Running Trac using nginx and supervisord
The mission is to run trac using nginx and keeping tracd alive using supervisord.
First the nginx configuration. The http://trac.edgewall.org/wiki/TracNginxRecipe site was a really good starting point.
Nginx is working as a proxy to port 3050 on localhost. If the payload on the tracd is too much it is easy to add addional servers with for example port 3051, 3052, .... Because we want to use only ssl all http traffic is redirected to https.
upstream trac_example_org { server 127.0.0.1:3050; # additional servers here } server { listen 80; server_name example.org; rewrite ^/(.*) https://example.org/$1 redirect; } server { listen 443; server_name example.org; access_log /var/log/nginx/trac.access.log; error_log /var/log/nginx/trac.error_log; ssl on; ssl_certificate /etc/nginx/ssl/exampleorg_cert.pem; ssl_certificate_key /etc/nginx/ssl/exampleorg_privatekey.pem; keepalive_timeout 70; add_header Front-End-Https on; location / { proxy_pass http://trac_example_org; proxy_set_header Host $host; } }
Now we have to run tracd on port 3050 only visible for localhost. For this I use a shell script with all data needed. This includes the trac folder and an htpasswd file for authentication. The hostname=localhost setting keeps tracd only listening on localhost.
#!/bin/bash exec /usr/local/bin/tracd --hostname=localhost -p 3050 --pidfile=/var/run/tracd.3050 --protocol=http \ /srv/www/trac/trac -s --basic-auth="trac,/srv/www/trac.htpasswd,Example"
Now keep this script alive using supervisord. I run trac with the user trac.
[program:trac] command=/var/www/trac-run.sh user=trac autostart=true autorestart=true stdout_logfile=/var/log/supervisor/trac.log redirect_stderr=true
For questions or improvement please leave a note in the comments.