i've setup subversion so that each project is its own repository, so there's a list of repositories in /srv/svn/repos.
the configuration below restricts listing the repo names from non-auth'ed users while auth'ed users can see the list.
/etc/apache2/sites-available/default-ssl.svn:
####################
<IfModule mod_ssl.c>
<VirtualHost _default_:443>
ServerAdmin webmaster@localhost
DocumentRoot /var/www
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
ErrorLog /var/log/apache2/error.log
LogLevel warn
CustomLog /var/log/apache2/ssl_access.log combined
SSLEngine on
SSLCertificateFile /etc/ssl/certs/server.crt
SSLCertificateKeyFile /etc/ssl/private/server.key
# requires alias mod: sudo a2enmod alias
# without this, if you try to list repos by visiting /repos instead of /repos/, you'll get an error
Alias /repos "/srv/svn/repos/"
<Location /repos/>
DAV svn
SVNParentPath /srv/svn/repos
AuthzSVNAccessFile /srv/svn/repos/repo1/conf/authz
SVNListParentPath on
AuthType Basic
AuthName "My Company Repository"
AuthUserFile /etc/subversion/passwd
Require valid-user
</Location>
SSLOptions +StrictRequire
</VirtualHost>
</IfModule>
####################
/srv/svn/repos/repo1/conf/authz:
####################
[groups]
super_devs = superuser1, superuser2
restricted_devs = restricteduser1, restricteduser2
[/]
@super_devs = rw
@restricted_devs =
[repo1:/branches/branchForRestrictedUsers]
@restricted_devs = rw
[repoForRestrictedUsers:/]
@restricted_devs = rw
####################
MODS ENABLED
ls /etc/apache2/mods-enabled/:
alias.conf auth_basic.load authz_host.load autoindex.conf dav.load dav_svn.load dir.load mime.conf rewrite.load setenvif.load ssl.load
alias.load authn_file.load authz_user.load autoindex.load dav_svn.conf dir.conf env.load mime.load setenvif.conf ssl.conf
i've posted this solution here:
http://www.svnforum.org/threads/35420-SVNListParentPath-AuthzSVNAccessFile-conflict/page2?s=3706b24889a40489495e5155473d0a86
but i'm waiting for a mod to approve my post.
also useful:
http://svnbook.red-bean.com/en/1.4/svn.serverconfig.pathbasedauthz.html
No comments:
Post a Comment