Build the source code server of Subversion + Apache

++ To build a version library, you need to set up a Subversion + Apache source code server for collaborative work. The following are the installation process and precautions. + ++ Install APACHE Software: apache_2.2.6-win32-x86-openssl-0.9.8e.exe (with ssl version) # instructions, if you download and install without openssl version, later configuration mod _ ++ version library to build
To work, you need to set up a Subversion + Apache source code server for collaborative work. The following are the installation process and precautions.

+ ++ Install APACHE Software: apache_2.2.6-win32-x86-openssl-0.9.8e. ExE (with ssl version)

# Note: If you download and install the mod_ssl.so module without the openssl version, it may be a little troublesome and cause some minor problems.
# You do not need to change or add a lot of information during installation. Generally, click Next directly. Domain and host can be set to localhost, and Email can be filled in at will. But it is important that port 80 cannot be used when apache is installed; otherwise, http service cannot be started.
### After apache is installed, the http service runs automatically. You can enter http: // localhost in the address bar of the browser to check whether the installation is successful.


+++ Install Subversion: Binary Code: svn-1.4.6- SetUp.exe or compiled Solution CompressionFile svn-win32-1.4.6. Zip(Recommended)

# Note: SuCombination of bversion and Apache version
# If the compiled zip file is used ExtractScale down. Install using the exe file according to the instructions. If the Subversion detects that the installed Apache is installed, the configuration is automatically completed. If no installation is performed before or the current version does not work with each other, You need to perform some additional setup steps.
# % SVN_DIR % Represents the SVN installation directory, and % APACHE_DIR % Represents the APACHE installation directory
Step 1 copy mod_authz_svn.so mod_dav_svn.so to % APACHE_DIR %/mo from % SVN_DIR %/bin DuLes
Step 2 Copy intl3_svn.dll libdb *. dll from % SVN_DIR %/bin to % APACHE_DIR %/bin
Step 3 open (Notepad) % APACHE_DIR %/conf/ HttpdIn the. conf file, remove the following comments (delete the \ '# \' Mark ):
# LoadModule dav_fs_module modules/mod_dav_fs.so
# LoadModule dav_module modules/mod_dav.so
Add the following two rows to the end of the LoadModule section.
LoadModule dav_svn_module modules/mod_dav_svn.so
LoadModule authz_svn_module modules/mod_authz_svn.so

QT: After exe is used for installation, the system prompts that the dav_svn_module signature version is incorrect?

++ Configuration Service

# Edit the % APACHE_DIR %/conf/httpd. conf file,

Add the following code without restrictions
A NcHor: httpd
CatIon/svn/>
DAV svn
SVNListParentPath on
# SVNPathAuthz off
SVNParentPath \ "D:/SVN \"

# SVNIndexXSLT \ "/svnindex. xsl \"
SSLRequireSSL
AuthType Basic
AuthName \ "Subversion repositories \"
AuthUserFile \ "D:/svndata/ Passwd\"

AuthzSVNAccessFile \ "D:/svndata/svnaccess File\"
#
# Require val Id-User
#
# Satisfy Any
Require valid-user


# Remarks: List all version Libraries under C:/svndata. No access is allowed. In this case, http: // 127.0.0.1/svn (https: // 127.0.0.1/svn) and http: // 127.0.0.1/svn (https: // 127.0.0.1/svn) are invalid, only one version library can be accessed separately, such as https: // 127.0.0.1/svn/proj1 (assuming proj1 is an existing separate version library). We recommend that you use/svn.

Description
Setting Description
The URL of the Subversion library is http: // Server/svn/(Server: IP/DNS name that can be resolved/local: localhost)
DAV svn notifies Apache: Which module responds to the above URL request. svn indicates the Subversion module.
For Subversion1.3 or later versions, SVNListParentPath on displays all version Libraries under SVNParentPath.
SVNParentPath D:/SVN notifies Subversion that the version library to be viewed is located under D:/SVN
SVNIndexXSLT \ "/svnindex. xsl \" this option can be used to make your browser look better.
AuthType Basic activates the Basic authentication, that is, the user name/password.
AuthName \ "Subversion repositories \" is used to indicate when an authentication dialog box asking users to enter authentication information will pop up.
SSLRequireSSL must be securely connected and accessed through https: //
AuthUserFile passwd specifies the authentication password file used
AuthzSVNAccessFile specifies the path of the access control file for the Subversion version Library
Require valid-user specifies that only users with the correct user/password can access this URL

+++ Build a version Library
Corresponding to the above configuration, you need to create the directory SVN on drive D, which contains multiple project code version libraries. Assuming the names proj1, proj2, and proj3, a version library is created. CommandThe command line is as follows ):
% SVN_DIR %/bin/svnadmin create -- fs-type fsfs D:/SVN/proj1
% SVN_DIR %/bin/svnadmin create -- fs-type fsfs D:/SVN/proj2
% SVN_DIR %/bin/svnadmin create -- fs-type fsfs D:/SVN/proj3

+++ Set the password file

# Store the user name and password (MD5 encryption) to a specific configuration file. The command for creating a file for the first time is as follows;
% APACHE_DIR %/bin/htpasswd-c passwd
# You can create passwd in the current directory (you can change the name and move it to another location. You only need to keep it consistent with AuthUserFile in the configuration file, Is the username to be added, such as zhangsan and lisi.
Bin/htpasswd passwd
# Delete a user by running the following command:
Bin/htpasswd-D passwd user

+++ Set the permission File

# Use a text editor to generate a file named svnaccessfile in the path specified by AuthzSVNAccessFile (note that the file name is consistent with the configuration file without an extension). The editing content is as follows:
[Groups]
Admin = lds
Develpteam1 = zhangsan, lisi
[/]
* = R
@ Admin = rw
Dange RmAn =
[Proj1:/]
@ Admin = rw
@ Developteam1 = rw
[Proj2:/]
@ Admin = r
@ Developteam1 = rw
[Proj3:/]
@ Admin =
@ Developteam1 =
# The basic meaning is that anyone in the root directory has the read and write permissions, and the admin group has the read and write permissions on proj1, proj2, and proj3, the develop1 group has the read and write permissions on proj1, proj2, and proj3.
Additional note: two points to be verified --> 1. If you do not specify a version database permission, the permission setting [/] is inherited by default (verified). If the permission setting is not set in, is not readable.
--> 2. If a database of a specific version does not specify a group or user permission, the permission setting is inherited.
Therefore, it is recommended that only the Administrator group can view the root directory.
# Further set the read/write directory permission: [MyProject:/module1]
# Note: If a Chinese path exists, save the file in UTF8 format.

+++ [Enable SSL]
Make sure that Apache is installed and works properly. The files required for ssl are located in the following locations:
% APACHE_DIR %/modules/mod_ssl.so
% APACHE_DIR %/bin/openssl.exe, libeay32.dll, ssleay32.dll
% APACHE_DIR %/conf/openssl. cnf (openssl)


Bin/openssl req-config bin/openssl. cnf-new-out my-server.csr
Bin/openssl rsa-in privkey. pem-out my-server.key
Bin/openssl x509-in my-server.csr-out my-server.cert-req-signkey my-server.key-days 4000
Bin/openssl x509-in my-server.cert-out my-server.der.crt-outform DER


----------
Create an SSL Certificate
----------
#1. Open cmd, CdTo % APACHE_DIR %/bin
#2. Run
Openssl req-config ../conf/openssl. cnf-new-out my-server.csr
(Note that my-server is your own name, and my-server is also your own name as mentioned in the following steps)
In this step, you need to set a series of problems, including passwords (this password should be remembered and used later) and other problems. A my-server.csr and privkey are generated after all are completed. the pem file is in the bin folder.
#3. Run
Openssl rsa-in privkey. pem-out my-server.key
Enter the password in step 2.
#4. Run
Openssl x509-in my-server.csr-out my-server.cert-req-signkey my-server.key-days 4000
This will create a certificate that will expire after 4000 days
#5. Run
Openssl x509-in my-server.cert-out my-server.der.crt-outform DER

After all these commands are run, six files are generated in the bin Folder:
. Cnt
Privkey. pem
My-server.der.crt
My-server.scr
My-server.key
My-server.cert

Move these files to the conf/ssl directory (if this directory does not exist, create one and put it in another directory. Remember the file location, will be used in the following settings)

----------
Set Apache to support SSL
----------
Note: This setting step is intended for Apache 2.2.x. If you are using Apache 2.0.x, please explore similar settings.

Open % APPACHE_DIR %/conf/httpd. conf in a text editor.
1. Remove the following line Setting #
LoadModule ssl_module modules/mod_ssl.so
2. Remove the following line # (this item is not available in 2.0.x)
Include conf/ex TrA/httpd-ssl.conf

3. Open % APPACHE_DIR %/conf/extra/httpd-ssl.conf in a text editor
Modify the following settings.
SSLMutex default
SSLCertificateFile \ "% APPACHE_DIR %/conf/ssl/my-server.der.crt \"
SSLCertificateKeyFile \ "% APPACHE_DIR %/conf/ssl/my-server.key \"
Note: Two files of my-server are the files created in the previous step, '% APPACHE_DIR %/conf/ssl/my-server.key' --> the location of the file is where the file is on the disk (in version 2.0.x, these settings are still in httpd. conf file)
----------
Test
----------
1. Save the settings file
2. Run the Test Configuration tool of Apache in the Start menu to check whether the setting file is correct.
3. Restart Apache 2.2.x
4. After successful startup, enter https: // localhost in the browser to check whether access is allowed. If yes, the settings are set successfully.
----------
Use https to access the version Library
----------
You can modify % APACHE_DIR %/conf/httpd. conf in Add the SSLRequireSSL statement to the statement block to force the use of ssl (that is, the https connection method)

+++ QA
Q: HTTP Error 403-Access prohibited
Internet Explorer
Bytes -----------------------------------------------------------------------------------------------------
Remove the hook for displaying friendly information (in IE settings)
Show Forbi DdEn You don \'t have permission to access/on this server.