Subversion
-
参考文档:
- svnbook: http://svnbook.red-bean.com/
- CentOS howto SVN: http://wiki.centos.org/zh/HowTos/Subversion
用 Apache 和 Subversion 搭建安全的版本控制环境
SVN dump/load迁移
SVN强制写日志
SVN Apache AD Review
软件安装
yum install httpd httpd-devel subversion subversion-devel mod_dav_svn mod_ssl #mod_auth_mysql groupadd svn useradd svn -g svn passwd -l svn
httpd配置
-
subversion.conf
LoadModule dav_svn_module modules/mod_dav_svn.so LoadModule authz_svn_module modules/mod_authz_svn.so <Location /repos> DAV svn SVNPath /data/svn/repos #SVNParentPath/opt/repository/ AuthzSVNAccessFile /data/svn/repos/conf/authz # Limit write permission to list of valid users. # <LimitExcept GET PROPFIND OPTIONS REPORT> # Require SSL connection for password protection. SSLRequireSSL #Authentication AuthType Basic AuthBasicProvider ldap SVNListParentPath On AuthzLDAPAuthoritative off AuthLDAPURL "ldap://192.168.101.51:389/dc=mydc,dc=local?sAMAccountName?sub?(objectClass=*)" AuthLDAPBindDN "CN=ldap,OU=myuser,DC=mydc,DC=local" AuthLDAPBindPassword xxxxxx AuthName "Subversion Authorization Realm" # AuthUserFile /data/svn/repos/conf/passwd Require valid-user #</LimitExcept> </Location>
-
ssl.conf
LoadModule ssl_module modules/mod_ssl.so Listen 8443 AddType application/x-x509-ca-cert .crt AddType application/x-pkcs7-crl .crl SSLPassPhraseDialog builtin SSLSessionCache shmcb:/var/cache/mod_ssl/scache(512000) SSLSessionCacheTimeout 300 SSLMutex default SSLRandomSeed startup file:/dev/urandom 256 SSLRandomSeed connect builtin SSLCryptoDevice builtin <VirtualHost _default_:8443> ServerName svn.gdu.me:8443 ErrorLog logs/ssl_error_log TransferLog logs/ssl_access_log LogLevel warn SSLEngine on SSLProtocol all -SSLv2 SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW SSLCertificateFile /etc/pki/tls/certs/localhost.crt SSLCertificateKeyFile /etc/pki/tls/private/localhost.key <Files ~ "\.(cgi|shtml|phtml|php3?)$"> SSLOptions +StdEnvVars </Files> <Directory "/var/www/cgi-bin"> SSLOptions +StdEnvVars </Directory> SetEnvIf User-Agent ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 CustomLog logs/ssl_request_log \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" </VirtualHost>
Review hook
...
SVNrsync
#!/bin/sh
# /etc/crontab
# 30 1,12 * * * root /data/svnbak/SVNnewbak.sh
# Logs
# https://192.168.0.233:8443/svn/
SRC=rsync://svnrsync@192.168.0.133/svn
PASSWD=xxxxxxxxxxxx
DST=/data/svn
LogPath=/var/www/html/svn
DAY=`date +%Y%m%d`
LogFile=$LogPath/SVNrsync.$DAY.txt
#rsyncLogFile=$LogPath/rsync.$DAY.txt
rsyncLogFile=$LogFile
# --------------------------------------------------
export PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin
[ ! -d "$LogPath" ] && mkdir -p "$LogPath"
z_recordlog(){
curtime=`date +"%Y-%m-%d %H:%M:%S"`
if [ ! -f "${LogFile}" ];then
touch "${LogFile}"
fi
echo "${curtime} $1" >> "${LogFile}"
}
z_clearcycle(){
find "${1}" -maxdepth 1 -type f -atime +${2} -exec rm -rf {} \;
if [ "$?" = "0" ];then
z_recordlog "${2} days ago a successful clean-up of spare parts for ${1}'s paper!"
fi
}
z_recordlog "SVN rsync start..."
export RSYNC_PASSWORD=$PASSWD
rsync -az --delete --log-file="$rsyncLogFile" $SRC/ $DST >> "$rsyncLogFile" 2>&1
if [ "$?" != "0" ];then
z_recordlog "SVN rsync Error!"
fi
unset RSYNC_PASSWORD
z_recordlog "SVN rsync done."
z_clearcycle "$LogPath" "60"
tips
# 版本库地址变更 svn switch --relocate \ https://olddomain.com:8443/repos/trunk/test \ https://newdomain.com:8443/repos/trunk/test # 内部结构变更:主干版本和分支版本的拷贝 将/test/dev/lib切换为/test/branch/lib svn switch https://domain.com/test/branch/lib # 建议:版本库 IP 地址变更,和版本库内部目录结构调整要分步来实施。不要同时实施。否则很麻烦。 # 修改UUID svnadmin setuuid /var/svn/repos 6aed1349-fe9f-9245-a4a0-02dba53eb2d0 # 查看一下更新后的UUID svnlook uuid /var/svn/repos