|
a |
|
b/Allura/docs/scm_host.rst |
|
|
1 |
SCM (Git, Mercurial, Subversion) Hosting Installation
|
|
|
2 |
==========================================================
|
|
|
3 |
|
|
|
4 |
The following instructions assume you are using a version of Ubuntu Linux with
|
|
|
5 |
support for dchroot and debootstrap. We will use a chroot jail to allow users to
|
|
|
6 |
access their repositories via ssh.
|
|
|
7 |
|
|
|
8 |
Install a chroot environment
|
|
|
9 |
-------------------------------------------
|
|
|
10 |
|
|
|
11 |
These instructions are based on the documentation in `Debootstrap Chroot`_. and `OpenLDAPServer`_.
|
|
|
12 |
|
|
|
13 |
#. Install debootstrap schroot
|
|
|
14 |
|
|
|
15 |
#. Append the following text to the file /etc/schroot/schroot.conf::
|
|
|
16 |
|
|
|
17 |
[scm]
|
|
|
18 |
description=Ubuntu Chroot for SCM Hosting
|
|
|
19 |
type=directory
|
|
|
20 |
directory=/var/chroots/scm
|
|
|
21 |
script-config=scm/config
|
|
|
22 |
|
|
|
23 |
#. Create a directory /etc/schroot/scm and populate it with some files::
|
|
|
24 |
|
|
|
25 |
# mkdir /etc/schroot/scm
|
|
|
26 |
# cat > /etc/schroot/scm/config <<EOF
|
|
|
27 |
FSTAB="/etc/schroot/scm/fstab"
|
|
|
28 |
COPYFILES="/etc/schroot/scm/copyfiles"
|
|
|
29 |
NSSDATABASES="/etc/schroot/scm/nssdatabases"
|
|
|
30 |
EOF
|
|
|
31 |
# cat > /etc/schroot/scm/fstab <<EOF
|
|
|
32 |
/proc /proc none rw,rbind 0 0
|
|
|
33 |
/sys /sys none rw,rbind 0 0
|
|
|
34 |
/dev /dev none rw,rbind 0 0
|
|
|
35 |
/tmp /tmp none rw,bind 0 0
|
|
|
36 |
EOF
|
|
|
37 |
# cat > /etc/schroot/scm/copyfiles <<EOF
|
|
|
38 |
/etc/resolv.conf
|
|
|
39 |
EOF
|
|
|
40 |
# cat > /etc/schroot/scm/nssdatabases <<EOF
|
|
|
41 |
services
|
|
|
42 |
protocols
|
|
|
43 |
networks
|
|
|
44 |
hosts
|
|
|
45 |
EOF
|
|
|
46 |
|
|
|
47 |
#. Create a directory /var/chroots/scm and create the bootstrap environment. (You may substitute a mirror from the `ubuntu mirror list`_ for archive.ubuntu.com::
|
|
|
48 |
|
|
|
49 |
$ sudo mkdir -p /var/chroots/scm
|
|
|
50 |
$ sudo debootstrap --variant=buildd --arch amd64 --components=main,universe --include=git,mercurial,subversion,openssh-server,slapd,ldap-utils,ldap-auth-client,curl maverick /var/chroots/scm http://archive.ubuntu.com/ubuntu/
|
|
|
51 |
|
|
|
52 |
#. Test that the chroot is installed by entering it::
|
|
|
53 |
|
|
|
54 |
# schroot -c scm -u root
|
|
|
55 |
(scm) # logout
|
|
|
56 |
|
|
|
57 |
Configure OpenLDAP in the Chroot
|
|
|
58 |
--------------------------------------------------------------
|
|
|
59 |
|
|
|
60 |
#. Copy the ldap-setup script into the chroot environment
|
|
|
61 |
|
|
|
62 |
$ sudo cp Allura/ldap-setup.py Allura/ldap-userconfig.py /var/chroots/scm
|
|
|
63 |
$ sudo chmod +x /var/chroots/scm/ldap-*.py
|
|
|
64 |
|
|
|
65 |
#. Log in to the chroot environment:
|
|
|
66 |
|
|
|
67 |
# schroot -c scm -u root
|
|
|
68 |
|
|
|
69 |
#. Run the setup script, following the prompts.
|
|
|
70 |
|
|
|
71 |
(scm) # python /ldap-setup.py
|
|
|
72 |
|
|
|
73 |
In particular, you will need to anwer the following questions (substitute your custom suffix if you are not using dc=localdomain):
|
|
|
74 |
|
|
|
75 |
* Should debconf manage LDAP configuration? **yes**
|
|
|
76 |
* LDAP server Uniform Resource Identifier: **ldapi:///**
|
|
|
77 |
* Distinguished name of the search base: **dc=localdomain**
|
|
|
78 |
* LDAP version to use: **1** (version 3)
|
|
|
79 |
* Make local root Database admin: **yes**
|
|
|
80 |
* Does the LDAP database require login? **no**
|
|
|
81 |
* LDAP account for root: **cn=admin,dc=localdomain**
|
|
|
82 |
* LDAP root account password: *empty*
|
|
|
83 |
* Local crypt to use when changing passwords: **2** (crypt)
|
|
|
84 |
* PAM profiles to enable: **2**
|
|
|
85 |
|
|
|
86 |
Update the chroot ssh configuration
|
|
|
87 |
-------------------------------------------------
|
|
|
88 |
|
|
|
89 |
* Update the file /var/chroot/scm/etc/ssh/sshd_config, changing the port directive::
|
|
|
90 |
|
|
|
91 |
# Port 22
|
|
|
92 |
Port 8022
|
|
|
93 |
|
|
|
94 |
Setup the Custom FUSE Driver
|
|
|
95 |
-------------------------------------
|
|
|
96 |
|
|
|
97 |
#. Copy the accessfs script into the chroot environment
|
|
|
98 |
|
|
|
99 |
$ sudo cp fuse/accessfs.py /var/chroots/scm
|
|
|
100 |
|
|
|
101 |
#. Configure allura to point to the chrooted scm environment
|
|
|
102 |
|
|
|
103 |
$ sudo ln -s /var/chroots/scm /git
|
|
|
104 |
$ sudo ln -s /var/chroots/scm /hg
|
|
|
105 |
$ sudo ln -s /var/chroots/scm /svn
|
|
|
106 |
|
|
|
107 |
#. Log in to the chroot environment & install packages:
|
|
|
108 |
|
|
|
109 |
# schroot -c scm -u root
|
|
|
110 |
(scm) # apt-get install python-fuse
|
|
|
111 |
|
|
|
112 |
#. Create the SCM directories
|
|
|
113 |
|
|
|
114 |
(scm) # mkdir /scm /scm-repo
|
|
|
115 |
|
|
|
116 |
#. Mount the FUSE filesystem
|
|
|
117 |
|
|
|
118 |
(scm) # python /accessfs.py /scm-repo -o allow_other -s -o root=/scm
|
|
|
119 |
|
|
|
120 |
#. Start the SSH daemon
|
|
|
121 |
|
|
|
122 |
(scm) # /etc/init.d/ssh start
|
|
|
123 |
|
|
|
124 |
Configure Allura to Use the LDAP Server
|
|
|
125 |
------------------------------------------------
|
|
|
126 |
|
|
|
127 |
Set the following values in your .ini file:
|
|
|
128 |
|
|
|
129 |
auth.method = ldap
|
|
|
130 |
|
|
|
131 |
auth.ldap.server = ldap://localhost
|
|
|
132 |
auth.ldap.suffix = ou=people,dc=localdomain
|
|
|
133 |
auth.ldap.admin_dn = cn=admin,dc=localdomain
|
|
|
134 |
auth.ldap.admin_password = secret
|
|
|
135 |
|
|
|
136 |
.. _Debootstrap Chroot: https://help.ubuntu.com/community/DebootstrapChroot
|
|
|
137 |
.. _OpenLDAPServer: https://help.ubuntu.com/10.10/serverguide/C/openldap-server.html
|
|
|
138 |
.. _ubuntu mirror list: https://launchpad.net/ubuntu/+archivemirrors
|