10th January 2016

Install Redmine on Debian

These instructions apply for Debian Wheezy. However, I read most of the information to do so from the following URLs, one related to Debian Squeeze, and other for Jessie, so it seems like these instructions should be quite generic for Debian:

• Debian wiki
• Debian administration site

Install PostgreSQL

Obviously, use any other database (MySQL, Sqlite), if that is your choice.

Installing PostgreSQL, it is important to ensure that there are no problems with the locales; otherwise, no cluster is created and, effectively, there will be no PostgreSQL instance running (run dpkg-reconfigure locales to ensure this).

apt-get install -y postgresql

Install Redmine with PostgreSQL support

apt-get install -y redmine redmine-pgsql

answer Yes to the database configuration question, using the pgsql package, no password required (ident used)

Install Nginx, Thin and SSL certificates support

This is an opinionated installation, where I think it is better to use PostgreSQL and NGINX, than MySQL and Apache, for example

apt-get install -y thin nginx ssl-cert

Prepare filesystem

mkdir -p /var/lib/redmine/sockets/
mkdir -p /var/lib/thin/
mkdir -p /var/log/thin

ln -sf /etc/thin1.9.1 /etc/thin         # note this will change with the ruby version

chown www-data:www-data /var/lib/thin/
chown www-data:www-data /var/log/thin/
chown www-data:www-data /var/lib/redmine/sockets/

Configure thin

cd /etc/thin

thin config --config /etc/thin/redmine.yml --chdir /usr/share/redmine \
        --environment production --socket /var/lib/redmine/sockets/thin.sock \
        --daemonize --log /var/log/thin/redmine.log --pid /var/lib/thin/redmine.pid \
        --user www-data --group www-data --servers 2

chmod 644 /etc/thin/redmine.yml

This configuration will launch two thin processes.

To ensure that logs get rotated, add the following logrotateconfiguration:

cat << EOF > /etc/logrotate.d/thin
/var/log/thin/*.log {
    daily
    missingok
    rotate 52
    compress
    delaycompress
    notifempty
    create 640 root adm
    sharedscripts
    postrotate
        /etc/init.d/thin restart >/dev/null
    endscript
}
EOF

Configure nginx

rm /etc/nginx/sites-enabled/default

cd /etc/nginx/sites-available/

cat << 'EOF' > redmine.conf
upstream redmine {
    server unix:/var/lib/redmine/sockets/thin.0.sock;
    server unix:/var/lib/redmine/sockets/thin.1.sock;
}

server {
    listen 80;
    listen   [::]:80 default ipv6only=on;
    server_name bugs.coderazzi.net;
    return 301 https://$server_name$request_uri;
}

server {

    listen   443;
    listen   [::]:443 default ipv6only=on;

    ssl on;
    ssl_certificate /etc/nginx/1_bugs.coderazzi.net_bundle.crt;
    ssl_certificate_key /etc/nginx/ssl.key;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers ALL:!DH:!EXPORT:!RC4:+HIGH:+MEDIUM:!LOW:!aNULL:!eNULL;

    server_name  bugs.coderazzi.net;
    server_name_in_redirect off;

    access_log  /var/log/nginx/redmine.access.log;
    error_log  /var/log/nginx/redmine.error.log;

    proxy_set_header   Host $http_host;
    proxy_redirect off;

    location / {
        root   /usr/share/redmine/public;

        error_page 404  404.html;
        error_page 500 502 503 504  500.html;


        try_files $uri/index.html $uri.html $uri @redmine;
    }

    location @redmine {
        proxy_pass http://redmine;
    }
}
EOF

ln -sf /etc/nginx/sites-available/redmine.conf /etc/nginx/sites-enabled/

service nginx start

This configuration assumes that the URL is bugs.coderazzi.net, and that it has SSL support. Furthermore, it expectes the SSL key and CRT file on the given locations

Configure mail support

To handle email, configure sendmail or exim. For both cases, create the redmine configuration file, and restart all required processes:

cat << EOF >  /etc/redmine/default/configuration.yml
production:
    email_delivery:
        delivery_method: :smtp
        smtp_settings:
            address: 127.0.0.1
            port: 25
            domain: bugs.coderazzi.net
            authentication: :none
EOF

service thin restart
service nginx restart

Alternative 1: configuring sendmail

We need now to edit sendmail' configuration, installing it before if required:

sudo sendmailconfig

• Configure sendmail with the existing /etc/mail/sendmail.conf? [Y] => Y
• Configure sendmail with the existing /etc/mail/sendmail.mc? [Y] ==> N
• • Put correct mail name: bugs.coderazzi.net
  • All other options, left as proposed

Alternative 2: configuring Exim

• General type of mail configuration : internet site; mail is sent and received directly using SMTP
• System Mail name: bugs.coderazzi.net
• IP-addresses to listen on for incoming SMTP connections: 127.0.0.1 ; ::1
• Other destinations for which mail is accepted:
• Domains to relay mail for:
• Machines to relay email for:
• Keep number of DNS-queries minimal (Dial-on-Demand)? No
• Delivery method for local mail: mbox format in /var/mail/
• Split configuration into small files? No
• Root and postmaster mail recipient: coderazzi

Configure redmine

The default debian installation creates a default user and password to access Redmine, both being admin

Copyright (c) Luis M. Pena - lu@coderazzi.net