Skip to content

Instantly share code, notes, and snippets.

@UweRaabe

UweRaabe/installation.rst

Forked from UnderGreen/installation.rst
Created October 31, 2019 10:56
Show Gist options
  • Save UweRaabe/6072fdc259e75fa3195c82df74c13ea2 to your computer and use it in GitHub Desktop.
Save UweRaabe/6072fdc259e75fa3195c82df74c13ea2 to your computer and use it in GitHub Desktop.
Download ZIP
Installation instruction for Kallithea
Raw
installation.rst

Setting up Kallithea on Ubuntu Server 12.04

Preparation

  1. Install Ubuntu Server.

  2. Update Ubuntu with the commands:

    sudo apt-get update
sudo apt-get upgrade

  3. Install pip and virtualenv with the commands:

    sudo apt-get install python-pip
sudo pip install virtualenv

Installing RabbitMQ

  1. Install RabbitMQ:

    sudo apt-get install rabbitmq-server

  2. Create RabbitMQ user:

    sudo rabbitmqctl add_user kallithea kallitheapass
sudo rabbitmqctl add_vhost kallitheavhost
sudo rabbitmqctl set_permissions -p kallitheavhost kallithea ".*" ".*" ".*"

Installing Kallithea

  1. Install Python sources:

    sudo apt-get install python-dev

  2. Create the base directory and temporarily give yourself ownership:

    sudo mkdir /opt/kallithea
sudo chown `whoami` -R /opt/kallithea

  3. Create the data directory, virtual environment, and install RhodeCode:

    virtualenv --no-site-packages /opt/kallithea/venv
source /opt/kallithea/venv/bin/activate
(venv) pip install pastescript
(venv) pip install kallithea

  4. Create directories and the production configuraton:

    mkdir /opt/kallithea/repos
mkdir /opt/kallithea/data
cd /opt/kallithea/data
(venv) paster make-config Kallithea production.ini

  5. Edit at least the following settings in production.ini:

    [server:main]
host = 0.0.0.0

[app:main]
use_celery = true
broker.vhost = kallitheavhost
broker.user = kallithea
broker.password = kallitheapass

  6. Generate the Kallithea database and create the initial admin account:

    (venv) paster setup-db production.ini

  7. Test the system by starting Celery and Kallithea (access the server via http://127.0.0.1:5000):

    (venv) paster celeryd production.ini &
(venv) paster serve production.ini

Enabling full-text search

  1. Create a crontab kallithea file in /etc/cron.d/ directory. Add this line to the crontab file:

    6 * * * * /opt/kallithea/venv/bin/paster make-index /opt/kallithea/data/production.ini

Starting Kallithea on boot

  1. Create the user to run the Kallithea daemons and set ownership on the Kallithea directory:

    sudo adduser --no-create-home \
             --disabled-login \
             --disabled-password \
             --system --group kallithea
sudo chown -R kallithea:kallithea /opt/kallithea

  2. Download the init.d script and modify USER, VENV_DIR, and DATA_DIR as necessary:

    wget https://gist.github.com/UnderGreen/bb4800baa48ce7b1340c/raw/130d49685ef4dae44aeaa3d58fd5c5fc0820d5c1/kallithea-init.d.sh
vim ./kallithea-init.d.sh

  3. Test the script:

    chmod +x ./kallithea-init.d.sh
sudo ./kallithea-init.d.sh start

## access Kallithea via web browser

sudo ./kallithea-init.d.sh stop

## verify that the Python processes have stopped

  4. Install the script:

    sudo cp ./kallithea-init.d.sh /etc/init.d/kallithea
cd /etc/init.d
sudo update-rc.d kallithea defaults

  5. Test the script once more:

    sudo service kallithea start
sudo service kallithea stop

Adding Active Directory support

  1. Install python-ldap:

    sudo apt-get install libldap2-dev libsasl2-dev
(venv) pip install python-ldap

  2. Log in to Kallithea as an administrator and open Settings --> LDAP. Add the following settings:

    Enable LDAP

    Checked

    Host

    dc.mydomain.local

    Port

    389

    Account

    <username>

    Password

    <password>

    Connection Security

    None

    Certificate Checks

    DEMAND

    Base DN

    CN=People,DC=mydomain,DC=local

    LDAP Filter

    <blank>

    LDAP Search Scope

    SUBTREE

    Login Attribute

    sAMAccountName

    First Name Attribute

    givenName

    Last Name Attribute

    sn

    E-mail Attribute

    mail

Adding Nginx as a front-end for SSL

  1. Add stable PPA NGINX:

    sudo apt-get install python-software-properties
apt-add-repository ppa:nginx/stable
apt-get update
apt-get install nginx

  2. Create SSL keys:

    mkdir -p /etc/nginx/ssl
cd /etc/nginx/ssl/

sudo openssl genrsa -des3 -out server.key 1024
sudo openssl req -new -key server.key -out server.csr
sudo cp server.key server.key.orig
sudo openssl rsa -in server.key.orig -out server.key
sudo openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
sudo rm server.csr
sudo chmod 600 server.crt server.key

  3. Create /etc/nginx/sites-available/kallithea.conf with kallithea.conf from this repository.

  4. Create symbolic link to /etc/nginx/sites-enabled directory for file kallithea.conf

    ln -s /etc/nginx/sites-available/kallithea.conf /etc/nginx/sites-enabled/

  5. Place kallithea-proxy.conf from this repository into /etc/nginx/kallithea-proxy.conf.

  6. Start kallithea and nginx:

    sudo service kallithea start
sudo service nginx start
Raw
kallithea-init.d.sh
#!/bin/sh
### BEGIN INIT INFO
# Provides: kallithea
# Required-Start: $all
# Required-Stop: $all
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Starts Kallithea
### END INIT INFO
USER=kallithea
VENV_DIR=/opt/kallithea/venv
DATA_DIR=/opt/kallithea/data
CELERY_ARGS="$VENV_DIR/bin/paster celeryd $DATA_DIR/production.ini"
KALLITHEA_ARGS="$VENV_DIR/bin/paster serve $DATA_DIR/production.ini"
CELERY_PID_FILE=/var/run/celeryd.pid
KALLITHEA_PID_FILE=/var/run/kallithea.pid
start_celery() {
/sbin/start-stop-daemon \
--start \
--background \
--chuid $USER \
--pidfile $CELERY_PID_FILE \
--make-pidfile \
--exec $VENV_DIR/bin/python -- $CELERY_ARGS
}
start_kallithea() {
/sbin/start-stop-daemon \
--start \
--background \
--chuid $USER \
--pidfile $KALLITHEA_PID_FILE \
--make-pidfile \
--exec $VENV_DIR/bin/python -- $KALLITHEA_ARGS
}
stop_kallithea() {
/sbin/start-stop-daemon \
--stop \
--user $USER \
--pidfile $KALLITHEA_PID_FILE
}
stop_celery() {
/sbin/start-stop-daemon \
--stop \
--user $USER \
--pidfile $CELERY_PID_FILE
}
case "$1" in
start)
echo "Starting Celery"
start_celery
echo "Starting Kallithea"
start_kallithea
;;
start_celery)
echo "Starting Celery"
start_celery
;;
start_kallithea)
echo "Starting Kallithea"
start_kallithea
;;
stop)
echo "Stopping Kallithea"
stop_kallithea
echo "Stopping Celery"
stop_celery
;;
stop_kallithea)
echo "Stopping Kallithea"
stop_kallithea
;;
stop_celery)
echo "Stopping Celery"
stop_celery
;;
restart)
echo "Stopping Kallithea and Celery"
stop
echo "Starting Celery"
start_celery
echo "Starting Kallithea"
start_kallithea
;;
*)
echo "Usage: ./kallithea {start|stop|restart|start_celery|stop_celery|start_kallithea|stop_kallithea}"
exit 2
;;
esac
exit 0
Raw
kallithea-proxy.conf
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Url-Scheme $scheme;
proxy_set_header X-Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Proxy-host $proxy_host;
client_max_body_size 400m;
client_body_buffer_size 128k;
proxy_buffering off;
proxy_connect_timeout 7200;
proxy_send_timeout 7200;
proxy_read_timeout 7200;
proxy_buffers 8 32k;
Raw
kallithea.conf
upstream kallithea {
server 127.0.0.1:5000;
}
server {
listen 80;
return 301 https://localhost$request_uri;
}
server {
listen 443 ssl;
server_name localhost;
ssl_certificate ssl/server.crt;
ssl_certificate_key ssl/server.key;
ssl_session_timeout 5m;
ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
try_files $uri @kallithea;
}
include kallithea-proxy.conf;
location @kallithea {
proxy_pass http://kallithea;
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment