Michael R. Head (suppressingfire) wrote,
  • Mood: full
  • Music: Fluke - Atom Bomb

Setting up a development server on Debian (https access to svn/trac)

This has been done to death by others, but these are my notes for my recall. I’m in the process of setting up a subversion server with trac for project management. I want them to have a unified userbase and be accessible via https to authorized users on a specific subdomain.

Web resources I’m using:

First thing I setup was the new domain. I won’t go into the detail here of fiddling my bind zone files.

Next thing was to make sure all the packages I need were installed:
sudo apt-get install subversion subversion-tools trac libapache2-mod-python libapache2-svn enscript python-docutils
And I let the install script enable the modules as they were installed.

I created a user for the project with a --disabled-login option so that account is not accessible via, e.g., ssh. I gave apache access to the directory and made it hidden to other users. I also created two directories for the svn and trac files to live and followed the instructions from the howtoforge link above.
sudo adduser --disabled-login step
sudo adduser www-data step
sudo find /home/step -type d -exec chmod 2770 {} \;
sudo find /home/step -type f -exec chmod 640 {} \;
sudo su - step
mkdir trac
mkdir svn
svnadmin create svn
rm svn/conf/passwd
touch svn/conf/passwd
htpasswd svn/conf/passwd username for each username
chmod -R g+w svn
editor svn/conf/authz Here I added thes usernames that will be used to access the repository and I added a line which will only allow those usernames to access it
step = username1,username2,username3
@step = rw
* =

sudo mkdir /var/log/apache2/step
sudo /usr/sbin/make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /etc/apache2/ssl/step.pem Made sure to follow the prompts and put the correct hostname
sudoedit /etc/apache2/sites-available/step.example.com
<VirtualHost *:443>
  ServerName step.example.com
  <Location />
    DAV svn
    AuthType Basic
    AuthName “step.example.com”
    AuthUserFile /home/step/svn/conf/passwd
    AuthzSVNAccessFile /home/step/svn/conf/authz
    SVNPath /home/step/svn 
    Require valid-user
  CustomLog /var/log/apache2/step/access.log combined
  ErrorLog /var/log/apache2/step/error.log
  SSLEngine on
  SSLCertificateFile /etc/apache2/ssl/step.pem
# Add this once there is a real (non self-signed) certificate.
#  SSLCertificateKeyFile /etc/apache2/ssl/step.key
<VirtualHost *:80>
  ServerName step.example.com
  Redirect / https://step.example.com/

sudo a2ensite step.example.com
sudo invoke-rc.d apache2 restart

At this point it should be possible to check out the repository:
svn checkout https://step.example.com --username=username

I’ll post the info on Trac later...
Tags: debian, linux
  • Post a new comment


    default userpic

    Your reply will be screened

    Your IP address will be recorded  

  • 1 comment