Changes between Version 2 and Version 3 of TracStandalone


Ignore:
Timestamp:
Jan 28, 2018, 12:53:34 PM (7 years ago)
Author:
trac
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • TracStandalone

    v2 v3  
    1414 * Fewer features: Tracd implements a very simple web-server and is not as configurable or as scalable as Apache httpd.
    1515 * No native HTTPS support: [http://www.rickk.com/sslwrap/ sslwrap] can be used instead,
    16    or [http://trac.edgewall.org/wiki/STunnelTracd stunnel -- a tutorial on how to use stunnel with tracd] or Apache with mod_proxy.
     16   or [trac:wiki:STunnelTracd stunnel -- a tutorial on how to use stunnel with tracd] or Apache with mod_proxy.
    1717
    1818== Usage examples ==
     
    2222 $ tracd -p 8080 /path/to/project
    2323}}}
    24 Stricly speaking this will make your Trac accessible to everybody from your network rather than ''localhost only''. To truly limit it use ''--hostname'' option.
     24Strictly speaking this will make your Trac accessible to everybody from your network rather than ''localhost only''. To truly limit it use ''--hostname'' option.
    2525{{{
    2626 $ tracd --hostname=localhost -p 8080 /path/to/project
     
    9393
    9494== Using Authentication ==
     95
     96Tracd allows you to run Trac without the need for Apache, but you can take advantage of Apache's password tools (htpasswd and htdigest) to easily create a password file in the proper format for tracd to use in authentication. (It is also possible to create the password file without htpasswd or htdigest; see below for alternatives)
     97
     98Make sure you place the generated password files on a filesystem which supports sub-second timestamps, as Trac will monitor their modified time and changes happening on a filesystem with too coarse-grained timestamp resolution (like `ext2` or `ext3` on Linux) may go undetected.
    9599
    96100Tracd provides support for both Basic and Digest authentication. Digest is considered more secure. The examples below use Digest; to use Basic authentication, replace `--auth` with `--basic-auth` in the command line.
     
    137141
    138142  Note: It is necessary (at least with Python 2.6) to install the fcrypt package in order to
    139   decode the htpasswd format.  Trac source code attempt an `import crypt` first, but there
    140   is no such package for Python 2.6.
     143  decode some htpasswd formats.  Trac source code attempt an `import crypt` first, but there
     144  is no such package for Python 2.6. Only `SHA-1` passwords (since Trac 1.0) work without this module.
    141145
    142146To create a .htpasswd file use Apache's `htpasswd` command (see [#GeneratingPasswordsWithoutApache below] for a method to create these files without using Apache):
     
    164168If you have Apache available, you can use the htdigest command to generate the password file. Type 'htdigest' to get some usage instructions, or read [http://httpd.apache.org/docs/2.0/programs/htdigest.html this page] from the Apache manual to get precise instructions.  You'll be prompted for a password to enter for each user that you create.  For the name of the password file, you can use whatever you like, but if you use something like `users.htdigest` it will remind you what the file contains. As a suggestion, put it in your <projectname>/conf folder along with the [TracIni trac.ini] file.
    165169
    166 Note that you can start tracd without the --auth argument, but if you click on the ''Login'' link you will get an error.
     170Note that you can start tracd without the `--auth` argument, but if you click on the ''Login'' link you will get an error.
    167171
    168172=== Generating Passwords Without Apache ===
    169173
    170 Basic Authorization can be accomplished via this [http://www.4webhelp.net/us/password.php online HTTP Password generator].  Copy the generated password-hash line to the .htpasswd file on your system.
     174Basic Authorization can be accomplished via this [http://aspirine.org/htpasswd_en.html online HTTP Password generator] which also supports `SHA-1`.  Copy the generated password-hash line to the .htpasswd file on your system. Note that Windows Python lacks the "crypt" module that is the default hash type for htpasswd ; Windows Python can grok MD5 password hashes just fine and you should use MD5.
    171175
    172176You can use this simple Python script to generate a '''digest''' password file:
     
    214218It is possible to use `md5sum` utility to generate digest-password file:
    215219{{{
    216  $ printf "${user}:trac:${password}" | md5sum - >>user.htdigest
    217 }}}
    218 and manually delete " -" from the end and add "${user}:trac:" to the start of line from 'to-file'.
     220user=
     221realm=
     222password=
     223path_to_file=
     224echo ${user}:${realm}:$(printf "${user}:${realm}:${password}" | md5sum - | sed -e 's/\s\+-//') > ${path_to_file}
     225}}}
    219226
    220227== Reference ==
     
    234241  -b HOSTNAME, --hostname=HOSTNAME
    235242                        the host name or IP address to bind to
    236   --protocol=PROTOCOL   http|scgi|ajp
     243  --protocol=PROTOCOL   http|scgi|ajp|fcgi
    237244  -q, --unquote         unquote PATH_INFO (may be needed when using ajp)
    238   --http10              use HTTP/1.0 protocol version (default)
    239   --http11              use HTTP/1.1 protocol version instead of HTTP/1.0
     245  --http10              use HTTP/1.0 protocol version instead of HTTP/1.1
     246  --http11              use HTTP/1.1 protocol version (default)
    240247  -e PARENTDIR, --env-parent-dir=PARENTDIR
    241248                        parent directory of the project environments
     
    244251  -r, --auto-reload     restart automatically when sources are modified
    245252  -s, --single-env      only serve a single project without the project list
    246 }}}
     253  -d, --daemonize       run in the background as a daemon
     254  --pidfile=PIDFILE     when daemonizing, file to which to write pid
     255  --umask=MASK          when daemonizing, file mode creation mask to use, in
     256                        octal notation (default 022)
     257  --group=GROUP         the group to run as
     258  --user=USER           the user to run as
     259}}}
     260
     261Use the -d option so that tracd doesn't hang if you close the terminal window where tracd was started.
    247262
    248263== Tips ==
     
    326341}}}
    327342
     343Note that if you want to install this plugin for all projects, you have to put it in your [TracPlugins#Plugindiscovery global plugins_dir] and enable it in your global trac.ini.
     344
     345Global config (e.g. `/srv/trac/conf/trac.ini`):
     346{{{
     347[components]
     348remote-user-auth.* = enabled
     349[inherit]
     350plugins_dir = /srv/trac/plugins
     351[trac]
     352obey_remote_user_header = true
     353}}}
     354
     355Environment config (e.g. `/srv/trac/envs/myenv`):
     356{{{
     357[inherit]
     358file = /srv/trac/conf/trac.ini
     359}}}
     360
    328361=== Serving a different base path than / ===
    329362Tracd supports serving projects with different base urls than /<project>. The parameter name to change this is