Subversion
From KevinWiki
(→Create SVN Home) |
|||
Line 32: | Line 32: | ||
$ sudo mkdir /opt/svn | $ sudo mkdir /opt/svn | ||
$ cd /opt/svn | $ cd /opt/svn | ||
- | |||
- | |||
- | |||
- | |||
-Create repository | -Create repository | ||
- | + | $ sudo mkdir myproject | |
- | $ sudo svnadmin create /opt/svn/myproject | + | |
- | + | $ sudo svnadmin create /opt/svn/myproject | |
- | or | + | or |
- | + | $ sudo svnadmin create --fs-type fsfs /opt/svn/myproject | |
- | $ sudo svnadmin create --fs-type fsfs /opt/svn/myproject | + | |
- | + | ||
- | + | ||
+ | -correct access permissions | ||
+ | $ sudo chown -R www-data:subversion myproject | ||
+ | $ sudo chmod -R g+rws myproject | ||
==Access via WebDAV protocol (<code>http://</code>)== | ==Access via WebDAV protocol (<code>http://</code>)== |
Latest revision as of 11:09, 26 November 2011
Contents |
Subversion (SVN)
Installation
-Install Subversion from the repository
$ sudo apt-get install subversion
-Add group subversion
$ sudo addgroup subversion Adding group `subversion' (GID ****) ... Done.
-Add yourself and www-data
(the Apache user) as users to this group
$ sudo adduser username subversion Adding user `username' to group `subversion' ... Adding user username to group subversion Done. $ sudo adduser www-data subversion Adding user `www-data' to group `subversion' ... Adding user www-data to group subversion Done.
Create SVN Home
-Create SVN home
$ sudo mkdir /opt/svn $ cd /opt/svn
-Create repository
$ sudo mkdir myproject
$ sudo svnadmin create /opt/svn/myproject or $ sudo svnadmin create --fs-type fsfs /opt/svn/myproject
-correct access permissions
$ sudo chown -R www-data:subversion myproject $ sudo chmod -R g+rws myproject
Access via WebDAV protocol (http://
)
-Install libapache2-svn
$ sudo apt-get install libapache2-svn ... Enabling module dav. Enabling module dav_svn. Run '/etc/init.d/apache2 restart' to activate new configuration!
-Edit /etc/apache2/mods-enabled/dav_svn.conf
file
<Location /svn/myproject> DAV svn SVNPath /opt/svn/myproject # SVNParentPath /opt/svn/ AuthType Basic AuthName "lckymn.com subversion repository" AuthUserFile /etc/subversion/.passwd <LimitExcept GET PROPFIND OPTIONS REPORT> Require valid-user </LimitExcept> </Location>
This <LimitExcept GET PROPFIND OPTIONS REPORT></LimitExcept>
block gives read-only access to anyone, yet write permission to only authenticated users in the file /etc/subversion/.passwd
.
-To set up with multiple virtual hosts create /etc/apache2/sites-available/svn
file instead of editing /etc/apache2/mods-enabled/dav_svn.conf
file.
<Location /svn/myproject> DAV svn SVNPath /opt/svn/myproject # SVNParentPath /opt/svn/ AuthType Basic AuthName "lckymn.com subversion repository" AuthUserFile /etc/subversion/.passwd <LimitExcept GET PROPFIND OPTIONS REPORT> Require valid-user </LimitExcept> SSLRequireSSL </Location>
$ cd /etc/apache2/sites-available $ sudo a2ensite svn
-SSLRequireSSL
is added to use SSL when accessing svn.
-To limit any connection to the SVN-Server (private SVN) so only authenticated user can have read and write permissions, remove the lines <LimitExcept GET PROPFIND OPTIONS REPORT> and </LimitExcept>.
<Location /svn/myproject> DAV svn SVNPath /opt/svn/myproject # SVNParentPath /opt/svn/ AuthType Basic AuthName "lckymn.com subversion repository" AuthUserFile /etc/subversion/.passwd # <LimitExcept GET PROPFIND OPTIONS REPORT> Require valid-user # </LimitExcept> </Location>
-use SVNParentPath if there are multiple repositories under a single directory (e.g. /opt/svn/project1, /opt/svn/projec2, /opt/svn/project3)
<Location /svn> DAV svn # SVNPath /opt/svn/myproject SVNParentPath /opt/svn/ AuthType Basic AuthName "lckymn.com subversion repository" AuthUserFile /etc/subversion/.passwd # <LimitExcept GET PROPFIND OPTIONS REPORT> Require valid-user # </LimitExcept> </Location>
-Create user and password
$ sudo htpasswd -c /etc/subversion/.passwd user_name
-Restart Apache server
$ sudo /etc/init.d/apache2 restart
Access via WebDAV protocol with SSL encryption (https://
)
- Enable SSL in your Apache server.
With Basic (htpasswd) Authentication
- Create
/etc/apache2/sites-available/svn
file and add the following lines.
<VirtualHost *:443> ServerAdmin webmaster@yoursite.com SSLEngine on SSLOptions +StrictRequire SSLCertificateFile /etc/ssl/certs/server.crt SSLCertificateKeyFile /etc/ssl/private/server.key ServerName svn.yoursite.com <Location /myproject> DAV svn SVNPath /opt/svn/myproject # SVNParentPath /opt/svn/ AuthType Basic AuthName "svn.yoursite.com subversion repository" AuthUserFile /etc/subversion/.filename.htpasswd # <LimitExcept GET PROPFIND OPTIONS REPORT> Require valid-user # </LimitExcept> </Location> </VirtualHost>
- Enable site and restart apache2
$ sudo a2ensite svn $ sudo /etc/init.d/apache2 restart
With Digest (htdigest) Authentication
- To use htdigest as an authentication method instead of htpasswd, modify the
/etc/apache2/sites-available/svn
file like:
<VirtualHost *:443> ServerAdmin webmaster@yoursite.com SSLEngine on SSLOptions +StrictRequire SSLCertificateFile /etc/ssl/certs/server.crt SSLCertificateKeyFile /etc/ssl/private/server.key ServerName svn.yoursite.com <Location /myproject> DAV svn SVNPath /opt/svn/myproject # SVNParentPath /opt/svn/ AuthType Digest AuthName realm AuthUserFile /etc/subversion/.filename.htdigest # <LimitExcept GET PROPFIND OPTIONS REPORT> Require valid-user # </LimitExcept> </Location> </VirtualHost>
- To create htdigest file, use the command below and type the password for the user.
$ htdigest -c passwordfile realm username
- To add more users to the existing realm
$ htdigest passwordfile realm another_username
- Enable site and restart apache2
$ sudo a2ensite svn $ sudo /etc/init.d/apache2 restart
- If it shows an error message like this
Invalid command 'AuthUserFile', perhaps misspelled or defined by a module not included in the server configuration ...fail!
- Enable
auth_digest
module.
$ a2enmod auth_digest
- Restart the server again.
$ sudo /etc/init.d/apache2 restart
More than one Virtual Host
- If you have another virtual host using 443 port, make sure you default (or mysite) site file has the following line.
NameVirtualHost *:443
Access through SSL
-Now the SVN is accessible through this URL
https://svn.yoursite.com/test
Authorisation
- To set up authorisations for path and repository, create an authorisation file and add the location of it in site configuration file (e.g.
/etc/apache2/sites-available/svn
).
AuthzSVNAccessFile <file_path>
- Example
<VirtualHost *:443> ServerAdmin webmaster@yoursite.com SSLEngine on SSLOptions +StrictRequire SSLCertificateFile /etc/ssl/certs/server.crt SSLCertificateKeyFile /etc/ssl/private/server.key ServerName svn.yoursite.com <Location /myproject> DAV svn SVNPath /opt/svn/myproject # SVNParentPath /opt/svn/ AuthType Basic AuthName "svn.yoursite.com subversion repository" AuthUserFile /etc/subversion/.filename.htpasswd AuthzSVNAccessFile /etc/subversion/authz # <LimitExcept GET PROPFIND OPTIONS REPORT> Require valid-user # </LimitExcept> </Location> </VirtualHost>
- To create the
authz
file, refer to an example authz file in theconf
directory in a svn repository created bysvnadmin
.svnadmin
automatically create an example file when creating svn repository. So a good way to create it is to copy the file to a proper location and modify it for your own purpose.