Configuring Subversion and Apache on Ubuntu for virtual hosts with (SSL) Secure Socket Layer is fairly straight forward but if you’ve installed Apache 2 with synaptic you will find that some of the tools have different names or are completely missing, here I will walk through each step of the installation and configuration of each part explaining what does what and the various options that you can put in place to limit access. This way we will have access to the subversion repository at https://svn.domain.com.
Once you have followed the tutorial I would recommend using RapidSvn and Meld or KDiff as they are two of the tool I regularly use with my repositories. RapidSvn is a GUI subversion tools so you can commit etc. It doesn’t have a visual diff tool which is unfortunate but Meld is the best visual tool I have found for Gnome, these in the Ubuntu repositories or if you are using Kbuntu you can use KDiff, you can install these two tools easily using synaptic or apt-get.In this tutorial we will cover installing Apache2, Subversion and configuring the SSL creation of the required certificate using the apache tools and the configuration of the Virtual Host so you can access the repository via a subdomain. Finally we will set the access so you can controll who will have acces to your repositories.With 11 steps you will have a subversion respository up an running with SSL and Virtual hosts and each step explains what is happening so you can easily understand the full process
1. Install Apache
In the terminal type:
sudo apt-get install apache2 apache2.2-common apache2-utils
This installs the apache 2 server common modules and utilities
2. Install Subversion
In the terminal type:
sudo apt-get install subversion subversion-tools
3. Install Apache Subversion Modules
In the terminal :
sudo apt-get install libapache2-svn
4. Restart Apache
In the terminal type:
sudo apache2ctl restart
5. Enable SSL Apache Module
In the terminal type:
sudo a2enmod ssl
6. Enable Apache to listen to the correct port for ssl (443)
In the terminal type:
sudo gedit /etc/apache2/ports.conf
Add the line: Listen 443
7. Create a certificate for SSL use.
Unfortunately apache is missing the tool (apache2-ssl-certificate) required to create the certificate but this can be easily downloaded from apache2-ssl.tar.gz , download this file and extract the package. There are two files ssleay.cnf and apache2-ssl-certificate. In the terminal navigate to the directory two files have been extracted and type:
sudo mkdir /etc/apache2/sslsudo cp ./ssleany.cnf /etc/apache2/ssl/sudo cp ./apache2-ssl-certificate /usr/sbin/
Now create your certificate with and follow the instructions
sudo apache2-ssl-certificate
8. Create a Subversion repository
Here make a directory where you want to store one or more subversion repositories, in this example I’m using /srv/svn/repos/
sudo mkdir /srv
sudo mkdir /srv/svn
sudo mkdir /srv/svn/repos
Now make the repository directory accessible to apache (www-data)
chown www-data:www-data /srv/svn/repos
Now we will make the first repository using the super user www-data
cd /srv/svn/repos
su -u www-data -s
svnadmin create projectname
We now have our first subversion repository remember when creating other repositories always use the su www-data to ensure apache can access the repository.
9. Creating the virtual host
Create the virtul host file for Apache
sudo cp /etc/apache2/sites-available/default /etc/apache2/sites-available/svn.domain.comsudo gedit /etc/apache2/sites-available/svn.domain.com
Copy and paste the following code edit the domain name and repository path if different:
NameVirtualHost *:443
<VirtualHost *:443>
ServerAdmin yourname@domain.com
ServerName svn.domain.com
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/apache.pem
SSLProtocol all
SSLCipherSuite HIGH:MEDIUM
<Location />
Order allow,deny
Allow from all
DAV svn
SVNPath /srv/svn/repos/projectname
AuthType Basic
AuthName "domain.com Subversion Repository"
AuthUserFile /etc/apache2/dav_svn.passwd
Require valid-user
</Location>
ErrorLog /var/log/apache2/error.log
# Possible values include: debug, info, notice, warn, error, crit, alert, emerg.
LogLevel warn CustomLog /var/log/apache2/access.log combined
</VirtualHost>
If you have many projects that you will be using the repository change
SVNPath /srv/svn/repos/project
to
SVNParentPath /srv/svn/repos
10. Create user(s) to access subversion repository
sudo htpasswd -c /etc/apache2/dav_svn.passwd username
to add more users use -m (the -c creates a new file)
sudo htpasswd -m /etc/apache2/dav_svn.passwd username2
11. Restart Apache and test
sudo /etc/init.d/apache2 restart
Now test your repostory with https://svn.domain.com and enjoy, if I’ve missed steps out please let me know in the comments.
October 29, 2007
I got as far as running “apache2-ssl-certificate” and I get the following error:
error on line -1 of /usr/share/apache2/ssleay.cnf
12424:error:02001002:system library:fopen:No such file or directory:bss_file.c:122:fopen(’/usr/share/apache2/ssleay.cnf’,'rb’)
12424:error:2006D080:BIO routines:BIO_new_file:no such file:bss_file.c:125:
12424:error:0E078072:configuration file routines:DEF_LOAD:no such file:conf_def.c:197:
October 29, 2007
@Jason you’re problem is that the file ssleany.cnf is not in the correct place. These instructions were correct for Fiesty and maybe slightly different for Gutsy. It seems that apache2-ssl-certificate cannot find the file but is looking in the /usr/share/apache2 directory check you have copied the file as per the instructions to /usr/share/apache2/ssl/. If it in the correct position try moving the file to /usr/share/apache2. Then you should be able to access the file without if you still have the same error check the permissions.
November 29, 2007
I was following the steps described and everything went ok except for a strange error that my browser now returns when i try to access my svn repo via https (https://localhost/svn/).
The error says: “localhost has sent an incorrect or unexpected message. Error code -12263″.
Any ideas on that?
December 9, 2007
hi
i was a feisty user.i run all all of the command write above correctly but when i open https://svn.domain.com i have this error:Firefox can’t find the server at svn.domain.com.what i was doing?
December 9, 2007
now when i edit /etc/apache2/sites-available/svn.domain.com i have this error in shell(terminal): Couldn’t get main dbus connection: Did not receive a reply. Possible causes include: the remote application did not send a reply, the message bus security policy blocked the reply, the reply timeout expired, or the network connection was broken.
December 11, 2007
Hello Friends,
I have installed Subversion on my Ubuntu 7.4 system and all is well. I then followed the directions in this post to install libapache2-svn and that works also.
I’ve edited my config file to point Apache to my repository, but when I go there in a browser I get:
Could not open the requested SVN filesystem
Any ideas here?
Thanks,
December 27, 2007
Hello Luci3n, I had a problem following the tutorial, but I have a good friend that pointed me in the right direction, and I think your tutorial could use the help:
In step 8, you need to change the line that reads:
su www-data
For:
sudo -u www-data -s
To get a shell as www-data user.
Or:
sudo -u www-data svnadmin create repositoryname
To create the repository as www-data user, since “su www-data” will always ask for a password unless you are logged in as the root user.
January 7, 2008
I don’t know what happened, maybe after you edited your post something got messed up.
Now it’s really hard to follow the guide, since your multiline instruccions are merged in a large ONE liner.
Hope you can revert them to their previous state.
Regards.
June 1, 2008
Very useful. A further suggestion re step 8.. instead of
sudo -u www-data -s
I needed to use
sudo -i -u www-data
to become the www-data user. Running Ubuntu 8.
August 19, 2008
Hi all,
Thanks for the tutorial! I was getting strange errors when navigating to the subversion repository in my browser like:
Could not open the requested SVN filesystem
The problem was that in the /etc/apache2/sites-avaliable/yoursite.com file, the line SVNPath /srv/svn/repos should be SVNParentPath /srv/svn/repos . If you getting similar errors, maybe give that a shot.
-Andy