REDMINE/SVN安装、配置、集成和应用(一)
REDMINE/SVN安装、配置和集成
REDMINE和SVN的安装都很熟悉了,这主要介绍的是配置和集成。
1、安装企业内部 CA根证书
2、Redmine 安装和配置
3、SVN 安装和配置
4、Redmine/SVN 集成配置
5、自动创建SVN代码库并链接到Redmine
安装企业内部 CA根证书
系统平台:Ubuntu 18.04LTS headless服务器
所有通信采用SSL加密,证书由企业内部CA发放的,所以必须将该CA的证书安装在服务器上。
主机名为:scm.lswin.cn,CA根证书:LSWIN-ROOT-CA.crt
将内部CA根证书放在/usr/share/ca-certificates
目录下,是否放在子目录下/哪个子目录下任选,我们把它放在子目录lswin
下。
root@scm:~# mkdir /usr/share/ca-certificates/lswin
root@scm:~#
root@scm:~#
root@scm:~# mv LSWIN-ROOT-CA.crt /usr/share/ca-certificates/lswin/
root@scm:~#
root@scm:~#
root@scm:~# dpkg-reconfigure ca-certificates
Updating certificates in /etc/ssl/certs...
1 added, 0 removed; done.
Processing triggers for ca-certificates (20180409) ...
Updating certificates in /etc/ssl/certs...
0 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d...
done.
root@scm:~#
内部根证书必须安装,否则某些SSL加密工具不能正常工作!
Redmine 安装和配置
1. 安装支持软件包:
所需支持软件包
apache2
libapache2-mod-passenger
mariadb-server
mariadb-client
build-essential
ruby2.5-dev
libssl-dev
libmysqlclient-dev
安装支持软件包
aaa@qq.com:~# apt install apache2 libapache2-mod-passenger mariadb-server mariadb-client build-essential ruby2.5-dev libssl-dev libmysqlclient-dev
Reading package lists... Done
......
......
Need to get 77.2 MB of archives.
After this operation, 426 MB of additional disk space will be used.
Do you want to continue? [Y/n]
2. 安装 Redmine 和 Redmine初始数据库
aaa@qq.com:~# apt install redmine redmine-mysql
Reading package lists... Done
......
......
After this operation, 143 MB of additional disk space will be used.
Do you want to continue? [Y/n]
我们使用的是MarisDB,因此安装redmine-mysql。
在初始化数据库过程中,将设置数据库类型、Redmine数据库用户的口令等。
如需支持图形格式转换,需安装下列二个软件包:
imagemagick 和 libmagickwand-dev
3. 更新 RubyGems
Redmine是Ruby
应用,强力建议在配置前先更新Ruby/Gem。
- 更新GEM系统
aaa@qq.com:~# gem update --system
........
........
RubyGems installed the following executables:
/usr/bin/gem2.5
/usr/bin/bundle2.5
Ruby Interactive (ri) documentation was installed. ri is kind of like man
pages for Ruby libraries. You may access it like this:
ri Classname
ri Classname.class_method
ri Classname#instance_method
If you do not wish to install this documentation in the future, use the
--no-document flag, or set it as the default in your ~/.gemrc file. See
'gem help env' for details.
RubyGems system software updated
- 更新Gem库:
root@scm:~# gem update
Updating installed gems
......
......
Gems updated: actionmailer actionpack actionview activejob activesupport erubi rack rails-dom-testing actionpack-xml_parser method_source railties activemodel activerecord arel atomic bigdecimal binding_of_caller builder byebug coffee-rails coffee-script-source crass csv debug_inspector did_you_mean etc eventmachine execjs ffi fileutils globalid hike htmlentities i18n jbuilder jquery-rails mail mini_mime mime-types-data mimemagic minitest molinillo multi_json mysql2 connection_pool net-http-persistent mini_portile2 nokogiri oj openssl pkg-config polyglot power_assert protected_attributes public_suffix rack-test actioncable activestorage marcel nio4r rails websocket-driver websocket-extensions rails-observers rb-inotify rbpdf rbpdf-font rdoc request_store roadie roadie-rails rb-fsevent sass sass-listen sass-rails spring sprockets sprockets-rails test-unit thor tilt treetop turbolinks turbolinks-source uglifier bindex web-console
root@scm:~#
Ruby/Gem的更新可能会化较长的时间,请耐心等待。
- 安装 bundler 和 activeresource 包
root@scm:~# gem install bundler activeresource
Fetching: bundler-1.16.2.gem (100%)
Successfully installed bundler-1.16.2
Parsing documentation for bundler-1.16.2
Done installing documentation for bundler after 2 seconds
Fetching: activemodel-serializers-xml-1.0.2.gem (100%)
Successfully installed activemodel-serializers-xml-1.0.2
Fetching: activeresource-5.0.0.gem (100%)
Successfully installed activeresource-5.0.0
Parsing documentation for activemodel-serializers-xml-1.0.2
Installing ri documentation for activemodel-serializers-xml-1.0.2
Parsing documentation for activeresource-5.0.0
Installing ri documentation for activeresource-5.0.0
Done installing documentation for activemodel-serializers-xml, activeresource after 0 seconds
3 gems installed
root@scm:~#
4. 为Redmine配置Apache2
在 /etc/apache2/mods-available/passenger.conf 中,添加:
PassengerDefaultUser www-data
PassengerRuby /usr/bin/ruby
passenger.conf 文件看起来像:
<IfModule mod_passenger.c>
PassengerRoot /usr/lib/ruby/vendor_ruby/phusion_passenger/locations.ini
PassengerDefaultRuby /usr/bin/ruby
PassengerDefaultUser www-data
PassengerRuby /usr/bin/ruby
</IfModule>
建立/usr/share/redmine/Gemfile.lock文件,并使www-data拥有这个文件。
root@scm:~#
root@scm:~# touch /usr/share/redmine/Gemfile.lock
root@scm:~# chown www-data. /usr/share/redmine/Gemfile.lock
root@scm:~#
链接/usr/share/redmine/public
到 /var/www/html
目录下:
root@scm:~# ln -s /usr/share/redmine/public /var/www/html/redmine
root@scm:~#
将下列内容添加到/etc/apache2/sites-available/000-default.conf
:
# Redirect all HTTP requests to HTTPS
RewriteEngine On
RewriteCond %{HTTPS} !on
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
所有HTTP请求,将被重定向到HTTPS请求。
修改/etc/apache2/sites-available/default-ssl.conf
:
添加:
# Let Apache2 know about redmine
<Directory /var/www/html/redmine>
RailsBaseURI /redmine
PassengerResolveSymlinksInDocumentRoot on
</Directory>
# Redirect "/" and "/redmine" to "/redmine/login" page
RewriteEngine on
RewriteRule ^/$ /redmine/login [R=301,L]
RewriteRule ^/redmine$ /redmine/login [R=301,L]
修改:
SSLCertificateFile /etc/ssl/local/certs/cn.lswin.scm.crt
SSLCertificateKeyFile /etc/ssl/local/private/cn.lswin.scm.key
这是Apache2使用的证书和key文件。
最后启用Apache2的HTTPS服务和SSL/REWRITE模块,并重启:
root@scm:/etc/ssl/local/certs# a2ensite default-ssl.conf
Enabling site default-ssl.
To activate the new configuration, you need to run:
systemctl reload apache2
root@scm:/etc/ssl/local/certs# a2enmod ssl
Considering dependency setenvif for ssl:
Module setenvif already enabled
Considering dependency mime for ssl:
Module mime already enabled
Considering dependency socache_shmcb for ssl:
Enabling module socache_shmcb.
Enabling module ssl.
See /usr/share/doc/apache2/README.Debian.gz on how to configure SSL and create self-signed certificates.
To activate the new configuration, you need to run:
systemctl restart apache2
root@scm:/etc/ssl/local/certs# a2enmod rewrite
Enabling module rewrite.
To activate the new configuration, you need to run:
systemctl restart apache2
root@scm:/etc/ssl/local/certs# systemctl restart apache2
root@scm:/etc/ssl/local/certs#
Redmine已安装完成。
5. Redmine 基本配置
-
设置中文显示:
【administration】->【Settings】->【Display】
【Default language】:在下拉菜单中选择Simplified Chinese(简体中文)
【Force default language for anonymous users】:勾选
【Force default language for logged-in users】:勾选
其他可根据需求设置。 -
设置基本项:
【管理】->【设置】->【一般】
【应用程序标题】:给系统起个名 -LSWIN LTD项目及版本控制系统
(您的系统名)
【主机名称】:主机名scm.lswin.cn
(您的主机名)
【协议】:在下拉菜单中选择HTTPS
取消自行注册/启用必须认证功能:
【管理】->【设置】->【认证】
【要求认证】:勾选
【允许自注册】:在下拉菜单中选择禁用
-
SMTP发送邮件服务器配置:
复制 /usr/share/redmine/config/configuration.yml.example
aaa@qq.com: cp /usr/share/redmine/config/configuration.yml.example /etc/redmine/default/configuration.yml
编辑完成后,重启Apache2(systemctl restart apache2)在
configuration.yml
文件中的default:
下,加下列内容:
email_delivery:
# 使用阿里的企业邮箱,通过admin@lswin.cn账户发送邮件
delivery_method: :smtp
smtp_settings:
enable_starttls_auto: true
address: "smtp.mxhichina.com"
port: 465
ssl: true
domain: "lswin.cn" # 企业域名
authentication: :plain
user_name: "aaa@qq.com" # 用户名
password: "admin_email_passwd" # 口令
- 配置邮件通知:
【管理】->【设置】->【邮件通知】
只需要修改【邮件发件人地址】,一般选用系统管理员的邮箱地址,如aaa@qq.com
。其他可保持默认。
Subversion安装和配置
1. Redmine安装
需安装的软件包,多数软件包是用于支持Subversion和Redmine/LDPAS集成。
subversion
subversion-tools
libapache-dbi-perl
libapache2-mod-perl2
libdbd-mysql-perl
libauthen-simple-ldap-perl
libapache2-mod-svn
安装软件包:
root@scm:~# /etc/ssl/local/certs# apt install subversion subversion-tools libapache-dbi-perl libapache2-mod-perl2 libdbd-mysql-perl libauthen-simple-ldap-perl libapache2-mod-svn
2. Subversion基本设置
设置SVN代码库目录:
root@scm:~# mkdir -p /var/svn/repos
root@scm:~#
root@scm:~# chown -R www-data. /var/svn/repos
root@scm:~#
Redmine/Subversion 集成配置
1. 导入Redmine.pm
Redmine.pm是用于支持通过Redmine的用户库对SVN用户做身份验证和授权。
ln -s /usr/share/redmine/extra/svn/Redmine.pm /usr/share/perl5/Apache/
2. 配置dav_svn.conf
dav_svn.conf是用于配置DAV模块对SVN操作。
# configuration in /etc/apache2/sites-available/*, not here.
# enables connection pooling (very useful for checkouts with many files)
# load Redmine module for Apache
PerlModule Apache::DBI
PerlOptions +GlobalRequest
PerlLoadModule Apache::Redmine
# <Location URL> ... </Location>
<Location /svn>
DAV svn
### uncomment the following line when using subversion 1.8 or newer
# (see http://subversion.apache.org/docs/release-notes/1.8.html#serf-skelta-default)
SVNAllowBulkUpdates Prefer
### default access privilege
Order deny,allow
Deny from all
Satisfy any
# Set this to the path to your repository
#SVNPath /var/lib/svn
# Alternatively, use SVNParentPath if you have multiple repositories under
# under a single directory (/var/lib/svn/repo1, /var/lib/svn/repo2, ...).
# You need either SVNPath and SVNParentPath, but not both.
SVNParentPath /var/svn/repos
LimitXMLRequestBody 0
SVNPathAuthz off
# use Redmine's authentication and access control modules to
# handle SVN authentication and access control
PerlAccessHandler Apache::Authn::Redmine::access_handler
PerlAuthenHandler Apache::Authn::Redmine::authen_handler
AuthType Basic
AuthName "Redmine SVN Repository"
AuthUserFile /dev/null
#read-only access
<Limit GET PROPFIND OPTIONS REPORT>
Require valid-user
Allow from 127.0.0.1
Allow from 192.168.220.33
Satisfy any
</Limit>
# write access
<LimitExcept GET PROPFIND OPTIONS REPORT>
Require valid-user
</LimitExcept>
## for mysql
RedmineDSN "DBI:mysql:redmine_default;host=localhost"
RedmineDbUser "redmine/instance"
RedmineDbPass "redmine"
</Location>
3. 测试使用DAV/HTTPS方式操作Subversion库
- 创建Subversion库
root@scm:~# svnadmin create /var/svn/repos/project-zero
root@scm:~#
root@scm:~# chown -R www-data. /var/svn/repos/project-zero
root@scm:~#
测试是否能使用HTTPS协议SVN库获取项目。
root@scm:~#
root@scm:~# svn co https://scm.lswin.cn/svn/project-zero
Checked out revision 0.
root@scm:~#
DAV/HTTPS/SVN已正常工作。
3. 链接 Redmine 项目和 SVN 项目
-
创建 Redmine 项目:
-
添加项目成员:
-
链接到已存在的 SVN 项目:
校验SVN通过Redmine身份验证/授权:
aaa@qq.com:~# cd project-zero/
aaa@qq.com:~/project-zero# touch README.txt
aaa@qq.com:~/project-zero# svn add README.txt
A README.txt
aaa@qq.com:~/project-zero# svn ci -m "Add README.txt" --username admin
Authentication realm: <https://scm.lswin.cn:443> Redmine SVN Repository
Password for 'admin': ********
-----------------------------------------------------------------------
ATTENTION! Your password for authentication realm:
<https://scm.lswin.cn:443> Redmine SVN Repository
can only be stored to disk unencrypted! You are advised to configure
your system so that Subversion can store passwords encrypted, if
possible. See the documentation for details.
You can avoid future appearances of this warning by setting the value
of the 'store-plaintext-passwords' option to either 'yes' or 'no' in
'/root/.subversion/servers'.
-----------------------------------------------------------------------
Store password unencrypted (yes/no)? yes
Adding README.txt
Transmitting file data .done
Committing transaction...
Committed revision 1.
aaa@qq.com:~/project-zero#
SVN通过Redmine身份验证/授权已正常工作。
在Redmine上也能通过版本库看到新提交的版本。
- 配置Issue和提交版本的关联:
使用的关联关键字为“Issue ID:”
检验Issue和版本关联是否工作:
root@scm:~/project-zero#
root@scm:~/project-zero# touch firstfile.txt
root@scm:~/project-zero# vi README.txt
root@scm:~/project-zero# svn add firstfile.txt
A firstfile.txt
root@scm:~/project-zero# svn ci -m "测试Issue和版本关联配置 (IssueID: #1)" --username admin
Sending README.txt
Adding firstfile.txt
Transmitting file data ..done
Committing transaction...
Committed revision 2.
root@scm:~/project-zero#
版本2已成功提交。转回Redmine检查版本2是否已和Issue #1关联成功。
Issue #1 详情:
在BUG #1详情中,可以看到相关的修订版本2。
修订版本2详情:
可以看到相关的内容 (Bug #1)。
自动创建 SVN 代码库
上面介绍的是分别创建 Redmine 项目和 SVN 项目,然后将他们关联起来。下面要介绍的是如何在创建 Redmine 项目时,系统自动创建 SVN 项目并将它们关联在一起,为系统维护带来更大的方便。
1. 建立根据 Redmine 项目自动创建 SVN 任务
从版本库配置页面获取
版本库管理网页服务 API **
API**是:VwlZGHlqxdGFw0Gh0VMk
建立自动任务脚本
自动任务脚本:/usr/share/redmine/extra/svn/reposman.sh
#!/bin/bash
/bin/echo $(date '+%Y-%m-%d %H:%M:%S') >> /var/log/redmine/reposman.log
/usr/bin/ruby /usr/share/redmine/extra/svn/reposman.rb --redmine https://scm.lswin.cn/redmine --svn-dir /var/svn/repos --owner www-data --url https://scm.lswin.cn/svn --key=VwlZGHlqxdGFw0Gh0VMk --verbose >> /var/log/redmine/reposman.log
/bin/echo >> /var/log/redmine/reposman.log
- 设置cron自动任务
cron自动任务脚本:/etc/cron.d/reposman
该CRON任务,每分钟运行一次。可以通过检查/var/log/redmine/reposman.log
检查cron任务是否正常。
#
# cron.d/reposman -- schedules periodic check if creating repository is needed
# By default, runs every minute
* * * * * root /usr/share/redmine/extra/svn/reposman.sh
-
检验自动创建 SVN 项目是否正常
创建新项目:Project One
【项目】->【新建项目】
成功创建项目Project One后等待一分钟,然后去版本库检查,一个空的代码库是否已经产生。检查项目Project One是否建立代码库
【项目】->【Project One】->【版本库】检查项目Project One的用户数据库是否用于SVN用户身份认证和授权
我们将使用Windows下使用TortoiseSVN
测试这项功能。
首先我们试图check-out项目Project Onehttps://scm.lswin.cn/svn/project-one
,弹出要求进行用户身份验证及授权对话框,输入admin和对应的口令。结果是:跳出新的身份验证对话框。这符合我们的预期,因为admin不是项目成员,不能操作Project One的代码库。下面,我们把admin加入Project One项目,然后在试图从SVN中check-out项目Project One。
【项目】->【Project One】->【配置】->【成员】->【新建成员】
试图从SVN中check-out项目Project One:
成功从SVN中check-out项目Project One。
检查项目 Issue 和提交版本的关联
最后检查项目 Issue 和提交版本的关联是否正常。
1. 首先在Project One中创建新的问题(Issue)。
2. 在checked-out的项目创建新的文件README.txt,然后试图提交到SVN,在提交注解中使用关联关键字(IssueID:)和问题编号(#3)。
已成功上传。
3. 检查版本详情
4. 检查问题详情
我们可以看到 Bug #3 已经和版本 1 成功关联在一起,自动创建 SVN 代码库设置已全部完成。
后续我们将陆续介绍Redmine/Subversion/AD域控制器集成身份验证和项目授权,Redmine主题/插件的安装和功能扩展,SVN的hook的应用,Redmine的REST API的使用方法和应用等。
上一篇: 在IDEA中`New`没有`Mapper`文件选项
下一篇: 【word】添加水印