Difference between revisions of "Trac"
(Trac notification forward to project mailing list) |
(static files deploy is now done by ansible, see https://git.osgeo.org/gitea/sac/ansible-deployment/commit/8a7dbe136f13edcc6aa8b02df2ab56a861ec135a) |
||
(97 intermediate revisions by 10 users not shown) | |||
Line 1: | Line 1: | ||
= Summary = | = Summary = | ||
− | Trac | + | * As of September 4th, 2024 [https://trac.osgeo.org/osgeo/ticket/3238#comment:15 Trac upgraded to 1.6] |
+ | * As of August 19th, 2024 [https://trac.osgeo.org/osgeo/ticket/3238#comment:4 Trac upgraded to 1.4.4] | ||
+ | * As Of May 8th, 2022 [https://trac.osgeo.org/osgeo/ticket/2372 Trac upgraded to 1.4.3] | ||
+ | * October 12, 2018 tracvm was migrated to lxd container called tracsvn on osgeo7 | ||
+ | * As of February 2017 Trac 1.2.1dev (r15513 [https://trac.osgeo.org/osgeo/ticket/1863#comment:3 patched]) is running at http://trac.osgeo.org/ (the [[TracsvnVM|tracsvn VM]] at OSU OSL). | ||
* [http://trac.edgewall.org/wiki/TracGuide Trac Guide] | * [http://trac.edgewall.org/wiki/TracGuide Trac Guide] | ||
− | * All data | + | * Configurations are in /var/www/trac/*/conf/trac.ini and inherit /etc/trac/trac-common.ini |
− | * virtual server configurations are under /etc/ | + | * All data lives under /var/www/trac and in trac_* PostgreSQL databases |
+ | * Authentication uses the OSGeo [[SAC:LDAP|LDAP]] database | ||
+ | * virtual server configurations are under /etc/apache2/includes/trac/*.conf, included by /etc/apache2/sites-available/trac.conf | ||
* [http://trac.osgeo.org/ Existing Instances] | * [http://trac.osgeo.org/ Existing Instances] | ||
− | * Actual python is installed in /usr/lib/python2. | + | * Actual python is installed in /usr/local/lib/python2.6/dist-packages/Trac*.egg (May 2015) |
* Frank Warmerdam and Howard Butler have configuration experience, and can help maintain instances. | * Frank Warmerdam and Howard Butler have configuration experience, and can help maintain instances. | ||
− | * | + | * Sandro Santilli is helping with trac since late 2015, driving the upgrade from 1.0.5 to 1.2.1dev in Feb 2017 |
− | |||
− | |||
− | |||
= Procedures = | = Procedures = | ||
− | == | + | == Ansible Deploy == |
− | + | As of August 2024 we have a "trac" ansible role for use to deploy the service with support for both production and staging environments. See deployment/deploy-trac.yml in https://git.osgeo.org/gitea/sac/ansible-deployment | |
− | + | == Staging == | |
+ | |||
+ | Staging host exists for testing upgrades or configuration changes: | ||
+ | https://dev.trac.osgeo.org/ | ||
+ | |||
+ | == Local Customizations == | ||
+ | |||
+ | As of 2017-02-01, after upgrading to Trac-1.2.1, there is a minor modifications | ||
+ | to allow notifying OSGeo users who have never logged into trac yet. | ||
+ | |||
+ | See https://trac.osgeo.org/osgeo/ticket/1863 | ||
== Creating a trac instance == | == Creating a trac instance == | ||
− | $ sudo trac-admin /var/www/trac/<proj_name> initenv | + | $ sudo -u postgres createdb -O trac trac_<proj_name> |
+ | $ sudo trac-admin \ | ||
+ | /var/www/trac/env/<proj_name> initenv \ | ||
+ | --inherit=/etc/trac/trac-common.ini | ||
+ | |||
+ | * Make sure to set the db connection to postgres://trac@/trac_<proj_name> (password for the user is kept in ~www-data/.pgpass) | ||
+ | * Use /var/www/svn/repos/<proj_name> for the svn path or /var/www/git/repos/<proj_name> for the git path | ||
+ | * For SVN, write a /var/www/repos/<proj_name>/post-commit with this content: | ||
+ | |||
+ | REPOS="$1" | ||
+ | REV="$2" | ||
+ | TRAC_ENV=`basename ${REPOS}` | ||
+ | /var/www/svn/hookscripts/osgeo-post-commit-hook "${TRAC_ENV}" "${REPOS}" "${REV}" & | ||
+ | |||
+ | * Set the project admin user: | ||
+ | |||
$ sudo trac-admin /var/www/trac/<proj_name> permission add <osgeo_userid> TRAC_ADMIN | $ sudo trac-admin /var/www/trac/<proj_name> permission add <osgeo_userid> TRAC_ADMIN | ||
− | |||
− | * Update /var/www/trac | + | * Set permissions on the trac environment dir: |
− | * Add virtual host file /etc/ | + | |
+ | $ sudo chown -R www-data:www-data /var/www/trac/<proj_name> | ||
+ | |||
+ | * Update /var/www/trac/<proj_name>/conf/trac.ini to enable email notification (TODO: move to /etc/trac/trac-common.ini) | ||
+ | * Add virtual host file /etc/apache2/conf.d/trac/<proj_name>.conf enabling LDAP based authentication. | ||
* Logo can be referenced in /var/www/trac/<proj_name>/conf/trac.ini and placed in /var/www/trac/<proj_name>/htdocs | * Logo can be referenced in /var/www/trac/<proj_name>/conf/trac.ini and placed in /var/www/trac/<proj_name>/htdocs | ||
− | |||
* Add to /var/www/trac/index.html | * Add to /var/www/trac/index.html | ||
− | * Add | + | * Add to /var/www/trac/trac_instances.txt |
+ | * Add to /etc/trac/intertrac.ini | ||
+ | * Regenerate the robots.txt file with the command: | ||
− | + | $ sudo /var/www/trac/mkrobots.sh | |
− | |||
− | |||
− | |||
− | |||
+ | === Permissions === | ||
Recommended Trac permissions: | Recommended Trac permissions: | ||
Line 67: | Line 96: | ||
warmerdam developers | warmerdam developers | ||
warmerdam TRAC_ADMIN | warmerdam TRAC_ADMIN | ||
+ | strk TRAC_ADMIN | ||
... | ... | ||
+ | |||
+ | SQL Compatability Issue with Postgres | ||
+ | |||
+ | You will have to modify the SQL statement of the ''All Ticket by Milestone'' report. This can be done by accessing the trac report page and click the ''Edit report'' button (You need to be an admin of the trac instance). Check the sql statement of another trac instance and replace the one of the new instance. | ||
+ | |||
+ | [https://trac.edgewall.org/wiki/TracPermissions Permissions Reference] | ||
== Plugins == | == Plugins == | ||
− | + | Shared plugins are installed in /usr/local/lib/python2.6/dist-packages/ (usually having a name starting with "Trac") and need be explicitly enabled for each project (can be done by trac admin). | |
+ | |||
+ | Project specific plugins (discouraged) are under /var/www/trac/<project>/plugins/ and are enabled by default. | ||
+ | |||
+ | For more info see the [http://trac.edgewall.org/wiki/TracPlugins plugin install guide]. | ||
+ | |||
+ | Available shared plugins (updated September '24): | ||
+ | |||
− | * http://trac-hacks.org/wiki/TocMacro | + | * [https://git.osgeo.org/gogs/sac/TracLDAPEmailResolverPlugin TracLDAPEmailResolverPlugin] <sub>0.1</sub> - uses LDAP lookup to resolve OSGeo users email. '''WORKS with Trac 1.6''' |
+ | * [https://trac-hacks.org/wiki/TracStatsPlugin TracStatsPlugin] <sub>0.6.1</sub> - shows project statistics. '''WORKS with Trac 1.6''' | ||
+ | * [http://trac-hacks.org/wiki/TocMacro TracTocMacro] <sub>12.0.0</sub> - multi page tables of contents. '''WORKS with Trac 1.6''' | ||
+ | * [https://trac-hacks.org/wiki/SectionEditPlugin TracSectionEditPlugin] <sub>1.3.0dev</sub> - ability to edit one section in a wiki page. '''WORKS with Trac 1.6''' | ||
+ | * [https://trac-hacks.org/wiki/TracBackLinkPlugin TracBackLinkPlugin] <sub>1.0.15</dub> - show incoming links on tickets. '''WORKS with Trac 1.6''' | ||
+ | * <strike>[http://trac-hacks.org/wiki/DoxygenPlugin TracDoxygen] <sub>0.11.0</sub> - mix doxygen docs into trac interface (needs extra admin support). . '''WORKS with Trac 1.4'''</strike> '''REMOVED in Sep 2024 as not compatible with Trac-1.6''' | ||
+ | * <strike>[https://trac.edgewall.org/wiki/SpamFilter TracSpamFilter] <sub>1.0.10dev</sub> - spam filtering plugin. '''WORKS with Trac 1.4'''</strike> ```REMOVED in Sep 2024 as not used``` | ||
+ | * <strike>[http://trac-hacks.org/wiki/SecureTicketsPlugin TracSecureTickets] <sub>0.1.4</sub> - The authz policy mechanism provides fine-grained permissions for tickets.</strike> '''REMOVED in Jan 2017''' | ||
+ | * <strike>[https://trac-hacks.org/wiki/TracTicketStatsPlugin Tracticketsstats] <sub>3.0.0dev</sub> - visualizes trac ticket statistics</strike> '''REMOVED in Jan 2017''' | ||
+ | * <strike>[https://trac-hacks.org/wiki/AdvParseArgsPlugin TracAdvParseArgsPlugin] <sub>1.0.5</sub> - dependency of TicketStatsMacro</strike> '''REMOVED in Jan 2017''' | ||
+ | * <strike>sensitivetickets 0.22 (deprecated by SecureTicketsPlugin ?)</strike> '''REMOVED in Jan 2017''' | ||
+ | * <strike>MediaWikiMacro - provides media wiki like format support (link? details?)</strike> '''NOT FOUND as of Nov 2015''' | ||
+ | * <strike>[https://trac-hacks.org/wiki/TracMetrixPlugin TracMetrixPlugin] <sub>0.1.8dev</sub> - quality metrix and progress statistics.</strike> '''REMOVED in Jan 2017 as it FAILED with Trac 1.2 - https://trac-hacks.org/ticket/13041''' | ||
− | == Custom fields == | + | === Custom fields === |
See http://trac.edgewall.org/wiki/TracTicketsCustomFields | See http://trac.edgewall.org/wiki/TracTicketsCustomFields | ||
Line 91: | Line 146: | ||
cpu.options = Unspecified|x86-32|x86-64|OSX/PPC|OSX/Intel|Other|All | cpu.options = Unspecified|x86-32|x86-64|OSX/PPC|OSX/Intel|Other|All | ||
cpu.value = Unspecified | cpu.value = Unspecified | ||
+ | |||
+ | === ZIP support for directories === | ||
+ | |||
+ | Docs: https://trac.edgewall.org/wiki/TracIni#browser-section | ||
+ | |||
+ | Used in GRASS GIS trac instance to enable zip download support for [https://grass.osgeo.org/grass72/manuals/g.extension.html g.extension] addon manager downloads: | ||
+ | Directories are to be enabled as a comma separated list. | ||
+ | |||
+ | <pre> | ||
+ | # file: /var/www/trac/grass/conf/trac.ini | ||
+ | [browser] | ||
+ | downloadable_paths = /grass-addons/grass7/*/*,/sandbox/*/* | ||
+ | </pre> | ||
+ | |||
+ | == Making Trac Read-Only == | ||
+ | |||
+ | It appears the usual way of making Trac read-only is to remove all permissions on the "authenticated" group in the Admin/Permissions dialog. This will remove the authenticated group and then only those with special admin priviledges can edit the wiki, create tickets, etc. | ||
== Timeline with filename indication == | == Timeline with filename indication == | ||
Line 111: | Line 183: | ||
We have had problems with trac spam when ticket create and ticket modify permissions were set to anonymous (the default). To get around this most (all?) instances have been changed to require authenticated users to do these actions. | We have had problems with trac spam when ticket create and ticket modify permissions were set to anonymous (the default). To get around this most (all?) instances have been changed to require authenticated users to do these actions. | ||
− | But some projects strongly desire to support anonymous ticket creation and modification and at some point this might be viable using image captcha technology to keep out the spammers. A Trac plugin for this is | + | But some projects strongly desire to support anonymous ticket creation and modification and at some point this might be viable using image captcha technology to keep out the spammers. A Trac plugin for this is currently installed, see [https://trac.edgewall.org/wiki/SpamFilter SpamFilter] for usage. |
− | + | == SpamFilter management == | |
+ | |||
+ | The bare minimum that each instance admin should take care of: | ||
+ | |||
+ | * Edit of a BadContent page, made read-only, for example: https://trac.osgeo.org/XXXX/wiki/BadContent | ||
+ | * Frequently check the monitoring page training bayes for ham/spam: https://trac.osgeo.org/XXXX/admin/spamfilter/monitor | ||
+ | |||
+ | A global SpamFilter configuration is used unless any instance admin changed the configuration via the GUI ("Apply Changes"). | ||
+ | The global configuration (in /etc/trac/spamfilter.ini) sets, other than the defaults: | ||
+ | |||
+ | * SessionFilterStrategy: 0 | ||
+ | * Karma of authenticated users: 0 | ||
+ | |||
+ | |||
+ | Instructions to delete a spam user from LDAP: see [[SAC:LDAP#Editing_the_LDAP_database]] | ||
= Trac notification forward to project mailing list = | = Trac notification forward to project mailing list = | ||
Line 119: | Line 205: | ||
To fwd notifications from trac to e.g. a project developers mailing list, you need to | To fwd notifications from trac to e.g. a project developers mailing list, you need to | ||
* set in trac the mailing list address as default (trac Admin section) | * set in trac the mailing list address as default (trac Admin section) | ||
− | * add the trac@osgeo.org address in Mailman | + | * add the trac@osgeo.org address (or trac_osgeo@.., or ...) in Mailman to |
** "Privacy options" | ** "Privacy options" | ||
*** "Subscription rules" | *** "Subscription rules" | ||
− | + | *** "[Sender filters]" | |
− | + | **** "Non-member filters" | |
− | + | ***** "List of non-member addresses whose postings should be automatically accepted." | |
+ | * As the mail may be addressed to "undisclosed recipients" instead of directly to the list, the messages may be held for moderator approval. To avoid this add "undisclosed recipients" to the list of acceptable aliases at | ||
+ | ** "Privacy options" | ||
+ | *** "[Recipient filters]" | ||
+ | **** ''acceptable_aliases'' | ||
[[Category:Infrastructure]] | [[Category:Infrastructure]] | ||
+ | [[Category:Services]] |
Latest revision as of 07:03, 10 September 2024
Summary
- As of September 4th, 2024 Trac upgraded to 1.6
- As of August 19th, 2024 Trac upgraded to 1.4.4
- As Of May 8th, 2022 Trac upgraded to 1.4.3
- October 12, 2018 tracvm was migrated to lxd container called tracsvn on osgeo7
- As of February 2017 Trac 1.2.1dev (r15513 patched) is running at http://trac.osgeo.org/ (the tracsvn VM at OSU OSL).
- Trac Guide
- Configurations are in /var/www/trac/*/conf/trac.ini and inherit /etc/trac/trac-common.ini
- All data lives under /var/www/trac and in trac_* PostgreSQL databases
- Authentication uses the OSGeo LDAP database
- virtual server configurations are under /etc/apache2/includes/trac/*.conf, included by /etc/apache2/sites-available/trac.conf
- Existing Instances
- Actual python is installed in /usr/local/lib/python2.6/dist-packages/Trac*.egg (May 2015)
- Frank Warmerdam and Howard Butler have configuration experience, and can help maintain instances.
- Sandro Santilli is helping with trac since late 2015, driving the upgrade from 1.0.5 to 1.2.1dev in Feb 2017
Procedures
Ansible Deploy
As of August 2024 we have a "trac" ansible role for use to deploy the service with support for both production and staging environments. See deployment/deploy-trac.yml in https://git.osgeo.org/gitea/sac/ansible-deployment
Staging
Staging host exists for testing upgrades or configuration changes: https://dev.trac.osgeo.org/
Local Customizations
As of 2017-02-01, after upgrading to Trac-1.2.1, there is a minor modifications to allow notifying OSGeo users who have never logged into trac yet.
See https://trac.osgeo.org/osgeo/ticket/1863
Creating a trac instance
$ sudo -u postgres createdb -O trac trac_<proj_name> $ sudo trac-admin \ /var/www/trac/env/<proj_name> initenv \ --inherit=/etc/trac/trac-common.ini
- Make sure to set the db connection to postgres://trac@/trac_<proj_name> (password for the user is kept in ~www-data/.pgpass)
- Use /var/www/svn/repos/<proj_name> for the svn path or /var/www/git/repos/<proj_name> for the git path
- For SVN, write a /var/www/repos/<proj_name>/post-commit with this content:
REPOS="$1" REV="$2" TRAC_ENV=`basename ${REPOS}` /var/www/svn/hookscripts/osgeo-post-commit-hook "${TRAC_ENV}" "${REPOS}" "${REV}" &
- Set the project admin user:
$ sudo trac-admin /var/www/trac/<proj_name> permission add <osgeo_userid> TRAC_ADMIN
- Set permissions on the trac environment dir:
$ sudo chown -R www-data:www-data /var/www/trac/<proj_name>
- Update /var/www/trac/<proj_name>/conf/trac.ini to enable email notification (TODO: move to /etc/trac/trac-common.ini)
- Add virtual host file /etc/apache2/conf.d/trac/<proj_name>.conf enabling LDAP based authentication.
- Logo can be referenced in /var/www/trac/<proj_name>/conf/trac.ini and placed in /var/www/trac/<proj_name>/htdocs
- Add to /var/www/trac/index.html
- Add to /var/www/trac/trac_instances.txt
- Add to /etc/trac/intertrac.ini
- Regenerate the robots.txt file with the command:
$ sudo /var/www/trac/mkrobots.sh
Permissions
Recommended Trac permissions:
anonymous BROWSER_VIEW anonymous CHANGESET_VIEW anonymous FILE_VIEW anonymous LOG_VIEW anonymous MILESTONE_VIEW anonymous REPORT_SQL_VIEW anonymous REPORT_VIEW anonymous ROADMAP_VIEW anonymous SEARCH_VIEW anonymous TICKET_VIEW anonymous TIMELINE_VIEW anonymous WIKI_VIEW authenticated TICKET_CHGPROP authenticated TICKET_CREATE authenticated TICKET_MODIFY authenticated WIKI_CREATE authenticated WIKI_MODIFY developers DOXYGEN_VIEW developers MILESTONE_ADMIN developers REPORT_ADMIN developers REPORT_CREATE developers WIKI_ADMIN warmerdam developers warmerdam TRAC_ADMIN strk TRAC_ADMIN ...
SQL Compatability Issue with Postgres
You will have to modify the SQL statement of the All Ticket by Milestone report. This can be done by accessing the trac report page and click the Edit report button (You need to be an admin of the trac instance). Check the sql statement of another trac instance and replace the one of the new instance.
Plugins
Shared plugins are installed in /usr/local/lib/python2.6/dist-packages/ (usually having a name starting with "Trac") and need be explicitly enabled for each project (can be done by trac admin).
Project specific plugins (discouraged) are under /var/www/trac/<project>/plugins/ and are enabled by default.
For more info see the plugin install guide.
Available shared plugins (updated September '24):
- TracLDAPEmailResolverPlugin 0.1 - uses LDAP lookup to resolve OSGeo users email. WORKS with Trac 1.6
- TracStatsPlugin 0.6.1 - shows project statistics. WORKS with Trac 1.6
- TracTocMacro 12.0.0 - multi page tables of contents. WORKS with Trac 1.6
- TracSectionEditPlugin 1.3.0dev - ability to edit one section in a wiki page. WORKS with Trac 1.6
- TracBackLinkPlugin 1.0.15</dub> - show incoming links on tickets. WORKS with Trac 1.6
TracDoxygen 0.11.0 - mix doxygen docs into trac interface (needs extra admin support). . WORKS with Trac 1.4REMOVED in Sep 2024 as not compatible with Trac-1.6TracSpamFilter 1.0.10dev - spam filtering plugin. WORKS with Trac 1.4```REMOVED in Sep 2024 as not used```TracSecureTickets 0.1.4 - The authz policy mechanism provides fine-grained permissions for tickets.REMOVED in Jan 2017Tracticketsstats 3.0.0dev - visualizes trac ticket statisticsREMOVED in Jan 2017TracAdvParseArgsPlugin 1.0.5 - dependency of TicketStatsMacroREMOVED in Jan 2017sensitivetickets 0.22 (deprecated by SecureTicketsPlugin ?)REMOVED in Jan 2017MediaWikiMacro - provides media wiki like format support (link? details?)NOT FOUND as of Nov 2015TracMetrixPlugin 0.1.8dev - quality metrix and progress statistics.REMOVED in Jan 2017 as it FAILED with Trac 1.2 - https://trac-hacks.org/ticket/13041
Custom fields
See http://trac.edgewall.org/wiki/TracTicketsCustomFields
for example, in trac.ini:
[ticket-custom] platform = select platform.label = Platform platform.options = Unspecified|MSWindows 2K|MSWindows XP|MSWindows Vista|MSWindows CygWin|MacOSX|Linux|Other Unix|All platform.value = Unspecified
cpu = select cpu.label = CPU cpu.options = Unspecified|x86-32|x86-64|OSX/PPC|OSX/Intel|Other|All cpu.value = Unspecified
ZIP support for directories
Docs: https://trac.edgewall.org/wiki/TracIni#browser-section
Used in GRASS GIS trac instance to enable zip download support for g.extension addon manager downloads: Directories are to be enabled as a comma separated list.
# file: /var/www/trac/grass/conf/trac.ini [browser] downloadable_paths = /grass-addons/grass7/*/*,/sandbox/*/*
Making Trac Read-Only
It appears the usual way of making Trac read-only is to remove all permissions on the "authenticated" group in the Admin/Permissions dialog. This will remove the authenticated group and then only those with special admin priviledges can edit the wiki, create tickets, etc.
Timeline with filename indication
[timeline] changeset_long_messages = false changeset_show_files = 1 changeset_files_count = 3 default_daysback = 30 ticket_show_details = false
(see for example here)
Hotcopy a trac instance
$ sudo trac-admin /var/www/html/trac/<proj_name> hotcopy /path/to/copy/trac/to
Trac Spam
We have had problems with trac spam when ticket create and ticket modify permissions were set to anonymous (the default). To get around this most (all?) instances have been changed to require authenticated users to do these actions.
But some projects strongly desire to support anonymous ticket creation and modification and at some point this might be viable using image captcha technology to keep out the spammers. A Trac plugin for this is currently installed, see SpamFilter for usage.
SpamFilter management
The bare minimum that each instance admin should take care of:
- Edit of a BadContent page, made read-only, for example: https://trac.osgeo.org/XXXX/wiki/BadContent
- Frequently check the monitoring page training bayes for ham/spam: https://trac.osgeo.org/XXXX/admin/spamfilter/monitor
A global SpamFilter configuration is used unless any instance admin changed the configuration via the GUI ("Apply Changes"). The global configuration (in /etc/trac/spamfilter.ini) sets, other than the defaults:
- SessionFilterStrategy: 0
- Karma of authenticated users: 0
Instructions to delete a spam user from LDAP: see SAC:LDAP#Editing_the_LDAP_database
Trac notification forward to project mailing list
To fwd notifications from trac to e.g. a project developers mailing list, you need to
- set in trac the mailing list address as default (trac Admin section)
- add the trac@osgeo.org address (or trac_osgeo@.., or ...) in Mailman to
- "Privacy options"
- "Subscription rules"
- "[Sender filters]"
- "Non-member filters"
- "List of non-member addresses whose postings should be automatically accepted."
- "Non-member filters"
- "Privacy options"
- As the mail may be addressed to "undisclosed recipients" instead of directly to the list, the messages may be held for moderator approval. To avoid this add "undisclosed recipients" to the list of acceptable aliases at
- "Privacy options"
- "[Recipient filters]"
- acceptable_aliases
- "[Recipient filters]"
- "Privacy options"