I am going to be using Ubuntu server 12.04 64 bit as my operating system. Everything should be the same for all distros just change the apt-get commands to your appropriate repo's command's (yum for redhat/fedora etc.).
1. I am going to start by getting my basic LAMP up and running, I know I don't need all of it but I like to start from a good well known starting point:
sudo apt-get install -y apache2 mysql-server php5
Once that is done then we need to install svn and additional tools:
sudo apt-get install -y subversion libapache2-svn
Next, let's go ahead and create a location to store all of our repositories. I am going to use the '/var/lib/svn' directory as a common place:
sudo mkdir -p /var/lib/svn
Now create a repository. This is also the command you will use anytime you want to create a new project's repository. Replace 'myproject' with whatever you desire your project name to be.:
sudo svnadmin create /var/lib/svn/myproject
Subversion is now all setup and ready to go. Since this is a security blog I want to talk about some security things for a second. From here you can choose whether you want to use http/https or svn/svn+ssh to access your repositories over the network. I chose to use http/https and here's why. From what I can tell there is no way to allow the svnserv daemon to use encrypted passwords, and if by some miracle somebody were to gain access to my box I wouldn't want them to see my passwords in plaintext. Let's make them work for it! Since http/https uses apache2 we can store our passwords in an encrypted manner using the htpasswd tool. So here we go.
We need to configure the Apache2 SVN module by editing the file
/etc/apache2/mods-available/dav_svn.conf.:
sudo vim /etc/apache2/mods-available/dav_svn.conf
Then add the following configuration:
<Location /svn>
DAV svn
SVNParentPath /var/lib/svn
AuthType Basic
AuthName "Subversion Repository"
AuthUserFile /etc/apache2/dav_svn.passwd
<LimitExcept GET PROPFIND OPTIONS REPORT>
Require valid-user
</LimitExcept>
</Location>
NOTE: you can have the AuthUserFile be whatever you want, we will create the file later.Restart apache:
sudo /etc/init.d/apache2 restart
Because we will read and write to our repositories as the Apache user and group, we must change the owner and group of /var/lib/svn and it's subdirectories to the Apache user and group:
sudo chown -R www-data:www-data /var/lib/svn
Now we must create the password file that will contain the users and their passwords that will be able to access the repositories:
sudo htpasswd -c /etc/apache2/dav_svn.passwd
NOTE: The file path should be the same you specified in the dav_svn configuration file.NOTE: The -c flag indicates that you are creating a new password file. To add a user to an existing passwd file omit the -c flag.
That's it! Now you can checkout your svn repository over http.
svn co -username bill http://url/svn/myproject /local/path/to/project
NOTE: If you just want to read the repository (not make changes to it) then you do not need to specify the username. It is possible to secure your repository to make it so only authorized users can read your repository.I hope this posting has helped some of you get your svn server up and running. I will have future posts that explain changing over to https and more security features of svn so please check back.
I must give a shout out to the guys at Howtoforge.com for providing a walk through that I used when getting this setup myself: http://www.howtoforge.com/installing-subversion-and-configuring-access-through-different-protocols-on-ubuntu-11.10
