I used to use VisualSVN as my SVN server. A useful product but it only works on Windows. So, when I no longer had access to a windows server I had to come up with a new way to do SVN over https. After looking around I decided to go with the original SVN, set up on Linux, to make my new SVN server.
I went with a basic Debian server with a MATE Desktop Environment. These steps should mostly work on other distros as well. But you may have to make a few minor changes.
1. First, we need to Install the Apache HTTP Server with this command.
apt-get install apache2
2. Then we install subversion.
apt-get install subversion
3. Then you need to Install the svn modules for apache so we can hook them together.
For Debian 9 and 10:
apt-get install libapache2-mod-svn
4. Then we need to enable the SSL module for Apache so we can have encryption.
systemctl reload apache2
5. Create a Self-Signed SSL Certificate. I put the SSL stuff inside the apache2 folder. It should not matter were just make sure you point to the right place later on.
I use 4096bit encryption because why not. I had this running on a raspberry pi for a while so there is no reason not to go with the higher encryption that I know of.
openssl req -x509 -nodes -days 365 -newkey rsa:4096 -keyout /etc/apache2/ssl/apache.key -out /etc/apache2/ssl/apache.crt
6. Open the
Find the following two lines, and update the paths to match the locations of the certificate and key we generated earlier.
7. Restart apache
systemctl reload apache2
8. Test if Apache and SSL are working by going to https://127.0.0.1 on the local box or go to the network IP of the server if you are doing it remotely.
9. Create a directory for your repositories. I put them in the
10. Create a policy file in that folder.
This just controls who has access to what repositories.
[/] * = r [REPO_NAME:/] USER_NAME = rw
The * in the / section is matched to anonymous users. Any access above and beyond
11. Create another file.
This is either an htpasswd, or htdigest file. I used htpasswd. Again, because of SSL, I do not worry as much about password sniffing. htdigest would provide even more security vs. sniffing, but at this point, I do not have a need for it. Run the following command
htpasswd -c /svn/.svn-auth-file USER_NAME
The above creates the file (-c) and stores the password in a hash. My system looks like it used MD5 as the default. You can look up commands for htpasswd and pick other hash types.
To add additional users, leave off the (-c) flag.
htpasswd /home/svn/.svn-auth-file OTHER_USER_NAME
12. Create a Repository
svnadmin create /PATH/TO/svn /REPO_NAME
13. Set Permissions so Apache can access
Our apache user is “www-data” You can look in the apache Configuration file to make sure this is right for you.
chown –R www-data /PATH/TO/SVN /FOLDER
If that will not work try this.
chown –R www-data:www-data /PATH/TO/SVN /FOLDER
14. Setup Apache to point to the svn folder.
At the bottom of the /etc/apache2/apache2.conf file
#svn users <Location /svn> DAV svn SVNParentPath /srv/svn/ AuthzSVNAccessFile /srv/svn/.svn-policy-file SVNListParentPath On AuthType Basic AuthName "Voltdrift SVN Server" AuthUserFile /srv/svn/.svn-auth-file Require valid-user </Location>
15. Restart Apache
service apache2 restart
If everything worked you should be able to check out the test repo we made.
svn checkout https://yourdomain.net/svn/REPO_NAME/ /my/svn/working/copy