Fedoracore6: Use apache to build a svn Security Server

Fedoracore6 uses apache to build the svn security server-Linux Enterprise Application-Linux server application information. The following is a detailed description. In the past, the company's source code was managed through Subvision and accessed the version library through https. Today, we are excited to build a svn security server on our own fedora core 6 virtual machine, and implement TortoiseSVN access in Windows.

1. Configure the svn version library.
By default, svn software is installed on FC6. Run rpm-qa | grep svn to check whether the installation is successful. If not, run yum install svn. Configure a version library named repository below.

Svnadmin create/usr/local/repository build version Library
Svnserve-d-r/usr/local/repository start svn Service
Netstat-l | grep svn check whether the svn service is successfully started. Normally, a svn listening socket is displayed.
Tcp 0 0 *: svn *: * LISTEN
Import a local project to the version Library
Svn import project file: // usr/local/repository/project-m "anything to write"

2. install and configure apache
Yum install httpd

The Subversion requires version control. The standard Http Protocol cannot meet the requirements. To make Apache and Subversion work together, you need to use WebDAV (Web Distributed creation and version control, WebDAV is an extension of HTTP 1.1 ). To enable Subversion to communicate with the dav module, you need to install the mod_dav_svn plug-in.

Yum install mod_dav_svn

Next, configure the httpd. conf file of Apache to load the above modules at startup.

LoadModule dav_module modules/mod_dav.so
LoadModule dav_svn_module modules/mod_dav_svn.so

DAV svn
SVNPath/usr/local/repository


Restart Apache, open the browser, and enter http: // server IP Address/repository to view the directory tree.

All anonymous users can access the code base. How can I implement password verification for user access? Apache provides an htpasswd tool for generating user files, which can be found in the Apache installation directory.

The usage is as follows:
Htpasswd etc/svn/passwordfile username

Next, modify httpd. conf and add the following content to the Location Tag:
AuthType Basic
AuthName "svn repository"
AuthUserFile/etc/svn/passwordfile
Require valid-user

Restart apache and open the browser to implement password authentication.

3. Configure ssl
Yum install mod_ssl
Configure the httpd. conf file so that Apache can load the ssl module at startup.
LoadModule ssl_module modules/mod_ssl.so
The SSL Certificate and key are generated. First, find the openssl program and its configuration file openssl. cnf, and run the following command to generate a 128-bit RSA private key file.
In openssl genrsa-des3-out server. key 1024, you must enter and confirm your password.
Openssl req-new-key my-server.key-x509-out server. crt-config/etc/pki/tls/openssl. cnf generate a self-signed authentication certificate

The above commands require the user to enter the password of the key file and some network settings, such as domain names and mailboxes. Now, we can create an ssl directory under the path of the ssl. conf file of Apache, and move the server. key and server. crt files to the ssl directory. Modify the ssl. conf file and point the SSLCertificateKeyFile and SSLCertificateFile items to the two files.

Finally, add the following SSL configuration items at the end of the httpd. conf configuration file:

SSLMutex default
SSLRandomSeed startup builtin
SSLSessionCache none
ErrorLog logs/SSL. log
LogLevel info

SSLEngine On
SSLCertificateFile/etc/httpd/conf. d/ssl/server. crt
SSLCertificateKeyFile/etc/httpd/conf. d/ssl/server. key


Restart apache. Enter the authentication password.
In TortoiseSVN in Windows, checkout: https: // ip/repository/project