Azureのストレージ共有にPostgreSQLのデータファイルを移動してRedmineを動かしてみた
前回はAzureでDocker使ってRedmineを立ち上げていましたがDBがAzure Filesに移せなくて無念だったというお話でしたがそれ以前の単純構成を踏まえてRedmineの添付ファイルとPostgreSQLのDBをストレージ共有に保存しつつRedmineを立ち上げてみるというバカバカしい実験をしてみました。よい子は決して真似しないでください。ドメインはfreenomで取得してAzureDNSにドメインを登録しておけばお手軽に独自ドメインのRedmine立ち上げられます。
で動かしてみているのですが、やはり少しレスポンス悪いかも・・・。まぁまだデータ投入とかしていないので、少し遊んでみてから評価かと思います。
しかしながら、おカネを持っておられるところは素直にマネージドのデータベースをバックエンドにした方がいいかと思います。
■作業概要
1.イメージ展開
2.Azure Filesのマウント
3.PostgresSQLインストール
4.nginxインストール・https化
5.Rubyほか必要ツール類インストール
6.Redmine導入
7.Rubyおよびnginx関連設定
■作業手順
1.イメージ展開
①イメージギャラリーからイメージを選択
②VMの作成でVMを作成する
③VM展開後にsudo可能ユーザのパスワードリセットを行う
④セキュリティ規則でhttpsとhttpのアクセス許可を受信セキュリティ規則にて追加する
2.Azure Filesのマウント
#①環境変数設定
$ export AZUREFILES_RGN="yourresource"
$ export AZUREFILES_SA="myredmine"
$ export AZUREFILES_FSN="redmine-file"
$ export AZUREFILES_MNT="/mnt/$AZUREFILES_SA/$AZUREFILES_FSN"
$ export AZUREFILES_DB_FSN="redmine-database"
$ export AZUREFILES_DB_MNT="/mnt/$AZUREFILES_SA/$AZUREFILES_DB_FSN"
$ curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash
$ az login
#②接続用Shell作成
$ vi azurefilesconnect.sh
---------------------------
#! /bin/bash
resourceGroupName=$AZUREFILES_RGN
storageAccountName=$AZUREFILES_SA
# This command assumes you have logged in with az login
httpEndpoint=$(az storage account show \
--resource-group $resourceGroupName \
--name $storageAccountName \
--query "primaryEndpoints.file" | tr -d '"')
smbPath=$(echo $httpEndpoint | cut -c7-$(expr length $httpEndpoint))
fileHost=$(echo $smbPath | tr -d "/")
nc -zvw3 $fileHost 445
---------------------------
$ chmod a+x azurefilesconnect.sh
$ ./azurefilesconnect.sh
Connection to myredmine.file.core.windows.net 445 port [tcp/microsoft-ds] succeeded!
#③マウント用シェル作成
$ vi azurefilesmount_files.sh
---------------------------
#! /bin/bash
resourceGroupName=$AZUREFILES_RGN
storageAccountName=$AZUREFILES_SA
fileShareName=$AZUREFILES_FSN
mntPath="/mnt/$storageAccountName/$fileShareName"
sudo mkdir -p $mntPath
if [ ! -d "/etc/smbcredentials" ]; then
sudo mkdir "/etc/smbcredentials"
fi
storageAccountKey=$(az storage account keys list \
--resource-group $resourceGroupName \
--account-name $storageAccountName \
--query "[0].value" | tr -d '"')
smbCredentialFile="/etc/smbcredentials/$storageAccountName.cred"
if [ ! -f $smbCredentialFile ]; then
echo "username=$storageAccountName" | sudo tee $smbCredentialFile > /dev/null
echo "password=$storageAccountKey" | sudo tee -a $smbCredentialFile > /dev/null
else
echo "The credential file $smbCredentialFile already exists, and was not modified."
fi
sudo chmod 600 $smbCredentialFile
# This command assumes you have logged in with az login
httpEndpoint=$(az storage account show \
--resource-group $resourceGroupName \
--name $storageAccountName \
--query "primaryEndpoints.file" | tr -d '"')
smbPath=$(echo $httpEndpoint | cut -c7-$(expr length $httpEndpoint))$fileShareName
smbdbPath=$(echo $httpEndpoint | cut -c7-$(expr length $httpEndpoint))$filedbShareName
if [ -z "$(grep $smbPath\ $mntPath /etc/fstab)" ]; then
echo "$smbPath $mntPath cifs nofail,vers=3.0,file_mode=0777,dir_mode=0777,uid=999,gid=999,credentials=$smbCredentialFile,serverino" | sudo tee -a /etc/fstab > /dev/null
else
echo "/etc/fstab was not modified to avoid conflicting entries as this Azure file share was already present. You may want to double check /etc/fstab to ensure the configuration is as desired."
fi
---------------------------
$ chmod a+x azurefilesmount_files.sh
$ ./azurefilesmount_files.sh
$ vi azurefilesmount_database.sh
---------------------------
#! /bin/bash
resourceGroupName=$AZUREFILES_RGN
storageAccountName=$AZUREFILES_SA
fileShareName=$AZUREFILES_DB_FSN
mntPath="/mnt/$storageAccountName/$fileShareName"
sudo mkdir -p $mntPath
if [ ! -d "/etc/smbcredentials" ]; then
sudo mkdir "/etc/smbcredentials"
fi
storageAccountKey=$(az storage account keys list \
--resource-group $resourceGroupName \
--account-name $storageAccountName \
--query "[0].value" | tr -d '"')
smbCredentialFile="/etc/smbcredentials/$storageAccountName.cred"
if [ ! -f $smbCredentialFile ]; then
echo "username=$storageAccountName" | sudo tee $smbCredentialFile > /dev/null
echo "password=$storageAccountKey" | sudo tee -a $smbCredentialFile > /dev/null
else
echo "The credential file $smbCredentialFile already exists, and was not modified."
fi
sudo chmod 600 $smbCredentialFile
# This command assumes you have logged in with az login
httpEndpoint=$(az storage account show \
--resource-group $resourceGroupName \
--name $storageAccountName \
--query "primaryEndpoints.file" | tr -d '"')
smbPath=$(echo $httpEndpoint | cut -c7-$(expr length $httpEndpoint))$fileShareName
if [ -z "$(grep $mntPath /etc/fstab)" ]; then
echo "$smbPath $mntPath cifs nofail,vers=3.0,file_mode=0750,dir_mode=0700,uid=117,gid=127,credentials=$smbCredentialFile,serverino" | sudo tee -a /etc/fstab > /dev/null
else
echo "/etc/fstab was not modified to avoid conflicting entries as this Azure file share was already present. You may want to double check /etc/fstab to ensure the configuration is as desired."
fi
---------------------------
$ chmod a+x azurefilesmount_database.sh
$ ./azurefilesmount_database.sh
$ sudo mount -a
$ ls -al /mnt/myredmine
3.PostgresSQLインストール
#①インストール $ sudo apt-get update $ sudo apt-get -y install postgresql postgresql-contrib $ sudo systemctl enable postgresql $ sudo systemctl list-unit-files | grep postgres $ psql --version psql (PostgreSQL) 12.6 (Ubuntu 12.6-0ubuntu0.20.04.1) #②データ保管先ディレクトリ移動 $ sudo systemctl stop postgresql.service $ cd $ sudo rsync -av /var/lib/postgresql /mnt/myredmine/redmine-database sending incremental file list postgresql/ postgresql/.psql_history ~中略~ postgresql/12/main/pg_xact/0000 sent 41,816,713 bytes received 18,917 bytes 400,340.96 bytes/sec total size is 41,748,787 speedup is 1.00 $ ls -al /mnt/myredmine/redmine-file/postgresql/12/main/ #④設定ファイル変更 $ sudo vi /etc/postgresql/12/main/postgresql.conf ------------------------------ # option or PGDATA environment variable, represented here as ConfigDir. #data_directory = '/var/lib/postgresql/12/main' # use data in another directory data_directory = '/mnt/myredmine/redmine-database/postgresql/12/main' # use data in another directory #追記 ------------------------------ $ sudo systemctl start postgresql.service #⑤管理ユーザ追加 $ sudo -u postgres psql =# ALTER ROLE postgres PASSWORD 'YOURPASSWORD'; ALTER ROLE =# SELECT * FROM pg_shadow; =# exit $ sudo -u postgres createuser -P redmine Enter password for new role:yourpassword Enter it again:yourpassword #⑥DB作成 $ sudo -u postgres createdb -E UTF-8 -l ja_JP.UTF-8 -O redmine -T template0 redmine $ psql -U redmine -h localhost -d redmine Password for user redmine:yourpassword redmine-> \l $ sudo systemctl stop postgresql $ sudo systemctl start postgresql $ psql -U redmine -h localhost -d redmine
4.nginxインストール・https化
#①インストール
$ sudo apt -y install nginx
$ nginx -v
nginx version: nginx/1.18.0 (Ubuntu)
$ sudo vi /etc/nginx/conf.d/local.conf
----------------------------
server{
server_name yourdomain;
}
----------------------------
#②https化(Let'sEncrypt)
$ sudo apt -y install certbot python3-certbot-nginx
$ sudo certbot --nginx -d yourdomain -d *.yourdomain
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator nginx, Installer nginx
Enter email address (used for urgent renewal and security notices) (Enter 'c' to
cancel):yourmailaddress
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must
agree in order to register with the ACME server at
https://acme-v02.api.letsencrypt.org/directory
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(A)gree/(C)ancel:A
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Would you be willing to share your email address with the Electronic Frontier
Foundation, a founding partner of the Let's Encrypt project and the non-profit
organization that develops Certbot? We'd like to send you email about our work
encrypting the web, EFF news, campaigns, and ways to support digital freedom.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o:Y
Obtaining a new certificate
Performing the following challenges:
Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA. You may need to use an authenticator plugin that can do challenges over DNS.
Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA. You may need to use an authenticator plugin that can do challenges over DNS.
IMPORTANT NOTES:
- Your account credentials have been saved in your Certbot
configuration directory at /etc/letsencrypt. You should make a
secure backup of this folder now. This configuration directory will
also contain certificates and private keys obtained by Certbot so
making regular backups of this folder is ideal.
$ sudo certbot --nginx -d yourdomain
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator nginx, Installer nginx
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for yourdomain
Waiting for verification...
Cleaning up challenges
Deploying Certificate to VirtualHost /etc/nginx/conf.d/local.conf
Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: No redirect - Make no further changes to the webserver configuration.
2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for
new sites, or if you're confident your site works on HTTPS. You can undo this
change by editing your web server's configuration.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-2] then [enter] (press 'c' to cancel):2
Redirecting all traffic on port 80 to ssl in /etc/nginx/conf.d/local.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Congratulations! You have successfully enabled https://yourdomain
You should test your configuration at:
https://www.ssllabs.com/ssltest/analyze.html?d=yourdomain
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
IMPORTANT NOTES:
- Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/yourdomain/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/yourdomain/privkey.pem
Your cert will expire on 2021-07-04. To obtain a new or tweaked
version of this certificate in the future, simply run certbot again
with the "certonly" option. To non-interactively renew *all* of
your certificates, run "certbot renew"
- If you like Certbot, please consider supporting our work by:
Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate-le
5.Rubyほか必要ツール類インストール
$ cd $ git clone https://github.com/sstephenson/rbenv.git ~/.rbenv $ git clone https://github.com/sstephenson/ruby-build.git ~/.rbenv/plugins/ruby-build $ echo 'export PATH=~/.rbenv/bin:$PATH' >> ~/.bashrc $ echo 'eval "$(rbenv init -)"' >> ~/.bashrc $ source ~/.bashrc $ rbenv --version rbenv 1.1.2-44-gd604acb $ sudo apt -y install build-essential $ sudo apt -y install git build-essential libssl-dev libpq-dev $ sudo apt -y install zlib1g-dev libxslt1-dev libreadline-dev libcurl4-openssl-dev $ sudo apt -y install imagemagick libmagick++-dev $ rbenv install 2.6.7 $ rbenv versions $ rbenv global 2.6.7 $ ruby -v ruby 2.6.7p197 (2021-04-05 revision 67941) [x86_64-linux]
6.Redmine導入
$ cd /var/www
$ sudo git clone https://github.com/redmine/redmine.git redmine
$ sudo chown -R youruser redmine/
$ cd redmine
$ cp config/database.yml.example config/database.yml
$ sudo vi config/database.yml
---------------------------------------
# PostgreSQL configuration example
production:
adapter: postgresql
database: redmine
host: localhost
username: redmine
password: yourpassword
encoding: utf8
pool: 5
development:
adapter: postgresql
database: redmine
host: localhost
username: redmine
password: yourpassword
encoding: utf8
pool: 5
---------------------------------------
$ vi config/configuration.yml
--------------------------------------------
default:
email_delivery:
delivery_method: :smtp
smtp_settings:
address: "smtp.sendgrid.net"
port: 587
domain: "smtp.sendgrid.net"
authentication: :login
user_name: apikey
password: YourSendGridToken
attachments_storage_path: /mnt/myredmine/redmine-file
--------------------------------------------
7.Rubyおよびnginx関連設定
$ cd $ git clone https://github.com/sstephenson/rbenv.git ~/.rbenv $ git clone https://github.com/sstephenson/ruby-build.git ~/.rbenv/plugins/ruby-build $ echo 'export PATH=~/.rbenv/bin:$PATH' >> ~/.bashrc $ echo 'eval "$(rbenv init -)"' >> ~/.bashrc $ source ~/.bashrc $ rbenv --version rbenv 1.1.2-44-gd604acb $ sudo apt -y install build-essential $ sudo apt -y install git build-essential libssl-dev libpq-dev $ sudo apt -y install zlib1g-dev libxslt1-dev libreadline-dev libcurl4-openssl-dev $ sudo apt -y install imagemagick libmagick++-dev $ rbenv install 2.6.7 $ rbenv versions $ rbenv global 2.6.7 $ ruby -v ruby 2.6.7p197 (2021-04-05 revision 67941) [x86_64-linux]6.Redmine導入
$ cd /var/www
$ sudo git clone https://github.com/redmine/redmine.git redmine
$ sudo chown -R youruser redmine/
$ cd redmine
$ cp config/database.yml.example config/database.yml
$ sudo vi config/database.yml
---------------------------------------
# PostgreSQL configuration example
production:
adapter: postgresql
database: redmine
host: localhost
username: redmine
password: yourpassword
encoding: utf8
pool: 5
development:
adapter: postgresql
database: redmine
host: localhost
username: redmine
password: yourpassword
encoding: utf8
pool: 5
---------------------------------------
$ vi config/configuration.yml
--------------------------------------------
default:
email_delivery:
delivery_method: :smtp
smtp_settings:
address: "smtp.sendgrid.net"
port: 587
domain: "smtp.sendgrid.net"
authentication: :login
user_name: apikey
password: yoursendgridtoken
attachments_storage_path: /mnt/myredmine/redmine-file
--------------------------------------------
7.Rubyおよびnginx関連設定
#①Rails関連準備
$ vi Gemfile
#最後尾に追加
------------------
#Unicorn
gem "unicorn"
------------------
$ gem install rubygems-update
$ update_rubygems
$ gem install bundler
$ gem install daemon_controller rack passenger
$ bundle update
$ bundle install --path vendor/bundler --without development test
$ bundle exec rake generate_secret_token
$ bundle exec rake db:migrate RAILS_ENV=production
#②unicorn設定
$ vi config/unicorn.rb
#以下ファイル内容
--------------------------------------------
# Railsのルートパスを求める。(RAILS_ROOT/config/unicorn.rbに配置している場合。)
rails_root = File.expand_path('../../', __FILE__)
# RAILS_ENVを求める。(RAILS_ENV毎に挙動を変更したい場合に使用。今回は使用しません。)
# rails_env = ENV['RAILS_ENV'] || "development"
# 追記に記載してます。入れた方がいいです。
ENV['BUNDLE_GEMFILE'] = rails_root + "/Gemfile"
# Unicornは複数のワーカーで起動するのでワーカー数を定義
# サーバーのメモリなどによって変更すること。
worker_processes 2
# 指定しなくても良い。
# Unicornの起動コマンドを実行するディレクトリを指定します。
# (記載しておけば他のディレクトリでこのファイルを叩けなくなる。)
working_directory rails_root
# 接続タイムアウト時間
timeout 30
# Unicornのエラーログと通常ログの位置を指定。
stderr_path File.expand_path('../../log/unicorn_stderr.log', __FILE__)
stdout_path File.expand_path('../../log/unicorn_stdout.log', __FILE__)
# Nginxで使用する場合は以下の設定を行う(※このパスをNginx側で設定したパスと揃えておく必要があります)。
listen File.expand_path('../../tmp/sockets/unicorn.sock', __FILE__)
# とりあえず起動して動作確認をしたい場合は以下の設定を行う。
#listen 8080
# ※「backlog」や「tcp_nopush」の設定もあるけど、よくわかって無い。
# プロセスの停止などに必要なPIDファイルの保存先を指定。
pid File.expand_path('../../tmp/pids/unicorn.pid', __FILE__)
# 基本的には`true`を指定する。Unicornの再起動時にダウンタイムなしで再起動が行われる。
preload_app true
# 効果なしとの記事を見たので、コメントアウト。
# GC.respond_to?(:copy_on_write_friendly=) and GC.copy_on_write_friendly = true
# USR2シグナルを受けると古いプロセスを止める。
# 後述するが、記述しておくとNginxと連携する時に良いことがある。
before_fork do |server, worker|
defined?(ActiveRecord::Base) and
ActiveRecord::Base.connection.disconnect!
old_pid = "#{server.config[:pid]}.oldbin"
if old_pid != server.pid
begin
sig = (worker.nr + 1) >= server.worker_processes ? :QUIT : :TTOU
Process.kill(sig, File.read(old_pid).to_i)
rescue Errno::ENOENT, Errno::ESRCH
end
end
end
after_fork do |server, worker|
defined?(ActiveRecord::Base) and ActiveRecord::Base.establish_connection
end
--------------------------------------------
$ bundle exec rails generate task unicorn
#③unicorn起動コマンド
$ vi lib/tasks/unicorn.rake
----------------------------
namespace :unicorn do
desc "Start unicorn for production env."
task(:start) do
config_path = "/var/www/redmine/config/unicorn.rb"
sh "unicorn_rails -c #{config_path} -E production -D"
end
desc "Stop unicorn"
task(:stop) { unicorn_signal :QUIT }
desc "Restart unicorn with USR2"
task(:restart) { unicorn_signal :USR2 }
desc "Increment number of worker processes"
task(:increment) { unicorn_signal :TTIN }
desc "Decrement number of worker processes"
task(:decrement) { unicorn_signal :TTOU }
desc "Unicorn pstree (depends on pstree command)"
task(:pstree) do
sh "pstree '#{unicorn_pid}'"
end
def unicorn_signal signal
Process.kill signal, unicorn_pid
end
def unicorn_pid
begin
File.read("/var/www/redmine/tmp/pids/unicorn.pid").to_i
rescue Errno::ENOENT
raise "Unicorn doesn't seem to be running"
end
end
end
----------------------------
$ bundle exec rake unicorn:start
unicorn_rails -c /var/www/redmine/config/unicorn.rb -E production -D
$ bundle exec rake unicorn:stop
#④unicorn自動起動設定
$ sudo vi /etc/init.d/unicorn
--------------------------------------------
#!/bin/sh
# chkconfig: 345 90 20
# description: Redmine
# processname: unicorn_redmine
RAILS_ENV=production
SERVICE=redmine
USER=youreuser
RAILS_ROOT_DIR="/var/www/redmine"
PID=${RAILS_ROOT_DIR}/tmp/pids/unicorn.pid
UNICORN_CONF=${RAILS_ROOT_DIR}/config/unicorn.rb
UNICORN_ALIVE=`ps aux|grep '${UNICORN_CONF}'|grep -v grep|wc -l`
start()
{
if [ $UNICORN_ALIVE = 0 ]; then
rm -f $PID
fi
if [ -e ${PID} ]; then
echo "${SERVICE} already started"
exit 1
fi
echo "start ${SERVICE}"
sudo su -l ${USER} -c "cd ${RAILS_ROOT_DIR} && bundle exec unicorn_rails -c ${UNICORN_CONF} -D"
}
stop()
{
if [ ! -e ${PID} ]; then
echo "${SERVICE} not started"
exit 1
fi
echo "stop ${SERVICE}"
kill -QUIT `cat ${PID}`
}
force_stop()
{
if [ ! -e ${PID} ]; then
echo "${SERVICE} not started"
exit 1
fi
echo "stop ${SERVICE}"
kill -INT `cat ${PID}`
}
reload()
{
if [ ! -e ${PID} ]; then
echo "${SERVICE} not started"
start
exit 0
fi
echo "reload ${SERVICE}"
kill -USR2 `cat ${PID}`
}
restart()
{
if [ -e ${PID} ]; then
stop
sleep 3
fi
start
}
case "$1" in
start)
start
;;
stop)
stop
;;
force-stop)
force_stop
;;
reload)
reload
;;
restart)
restart
;;
*)
echo "Syntax Error: release [start|stop|force-stop|reload|restart]"
;;
esac
--------------------------------------------
$ sudo chmod 755 /etc/init.d/unicorn
$ sudo vi /lib/systemd/system/unicorn.service
--------------------------------------------
[Unit]
Description=Unicorn Server
After=postgresql.service
[Service]
WorkingDirectory=/var/www/redmine
Environment=RAILS_ENV=production
SyslogIdentifier=unicorn
PIDFile=/var/www/redmine/tmp/pids/unicorn.pid
ExecStart=/home/youruser/.rbenv/shims/bundle exec "unicorn_rails -c config/unicorn.rb -E production -D"
ExecStop=/usr/bin/kill -QUIT $MAINPID
ExecReload=/bin/kill -USR2 $MAINPID
[Install]
WantedBy=multi-user.target
--------------------------------------------
$ sudo chmod 755 /lib/systemd/system/unicorn.service
$ sudo ln -s /lib/systemd/system/unicorn.service /etc/systemd/system/multi-user.target.wants/unicorn.service
$ sudo systemctl start unicorn.service
$ sudo systemctl stop unicorn.service
$ sudo systemctl enabled unicorn.service
#エラーが出るが無視~
#⑤nginx設定ファイル修正
$ sudo vi /etc/nginx/conf.d/local.conf
------------------------------
upstream unicorn-unix-domain-socket {
server unix:/var/www/redmine/tmp/sockets/unicorn.sock fail_timeout=0;
}
server {
listen 80; # httpへのアクセスをhttpsへリダイレクトする
listen [::]:80;
server_name yourdomain;
if ($http_x_forwarded_proto != https) {
return 301 https://$host$request_uri;
}
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
ssl on;
if ($host != "yourdomain"){
return 444;
}
server_name yourdomain;
index index.html index.htm index.php;
client_max_body_size 1024M;
ssl_stapling on;
ssl_stapling_verify on;
ssl_certificate /etc/letsencrypt/live/yourdomain/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/yourdomain/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
location / {
root /var/www/redmine;
access_log /var/log/nginx/redmine_access.log;
error_log /var/log/nginx/redmine_error.log;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_pass http://unicorn-unix-domain-socket;
}
}
------------------------------
$ sudo nginx -t
$ sudo service nginx restart
$ sudo shutdown -r now
#⑥リマインダー設定
$ crontab -e
-----------------------------
# m h dom mon dow command
30 6 * * * cd /var/www/redmine ; bundle exec rake redmine:send_reminders days=3 RAILS_ENV=production
-----------------------------
#⑦プラグイン
$ cd /var/www/redmine/plugins/
#・redmine issue templates
$ git clone https://github.com/akiko-pusu/redmine_issue_templates.git redmine_issue_templates
#・view_customize
$ git clone https://github.com/onozaty/redmine-view-customize.git view_customize
#・Redmine Editor Preview Tab Extension
$ git clone https://github.com/tleish/redmine_editor_preview_tab redmine_editor_preview_tab
#・redmine checklists
#ダウンロードしたZipファイルをアップロード
$ sudo apt -y install unzip
$ unzip redmine_checklists-3_1_19-light.zip
$ rm redmine_checklists-3_1_19-light.zip
$ su - youruser
$ sudo mv /home/sshloginuser/redmine_checklists redmine/app/plugins/
$ sudo chown -R youruser redmine_checklists/
$ sudo chgrp -R youruser redmine_checklists/
#・Redmine Already Read plugin
$ cd ~/redmine/app/plugins/
$ git clone https://github.com/tkusukawa/redmine_already_read redmine_already_read
#・redmine_xls_export
$ git clone https://github.com/two-pack/redmine_xls_export.git
#・redmine_logs
$ git clone https://github.com/haru/redmine_logs.git
#・wiki_extensions
$ git clone https://github.com/haru/redmine_wiki_extensions.git
#・redmine_work_time
$ git clone https://github.com/tkusukawa/redmine_work_time.git
#・redmine_issue_badge
$ git clone https://github.com/akiko-pusu/redmine_issue_badge.git
#・redmine issues tree
$ git clone -b 4.1.x https://github.com/Loriowar/redmine_issues_tree.git
#・redmine issues tree
$ git clone https://github.com/Loriowar/redmine_issues_tree.git
#⑧プラグイン反映用Shell
$ cd /var/www/redmine/
$ bundle install --no-deployment
$ cd plugins
$ vi post-install.sh
----------------------------
bundle exec rake redmine:plugins:migrate RAILS_ENV=production
----------------------------
$ sudo chmod 755 post-install.sh
$ ./post-install.sh
$ sudo systemctl stop unicorn.service
$ sudo systemctl start unicorn.service
$ sudo service nginx restart
■参考サイト
・VMイメージ展開
・PostgreSQL
・nginx関連
・Redmine
【2021/7/30修正】
absolute datesプラグインを入れるとまともに動かなくなるので外しました。
redmine issues treeプラグインのインストール追加いたしました。
コメント