Difference between revisions of "Trac"
Wiki-Rouault (talk | contribs) (Mention SpamFilter plugin) |
(→Plugins: add spam filter) |
||
Line 83: | Line 83: | ||
For more info see the [http://trac.edgewall.org/wiki/TracPlugins plugin install guide]. | For more info see the [http://trac.edgewall.org/wiki/TracPlugins plugin install guide]. | ||
− | Available shared plugins (updated | + | Available shared plugins (updated May '16): |
+ | * [https://trac.edgewall.org/wiki/SpamFilter TracSpamFilter] <sub>1.0.9dev</sub> - spam filtering plugin | ||
* [https://trac-hacks.org/wiki/AdvParseArgsPlugin TracAdvParseArgsPlugin] <sub>1.0.5</sub> - dependency of TicketStatsMacro (to verify, might not be needed anymore) | * [https://trac-hacks.org/wiki/AdvParseArgsPlugin TracAdvParseArgsPlugin] <sub>1.0.5</sub> - dependency of TicketStatsMacro (to verify, might not be needed anymore) | ||
* [http://trac-hacks.org/wiki/DoxygenPlugin TracDoxygen] <sub>0.11.0</sub> - mix doxygen docs into trac interface (needs extra admin support) | * [http://trac-hacks.org/wiki/DoxygenPlugin TracDoxygen] <sub>0.11.0</sub> - mix doxygen docs into trac interface (needs extra admin support) |
Revision as of 12:17, 4 May 2016
Summary
Trac 1.0.5 is running at http://trac.osgeo.org/ (the tracsvn VM at OSU OSL).
- Trac Guide
- All data and configurations live under /var/www/trac and in trac_* PostgreSQL databases
- Authentication uses the OSGeo LDAP database
- virtual server configurations are under /etc/apache2/includes/trac/*.conf, included by /etc/apache2/sites-available/trac.conf
- Existing Instances
- Actual python is installed in /usr/local/lib/python2.6/dist-packages/Trac*.egg (May 2015)
- Frank Warmerdam and Howard Butler have configuration experience, and can help maintain instances.
- Sandro Santilli is helping with trac since late 2015
Procedures
Local Customizations
The file /usr/lib/python2.3/site-packages/trac/notification.py was substantially modified to support looking up email addresses in LDAP, and will need to be re-adjusted if we upgrade to a new version of Trac.
Creating a trac instance
$ sudo createdb -U postgres trac_<proj_name> $ sudo trac-admin /var/www/trac/<proj_name> initenv
- Make sure to set the db connection to postgres://postgres@/trac_<proj_name>
- Use /var/www/svn/repos/<proj_name> for the svn path
$ sudo trac-admin /var/www/trac/<proj_name> permission add <osgeo_userid> TRAC_ADMIN $ sudo chown -R www-data:www-data /var/www/trac/<proj_name>
- Update /var/www/trac//<proj_name>/conf/trac.ini to enable email notification.
- Add virtual host file /etc/apache2/conf.d/trac/<proj_name>.conf enabling LDAP based authentication.
- Logo can be referenced in /var/www/trac/<proj_name>/conf/trac.ini and placed in /var/www/trac/<proj_name>/htdocs
- modify webadmin.* setting in trac.ini to enabled for web based administration.
- Add to /var/www/trac/index.html
- Regenerate the robots.txt file with the command:
$ sudo /var/www/trac/mkrobots.sh
Permissions
Recommended Trac permissions:
anonymous BROWSER_VIEW anonymous CHANGESET_VIEW anonymous FILE_VIEW anonymous LOG_VIEW anonymous MILESTONE_VIEW anonymous REPORT_SQL_VIEW anonymous REPORT_VIEW anonymous ROADMAP_VIEW anonymous SEARCH_VIEW anonymous TICKET_VIEW anonymous TIMELINE_VIEW anonymous WIKI_VIEW authenticated TICKET_CHGPROP authenticated TICKET_CREATE authenticated TICKET_MODIFY authenticated WIKI_CREATE authenticated WIKI_MODIFY developers DOXYGEN_VIEW developers MILESTONE_ADMIN developers REPORT_ADMIN developers REPORT_CREATE developers WIKI_ADMIN warmerdam developers warmerdam TRAC_ADMIN ...
SQL Compatability Issue with Postgres
You will have to modify the SQL statement of the All Ticket by Milestone report. This can be done by accessing the trac report page and click the Edit report button (You need to be an admin of the trac instance). Check the sql statement of another trac instance and replace the one of the new instance.
Plugins
Shared plugins are installed in /usr/local/lib/python2.6/dist-packages/ (usually having a name starting with "Trac") and need be explicitly enabled for each project (can be done by trac admin).
Project specific plugins (discouraged) are under /var/www/trac/<project>/plugins/ and are enabled by default.
For more info see the plugin install guide.
Available shared plugins (updated May '16):
- TracSpamFilter 1.0.9dev - spam filtering plugin
- TracAdvParseArgsPlugin 1.0.5 - dependency of TicketStatsMacro (to verify, might not be needed anymore)
- TracDoxygen 0.11.0 - mix doxygen docs into trac interface (needs extra admin support)
- TracMetrixPlugin 0.1.8dev - quality metrix and progress statistics
- TracSectionEditPlugin 0.2.6 - ability to edit one section in a wiki page
- #Secure Tickets 0.1.4 - The authz policy mechanism provides fine-grained permissions for tickets.
- Tracticketsstats 3.0.0dev - visualizes trac ticket statistics
- TracTocMacro 11.0.0 - multi page tables of contents.
- sensitivetickets 0.22 (deprecated by SecureTicketsPlugin ?)
MediaWikiMacro - provides media wiki like format support (link? details?)NOT FOUND as of Nov 2015
Custom fields
See http://trac.edgewall.org/wiki/TracTicketsCustomFields
for example, in trac.ini:
[ticket-custom] platform = select platform.label = Platform platform.options = Unspecified|MSWindows 2K|MSWindows XP|MSWindows Vista|MSWindows CygWin|MacOSX|Linux|Other Unix|All platform.value = Unspecified
cpu = select cpu.label = CPU cpu.options = Unspecified|x86-32|x86-64|OSX/PPC|OSX/Intel|Other|All cpu.value = Unspecified
Secure Tickets
See http://trac-hacks.org/wiki/SecureTicketsPlugin (Note that the installed plugin has been modified for OSGeo)
The initial behavior of the plugin was to set all tickets private, then let the user defines what are the public components. It has been modified this to fit osgeo needs. Since everything is public by default, we'll set manually the private components and everything else will be public.
Using the plugin
1- Enable the plugin in trac.ini:
[components] securetickets.* = enabled
2- Modify the permission_policies in trac.ini:
permission_policies = SecureTicketsPolicy, DefaultPermissionPolicy, ...
3- Define private components in trac.ini:
[securetickets] private_components = Vulnerabilities, Component2, ...
To allow a user or a group to view the private tickets, you'll have to add him the permission SECURE_TICKET_VIEW
Making Trac Read-Only
It appears the usual way of making Trac read-only is to remove all permissions on the "authenticated" group in the Admin/Permissions dialog. This will remove the authenticated group and then only those with special admin priviledges can edit the wiki, create tickets, etc.
Timeline with filename indication
[timeline] changeset_long_messages = false changeset_show_files = 1 changeset_files_count = 3 default_daysback = 30 ticket_show_details = false
(see for example here)
Hotcopy a trac instance
$ sudo trac-admin /var/www/html/trac/<proj_name> hotcopy /path/to/copy/trac/to
Trac Spam
We have had problems with trac spam when ticket create and ticket modify permissions were set to anonymous (the default). To get around this most (all?) instances have been changed to require authenticated users to do these actions.
But some projects strongly desire to support anonymous ticket creation and modification and at some point this might be viable using image captcha technology to keep out the spammers. A Trac plugin for this is apparently under development, and described at:
http://trac.edgewall.org/browser/sandbox/spam-filter-captcha
There's also a Trac SpamFilter plugin ( https://trac.osgeo.org/osgeo/ticket/1121 ) that is probably the continuation of the above mentionned plugin.
Trac notification forward to project mailing list
To fwd notifications from trac to e.g. a project developers mailing list, you need to
- set in trac the mailing list address as default (trac Admin section)
- add the trac@osgeo.org address (or trac_osgeo@.., or ...) in Mailman to
- "Privacy options"
- "Subscription rules"
- "[Sender filters]"
- "Non-member filters"
- "List of non-member addresses whose postings should be automatically accepted."
- "Non-member filters"
- "Privacy options"
- As the mail may be addressed to "undisclosed recipients" instead of directly to the list, the messages may be held for moderator approval. To avoid this add "undisclosed recipients" to the list of acceptable aliases at
- "Privacy options"
- "[Recipient filters]"
- acceptable_aliases
- "[Recipient filters]"
- "Privacy options"