Install SVN WebDAV + SSL on Ubuntu (Apache)
2012-01-16 15:03
351 查看
Environment:
Ubuntu: 10.04
1) install svn, apache and modules:
sudo apt-get update
sudo apt-get install subversion
sudo apt-get install apache2 #default user and group is www-data (use commands "vipw" and "vigr" to check)
sudo apt-get install libapache2-svn #install apache-svn module
2) enable ssl module for apache:
sudo a2enmod ssl #go to this directory to check if it is enabled: /etc/apache2/mods-enabled
3) allow apache to support SSL port 443:
ensure apache port 443 is added to /etc/apache2/ports.conf by checking "Listen 443"
4) create a virtual host(vh) on apache (use the default vh as a template):
sudo cp /etc/apache2/sites-available/default /etc/apache2/sites-available/mynewsite
5) enable the vh site
sudo a2ensite mynewsite
sudo a2dissite default-ssl #disable the default ssl vh
6) create a self-signed Apache SSL certificate with openssl:
generate key:
openssl genrsa -des3 -out server.key 1024
create CSR:
openssl req -new -key server.key -out server.csr
sign CSR:
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
sudo cp server.crt /etc/ssl/certs
sudo cp server.key /etc/ssl/private
Note: a) The above procedure can also be done with the script
make-ssl-cert with some path changed accordingly(advantage for using this script: a .pem file requires no passphrase input when starting apache):
sudo apt-get install ssl-cert
sudo mkdir /etc/apache2/ssl
sudo /usr/sbin/make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /etc/apache2/ssl/apache.pem
b) To allow apache auto restart when boot up without interactive password entry. Use this method.
According to this link: https://help.ubuntu.com/8.04/serverguide/C/certificates-and-security.html
In any case, you can choose to run your secure service without a passphrase by leaving out the -des3 switch in the generation phase or by issuing the following command at a terminal prompt:
7) create a SVN repository: myproj:
sudo mkdir -p /var/local/svn
#to create more repositories further, run these commands for each new repository:
sudo svnadmin create /var/local/svn/myproj
sudo chown -R www-data:www-data /var/local/svn/myproj #www-data is apache's default user and group
sudo chmod -R g+ws /var/local/svn/myproj
8) add two users for SVN DAV access:
sudo htpasswd -cm /etc/apache2/dav_svn.passwd svnuser
sudo htpasswd -m /etc/apache2/dav_svn.passwd ljsspace
9) configure the vh mynewsite: (sudo vi /etc/apache2/sites-available/mynewsite)
NameVirtualHost *:443
<virtualhost *:443>
ServerAdmin ljsspace@csdn.net
<Location /svnroot>
DAV svn
SVNParentPath /var/local/svn
AuthType Basic
AuthName "SVN Repository"
AuthUserFile /etc/apache2/dav_svn.passwd
Require valid-user
SSLRequireSSL
</Location>
CustomLog /var/log/apache2/ssl-access.log combined
ErrorLog /var/log/apache2/ssl_error.log
SSLEngine On
SSLOptions +StrictRequire
#SSLProtocol all
#SSLCipherSuite HIGH:MEDIUM
SSLCertificateFile /etc/ssl/certs/server.crt
SSLCertificateKeyFile /etc/ssl/private/server.key
</virtualhost>
Note: a) this <Location> part can also be put into the file: /etc/apache2/mods-enabled/dav_svn.conf.
b) if there is no "Require valid-user", anonymous users can browser/read the repository but can't commit/write changes.
10) restart apache:
sudo /etc/init.d/apache2 restart
11) test (login with svnuser or ljsspace that are created above):
https://localhost/svnroot/myproj/
12) to add more repositories, repeat step 7) only.
Ubuntu: 10.04
1) install svn, apache and modules:
sudo apt-get update
sudo apt-get install subversion
sudo apt-get install apache2 #default user and group is www-data (use commands "vipw" and "vigr" to check)
sudo apt-get install libapache2-svn #install apache-svn module
2) enable ssl module for apache:
sudo a2enmod ssl #go to this directory to check if it is enabled: /etc/apache2/mods-enabled
3) allow apache to support SSL port 443:
ensure apache port 443 is added to /etc/apache2/ports.conf by checking "Listen 443"
4) create a virtual host(vh) on apache (use the default vh as a template):
sudo cp /etc/apache2/sites-available/default /etc/apache2/sites-available/mynewsite
5) enable the vh site
sudo a2ensite mynewsite
sudo a2dissite default-ssl #disable the default ssl vh
6) create a self-signed Apache SSL certificate with openssl:
generate key:
openssl genrsa -des3 -out server.key 1024
create CSR:
openssl req -new -key server.key -out server.csr
sign CSR:
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
sudo cp server.crt /etc/ssl/certs
sudo cp server.key /etc/ssl/private
Note: a) The above procedure can also be done with the script
make-ssl-cert with some path changed accordingly(advantage for using this script: a .pem file requires no passphrase input when starting apache):
sudo apt-get install ssl-cert
sudo mkdir /etc/apache2/ssl
sudo /usr/sbin/make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /etc/apache2/ssl/apache.pem
b) To allow apache auto restart when boot up without interactive password entry. Use this method.
According to this link: https://help.ubuntu.com/8.04/serverguide/C/certificates-and-security.html
In any case, you can choose to run your secure service without a passphrase by leaving out the -des3 switch in the generation phase or by issuing the following command at a terminal prompt:
openssl rsa -in server.key -out server.key.insecure
7) create a SVN repository: myproj:
sudo mkdir -p /var/local/svn
#to create more repositories further, run these commands for each new repository:
sudo svnadmin create /var/local/svn/myproj
sudo chown -R www-data:www-data /var/local/svn/myproj #www-data is apache's default user and group
sudo chmod -R g+ws /var/local/svn/myproj
8) add two users for SVN DAV access:
sudo htpasswd -cm /etc/apache2/dav_svn.passwd svnuser
sudo htpasswd -m /etc/apache2/dav_svn.passwd ljsspace
9) configure the vh mynewsite: (sudo vi /etc/apache2/sites-available/mynewsite)
NameVirtualHost *:443
<virtualhost *:443>
ServerAdmin ljsspace@csdn.net
<Location /svnroot>
DAV svn
SVNParentPath /var/local/svn
AuthType Basic
AuthName "SVN Repository"
AuthUserFile /etc/apache2/dav_svn.passwd
Require valid-user
SSLRequireSSL
</Location>
CustomLog /var/log/apache2/ssl-access.log combined
ErrorLog /var/log/apache2/ssl_error.log
SSLEngine On
SSLOptions +StrictRequire
#SSLProtocol all
#SSLCipherSuite HIGH:MEDIUM
SSLCertificateFile /etc/ssl/certs/server.crt
SSLCertificateKeyFile /etc/ssl/private/server.key
</virtualhost>
Note: a) this <Location> part can also be put into the file: /etc/apache2/mods-enabled/dav_svn.conf.
b) if there is no "Require valid-user", anonymous users can browser/read the repository but can't commit/write changes.
10) restart apache:
sudo /etc/init.d/apache2 restart
11) test (login with svnuser or ljsspace that are created above):
https://localhost/svnroot/myproj/
12) to add more repositories, repeat step 7) only.
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- How To Install Apache Kafka on Ubuntu 14.04
- ubuntu SVN Apache SSL https 安装 与 配置
- How to install and configure Apache and PHP on ubuntu
- How to install and configure Apache, PHP, MySql and phpMyadmin on ubuntu
- How To Install Apache Tomcat 7 on Ubuntu 14.04 via Apt-Get
- How To Install Apache Tomcat 8 on Ubuntu 16.04
- How to Install Apache Tomcat 8 (on Windows, Mac OS X, Ubuntu) and Get Started with Java Servlet Prog
- Install RabbitVCS Svn, Git Client On Ubuntu 12.10/12.04/11.10/11.04
- install apache hadoop on ubuntu
- How to install SVN server with USVN, Apache, mod_dav_svn on CentOS 6
- Install Apache 2.4.2 on Ubuntu 12.04 LTS
- How To Install Apache Kafka on Ubuntu 14.04
- How To Install Apache Kafka on Ubuntu 14.04
- Install LAMP – Apache, MySQL & PHP on Ubuntu 11.10
- digitalocean --- How To Install Apache Tomcat 8 on Ubuntu 16.04
- Install Apache Web Server on Ubuntu ZT
- How to install SmartSVN on Ubuntu 10.10
- How To Create a SSL Certificate on Apache for Ubuntu 14.04
- How To Install LAMP (Linux, Apache, MySQL, PHP) On Ubuntu 11.04/11.10/12.04
- How To Install Linux, Apache, MySQL, PHP (LAMP) stack on Ubuntu 16.04