Subversion

From KevinWiki

(Difference between revisions)
Jump to: navigation, search
Line 65: Line 65:
     AuthType Basic
     AuthType Basic
     AuthName "lckymn.com subversion repository"
     AuthName "lckymn.com subversion repository"
-
     AuthUserFile /etc/subversion/.passwd
+
     '''AuthUserFile /etc/subversion/.passwd'''
-
     <LimitExcept GET PROPFIND OPTIONS REPORT>
+
     '''<LimitExcept GET PROPFIND OPTIONS REPORT>'''
-
         Require valid-user
+
         '''Require valid-user'''
-
     </LimitExcept>
+
     '''</LimitExcept>'''
  </Location>
  </Location>
 +
This <code><LimitExcept GET PROPFIND OPTIONS REPORT></LimitExcept></code> block gives read-only access to anyone, yet write permission to only authenticated users in the file <code>/etc/subversion/.passwd</code>.
Line 80: Line 81:
     AuthName "lckymn.com subversion repository"
     AuthName "lckymn.com subversion repository"
     AuthUserFile /etc/subversion/.passwd
     AuthUserFile /etc/subversion/.passwd
-
#    <LimitExcept GET PROPFIND OPTIONS REPORT>
+
    <LimitExcept GET PROPFIND OPTIONS REPORT>
         Require valid-user
         Require valid-user
-
#    </LimitExcept>
+
    </LimitExcept>
  '''SSLRequireSSL'''
  '''SSLRequireSSL'''
  </Location>
  </Location>
Line 91: Line 92:
-
-To limit any connection to the SVN-Server (private SVN), remove the lines <LimitExcept ...> and </LimitExcept>.
+
-To limit any connection to the SVN-Server (private SVN) so only authenticated user can have read and write permissions, remove the lines <LimitExcept GET PROPFIND OPTIONS REPORT> and </LimitExcept>.
  <Location /svn/myproject>
  <Location /svn/myproject>
     DAV svn
     DAV svn

Revision as of 23:07, 8 November 2008

Contents

Subversion (SVN)

Installation

-Install Subversion from the repository

$ sudo apt-get install subversion 

-Add group subversion

$ sudo addgroup subversion 
Adding group `subversion' (GID ****) ...
Done.

-Add yourself and www-data (the Apache user) as users to this group

$ sudo adduser username subversion 
Adding user `username' to group `subversion' ...
Adding user username to group subversion
Done.

$ sudo adduser www-data subversion 
Adding user `www-data' to group `subversion' ...
Adding user www-data to group subversion
Done.

Create SVN Home

-Create SVN home

$ sudo mkdir /opt/svn 
$ cd /opt/svn 
$ sudo mkdir myproject 
$ sudo chown -R www-data myproject 
$ sudo chgrp -R subversion myproject 
$ sudo chmod -R g+rws myproject 

-Create repository

$ sudo svnadmin create /opt/svn/myproject 

or

$ sudo svnadmin create --fs-type fsfs /opt/svn/myproject 

-to use WebDAV, repeat the chmod -R g+rws myproject command again as because svnadmin will create directories and files without group write access.


Access via WebDAV protocol (http://)

-Install libapache2-svn

$ sudo apt-get install libapache2-svn 
...
Enabling module dav.
Enabling module dav_svn.
Run '/etc/init.d/apache2 restart' to activate new configuration!

-Edit /etc/apache2/mods-enabled/dav_svn.conf file

<Location /svn/myproject>
    DAV svn
    SVNPath /opt/svn/myproject
#    SVNParentPath /opt/svn/
    AuthType Basic
    AuthName "lckymn.com subversion repository"
    AuthUserFile /etc/subversion/.passwd
    <LimitExcept GET PROPFIND OPTIONS REPORT>
        Require valid-user
    </LimitExcept>
</Location>

This <LimitExcept GET PROPFIND OPTIONS REPORT></LimitExcept> block gives read-only access to anyone, yet write permission to only authenticated users in the file /etc/subversion/.passwd.


-To set up with multiple virtual hosts create /etc/apache2/sites-available/svn file instead of editing /etc/apache2/mods-enabled/dav_svn.conf file.

<Location /svn/myproject>
    DAV svn
    SVNPath /opt/svn/myproject
#    SVNParentPath /opt/svn/
    AuthType Basic
    AuthName "lckymn.com subversion repository"
    AuthUserFile /etc/subversion/.passwd
    <LimitExcept GET PROPFIND OPTIONS REPORT>
        Require valid-user
    </LimitExcept>
	SSLRequireSSL
</Location>
$ cd /etc/apache2/sites-available
$ sudo a2ensite svn

-SSLRequireSSL is added to use SSL when accessing svn.


-To limit any connection to the SVN-Server (private SVN) so only authenticated user can have read and write permissions, remove the lines <LimitExcept GET PROPFIND OPTIONS REPORT> and </LimitExcept>.

<Location /svn/myproject>
    DAV svn
    SVNPath /opt/svn/myproject
#    SVNParentPath /opt/svn/
    AuthType Basic
    AuthName "lckymn.com subversion repository"
    AuthUserFile /etc/subversion/.passwd
#    <LimitExcept GET PROPFIND OPTIONS REPORT>
        Require valid-user
#    </LimitExcept>
</Location>


-use SVNParentPath if there are multiple repositories under a single directory (e.g. /opt/svn/project1, /opt/svn/projec2, /opt/svn/project3)

<Location /svn>
    DAV svn
#    SVNPath /opt/svn/myproject
    SVNParentPath /opt/svn/
    AuthType Basic
    AuthName "lckymn.com subversion repository"
    AuthUserFile /etc/subversion/.passwd
#    <LimitExcept GET PROPFIND OPTIONS REPORT>
        Require valid-user
#    </LimitExcept>
</Location>


-Create user and password

$ sudo htpasswd -c /etc/subversion/.passwd user_name 


-Restart Apache server

$ sudo /etc/init.d/apache2 restart 


Access via WebDAV protocol with SSL encryption (https://)

-Enable SSL in your Apache server. -Create /etc/apache2/sites-available/svn file and add the following lines.

<VirtualHost *:443>                                       
    ServerAdmin kevin@lckymn.com                          

    SSLEngine on

    SSLOptions +StrictRequire

    SSLCertificateFile /etc/ssl/certs/server.crt
    SSLCertificateKeyFile /etc/ssl/private/server.key

    ServerName svn.yoursite.com

    <Location /myproject>
        DAV svn
        SVNPath /opt/svn/myproject
#        SVNParentPath /opt/svn/
        AuthType Basic
        AuthName "lckymn.com subversion repository"
        AuthUserFile /etc/subversion/.passwd
#        <LimitExcept GET PROPFIND OPTIONS REPORT>
            Require valid-user
#        </LimitExcept>
    </Location>
</VirtualHost>


-Enable site and restart apache2

$ sudo a2ensite svn 
$ sudo /etc/init.d/apache2 restart 


-If you have another virtual host using 443 port, make sure you default (or mysite) site file has the following line.

NameVirtualHost *:443


-Now the SVN is accessible through this URL

https://svn.yoursite.com/test
Personal tools