User:Techtonik

From DreamHost

Jump to: navigation, search

Drafts

Contents

Installing latest Trac from SVN into ~/installed directory with Python 2.3.5 

# Installing virtual Python
wget http://peak.telecommunity.com/dist/virtual-python.py
python virtual-python.py --prefix=~/installed
rm virtual-python.py
# Installing setuptools prerequisite
wget http://peak.telecommunity.com/dist/ez_setup.py
~/inst/bin/python ez_setup.py
rm ez_setup.py
# Installing Genshi template engine
~/inst/bin/easy_install Genshi
# Getting Trac
mkdir temptrac; cd temptrac
svn checkout http://svn.edgewall.org/repos/trac/trunk
cd trunk; python setup.py install
cd ../..
rm -rf temptrac
# package installed

Setup trac server and environment to store settings and data 

# installing new sqlite as DH one contains some sensitive bugs
wget http://www.sqlite.org/sqlite-3.3.13.tar.gz
tar xzvf sqlite-3.3.13.tar.gz
cd sqlite-3.3.13
# set temp path to avoid compiling sqlite3 binary against old library
export LD_LIBRARY_PATH=/home/rainforce/installed/lib    
./configure --prefix=$HOME/installed --enable-threadsafe
make
make install
sqlite3 -version
3.3.13

# installing pysqlite linked against 3.3.13
? virtual python security

Installing Subversion bindings for Python (Trac requirements)

Trac can operate without repository, but it loses a lot of charm without it. To access repositories Trac needs binding - Subversion bindings in me case to be precise. A pity, but newer Python 2.4.x preinstalled on Dreamhost (instead of default 2.3.x) doesn't include these, that I've noticed only after virtual python upgrade for bzr. To get python bindings back in place I've recompiled Subversion, installed it with the libraries, then compiled bindings from the same source, installed them as well and then added a path pointing to bindings to Python site-packages directory. Translated into shell language with ~/inst path as prefix it looks like the following manuscript. 

mkdir svntmp; cd svntmp                                                                         
wget http://subversion.tigris.org/downloads/subversion-1.5.0.tar.bz2                            
wget http://subversion.tigris.org/downloads/subversion-deps-1.5.0.tar.bz2                       
tar xjf subversion-1.5.0.tar.bz2                                                                
tar xjf subversion-deps-1.5.0.tar.bz2                                                           
cd subversion-1.5.0                                                                             
./configure --prefix=~/inst PYTHON=~/inst/bin/python                          
make                                                                                            
make install                                                                                    
make swig-py                                                                                    
make check-swig-py                                                                              
make install-swig-py                                                                            
less subversion/bindings/swig/INSTALL                                                           
for python2.4                                                                                   
echo ~/inst/lib/svn-python > ~/inst/lib/python2.4/site-packages/subversion.pth

Setup CVS for multiple developers from one SSH account

You will need to substitute your username instead of rainforce below.

  1. export CVSROOT=/home/rainforce/repository
  2. vim .bash_profile
  3. Add the same export CVSROOT=/home/rainforce/repository to .bash_profile
  4. And umask=007 there for security reasons
  5. cvs init
  6. chmod -R 770 /home/rainforce/repository
  7. Generate your SSH key and paste public part of it into .ssh/authorized_keys2
  8. Prepend your key with forced command to test it works i.e. command="/bin/echo Sorry, buddy, but youve been terminated!" ssh-rsa AAAA...
  9. Try to login with your new key - you should be disconnected with note mentioned above
  10. Login normally and change command in your .ssh/authorized_keys2 to no-pty,command="/usr/bin/cvs --allow-root=/home/rainforce/repository server" ssh-rsa AAAA...

This would be fine if only "cvs server" understand "--allow-root" command. Although instructions on this page http://ioctl.org/unix/cvs/server contain the same technique I've made some experiments and was not able to restrict "cvs init" with only one cvsroot equal to --allow-root=/home/rainforce/repository. See http://savannah.nongnu.org/bugs/?func=detailitem&item_id=14900 and http://lists.nongnu.org/archive/html/bug-cvs/2005-11/msg00000.html (update: recent comments show that the issue has been fixed and fix will be available in version 1.12.14 of CVS, so the plan is to wait for 1.12.14 to appear in public and on lucas server)


Helpful links:

Setup Subversion access for multiple developers through one SSH account

These quick instruction covers several aspects of multiuser development with Subversion. Setup SVN+SSH on server side. Use one SSH for multiple users. Use of PuTTY client to securely connect to SVN.

Starting with key:

  1. Generate a key using puttygen.exe - save private key separately and copy "Public key for pasting into OpenSSH authorized_keys file" into .ssh/authorized_keys on your hosting account (/home/rainforce_www/.ssh/authorized_keys in my case). authorized_keys should look like 
    2. ssh-rsa AAAAB3Nza.................................................. rsa-key-20061217
  2. Now your key need to be enhanced with command to be automatically launched when the key is used for authentication. This allows you to specify repository location and user name to be used to work with it. After modification your authorized_keys line should look like this (it is actually one line split in two for convenience) 
    3. command="/usr/bin/svnserve -t --tunnel-user techtonik -r /home/rainforce_www/svn", no-port-
forwarding, no-agent-forwarding,no-X11-forwarding,no-pty ssh-rsa AAAAB3Nza... rsa-key-20061217

    First parameter /usr/bin/svnserve - is obvious - the name of program to handle SVN requests on server side, -t key tells it that it is executed in tunnel mode (i.e. through SSH), --tunnel-user techtonik specifies name that should be used in svn logs when accessing the repository with this key and finally -r is used to point where repository is located.

    Note that the user name in this case can be just anything - SSH tells SVN this name and that the name was already authenticated so there is no need to annoy that person. SVN lazily believes that do not bothering itself with checks if the name is present in access lists or not (whatever they are). As for comma separated parameters - they turn off all "extra" OpenSSH abilities that are not needed for SVN access to reduce security risks.

    Now when you've setup SSH access from server-side, let's tune PuTTY and SVN cooperation on client machine.

  3. To link PuTTY and SVN on client machine, open your SVN config directory - something like C:\Documents and Settings\techtonik\Application Data\Subversion and inside config file uncomment and edit ssh string to look like 
    4. ssh = C:\\Tools\\PuTTY\\plink.exe -load

    SVN is ready.

  4. Setup PuTTY session to connect to your repository. To know how to do this - replace "session" with "profile" in previous sentence and read this paragraph.
  5. Now if you were careful enough to remember your session name (mine is rainforce, you can issue:
    6. svn list svn+ssh://rainforce/svn/

    Enjoy. To add more users just add more strings to authorized_users file.


The list of software that helped a lot

http://www.farmanger.com/ Far. File and archive manger (not open source)
http://apserver.sourceforge.net/ NTLM Authorization Proxy Server (Python, GPL)
diff -u3prNw origsrc newsrc

Retrieved from "http://wiki.dreamhost.com/User:Techtonik"
Personal tools