Nov 13 2010
Setting Up An Apache2/SVN/Trac Development Setup On An Ubuntu (or Ubuntu derived) System
In His Name, the Most High
When you do small bits of software development (or even larger projects), or if you have important documents that you would like stored and version, it’s always useful to have a version control system. This short guide has four sections:
- Installing Subversion
- Creating Your First Subversion repository
- Installing and Securing the Apache2 Webserver
- Installing and Configuring Trac
This guide assumes you have a working and clean Ubuntu derived operating system already installed – be it on a physical or virtual machine.
So without further ado, let’s get right into installing Subversion on your Ubuntu derived system:
Installing Subversion
Type the following into a shell window:
1: $ sudo apt-get update2: $ sudo apt-get install subversion
Once these two commands have completed execution, you will have installed subversion, and now we must configure subversion and set up the initial repository.
Creating Your First Subversion Repository
Now that we have our Subversion server installed, we must now create a repository where our files will be stored and versioned. For the purpose of this document, we will assume that the subversion repository will be located at /var/svn/repos.
In order to create the repository type the following commands into a shell window:
1: $ cd /var2: $ sudo mkdir svn3: $ sudo svnadmin create /var/svn/repos
Now the repository is created we should control who has access to the repository. To do this we will add a user who will own the repository files. In Ubuntu and derived Linux distributions (and also in many other Linux distributions) creating a user also adds a group of the same name.
We will now create a user (and by implication a group) named svn. You can do this by typing in the following commands into a shell window:
1: $ sudo adduser svn
You will be asked a number of questions, you can simply accept the default values for them. Also be sure to give this user an obscure password – and no you don’t need to worry about remembering it – in fact the more complicated the better!! We will not be using this user to login, but merely as an owner for the subversion repositories. In fact we will now edit the /etc/passwd file and change the user’s shell from /bin/bash to /bin/false to prevent this user logging into the console.
Edit the file /etc/passwd by typing the following into a shell window:
1: $ sudo nano -w /etc/passwd
Once the file has opened, simply scroll to the bottom of the file, and find the entry that looks something like:
svn:x:1001:1001:,,,:/home/svn:/bin/bash
The line will not neccessarily be identical to what I have put in the example above, but similar, and if you are following the instructions in succession, and are the only user logged into the machine you’re working on, it will be the last line in your /etc/passwd file. Simply change the value at the end which reads /bin/bash to read /bin/false. Once you have completed your edits the line should look something like this:
svn:x:1001:1001:,,,:/home/svn:/bin/false
You can now close nano by pressing Control and X at the same time, and replying yes to the question about saving the file, and pressing enter.
Now, we must change the ownership of the repository files to the svn user and the svn group. To do that, type the following command into a shell window:
1: $ sudo chown -R svn.svn /var/svn
Now, in order for a user to be permitted to use the subversion repository, they must be added to the svn group. In order to accomplish this, we must edit two files (on most Ubuntu based systems and most other distribution based systems there are two group files one which is /etc/group and the other which is the shadow group file located at /etc/gshadow. For consistency both files should be edited as follows. First we’ll edit the /etc/group file. To open the file in your chosen editor (we will use nano but you can use any you prefer) by typing in the following into a shell window:
1: $ sudo nano -w /etc/group
Again, scroll the bottom of the file (if you’re following this guide sequentially and are the only person using the computer) and find an entry that looks similar to at shown below:
svn:x:1001:
Now, you need to add your user account – in my case it’s sh – as a member of that group, so edit the line so it looks similar to this:
svn:x:1001:sh
If you want to add more than one user, you can do so by comma separating them, so for example if you wanted to add user sh and fsh for example, the line would look similar to this:
svn:x:1001:sh,fsh
Now, you need to edit the shadow groups file /etc/gshadow for consistency, the format of the file will be almost identical, so you can use the instructions above, replacing /etc/group with /etc/gshadow. If you have problems just contact me and I’ll try to help.
Now you have a rudimentary Subversion setup, but it’s still difficult to access from another machine, so let’s make that easier by getting Apache2 installed, and it’s Subversion extension.
Installing and Securing the Apache2 Webserver
Since subversion also supports the WebDAV protocol, we can use the excellent open source Web Server Apache2 to provide this. I am assuming that you don’t have Apache already installed, but if you don’t worry, the apt installer knows not to re-install stuff that is already installed. So, to install Apache (if required), and the WebDAV extension for subversion type the following into a shell window:
1: $ sudo apt-get install apache2 libapache2-svn
Once the installation has completed, we need to edit some files and point them to our subversion repository location.
We will now edit the default configuration file that is created with the installation of the WebDAV Apache2 extension, open the file in your preferred editor – we will use nano but you can use whichever you prefer with the following command:
1: $ sudo nano -w /etc/apache2/mods-enabled/dav_svn.conf
Once you have the file open, you will need to ensure that you edit the file to look as follows. I will paste the complete file contents here, and then explain certain key areas:
# dav_svn.conf - Example Subversion/Apache configuration # # For details and further options see the Apache user manual and # the Subversion book. # # NOTE: for a setup with multiple vhosts, you will want to do this # configuration in /etc/apache2/sites-available/*, not here. # <Location URL> ... </Location> # URL controls how the repository appears to the outside world. # In this example clients access the repository as http://hostname/svn/ # Note, a literal /svn should NOT exist in your document root. <Location /svn> # Uncomment this to enable the repository DAV svn # Set this to the path to your repository SVNPath /var/svn/repos # Alternatively, use SVNParentPath if you have multiple repositories under # under a single directory (/var/lib/svn/repo1, /var/lib/svn/repo2, ...). # You need either SVNPath and SVNParentPath, but not both. #SVNParentPath /var/lib/svn # Access control is done at 3 levels: (1) Apache authentication, via # any of several methods. A "Basic Auth" section is commented out # below. (2) Apache <Limit> and <LimitExcept>, also commented out # below. (3) mod_authz_svn is a svn-specific authorization module # which offers fine-grained read/write access control for paths # within a repository. (The first two layers are coarse-grained; you # can only enable/disable access to an entire repository.) Note that # mod_authz_svn is noticeably slower than the other two layers, so if # you don't need the fine-grained control, don't configure it. # Basic Authentication is repository-wide. It is not secure unless # you are using https. See the 'htpasswd' command to create and # manage the password file - and the documentation for the # 'auth_basic' and 'authn_file' modules, which you will need for this # (enable them with 'a2enmod'). AuthType Basic AuthName "Subversion Repository" AuthUserFile /etc/apache2/dav_svn.passwd # To enable authorization via mod_authz_svn #AuthzSVNAccessFile /etc/apache2/dav_svn.authz # The following three lines allow anonymous read, but make # committers authenticate themselves. It requires the 'authz_user' # module (enable it with 'a2enmod'). #<LimitExcept GET PROPFIND OPTIONS REPORT> Require valid-user #</LimitExcept> </Location>
The lines that are important are the ones that start with SVNPath or SVNParentPath. If you have multiple repositories under the /var/svn/ path – or intend to have multiple repositories, say for example – /var/svn/repo01, /var/svn/repo02 and so on, then you can use the SVNParentPath. If like me, you only use one repository edit the SVNPath element to show your subversion repository we created earlier at the path /var/svn/repos.
You also now need to make sure you have a section to ensure that the /svn path is password protected. You can do this by uncommenting the lines outlined in the segment below:
AuthType Basic AuthName "Subversion Repository" AuthUserFile /etc/apache2/dav_svn.passwd # To enable authorization via mod_authz_svn #AuthzSVNAccessFile /etc/apache2/dav_svn.authz # The following three lines allow anonymous read, but make # committers authenticate themselves. It requires the 'authz_user' # module (enable it with 'a2enmod'). #<LimitExcept GET PROPFIND OPTIONS REPORT> Require valid-user #</LimitExcept>
Now you will notice there is a section that is still commented that starts and ends with <LimitExcept> … </LimitExcept> – if you want to allow anonymous users to have read only access to your repository, then uncomment the two lines marked above starting with <LimitExcept>…</LimitExcept> – and you will have provided anonymous read only access to your repository (or repositories if you are using the SVNParentPath.
You will also notice the AuthzSVNAccessFile if you want to use the LimitExcept directive, so we will briefly discuss and go through configuring that. Also, if you are going to use the AuthzSVNAccessFile be sure to uncomment it.
You will need to create an authorization file by typing the following command into a shell window:
1: $ sudo nano –w /etc/apache2/dav_svn.authz
Now we have a repository – as created above – called repos and we will give the user sh full read and write access to that repository by typing the following into the file we’ve just created:
[repos:/] sh = rw
Once you have completed this – be sure to replace repos and sh, with values that correspond to your own configuration – save the file and exit the editor by pressing Control and X, and answering yes and pressing enter (if you are using nano).
You will have noticed that you uncommented or added a line that looked similar to:
AuthUserFile /etc/apache2/dav_svn.passwd
We now have to create this file and add the first user – we can do this with the following command, so type the following into a shell window, replacing sh with your chosen username:
1: $ sudo htpasswd -c /etc/apache2/dav_svn.passwd sh
This will prompt you for a password, type in your chosen password and confirm it, and your user is created.
You are now ready to restart your Apache2 webserver and test your repository from a web browser.
To restart your Apache2 webserver type the following into a shell window:
1: $ sudo /etc/init.d/apache2 restart
Now you can open a web browser, and type in the following address – let us assume the IP Address of your SVN Server is 192.168.14.94 – then you would type the following into a web browser:
http://192.168.14.94/svn
And you should see a result similar to that shown in the screenshot below asking for your username and password:
At this point, enter your username and password, and press enter and you will be shown a page similar to the one below:
There you have it – your subversion repository is now ready for use. Congratulations 
Installing and Configuring Trac
Now we’ll move onto installing Trac. Trac can be described as follows:
Trac is an enhanced wiki and issue tracking system for software development projects. Trac uses a minimalistic approach to web-based software project management. Our mission is to help developers write great software while staying out of the way. Trac should impose as little as possible on a team’s established development process and policies.
It provides an interface to Subversion (or other version control systems), an integrated Wiki and convenient reporting facilities.
You can get more information about what Trac is at their web site located at http://trac.edgewall.org/.
To install Trac, type the following command into a shell window:
1: $ sudo apt-get install trac python-setuptools libapache2-mod-python enscript
Once that has completed, you need to set up a Trac project connected to your Subversion repository, to do that, you will need to first create the Trac folder in your webroot area (normally /var/www) and then tell the trac-admin program to create an initial environment for you, we will cover both these steps in some depth:
FIrst let’s create the Trac directory:
1: $ sudo mkdir /var/www/trac
Now you need to run the trac-admin program, and this will as you a series of questions, the most important of which is where is our Subversion repository, be sure to give the path you created your subversion repository in correctly, for the sake of this example, our path is /var/svn/repos – we will also create our trac environment in the folder /var/www/trac/repos to ensure consistency and ease of understanding.
So now let’s type the trac-admin command line into a shell window as follows:
1: $ sudo trac-admin /var/www/trac/repos initenv
You will be asked a number of questions, including the name of your project, and what database would you like to use for trac, and the location of your subversion repository. You can keep the default answers for all of them except for the location of your subversion repository – you must provide the correct path to your subversion repository as defined in the previous steps of this howto/tutorial.
Once the trac-admin has completed, your initial Trac environment is ready, and all we now need to do is secure it so that there is no anonymous access – we also need to change the permissions of the /var/ww/trac folder to be owned by the user that runs the web server – in Ubuntu this is www-data in order distrubutions it can be apache or nobody – since we are working within an Ubuntu environment, we will be using www-data.
So first we need to give the www-data user ownership of the /var/www/trac folder, to do so, type the following into a shell window:
1: $ sudo chown -R www-data.svn /var/www/trac
Now we need to edit some configuration files to let the Apache2 Webserver know where our track installation is and who to allow it access to. To do this we will create a new file in /etc/apache2/conf.d named trac.conf this file will contain all the information Apache requires to make the trac environment available to the appropriate users correctly, and will also ensure our settings remain nice and organised.
So firstly, we will create the file, todo this type the following into a shell window (replacing nano with your preferred editor as required):
1: $ sudo nano -w /etc/apache2/conf.d/trac.conf
In the trac.conf file type the following, making changes to the items in bold as required (if you’re using the settings given by this tutorial, you need not make any changes):
<LocationMatch /trac/[^/]+/login> AuthType Basic AuthName "Trac for Subversion Repository" AuthUserFile /etc/apache2/dav_svn.passwd Require valid-user </LocationMatch> <Location /trac> SetHandler mod_python PythonInterpreter main_interpreter PythonHandler trac.web.modpython_frontend PythonOption TracEnvParentDir /var/www/trac PythonOption TracUriRoot /trac </Location>
Be sure to make the changes carefully, so that your installation works first time.
Once you have made the changes, you will have to restart the Apache2 webserver for it to pick up the new configuration, do this by typing the following into a shell window:
1: $ sudo /etc/init.d/apache2 restart
Once Apache2 has restarted, you can point your browser to your server with /trac and you will see trac appear in it’s full glory for you. In our case the server has an address of 192.168.14.94, so the address we will put in our browser will be as follows:
http://192.168.14.94/trac
You will then see the following on the page:
Since I had called my Trac Project as Various Projects you can see that in there, but you can create multiple repositories and multiple trac instances using the instructions above. For now, when we click on our project link, you will see a page similar to the one below:
And there you have it. Trac is now fully installed. Sure, you will need to do some minor tweaks – like getting your logo where there is a broken image, but that is outside the scope of this howto.
That’s this tutorial completed. I will be doing another tutorial shortly, which explains howto backup a subversion repository, and restore it into a fresh subversion build (like the one we have here), so that you can get yourself working fast after any disaster, so stay tuned for that.
If you found this tutorial useful, make a comment or drop me a line.
That’s all for now.
Warm Regards,
Shabbir
Thanks so much for this tutorial!!! I got it svn and apache working, but I am having trouble with trac. I am getting a 500 internal server error with it….do you have any ideas?
Here is my “tail -f /var/log/apache2/error.log”. I used all the same settings as you in this tutorial:
[Sun Nov 21 16:22:04 2010] [error] [client 71.11.217.11] File “/usr/lib/python2.6/dist-packages/mod_python/importer.py”, line 1229, in _process_target\n result = _execute_target(config, req, object, arg)
[Sun Nov 21 16:22:04 2010] [error] [client 71.11.217.11] File “/usr/lib/python2.6/dist-packages/mod_python/importer.py”, line 1128, in _execute_target\n result = object(arg)
[Sun Nov 21 16:22:04 2010] [error] [client 71.11.217.11] File “/usr/local/lib/python2.6/dist-packages/trac/web/modpython_frontend.py”, line 87, in handler\n gateway.run(dispatch_request)
[Sun Nov 21 16:22:04 2010] [error] [client 71.11.217.11] File “/usr/local/lib/python2.6/dist-packages/trac/web/wsgi.py”, line 87, in run\n response = application(self.environ, self._start_response)
[Sun Nov 21 16:22:04 2010] [error] [client 71.11.217.11] File “/usr/local/lib/python2.6/dist-packages/trac/web/main.py”, line 363, in dispatch_request\n env_paths)
[Sun Nov 21 16:22:04 2010] [error] [client 71.11.217.11] File “/usr/local/lib/python2.6/dist-packages/trac/web/main.py”, line 486, in send_project_index\n req.display(template)
[Sun Nov 21 16:22:04 2010] [error] [client 71.11.217.11] File “/usr/local/lib/python2.6/dist-packages/trac/web/api.py”, line 358, in display\n data = self.hdf.render(template, form_token)
[Sun Nov 21 16:22:04 2010] [error] [client 71.11.217.11] File “/usr/local/lib/python2.6/dist-packages/trac/web/clearsilver.py”, line 290, in render\n template.parseFile(filename)
[Sun Nov 21 16:22:04 2010] [error] [client 71.11.217.11] Error: Traceback (innermost last):\n File “csparse.c”, line 422, in cs_parse_file()\n File “neo_hdf.c”, line 1818, in hdf_search_path()\nNotFoundError: Path index.cs not found\n
[Sun Nov 21 16:22:05 2010] [error] [client 71.11.217.11] File does not exist: /var/www/favicon.ico
Any help?
Hi Chris,
I can’t think of anything of the top of my head, I’m assuming you’re using Ubuntu, and a similar configuration to that described in the HowTo?
It looks to me like perhaps your Python installation is not complete, perhaps you have some libraries missing for Python?
I’ll do some more research and get back to you -- if you find a solution in the meantime please do share it.
Thanks,
Warm Regards
Shabbir
Hey!
I gave up for a while (4 months apparently). I came back to it and I managed to succeed (granted, I have a billion times the knowledge of linux now than I did then). The problem was the lack of “python-mysqldb” being installed (for mysql support, obviously).
You definitely have the best tutorial for installation here! Please never take it down (its in my bookmarks)!
Haha, I really appreciate it. Thanks so much!
~Chris
Hi Chris,
Congrats
I shall do my utmost to keep this online as long as I can 
Glad I could help,
Warm Regards,
Shabbir