Elmpowered with elm trees on your side, you can do anything

23Sep/100

Trac Email Notifications via sendmail on Hostmonster

While setting up Trac's email notification module to use sendmail, I kept seeing an error in my server's log. Something along the lines of "sendmail: no recipient specified...". That was confusing since I was pretty sure I set a recipient (or rather, I was trusting that Trac was).

After having the bright idea to turn Trac's logging feature on, I got a friendly message while creating a new ticket. The message informed me that I can't use a fake email address (I was attempting to use trac@mydomain.com). That makes sense if you stop to think about it. Hosting companies, such as Hostmonster, don't want you using their servers to spam the world. Allowing the use of a fake email address would allow the very sort of spamming to take place.

So, easy solution: use a real email address; or, in my case, make the fake email address real by creating it in CPanel.

21Sep/102

Enabling Trac Authentication on a Shared Host

As a complete Trac newbie, I thought I'd write up the steps I went through in order to enable Trac authentication on a shared host. I couldn't find these instructions (explicitly) anywhere else, so hopefully others will find them useful. If not, then at least I have written instructions for my own sake.

I did this with Trac 0.12, but the steps should be the same for Trac 0.11. YMMV for older versions of Trac.

Installing Trac on a shared host is a pretty straight-forward operation -- just follow the TracInstall guide. Things get a little bumpy once you get to the  Configuring Authentication section, however. My host (HostMonster) uses FastCGI and the instructions for enabling Trac authentication in a CGI environment entail editing the Apache config files. Being on a shared host, you're not given access to those config files (*shocker*).

Not finding helpful information through various Google searches (I swear I really did look), I turned to the helpful Trac Users Google Group for help (you can see the post here if you'd like).

First suggestion I got was to try adding the Apache config instructions to the .htaccess file. This resulted in a 500 Internal Server Error. The server logs indicated that the <Location> element is not allowed in .htaccess files.

Thankfully, there was a second suggestion -- use the AccountManagerPlugin.

The plugin installed fine with easy_install, although I did have to use "http", rather than "https", for the install URL. The instructions state that you need to restart Apache 2.2.x in order for the plugin to be detected, but this wasn't the case for me. The plugin started working right away.

Configuring the plugin is pretty easy, but the steps aren't laid out very well in the instructions. Below is my attempt to spell them out more explicitly.

Edit trac.ini as follows:

[components]
....
trac.web.auth.loginmodule = disabled
acct_mgr.api = enabled
acct_mgr.web_ui.loginmodule = enabled
acct_mgr.web_ui.registrationmodule = enabled

The first line disables the default Trac authentication module. The second line enables the "core" of the AccountManagerPlugin and is required to use any other components offered by the plugin. The third line enables the AccountManagerPlugin's login module, while the fourth line enables accounts to be created from the webpage. Once you've created all needed accounts, you'll probably want to disable this registration module (so that random people can't create accounts):

acct_mgr.web_ui.registrationmodule = disabled

Before you create accounts, you'll need to enable one of the password storage modules. The HtDigestStore is considered more secure than the HtPasswordStore, so let's use the former.

Continue editing trac.ini as follows:

[components]
acct_mgr.htfile.htdigeststore = enabled

[account-manager]
; configure the plugin to store passwords in the htdigest format
password_store = HtDigestStore
; the file where user accounts are stored. the webserver will need write permissions to this file and its parent folder
password_file = <some path>/trac.htdigest
; the name of the authentication “realm”. it can be any text to identify your site or project
htdigest_realm = TracRealm

After this, you should be able to go to your Trac portal, register a new account, and login.

Update: I tried another Google search and actually found instructions for enabling security in the .htaccess file (on page 2 of the search results...who looks on the 2nd page? Honestly...). If interested, you can read about it on the Sweating the Details blog.

9Sep/100

Django & Hostmonster: Deploying My First App

I am a giant bonehead. I meant to write this post a year-and-a-half ago, so that I could remember the steps I went through to get this working. I did not write said post. Now I'm going through the same process again. Hooray.