I just updated my entire system. I keep a list of how I
configured
everything just in case I need to do it all over again...
just thought
I'd share...
It's really just a collection of notes on how to put
everything
together. It's not as well done as a full-fledged
"how-to" or
anything... It's really just meant to serve as the
laundry-list of items
on getting the system up.
I'm a Slackware user, so I'm used to having to do
everything by hand...
Maybe somebody else will find it useful.
## Subversion/PHP/SSH/SSL/Apache2/WebSVN from *scratch*
## by Christopher A. Shamis
## --Last update: 7 April 2006
# Assumes the following directories exist:
# /data
# /data/https
# OpenSSL 0.9.7i
## In "./Configure" script (change line 66)
-mcpu=486 to
-march=athlon-xp or -march=pentium
## then re-config to get rid of the "-mcpu=486 is
deprecated" compiler
warning...
## linux-elf
config --prefix=/usr --openssldir=/etc/ssl shared
# Zlib 1.2.3
configure --prefix=/usr
# OpenSSH_4.3p2
configure --prefix=/usr --sysconfdir=/etc/ssh
# Apache 2.0.55
# puts apache2 in /usr/local, yes I know.
configure --enable-so --enable-deflate --enable-dav=shared
--enable-ssl=shared
# PHP 5.1.2 config
configure --prefix=/usr --with-config-file-path=/etc/php
--with-bz2
--with-apxs2=/usr/local/apache2/bin/apxs --with-zlib
--with-openssl
--with-gd
# Subversion 1.3.1
configure --prefix=/usr --with-ssl
--with-apxs=/usr/local/apache2/bin/apxs
--with-apr=/usr/local/apache2
--with-apr-util=/usr/local/apache2
# Websvn 2.0b7 (rev 445 at this writing)
# user:guest pass:guest
svn checkout htt
p://websvn.tigris.org/svn/websvn/tags/2.0beta7
/data/https/websvn
# Fix typo in
/data/https/websvn/templates/BlueGrey/styles.css line 69:
# change "ackground" to "background"
# configure /data/https/websvn/include/config.inc
# $config->addRepository("SVN",
"file:///data/svn");
# To generate a self-signed SSL:
# NOTE: "Common Name" = "YOUR name"
= domain-name
# best if you include only your domain if you have one;
rather than lock
your key to
# a single machine (such as www.domain.org, or
ultrakewlbox.domain.org)
openssl req -x509 -newkey rsa:1024 -days 9999 -keyout
cert.key -out
server.crt
openssl rsa -in cert.key -out server.key
##### ssl.conf #####
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
<IfDefine SSL>
Listen 443
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
SSLPassPhraseDialog builtin
SSLSessionCache dbm:/usr/local/apache2/logs/ssl_scache
SSLSessionCacheTimeout 300
SSLMutex file:/usr/local/apache2/logs/ssl_mutex
<VirtualHost _default_:443>
DocumentRoot "/data/https"
#
ServerName WWW.DOMAIN.ORG:443
#
ServerAdmin you example.com
ErrorLog /usr/local/apache2/logs/error_log
TransferLog /usr/local/apache2/logs/access_log
SSLEngine on
SSLCipherSuite HIGH:MEDIUM
#
#### Place self-signed-key and cert wherever you define
below:
#
SSLCertificateFile
/usr/local/apache2/conf/ssl.crt/server.crt
SSLCertificateKeyFile
/usr/local/apache2/conf/ssl.key/server.key
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Directory "/usr/local/apache2/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog /usr/local/apache2/logs/ssl_request_log \
"%t %h %x %x
\"%r\" %b"
# Some other normal "private" area...
#
#<Directory "/data/https/photos">
# AuthType Basic
# AuthName "Photo Database"
# AuthUserFile /etc/photo-auth-file
# Require valid-user
#</Directory>
#
<Directory "/data/https/websvn">
SVNPath /data/svn
AuthType Basic
AuthName "Subversion repository"
AuthUserFile /etc/svn-auth-file
Require valid-user
</Directory>
</VirtualHost>
# svn is queer and *cannot* be enclosed in a virtual host
# (you also don't want to make svn "/" )
#
<Location "/svn">
DAV svn
SVNPath /data/svn
AuthType Basic
AuthName "Subversion repository"
AuthUserFile /etc/svn-auth-file
Require valid-user
</Location>
</IfDefine>
##### end ssl.conf ####
##### httpd.conf #####
LoadModule dav_module modules/mod_dav.so
LoadModule dav_svn_module modules/mod_dav_svn.so
LoadModule authz_svn_module modules/mod_authz_svn.so
LoadModule php5_module modules/libphp5.so
LoadModule ssl_module modules/mod_ssl.so
User nobody
Group nobody
ServerName WWW.DOMAIN.ORG:80
DirectoryIndex index.html index.html.var index.php
#
# Bring in additional module-specific configurations
#
<IfModule mod_ssl.c>
Include conf/ssl.conf
</IfModule>
<VirtualHost *:80>
ServerName websvn.domain.org
ServerAlias websvn
Redirect permanent / https://domain.org/websvn
</VirtualHost>
##### End httpd.conf #####
## Create a blank repository
$ svnadmin create /data/svn
$ chmod -R nobody:nobody /data/svn
$ chmod -R nobody:nobody /data/https
## Create your authorization file
## you will be prompted for a password
## only use the "-c" to create the file the
first time.
$ usr/local/apache2/bin/htpasswd -c /etc/svn-auth-file
username
## Stop and restart Apache2
$ /usr/local/apache2/bin/apachectl stop
$ /usr/local/apache2/bin/apachectl startssl
## Initial import for subversion
$ mkdir x
$ cd x
$ mkdir main branch tag
$ svn import https://domain.org/svn -m
"Initialize repository"
That *SHOULD* just about do it.
Open a browser:
The root of your repository is: https://domain.org/svn
Your WebSvn portal is https://domain.org/websvn
You *should* also be able to get there via: http://websvn.domain.org
(which will then remap to the above) (This does imply that
your DNS
provider has an alias record for websvn.domain.org pointing
to your
domain.org)
P.S. This document was primarily intended to serve as a
memory-jogger
for myself so I could re-install and/or upgrade without
having to
re-invent the wheel every time... If anyone else finds it
usefull, bonus!
Young, Jason (GE Indust, GE Fanuc) wrote:
>Has anyone ever built a WebSVN Vmware applicance? I
wish I had the
>Linux technical knowledge to do it. Basically what I
had in mind is
>that you would start with a stripped down version of
linux. I would
>really only need to run apache. It would have WebSVN
installed. All
>you would need to do is fire it up, edit the address of
the subversion
>server you're hitting, and you would be up and running.
>
>I would be willing to try to build one, but I would need
some serious
>guidance. Anyone case to lay out a basic plan?
>
>Heck, it would probably be a good idea to have one with
Subversion as
>well. You basically get your whole source control
system "in a box".
>
>Jason
>
>--------------------------------------------------------
-------------
>To unsubscribe, e-mail: dev-unsubscribewebsvn.tigris.org
>For additional commands, e-mail: dev-helpwebsvn.tigris.org
>
>
>
------------------------------------------------------------
---------
To unsubscribe, e-mail: dev-unsubscribewebsvn.tigris.org
For additional commands, e-mail: dev-helpwebsvn.tigris.org
|