本文详细介绍了如何在Linux环境下安装和测试Subversion,包括配置svnserve和使用iF.SVNAdmin创建管理界面。接着,通过Apache和PHP搭建Subversion的Web访问,并配置了DAV_svn.conf文件。最后,文章讲解了如何启用HTTPS访问,通过生成证书和修改Apache配置实现安全的仓库检出。
1. subversion安装
apt install subversion
svnserver --version
测试
sudo mkdir /var/svn
svnadmin create /var/svn/testrepos
vim conf/svnserve.conf
# 去掉anon-access、auth-access、password-db、authz-db、realm注释
vim conf/passwd
vim conf/authz
# launch
svnserve -d -r /var/svn
客户端使用svn协议checkout:
svn://10.10.10.170/testrepos
2. iF.SVNAdmin管理界面
http://svnadmin.insanefactory.com/, 官网提供下载链接。
安装apache和php,以及svn模块(mod_dav_svn.so):
sudo apt install apache2 php libapache2-mod-php php-xml -y
sudo apt install libapache2-mod-svn -y
为了web访问svn,把/var/svn仓库转移到/var/www/svn。
将压缩包解压至/var/www目录(默认是/var/www/html,在/etc/apache2/sites-enabled/000-default.conf里改DocumentRoot即可)
unzip svnadmin-1.6.2.zip -d /var/www/
mv /var/www/iF.SVNAdmin-stable-1.6.2 /var/www/svnadmin
chmod -R 777 /var/www/svnadmin/data
配置/etc/apache2/mods-available/dav_svn.conf:
cp dav_svn.conf dav_svn.conf.bak
vim dav_svn.conf
cat dav_svn.conf
<Location /svn>
# Uncomment this to enable the repository
DAV svn
# Set this to the path to your repository
#SVNPath /var/lib/svn
# Alternatively, use SVNParentPath if you have multiple repositories under
# under a single directory (/var/lib/svn/repo1, /var/lib/svn/repo2, ...).
# You need either SVNPath or SVNParentPath, but not both.
SVNParentPath /var/www/svn
# Access control is done at 3 levels: (1) Apache authentication, via
# any of several methods. A "Basic Auth" section is commented out
# below. (2) Apache <Limit> and <LimitExcept>, also commented out
# below. (3) mod_authz_svn is a svn-specific authorization module
# which offers fine-grained read/write access control for paths
# within a repository. (The first two layers are coarse-grained; you
# can only enable/disable access to an entire repository.) Note that
# mod_authz_svn is noticeably slower than the other two layers, so if
# you don't need the fine-grained control, don't configure it.
# Basic Authentication is repository-wide. It is not secure unless
# you are using https. See the 'htpasswd' command to create and
# manage the password file - and the documentation for the
# 'auth_basic' and 'authn_file' modules, which you will need for this
# (enable them with 'a2enmod').
AuthType Basic
AuthName "Subversion Repository"
AuthUserFile /var/www/svn/passwd
#AuthzSVNAccessFile /var/www/svn/accessfile
# To enable authorization via mod_authz_svn (enable that module separately):
<IfModule mod_authz_svn.c>
AuthzSVNAccessFile /var/www/svn/accessfile
</IfModule>
# The following three lines allow anonymous read, but make
# committers authenticate themselves. It requires the 'authz_user'
# module (enable it with 'a2enmod').
# <LimitExcept GET PROPFIND OPTIONS REPORT>
Require valid-user
# </LimitExcept>
</Location>
回到svn仓库目录:
cd /var/www/svn/
touch passwd
touch accessfile
chown -R www-data:www-data /var/www/svn/
访问页面,参照/etc/apache2/mods-available/dav_svn.conf完成全局配置:
Subversion authorization file:
/var/www/svn/accessfile
User authorization file:
/var/www/svn/passwd
Parent directory of the repositories(SVNParentPath):
/var/www/svn/
Subversion client executable:
/usr/bin/svn
Subversion admin executable:
/usr/bin/svnadmin
关闭svnserve,重启apache,客户端使用http协议访问仓库:
http://域名或ip/svn/仓库/
http://10.10.10.170/svn/webtest
配置https
制作证书:
openssl genrsa -out server.key 2048
openssl req -new -key server.key -out server.csr
openssl x509 -req -days 3650 -in server.csr -signkey server.key -out server.crt
配置:
sudo apt install apache2-ssl-dev
vim /etc/apache2/sites-available/default-ssl.conf
# SSLEngine on
# SSLCertificateFile /var/www/svn/server.crt
# SSLCertificateKeyFile /var/www/svn/server.key
a2enmod ssl
a2enmod rewrite
a2ensite default-ssl.conf
顺利的话就可以用https url检出svn仓库了。
扫一扫
5460
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
