HowtoForge

Installing Subversion And Configuring Access Through Different Protocols On Debian Squeeze - Page 2

5 Using The https:// Protocol

If you want to use https://, please follow chapter 4, and then do this to enable the SSL Apache module and the default SSL web site:

a2enmod ssl
a2ensite default-ssl
/etc/init.d/apache2 restart

(Please note that the default Apache SSL web site uses a self-signed certificate. You might want to replace it with a certificate from a trusted CA. You might want to check out this tutorial for more details: How To Set Up An SSL Vhost Under Apache2 On Ubuntu 9.10/Debian Lenny.)

Now you can access SVN through https:// and also http://. If you want https:// only, you can disable http:// as follows:

Open /etc/apache2/mods-available/dav_svn.conf and comment out/remove the section that you have added in chapter 4:

vi /etc/apache2/mods-available/dav_svn.conf
[...]
# <Location /svn>
#  DAV svn
#  SVNParentPath /var/lib/svn
#  AuthType Basic
#  AuthName "Subversion Repository"
#  AuthUserFile /etc/apache2/dav_svn.passwd
#  <LimitExcept GET PROPFIND OPTIONS REPORT>
#    Require valid-user
#  </LimitExcept>
# </Location>

Then open the vhost configuration file /etc/apache2/sites-available/default-ssl of the default SSL vhost and add the same section between <VirtualHost> and </VirtualHost>:

vi /etc/apache2/sites-available/default-ssl
[...]
 <Location /svn>
  DAV svn
  SVNParentPath /var/lib/svn
  AuthType Basic
  AuthName "Subversion Repository"
  AuthUserFile /etc/apache2/dav_svn.passwd
  <LimitExcept GET PROPFIND OPTIONS REPORT>
    Require valid-user
  </LimitExcept>
 </Location>
[...]

Then restart Apache:

/etc/init.d/apache2 restart

You can do a checkout as follows using the https:// protocol:

svn co --username falko https://192.168.0.100/svn/myproject /home/falko/somedir

Please note: If you decide to use http:// or https:// to access SVN, do not use any of the other protocols anymore to write to SVN because the ownerships of the changed files will not match the Apache user/group if you do not use http:// or https://!

 

6 Using The svn:// Protocol

We can use the svn:// protocol by starting the svnserve daemon.

Before we do this, let's configure password protection for our repository. There's a conf/svnserve.conf file in each repository, so for /var/lib/svn/myproject it's /var/lib/svn/myproject/conf/svnserve.conf. open that file...

vi /var/lib/svn/myproject/conf/svnserve.conf

... and uncomment the password-db = passwd line:

[...]
[general]
### These options control access to the repository for unauthenticated
### and authenticated users.  Valid values are "write", "read",
### and "none".  The sample settings below are the defaults.
# anon-access = read
# auth-access = write
### The password-db option controls the location of the password
### database file.  Unless you specify a path starting with a /,
### the file's location is relative to the directory containing
### this configuration file.
### If SASL is enabled (see below), this file will NOT be used.
### Uncomment the line below to use the default password file.
password-db = passwd
### The authz-db option controls the location of the authorization
### rules for path-based access control.  Unless you specify a path
### starting with a /, the file's location is relative to the the
### directory containing this file.  If you don't specify an
### authz-db, no path-based access control is done.
### Uncomment the line below to use the default authorization file.
# authz-db = authz
### This option specifies the authentication realm of the repository.
### If two repositories have the same authentication realm, they should
### have the same password database, and vice versa.  The default realm
### is repository's uuid.
# realm = My First Repository
[...]

passwd refers to the passwd file in the same directory, i.e., /var/lib/svn/myproject/conf/passwd. Open that file and add your SVN users and passwords (passwords are in clear text):

vi /var/lib/svn/myproject/conf/passwd
### This file is an example password file for svnserve.
### Its format is similar to that of svnserve.conf. As shown in the
### example below it contains one section labelled [users].
### The name and password for each user follow, one account per line.

[users]
falko = falkospassword
till = tillspassword

We can now start the svnserve daemon:

svnserve -d -r /var/lib/svn/

(The -d switch makes it run as a daemon in the background.)

Run

netstat -tap | grep svn

and you should see that snvserve is listening on port 3690 (:svn):

root@server1:~# netstat -tap | grep svn
tcp        0      0 *:svn                   *:*                     LISTEN      2682/svnserve
root@server1:~#

Now we can use the svn:// protocol. For example, a checkout can be done as follows:

svn co --username falko svn://192.168.0.100/myproject /home/falko/somedir

 

7 Using The svn+ssh:// Protocol

To tunnel the svn:// protocol through SSH, just follow chapter 6 and make sure you have an SSH damon running on your Debian system (if you have not, you can install it by running

apt-get install openssh-server ssh

)

That's it! All you have to do now is to use svn+ssh:// instead of svn://, for example, a checkout can be done as follows:

svn co --username falko svn+ssh://192.168.0.100/var/lib/svn/myproject /home/falko/somedir

 

Installing Subversion And Configuring Access Through Different Protocols On Debian Squeeze - Page 2