I used to use VisualSVN as my SVN server. A useful product but it only works on Windows. So, when I no longer had access to a windows server I had to come up with a new way to do SVN over https. After looking around I decided to go with the original SVN, set up on Linux, to make my new SVN server.
I went with a basic Debian server with a MATE Desktop Environment. These steps should mostly work on other distros as well. But you may have to make a few minor changes.
1. First, we need to Install the Apache HTTP Server with this command.
apt-get install apache2
2. Then we install subversion.
apt-get install subversion
3. Then you need to Install the svn modules for apache so we can hook them together.
For Debian 9:
apt-get install libapache2-mod-svn
For Debian 8:
apt-get install subversion libapache2-svn
4. Then we need to enable the SSL module for Apache so we can have encryption.
a2enmod ssl a2ensite default-ssl service apache2 restart
5. Create a Self-Signed SSL Certificate. I put the SSL stuff inside the apache2 folder. It should not matter were just make sure you point to the right place later on.
I use 4096bit encryption because why not. I had this running on a raspberry pi for a while so there is no reason not to go with the higher encryption that I know of.
openssl req -x509 -nodes -days 365 -newkey rsa:4096 -keyout /etc/apache2/ssl/apache.key -out /etc/apache2/ssl/apache.crt
6. Open the
Find the following two lines, and update the paths to match the locations of the certificate and key we generated earlier.
SSLCertificateFile /etc/apache2/ssl/apache.crt SSLCertificateKeyFile /etc/apache2/ssl/apache.key
7. Restart apache
service apache2 restart
8. Test if Apache and SSL are working by going to https://127.0.0.1 on the local box or go to the network IP of the server if you are doing it remotely.
9. Create a directory for your repositories. I put them in the
10. Create a policy file in that folder.
This just controls who has access to what repositories.
[/] * = r [REPO_NAME:/] USER_NAME = rw
The * in the / section is matched to anonymous users. Any access above and beyond
11. Create another file.
This is either an htpasswd, or htdigest file. I used htpasswd. Again, because of SSL, I do not worry as much about password sniffing. htdigest would provide even more security vs. sniffing, but at this point, I do not have a need for it. Run the following command
htpasswd -c /svn/.svn-auth-file USER_NAME
The above creates the file (-c) and stores the password in a hash. My system looks like it used MD5 as the default. You can look up commands for htpasswd and pick other hash types.
To add additional users, leave off the (-c) flag.
htpasswd /home/svn/.svn-auth-file OTHER_USER_NAME
12. Create a Repository
svnadmin create /PATH/TO/svn /REPO_NAME
13. Set Permissions so Apache can access
Our apache user is “www-data” You can look in the apache Configuration file to make sure this is right for you.
chown –R www-data /PATH/TO/SVN /FOLDER
If that will not work try this.
chown –R www-data:www-data /PATH/TO/SVN /FOLDER
14. Setup Apache to point to the svn folder.
At the bottom of the /etc/apache2/apache2.conf file
#svn users <Location /svn> DAV svn SVNParentPath /srv/svn/ AuthzSVNAccessFile /srv/svn/.svn-policy-file SVNListParentPath On AuthType Basic AuthName "Voltdrift SVN Server" AuthUserFile /srv/svn/.svn-auth-file Require valid-user </Location>
15. Restart Apache
service apache2 restart
If everything worked you should be able to check out the test repo we made.
svn checkout https://yourdomain.net/svn/REPO_NAME/ /my/svn/working/copy