Proceed below at your own risk. This is the PHP4-based EvolvisForge 4.5 (even pre-4.8, so dated about 2007).
The GForge base system will be installed on a debian etch linux. Before you can start installing the GForge packages install postgresql, the apache2 webserver with php4, subversion, proftpd, postfix and mailman. You need the following debian packages:
postgresql-8.1 apache2 libapache2-mod-php4 php4-pgsql subversion proftpd postfix mailman
The evolvis GForge code can be found in the SCM Repository (not yet but soon ;) ).
Building the debian packages
The debian packages have to be built from the files of the SCM. You must install the following debian packages to create your own packages:
binutils gcc libc6-dev libg++ make fakeroot cpp cpio file debmake debhelper dpkg-dev devscripts patch debian-policy developers-reference dpatch sharutils docbook-to-man
First check out the files:
The code for the svn plugin is here:
svn checkout svn://svn.evolvis.org/svnroot/evolvis/trunk/gforge_base/gforge_plugins/gforge-plugin-scmsvn
Then build the debian packages in the checked out directories. The debian/rules file controles the building of the packages. Enter the gforge and afterwards the gforge-plugin-scmsvn folder and start the build process with:
The created packages will be saved in the parent folder.
Installing the debian packages
Be aware that the debian packages will configure your GForge system automatically. The entries of the /etc/hosts file will be used to set the proper IP adresses and hostnames to the GForge config files. Be sure that there is listed your right IP adress (like 126.96.36.199 gforge.domain.abc gforge). Changing this values afterwards will be much more work. Install the the created GForge packages with dpkg.
dpkg -i gforge_<version>.deb ...
with all gforge packages
gforge gforge-ftp-proftpd gforge-lists-mailman gforge-mta-postfix gforge-shell-postgresql gforge-common gforge-web-apache gforge-db-postgresql gforge-plugin-scmsvn
More detailed configuration
For more detailed installation instructions take a look at the GForge doku
Configure your postgresql DBMS to listen on port 5432 and the correct IP adress. Edit your postgresql.conf file and add the correct values, e.g.:
listen_addresses = 'localhost , 10.10.10.10' port = 5432
Then you have to allow local access for the gforge user to the gforge database. Open the pg.hba.conf and add the following line:
host gforge gforge 127.0.0.1/32 trust
The gforge-db-postgresql package will initialize the required schema. This package will be installed later.
The gforge-web-apache package will configure the /etc/apache2/conf.d/gforge.httpd.conf file. Most of the settings will fit GForges needs.
Certificate for ssl connections
Here you can find a Howto that explains how to create certificates for apache. Before you start, install the required packages:
Then create a Certificate for ssl connections:
make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /etc/apache2/ssl/apache.pem
Afterwards edit the gforge.httpd.conf file and add the path to your certificate in all mod_ssl sections. E.g.:
<IfModule mod_ssl.c> SSLEngine on SSLCertificateFile /etc/apache2/ssl/apache.pem SSLCertificateKeyFile /etc/apache2/ssl/apache.pem </IfModule>
Be sure in /etc/apache2/ports.conf you listen on port 80 and 443 for SSL:
Listen 80 Listen 443
Virtual host configuration
There are serveral virtual hosts preconfigured:
- <your hostname>
- Alias: www.<your hostname>
- Port 80, SSL: Port 443
- SCM host
- local: /usr/share/gforge/scm
- SCM HTTP vhost
- scm.<your hostname>
- Port 80, SSL: Port 443
- Download host
- download.<your hostname>
- Port 80
- List host
- lists.<your hostname>
- Port 80, SSL: Port 443
Adjust them to your needs.
For the GForge base system php version 4 is mandatory. The following directives are required by GForge:
register_globals = On magic_quotes_gpc = On file_uploads = On include_path=".:/var/www/gforge:/var/www/gforge/www/include:/etc/gforge"
They shoud be set automatically by the debian packages in the gforge.httpd.conf file. Alternatively you can set them in the php.ini.
The installation of postfix with apt will remove exim and all related packages on a standard debian system. GForge uses the pgsql dictionary to access the postgresql Database. This dictionary is provided by the postfix-pgsql package. The /etc/postfix/dynamicmaps.cf tells postfix which dictionarys are available. For the pgsql dictionary the should be a line like this:
#type location of .so file open function (mkmap func) #==== ================================ ============= ============ pgsql /usr/lib/postfix/dict_pgsql.so dict_pgsql_open
In the /etc/postfix/main.cf configuration file all required parameters are defined to access the database. The gforge-mta-postfix package inserts the parameters for pgsql_gforge_lists:
pgsql_gforge_lists_hosts = 127.0.0.1 pgsql_gforge_lists_user = gforge_mta pgsql_gforge_lists_password = pgsql_gforge_lists_dbname = gforge pgsql_gforge_lists_domain = lists.<your_hostname> pgsql_gforge_lists_select_field = post_address pgsql_gforge_lists_table = mta_lists pgsql_gforge_lists_where_field = list_name
The corresponding parameters for pgsql_gforge_users should be added as well.
Also configure the subdomains lists, gforge and users as local destinations in the main.cf file.
mydestination = users.<your_hostname>, lists.<your_hostname>, gforge.<your_hostname>
Mailing list (mailman)
All users of the GForge system are saved in the postgresql database. User which are members of a project must be able to check file into the subversion repository via svn+ssh. To get ssh access the GForge users must be mapped to OS users. This is done with nsswitch and pam.
Read the user management with postgresql (in german) howto to get more information.
To use svn+ssh you need to install the package cvs or create a file in /etc/pam.d/cvs, which content:
@include common-auth @include common-account
svn via ssh
The anonsvnsh shell can be used to restrict the the system accounts to svn use only. anonsvnsh is a modified anoncvs for subversion. Checkout the required files from the repository:
To compile the shell properly bmake is required. After installing bmake, a simple execution of bmake in the anonsvnsh directory will compile the shell. Afterwards install it to /lib/anonsvnsh.
The local GForge admin can define different shells for each user. Choose the /bin/bash or a equivalent shell to grant full ssh access or /lib/anonsvnsh for svn only access. You have to add it to the /etc/shells file to use the shell. Gforge makes these shells listed in /etc/shells accessable for the users in the GForge settings.
svn via webdav
WebDAV can be used to access the svn contents. The write mechanism of WebDAV is the interesting part, because a read-only-access could be manged by a simple apache site. The WebDAV configuration in apache is a little tricky, especially when you want german umlauts aso. to be viewed correctly from Windows, Linux and the filesystem.
On Ubuntu Hardy this works right out of the Box with the following HowTo (Debian and others often have still some umlaut-Issues).
In apache2 the needed dav_fs-, the dav-mod and the headers-mod is installed by default on "Debian flavoured"-systems. We also need the encoding-mod:
apt-get install libapache2-mod-encoding
Now we need to add some lines to the apache2.conf. This can be done on the end right before the two "includes".
BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully BrowserMatch "^WebDrive" redirect-carefully BrowserMatch "^gnome-vfs" redirect-carefully BrowserMatch "^WebDAVFS/1." redirect-carefully BrowserMatch "Microsoft-WebDAV-MiniRedir/5.1.2600" redirect-carefully BrowserMatch "^WebDAVFS" redirect-carefully <IfModule mod_encoding.c> EncodingEngine on NormalizeUsername on </IfModule> <IfModule mod_headers.c> Header add MS-Author-Via "DAV" </IfModule>
Now enable the needed apache-mods
a2enmod dav_fs a2enmod headers a2enmod encoding
Next step is to configure a Location directive in the gforge-httpd.conf The following is
<Location /svnroot/> DAV svn # Directory with all SVN-projects SVNParentPath /svnroot/ # Show all SVN projects SVNListParentPath On SVNAutoVersioning On # We want crypted access SSLRequireSSL AuthType basic AuthName "Subversion User Authentication" AuthBasicAuthoritative Off # Authentication is done by gforge using pam AuthPAM_Enabled On Require valid-user # Following is needed for SVN to function correctly ErrorDocument 404 default php_flag engine off </Location>
Now, when you restart apache
everything shoud be working fine...
HTTP authentication login via PAM
If you want to protect your sites (evolvis main page, wiki, mailman-lists) avoiding any access you can create a simple Basic-Auth-Rule. Install libapache2-mod-auth-pam and add in /etc/apache2/conf.d/gforge.httpd.conf at the top
<Directory /> ## PAM Auth AuthType basic AuthName "Login" AuthPAM_Enabled on AuthBasicAuthoritative off Require valid-user Options FollowSymLinks AllowOverride None </Directory>
Now you can login with your evolvis-login.
The svn access should work out of the box. But to use this (short) syntax
svn checkout svn+ssh://firstname.lastname@example.org/svnroot/reponame
svn checkout svn+ssh://email@example.com/var/lib/gforge/chroot/svnroot/reponame
you have to set a soft link in the root-directory:
ln -s /var/lib/gforge/chroot/svnroot/ /svnroot
To use public-key-authentication with svn, instead of passwords, see PublicKeySVN.
Here you can find a summary of each Cronjob with time specification.
Update php4 to php5
working on it - yet no changes needed
http://php.net/manual/de/migration5.php http://www.php.net/manual/de/migration51.php http://www.php.net/manual/de/migration52.php http://blog.tcg.com/tcg/2008/04/gforge-4511-wor.html http://ingenico.com.br/download/cd-gforge/php5/