Subversion Setup

From ArchWiki

Contents 1 Goals 1.1 Required Packages 2 Apache Installation 3 Subversion Installation 3.1 Install the package 3.2 Create a Directory 4 Miscellaneous Configuration Specifics 4.1 /etc/httpd/conf/httpd.conf 4.2 SSL or not to SSL? 4.3 Create /home/svn/.svn-policy-file 4.4 Create /home/svn/.svn-auth-file 4.5 Create a Repository 4.6 Set Permissions 5 Create a Project 5.1 Directory structure for project 5.2 Populate Directory 5.3 Import the Project 5.4 Test SVN Checkout

Goals

The goal of this how to is to setup Subversion, with Apache. Why use Apache for Subversion? Well, quite simply, it provides features that the standalone svnserve does not have...

• You get the ability to use https protocol. This means that SVN passwords are not flying around for all to sniff.
• You get fine-grained access controls. You can use Apache auth to limit permissions by directory. This means you can grant read access to everything, but commit access only to trunk for instance, while have another group with commit access to tags or branches.
• You get a free repository viewer. While not very exciting, it does work.
• The Subversion team is working on seamless webdav integration. At some point you should be able to use any webdav interface to update files in the repository.

Required Packages

• apache
• subversion

Apache Installation

This howto does not cover installation and initial setup of the Apache web server.

Subversion Installation

Install the package

pacman -Sy subversion

Create a Directory

mkdir -p /home/svn/repositories

Miscellaneous Configuration Specifics

/etc/httpd/conf/httpd.conf

Ensure the following are listed...if not, add them (you'll typically have to add just the last two), they must be in this order:

LoadModule dav_module           modules/mod_dav.so
LoadModule dav_fs_module        modules/mod_dav_fs.so
LoadModule dav_svn_module       modules/mod_dav_svn.so
LoadModule authz_svn_module     modules/mod_authz_svn.so

SSL or not to SSL?

I prefer to use SSL for SVN access. This enables me to use Apache's AuthType Basic, with little fear of someone sniffing passwords.

I generate the certificate by:

cd /etc/httpd/conf/; openssl req -new -x509 -keyout server.key -out server.crt -days 365 -nodes

Then, I add the following to /etc/httpd/conf/extra/httpd-ssl.conf to include the following inside of a virtual host directive:

<Location /svn>
   DAV svn
   SVNParentPath /home/svn/repositories
   AuthzSVNAccessFile /home/svn/.svn-policy-file
   AuthName "SVN Repositories"
   AuthType Basic
   AuthUserFile /home/svn/.svn-auth-file
   Satisfy Any
   Require valid-user
</Location>

To make sure the SSL settings get loaded, uncomment the SSL configuration line in /etc/httpd/conf/httpd.conf so it looks like this:

 Include /etc/httpd/conf/extra/httpd-ssl.conf

Create /home/svn/.svn-policy-file

[/]
* = r

[REPO_NAME:/]
USER_NAME = rw

The * in the / section is matched to anonymous users. Any access above and beyond read only will be prompted for a user/pass by apache AuthType Basic. The REPO_NAME:/ section inherits permissions from those above, so anon users have read only permission to it. The last bit grants read/write permission of the REPO_NAME repository to the user USER_NAME.

Create /home/svn/.svn-auth-file

This is either an htpasswd, or htdigest file. I used htpasswd. Again, because of SSL, I don't worry as much about password sniffing. htdigest would provide even more security vs sniffing, but at this point, I don't have a need for it.

htpasswd -cs /home/svn/.svn-auth-file USER_NAME

The above creates the file (-c) and uses sha1 for storing the password (-s). The user USER_NAME is created.
To add additional users, leave off the (-c) flag.

htpasswd -s /home/svn/.svn-auth-file OTHER_USER_NAME

Create a Repository

svnadmin create /home/svn/repositories/REPO_NAME

Set Permissions

The Apache user needs permissions over the new repository.

chown -R http.http /home/svn/repositories/REPO_NAME

Create a Project

Directory structure for project

Create the following directory structure on your development machine.

branches  tags  trunk

You can create them like this.

cd /path/to/directoryofchoice
mkdir branches tags trunk

Populate Directory

Put your source files into the created trunk directory.

cp -R /home/USER_NAME/project/REPO_NAME/code/* trunk

Import the Project

svn import -m "Initial import" https://yourdomain.net/svn/REPO_NAME/

Test SVN Checkout

cd /path/to/directory_of_choice
cd ..
rm -rf /path/to/directory_of_choice
svn co https://yourdomain.net/svn/REPO_NAME/

If everything worked out, you should now have a working, checked out copy of your freshly created SVN repo.

Enjoy!