Configuring RhodeCode with Apache+mod_wsgi

936 views
Skip to first unread message

Salvatore Masecchia

unread,
Feb 16, 2011, 10:19:26 AM2/16/11
to rhodecode
Hi!
First of all: thank's for the tool, I'm really appreciating all the
functionalities it has!

I installed the last version (1.1.3) and everything work with the
internal Pylons server
(sorry for the terminology but I'm not a Pylons user).
I can manage repository and use the mercurial to clone/push/pull
changes.

Now I'm trying to configure RhodeCode as wsgi application in Apache
(not using the proxy configuration as explained in the documentation)
because I would like
to start the application directly with apache (and I followed the
pylons documentation to do that).

I created a RodeCode directory under /var/www (owned by www-data, I'm
on ubuntu)
and the repositories are in /home/hgrepos (owned again by www-data).

My current VirtualHost configuration is

<VirtualHost *:80>
ErrorLog ${APACHE_LOG_DIR}/rhodecode/error.log
CustomLog ${APACHE_LOG_DIR}/rhodecode/access.log combined
LogLevel Error

# Serving static files
Alias /images/ /var/www/rhodecode-venv/lib/python2.6/site-
packages/rhodecode/public/images/
Alias /css/ /var/www/rhodecode-venv/lib/python2.6/site-
packages/rhodecode/public/css/
Alias /js/ /var/www/rhodecode-venv/lib/python2.6/site-packages/
rhodecode/public/js/
<Directory /var/www/rhodecode-venv/lib/python2.6/site-packages/
rhodecode/public>
Order deny,allow
Allow from all
</Directory>

# Setup mod_wsgi
WSGIScriptAlias / /var/www/rhodecode/dispatch.wsgi
<Directory /var/www/rhodecode>
Order allow,deny
Allow from all
</Directory>

<Directory /home/hgrepos>
AllowOverride all
#Order deny,allow
Allow from all
</Directory>

</VirtualHost>

With this configuration, on the browser side everything works but I
cannot (e.g.) clone
repositories and I always get and "authorization failed" error:

$ hg clone http://SERVER-IP/foo
http authorization required
realm: REALM MESSAGE
user: MYUSER
password: *********
abort: authorization failed

What I cannot understand is that I need to authenticate even if
the repository is fully open....

Someone has a solution?
It seems that I forgot some options in the apache configuration, but
what?

Thanks!

marcinkuzminski

unread,
Feb 16, 2011, 11:39:09 AM2/16/11
to rhodecode
Hi, i think the option Your missing is

WSGIPassAuthorization true

Regards

On Feb 16, 4:19 pm, Salvatore Masecchia
> $ hg clonehttp://SERVER-IP/foo

Salvatore Masecchia

unread,
Feb 16, 2011, 11:55:42 AM2/16/11
to rhod...@googlegroups.com
Wonderful! It works! :-D

By the way, why don't you add instruction about this kind of configuration
in the tutorial?

However... very thanks!
--
Salvatore

marcinkuzminski

unread,
Feb 16, 2011, 2:24:16 PM2/16/11
to rhodecode
Hi,
SInce i don't have such a setup if You can post a full example of
hosting rhodecode on apache mod_wsgi i'll be more than happy to put it
in docs.

Regards

On Feb 16, 5:55 pm, Salvatore Masecchia
<salvatore.masecc...@disi.unige.it> wrote:
> Wonderful! It works! :-D
>
> By the way, why don't you add instruction about this kind of configuration
> in the tutorial?
>
> However... very thanks!
>

Rodrigue Villetard

unread,
Feb 17, 2011, 3:31:47 AM2/17/11
to rhod...@googlegroups.com
Hi,

and I’ll be happy to follow Salvatore’s instructions on how to host rhodecode on apache mod_wsgi once he has wrote it ^^!

thx to all.
Rodrigue.




2011/2/16 marcinkuzminski <marc...@gmail.com>



--
Rodrigue Villetard

Salvatore Masecchia

unread,
Feb 17, 2011, 5:20:39 AM2/17/11
to rhod...@googlegroups.com
On 16 February 2011 20:24, marcinkuzminski <marc...@gmail.com> wrote:
Hi,
SInce i don't have such a setup if You can post a full example of
hosting rhodecode on apache mod_wsgi i'll be more than happy to put it
in docs.

Yes, of course, what's the problem! ;-)
  1. First of all, I've followed the standard installation instructions
    (http://packages.python.org/RhodeCode/installation.html)
    as "www-data" user (the apache user in ubuntu), creating the
    'rhodecode-venv' and 'rhodecode' directories in '/var/www'
    (the home dir of www-data).
  2. Then I've configured the my production.ini with static_files = false'
  3. After the installation of mod_wsgi (in ubuntu: libapache2-mod-wsgi),
    I've created in '/var/www/rhodecode' a file called 'dispatch.wsgi' as explained in
    http://code.google.com/p/modwsgi/wiki/IntegrationWithPylons:

    # Avoid ``[Errno 13] Permission denied: '/var/www/.python-eggs'`` messages
    import os
    os.environ['PYTHON_EGG_CACHE'] = '/var/www/egg-cache' # <-- remember to create this dir

    # Load the Pylons application
    from paste.deploy import loadapp
    application = loadapp('config:/var/www/rhodecode/production.ini')

  4. Because RhodeCode is the only one wsgi application I have, in dispatch.wsgi
    I haven't added the rhodecode's virtual environment in the python path, but
    I've preferred to use the directive "WSGIPythonHome" of mod_wsgi (see point 5).
    More information about it at: http://code.google.com/p/modwsgi/wiki/VirtualEnvironments
  5. At the end I've created the following virtual host configuration:

    WSGIPythonHome /var/www/rhodecode-venv # this set the mod_wsgi baseline

    <VirtualHost *:80>

  1.         # Serving static files
            Alias /images/ /var/www/rhodecode-venv/lib/python2.6/site-packages/rhodecode/public/images/
            Alias /css/ /var/www/rhodecode-venv/lib/python2.6/site-packages/rhodecode/public/css/
            Alias /js/ /var/www/rhodecode-venv/lib/python2.6/site-packages/rhodecode/public/js/
            <Directory /var/www/rhodecode-venv/lib/python2.6/site-packages/rhodecode/public>
               Order deny,allow
               Allow from all
            </Directory>

            # Setup mod_wsgi
            WSGIScriptAlias / /var/www/rhodecode/dispatch.wsgi
  1.         WSGIPassAuthorization On

  1.         <Directory /var/www/rhodecode>
              Order allow,deny
              Allow from all
            </Directory>

  1. </VirtualHost>

That's all!

-- 
Salvatore



Alan Boudreault

unread,
Jul 12, 2012, 10:39:12 AM7/12/12
to rhod...@googlegroups.com
Hi,

I'm trying to do a similar setup.I'm using apache2 + mod_wsgi. Everything is fine now using the web browser. However, I don't understand how your configuration work with authentication. I have private repositories and I can clone them. I'm always getting 403 request failed. Even if I specify a username, it never ask me the password. So I suppoe it is using default/anonymous user. In that case, a request failed with 403 is ok... but how can I get it to ask my password now?

Any hint?

Thanks,
Alan

Alan Boudreault

unread,
Jul 12, 2012, 11:06:43 AM7/12/12
to rhod...@googlegroups.com
Ha, fixed my issue by modifying:

auth_ret_code = 403

to

auth_ret_code =


thanks,
Alan
Reply all
Reply to author
Forward
0 new messages