This post is adapted from: http://www.davegardner.me.uk/blog/2010/01/29/setting-up-git-on-centos-5-server/
A. Yum Repositories:
You will need EPEL repository:
http://fedoraproject.org/wiki/EPEL
#---
rpm -Uivh http://download.fedora.redhat.com/pub/epel/5/x86_64/epel-release-5-4.noarch.rpm
#---
B. Getting git installed:
1. Install Git and XinetD daemon:
#---
yum -y install \
git \
git-daemon
#---
All your repositories are under [/var/lib/git].
To change that just follow these instructions (I rather not change it):
1.1. Changing Git root dir
#---
MY_GIT_ROOT_DIR=>where will all git projects be<
mkdir -p ${MY_GIT_ROOT_DIR}
chmod 755 ${MY_GIT_ROOT_DIR}
chown root:root ${MY_GIT_ROOT_DIR}
#---
1.2. Adjust the daemon xinetd setup to use the new directory: /etc/xinetd.d/git
...
server_args = --base-path=>where will all git projects be< ...
...
2. Put XinetD to run:
#---
service xinetd restart
chkconfig --level 345 xinetd on
#---
3. Creating a project:
After that you just need to follow the instructions given on the link below:
http://thelucid.com/2008/12/02/git-setting-up-a-remote-repository-and-doing-an-initial-push/
Showing posts with label centos. Show all posts
Showing posts with label centos. Show all posts
Sunday, March 20, 2011
Friday, August 14, 2009
[updated] CruiseControl: Config
Before following this post you need an SVN server (post here) and a CruiseControl server (post here and here).
1. Create a special account, on the SVN server, for getting the source code from the CC server.
The objective here is to do something similar to what is described at http://svn.collab.net/repos/svn/trunk/notes/ssh-tricks
1.1. [SVN Server] On the SVN server:
1.1.1. Add two new SVN access accounts, but without shell access:
#---
useradd svn-ro
useradd svn-rw
usermod --lock svn-ro
usermod --lock svn-rw
#---
1.1.2. Verify if the SSH daemon is setup to accept public key authentication: /etc/ssh/sshd_config
It must have a line with:
PubkeyAuthentication yes
1.2. [CC Server] On the CC server:
1.2.1. Setup the key pair for the cruise user, to be used to authenticate at the SVN server (see documentation here):
a. Enter an EMPTY passphrase for the ssh key pair:
#---
mkdir ~cruise/.ssh
ssh-keygen -q -f ~cruise/.ssh/id_rsa -t rsa
#---
b. Let the user have access to own keys, but only this user:
#---
chmod -R go-rwx ~cruise/.ssh
chown -R cruise:cruise ~cruise/.ssh
#---
1.2.3. Copy the public key to the SVN server, at the svn-ro user home dir (remember that svn-ro user has no shell access, so do NOT try to transfer the key using the svn-ro account).
#---
scp ~cruise/.ssh/id_rsa.pub <user that HAS shell access in the SVN server>@<SVN server>:
#---
1.3. [SVN Server] Back at the SVN server:
1.3.1. Add the public key to the svn access user's (svn-ro) authorized key ring:
#---
mkdir -p ~svn-ro/.ssh/
mkdir -p ~svn-rw/.ssh/
cat ~<user used to deploy the public key>/id_rsa.pub >> ~svn-ro/.ssh/authorized_keys
cat ~<user used to deploy the public key>/id_rsa.pub >> ~svn-rw/.ssh/authorized_keys
chown -R svn-ro:svn-ro ~svn-ro/.ssh/
chmod -R go-rwx ~svn-ro/.ssh/
chown -R svn-rw:svn-rw ~svn-rw/.ssh/
chmod -R go-rwx ~svn-rw/.ssh/
#---
1.3.2. Edit the authorization key ring file: ~svn-ro/.ssh/authorized_keys AND ~svn-rw/.ssh/authorized_keys
a. It looks like this:
ssh-rsa AAAA<a lot more chars>= root@<CC server name>
b. change it to this:
command="/usr/bin/svnserve -t",no-port-forwarding,no-agent-forwarding,no-X11-forwarding,no-pty ssh-rsa AAAA<a lot more chars>= root@<CC server name>
1.4. [CC Server] Back to the CC server:
1.4.1. Create the necessary directories for the CC:
#---
mkdir -p /var/spool/cruisecontrol/{projects,logs,artifacts}
chown -R cruise:cruise /var/spool/cruisecontrol/
#---
1.4.1. Try to access the SVN server:
#---
su - cruise
svn list svn+ssh://svn-ro@<SVN server>/var/svn/
logout
#---
2. Configuring a project to be managed under the CC policy:
a. Local working copy (for the CruiseControl): /var/spool/cruisecontrol/projects
b. Special SVN repository for the CruiseControl configuration and building ANT scripts: /var/svn/cruisecontrol
c. A special SVN Project (under the /var/svn/trunk) to hold the main build and JUnit ANT scripts, that is called Master here
2.1. [SVN Server] Create the new CC root at the SVN
#---
svn mkdir -m "Initial setup: CruiseControl development tree" file:///var/svn/cruisecontrol
#---
2.4. [Dev Workstation] Create a project, named Main, and commit/import it to svn+ssh://<SVN server>/var/svn/cruisecontrol
Note.: This project must contain at least one file called build-cc.xml.
2.5. [SVN Server] To keep it simple:
#---
su - <A regular dev user>
mkdir Main
cd Main
cat > build-cc.xml << __END__
<project basedir="." default="main" name="Main">
<target name="main">
<echo message="Working"/>
</target>
</project>
__END__
svn import -m "Initial CruiseControl build file" file:///var/svn/cruisecontrol/Main
#---
2.6. [CC Server] Checkout the CC root from the SVN at the local working dir: /var/spool/cruisecontrol/projects
#---
su - cruise
svn checkout svn+ssh://svn-ro@<SVN Server>/var/svn/cruisecontrol/Main projects/Main
logout
#---
2.3. [CC Server] Create a new config.xml
[UPDATE: NOT WORKING PROPERLY] (Thanks to Leif, see comments below).
#---
cat > /etc/cruisecontrol/config.xml << __END__
<cruisecontrol>
<property name="cruise.working.dir" value="/var/spool/cruisecontrol" />
<property name="cruise.log.dir" value="\${cruise.working.dir}/logs" />
<property name="cruise.projects.dir" value="\${cruise.working.dir}/projects" />
<property name="svn.sandbox.username" value="svn-ro" />
<plugin name="basicproject" classname="net.sourceforge.cruisecontrol.ProjectConfig">
<labelincrementer defaultLabel="\${project.name}-1"
separator="-" />
<listeners>
<currentbuildstatuslistener
file="\${cruise.log.dir}/\${project.name}/status.txt" />
</listeners>
<modificationset quietperiod="30">
<svn LocalWorkingCopy="\${cruise.projects.dir}/\${project.name}" />
</modificationset>
<log>
<merge
dir="\${cruise.working.dir}/projects/\${project.name}/target/test-results" />
</log>
<publishers>
<artifactspublisher
file="\${cruise.working.dir}/projects/\${project.name}/target/\${project.name}.jar"
dest="\${cruise.working.dir}/artifacts/\${project.name}" />
</publishers>
</plugin>
<!-- here you can change the project name, if you decided from something else -->
<project name="Main" buildafterfailed="yes"
forceBuildNewProject="yes">
<bootstrappers>
<svnbootstrapper localWorkingCopy="\${cruise.projects.dir}/\${project.name}"
userName="\${svn.sandbox.username}" />
</bootstrappers>
<schedule interval="10">
<ant antWorkingDir="\${cruise.projects.dir}/\${project.name}"
buildfile="build-cc.xml" />
</schedule>
</project>
</cruisecontrol>
__END__
#---
[UPDATE]
2.4. [CC Server] Restart the server and check if it worked by accessing: http://localhost:8080/dashboard/
3. Have fun, configuring the build-cc.xml and organising your repository and code :-)
Related posts:
Subversion and Apache with PAM
CruiseControl on Fedora: Setup
CruiseControl on CentOS: Setup
1. Create a special account, on the SVN server, for getting the source code from the CC server.
The objective here is to do something similar to what is described at http://svn.collab.net/repos/svn/trunk/notes/ssh-tricks
1.1. [SVN Server] On the SVN server:
1.1.1. Add two new SVN access accounts, but without shell access:
#---
useradd svn-ro
useradd svn-rw
usermod --lock svn-ro
usermod --lock svn-rw
#---
1.1.2. Verify if the SSH daemon is setup to accept public key authentication: /etc/ssh/sshd_config
It must have a line with:
PubkeyAuthentication yes
1.2. [CC Server] On the CC server:
1.2.1. Setup the key pair for the cruise user, to be used to authenticate at the SVN server (see documentation here):
a. Enter an EMPTY passphrase for the ssh key pair:
#---
mkdir ~cruise/.ssh
ssh-keygen -q -f ~cruise/.ssh/id_rsa -t rsa
#---
b. Let the user have access to own keys, but only this user:
#---
chmod -R go-rwx ~cruise/.ssh
chown -R cruise:cruise ~cruise/.ssh
#---
1.2.3. Copy the public key to the SVN server, at the svn-ro user home dir (remember that svn-ro user has no shell access, so do NOT try to transfer the key using the svn-ro account).
#---
scp ~cruise/.ssh/id_rsa.pub <user that HAS shell access in the SVN server>@<SVN server>:
#---
1.3. [SVN Server] Back at the SVN server:
1.3.1. Add the public key to the svn access user's (svn-ro) authorized key ring:
#---
mkdir -p ~svn-ro/.ssh/
mkdir -p ~svn-rw/.ssh/
cat ~<user used to deploy the public key>/id_rsa.pub >> ~svn-ro/.ssh/authorized_keys
cat ~<user used to deploy the public key>/id_rsa.pub >> ~svn-rw/.ssh/authorized_keys
chown -R svn-ro:svn-ro ~svn-ro/.ssh/
chmod -R go-rwx ~svn-ro/.ssh/
chown -R svn-rw:svn-rw ~svn-rw/.ssh/
chmod -R go-rwx ~svn-rw/.ssh/
#---
1.3.2. Edit the authorization key ring file: ~svn-ro/.ssh/authorized_keys AND ~svn-rw/.ssh/authorized_keys
a. It looks like this:
ssh-rsa AAAA<a lot more chars>= root@<CC server name>
b. change it to this:
command="/usr/bin/svnserve -t",no-port-forwarding,no-agent-forwarding,no-X11-forwarding,no-pty ssh-rsa AAAA<a lot more chars>= root@<CC server name>
1.4. [CC Server] Back to the CC server:
1.4.1. Create the necessary directories for the CC:
#---
mkdir -p /var/spool/cruisecontrol/{projects,logs,artifacts}
chown -R cruise:cruise /var/spool/cruisecontrol/
#---
1.4.1. Try to access the SVN server:
#---
su - cruise
svn list svn+ssh://svn-ro@<SVN server>/var/svn/
logout
#---
2. Configuring a project to be managed under the CC policy:
a. Local working copy (for the CruiseControl): /var/spool/cruisecontrol/projects
b. Special SVN repository for the CruiseControl configuration and building ANT scripts: /var/svn/cruisecontrol
c. A special SVN Project (under the /var/svn/trunk) to hold the main build and JUnit ANT scripts, that is called Master here
2.1. [SVN Server] Create the new CC root at the SVN
#---
svn mkdir -m "Initial setup: CruiseControl development tree" file:///var/svn/cruisecontrol
#---
2.4. [Dev Workstation] Create a project, named Main, and commit/import it to svn+ssh://<SVN server>/var/svn/cruisecontrol
Note.: This project must contain at least one file called build-cc.xml.
2.5. [SVN Server] To keep it simple:
#---
su - <A regular dev user>
mkdir Main
cd Main
cat > build-cc.xml << __END__
<project basedir="." default="main" name="Main">
<target name="main">
<echo message="Working"/>
</target>
</project>
__END__
svn import -m "Initial CruiseControl build file" file:///var/svn/cruisecontrol/Main
#---
2.6. [CC Server] Checkout the CC root from the SVN at the local working dir: /var/spool/cruisecontrol/projects
#---
su - cruise
svn checkout svn+ssh://svn-ro@<SVN Server>/var/svn/cruisecontrol/Main projects/Main
logout
#---
2.3. [CC Server] Create a new config.xml
[UPDATE: NOT WORKING PROPERLY] (Thanks to Leif, see comments below).
#---
cat > /etc/cruisecontrol/config.xml << __END__
<cruisecontrol>
<property name="cruise.working.dir" value="/var/spool/cruisecontrol" />
<property name="cruise.log.dir" value="\${cruise.working.dir}/logs" />
<property name="cruise.projects.dir" value="\${cruise.working.dir}/projects" />
<property name="svn.sandbox.username" value="svn-ro" />
<plugin name="basicproject" classname="net.sourceforge.cruisecontrol.ProjectConfig">
<labelincrementer defaultLabel="\${project.name}-1"
separator="-" />
<listeners>
<currentbuildstatuslistener
file="\${cruise.log.dir}/\${project.name}/status.txt" />
</listeners>
<modificationset quietperiod="30">
<svn LocalWorkingCopy="\${cruise.projects.dir}/\${project.name}" />
</modificationset>
<log>
<merge
dir="\${cruise.working.dir}/projects/\${project.name}/target/test-results" />
</log>
<publishers>
<artifactspublisher
file="\${cruise.working.dir}/projects/\${project.name}/target/\${project.name}.jar"
dest="\${cruise.working.dir}/artifacts/\${project.name}" />
</publishers>
</plugin>
<!-- here you can change the project name, if you decided from something else -->
<project name="Main" buildafterfailed="yes"
forceBuildNewProject="yes">
<bootstrappers>
<svnbootstrapper localWorkingCopy="\${cruise.projects.dir}/\${project.name}"
userName="\${svn.sandbox.username}" />
</bootstrappers>
<schedule interval="10">
<ant antWorkingDir="\${cruise.projects.dir}/\${project.name}"
buildfile="build-cc.xml" />
</schedule>
</project>
</cruisecontrol>
__END__
#---
[UPDATE]
2.4. [CC Server] Restart the server and check if it worked by accessing: http://localhost:8080/dashboard/
3. Have fun, configuring the build-cc.xml and organising your repository and code :-)
Related posts:
Subversion and Apache with PAM
CruiseControl on Fedora: Setup
CruiseControl on CentOS: Setup
CruiseControl on CentOS: Setup
In this post I want to present a simple way to install and configure CruiseControl (hereafter just CC) to run on CentOS. For the configuration part, please refer to the Fedora procedure, since it is the same. The only difference is in how to install the CC to be similar to the RPM instalation.
1. Since I could not find any RPM specific for CentOS I have taken the binaries available at CC home-page: http://cruisecontrol.sourceforge.net/download.html
You will also need the following packages:
#---
yum -y install \
ant
#---
And Sun's Java JDK: http://java.sun.com/javase/downloads
2. Decompress the binary package from CC into /opt dir:
#---
unzip cruisecontrol-bin-<VERSION>.zip -d /opt/
ln -s /opt/cruisecontrol-bin-<VERSION> /opt/cruisecontrol
#---
3. Edit the starting script at: /opt/cruisecontrol/cruisecontrol.sh
3.1. Add the following lines, right after the commented CC_OPTS variable:
JAVA_HOME="/usr/java/default/jre"
PATH=${JAVA_HOME}/bin:${PATH}
3.2. Check if the default port is free:
#---
nc -z localhost 8080 || echo "Port is free" # default cruise control port AND tomcat's default port, watch this out
#---
OBS.: It MUST yeld NOTHING. If it returns a "succeeded" it means that the port is occupied and you need to change it to another one.
3.3. Change the final calling statements for:
#---
cat >> /opt/cruisecontrol/cruisecontrol.sh << __END__
# PAY ATTENTION: you ABSOLUTELY need to change the argument in the \"-webport\" if the port 8080 is already occupied
CMD="JAVA_HOME=\${JAVA_HOME:-/usr} \\
PATH=\${JAVA_HOME:-/usr}/bin:\$PATH \\
CC_OPTS=\"\${CRUISE_OPTS:-}\" \\
\$JAVA_HOME/bin/java \\
-Djavax.management.builder.initial=mx4j.server.MX4JMBeanServerBuilder \\
\"-Dcc.library.dir=\$LIBDIR\" \\
\"-Djetty.logs=$JETTY_LOGS\" \\
-jar \"\$LAUNCHER\" \$@ \\
-configfile /etc/cruisecontrol/config.xml \\
-jmxport \${CRUISE_JMX_PORT:-8000} \\
-rmiport \${CRUISE_RMI_PORT:-1099} \\
-webport \${CRUISE_WEB_PORT:-8080} \\
&"
echo \$CMD
# necessary to make the "out-of-box" version work regardless of the calling point
cd /var/spool/cruisecontrol/
eval \${CMD}
echo \$! > /var/spool/cruisecontrol/cc.pid
__END__
mv /opt/cruisecontrol/cruisecontrol.sh /opt/cruisecontrol/cruisecontrol2.sh
cat > /opt/cruisecontrol/cruisecontrol.sh << __END__
#!/bin/sh
su - cruise -c /opt/cruisecontrol/cruisecontrol2.sh
__END__
chmod 755 /opt/cruisecontrol/cruisecontrol.sh
#---
4. Add the cruise user:
#---
groupadd cruise
useradd \
--comment "CruiseControl User" \
--home-dir "/var/spool/cruisecontrol" \
--gid cruise \
--shell /bin/bash \
cruise
#---
5. Verify if CC is running:
#---
/opt/cruisecontrol/cruisecontrol.sh
#---
5.1. Check if it is up and running by accessing: http://localhost:8080/dashboard (remember that if you changed the default port the value 8080 must be changed as well).
5.2. If it is up and running you may want to make it starts when the server starts:
#---
cat >> /etc/rc.local << __END__
# starts the CruiseControl
/opt/cruisecontrol/cruisecontrol.sh
__END__
#---
Related post: CruiseControl on Fedora: Setup
1. Since I could not find any RPM specific for CentOS I have taken the binaries available at CC home-page: http://cruisecontrol.sourceforge.net/download.html
You will also need the following packages:
#---
yum -y install \
ant
#---
And Sun's Java JDK: http://java.sun.com/javase/downloads
2. Decompress the binary package from CC into /opt dir:
#---
unzip cruisecontrol-bin-<VERSION>.zip -d /opt/
ln -s /opt/cruisecontrol-bin-<VERSION> /opt/cruisecontrol
#---
3. Edit the starting script at: /opt/cruisecontrol/cruisecontrol.sh
3.1. Add the following lines, right after the commented CC_OPTS variable:
JAVA_HOME="/usr/java/default/jre"
PATH=${JAVA_HOME}/bin:${PATH}
3.2. Check if the default port is free:
#---
nc -z localhost 8080 || echo "Port is free" # default cruise control port AND tomcat's default port, watch this out
#---
OBS.: It MUST yeld NOTHING. If it returns a "succeeded" it means that the port is occupied and you need to change it to another one.
3.3. Change the final calling statements for:
#---
cat >> /opt/cruisecontrol/cruisecontrol.sh << __END__
# PAY ATTENTION: you ABSOLUTELY need to change the argument in the \"-webport\" if the port 8080 is already occupied
CMD="JAVA_HOME=\${JAVA_HOME:-/usr} \\
PATH=\${JAVA_HOME:-/usr}/bin:\$PATH \\
CC_OPTS=\"\${CRUISE_OPTS:-}\" \\
\$JAVA_HOME/bin/java \\
-Djavax.management.builder.initial=mx4j.server.MX4JMBeanServerBuilder \\
\"-Dcc.library.dir=\$LIBDIR\" \\
\"-Djetty.logs=$JETTY_LOGS\" \\
-jar \"\$LAUNCHER\" \$@ \\
-configfile /etc/cruisecontrol/config.xml \\
-jmxport \${CRUISE_JMX_PORT:-8000} \\
-rmiport \${CRUISE_RMI_PORT:-1099} \\
-webport \${CRUISE_WEB_PORT:-8080} \\
&"
echo \$CMD
# necessary to make the "out-of-box" version work regardless of the calling point
cd /var/spool/cruisecontrol/
eval \${CMD}
echo \$! > /var/spool/cruisecontrol/cc.pid
__END__
mv /opt/cruisecontrol/cruisecontrol.sh /opt/cruisecontrol/cruisecontrol2.sh
cat > /opt/cruisecontrol/cruisecontrol.sh << __END__
#!/bin/sh
su - cruise -c /opt/cruisecontrol/cruisecontrol2.sh
__END__
chmod 755 /opt/cruisecontrol/cruisecontrol.sh
#---
4. Add the cruise user:
#---
groupadd cruise
useradd \
--comment "CruiseControl User" \
--home-dir "/var/spool/cruisecontrol" \
--gid cruise \
--shell /bin/bash \
cruise
#---
5. Verify if CC is running:
#---
/opt/cruisecontrol/cruisecontrol.sh
#---
5.1. Check if it is up and running by accessing: http://localhost:8080/dashboard (remember that if you changed the default port the value 8080 must be changed as well).
5.2. If it is up and running you may want to make it starts when the server starts:
#---
cat >> /etc/rc.local << __END__
# starts the CruiseControl
/opt/cruisecontrol/cruisecontrol.sh
__END__
#---
Related post: CruiseControl on Fedora: Setup
Tuesday, August 04, 2009
Sending emails from server without a local smtp server
First of all, I do not like to have unnecessary daemons running on a server that are not related to the server's function and the excuse that it is easier that way does not convince me. So here is a cookbook recipe to send emails from a server without using the local smtp server (very useful for CRON scripts and other maintenance scripts).
1. You need to install mailx:
#---
yum -y install \
mailx
#---
NOTE.: For CentOS you will need nail instead of mailx (they crippled mailx in CentOS):
1.1. Install the repository from http://centos.karan.org/:
#---
wget http://centos.karan.org/kbsingh-CentOS-Extras.repo -O /etc/yum.repos.d/kbsingh-CentOS-Extras.repo
#---
1.2. Install nail:
#---
yum --enablerepo=kbs-CentOS-Testing -y install \
nail
#---
2. You need a copy of your SSL root certificates in the server.
2.1. On your client box, transfer your SSL certificates to the server:
#---
scp $HOME/.mozilla/firefox/<something>.default/cert<a number>.db <server ssh user>@<your server>:/path/you/can/write
#---
2.2. Go to the server and put the certificate db at some path your script has access to
3. Create a GMail account, that will be the sender in your scripts (the password will be stored on the script, so do NOT use one of your accounts)
4. On your script put the following a line like the following:
#---
mail \
-S smtp-use-starttls \
-S smtp=smtp://smtp.gmail.com:587 \
-S smtp-auth=login \
-S smtp-auth-user=<username gmail>@gmail.com \
-S smtp-auth-password=<the account password> \
-S from="<username gmail>@gmail.com" \
-S nss-config-dir=<where you stored the certificates DB file> \
-S ssl-verify=ignore \
-s "<email subject>" <to whom the email must be sent>
#---
4.1. If you are in a CentOS box, change the command mail for nail in the above command line and all will work perfectly.
1. You need to install mailx:
#---
yum -y install \
mailx
#---
NOTE.: For CentOS you will need nail instead of mailx (they crippled mailx in CentOS):
1.1. Install the repository from http://centos.karan.org/:
#---
wget http://centos.karan.org/kbsingh-CentOS-Extras.repo -O /etc/yum.repos.d/kbsingh-CentOS-Extras.repo
#---
1.2. Install nail:
#---
yum --enablerepo=kbs-CentOS-Testing -y install \
nail
#---
2. You need a copy of your SSL root certificates in the server.
2.1. On your client box, transfer your SSL certificates to the server:
#---
scp $HOME/.mozilla/firefox/<something>.default/cert<a number>.db <server ssh user>@<your server>:/path/you/can/write
#---
2.2. Go to the server and put the certificate db at some path your script has access to
3. Create a GMail account, that will be the sender in your scripts (the password will be stored on the script, so do NOT use one of your accounts)
4. On your script put the following a line like the following:
#---
mail \
-S smtp-use-starttls \
-S smtp=smtp://smtp.gmail.com:587 \
-S smtp-auth=login \
-S smtp-auth-user=<username gmail>@gmail.com \
-S smtp-auth-password=<the account password> \
-S from="<username gmail>@gmail.com" \
-S nss-config-dir=<where you stored the certificates DB file> \
-S ssl-verify=ignore \
-s "<email subject>" <to whom the email must be sent>
#---
4.1. If you are in a CentOS box, change the command mail for nail in the above command line and all will work perfectly.
Subscribe to:
Posts (Atom)