Trac 1.0.1 in Ubuntu 14.04 with Basic Authentication (Nginx + uWSGI)

Install Trac

# install trac package from Ubuntu repo
sudo apt-get install trac

# init the project files
sudo mkdir -p /var/trac/myproject
cd /var/trac/myproject
sudo trac-admin . initenv

# basic authentication
sudo apt-get install apache2-utils
sudo htpasswd -c .htpasswd adminusername
sudo trac-admin . permission add adminusername TRAC_ADMIN

# folder permissions
sudo chown -R www-data: .
sudo chmod -R 775 .

cp wsgi_trac.py -> /var/trac/myproject/

import os
import sys
import trac.web.main
sys.stdout=sys.stderr
os.environ['TRAC_ENV'] = '/var/trac/myproject'
application = trac.web.main.dispatch_request

cp to /etc/nginx/sites-enabled/trac.conf or add to /etc/nginx/nginx.conf

server {
  listen  80;
  server_name  trac.local;

  location / {
    auth_basic_user_file /var/trac/myproject/.htpasswd;
    auth_basic 'this is not for you';
    uwsgi_param REMOTE_USER $remote_user;

    include  uwsgi_params;
    uwsgi_pass  127.0.0.1:5544;
  }
}

cp trac_uwsgi.ini -> /etc/uwsgi/apps-enabled/

[uwsgi]
uid=trac
gid=tracsys
chmod-socket=777
chown-socket=trac
chdir = /var/trac/myproject
socket = 127.0.0.1:5544
module = wsgi_trac:application
processes = 2
master = 1

restart the services

sudo service nginx restart && sudo service uwsgi restart

Credits: dev-smart, habrahabr.

P.S. Don’t forget about Nginx uwsgi_param REMOTE_USER for authentication to work.
I spent a lot of nerves fixing Trac Error: Authentication information not available 🙂

Bookmark the permalink.

5 Responses to Trac 1.0.1 in Ubuntu 14.04 with Basic Authentication (Nginx + uWSGI)

  1. dieter says:

    Hi,

    could it be, that you have forgoten to create the user trac and the Groupe tracsys?

    Best regards,

    Dieter

    • root says:

      Hi, dieter! With the htpasswd command in the first block I create a .htpasswd file that contains user and password combination for basic authorization. I do not need to create any new system users/groups. The authentication is purely at the web server level.

      • dieter says:

        Hi,
        so far i do understand.

        I try to migrate my older trac instances from apache2 to nginx with uwsgi support.
        Ther are a lot of information out there, but i have some problems.
        Some of them i think, i find a solution, but some i dont.
        🙁

        So far, a snipet that works for one trac environment:
        (its from the nginx.conf)

        include uwsgi_params;
        auth_basic ‘Passwort erforderlich!’;
        auth_basic_user_file /var/trac/auth/.htpasswd;

        location /trac/test {

        client_max_body_size 256M;
        include uwsgi_params;
        uwsgi_pass unix:/run/uwsgi/app/test/socket;
        uwsgi_param SCRIPT_NAME /test;
        uwsgi_modifier1 30;

        Now i try to find a solution to access more than one trac environment with a list of trac projects.
        This is a feature that works in apache2 without any problem, but how to use this in nginx?!

        Best regards,

        Dieter

        • root says:

          Hi Dieter!

          First, you need to troubleshoot wheter it is 1) nginx problem; 2) uwsgi; 3) permissions problem.

          1) You should have two location blocks in your nginx config, e.g

          server {
            listen  80;
            server_name trac.example.com;
           
            location /trac1 {
              auth_basic_user_file /var/trac/myproject_one/.htpasswd;
              auth_basic 'this is not for you';
              uwsgi_param REMOTE_USER $remote_user;
           
              include  uwsgi_params;
              uwsgi_pass  127.0.0.1:5544;  # socket 1
            }
            location /trac2 {
              auth_basic_user_file /var/trac/myproject_two/.htpasswd;
              auth_basic 'this is not for you';
              uwsgi_param REMOTE_USER $remote_user;
           
              include  uwsgi_params;
              uwsgi_pass  127.0.0.1:5545;  # socket 2
            }
          }
          

          You can debug your nginx conf with redirects like

          location /test {
              redirect ^ http://www.google.com/?q=$some_your_variable last;  
          }
          

          2) uwsgi
          First, verify that your uwsgi is version 2+. At the moment I have 2.0.4.
          To install 2.0.4 I installed it from ubuntu repos first, then from pypi:
          In ubuntu repos it was 1.0.3

          $ apt-cache madison uwsgi 
              uwsgi | 1.0.3+dfsg-1ubuntu0.1 | http://some.mirror/ubuntu/packages/ precise-updates/universe amd64 Packages
          $ sudo apt-get install uwsgi
          

          Installing it from repos gives you daemon autostart configs, folders /etc/uwsgi/apps-enabled/ and other goodies.
          Next I call

          $ sudo pip install uwsgi
          $ sudo mv /usr/bin/uwsgi /usr/bin/uwsgi.old
          $ sudo ln -s /usr/local/bin/uwsgi /usr/bin/uwsgi
          

          Next, verify that your trac is able to start in console mode

          uwsgi --http :8082 --chdir /home/user/workspace/app --wsgi-file /home/user/workspace/app/main.py --master --plugins python
          # or
          uwsgi --ini /etc/uwsgi/apps-enabled/app.ini
          

          3) You can resolve permissions issues by switching to your web user and trying to access some folders.

          E.g. if you have www-data as a web user in your nginx conf and your uwsgi ini has

          ..
          uid=www-data
          gid=www-data
          ..
          chown-socket=www-data
          

          Then you should sudo to www-data:

          normal-user@host $ su www-data -i
          www-data@host $ ls -la  /var/trac/
          www-data@host $ ls -la  /var/trac/auth/.htpasswd
          

          etc.

          Hope this helps!

          Have a nice night (or two) with your trac 🙂

          Dmitry

  2. Pingback: trac + git + nginx + postgresql 配置 | OpenWares | Open Source and Free Matters

Leave a Reply

Your email address will not be published.