I did it again! Yet another installation of Subversion for “standard” project development purposes, i.e. using Apache2, WebDAV, SSL, Basic Authentication. In case I do it again … and soon again, I recorded the installation howto logs.
NOTE: The target OS is Ubuntu Edgy 6.10, and Feisty. I use $NAME notation to refer to places to be substituted by the installation specific values
1. Install packages:
sudo apt-get install subversion libapache2-svn libapache-mod-dav apache2
2. Enable SSL:
sudo a2enmod ssl
sudo sh -c "echo 'Listen 443' >> /etc/apache2/ports.conf"
3. Generate Certificate:
Ubuntu < Feisty:
sudo apache2-ssl-certificate
Use the server name to be used for access the web server.
Ubuntu >= Feisty: (thanx Roderik)
sudo apt-get install ssl-cert
sudo mkdir /etc/apache2/ssl
sudo /usr/sbin/make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /etc/apache2/ssl/apache.pem
4. Create Virtual Host:
sudo cp /etc/apache2/sites-available/default /etc/apache2/sites-available/$SITENAME
sudo vim /etc/apache2/sites-available/$SITENAME
change:
NameVirtualHost *:443
<VirtualHost *:443>
add:
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/apache.pem
SSLProtocol all
SSLCipherSuite HIGH:MEDIUM
5. Enable the site:
sudo a2ensite $SITENAME
sudo /etc/init.d/apache2 restart
A warning that complaints about failure of server name determination can be fixed by adding ServerName $SERVERNAME to the main Apache config /etc/apache2/apache2.conf
6. Adding repository(ies):
The following setup assumes we want to host multiple repositories.
sudo mkdir /var/svn
sudo svnadmin create /var/svn/$REPOS
sudo chown -R www-data:www-data /var/svn/$REPOS
sudo chmod -R g+ws /var/svn/$REPOS
7. Adding Basic Authentication:
sudo htpasswd2 -c -m /etc/apache2/dav_svn.passwd $AUTH_USER
8. Enable and configure WebDAV and SVN:
Add to /etc/apache2/mods-available/dav_svn.conf
DAV svn
SVNParentPath /var/svn
AuthType Basic
AuthName "Subversion Repository"
AuthUserFile /etc/apache2/dav_svn.passwd
Require valid-user
SSLRequireSSL
and for non-anonymous access comment out:
#<LimitExcept GET PROPFIND OPTIONS REPORT>
#</LimitExcept>
(optionally the same configuration can be set for particular virtual host only, i.e. /etc/apache2/sites-available/$SITENAME)
9. Finalization: (guess what?)
sudo /etc/init.d/apache2 restart
Testing:
Web access:
lynx https://localhost/svn/$REPOS exposes the repository.
lynx http://localhost/svn/$REPOS says: eat my shorts , i.e. 403-forbidden.
An initial import:
svn import --username $AUTH_USER $A_FILE https://localhost/svn/$REPOS/testdir -m "Testing"
… and check-out:
svn co --username $AUTH_USER https://localhost/svn/$REPOS
To add a new repository just repeat the step 6 (without making the root directory of course).
If you wish to configure a single repository only, instead of point 6:
sudo svnadmin create /var/svn
sudo chown -R www-data:www-data /var/svn
sudo chmod -R g+ws /var/svn
and in /etc/apache2/mods-available/dav_svn.conf (step 8) use this instead of SVNParentPath:
SVNPath /var/svn
Above all, check the great SVN Book.
HI. I followed this guide, and when I try to access the repository via a web browser or terminal command, I get 500 Internal Server Error. Do you know where I went wrong or how to fix it? Thanks.
In short ? No ;-)
If you don’t provide more information, there’ll be nobody to help you…
Just 4 a shoot in the dark – you tried https://yourhost:443/svn/$REPOSITORYNAME ?
Perfect. Worked fine.
Thanks.
Nice guide.
Unfortunatelly on point 5 I get:
$ sudo /etc/init.d/apache2 restart
* Restarting web server apache2 apache2: Could not reliably determine the server’s fully qualified domain name, using 127.0.1.1 for ServerName
httpd (no pid file) not running
apache2: Could not reliably determine the server’s fully qualified domain name, using 127.0.1.1 for ServerName
(98)Address already in use: make_sock: could not bind to address 0.0.0.0:443
no listening sockets available, shutting down
Unable to open logs
[fail]
By memory I have no other services on port 443. When I will get back home I will check (so far I did from another location over SSH).
Same error here.
In step 2 you added Listen 443 to ports.conf
I use Ubuntu 8.10 and it was already there! Removed the line again, working :)
Hi
Same Error
and did what Number 5 said and Voila! it worked again only thing is I spent the entire days googling without scrolling down to check comments my life would have been sooo much easier
dude, you are the man. now i can get back to not doing worik
This is the best how-to I have found for the subject.
However, as with Dif and serAphim, I found that running Ubuntu Hardy Heron (8.04) you should not add “Listen 433” to ports.conf, just leave ports.conf as it is.
Further, you need to uncomment the lines at the start and end of the dav_svn.conf file, otherwise the server won’t start and gives a message like:
Syntax error on line 16 of /etc/apache2/mods-enabled/dav_svn.conf:
DAV not allowed here
Excellent guide, many thanks!
Managed to get everything working OK, but found I was getting an ‘Unable to configure RSA server private key’ error which was causing Apache to fail on startup.
Solution was to comment out the ‘SSLCertificateKeyFile’ line located just underneath ‘SSLCertificateFile’.
It’s 2009 and your HowTo is still working, somme few things have changed like libapache-mod-dav which is now inside of apache2, but for the rest, it’s PERFECT
Easy to use, and to upgrade, great job.
It’s 2009 and your HowTo is still working, somme few things have changed like libapache-mod-dav which is now inside of apache2, but for the rest, it’s PERFECT
Easy to use, and to upgrade, great job.
I also got the 500 Internal server error. Turns out the parent path to the svn repository was wrong. I’ve disabled the parent path and set the SVNPath to my (only) repository and now it works perfect! The correct url for me is:
lynx https://localhost/svn/
Great tutorial… still working!
Great Work!! its 2010 and still being used.
Great job on the how-to, took me a while to stumble upon your tutorial which really simplified my setup process.
Thanks!
2k11 and still working! Good job! Saved my day.
2011.. except for some minor changes .. it’s still the best tutorial I’ve found on the web! great job!