[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Savannah-cvs] [268] BackEndSetup: improve instructions
From: |
assafgordon |
Subject: |
[Savannah-cvs] [268] BackEndSetup: improve instructions |
Date: |
Sat, 22 Oct 2016 20:27:33 +0000 (UTC) |
Revision: 268
http://svn.sv.gnu.org/viewvc/?view=rev&root=administration&revision=268
Author: agn
Date: 2016-10-22 20:27:31 +0000 (Sat, 22 Oct 2016)
Log Message:
-----------
BackEndSetup: improve instructions
Modified Paths:
--------------
trunk/sviki/BackEndSetup.mdwn
Modified: trunk/sviki/BackEndSetup.mdwn
===================================================================
--- trunk/sviki/BackEndSetup.mdwn 2016-10-22 20:27:23 UTC (rev 267)
+++ trunk/sviki/BackEndSetup.mdwn 2016-10-22 20:27:31 UTC (rev 268)
@@ -30,24 +30,33 @@
side (e.g. `vcs0`) does not use the frontend's php code.
See [[FrontEndSetup]] for complimentary details about the frontend.
-The instructions below were tested on `vcs0`.
-
`vcs0` needs to run `sv_groups` to create new repositories for new projects
(or existing projects which enabled new repositories using the "Select
Features"
menu option on the savannah web site).
-See [[SavannahInternals]]For more details about the scripts and cronjobs
+`download0` needs to run `sv_groups` to create the 'download/releases'
directory
+for projects.
+`internal0` needs to run `sv_mailman`, `sv_reminder`,`sv_cleaner` as cronjobs.
+See [[SavannahInternals]] For more details about the scripts and cronjobs
(although they describe the setup on the current/old VMs, we aim to replicate
a similar setup on the new VMs).
+The following installation has been executed on all servers:
`vcs0`,`frontend0`,
+`download0`,`internal0` - using the scripts should work identically, regardless
+of which server they are run on.
+Install prerequisites:
+
+ apt-get install -y imagemagick gettext
+ cpan -i Mail::Send
+
As root, create the required directories.
`/etc/savane` is temporarily created with write-access
(for the 'make install' step as non-root user), and will be made
read-only after the installation is complete.
- mkdir -p /opt/savannah /etc/savane/content
- chgrp staff /opt/savannah /etc/savane /etc/savane/content
- chmod g+ws /opt/savannah /etc/savane /etc/savane/content
+ mkdir -p /opt/savannah /etc/savane
+ chgrp staff /opt/savannah /etc/savane
+ chmod g+ws /opt/savannah /etc/savane
As non-root (e.g. agn), clone the savage repository.
The `nextgen` branch holds the latest updates for the code on the new machines:
@@ -56,52 +65,108 @@
git clone -b nextgen git://git.savannah.gnu.org/administration/savane.git
cd savane/
./bootstrap
- ./configure --prefix=/opt/savannah/usr --sysconfdir=/etc
+ ./configure --prefix=/opt/savannah/ --sysconfdir=/etc
make
make install
The resulting files:
- $ ls -l /opt/savannah/usr/
+ $ ls -l /opt/savannah/
total 8
drwxrwsr-x 2 agn staff 4096 Oct 19 21:23 bin
+ drwxrwsr-x 3 agn staff 4096 Oct 19 21:09 lib
+ drwxrwsr-x 3 agn staff 4096 Oct 19 21:09 savane
drwxrwsr-x 3 agn staff 4096 Oct 19 21:09 share
-And savannah's common backend scripts:
+Savannah's common backend scripts:
- $ ls /opt/savannah/usr/bin
+ $ ls /opt/savannah/bin
[...]
sv_groups
sv_aliases
sv_homedirs
[...]
-Unfortunately the Savane Perl modules are
-still installed in '/usr/local' (the 'prefix' is likely not passed
-to the perl part during configure/make).
-That's not too bad, as it saves the need for custom PERL5LIB setting.
+Savannah's perl modules:
- /usr/local/lib/perl/5.18.2/auto/Savane/.packlist
- /usr/local/share/perl/5.18.2/Savane.pm
- /usr/local/share/perl/5.18.2/Savane/Groups.pm
- /usr/local/share/perl/5.18.2/Savane/Cvs.pm
- /usr/local/share/perl/5.18.2/Savane/DB.pm
- /usr/local/share/perl/5.18.2/Savane/Hg.pm
- /usr/local/share/perl/5.18.2/Savane/User.pm
- /usr/local/share/perl/5.18.2/Savane/Mail.pm
- /usr/local/share/perl/5.18.2/Savane/Git.pm
+ $ cd /opt/savannah/
+ $ find ./lib/ -type f
+ lib/perl/5.18.2/perllocal.pod
+ lib/perl/5.18.2/auto/Savane/.packlist
+
+ $ find ./share/ -type f
+ share/perl/5.18.2/Savane.pm
+ share/perl/5.18.2/Savane/Conf.pm
+ share/perl/5.18.2/Savane/DB.pm
+ share/perl/5.18.2/Savane/User.pm
+ share/perl/5.18.2/Savane/Groups.pm
+ share/perl/5.18.2/Savane/Cvs.pm
+ share/perl/5.18.2/Savane/Download.pm
+ share/perl/5.18.2/Savane/Svn.pm
+ share/perl/5.18.2/Savane/Hg.pm
+ share/perl/5.18.2/Savane/Git.pm
[...]
+> FIXME: The following only applies to vcs0:
+>
+> Unfortunately the Savane Perl modules are
+> still installed in '/usr/local' (the 'prefix' is likely not passed
+> to the perl part during configure/make).
+> That's not too bad, as it saves the need for custom PERL5LIB setting.
+>
+> /usr/local/lib/perl/5.18.2/auto/Savane/.packlist
+> /usr/local/share/perl/5.18.2/Savane.pm
+> /usr/local/share/perl/5.18.2/Savane/Groups.pm
+> /usr/local/share/perl/5.18.2/Savane/Cvs.pm
+> /usr/local/share/perl/5.18.2/Savane/DB.pm
+> /usr/local/share/perl/5.18.2/Savane/Hg.pm
+> /usr/local/share/perl/5.18.2/Savane/User.pm
+> /usr/local/share/perl/5.18.2/Savane/Mail.pm
+> /usr/local/share/perl/5.18.2/Savane/Git.pm
+> [...]
+
+
Manually prepare configuration files (passwords copied from frontend0).
The `.pl` file is used by perl scripts (e.g. `sv_groups`).
The `.ini` file is used by python scripts (e.g. `sv_tmpgpg`).
+NOTE: On `internal0`, set the HOST to `localhost` instead of `208.118.235.78`.
+ $ cd /etc/savane
+ $ scp frontend0:/etc/savane/savane.{pass,ini,.conf.pl} .
+
+ $ cat /etc/savane/savane.pass
+ XXXXXXXXX
+
+ $ cat /etc/savane/savane.ini
+ [database]
+ HOST=208.118.235.78
+ USER=savannahscripts
+ PASSWORD=XXXXXXXXXX
+ NAME=savane
+
+ $ cat /etc/savane/savane.conf.pl
+ [...]
+ our $sys_dbhost="208.118.235.78"; #internal0.sv.gnu.org
+ our $sys_dbname="savane";
+ our $sys_dbuser="savannahscripts";
+ open(IN, '<'.dirname(__FILE__).'/savane.pass');
+ our $sys_dbpasswd = <IN>;
+
+
+On `vcs0`,`download0`,`internal0` -
+lock permissions on the configuration/passwords files.
+
+NOTE: *DO NOT* run these commands on frontend0. Frontend0's
+files require special permissions to ensure apache can access
+these files. See [[FrontEndSetup]] for detail.
+
cd /etc/savane/
chown root:staff savane.*
chmod 0640 savane.*
# remove 'content' - it's only used by the frontend's php
+ # DO NOT REMOVE IT ON frontend0...
rm -r content
# ls -l /etc/savane/
@@ -114,11 +179,28 @@
chmod g-w /etc/savane
+
+Test the scripts, ensuring the perl modules and DB are working:
+
+ ### This is equivalent to what OpenSSH is using to find the
+ ### users' keys when they log with SSH to @vcs.sv.gnu.org .
+ ### The users' keys are stored in savane's database.
+ ### See [[UserAuthentication]] for details.
+
+ $ cd /opt/savannah/bin
+ $ export PERL5LIB=/opt/savannah/share/perl/5.18.2
+ $ ./sv_get_authorized_keys agn | cut -b1-40
+ ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAvsw+
+ ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCe
+ ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDf
+ ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCa
+
+
The script `sv_groups` writes log messages to hard-coded path,
created it with 'staff' permissions:
touch /var/log/sv_database2system.log
- chown root:staff /var/log/sv_database2system.log
+ chown root:adm /var/log/sv_database2system.log
FIXME: `sv_groups` also uses a lock file named `groups-users.lock` -
not sure where it is stored.
@@ -140,4 +222,3 @@
vcs0?
[sv_groups] Wed Oct 19 21:54:40 2016 ---- groupadd -g 77955 anoncvs
(required by the savane backend)
-
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Savannah-cvs] [268] BackEndSetup: improve instructions,
assafgordon <=