Linux(centos7)搭建svn服务器 配置http访问
2021-11-12 本文已影响0人
无味wy
1、检查系统是否已经安装如果安装就卸载
检查:svnserve --version
卸载:yum remove subversion
2、安装
yum install subversion
3、建立SVN
库(文件位置可自由)
#创建仓库文件夹
mkdir -p /opt/svn/repository
#用svn管理员身份创建一个仓库
svnadmin create /opt/svn/repository
执行上面的命令后,自动建立repositories库,查看/opt/svn/repository 文件夹发现包含了conf, db,format,hooks, locks, README.txt等文件,说明一个SVN库已经建立
[root@host-10-0-0-106~]# ll /opt/svn/repository/
total 8
drwxr-xr-x. 2 root root 73 Nov 10 19:45 conf
drwxr-sr-x. 6 root root 253 Nov 10 17:40 db
-r--r--r--. 1 root root 2 Nov 10 17:22 format
drwxr-xr-x. 2 root root 231 Nov 10 17:22 hooks
drwxr-xr-x. 2 root root 41 Nov 10 17:22 locks
-rw-r--r--. 1 root root 229 Nov 10 17:22 README.txt
4、权限配置
(1)authz文件配置
设置哪些用户可以访问哪些目录:进入/opt/svn/repository/conf上面生成的文件夹下,
进行配置 authz文件配置,vi authz,向authz文件追加以下内容,左边是用户名,右边是读写权限(r、w、rw、no access),
每个目录的读写权限都可精细控制,例如:
[root@host-10-0-0-106~]# vim /opt/svn/repository/conf/authz
### This file is an example authorization file for svnserve.
### Its format is identical to that of mod_authz_svn authorization
### files.
### As shown below each section defines authorizations for the path and
### (optional) repository specified by the section name.
### The authorizations follow. An authorization line can refer to:
### - a single user,
### - a group of users defined in a special [groups] section,
### - an alias defined in a special [aliases] section,
### - all authenticated users, using the '$authenticated' token,
### - only anonymous users, using the '$anonymous' token,
### - anyone, using the '*' wildcard.
###
### A match can be inverted by prefixing the rule with '~'. Rules can
### grant read ('r') access, read-write ('rw') access, or no access
### ('').
[aliases]
# joe = /C=XZ/ST=Dessert/L=Snake City/O=Snake Oil, Ltd./OU=Research Institute/CN=Joe Average
[groups] #分用户组
# harry_and_sally = harry,sally
# harry_sally_and_joe = harry,sally,&joe
admin = admin,root,jiahuimin,lijufang
# [/foo/bar] #设置其他目录的权限,*= 表示其他人无任何权限
# harry = rw
# &joe = r
# * =
[/] #设置/目录权限,@表示组成员
@admin = rw
# [repository:/baz/fuz]
# @harry_and_sally = rw
# * = r
(2)passwd文件配置 主要添加用户名和密码,例如:
[root@host-10-0-0-106~]# vim /opt/svn/repository/conf/passwd
### This file is an example password file for svnserve.
### Its format is similar to that of svnserve.conf. As shown in the
### example below it contains one section labelled [users].
### The name and password for each user follow, one account per line.
[users]
# harry = harryssecret
# sally = sallyssecret
admin = 123456
root = 123456
jiain = 123456
lijg = 123456
(3)svnserve.conf 文件配置 配置访问权限
[general]
#匿名用户的权限,可为none,read,write
anon-access = none
#授权用户的权限,可为none,read,write
auth-access = write
#密码数据文件的路径
password-db = /opt/svn/repository/conf/passwd
#访问控制文件的路径
authz-db = /opt/svn/repository/conf/authz
#认证命名空间,不同的代码库需要不同的realm
#我们之前创建的仓库,此处为仓库名
realm = repository
5、 启动svn
本人建议指定端口的启动方式,如果建立多个仓库,也便于管理。svn默认端口为3690,需要在防火墙添加才可在svn客户端访问
#启动命令:
svnserve -d -r /opt/svn/repository
svnserve -d -r /opt/svn/repository --listen-port 3691
#查看svn进程
ps -ef|grep svn
#用svn小乌龟客户端连接
svn://ip:port/opt/svn/repository
如果无法使用,这是因为linux没有开放该端口,需要查看防火墙策略手动添加;
安装配置HTTP访问:
查看是否有安装Apache HTTP服务:
#未安装
[root@localhost ~]# httpd -v
-bash: httpd: command not found
#已安装
[root@localhost ~]# httpd -v
Server version: Apache/2.4.6 (CentOS)
Server built: Oct 19 2021 13:53:40
查看httpd是否已经安装的svn模块
#未安装
[root@localhost ~]# ls /etc/httpd/modules/ | grep svn
ls: cannot access /etc/httpd/modules/: No such file or directory
#已安装
[root@localhost ~]# ls /etc/httpd/modules/ | grep svn
mod_authz_svn.so
mod_dav_svn.so
安装Apache HTTP服务:
yum install httpd
安装SVN模块:
yum install subversion mod_dav_svn
在httpd下创建svn.conf配置文件
cd /etc/httpd/conf.d/
vim svn.conf
<Location /svn>
DAV svn
#SVNParentPath /var/lib/svn
SVNPath /opt/svn/repository
# Limit write permission to list of valid users.
#<LimitExcept GET PROPFIND OPTIONS REPORT>
# Require SSL connection for password protection.
# SSLRequireSSL
AuthType Basic
AuthName "Authorization Realm"
AuthUserFile /opt/svn/repository/conf/httpdPasswd
AuthzSVNAccessFile /opt/svn/repository/conf/authz
Satisfy all
Require valid-user
#</LimitExcept>
</Location>
因为HTTP访问用的是httpd服务储存的密码,而不是SVN的用户密码,所以必须还得创建http访问SVN的用户名密码
-c 是创建新文件,只有第一次创建账户密码时使用
-m 是强制使用MD5加密密码(默认)
httpdPasswd 是创建的文件名
root 是你要创建的可访问用户的名字
#执行
htpasswd -c -m /opt/svn/repository/conf/httpdPasswd root
#然后连续输入两次密码完成创建http访问用户,接着更改httpd下SVN配置文件中的验证密码路径:
vi /etc/httpd/conf.d/svn.conf
#更改如下行: AuthUserFile 值为:/opt/svn/repository/conf/httpdPasswd
#重启应用配置,访问(ip+svn):
systemctl restart httpd
#访问 http://ip/svn/opt/svn/repository
提示密码错误
#配置users,重启http和svn
[root@localhostconf]# vim httpdPasswd
[users]
root:$apr1$jCl8pmNZ$oftEX0kM2CsuQ7IWaZIb.0
jiahn:$apr1$YBBKiMfr$FJR4ZCN0myKMdfKuhcsTa.
lifag:$apr1$jyDlU2MU$RC4UisCM3wpBEBFqu.VaH1
ceshi:$apr1$ASUziUWq$2CPhM1JddebbScsS5Y7NO/
systemctl restart httpd.service
pkill svnserve
svnserve -d -r /opt/svn/repository/
添加登录用户
[root@localhostconf]# htpasswd -m /opt/svn/repository/conf/httpdPasswd ceshi
New password:
Re-type new password:
Adding password for user ceshi