Setting up a SVN server

I used to use VisualSVN as my SVN server. A useful product but it only works on Windows. So, when I no longer had access to a windows server I had to come up with a new way to do SVN over https. After looking around I decided to go with the original SVN, set up on Linux, to make my new SVN server.

I went with a basic Debian server with a MATE Desktop Environment. These steps should mostly work on other distros as well. But you may have to make a few minor changes.

1. First, we need to Install the Apache HTTP Server with this command.

apt-get install apache2

2. Then we install subversion.

apt-get install subversion

3. Then you need to Install the svn modules for apache so we can hook them together.
For Debian 9:

apt-get install libapache2-mod-svn

For Debian 8:

apt-get install subversion libapache2-svn

4. Then we need to enable the SSL module for Apache so we can have encryption.

a2enmod ssl a2ensite default-ssl service apache2 restart

5. Create a Self-Signed SSL Certificate. I put the SSL stuff inside the apache2 folder. It should not matter were just make sure you point to the right place later on.

mkdir /etc/apache2/ssl

I use 4096bit encryption because why not. I had this running on a raspberry pi for a while so there is no reason not to go with the higher encryption that I know of.

openssl req -x509 -nodes -days 365 -newkey rsa:4096 -keyout /etc/apache2/ssl/apache.key -out /etc/apache2/ssl/apache.crt

6. Open the apache configure file to tell apache to use SSL. I use nano for this but use whatever text editor you like.

nano /etc/apache2/sites-enabled/default-ssl.conf

Find the following two lines, and update the paths to match the locations of the certificate and key we generated earlier.

SSLCertificateFile /etc/apache2/ssl/apache.crt SSLCertificateKeyFile /etc/apache2/ssl/apache.key

7. Restart apache

service apache2 restart

8. Test if Apache and SSL are working by going to https://127.0.0.1 on the local box or go to the network IP of the server if you are doing it remotely.

9. Create a directory for your repositories. I put them in the srv folder but I forgot why. Maybe it was some Linux standard I was trying to follow.

mkdir /srv/svn

10. Create a policy file in that folder.

/svn/.svn-policy-file

This just controls who has access to what repositories.

[/] * = r [REPO_NAME:/] USER_NAME = rw

The * in the / section is matched to anonymous users. Any access above and beyond read only will be prompted for a user/pass by apache AuthType Basic. The REPO_NAME:/ section inherits permissions from those above, so anon users have read only permission to it. The last bit grants read/write permission of the REPO_NAME repository to the user USER_NAME.

11. Create another file.

/svn/.svn-auth-file

This is either an htpasswd, or htdigest file. I used htpasswd. Again, because of SSL, I do not worry as much about password sniffing. htdigest would provide even more security vs. sniffing, but at this point, I do not have a need for it. Run the following command

htpasswd -c  /svn/.svn-auth-file USER_NAME

The above creates the file (-c) and stores the password in a hash. My system looks like it used MD5 as the default. You can look up commands for htpasswd and pick other hash types.

To add additional users, leave off the (-c) flag.

htpasswd /home/svn/.svn-auth-file OTHER_USER_NAME

12. Create a Repository

svnadmin create /PATH/TO/svn /REPO_NAME

13. Set Permissions so Apache can access
Our apache user is “www-data” You can look in the apache Configuration file to make sure this is right for you.

chown –R www-data /PATH/TO/SVN /FOLDER

If that will not work try this.

chown –R www-data:www-data /PATH/TO/SVN /FOLDER

14. Setup Apache to point to the svn folder.
At the bottom of the /etc/apache2/apache2.conf file add this. (There may be a better file to put this in.)

#svn users <Location /svn> DAV svn SVNParentPath /srv/svn/ AuthzSVNAccessFile /srv/svn/.svn-policy-file SVNListParentPath On AuthType Basic AuthName "Voltdrift SVN Server" AuthUserFile /srv/svn/.svn-auth-file Require valid-user </Location>

15. Restart Apache

service apache2 restart

If everything worked you should be able to check out the test repo we made.

svn checkout https://yourdomain.net/svn/REPO_NAME/ /my/svn/working/copy

Join The Community

I hope you enjoyed this article! I am always posting new and helpful things! If you like what you see then I would love to be able to send you more! Please subscribe to my newsletter for the latest information and exclusive content!

* indicates required

Leave a Reply

Your email address will not be published. Required fields are marked *