Contents

Redmine on Debian 10

Install

Instal Requirements

Passenger

Passenger will be the the application server to run Ruby on Rails app.

1
2
3
4
5
apt-get install -y dirmngr gnupg
apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 561F9B9CAC40B2F7
apt-get install -y apt-transport-https ca-certificates
sh -c 'echo deb https://oss-binaries.phusionpassenger.com/apt/passenger buster main > /etc/apt/sources.list.d/passenger.list'
apt update

Packages

1
apt install ruby-dev mariadb-server libmariadb-dev git imagemagick ghostscript build-essential patch zlib1g-dev liblzma-dev nginx libnginx-mod-http-passenger certbot python3-certbot-nginx -y

Redmine

Download Redmine from here.

1
wget https://www.redmine.org/releases/redmine-4.1.1.tar.gz

Check the checksum:

1
sha256sum redmine-4.1.1.tar.gz

Extract the tar file:

1
tar -xf redmine-4.1.1.tar.gz -C /var/www

Create a link for easier version management:

1
ln -s /var/www/redmine-4.1.1/ /var/www/redmine

Configure MariaDB

Initialize MariaDB:

1
mysql_secure_installation

Create the database for Redmine:

1
mysql -u root -p
1
2
3
4
create database [REDMINEDB] character set utf8mb4;
grant all on [REDMINEDB].* to [REDMINEUSER]@localhost identified by 'S3cur3P4ssw0rd';
flush privileges;
quit;

Configure Redmine

1
2
3
cd /var/www/redmine/
cp config/database.yml.example config/database.yml
nano config/database.yml
1
2
3
4
5
6
7
production:
  adapter: mysql2
  database: [REDMINEDB]
  host: localhost
  username: [REDMINEUSER]
  password: "S3cur3P4ssw0rd"
  encoding: utf8mb4
1
2
gem install bundler
bundle install --without development test
1
2
3
bundle exec rake generate_secret_token
RAILS_ENV=production bundle exec rake db:migrate
RAILS_ENV=production bundle exec rake redmine:load_default_data
1
chown -R www-data:www-data /var/www/redmine/

Because of Passenger’s sandboxing system, Redmine will be running as www-data.

Verify it later with ps:

1
ps aux | grep redmine
1
2
...
www-data 19895  0.0  8.7 484136 173532 ?       Sl   Jun20   0:06 Passenger AppPreloader: /var/www/redmine (forking...)

Get a certificate from Let’s Encrypt

1
certbot certonly --nginx -d example.com --rsa-key-size 4096

Configure Nginx

A basic Nginx config:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
# https
server {

        listen [::]:443 ssl http2;
        listen 443 ssl http2;

        ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;

        root /var/www/redmine/public;
        server_name example.com;

        passenger_enabled on;
        passenger_ruby /usr/bin/ruby;
        passenger_sticky_sessions on;
}

# redirect http to https
server {

        listen 80;
        listen [::]:80;
        server_name  example.com;
 
        return 301 https://$host$request_uri;
}
Security tip
Append passenger_show_version_in_header off; to the http context to hide Passenger version number.

Configure

SMTP

To use your own SMTP server edit configuration.yml:

1
nano /var/www/redmine/config/configuration.yml
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
  email_delivery:
    delivery_method: :smtp
    smtp_settings:
      address: smtp.example.com
      port: 587
      domain: example.com
      enable_starttls_auto: true
      authentication: :login
      user_name: redmine@example.com
      password: SmtpP4ssw0rd

Attachment storage path

For the easier version management, store the attachments outside of the web root. I made a directory in /etc:

1
2
mkdir -p /etc/redmine/storage
chown -R www-data:www-data /etc/redmine

Modify configuration.yml:

1
nano /var/www/redmine/config/configuration.yml
1
  attachments_storage_path: /etc/redmine/storage