionality:
The above is all I required of Gitorious. Unfortunately, the included tests did not successfully complete for me due to the memory restrictions, but I saw several errors. I don’t think the tests would fully pass, but the basic functionality that I need is present and that is what matters. Below is what you can do (as root) to run the tests for yourself.
cd /home/git/gitorious bundle exec rake test
With the above said, I then went ahead and configured a simple firewall to protect the Gitorious machine. Below was the procedure for that.
vim /etc/firewall.sh #!/bin/bash # My system IP/set ip address of server SERVER_IP="205.234.203.115" # Flushing all rules iptables -F iptables -X # Setting default filter policy service iptables restart iptables -F iptables -P INPUT DROP iptables -P OUTPUT ACCEPT iptables -P FORWARD ACCEPT #allowed inbound #ssh iptables -A INPUT -p tcp -s 0/0 -d $SERVER_IP --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A INPUT -p tcp -s 0/0 -d $SERVER_IP --dport 80 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A INPUT -p tcp -s 0/0 -d $SERVER_IP --dport 443 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A INPUT -p tcp -s 0/0 -d $SERVER_IP --dport 9418 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT #allow ping iptables -A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT iptables -A INPUT -j DROP
Next, we need to add the firewall to system startup.
chmod +x /etc/firewall.sh crontab –e #add the following at the bottom @reboot /etc/firewall.sh
The (relatively simple) firewall is now configured to allow incoming pings to the server, SSH access, HTTP access, and GIT access using the git protocol. If you have issues like I did with an unknown error, your VPS provider will have to enable the connection tracking feature of IPTables for you, otherwise committing to a gitorious repository will not work.
I also configured sendmail to send mail from this machine appropriately. Below is a simple procedure for this. You could get a lot more in depth, but it isn’t necessary. Note that using this method, all mail will be sent from user@string.matthouse.us in my case (since this is the machine hostname).
vim /etc/mail/local-host-names #add local hosts as appropriate localhost string.matthouse.us git.matthouse.us vim /root/.forward #add your email address to the first line admin@matthouse.us service sendmail restart
With that, the Gitorious install is officially Installed. I will not continue onto the ActiveMQ installation as mentioned above, this is only required if you chose to use ActiveMQ as a broker instead of Stomp.
Below is the ActiveMQ installation procedure (as written in my internal documentation) for your enjoyment. I will not explain this, but I thought it would be appropriate to include it since I originally followed it to a dead end! This is strictly not required for the above installation and will do nothing to help you if you’re getting errors above (while using stomp as I did).
wget http://apache.spd.co.il/activemq/apache-activemq/5.5.0/apache-activemq-5.5.0-bin.tar.gz
tar xzvf apache-activemq-5.5.0-bin.tar.gz
mv apache-activemq-5.5.0 /usr/local/apache-activemq5.50
cd /usr/local
ln -s apache-activemq5.50 apache-activemq
cd ~
adduser activemq
chown -R activemq /usr/local/apache-activemq/data
cd /usr/local/apache-activemq5.50/
vim bin/activemq
#change comments to:
ACTIVEMQ_SUNJMX_START="$ACTIVEMQ_SUNJMX_START -Dcom.sun.management.jmxremote.ssl=false"
#ACTIVEMQ_SUNJMX_START="$ACTIVEMQ_SUNJMX_START -Dcom.sun.management.jmxremote"
vim /usr/local/apache-activemq/bin/activemq-admin
find: ACTIVEMQ_OPTS="-Xmx512M -Dorg.apache.activemq.UseDedicatedTaskRunner=true -Djava.util.logging.config.file=logging.properties"
replace: ACTIVEMQ_OPTS="-Xmx64M -Dorg.apache.activemq.UseDedicatedTaskRunner=true -Djava.util.logging.config.file=logging.properties"
vim activemqstart.sh
#!/bin/bash
export JAVA_HOME=/usr/lib/jvm/jre
export _JAVA_OPTIONS=-Xmx64m
/usr/local/apache-activemq/bin/activemq-admin start &
vim activemqstop.sh
#!/bin/bash
export JAVA_HOME=/usr/lib/jvm/jre
export _JAVA_OPTIONS=-Xmx64m
/usr/local/apache-activemq/bin/activemq-admin stop
chmod +x activemqstart.sh
chmod +x activemqstop.sh
cd /etc/init.d
vim activemq
#!/bin/bash
#
# activemq Starts ActiveMQ.
#
#
# chkconfig: 345 88 12
# description: ActiveMQ is a JMS Messaging Queue Server.
### BEGIN INIT INFO
# Provides: $activemq
### END INIT INFO
# Source function library.
. /etc/init.d/functions
export _JAVA_OPTIONS=-Xmx64m
[ -f /usr/local/apache-activemq/activemqstart.sh ] || exit 0
[ -f /usr/local/apache-activemq/activemqstop.sh ] || exit 0
RETVAL=0
umask 077
start() {
echo -n $"Starting ActiveMQ: "
daemon /usr/local/apache-activemq/activemqstart.sh
echo
return $RETVAL
}
stop() {
echo -n $"Shutting down ActiveMQ: "
daemon su -c /usr/local/apache-activemq/activemqstop.sh activemq
echo
return $RETVAL
}
restart() {
stop
start
}
case "$1" in
start)
start
;;
stop)
stop
;;
restart|reload)
restart
;;
*)
echo $"Usage: $0 {start|stop|restart}"
exit 1
esac
exit $?
#run these commands
chmod +x activemq
chkconfig activemq on
Whew, this is the longest blog I’ve ever written! That just goes to show the complexity of Gitorious, not to mention the administrative overhead of maintaining Ruby and Imagemagick, possible even ActiveMQ (since they were installed from source). This blog post is in no way shape or form a complete guide to getting Gitorious installed and functional, but it will help get you most of the way there. Because of the complexity of this software, I will likely not be of much help for any problems that I might be asked to help resolve. As a disclaimer, use the information in this blog post at your own risk, I’m not responsible for the loss of any data, time or profits that you might incur from following this guide.
As always, thanks for reading!
Special thanks to Marius Mathiesen for comments about inaccuracies in this tutorial. Information is up to date as of 6/8/2011.
Tags: CentOS, gitorious, install, openvz, vps, Xen
Posted in Hosting / Server Administration, My Site, Programming, Technology
Hopefully, the thousands of dollars I’ll be throwing at college will allow me to one day understand all of this.
hey , it’s not that complicated , I remember doing this when I was 15 ( I used to play with roots and mIRc Bots and channels ) . It’s a simple linux OS , and those are some elementary command that you use , just like in MS-Dos ( windows )
Thanks for sharing, this is a fantastic article.Really looking forward to read more. Really Great….
Hey, great walkthrough, thank you very much!
I had a few edits along the way (which I’m more than happy to share), but pretty much everything worked out in the end except for the /root/startup.sh script.
As it stands, on reboot, only stomp starts correctly. git-daemon and git-poller can be started manually on the command line with the same commands as in /root/startup.sh, but git-ultrasphinx fails:
# /etc/init.d/git-ultrasphinx start
rake aborted!
You have already activated rake 0.9.2, but your Gemfile requires rake 0.8.7. Consider using bundle exec.
(See full trace by running task with –trace)
[...] Ridiculously long set of instructions on how to get Gitorious running on CentOS 5.6 64-bit. The vast majority of these instructions are copied from http://famousphil.com/blog/2011/06/installing-gitorious-on-centos-5-6-x64/ [...]
I had issues with those services not starting, which is why I had to use that startup script. Most of those issues are caused by the lack of available memory. Ultrasphinx is mostly for searching from what I remember, so that probably isn’t a vital service.
If you want to save yourself the hassle, install indefero, I use that now and its simple to install and maintain
Thanks Phil, great article.
I just want to confirm that I was able to follow this article step by step to install gitorious on RHEL6, with some minor changes.
Thanks!
I am facing problems in installing gitorious. I am unable to install ultrasphinx. When I try this “service stomp start” command it throws “Starting stompserver:Failure” message. Also the command “Starting poller:FAILURE”could not succeed. The path “PATH=/usr/local/sphinx/bin:$PATH” we are going to set for sphinx, but there is no dir. called sphinx. sphinx is not installed properly. Due to stomp server not running it shows “connect failed: Connection refused – connect(2) will retry in 5″ when I try to create projects. On browser window it shows “Mysql::Error: Lock wait timeout exceeded;”
How to install sphinx properly for gitorious?
How to start the stomp server?
steps to reproduce are: I followed the above given steps for installing gitorious. most of them worked, but could not start stomp server.
I am using passenger+nginx and ree on fedora12.
Please reply.
Thanks
–Nagaraj
Thanks, took a while but eventually got there.
Had to replace:
LogFormat “%h %l %u %t “%r” %>s %b “%{Referer}i” “%{User-Agent}i”" combined
LogFormat “%h %l %u %t “%r” %>s %b” common
with:
LogFormat “%h %l %u %t \”%r\” %>s %b \”%{Referer}i\” \”%{User-Agent}i\”" combined
LogFormat “%h %l %u %t \”%r\” %>s %b” common
Just escaping some of the stuff, for those that will get some error about LogFormat takes 1-2 arguments… from httpd
Had to also change the security context
by running:
chcon –reference=/usr/sbin/httpd /opt/ruby/lib/ruby/gems/1.8/gems/passenger-3.0.8/ext/apache2/mod_passenger.so
That’s about all the issues that i remember, the rest was made a pure breeze by Phil’s guide
Sorry for the lag in reply. I believe your issues are related to an invalid MySQL installation. I know that if you use REMI’s MySQL on a 64 bit CentOS install, MySQL will not run. I’m not sure if there is a bug fix for that yet.
pluginuri CS…
FamousPhil.com Admin Blog and More :: Installing Gitorious on CentOS 5.6 x64…
Hi,
Thanks for the post, installation went great. I was wondering though if there’s any possibilities to install in with a postgresql server instead of mysql. I know it is possible, but you have to install gems and configure rails for it, which I’m not that much used to
Thanks
Perhaps try something like gem install postrgre-sql or something… I didn’t look it up, but I’d imagine that is how you install the gems. With something like Gitorious though, you have to use the databases that they support since sql server connectivity varies from server to server and typically different code is required for different types of servers. In addition, sometimes SQL varies from server to server (not so much basic SQL, but the more advanced SQL statements).
i noticed i had to
cp config/gitorious.sample.yml config/gitorious.yml
before i ran
bundle exec rake gems:install
if i never did that i would get the following:
[root@centvm64 gitorious]# bundle exec rake gems:install
(in /home/git/gitorious)
rake aborted!
No such file or directory – /home/git/gitorious/config/gitorious.yml
(See full trace by running task with –trace)
just thought you may want to know.
Thank you. I’m sure that by now, there are errors in the install process.
I cannot uninstall rake 0.9.2 and get anything to work. 0.8.7 is installed, but I get “Could not find rake-0.9.2 in any of the sources” when I run bundle exec rake db:setup. If I run bundle install then I get rake 0.9.2 back and then I get the error “rake aborted!
undefined method `length’ for #
Tasks: TOP => db:setup => db:schema:load => environment” from the same command.
Any ideas?
Okay, got over that hump by ignoring the “Update 6/8/11: When getting to the gem install portions, you probably only need to run the bundle commands, skipping the gem commands all together” statement and actually executing each of the statements in succession.
I ran the ‘bundle install’ command when instructed to do so, but now of course that’s presenting itself in another error …
When trying to start the git-daemon I receive:
Starting git-daemon: /opt/ruby-enterprise-1.8.7-2011.03/lib/ruby/gems/1.8/gems/bundler-1.0.18/lib/bundler/source.rb:571:in `load_spec_files’: https://github.com/roman/rots.git (at master) is not checked out. Please run `bundle install` (Bundler::GitError)
Running bundle install in the /home/git/gitorious directory results in a list of gems and “Your bundle is complete! Use `bundle show [gemname]` to see where a bundled gem is installed.”
The output of ‘gem environment’ is:
RubyGems Environment:
– RUBYGEMS VERSION: 1.5.2
– RUBY VERSION: 1.8.7 (2011-02-18 patchlevel 334) [x86_64-linux]
– INSTALLATION DIRECTORY: /opt/ruby-enterprise-1.8.7-2011.03/lib/ruby/gems/1.8
– RUBY EXECUTABLE: /opt/ruby-enterprise-1.8.7-2011.03/bin/ruby
– EXECUTABLE DIRECTORY: /opt/ruby-enterprise-1.8.7-2011.03/bin
– RUBYGEMS PLATFORMS:
– ruby
– x86_64-linux
– GEM PATHS:
– /opt/ruby-enterprise-1.8.7-2011.03/lib/ruby/gems/1.8
– /root/.gem/ruby/1.8
– GEM CONFIGURATION:
– :update_sources => true
– :verbose => true
– :benchmark => false
– :backtrace => false
– :bulk_threshold => 1000
– REMOTE SOURCES:
– http://rubygems.org/
Made it another step … from /home/git/gitorious I had to run the following commands:
bundle pack
bundle install –path vender/cache
Thanks for that last suggestion. Got me over the latest hurdle. Man, has it been process to get this thing up and running.
Today I installed Gitorious on CentOS6 and had several startup failures. I made the following changes and startup completes without the errors and all services started:
I removed startup.sh from the crontab list and called it in rc.local. The stompserver started up fine, so I removed it from startup.sh. Because they are in the startup.sh script I removed the symlinks to git-daemon and git-poller from rc3.d directory.
Hi again,
I’m currently in the process to test the new LDAP feature with gitorious. So, I’ve decided to reinstall a new one, but I’m actually faced to a problem I never had before. The installation process is almost done, but, I had some troubles configuring ultrasphinx. When I run this command, here’s the output :
[root@gitorious-ldap gitorious]# bundle exec rake ultrasphinx:index RAILS_ENV=production
(in /home/git/gitorious)
$ indexer –config ‘/home/git/gitorious/config/ultrasphinx/production.conf’ –all
sh: indexer: command not found
[root@gitorious-ldap gitorious]#
I really can’t figure out why it says that the indexer command ain’t found…Is it a package or gem I didn’t install?
It looks like your paths aren’t set up correctly…. try finding the indexer executable on your system. You may need to do /usr/bin/indexer (full path) to run it or some gem / package isn’t installed. I see that it is using the sh shell, so editing your /etc/bashrc file might also help add that path to the default path so that sh / bundle can find the indexer executable.
I see, actually, indexer ins’t installed on the system, that’s why I asked if it was part of a gem / package to install and since it wasn’t in yum’s repo, I guessed it was a gem. Is it?
Indexer is a gem, but it acts more like a system executable from what I recall. Also, never rely on yum because the Redhat repositories aren’t as comprehensive as they could be (compared to FreeBSD ports or Debian repositories), I tend to look at RPMs from online sources when I’m in doubt. I have seen paths fail with gem before, so its very possible that indexer was installed, just not added to a system PATH.
First just comment that who ever has done the tutorial did a very good job.
Second, I would like to add some information about some problems that came across during the installation/set up process and how I solve them.
- All the installation process has been done under CentOS 6 x86_64 – so some points are specific for this OS/architecture !!
* Installation el6 rpmforge packages instead of using the “el5″ ones described in the guide. Steps:
1. Download the rpmforge-release package. Choose one of the two links below, selecting to match your host’s architecture. If you are unsure of which one to use you can check your architecture with the command uname -i
– i686: > wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.i686.rpm
– x86_64: > wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm
2. Install DAG’s GPG key
> rpm –import http://apt.sw.be/RPM-GPG-KEY.dag.txt
3. If you get an error message like the following the key has already been imported:
error: http://apt.sw.be/RPM-GPG-KEY.dag.txt: key 1 import failed.
4. Verify the package you have downloaded
> rpm -K rpmforge-release-0.5.2-2.el6.rf.*.rpm
5. Install the package
> rpm -i rpmforge-release-0.5.2-2.el6.rf.*.rpm
* Download ImageMagick manually because the wget link was broken. Link: https://launchpad.net/imagemagick/main/6.7.0-2
* Install extra libraries if Nokogiri gem installation fails:
> sudo yum install -y gcc ruby-devel libxml2 libxml2-devel libxslt libxslt-devel
* > bundle exec rake gems:install -> No such file or directory – /home/git/gitorious/config/gitorious.yml
> cd /home/git/gitorious/config
> cp gitorious.sample.yml gitorious.yml
* Problems running “bundle exec rake gems:install” command:
a) If Password = No error -> config/database.yml // set password with the one created for Mysql
b) Create Gitorious DB:
> mysql -uroot –p’’
> create database gitorious;
create database gitorious_test;
create database gitorious_dev;
CREATE user ‘git’@'localhost’ IDENTIFIED BY ”;
GRANT ALL ON gitorious.* TO ‘git’@'localhost’;
GRANT ALL ON gitorious_test.* TO ‘git’@'localhost’;
GRANT ALL ON gitorious_dev.* TO ‘git’@'localhost’;
FLUSH privileges;
> exit;
* Starting stompserver:Failure
> gem install stompserver (from /home/git/gitorious dir)
* Problems starting httpd service. Modify the apache config file (httpd.conf):
> Comment the LoadModule’s that gives error
> Search for the “mod_passenger.so” library and change the path of it to the right one in the
a) LoadModule passenger_module
b) PassengerRoot
* Install aspell-0.60 if is missing:
> yum install aspell
Hope that will help someone in the future!
Thank you! I’m planning on redoing the installation in another month or two and re-writing this post.
Thanks for the write up. I went through the instructions and now I’m trying to log in with the admin user I created with “script/create_admin” and fails with this message in production.log
ActionController::InvalidAuthenticityToken (ActionController::InvalidAuthenticityToken):
vendor/rails/actionpack/lib/action_controller/request_forgery_protection.rb:79:in `verify_authenticity_token’
This is what I see on the page after login fails:
Sorry, something went wrong
Gitorious encountered an server error. We are automatically notified of errors and will look into it. If the error persists beyond what’s reasonable
I deleted the user and tried again to see if I was putting in the wrong password but it still failed to log the admin user in. Any ideas?
Thanks in advance.
Jay
Problem solved. Looks like I forgot to set the gitorious_client_host and gitorious_host in the gitorious.yml file. After doing this and restarting the service, I was able to login.
Hi Famous Phil, it is great to know that you are trying to keep this guide up to date. Thank you for that, is it possible to have a guide for centos 6 as well?
I will eventually, its on my todo list. Hopefully around April, I’ll have 6 hours to create a new guide.
Glad you solved the issue.
Hey Jay, I was getting the same error (ActionController::InvalidAuthenticityToken) and I see that yours went away by setting gitorious_client_host and gitorious_host in the config file. Mine are already set to the host name for all tree (development,test,production) and I’m still getting the same error.
Is anyone else seeing this?
I’ve been meaning to update this for a while, but I’m sure that most of what I did has changed significantly.
linux cp omitting directory…
[...]FamousPhil.com Admin Blog and More :: Installing Gitorious on CentOS 5.6 x64[...]…
Hi all,
someone did setup to gitorious with authentication ldap?
http://gitorious.org/gitorious/pages/LdapIntegration
I’m new to this and following these steps I could make my test successfully with ldap login:
#Bundle exec script/test_ldap_connection USER PASSWORD
All good, your credentials are correct
But I can not log into the website …..
I need more settings to log into the website using the credentials of ldap?
I’ve got all the steps down, but the website just shows the default apache welcome page… where is a log file I can check that would tell me what is wrong?
Hi All,
I have got to the following
cd /home/git/gitorious
bundle install
bundle exec rake gems:install
but get the error..
bundle install
Fetching gem metadata from http://rubygems.org/……
Fetching https://github.com/roman/rots.git
error: SSL certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed while accessing https://github.com/roman/rots.git/info/refs
fatal: HTTP request failed
Git error: command `git clone ‘https://github.com/roman/rots.git’ “/opt/ruby-enterprise-1.8.7-2011.03/lib/ruby/gems/1.8/cache/bundler/git/rots-89de66268344e64f1e3b64de0635f51e857c6bdb” –bare –no-hardlinks` in directory /home/git/gitorious has failed.
Any ideas appriciated. Permissions…? Hoepfully missed something obvious.
Thanks in advance
Errno::ETIMEDOUT (Connection timed out – connect(2)):
[...] = "ad"; document.write('[Log in to get rid of this advertisement]'); I followed the instructions here to set up Gitorious (uses Apache), and it seems to have caused a problem with how Apache is [...]
Thanks for the guide.
I found out that the problem with starting git-daemon and git-poller on startup is because mysql is not started yet. So a simple change in order (git-poller and git-daemon after mysqld) solved it.