Setting up a SVN server

I used to use VisualSVN as my SVN server. A useful product but it only works on Windows. So, when I no longer had access to a windows server I had to come up with a new way to do SVN over https. After looking around I decided to go with the original SVN, set up on Linux, to make my new SVN server.

I went with a basic Debian server with a MATE Desktop Environment. These steps should mostly work on other distros as well. But you may have to make a few minor changes.

1. First, we need to Install the Apache HTTP Server with this command.

apt-get install apache2

2. Then we install subversion.

apt-get install subversion

3. Then you need to Install the svn modules for apache so we can hook them together.
For Debian 9:

apt-get install libapache2-mod-svn

For Debian 8:

apt-get install subversion libapache2-svn

4. Then we need to enable the SSL module for Apache so we can have encryption.

a2enmod ssl a2ensite default-ssl service apache2 restart

5. Create a Self-Signed SSL Certificate. I put the SSL stuff inside the apache2 folder. It should not matter were just make sure you point to the right place later on.

mkdir /etc/apache2/ssl

I use 4096bit encryption because why not. I had this running on a raspberry pi for a while so there is no reason not to go with the higher encryption that I know of.

openssl req -x509 -nodes -days 365 -newkey rsa:4096 -keyout /etc/apache2/ssl/apache.key -out /etc/apache2/ssl/apache.crt

6. Open the apache configure file to tell apache to use SSL. I use nano for this but use whatever text editor you like.

nano /etc/apache2/sites-enabled/default-ssl.conf

Find the following two lines, and update the paths to match the locations of the certificate and key we generated earlier.

SSLCertificateFile /etc/apache2/ssl/apache.crt SSLCertificateKeyFile /etc/apache2/ssl/apache.key

7. Restart apache

service apache2 restart

8. Test if Apache and SSL are working by going to https://127.0.0.1 on the local box or go to the network IP of the server if you are doing it remotely.

9. Create a directory for your repositories. I put them in the srv folder but I forgot why. Maybe it was some Linux standard I was trying to follow.

mkdir /srv/svn

10. Create a policy file in that folder.

/svn/.svn-policy-file

This just controls who has access to what repositories.

[/] * = r [REPO_NAME:/] USER_NAME = rw

The * in the / section is matched to anonymous users. Any access above and beyond read only will be prompted for a user/pass by apache AuthType Basic. The REPO_NAME:/ section inherits permissions from those above, so anon users have read only permission to it. The last bit grants read/write permission of the REPO_NAME repository to the user USER_NAME.

11. Create another file.

/svn/.svn-auth-file

This is either an htpasswd, or htdigest file. I used htpasswd. Again, because of SSL, I do not worry as much about password sniffing. htdigest would provide even more security vs. sniffing, but at this point, I do not have a need for it. Run the following command

htpasswd -c  /svn/.svn-auth-file USER_NAME

The above creates the file (-c) and stores the password in a hash. My system looks like it used MD5 as the default. You can look up commands for htpasswd and pick other hash types.

To add additional users, leave off the (-c) flag.

htpasswd /home/svn/.svn-auth-file OTHER_USER_NAME

12. Create a Repository

svnadmin create /PATH/TO/svn /REPO_NAME

13. Set Permissions so Apache can access
Our apache user is “www-data” You can look in the apache Configuration file to make sure this is right for you.

chown –R www-data /PATH/TO/SVN /FOLDER

If that will not work try this.

chown –R www-data:www-data /PATH/TO/SVN /FOLDER

14. Setup Apache to point to the svn folder.
At the bottom of the /etc/apache2/apache2.conf file add this. (There may be a better file to put this in.)

#svn users <Location /svn> DAV svn SVNParentPath /srv/svn/ AuthzSVNAccessFile /srv/svn/.svn-policy-file SVNListParentPath On AuthType Basic AuthName "Voltdrift SVN Server" AuthUserFile /srv/svn/.svn-auth-file Require valid-user </Location>

15. Restart Apache

service apache2 restart

If everything worked you should be able to check out the test repo we made.

svn checkout https://yourdomain.net/svn/REPO_NAME/ /my/svn/working/copy

Join The Community

I hope you enjoyed this article! I am always posting new and helpful things! If you like what you see then I'd love to be able to send you more! Please subscribe to my newsletter for the latest information and exclusive content!

Would you kindly share this post?

Leave a Reply

Your email address will not be published. Required fields are marked *