Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- install slapd, php, php-fpm, php-ldap and php-xml
- ==========================================
- sudo apt-get install slapd
- sudo dpkg-reconfigure slapd
- sudo apt-get install php
- sudo apt-get install php-fpm
- sudo apt-get install php-ldap
- sudo apt-get install php-xml
- a2enconf php7.0-fpm
- a2enmod proxy_fcgi
- a2enmod ssl
- a2enmod python
- a2enmod authnz_ldap
- generate SSL/TLS key
- ====================
- mkdir /etc/apache2/ssl
- openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/apache2/ssl/apache.key -out /etc/apache2/ssl/apache.crt
- Enter 127.0.0.1 as FQDN name.
- install and configure phpldapadmin
- ==================================
- cd /var/local
- wget https://github.com/leenooks/phpLDAPadmin/archive/master.zip
- unzip master.zip
- mv phpLDAPadmin-master phpldapadmin
- mv phpldapadmin/config/config.php.example phpldapadmin/config/config.php
- Open the file phpldapadmin/config/config.php,
- look for the line and uncomment
- $servers->setValue('server','host','127.0.0.1');
- ============================================
- Modify trac wiki configuration
- ============================================
- nano /etc/apache2/sites-enabled/trac.conf
- <VirtualHost *:443>
- ServerName 127.0.0.1
- SSLEngine on
- SSLProtocol all -SSLv2 -SSLv3
- SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA2$
- SSLHonorCipherOrder on
- SSLCompression off
- SSLOptions +StrictRequire
- LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\"" vhost_$
- LogFormat "%v %h %l %u %t \"%r\" %>s %b" vhost_common
- SSLCertificateFile /etc/apache2/ssl/apache.crt
- SSLCertificateKeyFile /etc/apache2/ssl/apache.key
- Alias "/phpldapadmin" "/var/local/phpldapadmin"
- <Location /trac>
- SetHandler mod_python
- PythonInterpreter main_interpreter
- PythonHandler trac.web.modpython_frontend
- PythonOption TracEnv /var/local/trac
- PythonOption TracEnvParentDir /var/local/trac
- PythonOption TracUriRoot /trac
- PythonOption TracEnv /var/local/trac
- PythonOption TracLocale en_US.UTF8
- PythonOption PYTHON_EGG_CACHE /tmp
- SSLOptions +StdEnvVars
- Require all granted
- #Require valid-user
- Require ssl-verify-client
- </Location>
- <Location /trac/login>
- AuthType Basic
- AuthName "BlackDeepDive"
- AuthBasicProvider "ldap"
- AuthLDAPURL "ldap://:389/dc=company,dc=com?uid"
- AuthLDAPBindDN "cn=admin,dc=company,dc=com"
- AuthLDAPBindPassword abdul
- Require valid-user
- Require ssl-verify-client
- </Location>
- <Directory "/var/local/phpldapadmin">
- SSLOptions +StdEnvVars
- Require all granted
- Require ssl-verify-client
- Options Indexes
- </Directory>
- </VirtualHost>
- disable all HTTP (non-encrypted websites
- =========================
- open /etc/apache2/ports.conf
- comment out the line
- #Listen 80
- service php7.0-fpm restart
- service apache2 restart
- service slapd restart
- Enter the following commands so that apache2, php-fpm and slapd services are started automatically every boot:
- update-rc.d php7.0-fpm defaults
- update-rc.d apache2 defaults
- update-rc.d slapd defaults
- Open browser and enter the URL https://127.0.0.1/phpldapadmin
- You may need to add a browser exception to this domain (trac.local). This is because
- the SSL certificate was signed by an unverified authority (self-signed).
- login with
- user: cn=admin,DC=company,DC=com
- password: abdul (as set previously)
- If the server has been setup correctly, login should be successful.
- Now create a Generic:POSIX group named Trac Users
- Then create a Generic:User Account with the following details:
- First Name: Abdullah
- Last Name: Albeladi
- userid: albe0032
- password: abdul
- gid/group: Trac Users (500)
- Open browser and enter the URL https://127.0.0.1/trac
- Click login in trac to login. The browser will ask for login details. Enter
- user: albe0032
- password: abdul
- This detail from the Generic:User Account.
- The login should be successful.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement