Trac URL without 3050

[Antonio José]

Hi!

I'm start tracd service with systemctl

[Unit]

Description = Trac Daemon

After = network.target

[Service]

ExecStart = /home/ubuntu/trac/virtualvenv/bin/tracd -s --port 3050 --basic-auth="care,/home/ubuntu/trac/care/.htpasswd,/home/ubuntu/trac" /home/ubuntu/trac/care

Restart=always

Type = simple

User = ubuntu

Group = ubuntu

[Install]

WantedBy = multi-user.target

For browser I digit

http://trac.mysite.com:3050

It's worked.

How to make for entry url in browse without :3050, JUST:

htpp://trac.mysite.com

Thanks for any help.

Antonio

Brazil

[dmaziuk]

On 8/5/2020 4:28 PM, Antonio José wrote:

> How to make for entry url in browse without :3050, JUST:
> htpp://trac.mysite.com

Option 1 is to start tracd on port 80 instead of 3050: "--port 80".

Option 2 is to install a web server (e.g. apache or nginx) and set it up
as a proxy to localhost:80

Dima

[Antonio José]

I tried to configure nginx, because I already use it for other applications, but I was not successful. I tried to create tracd.conf for nginx, as shown below, but it didn't work properly.

upstream trac {
    server unix:///home/ubuntu/trac/care/trac.sock;
}
server {
    server_name trac.mysite.com;
    charset     utf-8;
    access_log  /var/log/nginx/trac.access.log;
    error_log  /var/log/nginx/trac.error.log info;

    location / {
        auth_basic "Secure Login";
        #auth_basic_user_file /etc/nginx/conf/users;
        auth_basic_user_file /home/ubuntu/trac/care/.htpasswd;
    }

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/trac.mysite.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/trac.mysite.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}

server {
    if ($host = trac.mysite.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot

    listen 80;
    server_name trac.mysite.com;
    return 404; # managed by Certbot
}


What should be corrected?

--
You received this message because you are subscribed to the Google Groups "Trac Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to trac-users+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/trac-users/9efda544-3768-a724-24de-b09376d652b5%40bmrb.wisc.edu.

[dmaziuk]

On 8/5/2020 4:58 PM, Antonio José wrote:
...
> What should be corrected?

Don't know off the top of my head: I don't actually use nginx much and
run trac in apache + mod_wsgi w/o tracd. Sorry. I'm skeptical about
trac.sock, perhaps try http to port 3050 instead.

Hopefully someone here has a better answer.

Dima

[Antonio José]

Thank you so much for trying to help me!

--
You received this message because you are subscribed to the Google Groups "Trac Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to trac-users+...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/trac-users/660bcce8-8f9c-e51a-cd02-f02d7741074e%40bmrb.wisc.edu.

[Markus Rosjat]

hi,

if you like to run trac standalone and just put tls in front of it you can also use rewrite rules, apache and nginx should have a module for rewrite of urls. 

So define a virtual host with tls and then just put in rewrite rules for your urls

cheers 

Markus

[Antonio José]

Hi Markus!

I tried to do it, but it doesn't work properly. Look my 

/etc/nginx/sites-available/tracd.conf:

upstream trac {
    server unix:///home/ubuntu/trac/care/trac.sock;
}
server {

    server_name trac.industrycare.com.br;

    charset     utf-8;
    access_log  /var/log/nginx/trac.access.log;
    error_log  /var/log/nginx/trac.error.log info;

    location / {
        auth_basic "Secure Login";

        # auth_basic_user_file /etc/nginx/conf/users;

        auth_basic_user_file /home/ubuntu/trac/care/.htpasswd;
    }

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/trac.mysite.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/trac.mysite.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}

server {
    if ($host = trac.mysite.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot

    listen 80;
    server_name trac.mysite.com;
    return 404; # managed by Certbot
}

What should be changed?

--

You received this message because you are subscribed to the Google Groups "Trac Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to trac-users+...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/trac-users/CAJ4osO%3DCM9TQjPZ3jOFNxuFujx55BWHcrPZEcTqvVOVfFy_ZmQ%40mail.gmail.com.

[Markus Rosjat]

Hi Antonio,

i am not really using nginx  so i cant say much about the rewrite there. But keep in mind rewriting a url isn't the same as redirection!!! what i see in your config is a redirection and this works not as you might expect a rewrite to work. In apache you have a module that can take the requester url and forward it to an internal url by keeping the requested url, how could you say, unchanged. so imagine you have a trac instance running on the machin on port 8080 and you call it mytrac then in the virtual host in apache you could  do something like this 

  RewriteEngine on

  RewriteRule ^/mytrac(.*) http://127.0.0.1:8080/mytrac$1 [L,P]

the L flag stops the evaluation if the url matches 

the P handles this as a proxy request to the internal url 

so for apache ou need mod_rewirte and mod_proxy activated to do this and your url would still look like https;//yoursite.com/mytrac even it gets internally redirected to http://127.0.0.1:8080/mytrac

hope this clears things up a little

cheers 

Markus