Setting up RhodeCode on Ubuntu 12.04

2012-10-29
#rhodecode #mercurial #ubuntu #howto #server

This howto is based on a great guide with modifications. All settings are made for server domain hg.kenarius.org. You can replace it with your one easily.

§ Preparation

§ Ubuntu

Update Ubuntu with the commands:

sudo apt-get update
sudo apt-get upgrade

Install pip and virtualenv with the commands:

sudo apt-get install python-pip
sudo pip install virtualenv

§ Nginx

Install nginx:

sudo apt-get install nginx

Add create ssl certificates:

sudo openssl req -new -x509 -days 9999 -nodes -out host.pem -keyout host.key

Create /etc/nginx/ssl.conf file:

# Sert generation:
# openssl req -new -x509 -days 9999 -nodes -out cert.pem -keyout     cert.key

ssl         on;
ssl_protocols       SSLv3 TLSv1;
ssl_certificate     /etc/nginx/ssl/host.pem;
ssl_certificate_key /etc/nginx/ssl/host.key;

§ Installing RhodeCode

Install Python sources:

sudo apt-get install python-dev

Create the base directory and temporarily give yourself ownership:

sudo mkdir /srv/hg.kenarius.org
sudo su
cd /srv/hg.kenarius.org

Create the data directory, virtual environment, and install RhodeCode:

virtualenv --no-site-packages /srv/hg.kenarius.org/venv
source /srv/hg.kenarius.org/venv/bin/activate
(venv) pip install pastescript
(venv) easy_install rhodecode

Create directories and the production configuraton:

mkdir /home/repository
mkdir /srv/hg.kenarius.org/data
cd /srv/hg.kenarius.org/data
(venv) paster make-config RhodeCode production.ini

Generate the RhodeCode database and create the initial admin account:

(venv) paster setup-rhodecode production.ini

§ Starting RhodeCode on boot

Create start.sh in /srv/hg.kenarius.org:

#!/bin/bash
# run this as the rhodecode user!

WDIR=/srv/hg.kenarius.org
VIRTUALENV_DIR=/srv/hg.kenarius.org/venv

source $VIRTUALENV_DIR/bin/activate

cd $WDIR
paster serve $WDIR/data/production.ini 1> debug.log 2> error.log

Create rhodecode in /etc/init.d:

#!/bin/sh -e
########################################
#### THIS IS A DEBIAN INIT.D SCRIPT ####
########################################

### BEGIN INIT INFO
# Provides:          rhodecode
# Required-Start:    $all
# Required-Stop:     $all
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: starts instance of rhodecode
# Description:       starts instance of rhodecode using start-stop-    daemon
### EN    D INIT INFO

APP_NAME="rhodecode"
APP_HOMEDIR="hg.kenarius.org"
APP_PATH="/srv/$APP_HOMEDIR"

CONF_NAME="data/production.ini"

PID_PATH="$APP_PATH/$APP_NAME.pid"
LOG_PATH="$APP_PATH/$APP_NAME.log"

PYTHON_PATH="/srv/$APP_HOMEDIR/venv"

RUN_AS="www-data"

DAEMON="$PYTHON_PATH/bin/paster"

DAEMON_OPTS="serve --daemon \
  --user=$RUN_AS \
  --group=$RUN_AS \
  --pid-file=$PID_PATH \
  --log-file=$LOG_PATH  $APP_PATH/$CONF_NAME"


start() {
  echo "Starting $APP_NAME"
  PYTHON_EGG_CACHE="/tmp" start-stop-daemon -d $APP_PATH \
      --start --quiet \
      --pidfile $PID_PATH \
      --user $RUN_AS \
      --exec $DAEMON -- $DAEMON_OPTS
}

stop() {
  echo "Stopping $APP_NAME"
  start-stop-daemon -d $APP_PATH \
      --stop --quiet \
      --pidfile $PID_PATH || echo "$APP_NAME - Not running!"

  if [ -f $PID_PATH ]; then
    rm $PID_PATH
  fi
}

case "$1" in
  start)
    start
    ;;
  stop)
    stop
    ;;
  restart)
    echo "Restarting $APP_NAME"
    ### stop ###
    stop
    wait
    ### start ###
    start
    ;;
  *)
    echo "Usage: $0 {start|stop|restart}"
    exit 1
esac

Allow to execute the script:

cd /etc/init.d
chmod +x rhodecode
sudo ./rhodecode-init.d.sh start

Install the script:

sudo update-rc.d rhodecode defaults 90

Test the script once more:

sudo service rhodecode start
sudo service rhodecode stop

§ Adding Nginx as a front-end for SSL

Create /etc/nginx/proxy.conf file:

proxy_redirect              off;
proxy_set_header            Host $host;
proxy_set_header            X-Url-Scheme $scheme;
proxy_set_header            X-Host $http_host;
proxy_set_header            X-Real-IP $remote_addr;
proxy_set_header            X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header            Proxy-host $proxy_host;
client_max_body_size        400m;
client_body_buffer_size     128k;
proxy_buffering             off;
proxy_connect_timeout       7200;
proxy_send_timeout          7200;
proxy_read_timeout          7200;
proxy_buffers               8 32k;

Create /etc/nginx/sites-enabled/hg.kenarius.org file (assuming you already have ssl settings for nginx):

server {
    listen          80;
    server_name     hg.kenarius.org;
    rewrite        ^ https://$server_name$request_uri? permanent;
}

server {
    listen          443;
    server_name     hg.kenarius.org;
    access_log      /var/log/nginx/rhodecode.access.log;
    error_log       /var/log/nginx/rhodecode.error.log;
    include         /etc/nginx/proxy.conf;

    include      /etc/nginx/ssl.conf;

    location / {
         try_files $uri @rhode;
    }

    location @rhode {
         proxy_pass      http://127.0.0.1:5000;
    }
}

Reload nginx settings:

nginx -s reload