Update (May 2012) - You can find a new fuller tutorial on this blog here.
So, I've been playing about with setting up SVN quickly and semi secure on a Ubuntu server recently. SVN, because I don't mind it as a server technology, it has its benefits over nothing, and it of course has its own faults compared to other source and revision control software. Indeed, its major selling point for me was simply that I have been using it commercially at work for the best part of four years.
So, I've been playing about with setting up SVN quickly and semi secure on a Ubuntu server recently. SVN, because I don't mind it as a server technology, it has its benefits over nothing, and it of course has its own faults compared to other source and revision control software. Indeed, its major selling point for me was simply that I have been using it commercially at work for the best part of four years.
However, previously I've always set it up on Kubuntu, with KDE to help me out, what became apparent recently (on my Dell servers) was that I had no GUI, I needed to get back to the command line to install this software.
Also some of the examples out there on the Internet already make a real mess of using CHMOD and other tricks to move the folders around, and some of them reference htpasswd2, when you need to use htpasswd2 on Ubuntu Server 10.04 and above.
So, here are my set of commands, each with a little blurb about them, to help you use just the command line on Ubuntu Server to set up SVN via Apache2.
Prerequisites
1. Ubuntu Server ISO (on CD or DVD) to install onto your server or Virtual Machine.
2. Internet connection.
3. If you want to use SSH to lock your noisy server in a cupboard and administer it from a PC get Putty and follow step XX below.
Set the server up
Install your server. I chose Ubuntu 11.04 64bit for my machines and installed from a CD. I set it up as I wanted, the only thing I did was when prompted to choose to install LAMP or Apache etc etc, I chose nothing, I just started from the blank server.
Hmm looks like Visual Studio stuck a comment into my screen shot - ignore that,
make sure you have nothing picked in the DOS looking terminal style text.
Also, remember to set your password and username for root... and at this point... make sure the root password and username is NOT going to be one of the usernames which can access SVN [that's just a bit of basic security common sense].
So, my root for this demo has a username "mega" and my password is "maniac".
Once your server is up, and you are presented with the log in prompt come back to the sequence below.
Set up SSH
Log into your server, physically in front of it, so i type "mega" and then "maniac" and I get into the prompt, and the first thing I need to do is install the SSH server, so I can get to the machine over the LAN, or WAN.
Now, I don't want this service to automatically start, so we're just going to start is here once its installed. So, to install the open SSH server type:
sudo apt-get install openssh-server
This will tell the system to act as the super user to use aptitude to install the package we want. Type that in and when is asked for the sudo password for your root type in your password, so I now type "maniac".
The system will remember your sudo password for a short while now, so for the next few commands you won't be asked for the sudo password, but after that duration you will start to be asked for the sudo/root password again. Don't worry, this is normal.
Once you've entered your password the system will go out onto the Internet and look for the open ssh server package, for me this tells me it needs to download just over 1megabyte of data, so I select yes and let it complete.
Once that is all complete, you need to start the server with the command:
sudo /etc/init.d/ssh start
When it is complete you should see the message:
* Starting OpenBSD Secure Shell server sshd [ OK ]
If not, then you'll need to go out onto the Internet and see who can help you. But if you're lucky enough to see the "OK" its time to exit from your shell in front of your noisy server, close the server room door and nip up to your quiet PC somewhere else. Before you go though you may want to use the command "ifconfig" to tell you the IP address your new server is on.
So, once you're back at your desk, you need to run an SSH capable terminal program, I prefer "PuTTy" from http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html because you can scroll up and down in your prompt window, where as from the actual machine you'll find stuff disappearing off the top.
So, fire up the terminal program of your choice and connect to the server SSH server you set running.
Installing Apache & Subversion
Now we need to install the three packages which allow us to use and host SVN on the machine, these are SVN itself, Apache2 as our web server and the library to link apache to SVN. So type:
sudo apt-get install apache2 subversion libapache2-svn
This should be just shy of 18 megabytes in size, depending on your situation, so let it complete.
Now, fire up a web browser and just check the apache server is running, you should have seen "* Starting wen server apache2 [ OK ]" scroll past, so we'll just check.
Type into the browser address bar "http://" and the IP address of the server and hit Go. You should see the standard "It works!" message from apache2. If not, well something went wrong, again I'm not trying to trouble shoot for you just show you a way that works, and has worked, multiple times for Ubuntu Server.
Create your Repository
The next thing we need to do is set up the subversion repository. Lots of other tutorials and examples on the internet recommend putting the repository in strange exotic paths, which require CHMOD and alsorts of stuff being performed on the folders to give Apache access to them. We're not going to bother with that, we're just going to stop the folders being accessed from the browser by NOT creating our repository in the www folder. Don't ever do that!
So, now create the repository with:
sudo svnadmin create /svn
This will create our svn repository in /svn off of the root of the disk. Remember that path, we'll need it in a moment.
Set apache to host Subversion
Now we need to edit the apache2 module which points to SVN for us to point at this new repository. So we need to do some editing of text, other places use other tools, but I prefer nano as my text editor.
So, lets edit the first file, which is the config file:
sudo nano /etc/apache2/mods-enabled/dav_svn.conf
And it should come up looking just like this:
Now, the lines of text in this file can be "commented out" by adding a # at the front of them, as you see everything in this file is commented out... so we need to uncomment some lines by removing the # from the front.
So the lines to uncomment are:
< Location /svn >
DAV svn
SVNPath /var/lib/svn
And with this path line, change this to the path we created earlier. So I'm changing mine to read:
SVNPath /svn
The next items to uncomment are:
AuthType Basic
AuthName "Subversion Repository"
AuthUserFile /etc/apache2/dav_svn.passwrd
This path for the user file is important, it is the file to the list of users able to access your repository, so we'll be using that in a moment!
And the final things to uncomment are:
Require valid-user
and
< / Location >
(Ignore the spaces in the / Location stuff, they're only there as blogger thinks they're tags in the HTML)
< / Location >
(Ignore the spaces in the / Location stuff, they're only there as blogger thinks they're tags in the HTML)
You may see the Limit Except items around the require valid-user, I however am putting my SVN on the Internet, so I do not want to allow anonymous read, I therefore just want all users no-matter what they do, to have to enter their username and password.
So, with all that edited, you need to press "CTRL+O" to Write out the file in nano, you'll be presented with the filename you are writing, press enter if it is /etc/apache2/mods-enabled/dav_svn.conf. And then press "CTRL+X" to exit.
Create SVN Users
Next we need to create at least one user who can access our repository. So back on the command line again we need to type:
sudo htpasswd -cm /etc/apache2/dav_svn.passwd < USERNAME >
Where the "< USERNAME >" is the username they want, it will then ask you to enter a password for this person twice. Remember, make this password something different to your root/sudo user. For my SVN this is "svnguy".
sudo htpasswd -cm /etc/apache2/dav_svn.passwd svnguy
The parameter -cm means to "Create" and to encrypt the file as "md5".
Later, if you just want to add a user do not specify the "c" flag, as you do not want to create the file again, you just want to encrypt the password file, so you do:
sudo htpasswd -m /etc/apache2/dav_svn.passwd < USERNAME >
Restart Apache
Lastly we need to restart Apache, so type:
sudo /etc/init.d/apache2 restart
Finally, check its working
Now, we need to check our repository is working you need to jump back to your browser and where you had "http://" you need to add /svn onto the end of the URL. You should be prompted for the secure logon, so enter one of the people you added with htpasswd and their paddword. And voila, you should see your working SVN server ready for you to checkout and add code to.
interesting post.
ReplyDeletethx, it helps!
ReplyDeleteNotes to the world - I'm going to tidy this post up really soon... seems 150 odd people have read it... so its got an audience, but blogspot has stripped a bunch of editorials and code items out.
ReplyDeletetx bro :)
ReplyDeletethx... nice post.
ReplyDeleteworked for me the first time. Excellent tutorial. However, I'd like to ask one thing. how do you setup a system that has 1 directory with all your different repositories? I'd like to add multiple users with their own private repos.
ReplyDeleteTo create different repositories, simply run this:
ReplyDeletesudo svnadmin create /
where you replace whatever with your path for the different users, if you then add only the user you intent to that repository, only they can use it. There are better tutorials than mine about managing users on Linux, I'm just trying to get SVN up and running :)
nice post
ReplyDeleteUpdate: Still works with 12.04.4 LTS.
ReplyDelete