Support #570
Updated by Daniel Curtis almost 10 years ago
{{>toc}}
This is a simple guide for setting up Redmine on a LAMP server on Debian 7 (wheezy).
h2. Preparing The Server
This guide is assumed that a +Bare Debian install with only SSH Server+ access, a user that has sudo access.
* Obtain a root shell and upgrade the server:
<pre>
sudo -s
apt-get update && apt-get upgrade
</pre>
* Set the hostname in the hosts:
<pre>
nano /etc/hosts
</pre>
#* And add/modify the following:
<pre>
127.0.1.1 redmine.example.com www
</pre>
* And also edit the hostname file:
<pre>
nano /etc/hostname
</pre>
#* And add/modify the following:
<pre>
redmine
</pre>
* Reboot to apply the hostname settings:
<pre>
reboot
</pre>
h2. Install Apache 2
* Install apache2 and the passenger module:
<pre>
apt-get install apache2 libapache2-mod-passenger
</pre>
h3. Configure Apache 2
* Edit the default apache2 Vhost config:
<pre>
nano /etc/apache2/sites-available/default
</pre>
#* And add/modify the following VirtualHost block:
<pre>
<VirtualHost *:80>
ServerName redmine.example.com
DocumentRoot /usr/share/redmine/public
<Directory /usr/share/redmine/public>
RailsBaseURI /
Options -Indexes FollowSymLinks -MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
</VirtualHost>
</pre>
#* *NOTE*: Make sure AllowOverride is set to ALL, or else the .htaccess file will not work.
h2. Install Apache 2 Passenger
* Install the apache2 passenger module:
<pre>
apt-get install libapache2-mod-passenger
</pre>
* Edit the apache2 passenger config file:
<pre>
nano /etc/apache2/mods-available/passenger.conf
</pre>
#* And add/modify the apache user as the default passenger user:
<pre>
<IfModule mod_passenger.c>
PassengerRoot /usr
PassengerRuby /usr/bin/ruby
PassengerDefaultUser www-data
</IfModule>
</pre>
h2. Install MySQL 5.5
* Install MySQL server and client:
<pre>
apt-get install mysql-server mysql-client
</pre>
#* *NOTE*: During the setup a prompt will appear to set the *root* MySQL user password. Set a strong password and do not forget it.
h3. Configure a new MySQL database
* Log into the MySQL console:
<pre>
mysql -h localhost -u root -p
</pre>
#* Create the *redmineuser* user with the *SuperSecretPassword* password and the *redminedb* database:
<pre>
CREATE USER 'redmineuser'@'localhost' IDENTIFIED BY 'SuperSecretPassword';
CREATE DATABASE IF NOT EXISTS `redminedb` CHARACTER SET utf8 COLLATE utf8_general_ci;
GRANT ALL PRIVILEGES ON `redminedb`.* TO 'redmineuser'@'localhost';
flush privileges;
exit
</pre>
h2. Install Redmine
* Install Redmine and redmine-mysql packages:
<pre>
apt-get install redmine redmine-mysql
</pre>
#* During the installation a +@Configuring redmine@+ prompt for using dbconfig-common, choose: *YES*
#* During the installation a +@Configuring redmine@+ prompt for database type, choose: *mysql*
#* During the installation a +@Configuring redmine@+ prompt for password of the database administrative user, enter: _+<root mysql password>+_
#* During the installation a +@Configuring redmine@+ prompt for application password, enter: *SuperSecretPassword*
#* During the installation a +@Configuring redmine@+ prompt for application password confirmation, enter: *SuperSecretPassword*
* Change the ownership of the Redmine folder to the apache2 user:
<pre>
chown -R www-data:www-data /usr/share/redmine
</pre>
* Restart apache for the php module to take effect:
<pre>
service apache2 restart
</pre>
h2. Securing Redmine with SSL
* Install openssl:
<pre>
apt-get install openssl
</pre>
* Generate a strong SSL key and a CSR to send for signing by a CA:
<pre>
mkdir /etc/apache2/ssl && cd /etc/apache2/ssl
openssl req -sha512 -out redmine.example.com.csr -new -newkey rsa:4096 -nodes -keyout redmine.example.com.key
</pre>
* Make sure to securely copy the SSL certificate to *redmine.example.com.crt*
* Edit the apache2 default ssl Vhost config file:
<pre>
nano /etc/apache2/sites-available/default-ssl
</pre>
#* And Add the following:
<pre>
<VirtualHost *:443>
ServerName redmine.example.com
DocumentRoot /usr/share/redine/public
<Directory /usr/share/redmine/public>
Options FollowSymLinks
AllowOverride All
Require all granted
</Directory>
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/redmine.example.com.crt
SSLCertificateKeyFile /etc/apache2/ssl/redmine.example.com.key
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
BrowserMatch "MSIE [2-6]" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
</VirtualHost>
</pre>
h3. Forcing SSL on a Website
* Enable forced SSL connection by setting the two lines from earlier in the @.htaccess@ file. Open the file for editing:
<pre>
nano /usr/share/redmine/public/.htaccess
</pre>
#* Look for the following two lines, and remove the @#@ characters before them:
<pre>
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
</pre>
* Restart apache2:
<pre>
service apache2 restart
</pre>
* Now the website will be accessible from https://redmine.example.com
#* The default username is *admin*
#* The default password is *admin*