Posted by nito, Tue Mar 20 01:02:00 UTC 2007

So, things are going well with my slicehost slice and now I want to get things under version control using subversion. Conventional wisdom would dictate that Apache + mod_dav_svn is the way to go - But, as much as everyone seems to swear by Apache + mod_dav_svn, It’s just more memory usage of a 256mb slice that I can do without.

So, I thought about it for a little while and came up with the following criteria:

i) I want to be able to have multiple authorized users accessing one repository, both locally and remotely.
ii) I don’t want to provide any anonymous access.
iii) I don’t want any clear text passwords and I must have encryption of remote subversion access.
iv) I don’t want to use Apache + mod_dav_svn.

If the list above matches your requirements read on, and hopefully what follows will be of some help. Bear in mind that this is all on an unbuntu linux slice.

Let’s be smart here and say we’ve got hold of subversion and installed it using the following:

sudo apt-get -V install subversion subversion-tools

And now it’s time to get it working:
1) create an svn group and add all local users with subversion usage requirements

sudo addgroup --system svn   
sudo adduser username svn

Obviously replace username with a real username, and repeat for every user you want to provide subversion to.

2) wrap the subversion tools in umasked wrappers:
First we’ll move the original files (we’ll make the fairly likely assumption that they’re in /usr/bin)

sudo mv /usr/bin/svn /usr/bin/svn-real
sudo mv /usr/bin/svnadmin /usr/bin/svnadmin-real
sudo mv /usr/bin/svnlook /usr/bin/svnlook-real
sudo mv /usr/bin/svnserve /usr/bin/svnserve-real

Now we create some wrapper files. Using your favourite editor ( mine happens to be vi(m) ) create a new file called svn with the following content:

#!/bin/sh

umask 002
/usr/bin/svn-real "$@"

Do the same for svnadmin, svnlook and svnserve, remembering in each case to substitute svn-real for svnserve-real, svnadmin-real or svnlook-real.
Clear as mud? i hope so!

3) create the repository

sudo mkdir /var/lib/subversion
sudo svnadmin create /var/lib/subversion/repos

4) change ownership and permissions of the repository

sudo chown -R :svn /var/lib/subversion
sudo chmod -R g+w /var/lib/subversion
sudo chmod g+s /var/lib/subversion/repos/db
sudo chmod -R g+rw /var/lib/subversion/repos/locks

5) Edit the svnserve.conf file and deny access to all anonymous users:

 
sudo vi /var/lib/subversion/repos/conf/svnserve.conf

Make sure that (for now at least) only the following line is uncommented (with no hash/pound) in front of it. And if the line doesn’t exist, add it!

anon-access = none

6) And That’s All Folks!

So, now we have an empty subversion repository all ready to use! So, how do we use it? We’re going to assume we’re on our slice which we’ll regard as ‘local’. First, lets put a new project under source code control

7) Create the source directory
Rather than just import a project into subversion, we create a specific source directory and we structure the contents of that directory according to a common subversion conventions. You can create this directory wherever you want.

mkdir myproject_src

Inside the source directory, we create the following three sub-directories: branches, tags and trunk

mkdir myproject_src/branches myproject_src/tags myproject_src/trunk

Assuming we have an existing project directory, we copy the contents of the existing project directory into myproject_src/trunk.
8) TIME to IMPORT

svn import myproject_src file:///var/lib/subversion/repos/myproject -m "initial import" -m "initial import"

9) Time to checkout our first version
Local checkout:

svn checkout  file:///var/lib/subversion/repos/myproject  myproject_dir

Remote checkout:

 
svn checkout svn+ssh:nito@mydomain.com/var/lib/subversion/repos/myproject myproject_dir

Note that you will be asked numerous times for your password. This repetition is ssh as opposed to svn, and is a minor irritation that can be overcome with a local ssh password caching utility, but we won’t cover that here.

And that’s about it! There’s no anonymous remote access to the repository and all your usual subversion commands are now available remotely using svn+ssh: and locally using file: - sweet.

Filed Under: Geekliness Tutorial | Tags: slicehost subversion howto svn setup