Difference between revisions of "SVN"

From Blue-IT.org Wiki

(SVN Integration with https)
Line 1: Line 1:
== SVN Integration with https ==
+
= svn+ssh and https together =
This HowTo is tested with Debian 6 (squeeze) but should be applicable to any Linux based distribution.
+
* Already running an ssh server?
 +
* Already have a user with ssh account (that's necessary)
  
First of all your repository, e.g. /home/svn must be writable by the webserver:
+
Add the user you want to add to the subversion group:
 +
adduser username subversion
 +
(or later remove with: deluser username subversion)
  
  MYREPO="/home/svn"
+
Alter permissions of the repository "users_repository"
  chown -R www-data:www-data ${MYREPO}
+
  cd /home/svn
  find ${MYREPO} -type d -exec chmod 2755 \{} \;
+
  chown -R www-data:subversion users_repository
  find ${MYREPO} -not -type d -exec chmod 0644 \{} \;
+
  find users_repository/. -type d -name "*" -exec chmod -R g+rws {} \;
 +
  find users_repository/. -type f -name "*" -exec chmod -R g+rw {} \;
  
Then you need mod_dav for apache2:
+
That's it.
  
  apt-get install libapache2-svn
+
Now you can connect e.g.:
a2enmod dav
+
  svn checkout svn+ssh://username@SERVER_IP/home/svn/users_repository
a2enmod dav_svn
 
  
 
+
Attention: In your checked out repository you have to switch the svn access url from http to svn+ssh!
To access an svn like https://serverip/svn/repo1 (with read/write access for user1) https://serverip/svn/repo2 (with read/write access for user2)
+
  svn switch --relocate http://domain.com/{repo} svn+ssh://{username}@domain.com/home/{username}/svn/{repo}
/path/to/
 
      └── svn
 
            ├── repo1  -> should only be rw-accessible by user1
 
            └── repo2  -> should only be rw-accessible by user2
 
 
 
do the following 3 (4) steps:
 
 
 
=== First: create a dav configuration file ===
 
 
 
cd /etc/apache2/mods-available/
 
vim dav_svn.conf
 
 
 
<nowiki><Location /svn></nowiki>
 
    DAV svn
 
    SVNParentPath /path/to/svn
 
    AuthType Basic
 
    AuthName "Subversion Repository"
 
    AuthUserFile /etc/apache2/dav_svn.passwd
 
    AuthzSVNAccessFile /etc/apache2/dav_svn.authz
 
     
 
    <nowiki># Allow access only with authentification</nowiki>
 
    Require valid-user
 
 
 
    <nowiki># Allow acces with anonymous checkout</nowiki>
 
    <nowiki>#<LimitExcept GET PROPFIND OPTIONS REPORT></nowiki>
 
    <nowiki># </nowiki> Require valid-user
 
    <nowiki>#</LimitExcept></nowiki>
 
 
 
<nowiki></Location></nowiki>
 
 
 
=== Second: set passwords for users: ===
 
For the first user call htpasswd with the -c parameter (this _c_reates a new file and - of course - overwrites an existing one!):
 
 
 
  htpasswd -c /etc/apache2/dav_svn.passwd  user1
 
 
and for every one after that without “-c“ (because this in case will overwrite the file!!!)
 
 
 
htpasswd /etc/apache2/dav_svn.passwd  user2
 
 
 
=== Third: create the authz file for authorization: ===
 
vim /etc/apache2/dav_svn.authz
 
 
 
## groups or users
 
#groupname = user1,user2
 
 
## repositories
 
## the repositoryname is relative (!) to the given
 
## repository in the dav_svn.conf file
 
 
#[reponame:/]
 
## read / write access for all users
 
#* = rw
 
## nor read acces for this group
 
#@groupname =
 
## read access for this user
 
#user1 = r
 
 
#[reponame:/trunk/]
 
## read / write access for user1 to /trunk/
 
#user1 = rw
 
 
[repo1:/]
 
user1 = rw
 
 
[repo2:/]
 
user2 = rw
 
 
 
=== Create a virtual host if you like: ===
 
SERVERIP="1.2.3.4"
 
MAIL="webmaster@mydomain.com"
 
DOMAIN="svn.example.com"
 
DOCPATH="/var/www"
 
SSLPATH="/var/webs/ssl"
 
CUSTOMER=""
 
CHAINFILE="/var/webs/ssl/CAcert_chain.pem"
 
 
<nowiki>cat << EOF > ${DOMAIN}.conf</nowiki>
 
<nowiki><VirtualHost ${SERVERIP}:443></nowiki>
 
  ServerAdmin webmaster@${DOMAIN}
 
  ServerName  www.${DOMAIN}
 
  ServerAlias ${DOMAIN}
 
 
  DocumentRoot ${DOCPATH}
 
  <nowiki><Directory ${DOCPATH}></nowiki>
 
    Options -MultiViews
 
    allow from all
 
  <nowiki></Directory></nowiki>
 
  <nowiki># Possible values include: debug, info, notice, warn, error, crit,</nowiki>
 
  <nowiki># alert, emerg.</nowiki>
 
  LogLevel warn
 
 
  CustomLog /var/log/apache2/access.log combined
 
  ErrorLog /var/log/apache2/error.log
 
 
  SSLEngine on
 
  SSLCertificateFile ${SSLPATH}/${CUSTOMER}/${DOMAIN}.cert
 
  SSLCertificateKeyFile ${SSLPATH}/${CUSTOMER}/${DOMAIN}.key
 
  SSLCertificateChainFile ${CHAINFILE}
 
 
<nowiki></VirtualHost></nowiki>
 
EOF
 
 
 
 
Restart Apache:
 
 
 
/etc/init.d/apache2 restart
 
  
 
= svnsync =
 
= svnsync =

Revision as of 17:24, 17 January 2012

svn+ssh and https together

  • Already running an ssh server?
  • Already have a user with ssh account (that's necessary)

Add the user you want to add to the subversion group: 

adduser username subversion
(or later remove with: deluser username subversion)

Alter permissions of the repository "users_repository" 

cd /home/svn
chown -R www-data:subversion users_repository
find users_repository/. -type d -name "*" -exec chmod -R g+rws {} \;
find users_repository/. -type f -name "*" -exec chmod -R g+rw {} \;

That's it.

Now you can connect e.g.: 

svn checkout svn+ssh://username@SERVER_IP/home/svn/users_repository

Attention: In your checked out repository you have to switch the svn access url from http to svn+ssh! 

svn switch --relocate http://domain.com/{repo} svn+ssh://{username}@domain.com/home/{username}/svn/{repo}

svnsync

Taken from:

Create the following variables: 

MYPATH="/home/svn"
URL_TO_REPO_ROOT_TO_CLONE="https://axelpospischil@ssl.qwws.net/svn/mt_roadrunner"
DEST_URL="/home/svn"

(Note: „DEST_URL“ is the url to the Subversion repository you create in step 1.)

1. Create your local repository: 

svnadmin create ${MYPATH}

2. Create an empty pre-revprop-change hook script: 

echo '#!/bin/bash' > ${MYPATH}/hooks/pre-revprop-change

3. Make the pre-revprop-change hook script executable: 

chmod +x ${MYPATH}/hooks/pre-revprop-change

4. Initialize svnsync: 

svnsync init file:⁄⁄⁄${MYPATH} ${URL_TO_REPO_ROOT_TO_CLONE}

5. Synchronize: 

svnsync sync ${DEST_URL}

Subversion 1.6.x needs those added to the pre-revprop-change script: 

    REPOS="$1"
    REV="$2"
    USER="$3"
    PROPNAME="$4"
    ACTION="$5"

Einrichten unter Debian

1. Svn installieren: 

apt-get update
apt-get install subversion

2. Eine svn Gruppe erstellen und einen Benutzer hinzufügen: 

groupadd subversion
addgroup username subversion

3. Ein svn Repository erzeugen oder ein Vorhandenes kopieren 

mkdir /home/svn/myrepo
rsync -av oldserver:/home/svn /home/.
chown -R root:subversion /home/svn
svnadmin create --fs-type fsfs /home/svn/myrepo/projekt1
svnadmin create --fs-type fsfs /home/svn/myrepo/projekt2

4. Einloggen via ssh (geht nur, wenn ein ssh-Schlüssel im Userverzeichnis generiert wurde) 

ssh+svn://servername/home/svn/myrepo
Retrieved from "https://wiki.blue-it.org/index.php?title=SVN&oldid=4491"