PHABRICATOR on NS

danb35 · July 24, 2018, 3:45pm

ls -l /var/tmp

oneitonitram · July 24, 2018, 3:52pm

I get this

total 36
drwxr-xr-x 4 phd phd 4096 Jul 24 16:59 phd
drwx------ 3 root root 4096 Jul 19 02:59 systemd-private-044c9da988724e6aa9d4915ea2d49292-chronyd.service-ftsUhj
drwx------ 3 root root 4096 Jul 19 02:59 systemd-private-044c9da988724e6aa9d4915ea2d49292-httpd.service-VqFsMN
drwx------ 3 root root 4096 Jul 23 20:15 systemd-private-b32f127a6db846c486d311de8ec33133-chronyd.service-9g2r7e
drwx------ 3 root root 4096 Jul 24 17:25 systemd-private-b32f127a6db846c486d311de8ec33133-httpd.service-GTRD35
drwx------ 3 root root 4096 Jul 24 17:25 systemd-private-b32f127a6db846c486d311de8ec33133-mysqld.service-IYIPeh
drwx------ 3 root root 4096 Jul 19 22:15 systemd-private-e54d5948f61c4854b6dd956b4ceb79e5-chronyd.service-m6rIwu
drwx------ 3 root root 4096 Jul 19 22:15 systemd-private-e54d5948f61c4854b6dd956b4ceb79e5-httpd.service-sA2b2R
drwx------ 2 root root 4096 Jul 24 16:45 yum-root-8649Ri
[root@ns phabricator]#

oneitonitram · July 24, 2018, 4:02pm

I deleted the folder, then tried sudo -u phd bin/phd start --force
that seems to have fixed the issue.of daemons.

Let me try to push now, after generating the private keys.

now regarding the http pushing, do I use the vcs username or the username for the person logged to phabricator.

danb35 · July 24, 2018, 4:28pm

The login username.

danb35 · July 25, 2018, 9:37pm

Just added a section on weekly automatic upgrades.

danb35 · July 25, 2018, 10:03pm

Yeah, it’s got me scratching my head. A suggestion on the Let’s Encrypt forum led me to try this in the port 80 virtualhost:

  RewriteEngine on
  RewriteRule ^\.well-known/ - [L]
  RewriteRule (.*) https://phab.domain/$1 [R,L]
  Alias "/.well-known/acme-challenge/" "/var/www/html/.well-known/acme-challenge/"
  <Directory "/var/www/html/.well-known/acme-challenge/">
     Require all granted
     Options -Indexes -FollowSymLinks
     AllowOverride None
  </Directory>

…and, from what I can figure out from the Apache docs, that should ignore paths starting with /.well-known (more precisely, redirect the request to itself and then ignore further rules), and then redirect everything else to https. But no dice, a request for /.well-known/acme-challenge/test (even a request on http://localhost/, which shouldn’t be in this virtual host at all) gets redirected and sent to the login screen.

oneitonitram · July 26, 2018, 6:32am

I am now happy that most things work very fine, I can push, pull observe etc.
this works fine for visual studio code.
visual studio pains
In visual studio, the big one. its really getting hard to push to the repository.
anyone have an idea. I have googled like hell. but nothing seems to make sense.

danb35 · July 28, 2018, 1:20pm

All right, with some help from the folks on the Let’s Encrypt forum, I think I have the virtual host configuration fixed to allow Let’s Encrypt certs to work properly. In doing so, I’ve also fixed what should be the last place where any customization or modification of the instructions were required–you should now be able to copy/paste everything unaltered.

danb35 · July 28, 2018, 1:28pm

Having never used visual studio, I have no idea. The Phabricator docs say that integration with Windows tools is going to be lacking, though.

danb35 · July 28, 2018, 11:25pm

What would it take to run this under PHP 7.2? I’ve installed PHP-SCL, and set the default version to 7.2, but it doesn’t seem to be affecting the Phabricator install.

Edit: Looks like adding this to the virtual host configuration should do the trick:

<FilesMatch .php$>
  SetHandler "proxy:unix:/var/run/php72-php-fpm/test-php72.sock|fcgi://localhost/"
</FilesMatch>

…along with this in the port 443 rewrite rules:

  RewriteCond %{HTTP:Authorization} ^(.*)
  RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]

It gets rid of the APC setup error, but replaces it with an error about APCu and Zend Opcache, as well as post_max_size not being set.

mrmarkuz · July 28, 2018, 11:35pm

One way is to set it with a virtual host in the UI but this may break the actual phab httpd conf.

Another method is to use php-fpm and add FilesMatch in the Directory directive in 05_phabricator:

<Directory "/var/lib/nethserver/vhost/phab/phabricator/webroot">
  Require all granted
  <FilesMatch \.php$>
    SetHandler "proxy:fcgi://127.0.0.1:9072"
  </FilesMatch>
</Directory>

mrmarkuz · July 28, 2018, 11:38pm

With php72 some settings may have to be done in another directory:

https://wiki.nethserver.org/doku.php?id=php-scl#adjust_phpini

danb35 · July 28, 2018, 11:57pm

Well, post_max_size can be fixed with

config setprop php72 PostMaxSize 32
signal-event nethserver-php-scl-update

The others can be fixed with

yum install php72-php-apcu php72-php-opcache

That leads to yet another setup warning about the opcache not being configured ideally. Edit /etc/opt/remi/php72/php.d/10-opcache.ini and find the line that says:

;opcache.validate_timestamps=1

…and change it to:

opcache.validate_timestamps=0

Not sure I want to add dependencies to the process, but this should help performance a good bit–first, in that PHP 7.2 performs a good bit better than 5.x; second, in that it adds caching. PHP 7.2 also incorporates a more secure hashing algorithm if you’ll be using the Username/password auth app. I’ve made these updates to the wiki.

danb35 · August 22, 2018, 12:50pm

Running Phabricator on a separate VPS with the auto-update script from the wiki keeping it up to date every week. I can pull/push, view code, etc. But when I try to view a commit, I get this:

Off to see if I can track that down…

oneitonitram · August 24, 2018, 8:50am

might there be a change that has been made to the repository. So far we are making use of phabricator, and it works ok for us.
All aspects of commit, pull push, view project discussions, task management and Kanban board, linked to project.

The only thing we are you to figure out is how to create a branch on a repository

oneitonitram · September 12, 2018, 12:15pm

did you manage to notice what was causing the error.

danb35 · September 12, 2018, 12:17pm

Got working on other things, but it seems to be working now–apparently an update to the code took care of it.

oneitonitram · September 12, 2018, 12:35pm

I guess someone ight have pushed a wrong commit to the software.

Been using phabricator on production for a project, with 6 developers, and it sees to work fine so far.

oneitonitram · October 30, 2018, 12:55pm

@danb35 and everyone else.

I new this day would come.
generally I have been using phabricator on a producton server, iand so fa it has worked great for us internally. no any issue.

Now the issue am facing is with regards to ssl certificates.
How did you guys solve the issue of issuing ssl when phabricator is already installed.

at the moment am getting an issue while trying to renew let ssl on the server.

danb35 · October 30, 2018, 1:19pm

The technique currently in the wiki should allow certbot to renew the cert without issues. Personally, I use DNS validation using acme-dns.

…and what would that issue be?