How to Setup Apache Subversion with HTTPS Letsencrypt on CentOS 7
On this page
- Prerequisites
- What we will do
- Step 1 - Install Apache Httpd on CentOS 7
- Step 2 - Install Apache Subversion (SVN)
- Step 3 - Configure the Subversion (SVN) Repository
- Step 4 - Generate Let's encrypt SSL Certificate for Apache
- Step 5 - Configure Subversion Virtual Host on Apache Httpd
- Step 6 - Testing
- Reference
Apache Subversion or SVN is open source versioning and revision control software developed by the Apache Software Foundation. It is used to maintain the current and historical versions of source code, documents, and Web pages.
Subversion is used by many software developers and open source projects like Apache Software Foundation, FreeBSD, GCC and SourceForge.
In this article, we show you how to set up Apache Subversion on the latest CentOS 7 server. We install and configure the svn software with Apache as web server, secure it with Let's encrypt and activate "Basic Authentication" for users.
Prerequisites
- CentOS 7 Server
- Root privileges
What we will do
- Install Apache Httpd on CentOS 7
- Install Subversion
- Configure the Subversion Repository
- Generate SSL Letsencrypt for CentOS Apache Httpd
- Configure Subversion Virtual Host on Apache Httpd
- Testing
Step 1 - Install Apache Httpd on CentOS 7
The first step in this guide is to install the Apache httpd packages on your system.
Install Apache httpd using the yum command below.
yum -y install httpd httpd-tools mod_ssl
And after the installation is complete, we need to add the HTTP service to the firewalld service lists.
Run firewall-cmd commands below.
firewall-cmd --permanent --zone=public --add-service=http
firewall-cmd --reload
Now start the httpd service and add it to be started at boot.
systemctl start httpd
systemctl enable httpd
The Apache httpd is up and running on the server.
Step 2 - Install Apache Subversion (SVN)
In this tutorial, we will install the subversion packages from the base CentOS 7 repository.
Install Subversion and all required packages using the yum command below.
yum -y install subversion subversion-tools mod_dav_svn
Wait until all packages are installed and then check the svn version.
svn --version
Step 3 - Configure the Subversion (SVN) Repository
After the Subversion installation, we configure the master subversion repository directory. We will create a new 'svn' directory where all source code and repositories will be stored.
Create a new '/svn' master directory.
mkdir /svn
And create a new sample repository named 'hakase-project' using the svnadmin command below.
svnadmin create /svn/hakase-project
Now change the owner of the '/svn/hakase-project' directory to the 'apache' user and group.
sudo chown -R apache:apache /svn/hakase-project
And the svn repository has been created.
Note:
Additional for SELinux users, run commands below.
chcon -R -t httpd_sys_content_t /svn/hakase-project
chcon -R -t httpd_sys_rw_content_t /svn/hakase-project
Step 4 - Generate Let's encrypt SSL Certificate for Apache
In this tutorial, we configure the svn server to use the HTTPS connection with a domain named 'svn.hakase-labs.io'. We will use a free Let's encrypt SSL certificate which can be generated with the certbot tool.
Install certbot on the CentOS server with the yum command below.
yum -y install certbot
When the installation is complete, we need to add the HTTPS service to the firewalld services list.
Run firewalld commands below.
firewall-cmd --add-service=https --zone=public --permanent
firewall-cmd --reload
Now stop the httpd service, so we can generate the SSL Letsencrypt using the 'standalone' temporary web server.
systemctl stop httpd
Generate the Letsencrypt SSL Cert for the domain name 'svn.hakase-labs.io' using the certbot command below.
certbot certonly --rsa-key-size 4096 --standalone --agree-tos --no-eff-email --email [email protected] -d svn.hakase-labs.io
Now you will get the certificate files on the '/etc/letsencrypt/live' directory.
Step 5 - Configure Subversion Virtual Host on Apache Httpd
In this step, we will create a new Apache httpd configuration for the svn access. We will configure the svn repository using a domain name 'svn.hakase-labs.io', and it will be accessible only for the registered users using the HTTP basic auth.
Go to the '/etc/httpd/conf.d' directory and create a new svn configuration 'svn.conf'.
cd /etc/httpd/conf.d/
vim svn.conf
Paste configurations below.
<VirtualHost svn.hakase-labs.io:80> ServerName svn.hakase-labs.io DocumentRoot /var/www/html Redirect permanent / https://svn.hakase-labs.io </VirtualHost> <VirtualHost svn.hakase-labs.io:443> DocumentRoot /var/www/html ServerName svn.hakase-labs.io SSLEngine on SSLProtocol all -SSLv2 SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW SSLCertificateFile /etc/letsencrypt/live/svn.hakase-labs.io/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/svn.hakase-labs.io/privkey.pem ErrorLog logs/svn_error_log TransferLog logs/svn_access_log LogLevel warn <location /repo> DAV svn SVNParentPath /svn/ AuthType Basic AuthName "Authorization Realm" AuthUserFile /etc/subversion/svn.users Require valid-user </location> <Files ~ "\.(cgi|shtml|phtml|php3?)$"> SSLOptions +StdEnvVars </Files> SetEnvIf User-Agent ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 CustomLog logs/ssl_request_log \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" </VirtualHost>
Save the file and exit the editor.
Next, we need to create a new list of users that will be able to view and commit files to the repository.
Create a new user named 'hakase' using the htpasswd command below.
sudo htpasswd -cm /etc/subversion/svn.users hakase
Now restart the Apache httpd services.
systemctl restart httpd
The 'hakase' user now has an access to view and commit the source code to the 'hakase-project' repository.
Step 6 - Testing
Viewing Repository
Open your web browser and type the server URL, mine is this one: https://svn.hakase-labs.io/repo/hakase-project/
And you will be shown the basic user authentication prompt.
Login with the 'hakase' user and password, and following is the result.
Import a Project to the Repository
Now we will import the svn sample project templates to the 'hakase-project' repository.
Create a new svn-templates project directory.
mkdir -p ~/svn-templates/{trunk,branches,tags}
Add all templates directory to the 'hakase-project' repository using the svn command below.
svn import -m 'Initial import' ~/svn-templates/ https://svn.hakase-labs.io/repo/hakase-project/ --username hakase
Now you will be asked following things.
- Type 'p' to add permanently the Letsencrypt certificate.
- Type the 'hakase' user and password.
- And type 'yes' to confirm about the saving unencrypted password.
Check the 'hakase-project' from the web browser, and you will get all the templates directory on it.
Clone the Repository
After creating and upload the svn templates directory, we want to clone or copy the repository to the local environment.
Create a new normal user and login to the user.
useradd -m -s /bin/bash misaka
su - misaka
Clone the 'hakase-project' repository the local directory named 'myproject' as a 'hakase' user.
svn co https://svn.hakase-labs.io/repo/hakase-project/ ~/myproject --username hakase
And you will be asked again about those things below.
- Type 'p' to add permanently the Letsencrypt certificate.
- Type the 'hakase' user and password.
- And type 'yes' to confirm about the saving unencrypted password.
And when it's complete, check the new 'myproject' directory and you will get all svn templates.
tree ~/myproject
Commit The Code or Documents
Go to the 'myproject' directory.
cd myproject/
Create some files on the 'trunk' directory.
echo 'this is my repo' > trunk/test-hakase.txt
echo 'this is my repo01' > trunk/test-hakase01.txt
echo 'this is my repo02' > trunk/test-hakase02.txt
Add and commit.
svn add trunk/* --username hakase
svn commit -m 'new file added' --username hakase
Check the repository from the web browser, and you will see all files have been added to the repository.
The Apache Subversion installation and configuration with HTTPS Letsencrypt on CentOS 7 has been completed successfully.