Redmine2.6 + Nginx + CentOS7

소개



가끔 세울 수 있으므로 메모해 둔다.
잘못되면 지적 부탁드립니다.

기본적으로
htp : // bg. 어 d 미네. jp/아리치ぇs/2_6/인 s타치온_전과 s/
같은 절차.

환경


  • OS: CentOS7
  • Ruby: 2.1.5
  • Redmine: 2.6.1
  • Nginx: nginx/1.6.2
  • Unicorn: 4.8.3

  • Redmine 관련 Package 설치



    Redmine 설치에 필요한 패키지 설치.
    DB에는 MariaDB를 이용
    $ sudo yum -y groupinstall "Development Tools"
    $ sudo yum -y install openssl-devel readline-devel zlib-devel curl-devel libyaml-devel
    $ sudo yum -y install mariadb-server mariadb-devel
    $ sudo yum -y install ImageMagick ImageMagick-devel ipa-pgothic-fonts
    

    Ruby 설치



    rbenv 환경에서 Ruby2.1.5를 설치합니다.

    install
    $ sudo yum install gcc make openssl openssl-devel
    
    $ cd /usr/local/
    $ sudo git clone git://github.com/sstephenson/rbenv.git rbenv
    $ mkdir -p rbenv/shims rbenv/versions
    $ sudo groupadd /usr/local/rbenv
    $ sudo chgrp -R rbenv rbenv/
    $ sudo git clone git://github.com/sstephenson/ruby-build.git /usr/local/rbenv/ruby-build
    $ cd /usr/local/rbenv/ruby-build
    $ ./install.sh
    

    환경 변수 설정 파일 작성.

    /etc/profile.d/rbenv.sh
    export RBENV_ROOT="/usr/local/rbenv"
    export PATH="/usr/local/rbenv/bin:$PATH"
    eval "$(rbenv init -)"
    
    $ source /etc/profile.d/rbenv.sh
    $ sudo rbenv install -v 2.1.5
    $ rbenv versions
    * system (set by /usr/local/rbenv/version)
      2.1.3
    $ sudo rbenv global 2.1.3
    $ rbenv versions
      system
    * 2.1.5 (set by /usr/local/rbenv/version)
    $ ruby --version
    ruby 2.1.5p273 (2014-11-13 revision 48405) [x86_64-linux]
    $
    

    Bundler 설치


    $ sudo gem install bundler --no-rdoc --no-ri
    $ bundle --version
    Bundler version 1.7.12
    $
    

    MariaDB 설정



    우선은 MariaDB의 설정.

    /etc/my.cnf
    [mysqld]
    datadir=/data/mysql # Dataディレクトリ、任意
    socket=/var/lib/mysql/mysql.sock
    # Disabling symbolic-links is recommended to prevent assorted security risks
    symbolic-links=0
    # Settings user and group are ignored when systemd is used.
    # If you need to run mysqld under a different user or group,
    # customize your systemd unit file for mariadb according to the
    # instructions in http://fedoraproject.org/wiki/Systemd
    
    character-set-server=utf8
    
    [mysqld_safe]
    log-error=/var/log/mariadb/mariadb.log
    pid-file=/var/run/mariadb/mariadb.pid
    
    #
    # include all files from the config directory
    #
    !includedir /etc/my.cnf.d
    
    [mysql]
    default-character-set=utf8
    

    데이터 디렉토리 생성 및 자동 시작 설정.
    $ sudo mkdir -p /data/mysql # データディレクトリの作成
    $ sudo chown mysql:mysql /data/mysql
    $ sudo service mariadb start
    $ sudo systemctl enable mariadb
    

    기본 설정을 mysql_secure_installation 에서 루트 암호를 설정합니다.
    $ mysql_secure_installation
    NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
          SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!
    
    In order to log into MariaDB to secure it, we'll need the current
    password for the root user.  If you've just installed MariaDB, and
    you haven't set the root password yet, the password will be blank,
    so you should just press enter here.
    
    Enter current password for root (enter for none): 
    OK, successfully used password, moving on...
    
    Setting the root password ensures that nobody can log into the MariaDB
    root user without the proper authorisation.
    
    Set root password? [Y/n] y
    New password: ${root_passwd}
    Re-enter new password: ${root_passwd}
    Password updated successfully!
    Reloading privilege tables..
     ... Success!
    
    
    By default, a MariaDB installation has an anonymous user, allowing anyone
    to log into MariaDB without having to have a user account created for
    them.  This is intended only for testing, and to make the installation
    go a bit smoother.  You should remove them before moving into a
    production environment.
    
    Remove anonymous users? [Y/n] y
     ... Success!
    
    Normally, root should only be allowed to connect from 'localhost'.  This
    ensures that someone cannot guess at the root password from the network.
    
    Disallow root login remotely? [Y/n] y
     ... Success!
    
    By default, MariaDB comes with a database named 'test' that anyone can
    access.  This is also intended only for testing, and should be removed
    before moving into a production environment.
    
    Remove test database and access to it? [Y/n] y
     - Dropping test database...
     ... Success!
     - Removing privileges on test database...
     ... Success!
    
    Reloading the privilege tables will ensure that all changes made so far
    will take effect immediately.
    
    Reload privilege tables now? [Y/n] y
     ... Success!
    
    Cleaning up...
    
    All done!  If you've completed all of the above steps, your MariaDB
    installation should now be secure.
    
    Thanks for using MariaDB!
    $
    

    초기 설정 후는 redmine용의 DB redmine 와 관리자 유저의 redmine 를 작성.
    $ mysql -uroot -p
    Enter password: ${mysql_root_password}
    Welcome to the MariaDB monitor.  Commands end with ; or \g.
    Your MariaDB connection id is 10
    Server version: 5.5.40-MariaDB MariaDB Server
    
    Copyright (c) 2000, 2014, Oracle, Monty Program Ab and others.
    
    Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
    
    MariaDB [(none)]> 
    MariaDB [(none)]> 
    MariaDB [(none)]> CREATE DATABASE redmine DEFAULT character set utf8;
    Query OK, 1 row affected (0.00 sec)
    
    MariaDB [(none)]> grant all on redmine.* TO redmine@localhost identified by '${redmine_passwd}';
    Query OK, 0 rows affected (0.00 sec)
    
    MariaDB [(none)]> flush privileges;
    Query OK, 0 rows affected (0.00 sec)
    
    MariaDB [(none)]> exit;
    $
    

    Redmine 설치



    우선은 소스의 다운로드와 전개.
    그 후 심볼릭 링크를 작성.
    $ cd /usr/local/src
    $ sudo curl -O http://www.redmine.org/releases/redmine-2.6.1.tar.gz
    $ sudo tar zxvf redmine-2.6.1.tar.gz
    $ sudo ln -s ./redmine-2.6.1 /opt/redmine # /opt/redmineにシンボリックリンクを作成
    

    다음 redmine database 설정.
    우선 example 파일을 복사.
    $ sudo cp -p /opt/redmine/config/database.yml.example /opt/redmine/config/database.yml
    $ 
    

    다음에 방금 MariaDB로 작성한 유저와 DB를 지정.

    /opt/redmine/config/database.yml
    # Default setup is given for MySQL with ruby1.9. If you're running Redmine
    # with MySQL and ruby1.8, replace the adapter name with `mysql`.
    # Examples for PostgreSQL, SQLite3 and SQL Server can be found at the end.
    # Line indentation must be 2 spaces (no tabs).
    
    production:
      adapter: mysql2
      database: redmine
      host: localhost
      username: redmine
      password: "${redmine_passwd}"
      encoding: utf8
    

    이하 DB 포함한 초기 설정.
    $ cd /opt/redmine
    $ bundle install --without development test --path vendor/bundle
    $ bundle exec rake generate_secret_token
    $ RAILS_ENV=production bundle exec rake db:migrate
    

    Unicorn 설치



    다음으로 Nginx와 Redmine을 연결하는 Unicorn을 설치.
    Gem 파일 (/opt/redmine) 편집 후,

    /opt/redmine/Gemfile
    gem 'unicorn', '4.8.3'
    

    설치합니다.
    $ bundle install
    

    다음으로 redmine용의 환경 변수를 설정.

    /etc/profile.d/redmine.sh
    RAILS_ROOT=/opt/redmine
    export RAILS_ROOT
    

    환경 변수의 반영.
    $ source /etc/profile.d/redmine.sh
    

    아래 Unicorn 설정 파일.

    Scoket 파일에 대해서입니다만,/tmp/하하에 두면 Nginx로 not found 에러가 됩니다.
    ㅇㅇㅇㅇㅇㅇㅁㅁㅁ 코 m / 쿠에 s 치온 s / 463993 / 닌긴 x - 우에 x - 도마 ン - 소 c t - 에로 r / 464025 # 464025

    /opt/redmine/config/unicorn.rb
    # -*- coding: utf-8 -*-
    # ワーカーの数
    worker_processes 2
    
    # ソケット
    listen  '/var/run/unicorn.sock'
    pid     '/var/run/unicorn.pid'
    
    # ログ
    log = File.expand_path('log/unicorn.log', ENV['RAILS_ROOT'])
    stderr_path File.expand_path('log/unicorn.log', ENV['RAILS_ROOT'])
    stdout_path File.expand_path('log/unicorn.log', ENV['RAILS_ROOT'])
    
    preload_app true
    GC.respond_to?(:copy_on_write_friendly=) and GC.copy_on_write_friendly = true
    
    before_fork do |server, worker|
    defined?(ActiveRecord::Base) and ActiveRecord::Base.connection.disconnect!
    
    old_pid = "#{ server.config[:pid] }.oldbin"
    unless old_pid == server.pid
      begin
       sig = (worker.nr + 1) >= server.worker_processes ? :QUIT : :TTOU
       Process.kill :QUIT, File.read(old_pid).to_i
       rescue Errno::ENOENT, Errno::ESRCH
      end
    end
    end
    
    after_fork do |server, worker|
        defined?(ActiveRecord::Base) and ActiveRecord::Base.establish_connection
    end
    

    아래 시작 스크립트.

    /opt/redmine/script/unicorn.sh
    #!/bin/bash
    
    set -e
    
    TIMEOUT=60
    APP_ROOT=${RAILS_ROOT}
    PID=/var/run/unicorn.pid
    RAILS_ENV=production
    CMD="bundle exec unicorn -D -c $APP_ROOT/config/unicorn.rb -E $RAILS_ENV"
    action="$1"
    set -u
    
    old_pid="$PID.oldbin"
    
    cd $APP_ROOT || exit 1
    
    sig () {
        test -s "$PID" && kill -$1 `cat $PID`
    }
    
    oldsig () {
        test -s $old_pid && kill -$1 `cat $old_pid`
    }
    
    case $action in
    start)
        sig 0 && echo >&2 "Already running" && exit 0
        $CMD
        ;;
    stop)
        sig QUIT && rm -f ${PID} && exit 0
        echo >&2 "Not running"
        ;;
    force-stop)
        sig TERM && exit 0
        echo >&2 "Not running"
        ;;
    restart|reload)
        sig HUP && echo reloaded OK && exit 0
        echo >&2 "Couldn't reload, starting '$CMD' instead"
        $CMD
        ;;
    upgrade)
        if sig USR2 && sleep 2 && sig 0 && oldsig QUIT
        then
            n=$TIMEOUT
            while test -s $old_pid && test $n -ge 0
            do
                printf '.' && sleep 1 && n=$(( $n - 1 ))
            done
            echo
    
            if test $n -lt 0 && test -s $old_pid
            then
                echo >&2 "$old_pid still exists after $TIMEOUT seconds"
                exit 1
            fi
            exit 0
        fi
        echo >&2 "Couldn't upgrade, starting '$CMD' instead"
        $CMD
        ;;
    reopen-logs)
        sig USR1
        ;;
    *)
        echo >&2 "Usage: $0 <start|stop|restart|upgrade|force-stop|reopen-logs>"
        exit 1
        ;;
    esac
    

    Redmine을 http://localhost/redmine/와 같이 서브디렉토리로 참조한다면 다음과 같이 config.ru를 편집해야 합니다.

    /opt/redmine/config.ru
    # This file is used by Rack-based servers to start the application.
    RAILS_RELATIVE_URL_ROOT="/redmine"
    require ::File.expand_path('../config/environment',  __FILE__)
    if RAILS_RELATIVE_URL_ROOT then
            map RAILS_RELATIVE_URL_ROOT do
                    run Rails.application
            end
    else
            run Rails.application
    end
    
    /redmine 부분은 자신의 환경으로 대체하십시오.

    Nginx 설치



    패키지 설치.
    $ sudo rpm -Uvh http://nginx.org/packages/centos/7/noarch/RPMS/nginx-release-centos-7-0.el7.ngx.noarch.rpm # Nginxのパッケージダウンロード
    $ sudo yum -y install nginx
    

    설정.

    본래라면 /etc/nginx/conf.d/redmine.conf 와 같이 써야 합니다만, 이번은 Ubuntu와 같이 sites-available, sites-enabled를 작성해 설정합니다.
    $ sudo mkdir -p /etc/nginx/sites-avaliable/ /etc/nginx/sites-enabled/
    

    아래 Nginx 구성 파일.

    /etc/nginx/nginx.conf
    
    user  nginx;
    worker_processes  1;
    
    error_log  /var/log/nginx/error.log warn;
    pid        /var/run/nginx.pid;
    
    
    events {
        worker_connections  1024;
    }
    
    
    http {
        include       /etc/nginx/mime.types;
        default_type  application/octet-stream;
    
        log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                          '$status $body_bytes_sent "$http_referer" '
                          '"$http_user_agent" "$http_x_forwarded_for"';
    
        access_log  /var/log/nginx/access.log  main;
    
        sendfile        on;
        #tcp_nopush     on;
    
        keepalive_timeout  65;
    
        #gzip  on;
    
        #include /etc/nginx/conf.d/*.conf;
        include /etc/nginx/sites-enabled/*;
    }
    

    그런 다음 Redmine 용 구성 파일./redmine 를 redmine 에 할당한다.
    또 SSL 통신시키고 싶기 때문에 SSL 대응하고 있다.

    /etc/nginx/sites-available/redmine
    upstream rails-unicorn {
        server unix:/var/run/unicorn.sock fail_timeout=0;
    }
    
    server {
        listen 80;
        server_name localhost;
        return 301 https://$host$request_uri;
    }
    
    server {
        listen 443;
        server_name localhost;
    
    
        ssl on;
        ssl_certificate /etc/nginx/ssl/redmine.crt;
        ssl_certificate_key /etc/nginx/ssl/redmine.key;
    
        ssl_session_timeout 5m;
    
        ssl_protocols SSLv3 TLSv1;
        ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
        ssl_prefer_server_ciphers on;
    
        #listen   80; ## listen for ipv4; this line is default and implied
        #listen   [::]:80 default ipv6only=on; ## listen for ipv6
    
        root /usr/share/nginx/html/public;
        index index.php index.html index.htm;
    
        # Make site accessible from http://localhost/
        server_name localhost;
    
        location /redmine/ {
            try_files $uri $uri.html $uri/index.html @rails-unicorn;
        }
        location ~ ^/assets/(.*) {
            alias /opt/redmine/public/assets/$1;
        }
    
        location @rails-unicorn {
                   proxy_set_header X-Real-IP $remote_addr;
                   proxy_set_header X-Forwarded_For $proxy_add_x_forwarded_for;
                   proxy_set_header Host $http_host;
                   proxy_pass http://rails-unicorn;
        }
    
        # Only for nginx-naxsi : process denied requests
        #location /RequestDenied {
            # For example, return an error code
            #return 418;
        #}
    
        error_page 404 /404.html;
    
        # redirect server error pages to the static page /50x.html
        #
        error_page 500 502 503 504 /50x.html;
        location = /50x.html {
            root /usr/share/nginx/html;
        }
    
    }
    

    구성 파일 활성화./etc/nginx/sites-enabled/ 에 심볼릭 링크를 만듭니다.
    $ sudo ln -s /etc/nginx/sites-available/redmine /etc/nginx/sites-enabled/
    

    다음에 Redmine의 HTML 파일이나 CSS등이 저장되어 있다 /opt/redmine/public 의 심볼릭 링크를 문서 루트 바로 아래에 작성
    $ sudo ln -s /opt/redmine/public/ /usr/share/nginx/html/
    

    Unicorn과 Nginx 시작.
    $ cd /opt/redmine
    $ sudo ./script/unicorn.sh start
    $ sudo service nginx start
    

    액세스



    이하 나오면 k.



    초기 관리자의 username/password는 다음과 같습니다.
    admin/admin
    

    결론



    Redmine2.6에서는 Wiki가 Markdown에 대응한 것 같다.

    추가



    상당히 누락이 있었기 때문에 추가 (2015/02/02)
    이 기사를 참고로 환경을 구축한 사람 죄송합니다 m(_ _)m

    좋은 웹페이지 즐겨찾기