Subversion – Apache behind Nginx on Debian

I assume that you are already using Nginx as web server. So this guide covers hosting svn access through Nginx proxy with Apache.

Install required packages :
[bash]
apt-get install apache2 subversion libapache2-svn apache2-utils
[/bash]

Create svn folder for repositories :
[bash]
mkdir /var/svn
chown www-data.www-data /var/svn/
[/bash]

Modify your apache /etc/apache2/ports.conf file to listen for a different port than 80. Because port 80 is already used by Nginx.

[code]
# If you just change the port or add more ports here, you will likely also
# have to change the VirtualHost statement in
# /etc/apache2/sites-enabled/000-default.conf

Listen 81

<IfModule ssl_module>
Listen 443
</IfModule>

<IfModule mod_gnutls.c>
Listen 443
</IfModule>
[/code]

If you plan to use Apache only for svn http access then you can modify /etc/apache2/sites-available/000-default.conf directly, otherwise you shoul create a virtual host file in /etc/apache2/sites-available and enable it via a2ensite.

Apache virtual host configuration file :
[code]
<VirtualHost *:81>
#ServerName www.example.com

ServerAdmin webmaster@localhost
DocumentRoot /var/www/html

ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
[/code]

Enable needed apache modules :
[bash]
a2enmod dav_svn auth_basic authz_svn authn_file
[/bash]

Edit configuration file for dav_svn /etc/apache2/mods-available/dav_svn.conf
[code]
<Location /svn>
DAV svn
SVNParentPath /var/svn

# We are giving repository-wide auth to users
AuthType Basic
AuthName "Goltas SVN"
AuthUserFile /etc/apache2/dav_svn.passwd

#Here we define repository based auth settings file
<IfModule mod_authz_svn.c>
AuthzSVNAccessFile /etc/apache2/dav_svn.authz
</IfModule>

Require valid-user
Satisfy Any

</Location>
[/code]

Create svn repository auth settings file, and a basic config sample :
[code]
nano /etc/apache2/dav_svn.authz
[/code]

[code]
[groups]

[/]
#cagatay will access all repositories with read and write grants:
cagatay = rw

[/sample_poject]
#auser will only have read access for only "sample_project" :
auser = r
[/code]

Create a password file and add user “cagatay” to it :
[code]
htpasswd -c /etc/apache2/dav_svn.passwd cagatay
[/code]

To add another user to password file :
[code]
htpasswd /etc/apache2/dav_svn.passwd anotherusername
[/code]

Finally, restart apache :
[code]
/etc/init.d/apache restart
[/code]

Configure Nginx as proxy pass for apache svn :
[bash]
nano /etc/nginx/sites-available/svn
[/bash]

[code]
upstream svnapache {
server 127.0.0.1:81;
}

server {
server_name svn.yourdomain.com;
listen :80;

client_max_body_size 500M;

root /var/www;
index index.html index.htm;

access_log /var/log/nginx/svn.access.log;
error_log /var/log/nginx/svn.error.log;

location / {
proxy_pass http://svnapache;
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
proxy_redirect off;
proxy_buffering off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
[/code]

Symlink to enable it :

[code]
ln -s /etc/nginx/sites-available/svn /etc/nginx/sites-enabled/svn
[/code]

Restart nginx :
[code]
/etc/init.d/ngix restart
[/code]

To create a new sv repository :
[code]
cd /var/svn
svnadmin create a_new_project_name
chown -R www-data:www-data ./a_new_project_name
[/code]

Bir Cevap Yazın