Prerequisites
Apache 2
Neon Library
Subversion Client
Neon Library
Subversion Client
Installation
Prerequisites Installation
1. Install Apache 2
2. Install neon from first DVD, libneon27-0.29.6-6.7.1.x86_64.rpm
3. Get Subversion Server and Client Binaries
4. Install SubVersion Client first, and then Subversion Server
to install SVN client on SuSE linux, please refer to http://software.opensuse.org/download.html?project=devel:tools:scm:svn&package=subversion
2. Install neon from first DVD, libneon27-0.29.6-6.7.1.x86_64.rpm
3. Get Subversion Server and Client Binaries
4. Install SubVersion Client first, and then Subversion Server
to install SVN client on SuSE linux, please refer to http://software.opensuse.org/download.html?project=devel:tools:scm:svn&package=subversion
Subversion Installation
Install Subversion Client
# zypper install subversion
Change folder to where Subversion Server binary placed
# rpm -ivh subversion-server-1.6.17-51.1.x86_64.rpm
After Subversion installation, you should be able to find below file placements:
# rpm -ql subversion-server-1.6.17-51.1.x86_64
/etc/apache2/conf.d
/etc/apache2/conf.d/subversion.conf
/usr/lib64/apache2
/usr/lib64/apache2/mod_authz_svn.so
/usr/lib64/apache2/mod_dav_svn.so
# rpm -ql subversion-server-1.6.17-51.1.x86_64
/etc/apache2/conf.d
/etc/apache2/conf.d/subversion.conf
/usr/lib64/apache2
/usr/lib64/apache2/mod_authz_svn.so
/usr/lib64/apache2/mod_dav_svn.so
Configuration
Configure Apache 2
1. Apply below changes in /etc/sysconfig/apache2
APACHE_MODULES="authz_host
actions alias auth_basic authz_groupfile authn_file authz_user
autoindex cgi dir include log_config mime negotiation setenvif status
userdir asis dav dav_fs imagemap php5 perl python dav_svn authz_svn
authz_default ssl"
< APACHE_SERVER_FLAGS="SSL"
2. SSL Enablement
Creating a “Dummy” Certificate
Generating
a dummy certificate is simple. Just call the script
/usr/bin/gensslcert. It creates or overwrites the following files:
A copy of ca.crt is also placed at /srv/www/htdocs/CA.crt for download.
Apply below changes to /etc/apache2/vhosts.d/vhost-ssl.conf (copy it from vhost-ssl.template if it doesn't exist)
Comment out below line:
SSLProtocol all -SSLv2 -SSLv3
Restart Apache2 and test both secure and non-secured connection.
/etc/apache2/ssl.crt/ca.crt
/etc/apache2/ssl.crt/server.crt
/etc/apache2/ssl.key/server.key
/etc/apache2/ssl.csr/server.csr
/etc/apache2/ssl.crt/server.crt
/etc/apache2/ssl.key/server.key
/etc/apache2/ssl.csr/server.csr
A copy of ca.crt is also placed at /srv/www/htdocs/CA.crt for download.
Apply below changes to /etc/apache2/vhosts.d/vhost-ssl.conf (copy it from vhost-ssl.template if it doesn't exist)
Comment out below line:
SSLProtocol all -SSLv2 -SSLv3
Restart Apache2 and test both secure and non-secured connection.
Configure SVN Repository
Initialization
# svnadmin create /path/to/repository
# svnlook info /path/to/repository
# svnlook info /path/to/repository
Chang repository group and permission
Suggestion: change the group to apache2 group, permission 770
Edit subversion.conf as needed
Using local password file to authentication
<Location /repos>
DAV svn
SVNPath /srv/svn/repos
# Limit write permission to list of valid users.
<LimitExcept GET PROPFIND OPTIONS REPORT>
Require valid-user
AuthType Basic
AuthName "Test Repository"
AuthUserFile /srv/svn/repos/conf/passwd
SVNPathAuthz on
AuthzSVNAccessFile /srv/svn/repos/conf/authz
</LimitExcept>
</Location>
DAV svn
SVNPath /srv/svn/repos
# Limit write permission to list of valid users.
<LimitExcept GET PROPFIND OPTIONS REPORT>
Require valid-user
AuthType Basic
AuthName "Test Repository"
AuthUserFile /srv/svn/repos/conf/passwd
SVNPathAuthz on
AuthzSVNAccessFile /srv/svn/repos/conf/authz
</LimitExcept>
</Location>
Using LDAP Authentication
<Location /repos>
DAV svn
SVNPath /srv/svn/repos
AuthType Basic
AuthName "Utilities"
AuthzLDAPAuthoritative Off
AuthBasicProvider ldap
AuthLDAPURL "ldap://ldap.goweekend.ca/dc=suzhou,dc=goweekend,dc=ca?uid?sub?(appperm=svnusers)"
REQUIRE valid-user
# Limit write permission to list of valid users.
<LimitExcept GET PROPFIND OPTIONS REPORT>
Require valid-user
</LimitExcept>
</Location>
DAV svn
SVNPath /srv/svn/repos
AuthType Basic
AuthName "Utilities"
AuthzLDAPAuthoritative Off
AuthBasicProvider ldap
AuthLDAPURL "ldap://ldap.goweekend.ca/dc=suzhou,dc=goweekend,dc=ca?uid?sub?(appperm=svnusers)"
REQUIRE valid-user
# Limit write permission to list of valid users.
<LimitExcept GET PROPFIND OPTIONS REPORT>
Require valid-user
</LimitExcept>
</Location>
Repository Populating (optional)
Dump repository
# svnadmin dump /path/to/sourceRepository > repositoryDump.rep
Load repository from dump file
# svnadmin load /path/to/targetRepository <repositoryDump.rep
# svnadmin dump /path/to/sourceRepository > repositoryDump.rep
Load repository from dump file
# svnadmin load /path/to/targetRepository <repositoryDump.rep
Verification
open browser and type in url like below:
http://<server name>.domain.name/<repository name>
No comments:
Post a Comment