A guide on how to run Trac using Gunicorn and nginx, managed with Supervisor. There is a guide on the Trac website, but I found it didn't cover everything, especially if you want to avoid using HTTP authentication.
Trac
- Create a project directory:
sudo mkdir -p /srv/www/trac
- Make a virtualenv and activate:
cd /srv/www/trac
virtualenv ENV
source ENV/bin/activate
- Install trac (with plugins), gunicorn and supervisor:
pip install trac gunicorn supervisor TracAccountManager TracBacklog tracthemeengine
- Create a new trac project:
trac-admin /srv/www/trac/projects/project_name initenv
- Trac uses HTTP authentication out of the box, which seems like overkill to me. It's annoying to have to add new users on the server.
Fortunately we can enable web login and registration using the TracAccountManager plugin. Add these lines to /srv/www/trac/projects/project_name/conf/trac.ini
:
[account-manager]
db_htdigest_realm = TracDB
hash_method = HtDigestHashMethod
password_store = SessionStore
reset_password = 0
[components]
acct_mgr.admin.accountmanageradminpanel = enabled
acct_mgr.api.accountmanager = enabled
acct_mgr.db.sessionstore = enabled
acct_mgr.guard.accountguard = enabled
acct_mgr.htfile.htdigeststore = disabled
acct_mgr.htfile.htpasswdstore = disabled
acct_mgr.http.httpauthstore = disabled
acct_mgr.macros.accountmanagerwikimacros = enabled
acct_mgr.notification.accountchangelistener = enabled
acct_mgr.notification.accountchangenotificationadminpanel = enabled
acct_mgr.pwhash.htdigesthashmethod = enabled
acct_mgr.pwhash.htpasswdhashmethod = disabled
acct_mgr.register.basiccheck = enabled
acct_mgr.register.bottrapcheck = enabled
acct_mgr.register.emailcheck = enabled
acct_mgr.register.emailverificationmodule = enabled
acct_mgr.register.regexpcheck = enabled
acct_mgr.register.registrationmodule = enabled
acct_mgr.register.usernamepermcheck = enabled
acct_mgr.svnserve.svnservepasswordstore = disabled
acct_mgr.web_ui.accountmodule = enabled
acct_mgr.web_ui.loginmodule = enabled
acct_mgr.web_ui.resetpwstore = disabled
backlog.prefs.backlogpluginprefpanel = enabled
backlog.web_ui.backlogplugin = enabled
themeengine.admin.customthemeadminmodule = enabled
themeengine.admin.simplethemeadminmodule = enabled
themeengine.api.themeenginesystem = enabled
themeengine.web_ui.themeenginemodule = enabled
trac.web.auth.loginmodule = disabled
- Create a wsgi file:
sudo nano /srv/www/trac/wsgi.py
import sys
import os
sys.stdout = sys.stderr
os.environ['TRAC_ENV_PARENT_DIR'] = '/srv/www/trac/projects'
import trac.web.main
application = trac.web.main.dispatch_request
nginx
- Configure nginx:
sudo nano /etc/nginx/sites-available/trac
upstream trac_gunicorn {
server unix:///srv/www/trac/trac.sock;
}
server {
listen 80;
server_name your.server.com;
access_log /var/log/nginx/trac.access.log;
error_log /var/log/nginx/trac.error.log info;
location / {
proxy_pass http://trac_gunicorn;
}
location ~ /(.*?)/chrome/site/ {
rewrite /(.*?)/chrome/site/(.*) /$1/htdocs/$2 break;
root /srv/www/trac/projects/;
}
}
- Enable the site:
sudo ln -s /etc/nginx/sites-available/trac/etc/nginx/sites-enabled/trac
- Restart nginx:
sudo /etc/init.d/nginx restart
Supervisor
- Create a Supervisor configuration file:
echo_supervisord_conf > /srv/www/trac/supervisord.conf
- Add this to your
supervisord.conf
:
[program:gunicorn]
command=bash -c 'ENV/bin/gunicorn -w2 -b unix:///srv/www/trac/trac.sock wsgi:application'
directory=/srv/www/trac
user=ubuntu
numprocs=1
stdout_logfile=/var/log/supervisor/gunicorn_trac.log
stderr_logfile=/var/log/supervisor/gunicorn_trac.log
autostart=true
autorestart=true
startsecs=10
- Start Supervisor:
sudo ENV/bin/supervisord -c supervisord.conf
- Start gunicorn:
sudo ENV/bin/supervisorctl -c supervisord.conf start gunicorn
You can check the status of gunicorn with:
sudo ENV/bin/supervisorctl -c supervisord.conf status
If the status is not RUNNING
, check your log files for errors. It's often a problem with file permissions.
Registration
-
You should now be able to access the Trac site. Click on the register link to create a user.
-
Make this user an admin:
trac-admin /srv/www/projects/project_name/ permission add username TRAC_ADMIN
- On the website, navigate to Admin, then Permissions. If you want your system to be private, remove all anonymous user permissions.
You should also have the Backlog plugin installed - I find this improves Trac massively. Click on the Backlog link to have a play.