Easy Redmine – transfer to Centos 7, update, backup

There is a server with Centos 6 and an outdated version of Easy Redmine. You need to update Easy Redmine to the latest version, transfer user data.

Work plan:

  • A backup of data and database is made
  • A new virtual machine with Centos 7 is deployed
  • The necessary software is installed
  • Deploying a data backup on a new server
  • EasyRedmine updated

Backup files and databases on the old server

Because little space was initially allocated on the old server, we install the utility that mounts the shared directory of the working PC.

[[email protected]]# yum install cifs-utils
[[email protected]]# mkdir -p /mnt/smb
[[email protected]]# mount.cifs //192.168.1.99/share /mnt/smb -o username=user domain=DOMAIN

On the old server, we make a backup of files and Easy Redmine databases and save this data to a mounted directory.

[[email protected]]# tar -zcf /mnt/smb/backup_$(date +%y%m%d).tar.gz /var/www/html/redmine
[[email protected]]# mysqldump -u redmine -predmine redmine | gzip > /mnt/smb/backup_$(date +%y%m%d).sql.gz

This is where all the manipulations with the old server ended.

We deploy Centos 7 and install the software

On the new server, add the EPEL repository and update

[[email protected]]# yum install epel-release
[[email protected]]# yum update

We put the necessary set of software

[[email protected]]# yum install nano htop mc wget
[[email protected]]# yum groupinstall "Development tools"
[[email protected]]# yum install ImageMagick ImageMagick-devel git libcurl-devel libxml2-devel libxslt-devel gcc bzip2 openssl-devel zlib-devel gdbm-devel ncurses-devel autoconf automake bison gcc-c++ libffi-devel libtool patch readline-devel sqlite-devel glibc-headers glibc-devel libyaml-devel libicu-devel libidn-devel

Disable Selinux

[[email protected]]# setenforce 0
[[email protected]]# nano /etc/sysconfig/selinux
SELINUX=disabled

Install the Apache WEB server, add it to autoload and run

[[email protected]]# yum install httpd mod_ssl httpd-devel
[[email protected]]# systemctl enable httpd.service
[[email protected]]# systemctl start httpd.service

Opening ports 80 and 443 in the firewall

[[email protected]]# firewall-cmd --permanent --zone=public --add-service=http
[[email protected]]# firewall-cmd --permanent --zone=public --add-service=https
[[email protected]]# firewall-cmd --reload

Install MySQL server (MariaDB), add it to startup and run

[[email protected]]# yum install mariadb-server mariadb mariadb-devel
[[email protected]]# systemctl enable mariadb.service
[[email protected]]# systemctl start mariadb.service

Set the root password for MySQL and check the connection

[[email protected]]# mysql_secure_installation

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!

In order to log into MariaDB to secure it, we'll need the current
password for the root user.  If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.

Enter current password for root (enter for none): 
OK, successfully used password, moving on...

Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.

Set root password? [Y/n] 
New password: 
Re-enter new password: 
Password updated successfully!
Reloading privilege tables..
 ... Success!


By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] 
 ... Success!

Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] 
 ... Success!

By default, MariaDB comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] 
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] 
 ... Success!

Cleaning up...

All done!  If you've completed all of the above steps, your MariaDB
installation should now be secure.

Thanks for using MariaDB!

[[email protected]]# mysql -u root -p

We install the utility to transfer the backup from the shared folder of the working PC to the server

[[email protected]]# yum install cifs-utils
[[email protected]]# mkdir -p /mnt/smb
[[email protected]]# mount.cifs //192.168.1.99/share /mnt/smb -o username=user domain=DOMAIN

We transfer files to the server

[[email protected]]# cp /mnt/sdb/backup_180807.sql.gz /home/backup_180807.sql.gz
[[email protected]]# cp /mnt/sdb/backup_180807.sql.gz /home/backup_180807.tar.gz

Add a Redmine user and add sudo rights to him

[[email protected]]# adduser redmine
[[email protected]]# passwd redmine
[[email protected]]# visudo
## Allow root to run any commands anywhere
root    ALL=(ALL)       ALL
redmine ALL=(ALL)       ALL

Switching to Redmine user

[[email protected]]# su - redmine

Install Ruby 2.5.1 from user Redmine

[[email protected]]# curl -sSL https://rvm.io/mpapis.asc | gpg --import -
[[email protected]]# curl -L get.rvm.io | bash -s stable
[[email protected]]# source ~/.rvm/scripts/rvm
[[email protected]]# rvm reload
[[email protected]]# rvm list known
[[email protected]]# rvm install 2.5
[[email protected]]# rvm use 2.5 --default

Checking the installed Ruby version

[[email protected]]# ruby --version

Transferring the backup files to the home folder of the Redmine user

[[email protected]]# mv /home/backup_180807.sql.gz /home/redmine/backup_180807.sql.gz
[[email protected]]# mv /home/backup_180807.tar.gz /home/redmine/backup_180807.tar.gz

Unpack the archive with the base and files

[[email protected]]# gzip -d /home/redmine/backup_180807.sql.gz
[[email protected]]# tar -xvzf /home/redmine/backup_180807.tar.gz

Create a directory where EasyRedmine will be located

[[email protected]]# mkdir -p /home/redmine/easyredmine/

We transfer the unpacked files to it

Configuring MySQL

Connecting to MYSQL

[[email protected]]# mysql -u root -p

Create a database, user and assign a password to him

MariaDB [(none)]> CREATE DATABASE redmine;
MariaDB [(none)]> CREATE USER 'redmine'@'localhost' IDENTIFIED BY 'password';

Assign privileges to the database, update privileges, disconnect from MySQL

MariaDB [(none)]> GRANT ALL PRIVILEGES ON redmine.* TO 'redmine'@'localhost';
MariaDB [(none)]> FLUSH PRIVILEGES;
MariaDB [(none)]> exit;

Recovering a database from a dump

[[email protected]]# mysql -u redmine -ppassword redmine < /home/redmine/backup_180807.sql

Configuring Apache

Switching back to the root user

[[email protected] ~]$ exit

Add vhosts – multiple sites on one ip-address

[[email protected]]# nano /etc/httpd/conf.d/vhosts.conf
# Загрузка моих vhosts
IncludeOptional vhosts.d/*.conf

Create a directory where vhosts configurations will be located

[[email protected]]# mkdir /etc/httpd/vhosts.d

We create a configuration file, in the future we will still edit it

[[email protected]]# nano /etc/httpd/vhosts.d/redmine.example.ru.conf
<VirtualHost *:80>
   ServerName redmine.example.ru

   DocumentRoot /home/redmine/easyredmine/public

   <Directory /home/redmine/easyredmine/public>
      AllowOverride all
      Options -MultiViews
      Require all granted
   </Directory>

   ErrorLog "/home/redmine/logs/redmine-error.log"
   CustomLog "/home/redmine/logs/redmine-access.log" combined
</VirtualHost>

Create a directory where Apache logs will be located

[[email protected]]# mkdir /home/redmine/logs

Restart Apache

[[email protected]]# systemctl restart httpd.service

Assign rights to the home directory of the Redmine user so that other services can access it

[[email protected]]# chmod o+x "/home/redmine"

Switching to the redmine user

[[email protected]]# su - redmine

Installing the Passenger module

[[email protected]]# gem install passenger
[[email protected]]# passenger-install-apache2-module

when installing the module I left only Ruby

Configuring Apache Switching back to the root user

[[email protected] ~]$ exit

We register the Passenger module in Apache

[[email protected]]# echo "LoadModule passenger_module /home/redmine/.rvm/gems/ruby-2.5.1/gems/passenger-5.3.4/buildout/apache2/mod_passenger.so" | sudo tee -a /etc/httpd/conf.modules.d/00-base.conf

We bring the configuration file of the virtual host redmine.example.ru to the form

[[email protected]]# cat /etc/httpd/vhosts.d/redmine.example.ru.conf
<VirtualHost *:80>
   ServerName redmine.example.ru
   DocumentRoot /home/redmine/easyredmine/public

     PassengerRoot /home/redmine/.rvm/gems/ruby-2.5.1/gems/passenger-5.3.4
     PassengerDefaultRuby /home/redmine/.rvm/gems/ruby-2.5.1/wrappers/ruby
     PassengerUser redmine

   <Directory /home/redmine/easyredmine/public>
      AllowOverride all
      Options -MultiViews
      Require all granted
   </Directory>

   ErrorLog "/home/redmine/logs/redmine-error.log"
   CustomLog "/home/redmine/logs/redmine-access.log" combined
</VirtualHost>

Restart Apache

[[email protected]]# systemctl restart httpd.service

Updating Easy Redmine

Switching to Redmine user

[[email protected]]# su - redmine

Download the utility to check the readiness of the Easy Redmine installation and run it

[[email protected]]# wget https://raw.githubusercontent.com/easyredmine/easy_server_requirements_check/master/easycheck.sh
[[email protected]]# sh ./easycheck.sh

As a result of the execution of this utility, I needed to install some programs: ImageMagic, mysql-devel

Installing the Easy Redmine update utility

[[email protected] ~]$ gem install redmine-installer --pre

Launching the Easy Redmine Upgrade Process

[[email protected] ~]$ redmine upgrade /home/redmine/easyredmine20180101.zip /home/redmine/easyredmine

The easyredmine20180101.zip file was previously downloaded from the Easy Redmine official site

Restart Apache

[[email protected]]# sudo systemctl restart httpd.service

Configuring the rotation of logs logrotate

Switching back to the root user

[[email protected] ~]$ exit

Apache logs: / home / redmine / logs Easy Redmine logs: / home / redmine / easyredmine / log

Create a configuration file

[[email protected]] nano /etc/logrotate.d/easyredmine
/home/redmine/logs/*log /home/redmine/easyredmine/log/*log {
  # Ежедневная ротация
  daily

  # Сжимать ротированные файлы
  compress

  # Не генерировать ошибку, если файла лога нет
  missingok

  # Если файл пустой, не выполнять никаких действий.
  notifempty

  # Ротировать 30 раз до удаления
  rotate 30

  # Пока размер лог-файла не превысит 5 мегабайт, он не будет ротироваться
  size=5M

  # Выполнять postrotate только один раз
  sharedscripts

  # Отложить сжатие последнего лога
  delaycompress

  # Создать новый лог-файл после ротирования
  create 644 root root

  # Скрипт, который необходимо выполнить после чистки лога
#  postrotate
#  /bin/systemctl reload httpd.service > /dev/null 2>/dev/null || true
#  endscript
}

Easy Redmine backup

Switching to Redmine user

[[email protected]]# su - redmine

Making a backup using redmine

[[email protected]]# redmine backup /home/redmine/easyredmine

At the end of the backup process, a directory with files will be created:

[[email protected]]# ls /home/redmine/redmine-backups/backup_%date%_%time%
redmine.sql redmine.zip

Backing up with bash

[[email protected]]# tar -zcf /home/redmine/redmine-backups/$(date +%y%m%d)_backup_filse.tar.gz /home/redmine/easyredmine
[[email protected]]# mysqldump -u redmine -ppassword redmine | gzip > /home/redmine/redmine-backups/$(date +%y%m%d)_backup_base.sql.gz

Setting up SSL

Since Easy Redmine lies on a virtual server inside the local network, access to the outside will be forwarded through the module for Apache mod_proxy on the server with an external ip

Configuration for pushing Easy Redmine out

[[email protected]]# cat /etc/httpd/vhosts/redmine.example.ru.conf 
<VirtualHost *:80>
 ServerName redmine.example.ru
 ServerAlias www.redmine.example.ru
 ServerAdmin [email protected]
 Redirect / https://redmine.example.ru/
</VirtualHost>

NameVirtualHost *:443
<VirtualHost *:443>
 ServerName redmine.example.ru
 ServerAlias www.redmine.example.ru
 ServerAdmin [email protected]
 ServerSignature Off

 SSLEngine on
 SSLCertificateFile /etc/httpd/ssl/example.ru/certificate.crt
 SSLCertificateKeyFile /etc/httpd/ssl/example.ru/private.key
 
# Enable SSL over proxy
 SSLProxyEngine On
 SSLProxyCheckPeerCN on
 SSLProxyCheckPeerExpire on
 
 ProxyRequests Off
 ProxyPreserveHost On
 ProxyVia full
 
 ProxyPass "/" "http://192.168.1.40/"
 ProxyPassReverse "/" "http://192.168.1.40/"

 # Notify the server that the connection is secure
 RequestHeader set X-Forwarded-Proto "https"
 RequestHeader set X-Forwarded-Port "443"

ErrorLog /var/www/vhosts/easyredmine/error_ssl.log
CustomLog /var/www/vhosts/easyredmine/access_ssl.log combined
</VirtualHost>
Sidebar