I found Subversion (svn) over HTTP to be very easy to deploy on top of our existing setup, and only took about 15 minutes. It simplifies user management by allowing us to manage users through Active Directory, and makes it easier on staff by using URLs for access. Here is a quick demonstration on a Fedora 9 box, assuming you have already performed a basic or default apache install.
Requirements:
Install the necessary svn packages:
# yum install subversion mod_dav_svn |
Configure AD:
Create a user to bind to, this user needs no special permissions. I used svnuser in this demonstration.
Create a security group, users will need to be a member of this group in order to access our repositories. I used SVN_Access in this demonstration.
Create Repositories:
Create the following directories in your http root if you have not done so (/var/www on most systems):
# mkdir /var/www/svn # mkdir /var/www/svn/repos |
This will be the location for all of our repositories. Now to create a repository (test in this example):
# svnadmin create /var/www/svn/repos/test |
Grant apache access to the repository:
# chown -R apache.apache /var/www/svn/repos/test |
Configure Apache:
Create an httpd/apache include file for our subversion configuration, this may have already been created for you. Depending on your distro, you may need to integrate this directly in to your httpd.conf:
# touch /etc/httpd/conf.d/subversion.conf |
Example subversion.conf:
LoadModule dav_svn_module modules/mod_dav_svn.so LoadModule authz_svn_module modules/mod_authz_svn.so # # Example configuration to enable HTTP access for a directory # containing Subversion repositories, "/var/www/svn". Each repository # must be readable and writable by the 'apache' user. Note that if # SELinux is enabled, the repositories must be labelled with a context # which httpd can write to; this will happen by default for # directories created in /var/www. Use "restorecon -R /var/www/svn" # to label the repositories if upgrading from a previous release. # DAV svn SVNParentPath /var/www/svn/repos SVNListParentPath on order allow,deny allow from all Options Indexes AuthzLDAPAuthoritative On AuthName "My Repository" AuthType Basic AuthBasicProvider ldap AuthLDAPBindDN svnuser@domain.com AuthLDAPBindPassword Test123 AuthLDAPURL "ldap://dc.domain.com:3268/dc=domain,dc=com?sAMAccountName?sub?(objectCategory=person)" Require ldap-group CN=SVN_Access,OU=Groups,DC=domain,DC=com REQUIRE valid-user |
You should now be able to access your test repository at http://website/repos/test 🙂