DokuWiki » Infrastructure » Operating System » CentOS 8

h1. Install SVN-Server

h2. Requirements

To install svn you will need the following:

* a installed and supported operating system (e.g. CentOS 8.x)

* root-access

* a fast internet connection

h2. Preliminary note

most of this is taken from 

* [[https://www.vultr.com/docs/how-to-setup-an-apache-subversion-svn-server-on-centos-7]]

* setup rules-file [[http://www.startupcto.com/server-tech/subversion/locking-a-branch-in-svn]]

* @ssh+svn@ may be taken from [[http://www.startupcto.com/server-tech/subversion/setting-up-svn]]

This procedure is for a vanilla OS, if @Apache@ is already installed and configured you may have to rethink the configuration.

h2. Install

<pre><code class="bash">

yum install mod_dav_svn subversion

</code></pre>

h2. Configuration

h3. /etc/httpd/conf.modules.d/10-subversion.conf

modify the preinstalled @/etc/httpd/conf.modules.d/10-subversion.conf@ analogue to

<pre>

LoadModule dav_svn_module     modules/mod_dav_svn.so

LoadModule authz_svn_module   modules/mod_authz_svn.so

LoadModule dontdothat_module  modules/mod_dontdothat.so

<Location /svn>

  DAV svn

  SVNParentPath /var/www/svn

  AuthName "Subversion repositories"

  AuthType Basic

   AuthUserFile /etc/svn-auth-users

   AuthzSVNAccessFile  /etc/svn-authz-users

  Require valid-user

</Location>

</pre>

if you placed the svn-server behind a proxy and you are experiencing '502 Bad Gateway' when copying then you may also rewrite the Destination inside the Header:

<pre>

LoadModule dav_svn_module     modules/mod_dav_svn.so

LoadModule authz_svn_module   modules/mod_authz_svn.so

LoadModule dontdothat_module  modules/mod_dontdothat.so

# rename Destination to prevent 502 Bad Gateway Error when renaming files

RequestHeader edit Destination ^https http early

<Location /svn>

  DAV svn

  SVNParentPath /var/www/svn

  AuthName "Subversion repositories"

  AuthType Basic

  AuthUserFile /etc/svn/svn-auth

  AuthzSVNAccessFile /svn/authz

  Require valid-user

</Location>

</pre>

<pre>

LoadModule dav_svn_module     modules/mod_dav_svn.so

LoadModule authz_svn_module   modules/mod_authz_svn.so

<Location /svn>

   DAV svn

   SVNParentPath /var/www/svn

   AuthType Basic

   AuthName "Subversion repositories"

   AuthUserFile /etc/svn-auth-users

   AuthzSVNAccessFile  /etc/svn-authz-users

   Require valid-user

</Location>

</pre>

h3. Add SVN users

* first-time usage (will clear any existing user!)

<pre><code class="bash">

htpasswd -cm /etc/svn-auth-users testuser

</code></pre>

* follow up usage

<pre><code class="bash">

htpasswd -m /etc/svn-auth-users testuser

</code></pre>

Note: Use exactly same file and path name as used on @subversion.conf@ file. This example use @/etc/svn-auth-users@ file.

h3. Create SVN repository

just in case you happen to run the server within a podman container

<pre><code class="bash">

podman exec -it -u root svn_example.com-svn /bin/sh

</code></pre>

<pre><code class="bash">

mkdir /var/www/svn

cd /var/www/svn

svnadmin create testrepo

chown -R apache:apache testrepo

chcon -R -t httpd_sys_content_t /var/www/svn/testrepo

</code></pre>

Following enables commits over http

<pre><code class="bash">

chcon -R -t httpd_sys_rw_content_t /var/www/svn/testrepo

</code></pre>

h3. Configure SVN repository

To *disable anonymous access* and enable *access control* add following rows to @testrepo/conf/svnserve.conf@

<pre>

## Disable anonymous access ##

anon-access = none

## Enable access control ##

authz-db = authz

</pre>

h3. Create trunk, branches and tags structure under testrepo

Create “template” directories with following command:

<pre><code class="bash">

mkdir -p /tmp/svn-structure-template/{trunk,branches,tags}

</code></pre>

Then import template to project repository using @svn import@ command:

<pre><code class="bash">

svn import -m 'Initial import' /tmp/svn-structure-template/ http://localhost/svn/testrepo/

</code></pre>

h3. Setup User/Repo based access control

Create “template” directories with following command:

<pre><code class="bash">

vim /etc/svn/svn-authz-users

</code></pre>

Then import template to project repository using @svn import@ command:

<pre>

# Allow full access to all repos

[/]

* = 

master = rw

[homepage:/]

* =

master = rw

external_chk = r

# Lock MyRepo Branch_A

# Note that you only need the MyRepo: prefix if you have more than one repo

[janus:/z_Deploy]

* = r

master = rw

[janus:/11002]

* = r

master = rw

developer = rw

[ATX_Neuenstein:/]

* = 

master = rw

client = r

# Lock all tags in all repos; only allow 'master' to create new tags.

[/tags]

* = r

master = rw

</pre>

h2. Start Apache and modify firewall rules

Start Apache:

<pre><code class="bash">

systemctl start httpd.service

systemctl enable httpd.service

</code></pre>

Open the HTTP service port:

<pre><code class="bash">

firewall-cmd --zone=public --permanent --add-service=http

firewall-cmd --reload

</code></pre>

h2. Usage

open in your browser

<pre><code class="bash">

http://localhost/svn/testrepo/

</code></pre>

h2. SSL secured web-server

see also http://wiki.centos.org/HowTos/Https

h2. Backup/Restore SVN repositories

[[dw_dr:SVN17| Backup/Restore SVN]]