Security warning ================ After initial installation, phabricator will grant full access to the first person who connects to it. So do not, repeat: DO NOT make the web server world-wide accessible until after some configuration. First installation ================== The "Loading quickstart template" operation takes some time. Please be patient. This package provides only a very basic installation. Many steps are still left to you. Initial configuration might be a bit unusual: First you create an account, possibly named "admin", then you add an "auth provider" (see below), finally use "Password" in the settings page to trigger a password reset. Strongly recommended -------------------- * Mail configuration If you have a local mailserver (exim, postfix, nullmailer - anything that provides /usr/sbin/sendmail), add the following lines to `/var/lib/phabricator/local.json` "cluster.mailers": [ { "key": "default-sendmail", "type": "sendmail" } ] Where the text in "key" is not important. And make sure this file is still valid JSON. * "Auth provider" See "Auth" in the left tab on the main page. In case of doubt, "Username/Password" is the way to go. Afterwards, lock the auth config as suggested by phabricator. Recommended ----------- * pygment support You have to install both python3-pygments and python3-pkg-resources. Then, as usual, in local.conf set "pygments.enabled" to true (without quotes). * Other There are several "Setup Issues" behind the yellow exclamation mark. Follow wisely. Gotchas ======= Don't be tempted to use an address `...@localhost` for the initial account creation. This address is accepted but sending a password recovery e-mail to that address will fail. php8 is not (yet) supported. Help needed! ============ phabricator is a huge and complex software, and the Debian package is certainly far from being perfect. Please let us know if you see room for improvement. -- Christoph Biedl Tue, 26 Jan 2021 17:43:29 +0100 Older README ============ (might be outdated) phabricator for Debian ----------------- * According to phabricator developers, everything in phabricator/externals is external code highly customized for phabricator. It cannot be packaged otherwise. For an example of what was modified and links for further details, see the lintian override for php mailer. * __tests__ directories are packaged on purpose. Do not remove them if you don't want your phabricator instance to FATAL at runtime * if you are affected by bug 720434 (http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=720434), daemons won't be able to start properly. This is unfortunate but has nothing to do with phabricator. Get the correct php.ini (cp /usr/share/php/php.ini-production.cli /etc/php/cli/php.ini) and the daemons will work as expected. * Debian does not allow us to ship the most used passwords list compiled by openwall, so phabricator won't be able to tell you if your password is vulnerable to bruteforce. The openwall list is 3500+ passwords long, but only 634 are 8+ chars long (the minimum password length with phabricator default settings) and only one (winniethepooh) is 12+ chars long. So ensure your users use a long enough password and you won't miss this file. Diffusion repository hosting ----------------- Phabricator allows you to host repositories and serve them by http/ssh. This unfortunately cannot be done automagically by the phabricator package, so you will need to follow the instructions available at https://secure.phabricator.com/book/phabricator/article/diffusion_hosting/. Please note the daemon-user referred in the documentation is created by this package and is called phabricator. The webserver user is created by your webserver and is usually called www-data. -- Sylvestre Ledru , Sat, 12 Aug 2017 20:22:39 +0200