Usuario:LordT/apuntes/Montar un servidor de Subversion

De Wikipedia, la enciclopedia libre

backup and restore your repository data[editar]

subversion repositories use either the Berkeley Database system libraries, or the FSFS database format which comes with the subversion package. Since the BDB system libraries often introduce a new incompatible format during version upgrade, a backup/restore of all the subversion repositories must be performed _BEFORE_ doing such a system upgrade. 'svnadmin dump' will write the repository to stdout in a 'dumpfile' format. This dumpfile can be loader later with 'svnadmin load'.

create svn user/group for svnserve[editar]

subversion repositories can be served either via http, or via the svnserve daemon and a special network protocol. svnserve should not run as root user. The startup script rcsvnserve expects a user/group named 'svn', configureable via /etc/sysconfig/svnserve. But this user/group must be created before first use: 

 useradd svn
 groupadd svn

mini-howto for 2 projects[editar]

To run a subversion server, you need to configure apache2 to load two apache2 modules: mod_dav and mod_dav_svn. (mod_dav is needed by mod_dav_svn, it is installed together with apache2.)

This is done by editing the apache2 configuration (/etc/sysconfig/apache2) and adding "dav dav_svn" to the APACHE_MODULES setting, and restarting the server.

A default/example configuration of the dav_svn module can be found in /etc/apache2/conf.d/subversion.conf. With more recent apache packages, this configuration is *not* loaded automatically by the apache server, since many people configure virtual hosts and it is unlikely that the repositories shall be available from any virtual host. To load the configuration for a certain virtual host, add 

 Include /etc/apache2/conf.d/subversion.conf

or 

 Include /path/to/your_subversion_configuration

in the respective virtual host configuration. This *may* be done in the default virtual host (/etc/apache2/default-server.conf).

Minihowto[editar]

The plan:

host 2 source projects with subversion both must have anonymous read access both must have limited write access for a few users they are accessed only via HTTP, not (!) locally they will be reachable via: 

http://hostname/repos/project1
http://hostname/repos/project2

Both will have the official version of the source tree and our modified version for the distribution. Projects in question are: project1 project2

The realisation:

find a machine to host the projects. Keep backup (and restore!) in mind when hunting for hardware.

install needed packages (you might check for update packages on ftp://ftp.suse.com/pub/projects/apache/ ) 

rpm -Uvh \
	apache2 \
	apache2-doc \
	apache2-prefork \
	libapr0 \
	neon \
	subversion \
	subversion-doc \
	subversion-server

Update /etc/sysconfig/apache2 add 'dav dav_svn' to $APACHE_MODULES

create a few directories: 

mkdir -p /srv/svn/repos
mkdir -p /srv/svn/user_access
mkdir -p /srv/svn/html

Add the http repository data to /etc/apache2/conf.d/subversion.conf: 

#------------------------------------------------------------------------
#
# project related HTML files
#
<IfModule mod_alias.c>
Alias /repos	"/srv/svn/html"
</IfModule>
<Directory /srv/svn/html>
	Options		+Indexes +Multiviews -FollowSymLinks
	IndexOptions	FancyIndexing \
			ScanHTMLTitles \
			NameWidth=* \
			DescriptionWidth=* \
			SuppressLastModified \
			SuppressSize

	order allow,deny
	allow from all
</Directory>

# project repository files for project1
<Location /repos/project1>
	DAV svn
	SVNPath /srv/svn/repos/project1

	# Limit write access to certain people
	AuthType Basic
	AuthName "Authorization for project1 required"
	AuthUserFile /srv/svn/user_access/project1_passwdfile
	AuthGroupFile /srv/svn/user_access/project1_groupfile
	<LimitExcept GET PROPFIND OPTIONS REPORT>
	Require group project1_committers
	</LimitExcept>

	# Limit read access to certain people
	<Limit GET PROPFIND OPTIONS REPORT>
	Require group project1_committers
	Require group project1_readers
	</Limit>

</Location>

# project repository files for project2
<Location /repos/project2>
	DAV svn
	SVNPath /srv/svn/repos/project2

	# Limit write permission to list of valid users.
	<LimitExcept GET PROPFIND OPTIONS REPORT>
		# Require SSL connection for password protection.
		# SSLRequireSSL

		AuthType Basic
		AuthName "Authorization for project2 required"
		AuthUserFile /srv/svn/user_access/project2_passwdfile
		Require valid-user
	</LimitExcept>
</Location>
#------------------------------------------------------------------------

create the repositories itself: 

cd /srv/svn/repos
svnadmin create project1
chown -R wwwrun:www project1/{dav,db,locks}
svnadmin create project2
chown -R wwwrun:www project2/{dav,db,locks}

The webserver must be configured and started: 

 SuSEconfig --module apache2
 rcapache2 restart

Now create the user access files:

project1 is a restricted project.

read access requires a password

write access is limited to a few users 

 touch /srv/svn/user_access/project1_passwdfile
 chown root:www /srv/svn/user_access/project1_passwdfile
 chmod 640 /srv/svn/user_access/project1_passwdfile

 htpasswd /srv/svn/user_access/project1_passwdfile olaf
 htpasswd /srv/svn/user_access/project1_passwdfile olh

this is the group file for project1: /srv/svn/user_access/project1_groupfile 

 content:
 project1_committers: olh
 project1_readers: olaf olh

project2 is world readable, but only a few can commit to the sources. 

 touch /srv/svn/user_access/project2_passwdfile
 chown root:www /srv/svn/user_access/project2_passwdfile
 chmod 640 /srv/svn/user_access/project2_passwdfile
 htpasswd2 /srv/svn/user_access/project2_passwdfile olaf

You should be able to connect to the server: http://host/repos/project2 http://host/repos/project1

Now import the data, e.g. svn import /path/to/project2-tree http://host/repos/project2 -m "initial import"

Añadir un usuario a un repositorio existente[editar]

Crear el usuario y asignarle una clave: 

 htpasswd /srv/svn/user_access/REPOSITORIO_passwdfile NUEVOUSUARIO

Añadirle permisos de commiter o reader en: 

 /srv/svn/user_access/REPOSITORIO_groupfile

Añadir un nuevo repositorio[editar]

Añadir la información del nuevo repositorio a /etc/apache2/conf.d/subversion.conf: 

#------------------------------------------------------------------------
# Archivos del repositorio para NuevoProyecto
<Location /repos/NuevoProyecto>
DAV svn
SVNPath /srv/svn/repos/NuevoProyecto

# Limit write permission to list of valid users.
<LimitExcept GET PROPFIND OPTIONS REPORT>
# Require SSL connection for password protection.
# SSLRequireSSL

AuthType Basic
AuthName "Authorization for NuevoProyecto required"
AuthUserFile /srv/svn/user_access/NuevoProyecto_passwdfile
Require valid-user
</LimitExcept>
</Location>
#------------------------------------------------------------------------

crear el repositorio: 

cd /srv/svn/repos
svnadmin create NuevoProyecto
chown -R www-data:www-data NuevoProyecto/{dav,db,locks}

Ahora creamos los archivos de acceso a usuarios: 

 touch /srv/svn/user_access/NuevoProyecto_passwdfile
 chown root:www-data /srv/svn/user_access/NuevoProyecto_passwdfile
 chmod 640 /srv/svn/user_access/NuevoProyecto_passwdfile

 htpasswd /srv/svn/user_access/NuevoProyecto_passwdfile NuevoUsuario

Y el archivo de grupo para el NuevoProyecto: /srv/svn/user_access/NuevoProyecto_groupfile 

 content:
 project1_committers: NuevoUsuario
 project1_readers: NuevoUsuario

Reniciar el apache: 

 /etc/init.d/apache2 restart

Ahora debería funcionar el nuevo repositorio: 

 http://host/repos/NuevoProyecto

Final mente el import inicial, p.e. 

 svn import /ruta/a/nuevoproyecto http://host/repos/NuevoProyecto -m "initial import"
Obtenido de «https://es.wikipedia.org/w/index.php?title=Usuario:LordT/apuntes/Montar_un_servidor_de_Subversion&oldid=125250076»