Invincible Youth Ep. 53

iy53
Invincible Youth Ep. 53

Continue reading Invincible Youth Ep. 53

SSH Public Key Auth

This setup enable users to log in to remote machine without having to enter their password.

On local machine, generate public/private key pair:

ssh-keygen -t rsa

or use PuTTYgen

Send to remote machine:

cat ~/.ssh/id_rsa.pub | ssh user@domain "cat - >> ~/.ssh/authorized_keys"

or

scp ~/.ssh/id_rsa.pub user@domain:~/.ssh/authorized_keys

or use WinSCP

Note: when generating public keys using puttygen, reorganize the file content:

ssh-rsa <pub key string> user@domain
# in one line

<pub key string> is:

--- BEGIN ...
Comment: ...
<pub key string>
--- END ...

Set permission:

chmod 600 ~/.ssh/authorized_keys

To login from local machine:

ssh user@domain
# automatically logged in, no password prompt

or using PuTTy:

  • Connection > Data > Auto-login username: user
  • Connection > SSH > Auth > Private key file: *.ppk file generated by puttygen

Extra, SSH server configuration tweak (change those config values).

vim /etc/ssh/sshd_config
PermitRootLogin no
PasswordAuthentication no

Trac on Fedora

This is multiple projects installation, a continuation from previous posts.

Install required packages:

yum install trac mod_wsgi

Software: Trac 0.11.7, mod_wsgi 2.3

Trac folder: /var/svn/trac
Python eggs cache dir: /tmp/egg-cache

Create new trac environment

trac-admin /var/svn/trac/testproj initenv
  Project Name > Test Project
  Database connection string > [sqlite:db/trac.db]
  Repository type > [svn]
  Path to repository > /var/svn/repos/testproj

Create wsgi script

vim /var/svn/trac/trac.wsgi
#!/usr/bin/env python
import os
def application(environ, start_request):
  os.environ['TRAC_ENV_PARENT_DIR'] = '/var/svn/trac'
  os.environ['PYTHON_EGG_CACHE'] = '/tmp/egg-cache'
  from trac.web.main import dispatch_request
  return dispatch_request(environ, start_request)

Apache mod_wsgi settings

vim /etc/httpd/conf.d/trac.conf
# comment all settings in /etc/httpd/conf.d/wsgi.conf
LoadModule wsgi_module modules/mod_wsgi.so
WSGIScriptAlias /trac /var/svn/trac/trac.wsgi
<Directory /var/svn/trac>
  WSGIApplicationGroup %{GLOBAL}
  Order deny,allow
  Allow from all
</Directory>
<LocationMatch "/trac/[^/]+/login">
  AuthType Digest
  AuthName "Project Repository"
  AuthUserFile /var/svn/auth
  Require valid-user
</LocationMatch>

Grant administration right to admin user (trac>=0.11)

trac-admin /var/svn/trac/testproj permission add user1 TRAC_ADMIN

Set ownership

chown -R apache.apache /var/svn

Reload apache

service httpd reload

View list of projects – http://localhost/trac

Apache + SVN on Fedora

Create SVN repo, accessible from network, all users can read & checkout, certain users can write / commit

Software: Apache 2.2.11, Subversion 1.6.6, mod_dav_svn 1.6.6

File & folder:

/var/svn/
/var/svn/auth – authentication file
/var/svn/repos/ – project repositories

Install mod_dav_svn

yum install mod_dav_svn svn

Create SVN repo (refer previous post)

svnadmin create --fs-type fsfs /var/svn/repos/testproj

Create authentication file

htdigest [-c] <auth file> <realm> <username>
htdigest -c /var/svn/auth "Project Repository" user1

c – create file (exclude this flag when adding users)

Setup Apache + mod_dav_svn

vim /etc/httpd/conf.d/subversion.conf
LoadModule dav_svn_module modules/mod_dav_svn.so
LoadModule authz_svn_module modules/mod_authz_svn.so

<Location /svn>
  DAV svn
  SVNParentPath /var/svn/repos
  SVNListParentPath On
  AuthType Digest
  AuthName "Project Repository"
  AuthUserFile /var/svn/auth
  <LimitExcept GET PROPFIND OPTIONS REPORT>
    Require valid-user
  </LimitExcept>
</Location>

Change ownership of the whole svn repo dir

chown -R apache.apache /var/svn

Note: Re-assign the ownership everytime you create a new repo

Lastly, reload apache

service httpd reload

View list of projects – http://localhost/svn
View contents of particular (myproj) project – http://localhost/svn/myproj

Using SVN

My notes on how to use subversion from command line.

Assumptions:

Project dir: ~/Projects/myproj
SVN temp layout dir: /tmp/svn
SVN repos: /var/svn/repos

Create repo

mkdir -p /var/svn/repos
svnadmin create --fs-type fsfs /var/svn/repos/myproj

Import project

svn import <local dir> <repo>
mkdir -p /tmp/svn/trunk /tmp/svn/tags /tmp/svn/branches
svn import /tmp/svn file:///var/svn/repos/myproj -m "Initial import" 
svn import ~/Projects/myproj file:///var/svn/repos/myproj/trunk -m "Initial project import"

for local repo – file:/// …
for network repo – http:// …

Check out

svn checkout|co <repo> [working copy]
svn checkout file:///var/svn/repos/myproj ~/Projects/myproj
svn co file:///var/svn/repos/myproj/trunk
# will auto checkout to folder 'myproj' in current dir
# that folder is called 'working copy' dir

Review changes

svn status
# in working copy dir

Add files

svn add <folder|file>

Delete file/folder

svn delete <folder|file>
svn delete file:///var/svn/repos/myproj/trunk/file.txt 
# also can delete file in repo, not only in working copy

Commit

svn commit -m "Log message"
# in working copy dir

Update

svn update (in working copy dir)

Tagging projects

svn copy <repo> <repo tag dir>
svn copy file:///var/svn/repos/myproj/trunk file:///var/svn/repos/myproj/tags/0.1 -m "Version 0.1"

Export (for release)

svn export <repo>
svn export file:///var/svn/repos/myproj/tags/0.1
# will export to folder 'myproj'  in current dir