Hard to say from the outside. Any error messages or logging? Best place to check is the apache log, e.g. /var/log/apache2/error.log Also check access logs for "/auth/repo_permissions" lines. And the allura application logging in case the request is getting through but Allura is denying it (located in ~/tg.log if you ran it according to the INSTALL file).
-Dave On 12/1/14 4:31 AM, Daniele Niero wrote: > Hi DAve, > > Yes that partially worked. Unfortunately I still ahve a problem. Git seems to > find the repos but it still returning 403 error. > > Now I guess the problem is on git itself and/or still the VirtualHost > configuration. > If you have another precious suggestion, please let me know. > > Thanks again, > Daniele > > On 20 November 2014 at 20:06, Dave Brondsema <[email protected] > <mailto:[email protected]>> wrote: > > I think you need to change the order of your ProxyPass sections so that > the > /git/ stuff is before the main proxy /. The first main one is handling > all the > requests (see "Ordering ProxyPass Directives" section of > http://httpd.apache.org/docs/trunk/mod/mod_proxy.html#proxypass) and > nothing > gets to the /git/ handler. > > You can also see this experimentally by running `curl -I > 'http://allura.danieleniero.it/git/p/test/git'` and noticing that the > "Server" > line says "PasteWSGIServer" and it should say "Apache..." > > -Dave > > On 11/19/14 2:52 AM, Daniele Niero wrote: > > Hi Dave, > > > > Thanks again for your help. > > > > So I have checked and Allura creates the repos where I told it to do > so. The > > repos are also fully functional, empty obviousluy, but functionals. I > have tried > > to clone the git one and ceckout the svn one locally on the server and > they > > works. I also pushed one file in the git one and indeed it is visible on > > http://allura.danieleniero.it/p/test/git/ci/master/tree/ > > > > I still can't access them from a client and this makes me think the > problem is > > in the Virtual Host configuration. > > What is your thought? > > > > Cheers, > > Daniele > > > > On 17 November 2014 19:20, Dave Brondsema <[email protected] > <mailto:[email protected]> > > <mailto:[email protected] <mailto:[email protected]>>> wrote: > > > > These kind of things can be hard to debug, especially over mail, but > lets see > > what we can do. I think first would be to verify if it works > without > > authentication enabled. If you uncomment `SetEnv > REMOTE_USER=git-allura` and > > comment-out the whole `<LocationMatch...` section, that will remove > > authentication. Then try running `git ls-remote > > http://allura.danieleniero.it/git/p/test/git` > > > > Also make sure that the "test" project actually has the git repo > set up > > correctly on the filesystem. Run: `ls > /home/daniele/repos/git/p/test` > and make > > sure there is a "git.git" folder. Sometimes the initial test repo > doesn't get > > created initially. Or ends up in a different place if you change > your > settings > > after initializing Allura. If that is the case, you can go to the > project and > > add a new "git" repo tool, and that should create a new repo folder. > > > > And by the way about the .ini settings, `scm.repos.root` is the only > one that > > matters for right now. The rest are used just for display on the > webpage e.g. > > at http://allura.danieleniero.it/p/test/git/ref/master/ > > > > On 11/12/14 3:53 PM, Daniele Niero wrote: > > > Hello, > > > > > > I'm trying to follow the instruction here > > > <https://forge-allura.apache.org/docs/scm_host.html> to activate > support > > for git > > > and svn, however I'm not having much success... > > > > > > First I want to stress how I'm not a web technology expert, not to > justify > > > myself but just to ask to be a little patient if I'm missing > something obvious > > > or making any clear mistake. > > > > > > So I followed those instructions but I changed the location of my > repositories. > > > Also I have to say that my installation of allura is served > through > a subdomain > > > (allura.danieleniero.it <http://allura.danieleniero.it> > <http://allura.danieleniero.it> > > <http://allura.danieleniero.it>), if this is important I > > > don't know... > > > > > > I didn't activate any ldap thinking that it is an optional step. > If > instead it's > > > a required step to serve Git and svn through http/https you can > stop > to read now > > > and simply reply me back to configure it :) > > > > > > I have copied "development.ini" and called "production.ini" and > the part > > > relative to SCM looks like: > > > > > > # SCM settings for local development > > > scm.host.ro.git = /home/daniele/repos/git$path > > > scm.host.rw.git = /home/daniele/repos/git$path > > > scm.host.ro.hg = /home/daniele/repos/hg$path > > > scm.host.rw.hg = /home/daniele/repos/hg$path > > > scm.host.ro.svn = file:///home/daniele/repos/svn$path/ > > > scm.host.rw.svn = file:///home/daniele/repos/svn$path/ > > > > > > # SCM settings for https (sorry no docs for setting these up) > > > # these settings are currently required by the template, no > matter what > > > scm.host.https.git = > https://[email protected]:8022/scm-repo$path > <http://[email protected]:8022/scm-repo$path> > > <http://[email protected]:8022/scm-repo$path> > > > <http://[email protected]:8022/scm-repo$path> > > > scm.host.https_anon.git = > https://allura.danieleniero.it:8022/scm-repo$path > > > scm.host.https.hg = > https://[email protected]:8022/scm-repo$path > <http://[email protected]:8022/scm-repo$path> > > <http://[email protected]:8022/scm-repo$path> > > > <http://[email protected]:8022/scm-repo$path> > > > scm.host.https_anon.hg = > https://allura.danieleniero.it:8022/scm-repo$path > > > scm.host.https.svn = > https://allura.danieleniero.it:8022/scm-repo$path/ > > > scm.host.https_anon.svn = > https://allura.danieleniero.it:8022/scm-repo$path/ > > > > > > scm.clone.git = git clone $source_url $dest_path > > > scm.clone.hg = hg clone $source_url $dest_path > > > scm.clone.ro.svn = svn checkout $source_url $dest_path > > > scm.clone.https_anon.svn = svn checkout $source_url $dest_path > > > scm.clone.svn = svn checkout --username=$username $source_url > $dest_path > > > > > > scm.repos.root = /home/daniele/repos > > > scm.repos.tarball.enable = false > > > scm.repos.tarball.root = /usr/share/nginx/www/ > > > scm.repos.tarball.url_prefix = http://localhost/ > > > scm.repos.tarball.zip_binary = /usr/bin/zip > > > > > > > > > /https://allura.danieleniero.it:8022/scm-repo$path/ looks > suspicious > to me but > > > again, I have no idea... > > > > > > then I have my VirtualHost configuration: > > > > > > <VirtualHost *:80> > > > ServerAdmin [email protected] > <mailto:[email protected]> > <mailto:[email protected] <mailto:[email protected]>> > > <mailto:[email protected] <mailto:[email protected]> > <mailto:[email protected] <mailto:[email protected]>>> > > > ServerName allura.danieleniero.it <http://allura.danieleniero.it> > <http://allura.danieleniero.it> > > <http://allura.danieleniero.it> > > > > > > DocumentRoot /var/www/html/allura > > > > > > # Logfiles > > > ErrorLog /home/daniele/logs/allura/error.log > > > CustomLog /home/daniele/logs/allura/access.log combined > > > > > > # Proxy > > > ProxyPass / http://localhost:8080/ retry=5 > > > ProxyPassReverse / http://localhost:8080/ > > > ProxyPreserveHost On > > > <Proxy *> > > > Order deny,allow > > > Allow from all > > > </Proxy> > > > > > > # git setup > > > SetEnv GIT_PROJECT_ROOT /home/daniele/repos/git > > > SetEnv GIT_HTTP_EXPORT_ALL > > > ProxyPass /git/ ! > > > ScriptAlias /git/ /usr/lib/git-core/git-http-backend/ > > > > > > # no authentication required at all - for testing purposes > > > #SetEnv REMOTE_USER=git-allura > > > > > > <LocationMatch "^/(git|svn|hg)/"> > > > AddHandler mod_python .py > > > # Change this path if needed: > > > PythonAccessHandler > /home/daniele/src/allura/scripts/ApacheAccessHandler.py > > > AuthType Basic > > > AuthName "SCM Access" > > > AuthBasicAuthoritative off > > > # Change this path if needed: > > > PythonOption ALLURA_VIRTUALENV /home/daniele/env-allura > > > # This routes back to the allura webapp, port 8080 if running with > paster > > server > > > (~/start_allura) > > > # In a production environment, run allura with a real WSGI > server, and > > > # change the IP address and port number as appropriate. > > > # And use https if possible, since the username and password are > otherwise > > > # sent in the clear to Allura. > > > PythonOption ALLURA_AUTH_URL > http://allura.danieleniero.it/auth/do_login > > > PythonOption ALLURA_PERM_URL > > http://allura.danieleniero.it/auth/repo_permissions > > > </LocationMatch> > > > </VirtualHost> > > > > > > > > > the file that is called when I connect to allura.danieleniero.it > <http://allura.danieleniero.it> > > <http://allura.danieleniero.it> > > > <http://allura.danieleniero.it> is called index.py and it looks > like > this: > > > > > > #!/usr/bin/python > > > > > > activate_this = '/home/daniele/env-allura/bin/activate_this.py' > > > execfile(activate_this, dict(__file__=activate_this)) > > > > > > import wsgiref.handlers > > > from paste.deploy import loadapp > > > > > > myapp = > loadapp('config:/home/daniele/src/allura/Allura/production.ini') > > > > > > wsgiref.handlers.CGIHandler().run(myapp) > > > > > > > > > and finally, when I launched this commands: > > > > > > echo "Activate the Allura environment" > > > cd ~ > > > . env-allura/bin/activate > > > > > > echo "Start Solr" > > > cd ~/src/solr-4.2.1/example/ > > > nohup java -jar start.jar > ~/logs/solr.log & > > > > > > echo "Start Allura task processing with production.ini" > > > cd ~/src/allura/Allura > > > nohup paster taskd production.ini > ~/logs/taskd.log & > > > > > > echo "Serve Allura with production.ini" > > > nohup paster serve --reload production.ini > ~/logs/tg.log & > > > > > > sudo service apache2 restart > > > > > > > > > Unfortunatly it's clear I have make some mistakes because when I > connect to > > > allura.danieleniero.it/git/p/test/git > <http://allura.danieleniero.it/git/p/test/git> > > <http://allura.danieleniero.it/git/p/test/git> > > > <http://allura.danieleniero.it/git/p/test/git> I have a 500 > Internal > > Server Error. > > > The error.log reports this: > > > > > > [Wed Nov 12 15:37:56.910479 2014 <tel:910479%202014> > <tel:910479%202014>] [:warn] [pid 1968] [client > > 178.84.0.16:49605 <http://178.84.0.16:49605> > <http://178.84.0.16:49605> > > > <http://178.84.0.16:49605>] Allura Access: AccessHandler > > > [Wed Nov 12 15:37:57.216641 2014 <tel:216641%202014> > <tel:216641%202014>] [:warn] [pid 1968] [client > > 178.84.0.16:49605 <http://178.84.0.16:49605> > <http://178.84.0.16:49605> > > > <http://178.84.0.16:49605>] Allura Access: checking auth for: None > > > [Wed Nov 12 15:37:58.624654 2014] [:warn] [pid 1968] [client > 178.84.0.16:49605 <http://178.84.0.16:49605> <http://178.84.0.16:49605> > > > <http://178.84.0.16:49605>] Allura Access: > > > > http://allura.danieleniero.it/auth/repo_permissions?repo_path=%2FSCM%2Ftest.p%2Fgit > > > -> {u'allow_write': False, u'allow_read': True, u'allow_create': > False} -> > > > allow_read -> authorized:True > > > [Wed Nov 12 15:37:58.625380 2014] [authz_core:error] [pid 1968] > [client > > > 178.84.0.16:49605 <http://178.84.0.16:49605> > <http://178.84.0.16:49605> <http://178.84.0.16:49605>] > > AH01627: AuthType configured with > > > no corresponding authorization directives > > > > > > > > > I hope an expert can spot what I'm doing wrong. > > > Thanks in advance. > > > Daniele > > > > > > > > -- > > Dave Brondsema : [email protected] <mailto:[email protected]> > <mailto:[email protected] <mailto:[email protected]>> > > http://www.brondsema.net : personal > > http://www.splike.com : programming > > <>< > > > > > > > > -- > Dave Brondsema : [email protected] <mailto:[email protected]> > http://www.brondsema.net : personal > http://www.splike.com : programming > <>< > > -- Dave Brondsema : [email protected] http://www.brondsema.net : personal http://www.splike.com : programming <><
