Table of Contents
Preamble
Note for CentOS users: please refer to my more recent guide, Redmine on CentOS 7
This article will guide you through the installation, migration and upgrading of a Redmine instance on Ubuntu Server 13.10. The article’ll also explain how to switch from an SQLite database backend to PostgreSQL. For authentication we’ll be using LDAP. The LDAP backend in our case is Active Directory, but it should work with any LDAP-compliant server. The procedure should be fairly similar on other releases or distros, too.
There are several commands where I use dummy values (server URLs, file system paths, LDAP environment etc.), so please check every one of them and update them according to your setup.
Clean install
This section assumes that you don’t have any existing data that needs to be taken care of. We’ll stick with the PostgreSQL database, for others check out the official installation guide.
Repositories
If you want Git integration, you gotta mount the NFS exports provided by the Git server. Install the required tools:
apt-get install nfs-common
Create a directory for accessing the repos:
mkdir -p /opt/git
Then add the following to /etc/fstab
(update the Git server address and export name):
git.foobar.local:/git /opt/git nfs4 auto 0 0
Then mount with mount -a
. If everything’s fine, the remote Git repos will be available under /opt/git
. As a last step, make sure Redmine can actually browse the repos so install the required binaries:
apt-get install git
Database
Install the PostgreSQL database server and the development files, too, so that the corresponding Ruby gems can also be built:
apt-get install postgresql libpq-dev
Now switch to the postgres user and enter the PostgreSQL command prompt:
su postgres
psql
Within this prompt, create the redmine user and the production (redmine) and test (redmine_test) databases. Also make the redmine user the owner of these 2 databases (replace the *** password with whatever you want):
CREATE ROLE redmine LOGIN ENCRYPTED PASSWORD '***' NOINHERIT VALID UNTIL 'infinity';
CREATE DATABASE redmine WITH ENCODING='UTF8' OWNER=redmine;
CREATE DATABASE redmine_test WITH ENCODING='UTF8' OWNER=redmine;
You can verify the result with list
, and if it’s OK exit with quit
.
If you want to manage the databases remotely, open /etc/postgresql/9.1/main/postgresql.conf
, uncomment the listen_addresses
line and set it to ‘‘*, i.e.:
listen_addresses = '*'
Additionally, add the following to /etc/postgresql/9.1/main/pg_hba.conf
(modify the subnets accordingly):
host all all 192.168.0.0/24 md5
Redmine
Download the tar.gz release, extract it, then make it easily accessible via symlink:
wget https://www.redmine.org/releases/redmine-2.4.0.tar.gz
tar xf redmine-2.4.0.tar.gz -C /opt
cd /opt
ln -s redmine-2.4.0 redmine
Create the database configuration file:
touch /opt/redmine/config/database.yml
Then configure it to use our shiny new PostgreSQL instance (replace the dummy passwords):
test:
adapter: postgresql
database: redmine_test
host: localhost
username: redmine
password: "***"
production:
adapter: postgresql
database: redmine
host: localhost
username: redmine
password: "***"
Now install Ruby. You can use both 1.8 or 1.9. The Apache module which will be installed later depends on 1.8, so if you install 1.9 here, you’ll have both 1.8 and 1.9 installed which is a bit redundant, but this way you can skip a Ruby upgrade for Redmine later, and once the Apache module’s also upgraded to 1.9 you can easily uninstall 1.8, which is probably less maintenance work than handling and debugging a Ruby version bump for Redmine itself.
You’ll also need the Ruby gems, and for gem installation to work you’ll need make as well. So the installation procedure for Ruby 1.8 is:
apt-get install ruby1.8 ruby1.8-dev rubygems make
For 1.9 (1.9 bundles rubygems already):
apt-get install ruby ruby-dev make
Additionally, if you want to have Gantt chart generation:
apt-get install imagemagick libmagickcore-dev libmagickwand-dev
Certain gems may fail at documentation generation, so let’s just save some disk space and installation time and disable it altogether:
echo 'gem: --no-rdoc --no-ri' > ~/.gemrc
Now install the bundler gem which Redmine uses for setting up the environment, then install all the remaining stuff with bundler (if you want Gantt support, remove the rmagick word):
gem install bundler
cd /opt/redmine
bundle install --verbose --without development test rmagick
And some finishing touches (still under /opt/redmine
):
rake generate_secret_token
RAILS_ENV=production rake db:migrate
RAILS_ENV=production rake redmine:load_default_data
Finally you can test your installation. Start the test server:
ruby script/rails server webrick -e production
Now you can reach your new server via HTTP on port 3000 with the usual admin/admin login.
Web server
Webrick is nice for testing purposes but for production you need something more robust. Install Apache and the Passenger module (a.k.a. mod_rails):
apt-get install apache2 libapache2-mod-passenger
Now create the redmine site and disable the default one:
touch /etc/apache2/sites-available/001-redmine.conf
cd /etc/apache2/sites-enabled
rm 000-default.conf
ln -s ../sites-available/001-redmine.conf .
ln -s /opt/redmine/public /var/www/redmine
Set up the Redmine site (001-redmine.conf
):
<VirtualHost *:80>
ServerAdmin [email protected]
ServerName redmine.foobar.local
DocumentRoot /var/www/redmine
LogLevel warn
ErrorLog /opt/redmine/log/error.log
CustomLog /opt/redmine/log/access.log combined
<Directory /var/www/redmine>
Options FollowSymLinks
AllowOverride None
Order deny,allow
Allow from all
RailsEnv production
RailsBaseURI /redmine
PassengerResolveSymlinksInDocumentRoot on
</Directory>
</VirtualHost>
Now restart the Apache service and then you can test your Redmine instance on port 80:
service apache2 restart
Authentication
Here we’ll use the ldap_browser Domain User (it does not need to be Domain Admin!) account to query information from LDAP. Members of the Redmine Users security group (LDAP filter) will be allowed to log in to Redmine given they’re found under the OU=Users,DC=foobar,DC=local LDAP DN (Base DN).
Go to Administration / LDAP authentication and create a New authentication mode (make sure to update the LDAP environment and the password):
Attribute | Value |
---|---|
Name | foobar.local |
Host | dc1.foobar.local |
Port | 636 |
LDAPS | checked |
Account | CN=ldap_browser,OU=Users,DC=foobar,DC=local |
Password | *** |
Base DN | OU=Users,DC=foobar,DC=local |
LDAP filter | (memberOf=CN=Redmine Users,OU=Groups,DC=foobar,DC=local) |
Timeout (in seconds) | 10 |
On-the-fly user creation | checked |
Login attribute | sAMAccountName |
Firstname attribute | givenName |
Lastname attribute | sn |
Email attribute | mail |
On-the-fly user creation may sound a bit confusing. It won’t touch your LDAP domain, all it does is create a local Redmine user that corresponds to the LDAP user.
Migration
In this section we’ll migrate an existing Redmine instance to a new server with possibly a newer Redmine version. We’ll also cover the case where the old instance is running SQLite and the new one’s using PostgreSQL. For database conversion we’ll use the old Redmine server or (preferably) an intermediate virtual server which can be removed later.
MySQL is not covered here. I’ve tried to perform a migration from SQLite to MySQL but it gave me internal server errors on random projects after converting with taps, so I do not recommend using it.
File export & import
Copy from the old server to the new one:
config/configuration.yml
files/*
plugins/*
public/themes/*
These locations may vary depending on compile-time options and/or settings so take a look around. Certain packages may put these files under:
/etc/redmine
/var/lib/redmine
/usr/share/redmine
/var/www/redmine
Update file permissions if needed. Additionally, review and update configuration.yml
according to the new environment. The same applies to the settings available via the web interface under Administration.
If there are existing users with Internal authentication method, make sure not to delete them, just change their method to the LDAP one instead (assuming there’s a corresponding LDAP user).
Also make sure not to carry over config/settings.yml
, it’s not for user settings.
Database export from SQLite 3
Install the SQLite 3 tools on the old server using SQLite:
apt-get install sqlite3
Go to the folder where your SQLite database resides and make a copy of it. If the Redmine server’s still running:
sqlite3 redmine.sqlite3
This will enter to the SQLite command line. Now type:
.backup /tmp/redmine_backup.sqlite3
.exit
Which will make sure there’s no corruption (i.e. no writes running in the background while you’re making the copy). If the server’s not running you don’t have to deal with this and just copy the file manually:
cp redmine.sqlite3 /tmp/redmine_backup.sqlite3
Now either on this or on an intermediate VM (preferably not on the final server to avoid bloat) install the Ruby tools. You need Ruby 1.9 because the taps gem won’t install with 1.8. Also install the database development files:
apt-get install ruby ruby-dev make libsqlite3-dev libpq-dev
Disable gem documentation generation:
echo 'gem: --no-rdoc --no-ri' > ~/.gemrc
Now install various gems. The 1.5.2 version of the rack gem is breaking database conversion so stick with 1.4:
gem install rack -v 1.4.5
gem install sqlite3 pg taps
Install the PostgreSQL server:
apt-get install postgresql
Now switch to the postgres user and enter the PostgreSQL command prompt:
su postgres
psql
Create a user and a repo for redmine (update the password):
CREATE ROLE redmine LOGIN ENCRYPTED PASSWORD '***' NOINHERIT VALID UNTIL 'infinity';
CREATE DATABASE redmine WITH ENCODING='UTF8' OWNER=redmine;
q
Start a taps server which publishes the SQLite database:
taps server sqlite:///tmp/redmine_backup.sqlite3 tmpuser tmppass
Start another taps server which pulls this SQLite database into a PostgreSQL one (update the redmine user’s password):
taps pull postgres://redmine:***@localhost/redmine http://tmpuser:tmppass@localhost:5000
Once finished, switch to the postgres user and create a database dump:
su postgres
pg_dump redmine > /tmp/redmine_backup.pgsql
Database export from PostgreSQL
This is the same as the ending steps of the SQLite export, i.e. switch to the postgres user and create a database dump:
su postgres
pg_dump redmine > /tmp/redmine_backup.pgsql
Database import
You have to do the same as with a clean install, except before the rake generate_secret_token
step perform a database import:
su postgres
psql redmine < /tmp/redmine_backup.pgsql
Now continue with the installation, but make sure to skip the database initialization step (RAILS_ENV=production rake redmine:load_default_data
) and before running the web server (either Webrick or Apache), perform some additional cleanup, too:
rake redmine:plugins:migrate RAILS_ENV=production
rake tmp:cache:clear
rake tmp:sessions:clear
Upgrade
Set up the environmental variables to make your life easier:
export OLD_REDMINE=2.4.0
export NEW_REDMINE=2.4.1
Stop the web server to avoid any new data to be written:
service apache2 stop
Download the new release and set up file structure:
wget https://www.redmine.org/releases/redmine-${NEW_REDMINE}.tar.gz
tar xf redmine-${NEW_REDMINE}.tar.gz -C /opt
cd /opt
ln -sf redmine-${NEW_REDMINE} redmine
Then copy the old config to the new place:
cp redmine-${OLD_REDMINE}/config/configuration.yml redmine/config
cp redmine-${OLD_REDMINE}/config/database.yml redmine/config
cp -R redmine-${OLD_REDMINE}/files redmine
cp -R redmine-${OLD_REDMINE}/plugins redmine
cp -R redmine-${OLD_REDMINE}/log redmine
Additionally, manually copy any downloaded themes from public/themes
.
Now perform some Redmine upgrade procedures:
cd /opt/redmine
bundle install --verbose --without development test rmagick
rake generate_secret_token
RAILS_ENV=production rake db:migrate
rake tmp:cache:clear
rake tmp:sessions:clear
Fix file permissions:
chown -R www-data:www-data /opt/redmine-${NEW_REDMINE}
Then restart the web server:
service apache2 start
Tasks
Resetting the admin password
If you lose access to the admin account but you can still access PostgreSQL:
su postgres
psql
Then in the SQL prompt:
connect redmine
UPDATE users SET hashed_password='353e8061f2befecb6818ba0c034c632fb0bcae1b' WHERE login='admin';
UPDATE users SET salt='' WHERE login='admin';
Where hashed_password
is sha1(sha1(password)), so this hash will set the admin password to password. This procedure clears the salt so make sure to change the password again via the web UI once logged in, which regenerates the salt.
Renaming a project
TODO