Apache Subversion(abbreviation SVN,SVN)
For some reason we need to use Nginx as the HTTP front-end for subversion, but there is no ready-made nginx+subversion collocation. Subversion provides an Apache HTTP processing module. Now we are using the Nginx reverse proxy to Apache way to achieve the nginx+subversion combination.
Building a apache+subversion environment :
[[email protected] ~]# Yum install HTTD Subversion mod_dav_svn-y#mod_dav_svn is Apache's SVN module
To build the SVN repository:
[[email protected] ~]# mkdir-p/home/svn[[email protected] ~]# cd/home/svn/[[email protected] svn]# Svnadmin Create work[[email protected] svn]# chown-r apache.apache work[[email protected] svn]# tree work/ work/├──conf│ ├──authz│ ├──passwd│ └──svnserve.conf├──db│ ├── Current│ ├──format│ ├──fsfs.conf│ ├──fs-type│ ├──min-unpacked-rev│ ├──rep-cache.db│ ├──revprops│ │ └──0│ │ └─ ─0│ ├──revs│ │ └──0│ │ └──0│ ├──transacti ons│ ├──txn-current│ ├──txn-current-lock│ ├──txn-protorevs│ ├── Uuid│ └──write-lock├──format├──hooks│ ├──post-commit.tmpl│ ├──post-lock.tmpl│ ├──post-revprop-change.tmpl│ ├──post-unlock.tmpl│ ├──pre-commit.tmpl│ ├──pre-lock.tmpl│ ├── pre-revprop-change.tmpl│ ├──pre-unlock.tmpl│ └──start-commit.tmpl├──locks│ ├──db.lock│ └──db-logs.lock└──readme.txt10 directories, the files
Add Subversion Account:
[Email protected] svn]# htpasswd-c/home/svn/work/conf/passwdfile visitornew password:visitor# User name and password are set to Visitorre-type new password:visitor Adding password for user visitor
To modify the/etc/httpd/conf.d/subversion.conf, the contents are as follows:
[Email protected] svn]# egrep-v "^#|^$"/etc/httpd/conf.d/subversion.conf LoadModule dav_svn_module modules/mod_ Dav_svn.soloadmodule authz_svn_module Modules/mod_authz_svn.so<location/svn/work>dav svnsvnpath/home/ Svn/workauthtype basicauthname "Authorization Realm" authuserfile/home/svn/work/conf/passwdfileauthzsvnaccessfile/ Home/svn/work/conf/authzrequire valid-user</location>
To modify the Apache port:
[[email protected] svn]# grep "^listen"/etc/httpd/conf/httpd.conf Listen 81
[[Email protected] svn]# service iptables stop && Setenforce 0iptables:setting chains to policy accept:filter
[ OK ]iptables:flushing firewall rules: [ OK ]iptables:unloading modules: [ OK ][[email protected] svn]# getenforcepermissive
[[email protected] svn]#/etc/init.d/httpd startStarting httpd: [OK] [[email protected] svn]# netstat-lnutpactive Internet connections (only servers) Proto recv-q send-q Local Address Foreign Address State Pid/program name TCP 0 0 0.0.0.0:22 0.0 .0.0:* LISTEN 1310/sshd TCP 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1389/master TCP 0 0::: Bayi:::* LIS TEN 1632/httpd TCP 0 0::: $:::* LISTEN 1310/ Sshd TCP 0 0:: 1:25:::* LISTEN 1389/master UDP 0 0 0.0.0.0:68 0.0.0.0:* 1143/dhclient
use Nginx reverse proxy :
[Email protected] src]# wget http://nginx.org/download/nginx-0.8.55.tar.gz[[email protected] src]# PWD/USR/LOCAL/SRC [Email protected] src]# lsnginx-0.8.55.tar.gz
[Email protected] nginx-0.8.55]# TAR-XZVF nginx-0.8.55.tar.gz && cd nginx-0.8.55
Add Nginx Account:
To install a dependency package:
[email protected] nginx-0.8.55]# Yum install gcc pcre-devel openssl-devel- y
--with-http_gzip_static_module
[[email protected] nginx-0.8.55]# make && make install
[Email protected] server]# lsnginx-0.8.55[[email protected] server]# LN-SF nginx-0.8.55/nginx && CD-
[Email protected] nginx-0.8.55]# ll/app/server/total 4lrwxrwxrwx. 1 root root 09:36 nginx-nginx-0.8.55/drwxr-xr-x. 6 root root 4096 Jul 09:35 nginx-0.8.55
Configure Nginx Reverse proxy, modify/opt/nginx/conf/nginx.conf:
server { listen ; server_name localhost; location/svn/work { proxy_pass http://127.0.0.1:81/svn/work; } Location/{ return 404; }}
Configuration SNV:
[Email protected] conf]# pwd/home/svn/work/conf
[Email protected] conf]# egrep-v "^$|^#" svnserve.conf [general]anon-access = readauth-access = Writepassword-db =/Home /svn/work/conf/passwdauthz-db =/home/svn/work/conf/authz
[email protected] conf]# which svnserve/usr/bin/svnserve[[email protected] conf]#/usr/bin/svnserve-d-R/HOME/SVN
[[email protected] conf]# netstat-lnutpactive Internet connections (only servers) Proto recv-q send-q Local address Foreign address State Pid/program name TCP 0 0 0.0.0.0:3690 0.0.0.0:* LISTEN 4806/svnserve TCP 0 0 0 .0.0.0:22 0.0.0.0:* LISTEN 1744/sshd TCP 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1389/master TCP 0 0::: 81: ::* LISTEN 1632/httpd TCP 0 0::: $:::* LISTEN 1744/sshd TCP 0 0:: 1:25:::* L Isten 1389/master UDP 0 0 0.0.0.0:68 0.0.0.0:* 114 3/dhclient
[[email protected] conf]#/app/server/nginx/sbin/nginx [[email protected] conf]# netstat-lnutpactive Internet connections (servers) Proto recv-q send-q Local address Foreign address state Pid/program name TCP 0 0 0.0.0.0:3690 0.0.0.0:* LISTEN 4806/svnserve TCP 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 4809/nginx TCP 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1744/sshd TCP 0 0 12 7.0.0.1:25 0.0.0.0:* LISTEN 1389/master TCP 0 0::: 81 :::* LISTEN 1632/httpd TCP 0 0::: 22:: :* LISTEN 1744/sshd TCP 0 0:: 1:25:::* LISTEN 1389/masteR UDP 0 0 0.0.0.0:68 0.0.0.0:* 1143/dhclient
[[email protected] work]# Cat/home/svn/work/conf/authz # # # # This file was an example authorization file for svnserve.# # # Its format was identical to, MOD_AUTHZ_SVN authorization### files.### as shown below each section defines Authori Zations for the path and### (optional) repository specified by the section name.### the authorizations follow. An authorization line can refer to:###-a single user,###-a group of users defined in a special [groups] section,### -an alias defined in a special [aliases] section,###-All authenticated users, using the ' $authenticated ' token,###- Only anonymous users, using the ' $anonymous ' token,###-anyone, using the ' * ' wildcard.###### A match can is inverted b Y prefixing the rule with ' ~ '. Rules can### Grant Read (' R ') access, read-write (' RW ') access, or no access### ("). [aliases]# Joe =/c=xz/st=dessert/l=snake city/o=snake oil, ltd./ou=research institute/cn=joe Average[groups]# Harry_ and_sally = harry,sally# Harry_sally_and_joe = harry,sally,&joe# [/foo/bar]# Harry = rw# &joe = r# * =[/]test=r# [repository:/baz/fuz]# @harry_and_sally = rw# * = R
CentOS Build Nginx+subversion Environment