Difference between revisions of "Configuring the biowikifarm subversion repository"
m (→Password file and users) |
m (added Category:User management using HotCat) |
||
(24 intermediate revisions by 4 users not shown) | |||
Line 1: | Line 1: | ||
+ | This topic is about creating and configuring the repository on the server itself. For help with using or managing subversion, see [[Help: Subversion]]. | ||
+ | |||
__TOC__ | __TOC__ | ||
+ | |||
== Configuration == | == Configuration == | ||
Line 17: | Line 20: | ||
<source lang="bash"> | <source lang="bash"> | ||
− | sudo htpasswd -c /etc/apache2/ | + | sudo htpasswd -c /etc/apache2/dav_svn_git.passwd user ## only for first user |
− | sudo htpasswd /etc/apache2/ | + | sudo htpasswd /etc/apache2/dav_svn_git.passwd username1 |
− | sudo htpasswd /etc/apache2/ | + | sudo htpasswd /etc/apache2/dav_svn_git.passwd username2 ## etc. |
</source> | </source> | ||
+ | |||
+ | (Password will be requested by htpasswd) | ||
Create access control file and reload: | Create access control file and reload: | ||
Line 37: | Line 42: | ||
</source> | </source> | ||
− | == SVN | + | == SVN Web Access == |
Creating SVN-Repository, access only to Webserver: | Creating SVN-Repository, access only to Webserver: | ||
Line 51: | Line 56: | ||
</source> | </source> | ||
− | To increase comfort we can ensure that webserver | + | |
+ | == SVN post-commit-hook == | ||
+ | |||
+ | To increase comfort we can ensure that committing to the webserver the most recent version is updated also in server’s repositories (i.e. with every commit from a normal subversion user, the webserver-local checkout is updated by a post-commit later on): | ||
<source lang="bash"> | <source lang="bash"> | ||
− | sudo htpasswd /etc/apache2/dav_svn.passwd www-data | + | # set password for www-data, use a random password, it will be stored plain text: |
+ | sudo htpasswd /etc/apache2/dav_svn.passwd www-data | ||
<PASSWORD> | <PASSWORD> | ||
− | sudo -s | + | # sudo -s # -s (shell) |
− | # chown -R www-data.www-data /var/www/v-artenquiz | + | # sudo chown -R www-data.www-data /var/www/v-artenquiz |
− | # www-data needs a folder to store svn-configuration: | + | # Note: www-data needs a folder to store svn-configuration (esp. a plaintext password needs to be set and then stored): |
sudo mkdir /var/www/.subversion | sudo mkdir /var/www/.subversion | ||
sudo chown www-data.www-data /var/www/.subversion/ | sudo chown www-data.www-data /var/www/.subversion/ | ||
− | + | ||
− | + | # Perhaps, if existing, safety first: | |
− | + | # sudo mv /var/www/v-artenquiz /var/www/v-artenquiz-DELETE-ME-LATER | |
− | + | sudo mkdir /var/www/v-artenquiz; cd /var/www/v-artenquiz | |
+ | # svn checkout URL local-target | ||
+ | sudo svn checkout file:///var/lib/svn/artenquiz /var/www/v-artenquiz | ||
+ | sudo chown -R www-data.www-data /var/www/v-artenquiz | ||
+ | ##NOTE: BELOW WAS OBSOLETE CODE THAT REFERRED TO OLD SVN mediawiki checkout structure. Removed! | ||
</source> | </source> | ||
− | Continuing as normal user, create file | + | Continuing as normal user, edit/create file |
<source lang="bash"> | <source lang="bash"> | ||
− | + | sudo nano /var/lib/svn/hooks/post-commit | |
− | + | ||
− | + | ||
− | + | ||
</source> | </source> | ||
− | + | ||
+ | <source lang="bash"> | ||
+ | ##(no longer direct code in wiki, refer to backup of current file)## | ||
+ | </source> | ||
+ | |||
+ | … and set this file as executable: | ||
<source lang="bash"> | <source lang="bash"> | ||
sudo chmod +x /var/lib/svn/hooks/post-commit | sudo chmod +x /var/lib/svn/hooks/post-commit | ||
</source> | </source> | ||
− | By means of this commit-hook, whenever a commit to SVN occurs, www/v-artenquiz is automatically updated as well! | + | By means of this post-commit-hook, whenever a commit to SVN occurs, www/v-artenquiz is automatically updated as well! |
== Adding new directories == | == Adding new directories == | ||
− | |||
− | |||
− | |||
− | |||
− | An alternative is to use svn import | + | The easiest way to add new directories or files to the repository is to use a GUI like TortoiseSVN (Windows) or kdesvn (Linux KDE). |
+ | # Check out the repository | ||
+ | # Add or copy the folders you wish to add to the repository and add them to subversion control locally using the local GUI | ||
+ | # Commit your changes to the main repository (needs a [[#addSubversionUsers|user account]] in dav) | ||
+ | |||
+ | An alternative is to use svn import on command line with | ||
<source lang="bash"> | <source lang="bash"> | ||
− | + | sudo svn import LocalSVNextensions file:///var/lib/svn/LocalSVNextensions -m 'import of mediawiki LocalSVNextensions' | |
</source> | </source> | ||
− | + | == Adding a log-edit feature == | |
− | == Adding log edit feature == | + | |
<source lang="bash" > | <source lang="bash" > | ||
Line 110: | Line 125: | ||
</source> | </source> | ||
See also http://subversion.apache.org/faq.html#change-log-msg. | See also http://subversion.apache.org/faq.html#change-log-msg. | ||
+ | |||
+ | ==SVN repo on apache behind nginx== | ||
+ | |||
+ | Changes made to dav_svn.conf: add right before "<Location /svn>" | ||
+ | ## NECESSARY MODIFICATION FOR APACHE BEHIND NGINX (rev. proxy): | ||
+ | RequestHeader edit Destination ^https http early | ||
+ | Note: Normal commits would work without this, but renames of folders caused "Server sent unexpected return value (502 Bad Gateway) in response to COPY". This requires the headers mod to be enabled: | ||
+ | a2enmod headers | ||
+ | |||
+ | There was nothing about SVN in our sites-available/default anyways. Setting in nginx /etc/nginx/sites-available/default: | ||
+ | |||
+ | # SVN/GIT need ^~ to have priority over regexp with *.php! | ||
+ | location ^~ /svn { | ||
+ | proxy_set_header X-Real-IP $remote_addr; | ||
+ | proxy_set_header X-Forwarded-For $remote_addr; | ||
+ | proxy_set_header Host $host; | ||
+ | proxy_pass http://127.0.0.1:8880; # = APACHE2 Prefork | ||
+ | } | ||
+ | |||
+ | Note: with "location /svn" instead of "location ^~ /svn" it would work with most files, but not with *.php files. PHP files would be caught by a regexp location (not shown), which has priority over normal nginx starts-with directives. The error message was: "Commit failed (details follow): File '/home/...i18n.php' is out of date '/svn/!svn/bc/2423/.../i18n.php' path not found. You have to update your working copy first. (Or German: "Übertragen schlug fehl (Details folgen): Datei »/home/.../i18n.php« ist veraltet. »/svn/!svn/bc/2423/.../i18n.php«. Pfad nicht gefunden."). This would occur for commits immediately after successful updates. Using a priority-start-with (which has priority over regexp locations) solved the problem. | ||
+ | |||
+ | Initially there also was a problem with checkouts on the server itself, this could be solved by checking these out again, using file: instead of https: (e.g. svn checkout file:///var/lib/svn/LocalSVNextensions). | ||
+ | |||
+ | [[Category: Subversion]] | ||
+ | [[Category:User management]] |
Latest revision as of 16:53, 28 January 2015
This topic is about creating and configuring the repository on the server itself. For help with using or managing subversion, see Help: Subversion.
Contents
Configuration
Configuring a subversion repository, with svn already installed through apt-get, on Debian 5. The procedure was contributed by an anonymous helper. First: in /etc/apache2/mods-enabled/dav_svn.conf enable several lines:
<Location /svn> DAV svn SVNPath /var/lib/svn AuthType Basic AuthName "Subversion Repository" AuthUserFile /etc/apache2/dav_svn.passwd Require valid-user AuthzSVNAccessFile /etc/apache2/dav_svn.authz </Location>
Password file and users
sudo htpasswd -c /etc/apache2/dav_svn_git.passwd user ## only for first user
sudo htpasswd /etc/apache2/dav_svn_git.passwd username1
sudo htpasswd /etc/apache2/dav_svn_git.passwd username2 ## etc.
(Password will be requested by htpasswd)
Create access control file and reload:
sudo nano /etc/apache2/dav_svn.authz
# Read/write permission for all SVN users: [/] * = rw
sudo /etc/init.d/apache2 reload
SVN Web Access
Creating SVN-Repository, access only to Webserver:
sudo mkdir /var/lib/svn
sudo svnadmin create /var/lib/svn/
sudo chown -R www-data.www-data /var/lib/svn/
Now one can check versions directly inside the browser using https://biowikifarm.net/svn/ or check locally out using a svn client:
svn co https://biowikifarm.net/svn/
SVN post-commit-hook
To increase comfort we can ensure that committing to the webserver the most recent version is updated also in server’s repositories (i.e. with every commit from a normal subversion user, the webserver-local checkout is updated by a post-commit later on):
# set password for www-data, use a random password, it will be stored plain text:
sudo htpasswd /etc/apache2/dav_svn.passwd www-data
<PASSWORD>
# sudo -s # -s (shell)
# sudo chown -R www-data.www-data /var/www/v-artenquiz
# Note: www-data needs a folder to store svn-configuration (esp. a plaintext password needs to be set and then stored):
sudo mkdir /var/www/.subversion
sudo chown www-data.www-data /var/www/.subversion/
# Perhaps, if existing, safety first:
# sudo mv /var/www/v-artenquiz /var/www/v-artenquiz-DELETE-ME-LATER
sudo mkdir /var/www/v-artenquiz; cd /var/www/v-artenquiz
# svn checkout URL local-target
sudo svn checkout file:///var/lib/svn/artenquiz /var/www/v-artenquiz
sudo chown -R www-data.www-data /var/www/v-artenquiz
##NOTE: BELOW WAS OBSOLETE CODE THAT REFERRED TO OLD SVN mediawiki checkout structure. Removed!
Continuing as normal user, edit/create file
sudo nano /var/lib/svn/hooks/post-commit
##(no longer direct code in wiki, refer to backup of current file)##
… and set this file as executable:
sudo chmod +x /var/lib/svn/hooks/post-commit
By means of this post-commit-hook, whenever a commit to SVN occurs, www/v-artenquiz is automatically updated as well!
Adding new directories
The easiest way to add new directories or files to the repository is to use a GUI like TortoiseSVN (Windows) or kdesvn (Linux KDE).
- Check out the repository
- Add or copy the folders you wish to add to the repository and add them to subversion control locally using the local GUI
- Commit your changes to the main repository (needs a user account in dav)
An alternative is to use svn import on command line with
sudo svn import LocalSVNextensions file:///var/lib/svn/LocalSVNextensions -m 'import of mediawiki LocalSVNextensions'
Adding a log-edit feature
cd /var/lib/svn/hooks/
# use templates provided by subversion
sudo cp pre-revprop-change.tmpl pre-revprop-change
# make it executable
sudo chmod +x pre-revprop-change
Now you are able to edit/or set log entries from a specific subversion revision number -r
by:
1 cd /path/to/versioned/directory/
2 # edit log entry with editor
3 sudo svn propedit -r123 --revprop svn:log
4 # set log entry
5 sudo svn propset -r123 --revprop svn:log "new log message"
See also http://subversion.apache.org/faq.html#change-log-msg.
SVN repo on apache behind nginx
Changes made to dav_svn.conf: add right before "<Location /svn>"
## NECESSARY MODIFICATION FOR APACHE BEHIND NGINX (rev. proxy): RequestHeader edit Destination ^https http early
Note: Normal commits would work without this, but renames of folders caused "Server sent unexpected return value (502 Bad Gateway) in response to COPY". This requires the headers mod to be enabled:
a2enmod headers
There was nothing about SVN in our sites-available/default anyways. Setting in nginx /etc/nginx/sites-available/default:
# SVN/GIT need ^~ to have priority over regexp with *.php! location ^~ /svn { proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header Host $host; proxy_pass http://127.0.0.1:8880; # = APACHE2 Prefork }
Note: with "location /svn" instead of "location ^~ /svn" it would work with most files, but not with *.php files. PHP files would be caught by a regexp location (not shown), which has priority over normal nginx starts-with directives. The error message was: "Commit failed (details follow): File '/home/...i18n.php' is out of date '/svn/!svn/bc/2423/.../i18n.php' path not found. You have to update your working copy first. (Or German: "Übertragen schlug fehl (Details folgen): Datei »/home/.../i18n.php« ist veraltet. »/svn/!svn/bc/2423/.../i18n.php«. Pfad nicht gefunden."). This would occur for commits immediately after successful updates. Using a priority-start-with (which has priority over regexp locations) solved the problem.
Initially there also was a problem with checkouts on the server itself, this could be solved by checking these out again, using file: instead of https: (e.g. svn checkout file:///var/lib/svn/LocalSVNextensions).