close
Warning:
BrowserModule failed with ConfigurationError: Look in the Trac log for more information.
- Timestamp:
-
Jul 9, 2015, 8:37:31 AM (10 years ago)
- Author:
-
trac
- Comment:
-
--
Legend:
- Unmodified
- Added
- Removed
- Modified
-
|
v3
|
v4
|
|
| 14 | 14 | * Fewer features: Tracd implements a very simple web-server and is not as configurable or as scalable as Apache httpd. |
| 15 | 15 | * No native HTTPS support: [http://www.rickk.com/sslwrap/ sslwrap] can be used instead, |
| 16 | | or [http://trac.edgewall.org/wiki/STunnelTracd stunnel -- a tutorial on how to use stunnel with tracd] or Apache with mod_proxy. |
| | 16 | or [trac:wiki:STunnelTracd stunnel -- a tutorial on how to use stunnel with tracd] or Apache with mod_proxy. |
| 17 | 17 | |
| 18 | 18 | == Usage examples == |
| … |
… |
|
| 22 | 22 | $ tracd -p 8080 /path/to/project |
| 23 | 23 | }}} |
| 24 | | Stric |
| | 24 | Strictly speaking this will make your Trac accessible to everybody from your network rather than ''localhost only''. To truly limit it use ''--hostname'' option. |
| 25 | 25 | {{{ |
| 26 | 26 | $ tracd --hostname=localhost -p 8080 /path/to/project |
| … |
… |
|
| 93 | 93 | |
| 94 | 94 | == Using Authentication == |
| | 95 | |
| | 96 | Tracd allows you to run Trac without the need for Apache, but you can take advantage of Apache's password tools (htpasswd and htdigest) to easily create a password file in the proper format for tracd to use in authentication. (It is also possible to create the password file without htpasswd or htdigest; see below for alternatives) |
| | 97 | |
| | 98 | Make sure you place the generated password files on a filesystem which supports sub-second timestamps, as Trac will monitor their modified time and changes happening on a filesystem with too coarse-grained timestamp resolution (like `ext2` or `ext3` on Linux) may go undetected. |
| 95 | 99 | |
| 96 | 100 | Tracd provides support for both Basic and Digest authentication. Digest is considered more secure. The examples below use Digest; to use Basic authentication, replace `--auth` with `--basic-auth` in the command line. |
| … |
… |
|
| 137 | 141 | |
| 138 | 142 | Note: It is necessary (at least with Python 2.6) to install the fcrypt package in order to |
| 139 | | decode the htpasswd format. Trac source code attempt an `import crypt` first, but there |
| 140 | | is no such package for Python 2.6. |
| | 143 | decode some htpasswd formats. Trac source code attempt an `import crypt` first, but there |
| | 144 | is no such package for Python 2.6. Only `SHA-1` passwords (since Trac 1.0) work without this module. |
| 141 | 145 | |
| 142 | 146 | To create a .htpasswd file use Apache's `htpasswd` command (see [#GeneratingPasswordsWithoutApache below] for a method to create these files without using Apache): |
| … |
… |
|
| 164 | 168 | If you have Apache available, you can use the htdigest command to generate the password file. Type 'htdigest' to get some usage instructions, or read [http://httpd.apache.org/docs/2.0/programs/htdigest.html this page] from the Apache manual to get precise instructions. You'll be prompted for a password to enter for each user that you create. For the name of the password file, you can use whatever you like, but if you use something like `users.htdigest` it will remind you what the file contains. As a suggestion, put it in your <projectname>/conf folder along with the [TracIni trac.ini] file. |
| 165 | 169 | |
| 166 | | Note that you can start tracd without the --auth argument, but if you click on the ''Login'' link you will get an error. |
| | 170 | Note that you can start tracd without the `--auth` argument, but if you click on the ''Login'' link you will get an error. |
| 167 | 171 | |
| 168 | 172 | === Generating Passwords Without Apache === |
| 169 | 173 | |
| 170 | | Basic Authorization can be accomplished via this [http://www.4webhelp.net/us/password.php online HTTP Password generator]. Copy the generated password-hash line to the .htpasswd file on your system. |
| | 174 | Basic Authorization can be accomplished via this [http://aspirine.org/htpasswd_en.html online HTTP Password generator] which also supports `SHA-1`. Copy the generated password-hash line to the .htpasswd file on your system. Note that Windows Python lacks the "crypt" module that is the default hash type for htpasswd ; Windows Python can grok MD5 password hashes just fine and you should use MD5. |
| 171 | 175 | |
| 172 | 176 | You can use this simple Python script to generate a '''digest''' password file: |
| … |
… |
|
| 214 | 218 | It is possible to use `md5sum` utility to generate digest-password file: |
| 215 | 219 | {{{ |
| 216 | | $ printf "${user}:trac:${password}" | md5sum - >>user.htdigest |
| 217 | | }}} |
| 218 | | and manually delete " -" from the end and add "${user}:trac:" to the start of line from 'to-file'. |
| | 220 | user= |
| | 221 | realm= |
| | 222 | password= |
| | 223 | path_to_file= |
| | 224 | echo ${user}:${realm}:$(printf "${user}:${realm}:${password}" | md5sum - | sed -e 's/\s\+-//') > ${path_to_file} |
| | 225 | }}} |
| 219 | 226 | |
| 220 | 227 | == Reference == |
| … |
… |
|
| 234 | 241 | -b HOSTNAME, --hostname=HOSTNAME |
| 235 | 242 | the host name or IP address to bind to |
| 236 | | --protocol=PROTOCOL http|scgi|ajp |
| | 243 | --protocol=PROTOCOL http|scgi|ajp|fcgi |
| 237 | 244 | -q, --unquote unquote PATH_INFO (may be needed when using ajp) |
| 238 | | --http10 use HTTP/1.0 protocol version (default) |
| 239 | | --http11 use HTTP/1.1 protocol version instead of HTTP/1.0 |
| | 245 | --http10 use HTTP/1.0 protocol version instead of HTTP/1.1 |
| | 246 | --http11 use HTTP/1.1 protocol version (default) |
| 240 | 247 | -e PARENTDIR, --env-parent-dir=PARENTDIR |
| 241 | 248 | parent directory of the project environments |
| … |
… |
|
| 244 | 251 | -r, --auto-reload restart automatically when sources are modified |
| 245 | 252 | -s, --single-env only serve a single project without the project list |
| 246 | | }}} |
| | 253 | -d, --daemonize run in the background as a daemon |
| | 254 | --pidfile=PIDFILE when daemonizing, file to which to write pid |
| | 255 | --umask=MASK when daemonizing, file mode creation mask to use, in |
| | 256 | octal notation (default 022) |
| | 257 | --group=GROUP the group to run as |
| | 258 | --user=USER the user to run as |
| | 259 | }}} |
| | 260 | |
| | 261 | Use the -d option so that tracd doesn't hang if you close the terminal window where tracd was started. |
| 247 | 262 | |
| 248 | 263 | == Tips == |
| … |
… |
|
| 326 | 341 | }}} |
| 327 | 342 | |
| | 343 | Note that if you want to install this plugin for all projects, you have to put it in your [TracPlugins#Plugindiscovery global plugins_dir] and enable it in your global trac.ini. |
| | 344 | |
| | 345 | Global config (e.g. `/srv/trac/conf/trac.ini`): |
| | 346 | {{{ |
| | 347 | [components] |
| | 348 | remote-user-auth.* = enabled |
| | 349 | [inherit] |
| | 350 | plugins_dir = /srv/trac/plugins |
| | 351 | [trac] |
| | 352 | obey_remote_user_header = true |
| | 353 | }}} |
| | 354 | |
| | 355 | Environment config (e.g. `/srv/trac/envs/myenv`): |
| | 356 | {{{ |
| | 357 | [inherit] |
| | 358 | file = /srv/trac/conf/trac.ini |
| | 359 | }}} |
| | 360 | |
| 328 | 361 | === Serving a different base path than / === |
| 329 | 362 | Tracd supports serving projects with different base urls than /<project>. The parameter name to change this is |
