New SCM Component, but, You Can’t Use It Yet

So, we’ve finally decided on a kickass system for new SCM services.  We’ve opted to go with Pagure.

Initially we’d evaluated quite a few systems and had decided on Apache Bloodhound.  Then, quite literally yesterday, we heard back from one of their lead devs that the project was dead.

So we needed something.  We’d evaluated Redmine.  No.  Bugzilla.  No.  Apache Allura.  Good lord, NO.  Trac.  If we have to but please no.

Then, Greybeard Son_Goku came to the rescue and suggested Pagure.

It had all the appeal bloodhound did only was a live project, and actually seemed to have better git integration than bloodhound did, so, I spent most of today going through their documentation and getting it installed.

Pagure installation required some debugging.  Its instructions provide two ways to install it.  One with setup.py and one using the rpm package manager.  I found that the setup.py instructions were broken, specifically as it pertained to the createdb script, which required me to alter the table structures in the database to get working and needs patched to be working, and also where we had to use a tool called alembic (which I will never mention in this blog again), as some setup is missing in the instructions.  The rpm path took care of both of those issues as long as we went with a postgresql database backend.

Except not, there was still quite a bit of deviation necessary to get it installed, and we still haven’t configured all of it, this was just to get it up and running.  I have created a work journal for pagure which you can observe below.  I will also have a separate journal for you to use when setting up your MTA. There is also yet another journal I will provide to integrate a pagure instance with a remote gitlab install since we are keeping gitlab for our source code repo hosting service.

[code]
@@2017-05-21
@1355 spoke to pingou
sts is primary dev for pagure
provided link:
https://infrastructure.fedoraproject.org/cgit/ansible.git/tree/roles/pagure/frontend/tasks/main.yml
ansible script for installing pagure to use as reference for getting ours up

@1355 reimaged aether to Fedora 25

— dark souls —

@1530 set up postgresql
$ sudo dnf install postgresql-server
$ sudo postgresql-setup –initdb
$ sudo systemctl enable postgresql
$ sudo service postgresql start
$ su – postgres
$ pgsql
$ — set password for postgres superuser —

@1544 disabled selinux in /etc/selinux/config

@1600 — enabled and started httpd —
$ systemctl enable httpd
$ service start httpd
$ iptables -P INPUT ACCEPT
$ iptables -F
$ firewall-cmd –zone=dmz –add-port=80/tcp
$ firewall-cmd –runtime-to-permanent
— verified httpd is up —

@1611 verified from pingou redis is a required component
provided link:
https://docs.pagure.org/pagure/overview.html

@1614 — started install for pagure —
pingou suggests to use link below for rpms:
https://infrastructure.fedoraproject.org/repo/infra/
pagure is not in that repo
pingou advised to use rpmbuild -ta against a tarball from:
https://releases.pagure.org/pagure/
suggests 2.14.2 as stablest

@1623
$ adduser pagure
$ usermod -a -G wheel pagure
$ passwd pagure
$ su pagure
$ cd
$ wget https://releases.pagure.org/pagure/pagure-2.14.2.tar.gz
$ sudo dnf install rpm-build
$ rpmbuild -ta pagure-2.14.2.tar.gz
/*
error: Failed build dependencies:
py-bcrypt is needed by pagure-2.14.2-1.fc25.noarch
python-alembic is needed by pagure-2.14.2-1.fc25.noarch
python-arrow is needed by pagure-2.14.2-1.fc25.noarch
python-binaryornot is needed by pagure-2.14.2-1.fc25.noarch
python-bleach is needed by pagure-2.14.2-1.fc25.noarch
python-blinker is needed by pagure-2.14.2-1.fc25.noarch
python-chardet is needed by pagure-2.14.2-1.fc25.noarch
python-cryptography is needed by pagure-2.14.2-1.fc25.noarch
python-docutils is needed by pagure-2.14.2-1.fc25.noarch
python-enum34 is needed by pagure-2.14.2-1.fc25.noarch
python-fedora is needed by pagure-2.14.2-1.fc25.noarch
python-filelock is needed by pagure-2.14.2-1.fc25.noarch
python-flask is needed by pagure-2.14.2-1.fc25.noarch
python-flask-multistatic is needed by pagure-2.14.2-1.fc25.noarch
python-flask-wtf is needed by pagure-2.14.2-1.fc25.noarch
python-markdown is needed by pagure-2.14.2-1.fc25.noarch
python-munch is needed by pagure-2.14.2-1.fc25.noarch
python-nose is needed by pagure-2.14.2-1.fc25.noarch
python-openid is needed by pagure-2.14.2-1.fc25.noarch
python-openid-cla is needed by pagure-2.14.2-1.fc25.noarch
python-openid-teams is needed by pagure-2.14.2-1.fc25.noarch
python-psutil is needed by pagure-2.14.2-1.fc25.noarch
python-pygit2 >= 0.20.1 is needed by pagure-2.14.2-1.fc25.noarch
python-pygments is needed by pagure-2.14.2-1.fc25.noarch
python-redis is needed by pagure-2.14.2-1.fc25.noarch
python-sqlalchemy > 0.8 is needed by pagure-2.14.2-1.fc25.noarch
python-straight-plugin is needed by pagure-2.14.2-1.fc25.noarch
python-wtforms is needed by pagure-2.14.2-1.fc25.noarch
python2-devel is needed by pagure-2.14.2-1.fc25.noarch
systemd-devel is needed by pagure-2.14.2-1.fc25.noarch
*/
$ sudo dnf install $(rpmbuild -ta pagure-2.14.2.tar.gz 2>&1 | awk ‘{ print $1; }’ | grep -v "error" | sort -n | tr ‘\n’)
$ rpmbuild -ta pagure-2.14.2.tar.gz
$ sudo dnf install /home/pagure/rpmbuild/RPMS/noarch/pagure-*.rpm
$ sudo mkdir -p /var/www/releases
$ sudo chown pagure:pagure /var/www/releases
$ sudo mkdir -p /srv/git/repositories/{docs,forks,tickets,requests,remotes}

— configured apache’s pagure.conf —

$ cat /etc/httpd/conf.d/pagure.conf
/*
#WSGISocketPrefix run/wsgi
##WSGIRestrictStdout On
#WSGIRestrictSignal Off
#WSGIPythonOptimize 1
#WSGIPassAuthorization On
#WSGIDaemonProcess pagure user=git group=git maximum-requests=1000 display-name=pagure processes=4 threads=4 inactivity-timeout=300
## It is important that the doc server runs in a different apache process
#WSGIDaemonProcess paguredocs user=git group=git maximum-requests=1000 display-name=pagure processes=4 threads=4 inactivity-timeout=300

#<VirtualHost *:80>
#ServerName pagure.io
#Redirect permanent / https://pagure.io/
#</VirtualHost>

#<VirtualHost *:80>
#ServerName docs.pagure.org
#Redirect permanent / https://docs.pagure.org/
#</VirtualHost>

#<VirtualHost *:443>
#ServerName docs.pagure.org

#WSGIScriptAlias / /usr/share/pagure/docs_pagure.wsgi

#SSLEngine on
#SSLProtocol all -SSLv2 -SSLv3
## Use secure TLSv1.1 and TLSv1.2 ciphers
#Header always add Strict-Transport-Security "max-age=15768000; includeSubDomains; preload"

#SSLCertificateFile /etc/pki/tls/….crt
#SSLCertificateChainFile /etc/pki/tls/….intermediate.crt
#SSLCertificateKeyFile /etc/pki/tls/….key

#Alias /static /usr/lib/python2.7/site-packages/pagure/static/

#<Location />
#WSGIProcessGroup paguredocs
#<IfModule mod_authz_core.c>
## Apache 2.4
#Require all granted
#</IfModule>
#<IfModule !mod_authz_core.c>
## Apache 2.2
#Order deny,allow
#Allow from all
#</IfModule>
#</Location>
#</VirtualHost>

#<VirtualHost *:443>
#ServerName pagure.io

#WSGIScriptAlias / /usr/share/pagure/pagure.wsgi

#SSLEngine on
#SSLProtocol all -SSLv2 -SSLv3
## Use secure TLSv1.1 and TLSv1.2 ciphers
#Header always add Strict-Transport-Security "max-age=15768000; includeSubDomains; preload"

#SSLCertificateFile /etc/pki/tls/….crt
#SSLCertificateChainFile /etc/pki/tls/….intermediate.crt
#SSLCertificateKeyFile /etc/pki/tls/….key

#Alias /static /usr/lib/python2.7/site-packages/pagure/static/
#Alias /releases /var/www/releases

## Section used to support cloning git repo over http (https in this case)
#SetEnv GIT_PROJECT_ROOT /srv/git/repositories

#AliasMatch ^/(.*/objects/[0-9a-f]{2}/[0-9a-f]{38})$ /path/to/git/repositories/$1
#AliasMatch ^/(.*/objects/pack/pack-[0-9a-f]{40}.(pack|idx))$ /path/to/git/repositories/$1
#ScriptAliasMatch \
#"(?x)^/(.*/(HEAD | \
#info/refs | \
#objects/info/[^/]+ | \
#git-(upload|receive)-pack))$" \
#/usr/libexec/git-core/git-http-backend/$1

#<Location />
#WSGIProcessGroup pagure
#<IfModule mod_authz_core.c>
## Apache 2.4
#Require all granted
#</IfModule>
#<IfModule !mod_authz_core.c>
## Apache 2.2
#Order deny,allow
#Allow from all
#</IfModule>
#</Location>

## Folder where are stored the tarball of the releases
#<Location /releases>
#WSGIProcessGroup pagure
#<IfModule mod_authz_core.c>
## Apache 2.4
#Require all granted
#</IfModule>
#<IfModule !mod_authz_core.c>
## Apache 2.2
#Order deny,allow
#Allow from all
#</IfModule>
#</Location>

#<Directory /var/www/releases>
#Options +Indexes
#</Directory>

#</VirtualHost>
*/

$ sudo vim /etc/httpd/conf.d/pagure.conf
$ cat /etc/httpd/conf.d/pagure.conf
/*
WSGISocketPrefix run/wsgi
WSGIRestrictStdout On
WSGIRestrictSignal Off
WSGIPythonOptimize 1
WSGIPassAuthorization On
WSGIDaemonProcess pagure user=pagure group=pagure maximum-requests=1000 display-name=pagure processes=4 threads=4 inactivity-timeout=300
## It is important that the doc server runs in a different apache process
WSGIDaemonProcess paguredocs user=pagure group=pagure maximum-requests=1000 display-name=pagure processes=4 threads=4 inactivity-timeout=300

#<VirtualHost *:80>
#ServerName pagure.io
#Redirect permanent / https://pagure.io/
#</VirtualHost>

#<VirtualHost *:80>
#ServerName docs.pagure.org
#Redirect permanent / https://docs.pagure.org/
#</VirtualHost>

<VirtualHost *:80>
ServerName scm-docs.surroindustries.com

WSGIScriptAlias / /usr/share/pagure/docs_pagure.wsgi

# SSLEngine on
# SSLProtocol all -SSLv2 -SSLv3
## Use secure TLSv1.1 and TLSv1.2 ciphers
#Header always add Strict-Transport-Security "max-age=15768000; includeSubDomains; preload"

#SSLCertificateFile /etc/pki/tls/….crt
#SSLCertificateChainFile /etc/pki/tls/….intermediate.crt
#SSLCertificateKeyFile /etc/pki/tls/….key

Alias /static /usr/lib/python2.7/site-packages/pagure/static/

<Location />
WSGIProcessGroup paguredocs
<IfModule mod_authz_core.c>
## Apache 2.4
Require all granted
</IfModule>
#<IfModule !mod_authz_core.c>
## Apache 2.2
#Order deny,allow
#Allow from all
#</IfModule>
</Location>
</VirtualHost>

<VirtualHost *:80>
ServerName scm.surroindustries.com

WSGIScriptAlias / /usr/share/pagure/pagure.wsgi

#SSLEngine on
#SSLProtocol all -SSLv2 -SSLv3
## Use secure TLSv1.1 and TLSv1.2 ciphers
#Header always add Strict-Transport-Security "max-age=15768000; includeSubDomains; preload"

#SSLCertificateFile /etc/pki/tls/….crt
#SSLCertificateChainFile /etc/pki/tls/….intermediate.crt
#SSLCertificateKeyFile /etc/pki/tls/….key

Alias /static /usr/lib/python2.7/site-packages/pagure/static/
Alias /releases /var/www/releases

## Section used to support cloning git repo over http (https in this case)
SetEnv GIT_PROJECT_ROOT /srv/git/repositories

AliasMatch ^/(.*/objects/[0-9a-f]{2}/[0-9a-f]{38})$ /srv/git/repositories/$1
AliasMatch ^/(.*/objects/pack/pack-[0-9a-f]{40}.(pack|idx))$ /src/git/repositories/$1
ScriptAliasMatch \
"(?x)^/(.*/(HEAD | \
info/refs | \
objects/info/[^/]+ | \
git-(upload|receive)-pack))$" \
/usr/libexec/git-core/git-http-backend/$1

<Location />
WSGIProcessGroup pagure
<IfModule mod_authz_core.c>
## Apache 2.4
Require all granted
</IfModule>
#<IfModule !mod_authz_core.c>
## Apache 2.2
#Order deny,allow
#Allow from all
#</IfModule>
</Location>

## Folder where are stored the tarball of the releases
<Location /releases>
WSGIProcessGroup pagure
<IfModule mod_authz_core.c>
## Apache 2.4
Require all granted
</IfModule>
#<IfModule !mod_authz_core.c>
## Apache 2.2
#Order deny,allow
#Allow from all
#</IfModule>
</Location>

<Directory /var/www/releases>
Options +Indexes
</Directory>

</VirtualHost>
*/

@1705 — gave apache user permissions to git repositories —
$ setfacl -m user:apache:rx –default
/*
Usage: setfacl [-bkndRLP] { -m|-M|-x|-X … } file …
Try `setfacl –help’ for more information.
*/

$ sudo setfacl -Rdm user:apache:rx /srv/git
$ sudo setfacl -Rm user:apache:rx /srv/git

@1713
$ sudo vim /etc/pagure/pagure.cfg
$ cat /etc/pagure/pagure.cfg
/*
import os
from datetime import timedelta

### Set the time after which the admin session expires
# There are two sessions on pagure, login that holds for 31 days and
# the session defined here after which an user has to re-login.
# This session is used when accessing all administrative parts of pagure
# (ie: changing a project’s or a user’s settings)
ADMIN_SESSION_LIFETIME = timedelta(minutes=20)

### Secret key for the Flask application
SECRET_KEY='<The web application secret key>’

### url to the database server:
#DB_URL=mysql://user:pass@host/db_name
#DB_URL=postgres://user:pass@host/db_name
DB_URL = ‘postgres://****:****@localhost/pagure’

### The FAS group in which the admin of pagure are
ADMIN_GROUP = [‘sysadmin-main’]

### Hard-coded list of global admins
PAGURE_ADMIN_USERS = []

### The email address to which the flask.log will send the errors (tracebacks)
EMAIL_ERROR = ‘errors@scm.surroindustries.com’

### SMTP settings
SMTP_SERVER = ‘localhost’
SMTP_PORT = 25
SMTP_SSL = False

#Specify both for enabling SMTP with auth
SMTP_USERNAME = None
SMTP_PASSWORD = None

### Information used to sent notifications
FROM_EMAIL = ‘pagure@scm.surroindustries.com’
DOMAIN_EMAIL_NOTIFICATIONS = ‘scm.surroindustries.com’
SALT_EMAIL = ‘<secret key to be changed>’

### The URL at which the project is available.
APP_URL = ‘https://scm.surroindustries.com/’
### The URL at which the documentation of projects will be available
## This should be in a different domain to avoid XSS issues since we want
## to allow raw html to be displayed (different domain, ie not a sub-domain).
DOC_APP_URL = ‘https://scm-docs.surroindustries.com’

### The URL to use to clone git repositories.
GIT_URL_SSH = ‘ssh://git@git.surroindustries.com/’
GIT_URL_GIT = ‘git://git@git.surroindustries.com/’

### Folder containing to the git repos
GIT_FOLDER = os.path.join(
os.path.abspath(os.path.dirname(__file__)),
‘..’,
‘repos’
)

### Folder containing the docs repos
DOCS_FOLDER = os.path.join(
os.path.abspath(os.path.dirname(__file__)),
‘..’,
‘docs’
)

### Folder containing the tickets repos
TICKETS_FOLDER = os.path.join(
os.path.abspath(os.path.dirname(__file__)),
‘..’,
‘tickets’
)

### Folder containing the pull-requests repos
REQUESTS_FOLDER = os.path.join(
os.path.abspath(os.path.dirname(__file__)),
‘..’,
‘requests’
)

### Folder containing the clones for the remote pull-requests
REMOTE_GIT_FOLDER = os.path.join(
os.path.abspath(os.path.dirname(__file__)),
‘..’,
‘remotes’
)

### Whether to enable scanning for viruses in attachments
VIRUS_SCAN_ATTACHMENTS = False

### Configuration file for gitolite
GITOLITE_CONFIG = os.path.join(
os.path.abspath(os.path.dirname(__file__)),
‘..’,
‘gitolite.conf’
)

### Home folder of the gitolite user
### Folder where to run gl-compile-conf from
GITOLITE_HOME = None

### Version of gitolite used: 2 or 3?
GITOLITE_VERSION = 3

### Folder containing all the public ssh keys for gitolite
GITOLITE_KEYDIR = None

### Path to the gitolite.rc file
GL_RC = None

### Path to the /bin directory where the gitolite tools can be found
GL_BINDIR = None

# SSH Information

### The ssh certificates of the git server to be provided to the user
### /!\ format is important
# SSH_KEYS = {‘RSA’: {‘fingerprint’: ‘<foo>’, ‘pubkey’: ‘<bar>’}}

# Optional configuration

### Number of items displayed per page
# Used when listing items
ITEM_PER_PAGE = 50

### Maximum size of the uploaded content
# Used to limit the size of file attached to a ticket for example
MAX_CONTENT_LENGTH = 4 * 1024 * 1024 # 4 megabytes

### Lenght for short commits ids or file hex
SHORT_LENGTH = 6

### List of blacklisted project names that can conflicts for pagure’s URLs
### or other
BLACKLISTED_PROJECTS = [
‘static’, ‘pv’, ‘releases’, ‘new’, ‘api’, ‘settings’,
‘logout’, ‘login’, ‘users’, ‘groups’, ‘projects’]

### IP addresses allowed to access the internal endpoints
### These endpoints are used by the milter and are security sensitive, thus
### the IP filter
IP_ALLOWED_INTERNAL = [‘127.0.0.1’, ‘localhost’, ‘::1’]

### EventSource/Web-Hook/Redis configuration
# The eventsource integration is what allows pagure to refresh the content
# on your page when someone else comments on the ticket (and this without
# asking you to reload the page.
# By default it is off, ie: EVENTSOURCE_SOURCE is None, to turn it on, specify
# here what the URL of the eventsource server is, for example:
# https://ev.pagure.io or https://pagure.io:8080 or whatever you are using
# (Note: the urls sent to it start with a ‘/’ so no need to add one yourself)
EVENTSOURCE_SOURCE = None
# Port where the event source server is running (maybe be the same port
# as the one specified in EVENTSOURCE_SOURCE or a different one if you
# have something running in front of the server such as apache or stunnel).
EVENTSOURCE_PORT = 8080
# If this port is specified, the event source server will run another server
# at this port and will provide information about the number of active
# connections running on the first (main) event source server
#EV_STATS_PORT = 8888
# Web-hook can be turned on or off allowing using them for notifications, or
# not.
WEBHOOK = False

### Redis configuration
# A redis server is required for both the Event-Source server or the web-hook
# server.
REDIS_HOST = ‘0.0.0.0’
REDIS_PORT = 6379
REDIS_DB = 0

# Authentication related configuration option

### Switch the authentication method
# Specify which authentication method to use, defaults to `fas` can be or
# `local`
# Default: “fas“.
PAGURE_AUTH = ‘fas’

# When this is set to True, the session cookie will only be returned to the
# server via ssl (https). If you connect to the server via plain http, the
# cookie will not be sent. This prevents sniffing of the cookie contents.
# This may be set to False when testing your application but should always
# be set to True in production.
# Default: “True“.
SESSION_COOKIE_SECURE = False

# The name of the cookie used to store the session id.
# Default: “.pagure“.
SESSION_COOKIE_NAME = ‘pagure’

# Boolean specifying whether to check the user’s IP address when retrieving
# its session. This make things more secure (thus is on by default) but
# under certain setup it might not work (for example is there are proxies
# in front of the application).
CHECK_SESSION_IP = True

# Used by SESSION_COOKIE_PATH
APPLICATION_ROOT = ‘/’

# Allow the backward compatiblity endpoints for the old URLs schema to
# see the commits of a repo. This is only interesting if you pagure instance
# was running since before version 1.3 and if you care about backward
# compatibility in your URLs.
OLD_VIEW_COMMIT_ENABLED = False
*/

@1726 — created the pgsql database —
$ PAGURE_CONFIG=/etc/pagure/pagure.cfg python /usr/share/pagure/pagure_createdb.py
/*
[pagure@scm noarch]$ PAGURE_CONFIG=/etc/pagure/pagure.cfg python /usr/share/pagure/pagure_createdb.py
Traceback (most recent call last):
File "/usr/share/pagure/pagure_createdb.py", line 7, in <module>
from pagure import APP
File "/usr/lib/python2.7/site-packages/pagure/__init__.py", line 106, in <module>
from flask_fas_openid import FAS
ImportError: No module named flask_fas_openid
*/

We are missing python-flask-openid in instructions and system.

$ sudo dnf install python-flask-openid
$ sudo dnf install python-fedora-flask
$ PAGURE_CONFIG=/etc/pagure/pagure.cfg python /usr/share/pagure/pagure_createdb.py
/*
Traceback (most recent call last):
File "/usr/share/pagure/pagure_createdb.py", line 7, in <module>
from pagure import APP
File "/usr/lib/python2.7/site-packages/pagure/__init__.py", line 185, in <module>
SESSION = pagure.lib.create_session(APP.config[‘DB_URL’])
File "/usr/lib/python2.7/site-packages/pagure/lib/__init__.py", line 112, in create_session
client_encoding=’utf8′)
File "/usr/lib64/python2.7/site-packages/sqlalchemy/engine/__init__.py", line 386, in create_engine
return strategy.create(*args, **kwargs)
File "/usr/lib64/python2.7/site-packages/sqlalchemy/engine/strategies.py", line 75, in create
dbapi = dialect_cls.dbapi(**dbapi_args)
File "/usr/lib64/python2.7/site-packages/sqlalchemy/dialects/postgresql/psycopg2.py", line 579, in dbapi
import psycopg2
ImportError: No module named psycopg2
*/

$ sudo dnf install python2-psycopg2
$ PAGURE_CONFIG=/etc/pagure/pagure.cfg python /usr/share/pagure/pagure_createdb.py
/*
Traceback (most recent call last):
File "/usr/share/pagure/pagure_createdb.py", line 14, in <module>
debug=True)
File "/usr/lib/python2.7/site-packages/pagure/lib/model.py", line 74, in create_tables
BASE.metadata.create_all(engine)
File "/usr/lib64/python2.7/site-packages/sqlalchemy/sql/schema.py", line 3762, in create_all
tables=tables)
File "/usr/lib64/python2.7/site-packages/sqlalchemy/engine/base.py", line 1855, in _run_visitor
with self._optional_conn_ctx_manager(connection) as conn:
File "/usr/lib64/python2.7/contextlib.py", line 17, in __enter__
return self.gen.next()
File "/usr/lib64/python2.7/site-packages/sqlalchemy/engine/base.py", line 1848, in _optional_conn_ctx_manager
with self.contextual_connect() as conn:
File "/usr/lib64/python2.7/site-packages/sqlalchemy/engine/base.py", line 2039, in contextual_connect
self._wrap_pool_connect(self.pool.connect, None),
File "/usr/lib64/python2.7/site-packages/sqlalchemy/engine/base.py", line 2078, in _wrap_pool_connect
e, dialect, self)
File "/usr/lib64/python2.7/site-packages/sqlalchemy/engine/base.py", line 1405, in _handle_dbapi_exception_noconnection
exc_info
File "/usr/lib64/python2.7/site-packages/sqlalchemy/util/compat.py", line 203, in raise_from_cause
reraise(type(exception), exception, tb=exc_tb, cause=cause)
File "/usr/lib64/python2.7/site-packages/sqlalchemy/engine/base.py", line 2074, in _wrap_pool_connect
return fn()
File "/usr/lib64/python2.7/site-packages/sqlalchemy/pool.py", line 376, in connect
return _ConnectionFairy._checkout(self)
File "/usr/lib64/python2.7/site-packages/sqlalchemy/pool.py", line 713, in _checkout
fairy = _ConnectionRecord.checkout(pool)
File "/usr/lib64/python2.7/site-packages/sqlalchemy/pool.py", line 480, in checkout
rec = pool._do_get()
File "/usr/lib64/python2.7/site-packages/sqlalchemy/pool.py", line 1060, in _do_get
self._dec_overflow()
File "/usr/lib64/python2.7/site-packages/sqlalchemy/util/langhelpers.py", line 60, in __exit__
compat.reraise(exc_type, exc_value, exc_tb)
File "/usr/lib64/python2.7/site-packages/sqlalchemy/pool.py", line 1057, in _do_get
return self._create_connection()
File "/usr/lib64/python2.7/site-packages/sqlalchemy/pool.py", line 323, in _create_connection
return _ConnectionRecord(self)
File "/usr/lib64/python2.7/site-packages/sqlalchemy/pool.py", line 449, in __init__
self.connection = self.__connect()
File "/usr/lib64/python2.7/site-packages/sqlalchemy/pool.py", line 607, in __connect
connection = self.__pool._invoke_creator(self)
File "/usr/lib64/python2.7/site-packages/sqlalchemy/engine/strategies.py", line 97, in connect
return dialect.connect(*cargs, **cparams)
File "/usr/lib64/python2.7/site-packages/sqlalchemy/engine/default.py", line 385, in connect
return self.dbapi.connect(*cargs, **cparams)
File "/usr/lib64/python2.7/site-packages/psycopg2/__init__.py", line 164, in connect
conn = _connect(dsn, connection_factory=connection_factory, async=async)
sqlalchemy.exc.OperationalError: (psycopg2.OperationalError) FATAL: Ident authentication failed for user "pagure"
*/

@1828 — set postgresql to allow password logins —
/var/lib/pgsql/data/pg_hba.conf needs altered for this to work.
# local all all peer -> local all all password
$ sudo service postgresql restart

@1829 — set /etc/pagure/pagure.cfg to use postgres name and pw —

$ PAGURE_CONFIG=/etc/pagure/pagure.cfg python /usr/share/pagure/pagure_createdb.py
/* same error as previous */

@1830 puiterwijk advised to use –username= and –password= to createdb script
/* same error as previous */

Added to pg_hba.conf:
# host all all 127.0.0.1/128 password
$ sudo service postgresql restart

$ PAGURE_CONFIG=/etc/pagure/pagure.cfg python /usr/share/pagure/pagure_createdb.py
/*
Traceback (most recent call last):
File "/usr/share/pagure/pagure_createdb.py", line 14, in <module>
debug=True)
File "/usr/lib/python2.7/site-packages/pagure/lib/model.py", line 74, in create_tables
BASE.metadata.create_all(engine)
File "/usr/lib64/python2.7/site-packages/sqlalchemy/sql/schema.py", line 3762, in create_all
tables=tables)
File "/usr/lib64/python2.7/site-packages/sqlalchemy/engine/base.py", line 1855, in _run_visitor
with self._optional_conn_ctx_manager(connection) as conn:
File "/usr/lib64/python2.7/contextlib.py", line 17, in __enter__
return self.gen.next()
File "/usr/lib64/python2.7/site-packages/sqlalchemy/engine/base.py", line 1848, in _optional_conn_ctx_manager
with self.contextual_connect() as conn:
File "/usr/lib64/python2.7/site-packages/sqlalchemy/engine/base.py", line 2039, in contextual_connect
self._wrap_pool_connect(self.pool.connect, None),
File "/usr/lib64/python2.7/site-packages/sqlalchemy/engine/base.py", line 2078, in _wrap_pool_connect
e, dialect, self)
File "/usr/lib64/python2.7/site-packages/sqlalchemy/engine/base.py", line 1405, in _handle_dbapi_exception_noconnection
exc_info
File "/usr/lib64/python2.7/site-packages/sqlalchemy/util/compat.py", line 203, in raise_from_cause
reraise(type(exception), exception, tb=exc_tb, cause=cause)
File "/usr/lib64/python2.7/site-packages/sqlalchemy/engine/base.py", line 2074, in _wrap_pool_connect
return fn()
File "/usr/lib64/python2.7/site-packages/sqlalchemy/pool.py", line 376, in connect
return _ConnectionFairy._checkout(self)
File "/usr/lib64/python2.7/site-packages/sqlalchemy/pool.py", line 713, in _checkout
fairy = _ConnectionRecord.checkout(pool)
File "/usr/lib64/python2.7/site-packages/sqlalchemy/pool.py", line 480, in checkout
rec = pool._do_get()
File "/usr/lib64/python2.7/site-packages/sqlalchemy/pool.py", line 1060, in _do_get
self._dec_overflow()
File "/usr/lib64/python2.7/site-packages/sqlalchemy/util/langhelpers.py", line 60, in __exit__
compat.reraise(exc_type, exc_value, exc_tb)
File "/usr/lib64/python2.7/site-packages/sqlalchemy/pool.py", line 1057, in _do_get
return self._create_connection()
File "/usr/lib64/python2.7/site-packages/sqlalchemy/pool.py", line 323, in _create_connection
return _ConnectionRecord(self)
File "/usr/lib64/python2.7/site-packages/sqlalchemy/pool.py", line 449, in __init__
self.connection = self.__connect()
File "/usr/lib64/python2.7/site-packages/sqlalchemy/pool.py", line 607, in __connect
connection = self.__pool._invoke_creator(self)
File "/usr/lib64/python2.7/site-packages/sqlalchemy/engine/strategies.py", line 97, in connect
return dialect.connect(*cargs, **cparams)
File "/usr/lib64/python2.7/site-packages/sqlalchemy/engine/default.py", line 385, in connect
return self.dbapi.connect(*cargs, **cparams)
File "/usr/lib64/python2.7/site-packages/psycopg2/__init__.py", line 164, in connect
conn = _connect(dsn, connection_factory=connection_factory, async=async)
sqlalchemy.exc.OperationalError: (psycopg2.OperationalError) FATAL: database "pagure" does not exist
*/

Our "createdb" script wants you to manually create the database before it will run.

@1857 — create database pagure with user pagure —
$ su – postgres
$ psql -U postgres
$ >CREATE USER pagure WITH PASSWORD ‘****’;
$ >CREATE DATABASE pagure;
$ >GRANT ALL PRIVILEGES ON DATABASE pagure to pagure;
$ >\q
$ PAGURE_CONFIG=/etc/pagure/pagure.cfg python /usr/share/pagure/pagure_createdb.py

— success… —

@1904 — do weird things with alembic that i really dont care about and shouldnt be needing to mess with —
$ sudo vim /etc/pagure/alembic.ini
edit DB_URL uri (it’s a URI)

$ alembic stamp $(alembic heads |awk ‘{ print $1 }’)
/*
Using configuration file `/etc/pagure/pagure.cfg`
INFO [alembic.runtime.migration] Context impl PostgresqlImpl.
INFO [alembic.runtime.migration] Will assume transactional DDL.
INFO [alembic.runtime.migration] Running stamp_revision -> 3ffec872dfdf
*/

ITS INSTALLED!

$ sudo service httpd restart

@1924 provided work log to pagure team for updates to pagure documentation

@1925 observed scm.surroindustries.com wants to use FAS login by default
puiterwijk on IRC advised PAGURE_AUTH = ‘local’ is what’s needed for expected behaviour
$ sudo vim /etc/pagure/pagure.cfg
# PAGURE_AUTH = ‘fas’ -> PAGURE_AUTH = ‘local

Completed.

@1935 — realized the MTA is not setup and new user registration will produce a 500 error if not set up —
@1945 — realized no one in the entire project will set up the MTA for me —

–Chris Punches
[/code]