Subversion
Subversion
is a centralized version-control system. It can use a variety
of protocols for communication between client and server.
Subversion inside Apache HTTP
This section focuses on configuring a web-based server on top of
the Apache HTTP server, which uses
WebDAV/DeltaV
for communication.
For more information on the general setup, please refer to
the the
appropriate section of the Subversion book.
To configure, include in
/etc/nixos/configuration.nix code to activate
Apache HTTP, setting
appropriately:
services.httpd.enable = true;
services.httpd.adminAddr = ...;
networking.firewall.allowedTCPPorts = [ 80 443 ];
For a simple Subversion server with basic authentication,
configure the Subversion module for Apache as follows, setting
hostName and documentRoot
appropriately, and SVNParentPath to the parent
directory of the repositories,
AuthzSVNAccessFile to the location of the
.authz file describing access permission, and
AuthUserFile to the password file.
services.httpd.extraModules = [
# note that order is *super* important here
{ name = "dav_svn"; path = "${pkgs.apacheHttpdPackages.subversion}/modules/mod_dav_svn.so"; }
{ name = "authz_svn"; path = "${pkgs.apacheHttpdPackages.subversion}/modules/mod_authz_svn.so"; }
];
services.httpd.virtualHosts = {
"svn" = {
hostName = HOSTNAME;
documentRoot = DOCUMENTROOT;
locations."/svn".extraConfig = ''
DAV svn
SVNParentPath REPO_PARENT
AuthzSVNAccessFile ACCESS_FILE
AuthName "SVN Repositories"
AuthType Basic
AuthUserFile PASSWORD_FILE
Require valid-user
'';
}
The key "svn" is just a symbolic name identifying the
virtual host. The "/svn" in
locations."/svn".extraConfig is the path underneath
which the repositories will be served.
This
page explains how to set up the Subversion configuration
itself. This boils down to the following:
Underneath REPO_PARENT repositories can be set up
as follows:
$ svn create REPO_NAME
Repository files need to be accessible by
wwwrun:
$ chown -R wwwrun:wwwrun REPO_PARENT
The password file PASSWORD_FILE can be created as follows:
$ htpasswd -cs PASSWORD_FILE USER_NAME
Additional users can be set up similarly, omitting the
c flag:
$ htpasswd -s PASSWORD_FILE USER_NAME
The file describing access permissions
ACCESS_FILE will look something like
the following:
[/]
* = r
[REPO_NAME:/]
USER_NAME = rw
The Subversion repositories will be accessible as http://HOSTNAME/svn/REPO_NAME.