Page Title

Body
To get access to your Subversion repositories through the web, you need to install mod_dav_svn. Gregg Pollack (gregg at patchedsoftware dot com) contributed this walkthrough. *1. Install mod_dav_svn* <pre><code>sudo yum install mod_dav_svn</code></pre> *2. Edit /etc/httpd/conf/httpd.conf* Search for the <code>LoadModule</code> lines, and add these lines to the bottom: <pre><code>LoadModule dav_svn_module modules/mod_dav_svn.so LoadModule authz_svn_module modules/mod_authz_svn.so</code></pre> *3. Create an HTTP authentication file* To setup and create the authentication file for the first time, run: <pre><code>sudo /usr/sbin/htpasswd -cm /etc/svn-auth-file some_username</code></pre> To add additional users to this file, use <pre><code>sudo /usr/sbin/htpasswd -m /etc/svn-auth-file new_username</code></pre> *4. Edit the Apache config for your app, /etc/httpd/conf/apps/your_app.conf* <pre><code><VirtualHost *:80> ServerName svn.your_domain.com <Location /> DAV svn SVNPath /var/www/apps/your_app/repos AuthType Basic AuthName "Authorization Realm" AuthUserFile /etc/absolute-auth-file Require valid-user </Location> </VirtualHost></code></pre> *5. Restart Apache* <pre><code>sudo /etc/init.d/httpd restart</code></pre> *7. Test it out* Open http://svn.your_domain.com in your browser. It should prompt for authorization, and then show you the repository! *8. Want to enable SSL security so your passwords and code aren't sent in plaintext?* This is assuming you don't already have your own Cert. If you do have your own cert, skip down to the bottom of the page. First you'll want to create your own private cert (if you don't have one and don't want to pay for one). Follow these instructions to create your own. You'll need to input a passphrase you can remember for later too. <pre><code>mkdir ~/sslcert cd ~/sslcert openssl genrsa -des3 -out server.key 1024 openssl req -new -key server.key -out server.csr openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt</code></pre> *9. Edit your virtualhost tag again* Change the port, and add the three SSL lines: <pre><code><VirtualHost *:443> ServerName svn.youdomain.com SSLEngine On SSLCertificateFile /home/deploy/sslcert/server.crt SSLCertificateKeyFile /home/deploy/sslcert/server.key </code></pre> *10. Verify DNS settings* If you're using a different subdomain, "svn.yourdomain.com", make sure your DNS has a CNAME Record called svn so it forwards properly. You wouldn't need to worry about this if all subdomains forward to your server. *11. Restart apache* <pre><code>sudo /etc/init.d/httpd restart</code></pre> Now visit https://svn.yourdomain.com and you should be prompted for the cert, and for authorization, and you're golden. *12. Optional: removing the SSL passphrase* You will be asked for your key every time you restart apache. To get around this: <pre><code>cd ~/sslcert cp server.key server.key.orig openssl rsa -in server.key.orig -out server.key</code></pre> h2. So you have your own CERT? I'm going to assume you configured this using railsmachine's scripts, and that your webserver conf file (/etc/httpd/conf/apps/your_app.conf) has two parts, one for port 80 and another for port 443. I'm also going to assume that your Certificate is setup properly. *1. Adding an alias* Under your port 443 virtual host, create an alias for your svn server if you like: <pre><code>ServerAlias svn.yourdomain.com</code></pre> If you do use svn.yourdomain.com make sure your dns has a CNAME Record called svn so it forwards properly. You wouldn't need to worry about this if all subdomains forward to your server. *2. Add your location directives* <pre><code><Location /svn> DAV svn SVNPath /var/www/apps/your_app/repos AuthType Basic AuthName "Authorization Realm" AuthUserFile /etc/absolute-auth-file Require valid-user </Location></code></pre> This is a little different then the Location we used the first time. Notice this time we're giving a path name "Location /svn", so we're only directed to svn if we go to that path in our URL. *3. Apache rewrite rules* Now we need to tell apache, that we DON'T want to redirect incoming requests that have SVN in the URL to our mongrel cluster. Put the following line BEFORE the <code>RewriteRule ^/(.*)$ balancer://servername_cluster%{REQUEST_URI} [P,QSA,L]</code> directive: <pre><code>RewriteCond %{REQUEST_URI} !^/svn*</code></pre> *4. Restart the server* <code>sudo /etc/init.d/httpd restart</code> Visit https://domain_name.com/svn/ h2. Adding Multiple Repositories *1. Add Locations* All you need to do to add multiple repositories, without adding more IP addresses, is add additional Location directives. <pre><code><Location /domain1/svn> DAV svn SVNPath /var/www/apps/domain1/repos AuthType Basic AuthName "Authorization Realm" AuthUserFile /etc/domain1-auth-file Require valid-user </Location> <Location /domain2/svn> DAV svn SVNPath /var/www/apps/domain2/repos AuthType Basic AuthName "Authorization Realm" AuthUserFile /etc/domain2-auth-file Require valid-user </Location></code></pre> *2. The Apache base URL* If you want to be able to have a different base url, just add a new alias: <pre><code>ServerAlias svn.domain1.com ServerAlias svn.domain2.com</code></pre>

Make page private