Installing Subversion And Configuring Access Through Different Protocols On Debian Squeeze - Page 2

5 Using The https:// Protocol

If you want to use https://, please follow chapter 4, and then do this to enable the SSL Apache module and the default SSL web site:

a2enmod ssl
a2ensite default-ssl
/etc/init.d/apache2 restart

(Please note that the default Apache SSL web site uses a self-signed certificate. You might want to replace it with a certificate from a trusted CA. You might want to check out this tutorial for more details: How To Set Up An SSL Vhost Under Apache2 On Ubuntu 9.10/Debian Lenny.)

Now you can access SVN through https:// and also http://. If you want https:// only, you can disable http:// as follows:

Open /etc/apache2/mods-available/dav_svn.conf and comment out/remove the section that you have added in chapter 4:

vi /etc/apache2/mods-available/dav_svn.conf

[...]
# <Location /svn>
#  DAV svn
#  SVNParentPath /var/lib/svn
#  AuthType Basic
#  AuthName "Subversion Repository"
#  AuthUserFile /etc/apache2/dav_svn.passwd
#  <LimitExcept GET PROPFIND OPTIONS REPORT>
#    Require valid-user
#  </LimitExcept>
# </Location>

Then open the vhost configuration file /etc/apache2/sites-available/default-ssl of the default SSL vhost and add the same section between <VirtualHost> and </VirtualHost>:

vi /etc/apache2/sites-available/default-ssl

[...]
 <Location /svn>
  DAV svn
  SVNParentPath /var/lib/svn
  AuthType Basic
  AuthName "Subversion Repository"
  AuthUserFile /etc/apache2/dav_svn.passwd
  <LimitExcept GET PROPFIND OPTIONS REPORT>
    Require valid-user
  </LimitExcept>
 </Location>
[...]

Then restart Apache:

/etc/init.d/apache2 restart

You can do a checkout as follows using the https:// protocol:

svn co --username falko https://192.168.0.100/svn/myproject /home/falko/somedir

Please note: If you decide to use http:// or https:// to access SVN, do not use any of the other protocols anymore to write to SVN because the ownerships of the changed files will not match the Apache user/group if you do not use http:// or https://!

 

6 Using The svn:// Protocol

We can use the svn:// protocol by starting the svnserve daemon.

Before we do this, let's configure password protection for our repository. There's a conf/svnserve.conf file in each repository, so for /var/lib/svn/myproject it's /var/lib/svn/myproject/conf/svnserve.conf. open that file...

vi /var/lib/svn/myproject/conf/svnserve.conf

... and uncomment the password-db = passwd line:

[...]
[general]
### These options control access to the repository for unauthenticated
### and authenticated users.  Valid values are "write", "read",
### and "none".  The sample settings below are the defaults.
# anon-access = read
# auth-access = write
### The password-db option controls the location of the password
### database file.  Unless you specify a path starting with a /,
### the file's location is relative to the directory containing
### this configuration file.
### If SASL is enabled (see below), this file will NOT be used.
### Uncomment the line below to use the default password file.
password-db = passwd
### The authz-db option controls the location of the authorization
### rules for path-based access control.  Unless you specify a path
### starting with a /, the file's location is relative to the the
### directory containing this file.  If you don't specify an
### authz-db, no path-based access control is done.
### Uncomment the line below to use the default authorization file.
# authz-db = authz
### This option specifies the authentication realm of the repository.
### If two repositories have the same authentication realm, they should
### have the same password database, and vice versa.  The default realm
### is repository's uuid.
# realm = My First Repository
[...]

passwd refers to the passwd file in the same directory, i.e., /var/lib/svn/myproject/conf/passwd. Open that file and add your SVN users and passwords (passwords are in clear text):

vi /var/lib/svn/myproject/conf/passwd

### This file is an example password file for svnserve.
### Its format is similar to that of svnserve.conf. As shown in the
### example below it contains one section labelled [users].
### The name and password for each user follow, one account per line.

[users]
falko = falkospassword
till = tillspassword

We can now start the svnserve daemon:

svnserve -d -r /var/lib/svn/

(The -d switch makes it run as a daemon in the background.)

Run

netstat -tap | grep svn

and you should see that snvserve is listening on port 3690 (:svn):

[email protected]:~# netstat -tap | grep svn
tcp        0      0 *:svn                   *:*                     LISTEN      2682/svnserve
[email protected]:~#

Now we can use the svn:// protocol. For example, a checkout can be done as follows:

svn co --username falko svn://192.168.0.100/myproject /home/falko/somedir

 

7 Using The svn+ssh:// Protocol

To tunnel the svn:// protocol through SSH, just follow chapter 6 and make sure you have an SSH damon running on your Debian system (if you have not, you can install it by running

apt-get install openssh-server ssh

)

That's it! All you have to do now is to use svn+ssh:// instead of svn://, for example, a checkout can be done as follows:

svn co --username falko svn+ssh://192.168.0.100/var/lib/svn/myproject /home/falko/somedir

 

Falko Timme

About Falko Timme

Falko Timme is an experienced Linux administrator and founder of Timme Hosting, a leading nginx business hosting company in Germany. He is one of the most active authors on HowtoForge since 2005 and one of the core developers of ISPConfig since 2000. He has also contributed to the O'Reilly book "Linux System Administration".

Share this page:

Suggested articles

0 Comment(s)

Add comment

Comments

By: Falko Timme