Installation of CISERVER

You can install the CISERVER on your own host. You need full access to the system - it won’t run on a shared hosting.

Apache Httpd + PHP

Install an Apache httpd and enablethese modules.

  • rewrite
  • proxy + proxy_fcgi (or proxy_http) for a proxy
  • socache_shmcb (on Debian for ssl connections)

For PHP 8.x we need these packages

  • php-fpm
  • php-curl
  • php-intl
  • php-mbstring
  • php-ldap (for ldap authentication)
  • php-sqlite3
  • php-xml

Other required tools

These commandline tools must be installed.

  • ssh
  • rsync
  • git

Get sources

Extract the repository in /var/www/ciserver.example.org. You can download the archive from the git repository or use git clone.

cd /var/www
git clone https://git-repo.iml.unibe.ch/iml-open-source/imldeployment.git
mv imldeployment ciserver.example.com

The directory /var/www/ciserver.example.com is called approot in further documentation.

Update virtual host config

Set the document root to the subdir public_html. We need two rewrite rules to redirect requests.

...
DocumentRoot "/var/www/ciserver.example.com/public_html"

<location "/deployment/">
  RewriteEngine on
  RewriteCond %{REQUEST_FILENAME} !-f
  RewriteRule ^(.*)$ index.php [QSA,L]
</Location>

<Location "/api/">
  RewriteEngine on
  RewriteCond %{REQUEST_FILENAME} !-f
  RewriteRule ^(.*)$ index.php [QSA,L]
</Location>
...

Create Configs

In [approot]/config/ copy the 2 *.dist files to the same filename but without “.dist”.

Create data structure and tmp

The aplication works with

  • a data directory /var/imldeployment
  • a tmp directory /var/tmp/imldeployment

If you use ansible you can use this snippet.

- name: extra appdirs
  become: yes
  become_user: root
  hosts: ciserver

  tasks:
    - name: Create CI SERVER base dirs
      file:
        path: '{{ item }}'
        mode: 0750
        owner: www-data
        group: www-data
        state: directory
      loop:
        - '/var/tmp/imldeployment'
        - '/var/imldeployment'
        - '/var/imldeployment/data'
        - '/var/imldeployment/data/database'
        - '/var/imldeployment/data/projects'
        - '/var/imldeployment/data/sshkeys'
        - '/var/imldeployment/build'
        - '/var/imldeployment/defaults'
        - '/var/imldeployment/packages'
        - '/var/imldeployment/packages/_files'

Enable shell for Apache service user

The service user of the webservice needs to execute commands with php function exec. By default this user has set nologin as shell - this muust be changed to bin/bash.

Remark: the username can differ from distribution to distribution. Maybe it is “apache” or “wwwrun” on your system.

In the /etc/passwd edit the line of “www-data”:

...
www-data:x:33:33:www-data:/home/www-data:/bin/bash
...

It can be a good idea to switch the $HOME from /var/www to the standard directory for users /home/wwww-data too.

As Ansible snippet (remark: changing $HOME works if the user has no process - maybe you need to stop php-fpm and apache service)

    - name: give a shell to www-data
      ansible.builtin.user:
        name: www-data
        home: /home/www-data
        shell: /bin/bash

First check

Open check-config.phpin the webroot, i.e. https://ciserver.example.com/check-config.php.