Recent Posts
Categories
- Application Development (1)
- Linux (3)
- Security (2)
- Software Deployment (5)
- Sys Admin (6)
the ongoing struggle: man vs machine
This tutorial will lead you through installing the source control and versioning software, Subversion. It assumes that you already have a server running Debian squeeze with network access.
The Debian system I use in this tutorial is called bhap04 and has an ip address of 10.1.1.20.
1. Log into Debian console as root.
2. Install Subversion using apt-get install subversion. Answer Y at the prompt.
3. Next, create a directory that will hold our repositories. mkdir –p /var/lib/svn
4. Now I will create a repository for my software development project called myproject inside /var/lib/svn. You can create other repositories now for other projects you have. The repository will be empty until you import a project into it.
svnadmin create /var/lib/svn/myproject
Subversion is now installed, but can only be used locally, which does not suit our purpose. We need to install apache and configure it to host Subversion.
For HTTP:// we need to configure WebDAV on an Apache2 server. Thus we will install apache2 and apache2 SVN module now.
1. apt-get install apache2 libapache2-svn
2. Next, we configure apache2 SVN module by editing the file /etc/apache2/mods-available/dav_svn.conf
nano /etc/apache2/mods-available/dav_svn.conf
The text editor nano will launch and display the file as below.
3. There is a configuration already commented out. You can leave it commented out as a future guide, and add our configuration to the bottom of the file.
<Location /svn> DAV svn SVNParentPath /var/lib/svn AuthType Basic AuthName "Subversion Repository" AuthUserFile /etc/apache2/dav_svn.passwd <LimitExcept GET PROPFIND OPTIONS REPORT> Require valid-user </LimitExcept> </Location>
Add the below lines to the file, then press ctrl-O to save, and ctrl-X to close.
4. Restart apache2 to enable the configuration.
/etc/init.d/apache2 restart
5. Because we will be reading and writing to our repository folders as the Apache user, which is www-data, we must change the owner and group of /var/lib/svn and its children.
chown –R www-data:www-data /var/lib/svn
6. Now we must create the passwords file that will contain all users that will have access to SVN. I ill make the user admin22
htpasswd –c /etc/apache2/dav_svn.passwd admin22
You will be prompted for a password for the new user.
7. You can continue to add additional users with the command htpasswd /etc/apache2/dav_svn.passwd username
Note the lack of the –c switch. This switch creates the password file. If you use it a second time, you will overwrite the existing password file with a new file, which is generally not desired.
You now have a working HTTP Subversion. We must now configure HTTPS. If you don’t desire this option, you may stop here.
1. Enable Apache SSL Module
a2enmod ssl
2. Restart apache2
/etc/init.d/apache2 restart
3. Copy the default-ssl sites file to a new file and name it with the name of the site.
cp /etc/apache2/sites-available/default-ssl /etc/apache2/sites-available/subversion.bhap04.conf
4. (Optional) If you are supplying your own certificate files from a trusted CA, copy them to /etc/ssl/private/. Then edit the site file with the below command, and make the following changes to the existing lines. Otherwise go to step 5.
nano /etc/apache2/sites-available/subversion.bhap04.conf
Edit the lines to point to your supplied certificate files.
SSLCertificateFile /etc/ssl/private/filename-cert.pem
SSLCertificateKeyFile /etc/ssl/private/filename-key.pem
SSLCertificateChainFile /etc/ssl/private/filename-cachain.pem
5. Run command a2ensite subversion.bhap04.conf to enable the new site file.
6. Restart Apache to enable the site.
7. Open a web browser on a separate PC, and go to http://subversion.bhap04/svn/myproject and https://subversion.bhap04/svn/myproject
You should see the project folder with Revision 0 as below.
You are now done.
1. You can disallow HTTP and require SSL by adding the line SSLRequireSSL to the /etc/apache2/mods_available_dav_svn.conf file.
2. Subversion supports other protocols besides HTTP and HTTPS. Do not use any of these other protocols because the ownership of the files will not be www-data user through these other methods.