[03b9fa]: Allura / docs / scm_host.rst History

Parent: [131348] (diff)

Child: [ddf08c] (diff)

Download this file

scm_host.rst    139 lines (96 with data), 4.5 kB

SCM (Git, Mercurial, Subversion) Hosting Installation

The following instructions assume you are using a version of Ubuntu Linux with support for schroot and debootstrap. We will use a chroot jail to allow users to access their repositories via ssh.

Install a chroot environment

These instructions are based on the documentation in Debootstrap Chroot. and OpenLDAPServer.

  1. Install debootstrap schroot

  2. Append the following text to the file /etc/schroot/schroot.conf:

    [scm]
description=Ubuntu Chroot for SCM Hosting
type=directory
directory=/var/chroots/scm
script-config=scm/config

  3. Create a directory /etc/schroot/scm and populate it with some files:

    # mkdir /etc/schroot/scm
# cat > /etc/schroot/scm/config <<EOF
FSTAB="/etc/schroot/scm/fstab"
COPYFILES="/etc/schroot/scm/copyfiles"
NSSDATABASES="/etc/schroot/scm/nssdatabases"
EOF
# cat > /etc/schroot/scm/fstab <<EOF
/proc               /proc           none    rw,rbind        0       0
/sys                /sys            none    rw,rbind        0       0
/dev            /dev            none    rw,rbind        0       0
/tmp                /tmp            none    rw,bind         0       0
EOF
# cat > /etc/schroot/scm/copyfiles <<EOF
/etc/resolv.conf
EOF
# cat > /etc/schroot/scm/nssdatabases <<EOF
services
protocols
networks
hosts
EOF

  4. Create a directory /var/chroots/scm and create the bootstrap environment. (You may substitute a mirror from the ubuntu mirror list for archive.ubuntu.com:

    $ sudo mkdir -p /var/chroots/scm
$ sudo debootstrap --variant=buildd --arch amd64 --components=main,universe --include=git,mercurial,subversion,openssh-server,slapd,ldap-utils,ldap-auth-client,curl maverick /var/chroots/scm http://archive.ubuntu.com/ubuntu/

  5. Test that the chroot is installed by entering it:

    # schroot -c scm -u root
(scm) # logout

Configure OpenLDAP in the Chroot

  1. Copy the ldap-setup script into the chroot environment

    $ sudo cp Allura/ldap-setup.py Allura/ldap-userconfig.py /var/chroots/scm $ sudo chmod +x /var/chroots/scm/ldap-*.py

  2. Log in to the chroot environment:

    # schroot -c scm -u root

  3. Run the setup script, following the prompts.

    (scm) # python /ldap-setup.py

In particular, you will need to anwer the following questions (substitute your custom suffix if you are not using dc=localdomain):

  • Should debconf manage LDAP configuration? yes
  • LDAP server Uniform Resource Identifier: ldapi:///
  • Distinguished name of the search base: dc=localdomain
  • LDAP version to use: 1 (version 3)
  • Make local root Database admin: yes
  • Does the LDAP database require login? no
  • LDAP account for root: cn=admin,dc=localdomain
  • LDAP root account password: empty
  • Local crypt to use when changing passwords: 2 (crypt)
  • PAM profiles to enable: 2

Update the chroot ssh configuration

  • Update the file /var/chroot/scm/etc/ssh/sshd_config, changing the port directive:

    # Port 22
Port 8022

Setup the Custom FUSE Driver

  1. Copy the accessfs script into the chroot environment

    $ sudo cp fuse/accessfs.py /var/chroots/scm

  2. Configure allura to point to the chrooted scm environment

    $ sudo ln -s /var/chroots/scm /git $ sudo ln -s /var/chroots/scm /hg $ sudo ln -s /var/chroots/scm /svn

  3. Log in to the chroot environment & install packages:

    # schroot -c scm -u root (scm) # apt-get install python-fuse

  4. Create the SCM directories

    (scm) # mkdir /scm /scm-repo

  5. Mount the FUSE filesystem

    (scm) # python /accessfs.py /scm-repo -o allow_other -s -o root=/scm

  6. Start the SSH daemon

    (scm) # /etc/init.d/ssh start

Configure Allura to Use the LDAP Server

Set the following values in your .ini file:

auth.method = ldap

auth.ldap.server = ldap://localhost auth.ldap.suffix = ou=people,dc=localdomain auth.ldap.admin_dn = cn=admin,dc=localdomain auth.ldap.admin_password = secret