不久前买了一个阿里云服务器,想着在上面搭建一个svn服务方便自己的代码管理。顺便记录下自己的搭建过程
首先,安装服务
通过yum -stall subversion 安装snv,可能install之前需要装一些其他的依赖包,可以根据提示安装。
第二步,创建svn目录,目录名叫wash
步骤:
(1)svnadmin create /svn/wash (假设svn装在了根目录,/svn)
(2)vi /svn/project1/conf/svnserve.conf
anon-access = none #匿名权限
auth-access = write #授权用户有写权限
password-db=passwd #指定账号文件
auth-db=authz #指定权限控制文件
### This file controls the configuration of the svnserve daemon, if you ### use it to allow access to this repository. (If you only allow ### access through http: and/or file: URLs, then this file is ### irrelevant.) ### Visit http://subversion.apache.org/ for more information. [general] ### The anon-access and auth-access options control access to the ### repository for unauthenticated (a.k.a. anonymous) users and ### authenticated users, respectively. ### Valid values are "write", "read", and "none". ### Setting the value to "none" prohibits both reading and writing; ### "read" allows read-only access, and "write" allows complete ### read/write access to the repository. ### The sample settings below are the defaults and specify that anonymous ### users have read-only access to the repository, while authenticated ### users have read and write access to the repository. anon-access=read auth-access=write ### The password-db option controls the location of the password ### database file. Unless you specify a path starting with a /, ### the file's location is relative to the directory containing ### this configuration file. ### If SASL is enabled (see below), this file will NOT be used. ### Uncomment the line below to use the default password file. password-db=passwd ### The authz-db option controls the location of the authorization ### rules for path-based access control. Unless you specify a path ### starting with a /, the file's location is relative to the the ### directory containing this file. If you don't specify an ### authz-db, no path-based access control is done. ### Uncomment the line below to use the default authorization file. authz-db=authz ### This option specifies the authentication realm of the repository. ### If two repositories have the same authentication realm, they should ### have the same password database, and vice versa. The default realm ### is repository's uuid. realm=/svn/wash ### The force-username-case option causes svnserve to case-normalize ### usernames before comparing them against the authorization rules in the ### authz-db file configured above. Valid values are "upper" (to upper- ### case the usernames), "lower" (to lowercase the usernames), and ### "none" (to compare usernames as-is without case conversion, which ### is the default behavior). # force-username-case = none [sasl] ### This option specifies whether you want to use the Cyrus SASL ### library for authentication. Default is false. ### This section will be ignored if svnserve is not built with Cyrus ### SASL support; to check, run 'svnserve --version' and look for a line ### reading 'Cyrus SASL authentication is available.' # use-sasl = true ### These options specify the desired strength of the security layer ### that you want SASL to provide. 0 means no encryption, 1 means ### integrity-checking only, values larger than 1 are correlated ### to the effective key length for encryption (e.g. 128 means 128-bit ### encryption). The values below are the defaults. # min-encryption = 0 # max-encryption = 256
(3)vi /svn/project1/conf/passwd
xxx=**** // 用户名=密码
这里,我们只设定了一个用户 svn_admin
### This file is an example password file for svnserve. ### Its format is similar to that of svnserve.conf. As shown in the ### example below it contains one section labelled [users]. ### The name and password for each user follow, one account per line. [users] # harry = harryssecret # sally = sallyssecret svn_admin=svn_admin
(4)vi /svn/project1/conf/authz
[group]
aa = user1,user2,user3
[/] #在[/]中给刚刚的组添加权限
@aa = rw
*=r
### This file is an example authorization file for svnserve. ### Its format is identical to that of mod_authz_svn authorization ### files. ### As shown below each section defines authorizations for the path and ### (optional) repository specified by the section name. ### The authorizations follow. An authorization line can refer to: ### - a single user, ### - a group of users defined in a special [groups] section, ### - an alias defined in a special [aliases] section, ### - all authenticated users, using the '$authenticated' token, ### - only anonymous users, using the '$anonymous' token, ### - anyone, using the '*' wildcard. ### ### A match can be inverted by prefixing the rule with '~'. Rules can ### grant read ('r') access, read-write ('rw') access, or no access ### (''). [aliases] # joe = /C=XZ/ST=Dessert/L=Snake City/O=Snake Oil, Ltd./OU=Research Institute/CN=Joe Average [groups] # harry_and_sally = harry,sally # harry_sally_and_joe = harry,sally,&joe # [/foo/bar] # harry = rw # &joe = r # * = # [repository:/baz/fuz] # @harry_and_sally = rw # * = r admin=svn_admin [/] @admin=rw *=r
(5)重启svn,killall svnserve; svnserve -d -r /svn
最后,可能需要修改防火墙
vi /etc/sysconfig/iptables
-A INPUT -p tcp -m state --state NEW -m tcp --dport 9995 -j ACCEPT
重启服务 service iptables restart。 如果是阿里云服务器,那么还需要配置安全组规则,允许9995端口访问。