How to Setup Apache Subversion with HTTPS Letsencrypt on CentOS 7

Apache Subversion or SVN is open source versioning and revision control software developed by the Apache Software Foundation. It is used to maintain the current and historical versions of source code, documents, and Web pages.

Subversion is used by many software developers and open source projects like Apache Software Foundation, FreeBSD, GCC and SourceForge.

In this article, we show you how to set up Apache Subversion on the latest CentOS 7 server. We install and configure the svn software with Apache as web server, secure it with Let's encrypt and activate "Basic Authentication" for users.

Prerequisites

  • CentOS 7 Server
  • Root privileges

What we will do

  1. Install Apache Httpd on CentOS 7
  2. Install Subversion
  3. Configure the Subversion Repository
  4. Generate SSL Letsencrypt for CentOS Apache Httpd
  5. Configure Subversion Virtual Host on Apache Httpd
  6. Testing

Step 1 - Install Apache Httpd on CentOS 7

The first step in this guide is to install the Apache httpd packages on your system.

Install Apache httpd using the yum command below.

yum -y install httpd httpd-tools mod_ssl

And after the installation is complete, we need to add the HTTP service to the firewalld service lists.

Run firewall-cmd commands below.

firewall-cmd --permanent --zone=public --add-service=http
firewall-cmd --reload

Now start the httpd service and add it to be started at boot.

systemctl start httpd
systemctl enable httpd

The Apache httpd is up and running on the server.

Install and start Apache web server

Step 2 - Install Apache Subversion (SVN)

In this tutorial, we will install the subversion packages from the base CentOS 7 repository.

Install Subversion and all required packages using the yum command below.

yum -y install subversion subversion-tools mod_dav_svn

Wait until all packages are installed and then check the svn version.

svn --version

Install Apache Subversion

Step 3 - Configure the Subversion (SVN) Repository

After the Subversion installation, we configure the master subversion repository directory. We will create a new 'svn' directory where all source code and repositories will be stored.

Create a new '/svn' master directory.

mkdir /svn

And create a new sample repository named 'hakase-project' using the svnadmin command below.

svnadmin create /svn/hakase-project

Now change the owner of the '/svn/hakase-project' directory to the 'apache' user and group.

sudo chown -R apache:apache /svn/hakase-project

And the svn repository has been created.

Configure SVN repository

Note:

Additional for SELinux users, run commands below.

chcon -R -t httpd_sys_content_t /svn/hakase-project
chcon -R -t httpd_sys_rw_content_t /svn/hakase-project

Step 4 - Generate Let's encrypt SSL Certificate for Apache

In this tutorial, we configure the svn server to use the HTTPS connection with a domain named 'svn.hakase-labs.io'. We will use a free Let's encrypt SSL certificate which can be generated with the certbot tool.

Install certbot on the CentOS server with the yum command below.

yum -y install certbot

When the installation is complete, we need to add the HTTPS service to the firewalld services list.

Run firewalld commands below.

firewall-cmd --add-service=https --zone=public --permanent
firewall-cmd --reload

Now stop the httpd service, so we can generate the SSL Letsencrypt using the 'standalone' temporary web server.

systemctl stop httpd

Generate LE SSL cert

Generate the Letsencrypt SSL Cert for the domain name 'svn.hakase-labs.io' using the certbot command below.

certbot certonly --rsa-key-size 4096 --standalone --agree-tos --no-eff-email --email [email protected] -d svn.hakase-labs.io

Now you will get the certificate files on the '/etc/letsencrypt/live' directory.

Use certbot software

Step 5 - Configure Subversion Virtual Host on Apache Httpd

In this step, we will create a new Apache httpd configuration for the svn access. We will configure the svn repository using a domain name 'svn.hakase-labs.io', and it will be accessible only for the registered users using the HTTP basic auth.

Go to the '/etc/httpd/conf.d' directory and create a new svn configuration 'svn.conf'.

cd /etc/httpd/conf.d/
vim svn.conf

Paste configurations below.

<VirtualHost svn.hakase-labs.io:80>

ServerName svn.hakase-labs.io
DocumentRoot /var/www/html
Redirect permanent / https://svn.hakase-labs.io

</VirtualHost>

<VirtualHost svn.hakase-labs.io:443>

DocumentRoot /var/www/html
ServerName svn.hakase-labs.io

SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
SSLCertificateFile /etc/letsencrypt/live/svn.hakase-labs.io/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/svn.hakase-labs.io/privkey.pem

ErrorLog logs/svn_error_log
TransferLog logs/svn_access_log
LogLevel warn

<location /repo>
DAV svn
SVNParentPath /svn/
AuthType Basic
AuthName "Authorization Realm"
AuthUserFile /etc/subversion/svn.users
Require valid-user
</location>

<Files ~ "\.(cgi|shtml|phtml|php3?)$">
    SSLOptions +StdEnvVars
</Files>

SetEnvIf User-Agent ".*MSIE.*" \
         nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0
CustomLog logs/ssl_request_log \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>

Save the file and exit the editor.

Next, we need to create a new list of users that will be able to view and commit files to the repository.

Create a new user named 'hakase' using the htpasswd command below.

sudo htpasswd -cm /etc/subversion/svn.users hakase

Now restart the Apache httpd services.

systemctl restart httpd

The 'hakase' user now has an access to view and commit the source code to the 'hakase-project' repository.

Configure svn.conf file

Step 6 - Testing

Viewing Repository

Open your web browser and type the server URL, mine is this one: https://svn.hakase-labs.io/repo/hakase-project/

And you will be shown the basic user authentication prompt.

Login to web-svn

Login with the 'hakase' user and password, and following is the result.

SVN Repository in web browser

Import a Project to the Repository

Now we will import the svn sample project templates to the 'hakase-project' repository.

Create a new svn-templates project directory.

mkdir -p ~/svn-templates/{trunk,branches,tags}

Add all templates directory to the 'hakase-project' repository using the svn command below.

svn import -m 'Initial import' ~/svn-templates/ https://svn.hakase-labs.io/repo/hakase-project/ --username hakase

Now you will be asked following things.

  • Type 'p' to add permanently the Letsencrypt certificate.
  • Type the 'hakase' user and password.
  • And type 'yes' to confirm about the saving unencrypted password.

Import a Project to the Repository

Check the 'hakase-project' from the web browser, and you will get all the templates directory on it.

Project shown in web browser

Clone the Repository

After creating and upload the svn templates directory, we want to clone or copy the repository to the local environment.

Create a new normal user and login to the user.

useradd -m -s /bin/bash misaka
su - misaka

Clone the 'hakase-project' repository the local directory named 'myproject' as a 'hakase' user.

svn co https://svn.hakase-labs.io/repo/hakase-project/ ~/myproject --username hakase

And you will be asked again about those things below.

  • Type 'p' to add permanently the Letsencrypt certificate.
  • Type the 'hakase' user and password.
  • And type 'yes' to confirm about the saving unencrypted password.

Clone SVN repository

And when it's complete, check the new 'myproject' directory and you will get all svn templates.

tree ~/myproject

Tree view of the project

Commit The Code or Documents

Go to the 'myproject' directory.

cd myproject/

Create some files on the 'trunk' directory.

echo 'this is my repo' > trunk/test-hakase.txt
echo 'this is my repo01' > trunk/test-hakase01.txt
echo 'this is my repo02' > trunk/test-hakase02.txt

Add and commit.

svn add trunk/* --username hakase
svn commit -m 'new file added' --username hakase

Commit documents to svn

Check the repository from the web browser, and you will see all files have been added to the repository.

Documents in browser

The Apache Subversion installation and configuration with HTTPS Letsencrypt on CentOS 7 has been completed successfully.

Reference

Share this page:

1 Comment(s)