I did it again! Yet another installation of Subversion for “standard” project development purposes, i.e. using Apache2, WebDAV, SSL, Basic Authentication. In case I do it again … and soon again, I recorded the installation howto logs.
NOTE: The target OS is Ubuntu Edgy 6.10, and Feisty. I use $NAME notation to refer to places to be substituted by the installation specific values
1. Install packages:
sudo apt-get install subversion libapache2-svn libapache-mod-dav apache2
2. Enable SSL:
sudo a2enmod ssl
sudo sh -c "echo 'Listen 443' >> /etc/apache2/ports.conf"
3. Generate Certificate:
Ubuntu < Feisty:
sudo apache2-ssl-certificate
Use the server name to be used for access the web server.
Ubuntu >= Feisty: (thanx Roderik)
sudo apt-get install ssl-cert
sudo mkdir /etc/apache2/ssl
sudo /usr/sbin/make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /etc/apache2/ssl/apache.pem
4. Create Virtual Host:
sudo cp /etc/apache2/sites-available/default /etc/apache2/sites-available/$SITENAME
sudo vim /etc/apache2/sites-available/$SITENAME
change:
NameVirtualHost *:443
<VirtualHost *:443>
add:
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/apache.pem
SSLProtocol all
SSLCipherSuite HIGH:MEDIUM
5. Enable the site:
sudo a2ensite $SITENAME
sudo /etc/init.d/apache2 restart
A warning that complaints about failure of server name determination can be fixed by adding ServerName $SERVERNAME
to the main Apache config /etc/apache2/apache2.conf
6. Adding repository(ies):
The following setup assumes we want to host multiple repositories.
sudo mkdir /var/svn
sudo svnadmin create /var/svn/$REPOS
sudo chown -R www-data:www-data /var/svn/$REPOS
sudo chmod -R g+ws /var/svn/$REPOS
7. Adding Basic Authentication:
sudo htpasswd2 -c -m /etc/apache2/dav_svn.passwd $AUTH_USER
8. Enable and configure WebDAV and SVN:
Add to /etc/apache2/mods-available/dav_svn.conf
DAV svn
SVNParentPath /var/svn
AuthType Basic
AuthName "Subversion Repository"
AuthUserFile /etc/apache2/dav_svn.passwd
Require valid-user
SSLRequireSSL
and for non-anonymous access comment out:
#<LimitExcept GET PROPFIND OPTIONS REPORT>
#</LimitExcept>
(optionally the same configuration can be set for particular virtual host only, i.e. /etc/apache2/sites-available/$SITENAME)
9. Finalization: (guess what?)
sudo /etc/init.d/apache2 restart
Testing:
Web access:
lynx https://localhost/svn/$REPOS
exposes the repository.
lynx http://localhost/svn/$REPOS
says: eat my shorts , i.e. 403-forbidden.
An initial import:
svn import --username $AUTH_USER $A_FILE https://localhost/svn/$REPOS/testdir -m "Testing"
… and check-out:
svn co --username $AUTH_USER https://localhost/svn/$REPOS
To add a new repository just repeat the step 6 (without making the root directory of course).
If you wish to configure a single repository only, instead of point 6:
sudo svnadmin create /var/svn
sudo chown -R www-data:www-data /var/svn
sudo chmod -R g+ws /var/svn
and in /etc/apache2/mods-available/dav_svn.conf (step 8) use this instead of SVNParentPath:
SVNPath /var/svn
Above all, check the great SVN Book.