REDMINE INSTALLATION WITH GOOGLE AUTHENTICATION – Adminsdiary

1. Install RVM such that we could install & switch ruby versions as per our convenience.

# apt-get install curl

# gpg –keyserver hkp://keys.gnupg.net –recv-keys D39DC0E3

   # curl -sSL https://get.rvm.io | bash -s stable
   # source /etc/profile.d/rvm.sh

# rvm requirements

   # rvm install 2.2.4

   # rvm --default use 2.2.4

2. Install Redmine
#apt-get update
#apt-get upgrade

#apt-get install curl libcurl3 git-core liberror-perl sqlite3 build-essential bison openssl libreadline6 libreadline6-dev curl git-core zlib1g zlib1g-dev libssl-dev libyaml-dev libsqlite3-0 libsqlite3-dev sqlite3 libxml2-dev libxslt-dev autoconf apache2 apache2-dev libapr1-dev libaprutil1-dev libcurl4-openssl-dev libmysqlclient-dev libmagickcore-dev libmagickwand-dev

#gem install passenger bundler 
#passenger-install-apache2-module                    [Copy the passenger load information obtained]
#vi /etc/apache2/apache2.conf                           [ Add the above copied information to the bottom of conf file]

#vi /etc/apache2/sites-available/redmine.conf    [Create a virtual host]
<VirtualHost *:80>
ServerName redmine.com
# !!! Be sure to point DocumentRoot to ‘public’!
DocumentRoot /var/www/redmine/public
<Directory /var/www/redmine/public>
# This relaxes Apache security settings.
AllowOverride all
# MultiViews must be turned off.
Options -MultiViews
</Directory>
</VirtualHost>

#a2ensite redmine

#service apache2 restart
# apt-get install mysql-server mysql-client

#cd /var/www/

#mkdir redmine

#cd redmine/

#wget http://www.redmine.org/releases/redmine-3.3.0.tar.gz

#tar -xzvf redmine-3.3.0.tar.gz

#cd redmine-3.3./

#mv * ../

#cd ..

# touch Gemfile.lock

# chown www-data:www-data Gemfile.lock

# chmod 666 Gemfile.lock

# bundle install

Create Database as follows

# mysql -u root -p

CREATE DATABASE redmine CHARACTER SET utf8;

CREATE USER ‘redmine’@’localhost’ IDENTIFIED BY ‘my_password’;

GRANT ALL PRIVILEGES ON redmine.* TO ‘redmine’@’localhost’;

FLUSH PRIVILEGES;

EXIT;

# cd /var/www/redmine/config

# cp database.yml.example database.yml

# vi database.yml USE mysql2 as adapter and edit password field

production:

adapter: mysql2

database: redmine

host: localhost

username: redmine

password: “my_password”

encoding: utf8

# rake generate_secret_token

# RAILS_ENV=production rake db:migrate
# RAILS_ENV=production rake redmine:load_default_data

Access the redmine instance on browser using the username and password as “admin”

3. Setup Google Authentication using Redmine_omniauth google plugin.

Installation:

Download the plugin and install required gems:

cd /path/to/redmine/plugins
git clone https://github.com/twinslash/redmine_omniauth_google.git
cd /path/to/redmine
bundle install

Restart apache service

Registration

To authenticate via Google you must first register your redmine instance via the Google Cloud Console

Select “Create Project”.

Provide the project information

Project ID: Must be unique to all Google Developer registered applications. Google provides a randomly generated Project ID by default. You can use the randomly generated ID or choose a new one.

Refresh the page. You should now see your new project in the list. Click on the project.

Select the “Google APIs” tab in the Overview.

Select and enable the following Google APIs – listed under “Popular APIs”

Enable Contacts API
Enable Google+ API

Select “Credentials” in the submenu.

Select “Create New Oauth Client ID”.

Fill in the required information

Application type: “Web Application”
Enter “http://redmine.com/oauth2callback“, where “redmine.com” is the domain / path for your redmine instance. *** The plugin will not work without this setting ***
Click “Generate”

Save the Client ID and Client Secret for the configuration of the Redmine plugin (see below)

Configuration

Login as a user with administrative privileges.
In top menu select “Administration”.
Click “Plugins”
In plugins list, click “Configure” in the row for “Redmine Omniauth Google plugin”
Enter the Сlient ID & Client Secret shown when you registered your application via Google Cloud Console.
Check the box near “Oauth authentication”
Click Apply.

Other options

By default, all user email domains are allowed to authenticate through Google. If you want to limit the user email domains allowed to use the plugin, list one per line in the “Allowed domains” text box.

For example:

onedomain.com
otherdomain.com

With the above configuration, only users with email addresses on the domains “onedomain.com” and “otherdomain.com” will be allowed to acccess your Redmine instance using Google OAuth.

Authentication Workflow

An unauthenticated user requests the URL to your Redmine instance.
User clicks the “Login via Google” buton.
The plugin redirects them to a Google sign in page if they are not already signed in to their Google account.
Google redirects user back to Redmine, where the Google OAuth plugin’s controller takes over.

One of the following cases will occur: 1. If self-registration is enabled (Under Administration > Settings > Authentication), user is redirected to ‘my/page’ 2. Otherwse, the an account is created for the user (referencing their Google OAuth2 ID). A Redmine administrator must activate the account for it to work.

Note

If Rails version [rails -v] on server is below 4 internal error occurs so make the following changes for the below file:

path-to-redmine/plugins/redmine_omniauth_google/app/controllers/redmine_oauth_controller.rb

def try_to_login info

params[:back_url] = session[:back_url]

session.delete(:back_url)

user = User.find_or_initialize_by_mail(info[“email”])

#user = User.joins(:email_addresses).where(:email_addresses => { :address => info[“email”] }).first_or_create

if user.new_record?

Add the line specified in bold letters and comment the highlighted entry.

References:

http://martin-denizet.com/install-redmine-2-5-x-git-subversion-ubuntu-14-04-apache2-rvm-passenger/