Setting up a collaboration server for a small team

I have recently setup a collaboration server for a small research team.
I'm posting a short guide describing all the steps.

---

The operating system is Microsoft Windows. The base installation was complemented with a set of free tools: Notepad++, 7-Zip, SysInternals suite.

Every time a service configuration is significantly changed, it should be stopped and restarted to load the new configuration. These restarts are not explicitly mentioned in the following steps.

... is used to mark placeholders for values that are either case-specific or sensitive, like passwords.


PART 1 - XAMPP


1.1 - Download XAMPP for Windows

1.2 - Install XAMPP to C:\

1.3 - Use the XAMPP console to manage the services and access the XAMPP shell


PART 2 - SVN

2.1 - Download SVN for Windows
Double check that you are getting a version compatible with the Apache bundled in XAMPP.

2.2 - Install SVN

2.3 - Copy mod_dav_svn.so and mod_authz_svn.so from SVN binaries folder to C:\xampp\apache\modules

2.4 - Edit C:\xampp\apache\conf\httpd.conf and add:

# svn repository access (note: confirm mod_dav.so and mod_dav_fs.so are loaded above)
LoadModule dav_svn_module modules/mod_dav_svn.so
LoadModule authz_svn_module modules/mod_authz_svn.so

(...)

# svn configuration
Include c:/etc/subversion.conf

2.5 - Create C:\svn and C:\svn\repo folders

2.6 - Create a project repository
shell> svnadmin create C:\svn\repo

2.7 - Create empty configuration files:
C:\svn\svn-auth-file
C:\svn\svn-acl
C:\svn\subversion.conf

2.8 - Create users
XAMPP shell> htpasswd -cm C:\svn\svn-auth-file first-user...
XAMPP shell> htpasswd -m C:\etc\svn-auth-file next-user...

2.9 - Create ACL: C:\svn\svn-acl

[groups]
groupname = user1, user2

# group has a read/write access to project repository
# all subdirectories
# all others have read access only
[svn:/]
@groupname = rw
* = r

2.10 - Create subversion configuration: C:\svn\subversion.conf
(/svn is the path used for the repository web address)


DAV svn
SVNPath C:/svn/repo

AuthType Basic
AuthName "Subversion repository"
AuthUserFile c:/svn/svn-auth-file

Require valid-user

AuthzSVNAccessFile c:/svn/svn-acl


2.11 - Create standard repository layout and import it to repository

shell> cd temp
shell> mkdir layout
shell> cd layout
shell> mkdir trunk
shell> mkdir branches
shell> mkdir tags
shell> svn import . https://.../svn -m "Initial repository layout"


References:
http://svn.haxx.se/users/archive-2005-05/0741.shtml
http://svn.spears.at/


PART 3 - DokuWiki

3.1 - Download DokuWiki

3.2 - Unzip and untar. Copy the contents of the main folder to C:\xampp\htdocs\dokuwiki

3.3 - Access the initial installation script
http://.../dokuwiki/install.php

Wiki Name - title
Enable ACL
Superuser - admin
Full Name
E-Mail
Password
Once Again
Initial ACL policy - closed wiki

3.4 - Login using admin user and use administrative interface to create users
http://.../dokuwiki/


Data files location:
C:\xampp\htdocs\dokuwiki\data\

References:
http://www.dokuwiki.org/Install


PART 4 - StatusNet

4.1 - Download StatusNet

4.2 - Unzip and untar. Copy main folder contents to C:\xampp\htdocs\statusnet

4.3 - Create MySQL database, create user and password, grant access rights

XAMPP shell> mysql -u root

CREATE DATABASE statusnet;

GRANT ALL on statusnet.*
TO 'statusnetuser'@'localhost'
IDENTIFIED BY '...';

4.4 - Edit database creation script: C:\xampp\htdocs\statusnet\db\statusnet.sql
Add the following line to the top of the file:
USE statusnet;

4.5 - Execute database creation script.
XAMPP shell> mysql -u root < C:\xampp\htdocs\statusnet\db\statusnet.sql

4.6 - Create and edit configuration file: C:\xampp\htdocs\statusnet\config.php

XAMPP shell> copy C:\xampp\htdocs\statusnet\config.php.sample C:\xampp\htdocs\statusnet\config.php

Write/uncomment following lines in :

$config['site']['name'] = 'My status net';
$config['site']['server'] = 'my.server.address.net';
$config['site']['openidonly'] = false;
$config['site']['private'] = true;
$config['db']['database'] = 'mysql://statusnetuser:...@localhost/statusnet';
$config['db']['debug'] = 0;
$config['xmpp']['enabled'] = false;
$config['openid']['enabled'] = false;
$config['invite']['enabled'] = false;
$config['site']['timezone'] = 'Europe/London';
$config['site']['language'] = 'en_GB';
$config['memcached']['enabled'] = false;
$config['emailpost']['enabled'] = false;
$config['sms']['enabled'] = false;
$config['twitter']['enabled'] = false;
$config['twitterbridge']['enabled'] = false;
$config['site']['ssl'] = 'sometimes';

4.7 - Rename undesired locale folders:
C:\xampp\htdocs\statusnet\locale\pt
to _pt
C:\xampp\htdocs\statusnet\locale\pt_BR
to _pt_BR

4.8 - Access site, register all users, one at a time

4.9 - Edit configuration file to close registrations: C:\xampp\htdocs\statusnet\config.php:

$config['site']['closed'] = true;


Known bugs:
- logout doesn't work
- Post attachments don't work
- HTTPS always option doesn't work properly - some links are generated with HTTP anyway - using HTTPS sometimes to, at least, protect user and password

Missing features:
- no data migration support

References:
C:\xampp\htdocs\statusnet\README
http://status.net/wiki/Installation


PART 5 - Security

5.1 - Change MySQL password
http://.../security/xamppsecurity.php

new password
repeat ...
phpMyAdmin authentication: cookie
Set random...: yes
Click 'Password changing'

5.2 - Change XAMPP directory protection (after this step, the user and password will be required to access XAMPP)
http://.../security/xamppsecurity.php

user
password

5.3 - Generate a new self-signed certificate and replace the default
XAMPP shell>makecert

# makecert
Loading 'screen' into random state - done
Generating a 1024 bit RSA private key
..++++++
....++++++
writing new private key to 'privkey.pem'
Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:
You are about to be asked to enter information that will be incorporated into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:
State or Province Name (full name) [Some-State]:
Locality Name (eg, city) []:
Organization Name (eg, company) [Internet Widgits Pty Ltd]:
Organizational Unit Name (eg, section) []:
Common Name (eg, YOUR name) []:...
Email Address []:
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
Enter pass phrase for privkey.pem:
writing RSA key
Loading 'screen' into random state - done
Signature ok
Getting Private key

-----
Das Zertifikat wurde erstellt.
The certificate was provided.


5.4 - Configure FileZilla security

FileZilla Server interface, Edit settings, SSL/TLS Settings

Enable FTP over SSL/TLS support (FTPS)
Use same private key and certificate as Apache
Private key: C:\xampp\apache\conf\ssl.key\server.key
Certificate: C:\xampp\apache\conf\ssl.crt\server.crt
Allow explicit FTP over TLS
Disallow plain unencrypted FTP


5.5 - Remove default index
Rename C:\xampp\htdocs\index.php
Edit C:\xampp\htdocs\index.html


5.6 - Configure Firewall

Go to: Control Panel - Windows Firewall | Exceptions
Add rules
Program: c:\xampp\FileZilla\FilleZilla Server.exe
Ports: 80 Apache HTTP, 443 Apache HTTPS


References:
http://www.apachefriends.org/en/xampp-windows.html#1221
http://robsnotebook.com/xampp-ssl-encrypt-passwords


---

And that's it! :-)
You know should have a collaboration server up and running.

Thanks to all the authors of the used open-source projects and references. Keep up the good work!

The most unstable component is StatusNet. I'm looking forward to a (stable) version 1.0.