Clevar Me: Setup Snowy in Maverick+ for Note Synchronization with HTTPS

This is a walk through of installing and setting up Snowy (http://live.gnome.org/Snowy) on your Lucid Lynx system for Tomboy (http://live.gnome.org/Tomboy) note synchronization. This really is me taking information from a few different areas and putting it in one spot. If you aren't using Ubuntu and still want to follow this some paths may be different and the packages will be but other than that you should be fine.

Packages to Install/Prep Work

This will install apache with wsgi and ssl support as well as the supporting libraries for Snowy.

apt-get install python-libxslt1 python-libxml2 python-tz python-sqlite python-setuptools python-dateutil python-simplejson libapache2-mod-wsgi python-django libapache2-mod-gnutls apache2-mpm-prefork openssl python-django-openid-auth

Generating OpenSSL Authority

Quickly go through creating an authority and signing a server key. Skip this part if you already have SSL and certificates setup.

Step 1: Setup your own CA (Certificate Authority)

openssl genrsa -des3 -out my_ca.key 2048

Generate the certificate:

openssl req -new -x509 -days 3650 -key my_ca.key -out my_ca.crt

Step 2: Make a key and a certificate for the web server:

openssl genrsa -des3 -out snowy.key 1024

openssl req -new -key snowy.key -out snowy.csr
# I skipped the challenge passowrd part
Sign the key with my CA from above i.e. udc.key

openssl x509 -req -in snowy.csr -out snowy.crt -sha1 -CA my_ca.crt -CAkey my_ca.key -CAcreateserial -days 3650

chmod 0400 *.key

copy both the snowy.csr and the snowy.key to /etc/apache2/ssl

*Note: I keep my SSL keys in /etc/apache2/ssl it really is up to you where they are, you will need to reference them in your apache configuration. In this walk-through I will assume all of the keys are in /etc/apache2/ssl

Installing Snowy

Check out Snowy to the location that you want your website to be in

git clone http://git.gnome.org/browse/snowy

Configure local_settings.py

cd snowy_directory
cp local_settings.py.in local_settings.py

Example configuration
------
# Local Django settings for snowy project.
DEBUG = True
TEMPLATE_DEBUG = DEBUG

DATABASE_ENGINE = 'sqlite3' # 'postgresql_psycopg2', 'postgresql', 'mysql', 'sqlite3' or 'oracle'.
# You should pick a path for the DB that is not accessible via the web.
DATABASE_NAME = 'snowy.db' # Or path to database file if using sqlite3.

# Fill in this information from
# http://recaptcha.net/api/getkey?app=snowy
RECAPTCHA_ENABLED = False
RECAPTCHA_PUBLIC_KEY = ''
RECAPTCHA_PRIVATE_KEY = ''

EMAIL_PORT = 1025
URI_SCHEME = 'https'

# End configuration
----

Setting up the django portion

Initialize Django and create your first user.

python manage.py syncdb

At this point you can test that everything is going well by doing the following.
*You will be prompted for a username and a password, don't forget this!

python manage.py runserver

Point your browser at http://loaclhost:8000 and login with the username and password you created when you ran syncdb.

If you get any errors it is most likely due to python packages, install the module python is complaining about and refresh your browser. Rinse repeat.

You login now with openid which is great!

to modify settings and allow new users

http://server/admin

Technically you can stop but for those who want to run snowy using apache read the next section

Setup Apache host and wsgi file for Snowy

This section will walk you through setting up snowy as a Web Server Gateway Interface (WSGI) file.

Create a snowy.wsgi file

snowy.wsgi
---
import os
import sys
sys.path.append('/home/httpd/html/clevar/snowy')
sys.path.append('/home/httpd/html/clevar')

os.environ['DJANGO_SETTINGS_MODULE'] = 'snowy.settings'

import django.core.handlers.wsgi
application = django.core.handlers.wsgi.WSGIHandler()
---

Apache snowy site configuration
Create an apache configuration with SSL support:

/etc/apache2/sites-available/snowy_ssl:

WSGIPassAuthorization On
WSGIDaemonProcess snowy user=cowbud home=/home/cowbud/vendsrc/snowy
WSGIProcessGroup snowy
WSGIScriptAlias / /home/cowbud/vendsrc/snowy.wsgi

SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /etc/apache2/ssl/snowy.crt
SSLCertificateKeyFile /etc/apache2/ssl/snowy.key

Options -Indexes FollowSymLinks
AllowOverride AuthConfig FileInfo
Order allow,deny
Allow from all

Alias /media/ /usr/share/pyshared/django/contrib/admin/media/

Options -Indexes FollowSymLinks
AllowOverride AuthConfig FileInfo
Order allow,deny
Allow from all

---

Enable the site you just created.

sudo a2ensite snowy_ssl

Enable the SSL module

sudo a2enmod ssl

Restart apache:

/etc/init.d/apache2 restart

You will need to enter your key password here from the cert we created up top.

That is it you should be ale to go to https://localhost and see the same page you saw when you run the Django server manually.

Once you have verified it works go to https://localhost/admin and login with your user account that you created previously

You need to set the sites variable to the site name you are going to be connecting to.

https://localhost/admin/sites/site/

Update example.com to have your hostname.

Client side setup

once you have verified the web server is running

Open up Tomboy
Go to Search All Notes
In that Dialog go to Edit -> Preferences, The Synchronization Tab
Select Service Tomboy Web
Server https://your_server

Connect

Allow access in the web browser

Save

and Sync

DONE!

Links:

http://live.gnome.org/Snowy/WSGI

http://live.gnome.org/Snowy/Dreamhost

http://www.vanemery.com/Linux/Apache/apache-SSL.html

http://code.google.com/p/modwsgi/

------------
If you followed all of the above and this isn't working (Like you are on Natty) it is due to piston having a bug that is currently being worked on:
https://bugzilla.gnome.org/show_bug.cgi?id=638480

Clevar Me

4/6/11

Setup Snowy in Maverick+ for Note Synchronization with HTTPS

19 comments: