Subversion
From KevinWiki
(→Create SVN Home) |
|||
(7 intermediate revisions not shown) | |||
Line 1: | Line 1: | ||
- | [[Category: | + | [[Category:Revision Control]] |
==Subversion (SVN)== | ==Subversion (SVN)== | ||
Line 32: | Line 32: | ||
$ sudo mkdir /opt/svn | $ sudo mkdir /opt/svn | ||
$ cd /opt/svn | $ cd /opt/svn | ||
+ | |||
+ | -Create repository | ||
$ sudo mkdir myproject | $ sudo mkdir myproject | ||
- | |||
- | |||
- | |||
- | + | $ sudo svnadmin create /opt/svn/myproject | |
- | + | or | |
- | $ sudo svnadmin create /opt/svn/myproject | + | $ sudo svnadmin create --fs-type fsfs /opt/svn/myproject |
- | + | ||
- | or | + | |
- | + | ||
- | $ sudo svnadmin create --fs-type fsfs /opt/svn/myproject | + | |
- | + | ||
- | + | ||
+ | -correct access permissions | ||
+ | $ sudo chown -R www-data:subversion myproject | ||
+ | $ sudo chmod -R g+rws myproject | ||
==Access via WebDAV protocol (<code>http://</code>)== | ==Access via WebDAV protocol (<code>http://</code>)== | ||
Line 65: | Line 61: | ||
AuthType Basic | AuthType Basic | ||
AuthName "lckymn.com subversion repository" | AuthName "lckymn.com subversion repository" | ||
- | AuthUserFile /etc/subversion/.passwd | + | '''AuthUserFile /etc/subversion/.passwd''' |
- | <LimitExcept GET PROPFIND OPTIONS REPORT> | + | '''<LimitExcept GET PROPFIND OPTIONS REPORT>''' |
- | Require valid-user | + | '''Require valid-user''' |
- | </LimitExcept> | + | '''</LimitExcept>''' |
</Location> | </Location> | ||
+ | This <code><LimitExcept GET PROPFIND OPTIONS REPORT></LimitExcept></code> block gives read-only access to anyone, yet write permission to only authenticated users in the file <code>/etc/subversion/.passwd</code>. | ||
Line 80: | Line 77: | ||
AuthName "lckymn.com subversion repository" | AuthName "lckymn.com subversion repository" | ||
AuthUserFile /etc/subversion/.passwd | AuthUserFile /etc/subversion/.passwd | ||
- | + | <LimitExcept GET PROPFIND OPTIONS REPORT> | |
Require valid-user | Require valid-user | ||
- | + | </LimitExcept> | |
'''SSLRequireSSL''' | '''SSLRequireSSL''' | ||
</Location> | </Location> | ||
Line 91: | Line 88: | ||
- | -To limit any connection to the SVN-Server (private SVN), remove the lines <LimitExcept | + | -To limit any connection to the SVN-Server (private SVN) so only authenticated user can have read and write permissions, remove the lines <LimitExcept GET PROPFIND OPTIONS REPORT> and </LimitExcept>. |
<Location /svn/myproject> | <Location /svn/myproject> | ||
DAV svn | DAV svn | ||
Line 128: | Line 125: | ||
==Access via WebDAV protocol with SSL encryption (<code>https://</code>)== | ==Access via WebDAV protocol with SSL encryption (<code>https://</code>)== | ||
- | + | *Enable SSL in your Apache server. | |
+ | |||
+ | === With Basic (htpasswd) Authentication === | ||
+ | *Create <code>/etc/apache2/sites-available/svn</code> file and add the following lines. | ||
+ | <VirtualHost *:443> | ||
+ | ServerAdmin webmaster@yoursite.com | ||
+ | |||
+ | SSLEngine on | ||
+ | |||
+ | SSLOptions +StrictRequire | ||
+ | |||
+ | SSLCertificateFile /etc/ssl/certs/server.crt | ||
+ | SSLCertificateKeyFile /etc/ssl/private/server.key | ||
+ | |||
+ | '''ServerName svn.yoursite.com''' | ||
+ | |||
+ | <Location /myproject> | ||
+ | DAV svn | ||
+ | SVNPath /opt/svn/myproject | ||
+ | # SVNParentPath /opt/svn/ | ||
+ | AuthType Basic | ||
+ | AuthName "svn.yoursite.com subversion repository" | ||
+ | AuthUserFile /etc/subversion/.filename.htpasswd | ||
+ | # <LimitExcept GET PROPFIND OPTIONS REPORT> | ||
+ | Require valid-user | ||
+ | # </LimitExcept> | ||
+ | </Location> | ||
+ | </VirtualHost> | ||
+ | |||
+ | |||
+ | *Enable site and restart apache2 | ||
+ | $ sudo a2ensite svn | ||
+ | $ sudo /etc/init.d/apache2 restart | ||
+ | |||
+ | |||
+ | === With Digest (htdigest) Authentication === | ||
+ | *To use htdigest as an authentication method instead of htpasswd, modify the <code>/etc/apache2/sites-available/svn</code> file like: | ||
+ | <VirtualHost *:443> | ||
+ | ServerAdmin webmaster@yoursite.com | ||
+ | |||
+ | SSLEngine on | ||
+ | |||
+ | SSLOptions +StrictRequire | ||
+ | |||
+ | SSLCertificateFile /etc/ssl/certs/server.crt | ||
+ | SSLCertificateKeyFile /etc/ssl/private/server.key | ||
+ | |||
+ | '''ServerName svn.yoursite.com''' | ||
+ | |||
+ | <Location /myproject> | ||
+ | DAV svn | ||
+ | SVNPath /opt/svn/myproject | ||
+ | # SVNParentPath /opt/svn/ | ||
+ | '''AuthType Digest''' | ||
+ | '''AuthName realm''' | ||
+ | '''AuthUserFile /etc/subversion/.filename.htdigest''' | ||
+ | # <LimitExcept GET PROPFIND OPTIONS REPORT> | ||
+ | Require valid-user | ||
+ | # </LimitExcept> | ||
+ | </Location> | ||
+ | </VirtualHost> | ||
+ | |||
+ | *To create htdigest file, use the command below and type the password for the user. | ||
+ | <pre> | ||
+ | $ htdigest -c passwordfile realm username | ||
+ | </pre> | ||
+ | *To add more users to the existing realm | ||
+ | <pre> | ||
+ | $ htdigest passwordfile realm another_username | ||
+ | </pre> | ||
+ | |||
+ | *Enable site and restart apache2 | ||
+ | $ sudo a2ensite svn | ||
+ | $ sudo /etc/init.d/apache2 restart | ||
+ | |||
+ | * If it shows an error message like this | ||
+ | <pre> | ||
+ | Invalid command 'AuthUserFile', perhaps misspelled or defined by a module not included in the server configuration | ||
+ | ...fail! | ||
+ | </pre> | ||
+ | * Enable <code>auth_digest</code> module. | ||
+ | <pre> | ||
+ | $ a2enmod auth_digest | ||
+ | </pre> | ||
+ | |||
+ | * Restart the server again. | ||
+ | $ sudo /etc/init.d/apache2 restart | ||
+ | |||
+ | |||
+ | === More than one Virtual Host === | ||
+ | * If you have another virtual host using 443 port, make sure you default (or mysite) site file has the following line. | ||
+ | NameVirtualHost *:443 | ||
+ | |||
+ | |||
+ | === Access through SSL === | ||
+ | -Now the SVN is accessible through this URL | ||
+ | <pre> | ||
+ | https://svn.yoursite.com/test | ||
+ | </pre> | ||
+ | |||
+ | === Authorisation === | ||
+ | *To set up authorisations for path and repository, create an authorisation file and add the location of it in site configuration file (e.g. <code>/etc/apache2/sites-available/svn</code>). | ||
+ | |||
+ | <pre> | ||
+ | AuthzSVNAccessFile <file_path> | ||
+ | </pre> | ||
+ | |||
+ | * Example | ||
+ | <VirtualHost *:443> | ||
+ | ServerAdmin webmaster@yoursite.com | ||
+ | |||
+ | SSLEngine on | ||
+ | |||
+ | SSLOptions +StrictRequire | ||
+ | |||
+ | SSLCertificateFile /etc/ssl/certs/server.crt | ||
+ | SSLCertificateKeyFile /etc/ssl/private/server.key | ||
+ | |||
+ | ServerName svn.yoursite.com | ||
+ | |||
+ | <Location /myproject> | ||
+ | DAV svn | ||
+ | SVNPath /opt/svn/myproject | ||
+ | # SVNParentPath /opt/svn/ | ||
+ | AuthType Basic | ||
+ | AuthName "svn.yoursite.com subversion repository" | ||
+ | AuthUserFile /etc/subversion/.filename.htpasswd | ||
+ | '''AuthzSVNAccessFile /etc/subversion/authz''' | ||
+ | # <LimitExcept GET PROPFIND OPTIONS REPORT> | ||
+ | Require valid-user | ||
+ | # </LimitExcept> | ||
+ | </Location> | ||
+ | </VirtualHost> | ||
+ | |||
+ | *To create the <code>authz</code> file, refer to an example authz file in the <code>conf</code> directory in a svn repository created by <code>svnadmin</code>. <code>svnadmin</code> automatically create an example file when creating svn repository. So a good way to create it is to copy the file to a proper location and modify it for your own purpose. |
Latest revision as of 11:09, 26 November 2011
Contents |
Subversion (SVN)
Installation
-Install Subversion from the repository
$ sudo apt-get install subversion
-Add group subversion
$ sudo addgroup subversion Adding group `subversion' (GID ****) ... Done.
-Add yourself and www-data
(the Apache user) as users to this group
$ sudo adduser username subversion Adding user `username' to group `subversion' ... Adding user username to group subversion Done. $ sudo adduser www-data subversion Adding user `www-data' to group `subversion' ... Adding user www-data to group subversion Done.
Create SVN Home
-Create SVN home
$ sudo mkdir /opt/svn $ cd /opt/svn
-Create repository
$ sudo mkdir myproject
$ sudo svnadmin create /opt/svn/myproject or $ sudo svnadmin create --fs-type fsfs /opt/svn/myproject
-correct access permissions
$ sudo chown -R www-data:subversion myproject $ sudo chmod -R g+rws myproject
Access via WebDAV protocol (http://
)
-Install libapache2-svn
$ sudo apt-get install libapache2-svn ... Enabling module dav. Enabling module dav_svn. Run '/etc/init.d/apache2 restart' to activate new configuration!
-Edit /etc/apache2/mods-enabled/dav_svn.conf
file
<Location /svn/myproject> DAV svn SVNPath /opt/svn/myproject # SVNParentPath /opt/svn/ AuthType Basic AuthName "lckymn.com subversion repository" AuthUserFile /etc/subversion/.passwd <LimitExcept GET PROPFIND OPTIONS REPORT> Require valid-user </LimitExcept> </Location>
This <LimitExcept GET PROPFIND OPTIONS REPORT></LimitExcept>
block gives read-only access to anyone, yet write permission to only authenticated users in the file /etc/subversion/.passwd
.
-To set up with multiple virtual hosts create /etc/apache2/sites-available/svn
file instead of editing /etc/apache2/mods-enabled/dav_svn.conf
file.
<Location /svn/myproject> DAV svn SVNPath /opt/svn/myproject # SVNParentPath /opt/svn/ AuthType Basic AuthName "lckymn.com subversion repository" AuthUserFile /etc/subversion/.passwd <LimitExcept GET PROPFIND OPTIONS REPORT> Require valid-user </LimitExcept> SSLRequireSSL </Location>
$ cd /etc/apache2/sites-available $ sudo a2ensite svn
-SSLRequireSSL
is added to use SSL when accessing svn.
-To limit any connection to the SVN-Server (private SVN) so only authenticated user can have read and write permissions, remove the lines <LimitExcept GET PROPFIND OPTIONS REPORT> and </LimitExcept>.
<Location /svn/myproject> DAV svn SVNPath /opt/svn/myproject # SVNParentPath /opt/svn/ AuthType Basic AuthName "lckymn.com subversion repository" AuthUserFile /etc/subversion/.passwd # <LimitExcept GET PROPFIND OPTIONS REPORT> Require valid-user # </LimitExcept> </Location>
-use SVNParentPath if there are multiple repositories under a single directory (e.g. /opt/svn/project1, /opt/svn/projec2, /opt/svn/project3)
<Location /svn> DAV svn # SVNPath /opt/svn/myproject SVNParentPath /opt/svn/ AuthType Basic AuthName "lckymn.com subversion repository" AuthUserFile /etc/subversion/.passwd # <LimitExcept GET PROPFIND OPTIONS REPORT> Require valid-user # </LimitExcept> </Location>
-Create user and password
$ sudo htpasswd -c /etc/subversion/.passwd user_name
-Restart Apache server
$ sudo /etc/init.d/apache2 restart
Access via WebDAV protocol with SSL encryption (https://
)
- Enable SSL in your Apache server.
With Basic (htpasswd) Authentication
- Create
/etc/apache2/sites-available/svn
file and add the following lines.
<VirtualHost *:443> ServerAdmin webmaster@yoursite.com SSLEngine on SSLOptions +StrictRequire SSLCertificateFile /etc/ssl/certs/server.crt SSLCertificateKeyFile /etc/ssl/private/server.key ServerName svn.yoursite.com <Location /myproject> DAV svn SVNPath /opt/svn/myproject # SVNParentPath /opt/svn/ AuthType Basic AuthName "svn.yoursite.com subversion repository" AuthUserFile /etc/subversion/.filename.htpasswd # <LimitExcept GET PROPFIND OPTIONS REPORT> Require valid-user # </LimitExcept> </Location> </VirtualHost>
- Enable site and restart apache2
$ sudo a2ensite svn $ sudo /etc/init.d/apache2 restart
With Digest (htdigest) Authentication
- To use htdigest as an authentication method instead of htpasswd, modify the
/etc/apache2/sites-available/svn
file like:
<VirtualHost *:443> ServerAdmin webmaster@yoursite.com SSLEngine on SSLOptions +StrictRequire SSLCertificateFile /etc/ssl/certs/server.crt SSLCertificateKeyFile /etc/ssl/private/server.key ServerName svn.yoursite.com <Location /myproject> DAV svn SVNPath /opt/svn/myproject # SVNParentPath /opt/svn/ AuthType Digest AuthName realm AuthUserFile /etc/subversion/.filename.htdigest # <LimitExcept GET PROPFIND OPTIONS REPORT> Require valid-user # </LimitExcept> </Location> </VirtualHost>
- To create htdigest file, use the command below and type the password for the user.
$ htdigest -c passwordfile realm username
- To add more users to the existing realm
$ htdigest passwordfile realm another_username
- Enable site and restart apache2
$ sudo a2ensite svn $ sudo /etc/init.d/apache2 restart
- If it shows an error message like this
Invalid command 'AuthUserFile', perhaps misspelled or defined by a module not included in the server configuration ...fail!
- Enable
auth_digest
module.
$ a2enmod auth_digest
- Restart the server again.
$ sudo /etc/init.d/apache2 restart
More than one Virtual Host
- If you have another virtual host using 443 port, make sure you default (or mysite) site file has the following line.
NameVirtualHost *:443
Access through SSL
-Now the SVN is accessible through this URL
https://svn.yoursite.com/test
Authorisation
- To set up authorisations for path and repository, create an authorisation file and add the location of it in site configuration file (e.g.
/etc/apache2/sites-available/svn
).
AuthzSVNAccessFile <file_path>
- Example
<VirtualHost *:443> ServerAdmin webmaster@yoursite.com SSLEngine on SSLOptions +StrictRequire SSLCertificateFile /etc/ssl/certs/server.crt SSLCertificateKeyFile /etc/ssl/private/server.key ServerName svn.yoursite.com <Location /myproject> DAV svn SVNPath /opt/svn/myproject # SVNParentPath /opt/svn/ AuthType Basic AuthName "svn.yoursite.com subversion repository" AuthUserFile /etc/subversion/.filename.htpasswd AuthzSVNAccessFile /etc/subversion/authz # <LimitExcept GET PROPFIND OPTIONS REPORT> Require valid-user # </LimitExcept> </Location> </VirtualHost>
- To create the
authz
file, refer to an example authz file in theconf
directory in a svn repository created bysvnadmin
.svnadmin
automatically create an example file when creating svn repository. So a good way to create it is to copy the file to a proper location and modify it for your own purpose.