# HowTo - Install and Confgure Trac w/ Auth & SVN

## euphorium

I wrote this guide even though there is one on gentoo-wiki because the one there is very cryptic. I was needing something straight forward and explained what was happening. I couldn't find anything like that, so I wrote this guide while I installed so I could get the maximum amount of information. This guide is written to make Trac run in a CGI or FastCGI environment with Authentication. Please refer to the installation guide for trac for other methods of installation. It is also assuming that you have apache installed and functional already. We run our trac server under its own domain name so this guide will be written to that extent. This is the first HowTo Guide I have written. Please comment on any changes or even improvements you may see.

Install Trac

Install trac and all its dependencies.

```
emerge trac -av
```

Once everything compiled and installed successfully, lets check apache.

```
 /etc/init.d/apache2 restart
```

Install Trac Interface

Now lets install the templates, styles, and images for trac. The following command will install trac under the root directory of the specific host and place the trac.cgi script in your specified CGI directory.

```
 webapp-config -I -h <hostname> -d / trac <version>
```

Create Repositories

Create SVN Repository

Now lets create the svn repository that will be used by the Trac project. I will call the project "projectA".

```
 mkdir /www/svn

 mkdir /www/svn/projectA

 svnadmin create /www/svn/projectA
```

Create Trac Repository 

Now that we have our svn repository, lets create our Trac project. Like our svn repository, I will call the project "projectA".

```
 mkdir /www/trac

 mkdir /www/trac/projectA

 trac-admin /www/trac/projectA initenv

// Trac-admin will ask you five questions:

 Creating a new Trac environment at <project path>

 

 Trac will first ask a few questions about your environment

 in order to initialize and prepare the project database.

 

  Please enter the name of your project.

  This name will be used in page titles and descriptions.

 

 Project Name [My Project]> 

 

  Please specify the connection string for the database to use.

  By default, a local SQLite database is created in the environment

  directory. It is also possible to use an already existing

  PostgreSQL database (check the Trac documentation for the exact

  connection string syntax).

 

 Database connection string [sqlite:db/trac.db]>

 

  Please specify the type of version control system,

  By default, it will be svn.

 

  If you don't want to use Trac with version control integration,

  choose the default here and don't specify a repository directory.

  in the next question.

 

 Repository type [svn]>

 

  Please specify the absolute path to the version control

  repository, or leave it blank to use Trac without a repository.

  You can also set the repository location later.

 

 Path to repository [/path/to/repos]> 

 

  Please enter location of Trac page templates.

  Default is the location of the site-wide templates installed with Trac.

 

 Templates directory [/usr/share/trac/templates]>

 

 Creating and Initializing Project

 <Spits out a lot of paths installed to>

 

 ---------------------------------------------------------------------

 Project environment for 'projectA' created.

```

 Editing Files 

Editing trac.ini 

Now we edit /www/trac/portaldb/conf/trac.ini

I will add explanations of what each section means and each items function at a later date.

```
# -*- coding: utf-8 -*-

[attachment]

max_size = 262144

render_unsafe_content = false

[browser]

downloadable_paths = /trunk, /branches/*, /tags/*

hide_properties = svk:merge

render_unsafe_content = false

[changeset]

max_diff_bytes = 10000000

max_diff_files = 0

wiki_format_messages = true

[header_logo]

alt =

height = -1

link = http://example.com

src = common/trac_banner.png

width = -1

[logging]

log_file = trac.log

log_level = DEBUG 

log_type = none

[mimeviewer]

enscript_modes = text/x-dylan:dylan:4

enscript_path = enscript

max_preview_size = 262144

mime_map = text/x-dylan:dylan,text/x-idl:ice,text/x-ada:ads:adb

php_path = php

silvercity_modes =

tab_width = 8 

[notification]

always_notify_owner = false

always_notify_reporter = false

always_notify_updater = true

mime_encoding = base64

smtp_always_bcc =

smtp_always_cc =

smtp_default_domain =

smtp_enabled = false

smtp_from = trac@localhost

smtp_password =

smtp_port = 25

smtp_replyto = trac@localhost

smtp_server = localhost

smtp_subject_prefix = __default__

smtp_user =

use_public_cc = false

use_short_addr = false

use_tls = false 

[project]

descr = site desc

footer = Visit the Trac open source project at

<a href="http://trac.edgewa$

icon = common/trac.ico

name = sitename

url = http://example.com 

[search]

min_query_length = 3 

[ticket]

default_component =

default_milestone =

default_priority = major

default_type = defect

default_version =

restrict_owner = false 

[timeline]

changeset_long_messages = false

changeset_show_files = 0

default_daysback = 30

ticket_show_details = false 

[trac]

authz_file =

authz_module_name =

base_url =

check_auth_ip = true

database = sqlite:db/trac.db

default_charset = iso-8859-15

default_handler = WikiModule

htdocs_location =

ignore_auth_case = false

mainnav = wiki,timeline,roadmap,browser,tickets,newticket,search

metanav = login,logout,settings,help,about

permission_store = DefaultPermissionStore

repository_dir = /www/svn/projectA

repository_type = svn

# request_filters = <set in global trac.ini>

# templates_dir = <set in global trac.ini>

timeout = 20

[wiki]

ignore_missing_pages = false

split_page_names = false
```

Editing tracd 

Now we edit /etc/conf.d/tracd

```
# The commented variables in this file are the defaults that are used

# in the init-script.  You don't need to uncomment them except to

# customize them to different values.

# Port for tracd

TRACD_PORT="8000" 

# Options for tracd

#TRACD_OPTS="--env-parent-dir /var/lib/trac/"

# User and group as which to run tracd

#TRACD_USER="tracd"

#TRACD_GROUP="tracd"
```

Take Ownership 

Make sure that apache is the only user allowed to access the trac and svn folders.

```
 chmod -R 755 /www/svn /www/trac

 chown -R apache:apache /www/svn /www/trac
```

Editing vhost.conf 

Our server runs multiple websites so our vhost is broken down into many host config files since each site has it's own measures of security, due to the different natures of content provided. Now add the following in: /etc/apache2/vhosts/trac.conf

```
#ProjectA

# Trac Directory

<Location /projectA>

      SetEnv TRAC_ENV "/www/trac/projectA"

</Location>

# Login Directory and Authentication Methods

<Location /projectA/login>

AuthType Basic

AuthName "This site requires authentication."

AuthDigestFile /www/trac/projectA/digest

Require user euphorium xadin

</Location>

ScriptAlias /www/trac/projectA "/www/trac/projectA/cgi-bin/trac.cgi"
```

Create an Authenticated User 

We'll create an authenticated user to log into Trac and the svn repository if you enabled it. Then we'll finish up by changing the permissions & ownership of the main svn repository and Trac project directories.

Create a Password Digest 

```
 htdigest2 -c /www/trac/projectA/digest <sitename> <username>

 Adding user <username> in realm <sitename>

 New password: <password>

 Re-type new password: <password>
```

NOTE: Do not add -c when adding users. (-c) will overwrite your existing file if used. Only used for creating password digests.

Restrict Permissions to the digest. 

```
 chown apache:apache /www/trac/projectA/digest

 chmod 640 /www/trac/projectA/digest
```

Restart apache

```
 /etc/init.d/apache restart
```

Start Trac as a Daemon 

I have found this is the easiest way to get the auth modules working properly.

```
 tracd -p 8000 --auth projectA,/www/trac/projectA/digest,<sitename> /www/trac/projectA -d
```

Explained:

tracd -p <port> --auth <Project>,<path to digest file>,<sitename> <path to project> -d ( -d puts tracd in a daemon. Remove the -d while testing)

Of course, the digest file can be be shared so that it is used for more than one project:

```
 $ tracd -p 8000 \

   --auth=project1,/path/to/users.htdigest,mycompany.com \

   --auth=project2,/path/to/users.htdigest,mycompany.com \

   /path/to/project1 /path/to/project2
```

Another way to share the digest file is to specify "*" for the project name:

```

 $ tracd -p 8000 \

   --auth=*,/path/to/users.htdigest,mycompany.com \

   /path/to/project1 /path/to/project2
```

Adding SVN

To create a SubVersion project at /var/svn/project, issue these commands to get SVN up and running:

```
  $ mkdir /var/svn

  $ mkdir /var/svn/project

  $ mkdir /tmp/project

  $ mkdir /tmp/project/branches

  $ mkdir /tmp/project/tags

  $ mkdir /tmp/project/trunk

  $ svnadmin create /var/svn/project

  $ svn import /tmp/project file:///var/svn/project -m "initial import"

  $ rm -rf /tmp/project
```

Fix permissions to the repository:

```
  $ find /var/svn/project -type f -exec chmod 660 {} \;

  $ find /var/svn/project -type d -exec chmod 2770 {} \;

  $ chown -R root.www-data /var/svn/project
```

Check your work

Then point your browser to http://localhost:8000/projectA.

There you can also browse the documentation for your installed

version of Trac, including information on further setup (such as

deploying Trac to a real web server).

The latest documentation can also always be found on the project

website:

http://trac.edgewall.org/

Congratulations!

References 

http://httpd.apache.org/docs/1.3/howto/auth.html#basicfaq

http://trac.edgewall.org/wiki/TracGuide

----------

## rivetwa

I'm trying to get trac running myself now and am confused here...

When tracd is started, doesn't it server port 8000, not Apache? In what is described above, is Apache really invovled in serving the track pages via port 8000? (I got tracd-served trac up in a snap...it's configuring to run through Apache that I'm snagged on...though I see hope at the tac project pages  :Smile:  )

----------

