I’m assuming Apache is already installed and running properly on your server. This includes PHP if you want to use WebSVN for example.
Install Subversion
apt-get install subversion libapache2-svn
Create a folder for your repositories, create a repository and change the owner to the user running Apache
mkdir /home/svn
svnadmin create /home/svn/myRepository
chown -R www-data:www-data /home/svn
Edit /etc/apache2/mods-available/dav_svn.conf and add this
<Location /svn> DAV svn SVNParentPath /home/svn AuthType Basic AuthName "Subversion Repository" AuthUserFile /home/svn/passwd AuthzSVNAccessFile /home/svn/authz Require valid-user SSLRequireSSL </Location>
Activate SSL and the DAV modules on Apache
a2enmod ssl
a2enmod dav
a2enmod dav_svn
Now you need the authz and passwd file. The passwd file can be created using htpasswd
htpasswd -cm /home/svn/passwd username
You will then be asked to enter the password for this user.
For authz you can get a sample file from your repository (conf/authz). Copy it to the parent repository location. To enable your user for the previously created repository add this
[yourrepository:/] youruser = rw
This will give your user read and write permissions for this repository. Now you can use it through this URL https://example.com/svn/yourrepository
Create a self-signed certificate in /etc/apache2/ssl (create this directory first). It will be valid for 365 days. You don’t have to enter information when you get asked but some might be helpful. Your browser will tell you that there is a problem with this certificate (since it’s not issued by a certified auhorization)
openssl req -new -x509 -days 365 -nodes -out apache.pem -keyout apache.key
Create a file for your site in /etc/apache2/sites-available/
<VirtualHost *:443>
ServerAdmin admin@server.name
ServerName your.server.name
DocumentRoot /var/www/yourSiteSSL
<Directory /var/www/yourSiteSSL>
Options -Indexes FollowSymLinks
AllowOverride None
Order deny,allow
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error_ssl.log
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/ssl_access.log combined
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/apache.pem
SSLCertificateKeyFile /etc/apache2/ssl/apache.key
</VirtualHost>
Enable your SSL site and restart the server
a2ensite yoursiteSSL
apache2ctl restart
Optional: Install WebSVN
apt-get install websvn
After, the configuration dialog appears.
- Select Apache2 (deselect the others using space)
- Type in the location of the folder with your svn repositories
To make SSL a requirement for WebSVN edit /etc/websvn/apache.conf and uncomment SSLRequireSSL. And to restrict access only to authenticated users add this
AuthType Basic AuthName "Subversion Repository" AuthUserFile /home/svn/passwd Require valid-user
You may notice that the authz line is missing. This has to be done in the websvn config file located in /etc/websvn/config.php. Uncomment this line and add the path to the auth file
$config->useAuthenticationFile(‘/path/to/authz’);
Optional: Disable to show the complete server token for Apache
In /etc/apache2/conf.d/security change the line
ServerTokens OS
to
ServerTokens Prod
Didn’t see any comments, so I thought I’ll leave one. Worked, thanks!
Nice one. Got our svn installed in no time thanks to your walkthrough. Cheers!
My very much thanks 😉
Awesome tutorial! Thanks!
Nice seeing there are guys who know things and share their knowledge with illiterate me.
Thank yoy matthias
Nice tutorial but I have a 403 Error while trying to checkout or access by browser….
Are you using http instead of https? This example only works with https.
Otherwise a look into the error log (most likely in /var/log/apache2/error.log) should help you with what the problem exactly is.
Still (very) useful. Thanks Matthias.
Thanks! Do you mean still, because it is written for Squeeze? I guess it’s universal and I should remove that 🙂
I’m not sure if “universal” is the right adjective here (I can not see far enough), but it worked well for Wheezy. Thanks again (for the article and the mood).
Thanks Álvaro, I updated it 🙂
Hi!
I get “Invalid command ‘AuthzSVNAccessFile’, perhaps misspelled or defined by a module not included in the server configuration” in dav_svn.conf on line with:
AuthzSVNAccessFile /home/svn/authz
file contains:
“[myRepository:/]
anton = rw”
I dont know what is going wrong …
So I’ve installed a2enmod authz_svn and apache restarted, but I can’t acces my svn any way, even server ip does not show anything in browser…
The way the setup is described it would be
https://yourserver.net/svnWhat do you get when you try to access it?
Okay! O managed all problems, somehow after I installed websvn I am able to reach my svn, so it looks like it works, thanks alot!
Great! Thanks for letting me know.
It might be possible that you tried to access just
/svn, which will give you a 403 Forbidden page. You need to access a specific repository directly (e.g.,https://yourserver.net/svn/myrepository). websvn shows all available repositories the user has acccess to by default.Hi, one more thing. I add path to authz file to useAuthenticationFile, something like $config->useAuthenticationFile(‘/etc/apache2/dav_svn.authz’); but I am not able to see any repos. File is:
[/]
* =
anton = rw
eugen = rw
[NetGame:/]
anton = rw
tanya = r
[NetGame:/art/]
tanya = rw
ant I am logining to /svn/NetGame with anton account, and I see “You do not have the necessary permissions to view this content”. Dont know what to do.
Hi Anton,
do you get the authentication prompt before seeing the error message?
You could check the error and access log of Apache to see if anything is reported there that points to the problem. You can find them in
/var/log/apache2. If you use SSL it is probably in error_ssl.log.Your config line is for websvn, the URL for that is “/websvn”. For the regular HTTPS SVN access you need to add the corresponding entry to the dav_svn.conf (see above).
Hope this helps,
Matthias