The point of no return

Redmine Installation on CentOS7 with Postgres10

6th December 2018 by Ali Erdinç Köroğlu

It’s been a long time since I’m not posting anything about free software so let me try to explain how to install Redmine on CentOS7.
Bytheway Nginx will connect Puma via “unix socket” and ruby will also connect postgresql via “unix socket” to get rid of the TCP over head.

From wikipedia:

Redmine is a free and open source, web-based project management and issue tracking tool. It allows users to manage multiple projects and associated subprojects. It features per project wikis and forums, time tracking, and flexible, role-based access control. It includes a calendar and Gantt charts to aid visual representation of projects and their deadlines. Redmine integrates with various version control systems and includes a repository browser and diff viewer.

The design of Redmine is significantly influenced by Trac, a software package with some similar features.

Redmine is written using the Ruby on Rails framework. It is cross-platform and cross-database and supports 34 languages

So lets begin but 1st disable selinux :)

/etc/sysconfig/selinux
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=disabled# SELINUXTYPE= can take one of three values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected.
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted

Update your CentOS

[root@redmine ~]# yum -y update

Install EPEL repository

[root@redmine ~]# yum -y epel-release

We will use Postgresql official repository

[root@redmine ~]# yum -y install https://download.postgresql.org/pub/repos/yum/10/redhat/rhel-7-x86_64/pgdg-centos10-10-2.noarch.rpm

Exclude official centos postgresql packages..

/etc/yum.repos.d/CentOS-Base.repo
[base]
name=CentOS-$releasever - Base
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os&infra=$infra
#baseurl=http://mirror.centos.org/centos/$releasever/os/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
exclude=postgre* 
#released updates
[updates]
name=CentOS-$releasever - Updates
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=updates&infra=$infra
#baseurl=http://mirror.centos.org/centos/$releasever/updates/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
exclude=postgre*

Install required packages

yum -y install zlib-devel curl-devel openssl-devel ftp wget ImageMagick-devel gcc-c++ patch readline-devel libyaml-devel libffi-devel bzip2 autoconf automake libtool bison subversion git glibc-headers glibc-devel nginx postgresql10-server postgresql10 postgresql10-devel sqlite-devel

Let’s run Postgresql and create redmine user+database

[root@redmine ~]# /usr/pgsql-10/bin/postgresql-10-setup initdb
Initializing database ... OK
 
[root@redmine ~]# systemctl enable postgresql-10
Created symlink from /etc/systemd/system/multi-user.target.wants/postgresql-10.service to /usr/lib/systemd/system/postgresql-10.service.
[root@redmine ~]# systemctl start postgresql-10
[root@redmine ~]# su - postgres -c "psql"
psql (10.6)
Type "help" for help.
 
postgres=# CREATE ROLE redmine LOGIN ENCRYPTED PASSWORD 'redredmine' NOINHERIT VALID UNTIL 'infinity';
CREATE ROLE
postgres=# CREATE DATABASE redmine WITH ENCODING='UTF8' OWNER=redmine;
CREATE DATABASE
postgres=# \q
[root@redmine ~]#

And redmine user..

[root@redmine ~]# adduser -d /opt/red -s /bin/bash -c 'Redmine user' red
[root@redmine ~]# install -d -m 755 -o red -g red /opt/red

Let the rock-off begin..

[root@redmine ~]# su -l red[red@redmine ~]$ curl -sSL https://rvm.io/mpapis.asc | gpg --import -gpg: directory '/opt/red/.gnupg' created
gpg: new configuration file '/opt/red/.gnupg/gpg.conf' created
gpg: WARNING: options in '/opt/red/.gnupg/gpg.conf' are not yet active during this run
gpg: keyring '/opt/red/.gnupg/secring.gpg' created
gpg: keyring '/opt/red/.gnupg/pubring.gpg' created
gpg: /opt/red/.gnupg/trustdb.gpg: trustdb created
gpg: key D39DC0E3: public key "Michal Papis (RVM signing) <mpapis@gmail.com>" imported
gpg: Total number processed: 1
gpg:               imported: 1  (RSA: 1)
gpg: no ultimately trusted keys found
[red@redmine ~]$ curl -sSL https://get.rvm.io | bash -s stable --ruby...
..
.
  * To start using RVM you need to run `source /opt/red/.rvm/scripts/rvm`
    in all your open shell windows, in rare cases you need to reopen all shell windows.
[red@redmine ~]$ source ~/.rvm/scripts/rvm[red@redmine ~]$ rvm --default use rubyUsing /opt/red/.rvm/gems/ruby-2.5.1
[red@redmine ~]$ cd  && svn co http://svn.redmine.org/redmine/branches/3.4-stable redmine...
..
.
 U   redmine
Checked out revision 17690.
[red@redmine ~]$ mkdir -p ./redmine/tmp/pids ./redmine/public/plugin_assets[red@redmine ~]$ cp ./redmine/config/configuration.yml.example ./redmine/config/configuration.yml[red@redmine ~]$ cp ./redmine/config/database.yml.example ./redmine/config/database.yml

Database connection for Redmine (ps: hash all other database adapter configuration lines)

/opt/red/redmine/config/database.yml
# PostgreSQL configuration
production:
  adapter: postgresql
  database: redmine
  host: /var/run/postgresql/.s.PGSQL.5432
  username: redmine
  password: "redredmine"

Let’s continue

[red@redmine config]$ cd /opt/red/redmine[red@redmine redmine]$ echo "gem 'puma'" >> Gemfile.local[red@redmine redmine]$ echo "gem: --no-ri --no-rdoc" >> ~/.gemrc[red@redmine redmine]$ gem install bundlerFetching: bundler-1.17.1.gem (100%)
Successfully installed bundler-1.17.1
1 gem installed
[red@redmine redmine]$ bundle install --without development test mysql sqlite

You’ll get an error like that..

Installing pg 0.18.4 with native extensions
Gem::Ext::BuildError: ERROR: Failed to build gem native extension.
 
    current directory: /opt/red/.rvm/gems/ruby-2.5.1/gems/pg-0.18.4/ext
/opt/red/.rvm/rubies/ruby-2.5.1/bin/ruby -r ./siteconf20181206-7476-1d3eg27.rb extconf.rb
checking for pg_config... no
No pg_config... trying anyway. If building fails, please try again with
 --with-pg-config=/path/to/pg_config
checking for libpq-fe.h... no
Can't find the 'libpq-fe.h header

Let’s fix that..

[red@redmine redmine]$ gem install pg -v '0.18.4' --source 'https://rubygems.org/' -- --with-pg-config=/usr/pgsql-10/bin/pg_configBuilding native extensions with: '--with-pg-config=/usr/pgsql-10/bin/pg_config'
This could take a while...
Successfully installed pg-0.18.4
1 gem installed
[red@redmine redmine]$ bundle install --without development test mysql sqlite...
..
.
Bundle complete! 32 Gemfile dependencies, 56 gems now installed.
Gems in the groups development, test, mysql and sqlite were not installed.
Use `bundle info [gemname]` to see where a bundled gem is installed.
[red@redmine redmine]$ rake generate_secret_token

And now we are changing postgresql’s unix socket connection method

/var/lib/pgsql/10/data/pg_hba.conf
--- pg_hba.conf.org	2018-12-06 12:02:22.214000000 +0300
+++ pg_hba.conf	2018-12-06 13:24:50.045000000 +0300
@@ -77,7 +77,7 @@
 # TYPE  DATABASE        USER            ADDRESS                 METHOD
 
 # "local" is for Unix domain socket connections only
-local   all             all                                     peer
+local   all             all                                     md5
 # IPv4 local connections:
 host    all             all             127.0.0.1/32            ident
 # IPv6 local connections:

Restart postgresql server and migrate redmine

[root@redmine ~]# systemctl restart postgresql-10[root@redmine ~]# su - l  red
[red@redmine ~]$ cd /opt/red/redmine
[red@redmine redmine]$ RAILS_ENV=production rake db:migrate...
..
.
** Invoke db:_dump (first_time)
** Execute db:_dump
** Invoke db:schema:dump (first_time)
** Invoke environment 
** Invoke db:load_config 
** Execute db:schema:dump
[red@redmine redmine]$

Puma configuration

/opt/red/redmine/config/puma.rb
#!/usr/bin/env puma
application_path = '/opt/red/redmine'
directory application_path
environment 'production'
daemonize false
pidfile "#{application_path}/tmp/pids/puma.pid"
state_path "#{application_path}/tmp/pids/puma.state"
stdout_redirect "#{application_path}/log/puma.stdout.log", "#{application_path}/log/puma.stderr.log"

Redmine SystemD script

/lib/systemd/system/redmine.service
[Unit]
Description=Redmine server
After=syslog.target
After=network.target
 
[Service]
Type=simple
WorkingDirectory=/opt/red
User=red
Group=red
ExecStart=/bin/bash -c 'source /opt/red/.rvm/scripts/rvm && rvm --default use ruby && cd /opt/red/redmine/ && bundle exec puma --config /opt/red/redmine/config/puma.rb -b unix:///opt/red/redmine.sock'
TimeoutSec=300
 
[Install]
WantedBy=multi-user.target
[root@redmine red]# systemctl status redmine
● redmine.service - Redmine server
   Loaded: loaded (/usr/lib/systemd/system/redmine.service; disabled; vendor preset: disabled)
   Active: active (running) since Thu 2018-12-06 14:08:11 +03; 1min 5s ago
 Main PID: 21783 (bash)
   CGroup: /system.slice/redmine.service
           ├─21783 /bin/bash -c source /opt/red/.rvm/scripts/rvm && rvm --default use ruby && cd /opt/red/redmine/ && bundle exec puma --config /opt/red/redmine/config/puma.rb -b unix:///opt/red/redmine.sock
           └─22214 puma 3.12.0 (unix:///opt/red/redmine.sock) [redmine]
 
Dec 06 14:08:11 redmine systemd[1]: Started Redmine server.
Dec 06 14:08:12 redmine bash[21783]: Using /opt/red/.rvm/gems/ruby-2.5.1
Dec 06 14:08:14 redmine bash[21783]: Puma starting in single mode...
Dec 06 14:08:14 redmine bash[21783]: * Version 3.12.0 (ruby 2.5.1-p57), codename: Llamas in Pajamas
Dec 06 14:08:14 redmine bash[21783]: * Min threads: 0, max threads: 16
Dec 06 14:08:14 redmine bash[21783]: * Environment: production
Dec 06 14:08:18 redmine bash[21783]: * Listening on unix:///opt/red/redmine.sock
Dec 06 14:08:18 redmine bash[21783]: Use Ctrl-C to stop

Redmine Nginx configuration

/etc/nginx/conf.d/default.conf
upstream redmine {
        server unix:///opt/red/redmine.sock;
}
 
server {
        listen 80;
        listen [::]:80;
        server_name red.redmine.com.tr;
 
        #access_log /var/log/nginx/redmine-access.log;
        access_log off;
        error_log /var/log/nginx/redmine.error error;
 
        location / {
                proxy_http_version 1.1;
                proxy_set_header Host $host;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header X-Forwarded-Proto $scheme;
                proxy_pass http://redmine/;
 
                # 502..
                proxy_buffers 8 32k;
                proxy_buffer_size 128k;
                proxy_busy_buffers_size 128k;
                proxy_read_timeout 90;
        }
}

Redmine Login Page

Bon Appétit..

Comments are closed.