Good Day everyone,
I have been tasked with configuring a SVN server. The box is running Zentyal that was installed on top of Ubuntu Server 12.04. The users are required to be managed via the Zentyal web interface and also against the domain (LDAP). Following is what I did to make it work. I spent many hours searching and reading to get the configuration working and would like to share my experiences with hopes that it may be useful for others attempting the same configuration. I would to thank all those who have shared the previous experiences which help and guided me to get a successful configuration working, there are too many to list down.
Machine Setup- Ubuntu server 12.04
- Zentyal 3.3
- all patches and updates have been applied
Zentyal SetupZentyal Modules installed:
sysinfo network firewall audit ca dns events global logs monitor ntp objects openvpn remoteservices samba services software users webadmin webserverDomain Configuration- Created a security group called
SVNUser. Users allowed to access the SVN repo is added to this group (See the attached image)
- Created new user accounts and added to the
SVNUser group
Pre-requisites- Ensure that the webserver module is installed for access to apache2
- Ensure that there is a domain admin account that can be used to access the LDAP. You can do this by adding the account to the Domain Admins group. For my setup i created an account called:
domainadminInstallation Steps- Install svn:
sudo apt-get install subversion
- Install apache svn:
sudo apt-get install libapache2-svn
- Enable LDAP integration:
sudo a2enmod authnz_ldap
- Create the svn root directory:
sudo mkdir /var/svn
- Create the svn repository directory:
sudo mkdir /var/svn/repository
- Change the owner and group of the svn directory:
sudo chown -Rv www-data:www-data /var/svn/repository
- Set permissions to the repo folder:
sudo chmod -R g+rws /var/svn/repository
- Initialize the svn folder:
sudo svnadmin create /var/svn/repository
- Update the correct permissions again:
sudo chmod -R g+rws /var/svn/repository
Apache DAV Configuration- Edit the following file:
sudo vi /etc/apache2/mods-available/dav_svn.conf
- Since I prefer to have things nice and clean I removed all the existing lines. You can change the location on the first line to anything that your prefer. For me I used:
/svn.
Contents of /etc/apache2/mods-available/dav_svn.conf:
<Location /svn>
DAV svn
SVNParentPath /var/svn
SVNListparentPath on
AuthType Basic
AuthName "SVN"
AuthBasicProvider ldap
AuthzLDAPAuthoritative on
# The LDAP Url was the one that was giving me a lot of grief.
# Initially I used port 389 and the authentication failed.
# In one of the web pages i saw they used port 390 and when i changed it worked immediately.
AuthLDAPURL "ldap://127.0.0.1:390/ou=Users,dc=office,dc=lan?uid"
AuthLDAPBindDN "uid=domainadmin,ou=Users,dc=office,dc=lan"
AuthLDAPBindPassword domainadmin-password
# enable line below for any authenticated user
# Require valid-user
# enable line below for only users from a specified group
Require ldap-group cn=SVNUser,ou=Groups,dc=office,dc=lan
</Location>
- Save the file and restart apache from the Zentyal console or issuing the command:
sudo service apache2 restart
- You can how access the SVN from the web using the address:
http://<server name or address/svn/ or
https://<server name or address/svn/ I hope this guide will be useful to those attempting the same configuration. All the best guys.