Installing Subversion on Debian Squeeze for HTTP and HTTPS

This tutorial will lead you through installing the source control and versioning software, Subversion. It assumes that you already have a server running Debian squeeze with network access.

The Debian system I use in this tutorial is called bhap04 and has an ip address of 10.1.1.20.

Install Subversion

1. Log into Debian console as root.

2. Install Subversion using apt-get install subversion. Answer Y at the prompt.

3. Next, create a directory that will hold our repositories. mkdir –p /var/lib/svn

4. Now I will create a repository for my software development project called myproject inside /var/lib/svn. You can create other repositories now for other projects you have. The repository will be empty until you import a project into it.

svnadmin create /var/lib/svn/myproject

Subversion is now installed, but can only be used locally, which does not suit our purpose. We need to install apache and configure it to host Subversion.

Enabling HTTP

For HTTP:// we need to configure WebDAV on an Apache2 server. Thus we will install apache2 and apache2 SVN module now.

1. apt-get install apache2 libapache2-svn

2. Next, we configure apache2 SVN module by editing the file /etc/apache2/mods-available/dav_svn.conf

nano /etc/apache2/mods-available/dav_svn.conf

The text editor nano will launch and display the file as below.

3. There is a configuration already commented out. You can leave it commented out as a future guide, and add our configuration to the bottom of the file.

 <Location /svn>
  DAV svn
  SVNParentPath /var/lib/svn
  AuthType Basic
  AuthName "Subversion Repository"
  AuthUserFile /etc/apache2/dav_svn.passwd
  <LimitExcept GET PROPFIND OPTIONS REPORT>
    Require valid-user
  </LimitExcept>
 </Location>

Add the below lines to the file, then press ctrl-O to save, and ctrl-X to close.

4. Restart apache2 to enable the configuration.

/etc/init.d/apache2 restart

5. Because we will be reading and writing to our repository folders as the Apache user, which is www-data, we must change the owner and group of /var/lib/svn and its children.

chown –R www-data:www-data /var/lib/svn

6. Now we must create the passwords file that will contain all users that will have access to SVN. I ill make the user admin22

htpasswd –c /etc/apache2/dav_svn.passwd admin22

You will be prompted for a password for the new user.

7. You can continue to add additional users with the command htpasswd /etc/apache2/dav_svn.passwd username

Note the lack of the –c switch. This switch creates the password file. If you use it a second time, you will overwrite the existing password file with a new file, which is generally not desired.

You now have a working HTTP Subversion. We must now configure HTTPS. If you don’t desire this option, you may stop here.

HTTPS

1. Enable Apache SSL Module

a2enmod ssl

2. Restart apache2

/etc/init.d/apache2 restart

3. Copy the default-ssl sites file to a new file and name it with the name of the site.

cp /etc/apache2/sites-available/default-ssl /etc/apache2/sites-available/subversion.bhap04.conf

4. (Optional) If you are supplying your own certificate files from a trusted CA, copy them to /etc/ssl/private/. Then edit the site file with the below command, and make the following changes to the existing lines. Otherwise go to step 5.

nano /etc/apache2/sites-available/subversion.bhap04.conf

Edit the lines to point to your supplied certificate files.

SSLCertificateFile /etc/ssl/private/filename-cert.pem
SSLCertificateKeyFile /etc/ssl/private/filename-key.pem
SSLCertificateChainFile /etc/ssl/private/filename-cachain.pem

5. Run command a2ensite subversion.bhap04.conf to enable the new site file.

6. Restart Apache to enable the site.

7. Open a web browser on a separate PC, and go to http://subversion.bhap04/svn/myproject and https://subversion.bhap04/svn/myproject

You should see the project folder with Revision 0 as below.

You are now done.

Notes:

1. You can disallow HTTP and require SSL by adding the line SSLRequireSSL to the /etc/apache2/mods_available_dav_svn.conf file.

2. Subversion supports other protocols besides HTTP and HTTPS. Do not use any of these other protocols because the ownership of the files will not be www-data user through these other methods.