Re: [savannah-help-public] Urgent! Allura configuration for LilyPond project

[Nacho Gonzlez Lpez]

Hi.

I must create the HTTPS connection from chapters (serving the wildcard GNU SSL 
certificate)

If you do not trust Gandi SSL CA, you should get this certificate:

        This server could not prove that it is bugs.lilypond.org; its security 
certificate is from *.gnu.org. This may be caused by a misconfiguration or an 
attacker intercepting your connection.

About why HTTPS is not working, I'm not really sure. I'm lookin what is the 
trouble and I think is something related with the HTTP uri header but I'm not 
able to get it working.  I'll look again in some hours


address@hidden:/etc/apache2/sites-enabled# cat bugs.lilypond.org 
<VirtualHost *:80>
        ServerName  bugs.lilypond.org
        ServerAdmin address@hidden
        ProxyPass         /          http://192.168.0.22/
        ProxyPassReverse  /          http://192.168.0.22/
        #DocumentRoot /var/wwwmaintenance
        <Location />
                Order allow,deny
                allow from all
        </Location>

        ErrorLog     /var/log/apache2/bugs.lilypond.org-error.log
        TransferLog  /var/log/apache2/bugs.lilypond.org-access.log
</VirtualHost>
<VirtualHost *:443>
        ServerName  bugs.lilypond.org
        ServerAdmin address@hidden
        ProxyPass         /          http://192.168.0.22/
        ProxyPassReverse  /          http://192.168.0.22/
        #DocumentRoot /var/wwwmaintenance
        <Location />
                Order allow,deny
                allow from all
        </Location>

        <IfModule mod_gnutls.c>
                GnuTLSEnable on
                GnuTLSPriorities NORMAL
                GnuTLSCertificateFile /etc/ssl/certs/wildcard.gnu.org.crt
                GnuTLSKeyFile /etc/ssl/private/wildcard.gnu.org.key
                GnuTLSClientCAFile /etc/ssl/certs/GandiStandardSSLCA.pem
        </IfModule>

        ErrorLog     /var/log/apache2/bugs.lilypond.org-error.log
        TransferLog  /var/log/apache2/bugs.lilypond.org-access.log
</VirtualHost>


On Sun, Aug 23, 2015 at 04:08:38AM +0000, josiah oberholtzer wrote:
> Scratch that. We're (mostly) operational!
> 
> bugs.lilypond.org is live with Allura.
> 
> For those with root access to the server, I've saved the password to
> Allura's root user on the server at /root/allurapwd.
> 
> I wouldn't recommend logging in via the Web interface yet - I can't seem to
> access the site via HTTPS. Can anyone verify this?
> 
> And can anyone with a deeper knowledge of Apache/HTTPS recommend the
> appropriate changes to our Apache configuration file?
> 
> The current configuration (/etc/apache2/sites-enabled/allura.conf) is
> copied here:
> 
> <VirtualHost *:80>
>     ServerName bugs.lilypond.org
>     DocumentRoot /var/www/allura
>     <Directory /var/www/allura>
>         Options +Indexes +FollowSymLinks +MultiViews
>         AllowOverride All
>         Require all granted
>     </Directory>
>     WSGIDaemonProcess allura.dev user=allura group=allura threads=4 \
>         python-path=/home/allura/env-allura/lib/python2.7/site-packages
>     WSGIScriptAlias / /var/www/allura/allura.wsgi
>     WSGIProcessGroup allura.dev
>     CustomLog /var/log/allura/access.log common
>     ErrorLog /var/log/allura/error.log
> </VirtualHost>
> 
> Cheers!
> 
> On Sat, Aug 22, 2015 at 8:57 PM josiah oberholtzer <
> address@hidden> wrote:
> 
> > Thank you, Nacho!
> >
> > I'm now in the process of installing Allura on the server. We're getting
> > close!
> >
> > Note: If any of you navigate to bugs.lilypond.org right now, you'll see
> > an error 500 page. Allura is installed and Apache/WSGI can find it, but
> > there are some rough edges to iron out on the Python side of things.
> > Something to do with PyOpenSSL.
> >
> > I'm going to turn in for the night, and take this up again in the morning
> > (I'm on Pacific Time).
> >
> > For reference, this is the relevant error from the Apache error log:
> >
> > mod_wsgi (pid=21584): Target WSGI script '/var/www/allura/allura.wsgi'
> > cannot be loaded as Python module.
> > mod_wsgi (pid=21584): Exception occurred processing WSGI script
> > '/var/www/allura/allura.wsgi'.
> > Traceback (most recent call last):
> >   File "/var/www/allura/allura.wsgi", line 7, in <module>
> >     application = loadapp('config:{}'.format(configuration_path))
> >   File "/usr/local/lib/python2.7/dist-packages/paste/deploy/loadwsgi.py",
> > line 247, in loadapp
> >     return loadobj(APP, uri, name=name, **kw)
> >   File "/usr/local/lib/python2.7/dist-packages/paste/deploy/loadwsgi.py",
> > line 272, in loadobj
> >     return context.create()
> >   File "/usr/local/lib/python2.7/dist-packages/paste/deploy/loadwsgi.py",
> > line 710, in create
> >     return self.object_type.invoke(self)
> >   File "/usr/local/lib/python2.7/dist-packages/paste/deploy/loadwsgi.py",
> > line 146, in invoke
> >     return fix_call(context.object, context.global_conf,
> > **context.local_conf)
> >   File "/usr/local/lib/python2.7/dist-packages/paste/deploy/util.py", line
> > 56, in fix_call
> >     val = callable(*args, **kw)
> >   File "/home/allura/src/allura/Allura/allura/config/middleware.py", line
> > 62, in make_app
> >     return _make_core_app(root, global_conf, full_stack, **app_conf)
> >   File "/home/allura/src/allura/Allura/allura/config/middleware.py", line
> > 119, in _make_core_app
> >     load_environment(global_conf, app_conf)
> >   File
> > "/home/allura/env-allura/lib/python2.7/site-packages/tg/configuration.py",
> > line 641, in load_environment
> >     self.setup_helpers_and_globals()
> >   File
> > "/home/allura/env-allura/lib/python2.7/site-packages/tg/configuration.py",
> > line 304, in setup_helpers_and_globals
> >     config['pylons.app_globals'] = self.package.lib.app_globals.Globals()
> >   File "/home/allura/src/allura/Allura/allura/lib/app_globals.py", line
> > 287, in __init__
> >     phone=_cache_eps('allura.phone'),
> >   File "/home/allura/src/allura/Allura/allura/lib/app_globals.py", line
> > 270, in _cache_eps
> >     value = ep.load()
> >   File
> > "/home/allura/env-allura/lib/python2.7/site-packages/pkg_resources/__init__.py",
> > line 2355, in load
> >     return self.resolve()
> >   File
> > "/home/allura/env-allura/lib/python2.7/site-packages/pkg_resources/__init__.py",
> > line 2361, in resolve
> >     module = __import__(self.module_name, fromlist=['__name__'], level=0)
> >   File "/home/allura/src/allura/Allura/allura/lib/phone/nexmo.py", line
> > 23, in <module>
> >     import requests
> >   File
> > "/home/allura/env-allura/lib/python2.7/site-packages/requests/__init__.py",
> > line 53, in <module>
> >     from .packages.urllib3.contrib import pyopenssl
> >   File
> > "/home/allura/env-allura/lib/python2.7/site-packages/requests/packages/urllib3/contrib/pyopenssl.py",
> > line 42, in <module>
> >     ssl.PROTOCOL_SSLv3: OpenSSL.SSL.SSLv3_METHOD,
> > AttributeError: 'module' object has no attribute 'PROTOCOL_SSLv3'
> >
> > Cheers!
> >
> > On Sat, Aug 22, 2015 at 4:09 PM Nacho Gonzlez Lpez <address@hidden>
> > wrote:
> >
> >> On Sun, Aug 16, 2015 at 07:57:55PM +0200, Werner LEMBERG wrote:
> >> >
> >> > Folks,
> >> >
> >> >
> >> > Nacho hasn't responded within a month, and our deadline is August
> >> > 25th!  After that date google code no longer works.  Please help us to
> >> > properly set up the VM to run Allura!
> >>
> >> Sorry for the caos.
> >>
> >> http://bugs.lilypond.org now redirected to your vm using this config:
> >>
> >> address@hidden:/etc/apache2/sites-enabled# cat bugs.lilypond.org
> >> <VirtualHost *:80>
> >>         ServerName  bugs.lilypond.org
> >>         ServerAdmin address@hidden
> >>         ProxyPass         /          http://192.168.0.22/
> >>         ProxyPassReverse  /          http://192.168.0.22/
> >>         #DocumentRoot /var/wwwmaintenance
> >>         <Location />
> >>                 Order allow,deny
> >>                 allow from all
> >>         </Location>
> >>
> >>         ErrorLog     /var/log/apache2/bugs.lilypond.org-error.log
> >>         TransferLog  /var/log/apache2/bugs.lilypond.org-access.log
> >> </VirtualHost>
> >> <VirtualHost *:443>
> >>         ServerName  bugs.lilypond.org
> >>         ServerAdmin address@hidden
> >>         ProxyPass         /          https://192.168.0.22/
> >>         ProxyPassReverse  /          https://192.168.0.22/
> >>         #DocumentRoot /var/wwwmaintenance
> >>         <Location />
> >>                 Order allow,deny
> >>                 allow from all
> >>         </Location>
> >>
> >>         <IfModule mod_gnutls.c>
> >>                 GnuTLSEnable on
> >>                 GnuTLSPriorities NORMAL
> >>                 ## 2014-0-16 address@hidden -- rt #872627
> >>                 #GnuTLSCertificateFile
> >> /etc/ssl/certs/website.es.gnu.org.pem
> >>                 #GnuTLSKeyFile /etc/ssl/keys/website.es.gnu.org.key
> >>                 #GnuTLSClientCAFile /etc/ssl/cacert.pem
> >>                 GnuTLSCertificateFile /etc/ssl/certs/wildcard.gnu.org.crt
> >>                 GnuTLSKeyFile /etc/ssl/private/wildcard.gnu.org.key
> >>                 GnuTLSClientCAFile /etc/ssl/certs/GandiStandardSSLCA.pem
> >>         </IfModule>
> >>
> >>         ErrorLog     /var/log/apache2/bugs.lilypond.org-error.log
> >>         TransferLog  /var/log/apache2/bugs.lilypond.org-access.log
> >> </VirtualHost>
> >>
> >>

-- 
____________________________________________________________________
Nacho Gonz�lez L�pez                          Coordinador de Eventos
    address@hidden                    Administrador General de Red
    http://www.es.gnu.org                                  Webmaster 
                             GNU Espa�a
____________________________________________________________________
Usas programas sin licencia?                      <_>
Quiza sea porque las licencias                    oo 7  Free
que conoces no son libres.                       (..)    Software
Utiliza software GPL y veras la diferencia.        """    Foundation
                                                         
                        http://www.fsf.org
____________________________________________________________________