{"id":355,"date":"2016-11-27T19:52:50","date_gmt":"2016-11-27T23:52:50","guid":{"rendered":"http:\/\/www.mufljuz.com\/?p=355"},"modified":"2016-11-27T20:15:27","modified_gmt":"2016-11-28T00:15:27","slug":"setting-up-subversion-over-ssl-and-nginx-on-debian","status":"publish","type":"post","link":"https:\/\/www.mufljuz.com\/?p=355","title":{"rendered":"Setting up subversion over ssl and nginx on debian"},"content":{"rendered":"

Subversion supports DAV protocol access only with Apache server. To get it running with nginx, apache has to be installed on the same system.<\/p>\n

To start, install apache and svn support
\n
\napt-get install apache2 libapache2-svn
\n<\/code><\/p>\n

For apache and nginx web servers to coexist on the same computer and running at the same time, they would have to listen on the different ports. Standard ssl port is 443, lets set apache ssl to 8443. To prevent ports exposed to Internet, set apache to listen on port 8443 only localy.<\/p>\n

Configure apache ports in \/etc\/apache2\/ports.conf to be<\/p>\n

\r\nListen 127.0.0.1:8443\r\n<\/pre>\n
Activate SSL and the DAV modules on Apache
\n
\n$ a2enmod ssl
\n$ a2enmod dav
\n$ a2enmod dav_svn
\n<\/code><\/p>\n
Restart apache
\n
\nservice apache2 restart
\n<\/code><\/p>\n
add DAV stuff
\n
\nnano -w \/etc\/apache2\/mods-available\/dav_svn.conf
\n<\/code><\/p>\n
\r\nLoadModule dav_svn_module modules\/mod_dav_svn.so\r\n\r\nLoadModule authz_svn_module modules\/mod_authz_svn.so\r\n<\/IfDefine>\r\n\r\n# Example configuration:\r\n\r\n       DAV svn\r\n       SVNPath \/var\/svn\/my_repos\r\n       SVNListParentPath on\r\n\r\n       AuthType Basic\r\n       AuthName \"Subversion repository\"\r\n       AuthUserFile \/var\/svn\/conf\/svnusers.conf\r\n       Require valid-user\r\n       SSLRequireSSL\r\n<\/Location>\r\n}}}\r\n<\/pre>\n
Link default ssl configuration
\n
\ncd \/etc\/apache2\/sites-enabled
\ncp ..\/sites-available\/default-ssl.conf svn-ssl.conf
\nnano -w svn-ssl.conf
\n<\/code><\/p>\n
And also set Listen 127.0.0.1:8443 in svn-ssl.conf<\/p>\n
Create password files<\/p>\n

\nhtpasswd -cm \/var\/svn\/conf\/svnusers.conf user1
\nhtpasswd -m \/var\/svn\/conf\/svnusers.conf user2
\n<\/code><\/p>\n
Check permissions. Debian apache should use www-data user and group. You can double check it in \/etc\/apache2\/apache2.conf and \/etc\/apache2\/envvars files, or just by doing ps aux | grep apache<\/code>.<\/p>\n
Make sure the same user\/group are owners of the repository.
\n
\nchown -R www-data:www-data \/var\/svn\/
\n<\/code><\/p>\n
Restart apache and check if it works, for example with links
\n
\nlinks https:\/\/127.0.0.1:8443\/svn\/my_repos
\n<\/code><\/p>\n
Create nginx conf file, or add proxy pass in existing config<\/p>\n
\r\nserver {\r\n    listen 80;\r\n    server_name svn.myserver.com;\r\n    return 301 https:\/\/$host$request_uri;\r\n}\r\n\r\n\r\nserver {\r\n    listen       443 ssl;\r\n    server_name  svn.myserver.com;\r\n\r\n    ssl on;\r\n\r\n    ssl_certificate \/etc\/nginx\/ssl\/nginx.crt;\r\n    ssl_certificate_key \/etc\/nginx\/ssl\/nginx.key;\r\n\r\n    access_log \/var\/log\/nginx\/svn.access.log;\r\n    error_log \/var\/log\/nginx\/svn.error.log;\r\n\r\n    location \/ {\r\n          proxy_pass   https:\/\/127.0.0.1:8443;\r\n    }\r\n}\r\n<\/pre>\n
Restart nginx and check in your web browser.<\/p>\n","protected":false},"excerpt":{"rendered":"
Subversion supports DAV protocol access only with Apache server. To get it running with nginx, apache has to be installed on the same system. To start, install apache and svn support apt-get install apache2 libapache2-svn For apache and nginx web servers to coexist on the same computer and running at the same time, they would […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[40,13,20],"tags":[],"_links":{"self":[{"href":"https:\/\/www.mufljuz.com\/index.php?rest_route=\/wp\/v2\/posts\/355"}],"collection":[{"href":"https:\/\/www.mufljuz.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.mufljuz.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.mufljuz.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.mufljuz.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=355"}],"version-history":[{"count":5,"href":"https:\/\/www.mufljuz.com\/index.php?rest_route=\/wp\/v2\/posts\/355\/revisions"}],"predecessor-version":[{"id":360,"href":"https:\/\/www.mufljuz.com\/index.php?rest_route=\/wp\/v2\/posts\/355\/revisions\/360"}],"wp:attachment":[{"href":"https:\/\/www.mufljuz.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=355"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.mufljuz.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=355"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.mufljuz.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=355"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}