推荐 http://lansgg.blog.51cto.com/5675165/1844836
使用CollabNetSubversionEdge 界面很好,很赞
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
|
https:
/
/
downloads
-
guests.
open
.collab.net
/
files
/
documents
/
61
/
17071
/
CollabNetSubversionEdge
-
5.2
.
0_linux
-
x86_64.tar.gz
useradd
-
d
/
opt
/
svnuser svnuser
echo
"xx"
|passwd
-
-
stdin svnuser
groupadd svn
usermod
-
G svn svnuser
mkdir
/
svn
chown svnuser.svnuser
/
svn
-
R
visudo
## Allow root to run any commands anywhere
root
ALL
=
(
ALL
)
ALL
svnuser
ALL
=
(
ALL
)
ALL
su
-
svnuser
cd
/
svn
/
tar xf CollabNetSubversionEdge
-
5.1
.
3_linux
-
x86_64.tar.gz
cd csvn
/
bin
/
csvn start
http:
/
/
192.168
.
85.130
:
3343
/
csvn
/
login
/
auth
用户名、密码都是admin
svn是Subversion Edge执行用户svnuser所在的组
[root@vm2 svn]
# chown root:svn /svn/csvn/lib/httpd_bind/httpd_bind
[root@vm2 svn]
# chmod u+s /svn/csvn/lib/httpd_bind/httpd_bind
sudo
-
E
bin
/
csvn install
如果本机没有X桌面,就需要通过网络访问。需要将localhost更改为Subversion Edge服务器的IP地址,同时设置防火墙来保证能够访问到。
|
以下用原始方法,svn+apache+ldap手动搭建
基本安装
使用web方式访问svn
svn集成ldap,先参照git集成ldap(这个之前做过)
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
|
基本安装
svn版本
1.6
yum
-
y install subversion
mkdir
-
p
/
application
/
svndata
mkdir
-
p
/
application
/
svnpasswd
svnserve
-
d
-
r
/
application
/
svndata
/
启动
lsof
-
i tcp:
3690
svnadmin create
/
application
/
svndata
/
sadoc
ll
/
application
/
svndata
/
sadoc
/
配置允许用户solin读写访问
cd
/
application
/
svndata
/
sadoc
/
conf
/
/
bin
/
cp svnserve.conf svnserve.conf.solin$(date
+
%
F)
egrep
"\-access|\-db ="
svnserve.conf
# anon-access = read
# auth-access = write
# password-db = passwd
# authz-db = authz
[root@node
-
005
conf]
# egrep "\-access|\-db =" svnserve.conf
# anon-access = none #不允许匿名访问
# auth-access = write #允许可写
# password-db = /application/svnpasswd/passwd #密码数据库,存放SVN吗
# authz-db = /application/svnpasswd/authz #控制权限的数据库
[root@node
-
005
conf]
# egrep "\-access|\-db =" svnserve.conf
# anon-access = read
anon
-
access
=
none
# auth-access = write
auth
-
access
=
write
# password-db = passwd
password
-
db
=
/
application
/
svnpasswd
/
passwd
# authz-db = authz
authz
-
db
=
/
application
/
svnpasswd
/
authz
[root@node
-
005
conf]
# diff svnserve.conf.solin2017-04-20 svnserve.conf
12a13
> anon
-
access
=
none
13a15
> auth
-
access
=
write
20a23
> password
-
db
=
/
application
/
svnpasswd
/
passwd
27a31
> authz
-
db
=
/
application
/
svnpasswd
/
authz
配置authz、passwd证书文件
[root@node
-
005
conf]
# cp authz passwd /application/svnpasswd/
[root@node
-
005
conf]
# ll /application/svnpasswd/
总用量
8
-
rw
-
r
-
-
r
-
-
1
root root
1080
4
月
20
17
:
22
authz
-
rw
-
r
-
-
r
-
-
1
root root
309
4
月
20
17
:
22
passwd
[root@node
-
005
conf]
# chmod 700 /application/svnpasswd/*
[root@node
-
005
conf]
# ll /application/svnpasswd/
总用量
8
-
rwx
-
-
-
-
-
-
1
root root
1080
4
月
20
17
:
22
authz
-
rwx
-
-
-
-
-
-
1
root root
309
4
月
20
17
:
22
passwd
vi
/
application
/
svnpasswd
/
authz
添加如下:
[groups]
bd_sa
=
solin,test
# [/foo/bar]
[sadoc:
/
]
# [repository:/baz/fuz]
@bd_sa
=
rw
test1
=
r
vi
/
application
/
svnpasswd
/
passwd
添加如下:
[users]
solin
=
bdyun
test
=
bdyun
pkill svnserve
svnserve
-
d
-
r
/
application
/
svndata
/
|
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
|
使用web方式访问svn
yum
-
y install httpd httpd
-
devel
yum
-
y install mod_dav_svn mod_auth_mysql
vim
/
etc
/
httpd
/
conf
/
httpd.conf
LoadModule dav_svn_module modules
/
mod_dav_svn.so
LoadModule authz_svn_module modules
/
mod_authz_svn.so
<Location
/
home>
DAV svn
SVNPath
/
var
/
www
/
html
/
svna
/
home
<
/
Location>
权限控制
htpasswd
-
c
/
etc
/
svnpwd
/
svnpwdfile svnpwduser01
mkdir
/
etc
/
svnpwd
htpasswd
-
c
/
etc
/
svnpwd
/
svnpwdfile svnpwduser01
AuthType Basic
AuthName
"svn repos"
AuthUserFile
/
etc
/
svnpwd
/
svnpwdfile
Require valid
-
user
|
svn集成ldap
我的svn是单独一台机器的,ldap一台机器
先参考以前git做的
cd /opt/git/gitlab/config
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
|
cat gitlab.yml|grep
-
v
"#"
production: &base
gitlab:
host: 内部域名
email_from: example@example.com
email_display_name: GitLab
email_reply_to: noreply@example.com
default_projects_features:
issues: true
merge_requests: true
wiki: true
snippets: false
incoming_email:
enabled: false
address:
"incoming+%{key}@gitlab.example.com"
gravatar:
gitlab_ci:
ldap:
enabled: true
servers:
label:
'LDAP'
host:
'ldap ip'
port:
389
uid:
'uid'
bind_dn:
'cn=gitlab,ou=People,dc=xx,dc=com'
password:
'gitlab密码'
active_directory: false
allow_username_or_email_login: true
block_auto_created_users: false
base:
'dc=xx,dc=com'
user_filter: ''
attributes:
username: [
'uid'
,
'userid'
,
'sAMAccountName'
]
email: [
'mail'
,
'email'
,
'userPrincipalName'
]
name:
'cn'
first_name:
'givenName'
last_name:
'sn'
omniauth:
enabled: false
allow_single_sign_on: false
block_auto_created_users: true
auto_link_ldap_user: false
providers:
satellites:
path:
/
opt
/
git
/
gitlab
-
satellites
/
timeout:
30
backup:
gitlab_shell:
path:
/
opt
/
git
/
gitlab
-
shell
/
repos_path:
/
opt
/
git
/
repositories
/
hooks_path:
/
opt
/
git
/
gitlab
-
shell
/
hooks
/
secret_file:
/
opt
/
git
/
gitlab
/
.gitlab_shell_secret
upload_pack: true
receive_pack: true
git:
bin_path:
/
opt
/
soft
/
git
/
bin
/
git
timeout:
100
extra:
rack_attack:
git_basic_auth:
development:
<<:
*
base
test:
<<:
*
base
gravatar:
enabled: true
gitlab:
host: 内部域名
port:
80
satellites:
path: tmp
/
tests
/
gitlab
-
satellites
/
backup:
path: tmp
/
tests
/
backups
gitlab_shell:
path: tmp
/
tests
/
gitlab
-
shell
/
repos_path: tmp
/
tests
/
repositories
/
hooks_path: tmp
/
tests
/
gitlab
-
shell
/
hooks
/
issues_tracker:
redmine:
title:
"Redmine"
project_url:
"http://redmine/projects/:issues_tracker_id"
issues_url:
"http://redmine/:project_id/:issues_tracker_id/:id"
new_issue_url:
"http://redmine/projects/:issues_tracker_id/issues/new"
ldap:
enabled: true
servers:
main:
label: ldap
host: ldap ip
port:
389
uid:
'uid'
base:
'dc=xx,dc=com'
user_filter: ''
bind_dn:
'cn=xx,ou=People,dc=xx,dc=com'
password:
'xx密码'
admin_group: ''
sync_ssh_keys: false
staging:
<<:
*
base
|
apache配置
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
|
[root@cm1 conf.d]
# cat subversion.conf |grep -v "#"
LoadModule dav_svn_module modules
/
mod_dav_svn.so
LoadModule authz_svn_module modules
/
mod_authz_svn.so
<Location
/
svn
/
>
DAV svn
SVNListParentPath on
SVNParentPath
/
application
/
svndata
AuthBasicAuthoritative on
AuthType Basic
AuthName
"svn"
AuthBasicProvider ldap
AuthzLDAPAuthoritative off
AuthLDAPURL
"ldap://ldap ip:389/ou=People,dc=xx,dc=com?uid?sub?(objectClass=*)"
AuthLDAPBindDN
"cn=xx,ou=People,dc=xx,dc=com"
AuthLDAPBindPassword
"xx密码"
#xx在ldap服务器上有本地用户
AuthzSVNAccessFile
/
etc
/
httpd
/
conf
/
svnauthz.conf
Require valid
-
user
<
/
Location>
cat
/
etc
/
httpd
/
conf
/
svnauthz.conf
[groups]
admin
=
one
[
/
]
@admin
=
rw
#[test:/]
two
=
r
|
最后权限的问题,不知道是否需要chown -R apache.apache /application/*
本文转自 liqius 51CTO博客,原文链接:http://blog.51cto.com/szgb17/1934847,如需转载请自行联系原作者
