1. Check whether the old version of SVN is installed
rpm -qa | grep subversion2. Uninstall the old version of SVN
yum remove subversion3. Install SVN
yum -y install subversion
The above 3 steps are all general settings.
4. Create an SVN repository (that is, the warehouse where the project will be stored)
mkdir -p /home/svn creates the root directory of all projects
svnadmin create /home/svn/ProjectName creates a location where the project will be stored (must be created in the /home/svn root directory)
I put my repository in the home/svn directory. This svn represents the root directory of all my projects, because there may be multiple projects stored on one virtual machine.
svnadmin create creates a repository for a single project. ProjectName is the name of the project
When the above command is executed, the following file will be generated in the /home/svn/ProjectName folder
5Configure code base
Enter the /home/svn/ProjectName/conf folder
authz: The file is a permission control file
passwd: is the account password file
svnserve.conf: SVN service configuration file
Set the account password of the person who can access this remote warehouse
vi passwd
Set the username and password under [users]
[users] #harry = harryssecret # sally = sallyssecret<br>user1 = password<br>user2 = password<br>. . .
After editing, press the Esc key to exit the editing mode, enter :wq! to save the file and exit
The username and password do not need to be the same as the username and password in the system’s /etc/passwd file. The username and password can be set at will.
note:
The username and password set here are used to access the code repository using the svn:// protocol.
This is not the same account and password file as the account and password used by the http protocol.
Set permission controls
vi authz edit authz
Set the group and group members in [groups]
Below are the design team design and the development team dev.
The design group needs to have read and write permissions on the doc file in the ProjectName project, while the development group can only have read permissions.
[/doc]Have set permissions on this folder
The development team needs to have read and write permissions on the src source code file in the ProjectName project. Other personnel cannot perform write operations.
. So set the permissions of /doc and /src files respectively.
For the convenience of testing, add [/] access permissions to the warehouse root directory so that any user can read the content.
Instead of directly setting permissions for specific users, authorize the group and add the user to the group.
[groups] # harry_and_sally = harry,sally # harry_sally_and_joe = harry,sally, &joe design = user1,user2,user... developer = user11,user22,user... [/doc] @design = rw @dev = r [/src] @dev = rw * = r<br>[/]<br>* = r
Modify the svnserve.conf file vi svnserve.conf
Clear the content and add the following content. Mainly set up accounts and permissions. There is also the directory where the current project’s version library is located.
In order to avoid relative positioning errors in realm, the absolute path is directly used to set the directory where the repository is located.
[general]<br>anon-access = none #Anonymous users are not accessible auth-access = write #Authorized users can write password-db = passwd #Which file to use as the account file authz-db = authz #Which file to use as the permission file realm = /home/svn/ProjectName # Certification space name, directory where the version library is located
At this point, the svn warehouse has been set up.
start svn
svnserve -d -r /home/svn
Let svn start and run as the root user in deamon daemon mode.
Note that this path cannot go to ProjectName, otherwise it will report svn: E170000: URL ‘svn://virtual machine ip address/ProjectName’ doesn’t exist when accessing
Access address svn://ip/ProjectName omits the root directory of svn
Configuring Apache’s http protocol access
Check if httpd has installed svn module
ls /etc/httpd/modules/ | grep svn mod_authz_svn.so mod_dav_svn.so
If it is not installed, use yum to install it.
yum install mod_dav_svn
The installation is completed, and the location of the project ProjectName under the svn repository is mapped.
Create the subversion.conf file under the /etc/httpd/conf.d/ file and edit it
vi subversion.conf
LoadModule dav_svn_module modules/mod_dav_svn.so LoadModule authz_svn_module modules/mod_authz_svn.so <Location /ProjectName> DAV svn SVNPath /home/svn/ProjectName/ AuthType Basic AuthName "Subversion repos" AuthUserFile /home/svn/ProjectName/conf/accesspwd AuthzSVNAccessFile /home/svn/ProjectName/conf/authz Require valid-user </Location>
AuthTypeAuthentication type
AuthName description name, choose whatever you want
AuthUserFile is the access account password file of the http protocol, which is created later using the htpasswd command.
AuthzSVNAccessFile permission authentication file, this is the same as the permission settings configured when configuring svn above.
Require requires authenticated users to access
htpasswd creates account password
htpasswd -c -m /home/svn/ProjectName/conf/accesspwd username
-c is to create a new file and is only used when creating an account password for the first time.
-m is to force the use of MD5 encryption password (default)
accesspwd is the name of the file created.
username is the name of the accessible user you want to create (for example, if I want to create an asd user to access this svn project repository, this username is asd)
Enter your password twice when prompted and we create an accessible username and password.
If you want to add a new user abc (adding a user for the second time)
There is no need to use the -c parameter. If used, the original accesspwd file will be overwritten.
htpasswd -m /home/svn/ProjectName/conf/accesspwd abc
Then enter the password twice.
Continue to add users. . .
You no longer create new users and the cycle ends.
Restart the Apache service
service httpd restart or systemctl restart httpd.service
Now you can access our svn server through “http://ip/ProjectName”
Of course, the above situation is when the firewall or open port is closed, or the http service is started normally.
Check if the port is in use
netstat -tunlp | grep 80 Check port 80 usage
netstat -tunlp | grep 3690 Check 3690, which is the service port usage of svn
The port is being used, indicating that the service is open normally.
Use curl to simulate browser requests
curl http://localhsot:80/ProjectName to check whether the service is responding.
Generally, 401 Unauthorized error will be returned.
Check firewall
Check whether the firewall is turned on firewall-cmd --state #View the default firewall status (notrunning will be displayed after it is turned off, running will be displayed after it is turned on) systemctl status firewalld.service displays the status of a firewall firewall-cmd --list-ports View open ports If the firewall is enabled and ports 80 and 3690 are not opened, Open the port: firewall-cmd --zone=public --add-port=80/tcp --permanent Command meaning: –zone #scope –add-port=80/tcp #Add port, the format is: port/communication protocol –permanent #Permanently effective, without this parameter it will be invalid after restarting firewall-cmd --reload #Restart firewall
iptables is enabled
vi/etc/sysconfig/iptables #Edit the firewall configuration file to add port 80 and port 3690 INPUT ACCEPT [0:0] :FORWARD ACCEPT[0:0] :OUTPUT ACCEPT[0:0] -A INPUT -m state--state RELATED,ESTABLISHED -j ACCEPT -A INPUT -p icmp -jACCEPT -A INPUT -i lo -jACCEPT -A INPUT -p tcp -mstate --state NEW -m tcp --dport 22 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT<br>-A INPUT -p tcp -m state --state NEW -m tcp --Dport 3690 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 8080-j ACCEPT -A INPUT -j REJECT--reject-with icmp-host-prohibited -A FORWARD -jREJECT --reject-with icmp-host-prohibited Save and exit<br><br>systemctl restart iptables.service #Finally restart the firewall to make the configuration take effect<br>Or use the service iptables restart statement to restart iptables.<br><br>Note: Ports 80 and 8080 are used here as examples. The *** section is generally added to<br>Above or below the "-A INPUT -p tcp -m state --state NEW -m tcp--dport 22 -j ACCEPT" line, remember not to add it to the last line, otherwise the firewall will not take effect after restarting.
We can use the telnet command to check whether a certain port of the virtual machine can be connected
For example, we test whether port 80 of the apache server is connected (this requires that the server has been started)
telnet ip port number
If you don’t have this command, use yum to install it.
yum -y install telnet
Other cases
It is possible that our virtual machine needs to be accessed from the external network, and we need to perform port address translation on the external network computer.
For example, our external network address is 218.107.22.104
And our virtual machine address is 172.16.168.102
We need to map port 172.16.168.102:80 to port 218.107.22.104:10020. We need to ensure that the firewall policy of our external network host allows port 10020 for external network access to be mapped to port 80 of the virtual machine.
If there is no port mapping, the problem of inaccessibility will also occur.
If we want to configure multiple svn repositories, we can create other projects under /home/svn/
svnadmin create /home/svn/newly created warehouse name
The same configuration needs to be modified
Configure http access,
Create a new project2.conf under the path /etc/httpd/conf.d/
LoadModule dav_svn_module modules/mod_dav_svn.so LoadModule authz_svn_module modules/mod_authz_svn.so <Location /New warehouse name> DAV svn SVNPath /home/svn/new warehouse name/ AuthType Basic AuthName "Subversion repos" AuthUserFile /home/svn/new warehouse name/conf/accesspwd AuthzSVNAccessFile /home/svn/new warehouse name/conf/authz Require valid-user </Location>
Restart httpd
finally passed
http://ip:80/New warehouse name
Access the code repository
PS
Maybe we can access the svn server and checkout the project, but when we upload files to the svn server, an error will occur.
SVN Access to /svn/Test/!svn/me’ forbidden
If there is no problem with the above settings, you need to set the corresponding user group for the file and set the file permissions.
Change the project name in the /home/svn/ directory to the user group chown -R group:user url chown -R apache:apache /home/svn/new warehouse name -R will recursively change the user group of all files in our new warehouse folder and its subdirectories apache: apache means that we want to modify all files in the folder and its subdirectories. The group owner is apache and the user is apache. url modified folder path
Set access permissions appache user has read write executable, group user and other groups or users can read and execute
chmod -R 755 /home/svn/new warehouse name
After setting this up, you can upload files and modify files using svn.