Last active
October 14, 2019 08:50
-
-
Save chowdhary987/7763b40ed7abcabcb7cda6025b301ab9 to your computer and use it in GitHub Desktop.
Revisions
-
chowdhary987 revised this gist
Oct 14, 2019 . 1 changed file with 1 addition and 40 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -173,7 +173,7 @@ Restart mysql and run phabricator storage upgrade: Adjust the following fields in `/etc/php5/apache2/php.ini` post_max_size = 32M date.timezone = Etc/UTC opcache.validate_timestamps=0 @@ -185,46 +185,7 @@ Then restart apache ./bin/phd restart #### Refer to the phabricator configuration guide for next steps: -
Oct 14, 2019 . 1 changed file with 0 additions and 0 deletions.There are no files selected for viewing
File renamed without changes. -
Oct 14, 2019 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,233 @@ Phabricator Ubuntu Installation Guide ------------------------------------- This is a supplement to the official [Phabricator Installation Guide](https://secure.phabricator.com/book/phabricator/article/installation_guide/), because their guide will leave you with all kinds of permission and config errors and ~15,000 setup issues on startup. #### Install bonus packages: # apt-get install mercurial subversion python-pygments sendmail imagemagick #### Create necessary users and add phd-user to sudoers: # adduser phd --home /home/phd # adduser phd sudo # adduser git And create repo directory if phabricator will be hosting repos: # mkdir /var/repo # chown -R phd /var/repo # chgrp -R phd /var/repo #### Install phabricator: su phd cd /home/phd wget http://www.phabricator.com/rsrc/install/install_ubuntu.sh bash install_ubuntu.sh #### Recommended Phabricator Configurations to set: ```bash cd /home/phd/phabricator # Generally acceptable settings: ./bin/config set mysql.pass <MYSQL_ROOT_PASSWD> ./bin/config set phabricator.base-uri 'http://phabricator.mydomain.net/' ./bin/config set phd.user phd ./bin/config set environment.append-paths '["/usr/lib/git-core"]' ./bin/config set diffusion.ssh-user git ./bin/config set pygments.enabled true # for local-disk file storage only: mkdir /home/phd/phabricator-files chmod -R 755 /home/phd/phabricator-files ./bin/config set storage.local-disk.path /home/phd/phabricator-files # Set true if you want to allow public http cloning: ./bin/config set policy.allow-public true # Set to true if you want to allow http pushes ./bin/config set diffusion.allow-http-auth false # You most likely want prototype apps, they are very useful: ./bin/config set phabricator.show-prototypes true # You may want this true, depending on your workflow: ./bin/config set differential.require-test-plan-field false # recommended silliness-enabling settings: ./bin/config set files.enable-imagemagick true ./bin/config set remarkup.enable-embedded-youtube true ``` #### This needs to be appended to `/etc/sudoers` (NOTE: verify your binary locations): git ALL=(phd) SETENV: NOPASSWD: /usr/bin/git-upload-pack, /usr/bin/git-receive-pack, /usr/bin/hg, /usr/bin/svnserve www-data ALL=(phd) SETENV: NOPASSWD: /usr/bin/git-upload-pack, /usr/lib/git-core/git-http-backend, /usr/bin/hg #### Apache Configuration: First verify that apache is displaying a default page on port 80, then setup apache configuration file (see examples below) and enable phabricator site: # cat /etc/apache2/sites-available/phabricator.conf <VirtualHost *:80> # The ServerName directive sets the request scheme, hostname and port that # the server uses to identify itself. This is used when creating # redirection URLs. In the context of virtual hosts, the ServerName # specifies what hostname must appear in the request's Host: header to # match this virtual host. For the default virtual host (this file) this # value is not decisive as it is used as a last resort host regardless. # However, you must set it for any further virtual host explicitly. ServerName phabricator.mydomain.net ServerAlias phabricator.mydomain.net ServerAdmin [email protected] DocumentRoot /home/phd/phabricator/webroot RewriteEngine on RewriteRule ^/rsrc/(.*) - [L,QSA] RewriteRule ^/favicon.ico - [L,QSA] RewriteRule ^(.*)$ /index.php?__path__=$1 [B,L,QSA] # Available loglevels: trace8, ..., trace1, debug, info, notice, warn, # error, crit, alert, emerg. # It is also possible to configure the loglevel for particular # modules, e.g. #LogLevel info ssl:warn ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined # For most configuration files from conf-available/, which are # enabled or disabled at a global level, it is possible to # include a line for only one particular virtual host. For example the # following line enables the CGI configuration for this host only # after it has been globally disabled with "a2disconf". #Include conf-available/serve-cgi-bin.conf <Directory "/home/phd/phabricator/webroot"> Require all granted </Directory> </VirtualHost> And here is an example of an HTTPS-enabled phabricator conf: <IfModule mod_ssl.c> <VirtualHost *:80> ServerName phabricator.mydomain.net Redirect permanent / https://phabricator.mydomain.net </VirtualHost> <VirtualHost *:443> # Change this to the domain which points to your host. ServerName phabricator.mydomain.net SSLEngine on SSLCertificateKeyFile /etc/ssl/private/phabricator.key SSLCertificateFile /etc/ssl/certs/phabricator_mydomain.net.crt SSLCertificateChainFile /etc/ssl/certs/phabricator_mydomain.net.ca-bundle SSLProtocol All -SSLv2 -SSLv3 # Change this to the path where you put 'phabricator' when you checked it # out from GitHub when following the Installation Guide. # # Make sure you include "/webroot" at the end! DocumentRoot /home/phd/phabricator/webroot RewriteEngine on RewriteRule ^/rsrc/(.*) - [L,QSA] RewriteRule ^/favicon.ico - [L,QSA] RewriteRule ^(.*)$ /index.php?__path__=$1 [B,L,QSA] <Directory "/home/phd/phabricator/webroot"> Require all granted </Directory> </VirtualHost> </IfModule> Make sure `mod_php` and `mod_rewrite` are enabled, and `mod_ssl` if you intend to set up SSL # a2dissite 000-default # a2ensite phabricator # service apache2 restart #### Configure mysql and storage: Add these new lines to /etc/mysql/my.cnf under the [mysqld] heading: sql_mode=STRICT_ALL_TABLES ft_boolean_syntax=' |-><()~*:""&^' ft_stopword_file=/home/phd/phabricator/resources/sql/stopwords.txt ft_min_word_len=3 This new line should be about 40% of the memory of the box: innodb_buffer_pool_size=800M And also adjust max_allowed_packet to 32M (this line will already exist) max_allowed_packet = 32M Restart mysql and run phabricator storage upgrade: service restart mysql ./bin/storage upgrade #### Configure php: Adjust the following fields in `/etc/php5/apache2/php.ini` post_max_size = 8M date.timezone = Etc/UTC opcache.validate_timestamps=0 Then restart apache service apache2 restart #### Restart phd daemons: ./bin/phd restart #### Enable ssh clone & push Change default ssh port to something other than port 22 (I like to use 2222) ```bash # edit Port setting here vim /etc/ssh/sshd_config # restart sshd service service sshd restart ``` Make executable ssh hook for phabricator ssh daemon ```bash # copy ssh hook to executable location cp /home/phd/phabricator/resources/sshd/phabricator-ssh-hook.sh /usr/lib/phabricator-ssh-hook.sh chown root /usr/lib/phabricator-ssh-hook.sh chmod 755 /usr/lib/phabricator-ssh-hook.sh # Modify hook to match your system (hint: vcs-user == git) vim /usr/lib/phabricator-ssh-hook.sh ``` Create phabricator ssh daemon on port 22 ```bash # Copy the examply sshd config cp /home/phd/phabricator/resources/sshd/sshd_config.phabricator.example /etc/ssh/sshd_config.phabricator # Edit AuthorizedKeysCommand, AuthorizedKeysCommandUser, and AllowUsers vim /etc/ssh/sshd_config.phabricator # Start the phabricator sshd /usr/sbin/sshd -f /etc/ssh/sshd_config.phabricator ``` Now you should be able to run this command: echo {} | ssh [email protected] conduit conduit.ping And get output like this: {"result":"orbital","error_code":null,"error_info":null} #### Refer to the phabricator configuration guide for next steps: At this point, you should be able to host and clone repositories via HTTP & SSH. Refer to the [Diffusion Hosting Configuration Guide](https://secure.phabricator.com/book/phabricator/article/diffusion_hosting/) for trouble-shooting. Also see the official [Phabricator Configuration Guide](https://secure.phabricator.com/book/phabricator/article/configuration_guide/) for additional advanced configuration steps.