經驗交流分享與備忘

Installing mod_dav_svn by Gregg Pollack (gregg at patchedsoftware dot com) 

1. Install mod_dav_svn
    sudo yum install mod_dav_svn

2. Add the LoadModule lines to your httpd:
     
      To edit the httpd.conf:
      sudo vi /etc/httpd/conf/httpd.conf

      Search for the LoadModule lines, and add these to the bottom:
    LoadModule dav_svn_module     modules/mod_dav_svn.so
    LoadModule authz_svn_module   modules/mod_authz_svn.so

3. Create an HTTP authentication file - To setup and create the authentication file for the first time, run:

    sudo htpasswd -cm /etc/svn-auth-file <username>

To add new users to this file, use

    sudo htpasswd -m /etc/svn-auth-file <username>

    NOTE: If when you run this command, you may get "Command not found". this is because you don't have /usr/sbin/ in your path directory.  So lets do that now.

    run "vi ~/.bash_profile", and add to the end of your path, so it looks like this:

    PATH=$PATH:$HOME/bin:/usr/sbin:/sbin

    Then run ". ~/.bash_profile" to execute your bash_profile and go back up to step 3.

4. Railsmachine creates an apache config file for each of your domains, in /etc/httpd/conf/apps/.  Find the application that you want to add svn to, and edit the conf file.  In my case, the website was www.MyDietSolution.com.  I added this to the top of the /etc/httpd/conf/apps/myabsolutediet.conf file:

<VirtualHost *:80>
  ServerName svn.myabsolutediet.com

  <Location />
        DAV svn
        SVNPath /var/www/apps/myabsolutediet/repos
        AuthType Basic
        AuthName "Authorization Realm"
        AuthUserFile /etc/absolute-auth-file
        Require valid-user
  </Location>
</VirtualHost>

5.  You don't have to worry about changing any file permissions, as other subversion http tutorials might tell you.  deploy user already runs apache.

6.  Restart your apache:
    sudo /etc/init.d/httpd restart

7.  Test out your application by going to http://svn.YourDomain.com/, and it should prompt for authorization, and then show you the repository!

8. You want to enable SSL security so your passwords and code aren't sent in plaintext? Keep on following. This is assuming you don't already have your own Cert.  If you do have your own cert, skip down to the bottom of the page.

First you'll want to create your own private cert (if you don't have one and don't want to pay for one).  Follow these instructions to create your own.  You'll need to input a passphrase you can remember for later too.
 
mkdir ~/sslcert
cd ~/sslcert

openssl genrsa -des3 -out server.key 1024
openssl req -new -key server.key -out server.csr
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

9. edit your virtualhost tag again, change the port, and add the three SSL lines.  Like:

<VirtualHost *:443>
  ServerName svn.myabsolutediet.com
  SSLEngine On
  SSLCertificateFile /home/deploy/sslcert/server.crt
  SSLCertificateKeyFile /home/deploy/sslcert/server.key

10. If you're using a different subdomain, "svn.yourdomain.com", make sure your dns has a CNAME Record called svn so it forwards properly.  You wouldn't need to worry about this if all subdomains forward to your server.

11. Restart apache:
    sudo /etc/init.d/httpd restart

       Then go to https://svn.yourdomain.com/ and you should be prompted for the cert, and for authorization, and you're golden.

12. You will be asked for your key everytime you restart apache.  To get around this:

cd ~/sslcert
cp server.key server.key.orig
openssl rsa -in server.key.orig -out server.key

-----

So you have your own CERT? 

I'm going to assume you configured this using railsmachine's scripts, and that your webserver conf file (/etc/httpd/conf/apps/myabsolutediet.conf) has two parts, one for port 80 and another for port 443.  I'm also going to assume that your Certificate is setup properly.

1. Under your port 443 virtual host, create an alias for your svn server if you like:

    ServerAlias svn.yourdomain.com

    If you do use svn.yourdomain.com make sure your dns has a CNAME Record called svn so it forwards properly.  You wouldn't need to worry about this if all subdomains forward to your server.

2. Add your location directives:

  <Location /svn>
        DAV svn
        SVNPath /var/www/apps/myabsolutediet/repos
        AuthType Basic
        AuthName "Authorization Realm"
        AuthUserFile /etc/absolute-auth-file
        Require valid-user
  </Location>

     This is a little different then the Location we used the first time.  Notice this time we're giving a path name "Location /svn", so we're only directed to svn if we go to that path in our URL.

3. Now we need to tell apache, that we DON'T want to redirect incoming requests that have SVN in the URL to our mongrel cluster.  Put the following line BEFORE the "RewriteRule ^/(.*)$ balancer://servername_cluster%{REQUEST_URI} [P,QSA,L]" directive:

RewriteCond %{REQUEST_URI} !^/svn*

4. Restart the server, and try going to https://domain_name.com/svn/

-------

Adding Multiple Repositories

1. All you need to do to add multiple repositories, without adding more IP addresses, is add multiple Location directives. 

<Location /domain1/svn>
        DAV svn
        SVNPath /var/www/apps/domain1/repos
        AuthType Basic
        AuthName "Authorization Realm"
        AuthUserFile /etc/domain1-auth-file
        Require valid-user
</Location>

<Location /domain2/svn>
        DAV svn
        SVNPath /var/www/apps/domain2/repos
        AuthType Basic
        AuthName "Authorization Realm"
        AuthUserFile /etc/domain2-auth-file
        Require valid-user
</Location>

2. If you want to be able to have a different base url, just add a new alias: 

    ServerAlias svn.domain1.com
    ServerAlias svn.domain2.com

文章來源: https://support.railsmachine.com/index.php?pg=kb.page&id=42