征服 Apache + SVN (转)
原文转自 http://snowolf.iteye.com/blog/740347实在是不知道这个帖子在JE上放到哪个分类里合适,跟SVN有关,那就是项目咯,姑且放到项目管理中吧!
SVN用了很久,不过一直没有机会配置。以前工作的时候都是技术总监、部门经理搞定,自己很少有机会尝试。更别说基于svn方式、http方式,
亦或是https方式访问svn了,只有用的份,没有了解的份。最近,配置Apache开窍,索性再深入一步,搭建基于HTTPS平台的
Apache+SVN平台。
相关内容:
征服 Apache + SSL
征服 Apache + SVN
征服 Apache + Tomcat
选用Ubuntu Server 10.04,Apache 2.2.14,Subversion 1.6.6。
步骤:
[*]安装SVN相关模块
[*]配置SVN版本库
[*]配置APACHE
[*]简单测试
1.安装SVN相关模块
这里主要用到的是Subversion 以及Apache与SVN相关的模块(DAV_SVN)!
执行命令,安装:
Shell代码
[*]
sudo apt-get install subversion libapache2-svn
sudo apt-get install subversion libapache2-svn
注意观察安装后的结果:
引用
Considering dependency dav for dav_svn:
Enabling module dav.
Enabling module dav_svn.
Run '/etc/init.d/apache2 restart' to activate new configuration!
如果看到这样的提示,那说明DAV_SVN模块已经成功安装,可以重启Apache看看是否正常启动:
Shell代码
[*]
sudo /etc/init.d/apache2 restart
sudo /etc/init.d/apache2 restart
以我本机为例,正常启动了:
引用
zlex@localhost:~$ sudo /etc/init.d/apache2 restart
* Restarting web server apache2
apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName
... waiting .apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName
当然,稍后你可能需要修改/etc/apache2/mods-available/dav_svn.conf
文件,配置SVN版本库等。
2.配置SVN版本库
完成上述操作,只是为Apache获知SVN给出了一种途径,最关键的还是要配置SVN相关部分!
首先,我们要创建subversion组并把www-data作为subversion中的一员。因为,apache是通过www-data账户启动的,我们需要让它能够访问subversion组的文件!
Shell代码
[*]
sudo addgroup subversion
[*]
sudo usermod -G subversion -a www-data
sudo addgroup subversion
sudo usermod -G subversion -a www-data
然后,我们要配置版本库:
我们可以在/var/lib
目录下构建一个svn目录,作为SVN版本库根目录:
Shell代码
[*]
cd /var/lib
[*]
sudo mkdir svn
cd /var/lib
sudo mkdir svn
假设我们要创建版本库zlex:
Shell代码
[*]
cd svn
[*]
sudo svnadmin create zlex
cd svn
sudo svnadmin create zlex
更改版本库所属用户、组:
Shell代码
[*]
sudo chown -R root:subversion zlex
sudo chown -R root:subversion zlex
赋予组成员对所有新加入文件仓库的文件拥有相应的权限:
Shell代码
[*]
sudo chmod -R g+rws zlex
sudo chmod -R g+rws zlex
试试
Shell代码
[*]
svn co file://localhost/var/lib/svn/zlex
svn co file://localhost/var/lib/svn/zlex
,这时候应该可以访问了!
3.配置Apache
接下来,我们需要修改/etc/apache2/mods-available/dav_svn.conf
文件,配置SVN版本库:
Shell代码
[*]
sudo vi /etc/apache2/mods-available/dav_svn.conf
sudo vi /etc/apache2/mods-available/dav_svn.conf
打开红框中的注释,
Conf代码
[*]
# dav_svn.conf - Example Subversion/Apache configuration
[*]
#
[*]
# For details and further options see the Apache user manual and
[*]
# the Subversion book.
[*]
#
[*]
# NOTE: for a setup with multiple vhosts, you will want to do this
[*]
# configuration in /etc/apache2/sites-available/*, not here.
[*]
[*]
# <Location URL> ... </Location>
[*]
# URL controls how the repository appears to the outside world.
[*]
# In this example clients access the repository as http://hostname/svn/
[*]
# Note, a literal /svn should NOT exist in your document root.
[*]
<Location /svn>
[*]
[*]
# Uncomment this to enable the repository
[*]
DAV svn
[*]
[*]
# Set this to the path to your repository
[*]
#SVNPath /var/lib/svn
[*]
# Alternatively, use SVNParentPath if you have multiple repositories under
[*]
# under a single directory (/var/lib/svn/repo1, /var/lib/svn/repo2, ...).
[*]
# You need either SVNPath and SVNParentPath, but not both.
[*]
SVNParentPath /var/lib/svn
[*]
[*]
# Access control is done at 3
levels: (
1
) Apache authentication, via
[*]
# any of several methods. A "Basic Auth"
section is commented out
[*]
# below. (2
) Apache <Limit> and <LimitExcept>, also commented out
[*]
# below. (3
) mod_authz_svn is a svn-specific authorization module
[*]
# which offers fine-grained read/write access control for paths
[*]
# within a repository. (The first two layers are coarse-grained; you
[*]
# can only enable/disable access to an entire repository.) Note that
[*]
# mod_authz_svn is noticeably slower than the other two layers, so if
[*]
# you don't need the fine-grained control, don'
t configure it.
[*]
[*]
# Basic Authentication is repository-wide. It is not secure unless
[*]
# you are using https. See the 'htpasswd'
command to create and
[*]
# manage the password file - and the documentation for the
[*]
# 'auth_basic'
and
'authn_file'
modules, which you will need for this
[*]
# (enable them with 'a2enmod'
).
[*]
AuthType Basic
[*]
AuthName "Subversion Repository"
[*]
AuthUserFile /etc/apache2/dav_svn.passwd
[*]
[*]
# To enable authorization via mod_authz_svn
[*]
AuthzSVNAccessFile /etc/apache2/dav_svn.authz
[*]
[*]
# The following three lines allow anonymous read, but make
[*]
# committers authenticate themselves. It requires the 'authz_user'
[*]
# module (enable it with 'a2enmod'
).
[*]
#<LimitExcept GET PROPFIND OPTIONS REPORT>
[*]
Require valid-user
[*]
#</LimitExcept>
[*]
[*]
</Location>
# dav_svn.conf - Example Subversion/Apache configuration
#
# For details and further options see the Apache user manual and
# the Subversion book.
#
# NOTE: for a setup with multiple vhosts, you will want to do this
# configuration in /etc/apache2/sites-available/*, not here.
# <Location URL> ... </Location>
# URL controls how the repository appears to the outside world.
# In this example clients access the repository as http://hostname/svn/
# Note, a literal /svn should NOT exist in your document root.
<Location /svn>
# Uncomment this to enable the repository
DAV svn
# Set this to the path to your repository
#SVNPath /var/lib/svn
# Alternatively, use SVNParentPath if you have multiple repositories under
# under a single directory (/var/lib/svn/repo1, /var/lib/svn/repo2, ...).
# You need either SVNPath and SVNParentPath, but not both.
SVNParentPath /var/lib/svn
# Access control is done at 3 levels: (1) Apache authentication, via
# any of several methods.A "Basic Auth" section is commented out
# below.(2) Apache <Limit> and <LimitExcept>, also commented out
# below.(3) mod_authz_svn is a svn-specific authorization module
# which offers fine-grained read/write access control for paths
# within a repository.(The first two layers are coarse-grained; you
# can only enable/disable access to an entire repository.)Note that
# mod_authz_svn is noticeably slower than the other two layers, so if
# you don't need the fine-grained control, don't configure it.
# Basic Authentication is repository-wide.It is not secure unless
# you are using https.See the 'htpasswd' command to create and
# manage the password file - and the documentation for the
# 'auth_basic' and 'authn_file' modules, which you will need for this
# (enable them with 'a2enmod').
AuthType Basic
AuthName "Subversion Repository"
AuthUserFile /etc/apache2/dav_svn.passwd
# To enable authorization via mod_authz_svn
AuthzSVNAccessFile /etc/apache2/dav_svn.authz
# The following three lines allow anonymous read, but make
# committers authenticate themselves.It requires the 'authz_user'
# module (enable it with 'a2enmod').
#<LimitExcept GET PROPFIND OPTIONS REPORT>
Require valid-user
#</LimitExcept>
</Location>
分述:
<Location /svn>
与</Location>
成对儿出现!
DAV svn
开启DAV模块支持!
SVNPath /var/lib/svn
与SVNParentPath /var/lib/svn
选其一,不可同时出现!
建议使用SVNParentPath
,可以在SVN根目录下创建多个SVN版本库!
引用
AuthType Basic
AuthName "Subversion Repository"
AuthUserFile /etc/apache2/dav_svn.passwd
定义了授权类型、并指定了密码文件(/etc/apache2/dav_svn.passwd
)。
AuthzSVNAccessFile /etc/apache2/dav_svn.authz
授权配置文件,规定了路径访问权限!
引用
#<LimitExcept GET PROPFIND OPTIONS REPORT>
Require valid-user
#</LimitExcept>
建议只使用Require valid-user
,打开<LimitExcept
/>注释,将允许匿名访问!
现在通过命令设置SVN账户:
Shell代码
[*]
sudo htpasswd -c /etc/apache2/dav_svn.passwd <username>
sudo htpasswd -c /etc/apache2/dav_svn.passwd <username>
这里用到参数-c
,是因为/etc/apache2/dav_svn.passwd
文件不存在,如果文件存在,则无需该参数!否则,将覆盖掉原有密码文件!
形如:
引用
sudo htpasswd -c /etc/apache2/dav_svn.passwd snowolf
New password:
Re-type new password:
Updating password for user snowolf
可以追加多个账户!
引用
sudo htpasswd /etc/apache2/dav_svn.passwd zlex
New password:
Re-type new password:
Updating password for user zlex
现在,需要设置路径访问权限文件AuthzSVNAccessFile /etc/apache2/dav_svn.authz
。
我们先做一个默认的配置,当前这个文件还不存在:
Shell代码
[*]
sudo vi /etc/apache2/dav_svn.authz
sudo vi /etc/apache2/dav_svn.authz
然后追加:
引用
* = r
这样,所有授权用户就都能够看到zlex项目了!
然后访问http://localhost/svn/zlex
:
试试检出:
Shell代码
[*]
svn co http://localhost/svn/zlex --username snowolf
svn co http://localhost/svn/zlex --username snowolf
我们通过组方式管理项目,修改/etc/apache2/dav_svn.authz
文件:
Shell代码
[*]
sudo vi /etc/apache2/dav_svn.authz
sudo vi /etc/apache2/dav_svn.authz
我们定义一个超级用户组admin,组中成员为snowolf;开发组developer,组中成员为snowolf,zlex,多个用户用逗号分隔。
引用
admin = snowolf
developer = snowolf, zlex
让admin和developer组成员有创建项目版本库的权限,其余用户只有查看权限:
引用
*=r
@admin = rw
@developer = rw
给出一个完整配置:
引用
admin = snowolf
developer = zlex
@admin = rw
@developer = rw
* =
有关Subversion详细配置,参照Subversion官方中文文档
!
修改这个配置文件时,不需要重启apache!
4.简单测试
我们之前构建了一个项目仓库——zlex,现在项目有了,我们需要构建相应的版本库管理,及trunk、tags以及branches!
用命令创建:
Shell代码
[*]
svn mkdir
"http://localhost/svn/zlex/branches"
"http://localhost/svn/zlex/tags"
"http://localhost/svn/zlex/trunk"
-m
"create a new project zlex"
--username
"snowolf"
svn mkdir "http://localhost/svn/zlex/branches" "http://localhost/svn/zlex/tags" "http://localhost/svn/zlex/trunk" -m "create a new project zlex" --username "snowolf"
这时,我们用zlex账号提交一个docs目录:
Shell代码
[*]
svn mkdir
"http://192.168.49.132/svn/zlex/docs"
-m
"文档目录"
--username zlex
svn mkdir "http://192.168.49.132/svn/zlex/docs" -m "文档目录" --username zlex
系统会提示输入密码:
192.168.49.132
是我本机的IP地址!
我们可以使用命令将项目签出:
Shell代码
[*]
svn checkout
"http://localhost/svn/zlex/trunk@HEAD"
-r HEAD --depth infinity zlex-svn --username zlex
svn checkout "http://localhost/svn/zlex/trunk@HEAD" -r HEAD --depth infinity zlex-svn --username zlex
我们随便修改一个文件:
提交修改:
如果你参照征服 Apache + SSL
完成了HTTPS平台搭建,这时候,也可以使用HTTPS方式访问了:
页:
[1]