Phabricator/Local Dev Environment

From mediawiki.org

These are Brennen's notes from setting up a local dev environment for Phabricator, with some additions by MModell.

The hostname used here is: http://phabricator.lan/

phab installation[edit]

See https://secure.phabricator.com/book/phabricator/article/installation_guide/ for basics.

dependency packages[edit]

  • On Debian: sudo apt install php7.3-gd php7.3-zip php7.3-apcu nginx, php-fpm, mysql
  • On Fedora: sudo dnf install httpd mariadb-server php php-gd php-mbstring php-mysqlnd php-opcache php-pecl-apcu-bc php-pecl-zip php-xml

database[edit]

MySQL privs:

  default mysql password
  local phab admin password


  MariaDB [mysql]> CREATE USER 'phabricator'@'localhost' IDENTIFIED BY 'password';
  Query OK, 0 rows affected (0.001 sec)

  MariaDB [mysql]> GRANT all privileges on *.* to 'phabricator'@'localhost';
  Query OK, 0 rows affected (0.000 sec)

  MariaDB [mysql]> flush privileges
      -> ;
  Query OK, 0 rows affected (0.001 sec)

  MariaDB [mysql]> Bye

Configuring from shell:

  10:29:29 brennen@inertia:~/code/wmf/phab-deployment/phabricator (HEAD m0/u0) ✢ ls
  bin  conf  externals  LICENSE  NOTICE  README.md  resources  scripts  src  support  webroot
  10:29:46 brennen@inertia:~/code/wmf/phab-deployment/phabricator (HEAD m0/u0) ✢ ./bin/config set mysql.user phabricator
   DONE  Wrote configuration key "mysql.user" to local storage (in file "conf/local/local.json").
  10:29:50 brennen@inertia:~/code/wmf/phab-deployment/phabricator (HEAD m0/u0) ✢ ./bin/config set mysql.pass 'password'
   DONE  Wrote configuration key "mysql.pass" to local storage (in file "conf/local/local.json").

developer mode[edit]

12:08:40 brennen@inertia:~/code/wmf/phab-deployment/phabricator (D1179 m7/u0) ✮ ./bin/config set phabricator.developer-mode true
 DONE  Wrote configuration key "phabricator.developer-mode" to local storage (in file "conf/local/local.json")

php config[edit]

Per http://phabricator.lan/config/issue/extension.opcache.devmode/ shown in the installed instance, make the following changes on Debian:

diff --git a/php/7.3/fpm/php.ini b/php/7.3/fpm/php.ini
index bb69a26..b8dcf47 100644
--- a/php/7.3/fpm/php.ini
+++ b/php/7.3/fpm/php.ini
@@ -1818,12 +1818,12 @@ ldap.max_links = -1
 
 ; When disabled, you must reset the OPcache manually or restart the
 ; webserver for changes to the filesystem to take effect.
-;opcache.validate_timestamps=1
+opcache.validate_timestamps=1
 
 ; How often (in seconds) to check file timestamps for changes to the shared
 ; memory storage allocation. ("1" means validate once per second, but only
 ; once per request. "0" means always validate)
-;opcache.revalidate_freq=2
+opcache.revalidate_freq=0
 
 ; Enables or disables file search in include_path optimization
 ;opcache.revalidate_path=0

Default config file[edit]

Create phab/phabricator/conf/local/local.json with the following content:

{
"maniphest.custom-field-definitions": {
  "external_reference": {
    "caption": "Reference",
    "description": "Reference bug id for bugs imported from Bugzilla",
    "edit": false,
    "name": "Reference",
    "search": true,
    "type": "text",
    "view": true,
    "fulltext": false
  },
  "security_topic": {
    "default": "default",
    "description": "Obsolete.",
    "instructions": "Deprecated: this field no longer triggers special behavior. The field exists now only to retain historically relevant information.",
    "name": "Security",
    "options": {
      "default": "None",
      "security-bug": "Software security bug",
      "sensitive": "Other confidential issue",
      "ops-access-request": "Access Request"
    },
    "search": false,
    "view": false,
    "type": "select"
  },
  "release.version": {
    "name": "Release Version",
    "description": "Version number to be released or deployed",
    "search": false,
    "type": "text",
    "fulltext": true,
    "edit": true,
    "view": true,
    "copy": false
  },
  "release.date": {
    "name": "Release Date",
    "edit": true,
    "view": true,
    "description": "Scheduled date for the release or deployment",
    "search": false,
    "fulltext": false,
    "type": "text",
    "copy": false
  },
  "deadline.due": {
    "name": "Due Date",
    "view": true,
    "edit": true,
    "description": "Deadline for completing the task.",
    "search": false,
    "fulltext": true,
    "type": "date",
    "copy": true
  },
  "risk.summary": {
    "name": "Summary",
    "description": "Brief overview of issue.",
    "search": false,
    "type": "text",
    "fulltext": true,
    "copy": false
  },
  "risk.impacted": {
    "name": "Impacted",
    "description": "Hosts or endpoints exposed",
    "search": false,
    "type": "text",
    "fulltext": true,
    "copy": false
  },
  "risk.rating": {
    "name": "Risk Rating",
    "search": true,
    "type": "select",
    "options": {
      "": "N/A",
      "info": "Informational",
      "low": "Low",
      "medium": "Medium",
      "high": "High",
      "crit": "Critical"
    }
  },
  "error.reqid": {
    "name": "Request ID",
    "caption": "Error Code / Request ID",
    "description": "Unique identifier for the request",
    "search": true,
    "type": "text",
    "fulltext": true,
    "copy": true
  },
  "error.stack": {
    "name": "Stack Trace",
    "type": "remarkup",
    "caption": "Stack Trace (if available)",
    "description": "Stack trace (from logstash)",
    "fulltext": true,
    "search": false,
    "copy": false
  },
  "error.url": {
    "name": "Request URL",
    "placeholder": "Insert anonymized URL",
    "caption": "Anonymized Request URL (If available)",
    "search": false,
    "fulltext": true,
    "copy": false
  },
  "release.conductors": {
    "name": "Train Conductors",
    "type": "users",
    "limit": 2,
    "search": true,
    "fulltext": false,
    "copy": false,
    "caption": "See <a href='https://www.mediawiki.org/wiki/Wikimedia_Release_Engineering_Team/Roles#Train_Conductor'>Train Conductor</a>"
  }
  },
  "maniphest.subtypes": [
    {
      "key": "default",
      "name": "Task"
    },
    {
      "key": "bug",
      "name": "Bug"
    },
    {
      "key": "log",
      "name": "LogSpam"
    },
    {
      "key": "deadline",
      "name": "Deadline"
    }
  ]
}

base URL[edit]

./bin/config set phabricator.base-uri 'http://phabricator.lan/'

extension installation[edit]

For antivandalism:

bin/config set load-libraries '{"ava":"/home/brennen/code/wmf/phab-deployment/libext/ava/src"}'

Then config is here: http://phabricator.lan/config/group/antivandalism/

admin, etc.[edit]

creating test data[edit]

This requires developer mode, but there's a `lipsum` command:

./bin/libsum tasks

starting daemons[edit]

./bin/phd start

auth lock[edit]

Disallows configuring authentication methods in the user interface

./bin/auth lock

recover access to a local account[edit]

See https://secure.phabricator.com/book/phabricator/article/configuring_accounts_and_registration/ , basically:

./bin/auth recover someUsername