How to setup a Ubuntu development server - Part 1
Since I’m starting some real work on my final school project, I want to install a Ubuntu development server here at home. I have a Pentium 4 box here that will perform that task.
In this first part I will show you how to install Subversion over WebDAV. All of this will be done in such a way that it’s easy to serve multiple projects at once.
In future parts I will tell you more about installing Trac, FastCGI (with Apache) to host Rails applications and how to use Capistrano to deploy your app properly.
For now, let’s get cracking at Subversion.
First off, I installed Ubuntu 6.10 on my server. Because I don’t need a graphical user interface, I have installed Ubuntu in text-only mode.
Open up to the universe
The first thing I always do when I install a Ubuntu box is to enable the universe package repositories. This is rather easy.
Edit /etc/apt/sources.list and uncomment all the Universe related lines. Also, comment out your install disk. Here’s what my /etc/apt/sources.list looks like:
# # deb cdrom:[Ubuntu 6.10 _Edgy Eft_ - Release i386 (20061025)]/ edgy main restricted #deb cdrom:[Ubuntu 6.10 _Edgy Eft_ - Release i386 (20061025)]/ edgy main restricted deb http://nl.archive.ubuntu.com/ubuntu/ edgy main restricted deb-src http://nl.archive.ubuntu.com/ubuntu/ edgy main restricted ## Major bug fix updates produced after the final release of the ## distribution. deb http://nl.archive.ubuntu.com/ubuntu/ edgy-updates main restricted deb-src http://nl.archive.ubuntu.com/ubuntu/ edgy-updates main restricted ## Uncomment the following two lines to add software from the 'universe' ## repository. ## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu ## team, and may not be under a free licence. Please satisfy yourself as to ## your rights to use the software. Also, please note that software in ## universe WILL NOT receive any review or updates from the Ubuntu security ## team. deb http://nl.archive.ubuntu.com/ubuntu/ edgy universe deb-src http://nl.archive.ubuntu.com/ubuntu/ edgy universe ## Uncomment the following two lines to add software from the 'backports' ## repository. ## N.B. software from this repository may not have been tested as ## extensively as that contained in the main release, although it includes ## newer versions of some applications which may provide useful features. ## Also, please note that software in backports WILL NOT receive any review ## or updates from the Ubuntu security team. # deb http://nl.archive.ubuntu.com/ubuntu/ edgy-backports main restricted universe multiverse # deb-src http://nl.archive.ubuntu.com/ubuntu/ edgy-backports main restricted universe multiverse deb http://security.ubuntu.com/ubuntu edgy-security main restricted deb-src http://security.ubuntu.com/ubuntu edgy-security main restricted deb http://security.ubuntu.com/ubuntu edgy-security universe deb-src http://security.ubuntu.com/ubuntu edgy-security universe
The next step is to make sure all software present is up-to-date. There are already a few updates available so run these two commands:
$ sudo apt-get update $ sudo apt-get dist-upgrade
That’s it.
Getting SSH up and running
Because I have a MacBook, I’d like to use it to do my work. To do so I need to install the OpenSSH server on my server so I can access it over the network.
$ sudo apt-get install ssh
This will install ssh and the OpenSSH server. It also generates everything you need automatically like RSA keys and all that.
Now, try to login wiht SSH from your desktop machine.
Apache
Since I want to use Subversion of WebDAV I will need to install Apache first. I’ll grab a vanilla copy of Apache from Ubuntu here.
$ sudo apt-get install apache2
If that’s finished you should see a placeholder when you access your server with a browser. Check this now.
Getting Subversion
Subversion is also easily installed.
$ sudo apt-get install subversion subversion-tools
Next we should setup a location for our Subversion repositories. I choose to put them in /var/lib/svn. Create this directory now:
$ sudo mkdir -p /var/lib/svn
I also create a repository now and create a basic Subversion structure there. In my case the project is called ‘colt’.
$ sudo mkdir -p /var/lib/svn/colt $ sudo svnadmin create /var/lib/svn/colt $ sudo svn mkdir file:///var/lib/svn/colt/trunk -m "Trunk" $ sudo svn mkdir file:///var/lib/svn/colt/tags -m "Tags" $ sudo svn mkdir file:///var/lib/svn/colt/branches -m "Branches"
Note that you need to sudo the svn commands because only root has write access to your repository currently.
WebDAV for SVN
Okay. You are already at revision 3 on your repository. Good work! Now let’s make sure that you repositories are accessable over the web. First, we install libapache2-svn. This packages includes WebDAV support for SVN.
$ sudo apt-get install libapache2-svn
Next I open up /etc/apache2/mods-available/dav_svn.conf. This file contains configuration for the WebDAV and SubVersion modules we just installed.
Here I enable basic HTTP authentication, which is good enough for my local network. I also enable DAV by uncommenting “DAV svn”.
You need to take special care of the “SVNPath” variable here. We don’t host just one repository. We host several and /var/lib/svn is the parent directory of all our repositories. E.g. ‘colt’ is a sub directory that resides in /var/lib/svn. To make Apache understand this we need to change “SVNPath” to “SVNParentPath”. This enables all sub directories to be independent repositories.
Note: The authentication file we use here can be recycled later when we install Trac! Handy-Dandy, isn’t it?
I made my configuration look like this:
# dav_svn.conf - Example Subversion/Apache configuration # # For details and further options see the Apache user manual and # the Subversion book. # <location URL> ... </location> # URL controls how the repository appears to the outside world. # In this example clients access the repository as http://hostname/svn/ <location /svn> # Uncomment this to enable the repository, DAV svn # Set this to the path to your repository SVNParentPath /var/lib/svn # The following allows for basic http authentication. Basic authentication # should not be considered secure for any particularly rigorous definition of # secure. # to create a passwd file # # rm -f /etc/apache2/dav_svn.passwd # # htpasswd2 -c /etc/apache2/dav_svn.passwd dwhedon # New password: # Re-type new password: # Adding password for user dwhedon # # # Uncomment the following 3 lines to enable Basic Authentication AuthType Basic AuthName "Subversion Repository Access" AuthUserFile /etc/apache2/dav_svn.passwd # Uncomment the following line to enable Authz Authentication # AuthzSVNAccessFile /etc/apache2/dav_svn.authz # The following three lines allow anonymous read, but make # committers authenticate themselves. <limitexcept GET PROPFIND OPTIONS REPORT> Require valid-user </limitexcept> </location>
Now kick Apache to reload and you should be able to access your repository over the web! Try http://example.com/svn/colt.
Authentication
Reading of the repository is okay without authentication. But writing needs to be protected. We need to create a password file for this. This is easy and is already explained in /etc/apache2/mods-available/dav_svn.conf:
$ sudo htpasswd2 -c /etc/apache2/dav_svn.passwd ariejan
Go ahead, add as many users as you need.
Apache, Subversion and the world
Before you start using Subversion, make sure you make the repositories owned by Apache. Apache is the one who wil access the repositories physically. This is really easy:
$ sudo chown -R www-data.www-data /var/lib/svn
When you access your repository for write actions now, you will recieve the following message:
Authentication realm: <http ://example.com:80> Subversion Repository Access Password for 'ariejan':
Alright sparky! Subversion access is ready for you now! Next time I’ll tell you how to integrate Trac with your hot new Subversion repositories.
Notes
All users in you passwd file can write to all repositories. I’ve not yet found a way to prevent this, since I don’t need that functionality right now. If you know more about this, please let me know.
Subversion repositories are always readable by anonymous people. You should remove the LimitExcept block from dav_svn.conf to make sure all users authenticated themselves before accessing your repository.
If you add more repositories, you always have to chown them to your apache’s user and group. After that you can use them through WebDAV.
If you enjoyed this post, please consider to leave a comment or subscribe to the feed and get future articles delivered to your feed reader.
Comments
@Gabriel: Good to hear the article helped you out! Keep an eye out for the next article then! It’s almost finished. I just need to test the code again to make sure everything works as expected. I’ll post it later today or maybe tomorrow.
[...] How to setup a Ubuntu development server - Part 1Ubuntu 6.10 Live DVD on the Apple MacBookCUPS: 426 - Upgrade RequiredSVN: How to release software properlyAdsense Resource Inventory [...]
All users in you passwd file can write to all repositories. I’ve not yet found a way to prevent this, since I don’t need that functionality right now. If you know more about this, please let me know.
http://blog.odonnell.nu/32.html suggests that you can use the Authz file to change this.
I’m getting an error on my browser when I try to access the repository. Some kind of XML error that goes like this:
This XML file does not appear to have any style information associated with it. The document tree is shown below.
?
Could not open the requested SVN filesystem
is this normal until I install trac, or something is wrong here?
Gabriel, if your repositories are installed in subdirectories of your server, try navigating there. I get the same error as you when I am at the root of my server, which does not contain a SVN repository.
@Gabriel: Do you use one repository? In that case you should use SVNPath instead of SVNParentPath in dav_svn.conf
If you have multiple repositories setup, as Martey says, navigate to one of your repositories directly.
Hi,
When I follow your instructions, and get to
Now kick Apache to reload and you should be able to access your repository over the web! Try http://example.com/svn/colt.
And fill in the appropriate details, I get 403 Access Forbidden.
Any ideas?
Thanks for your time
Rob
@Rob: Are you using Fedore Core or any other distribution that utilizes SELinux?
Try disabling SELinux temporarily with:
$ setenforce 0
and see if things start working. It’s up to you to enable access with SELinux or disable SELinux globally (on your system).
edit: changed to the correct command: setenforce
Hi,
Thanks for your guide.
I’m also getting a 403.
But I get:
root@ks:/var# selinuxenabled 0
bash: selinuxenabled: command not found
Any ideas?
I’m using svn 1.4 thought…
@Simao: You’re absolutely right. The proper command is:
$ setenforce 0
This will not disable SELinux, but it will stop enforcing its rules. If you later want to re-enable SELinux, you can just run
$ setenforce 1
Thanks for the comment on that.
Thank you again for your help..
I managed to suppress the 403 error but now I get:
Could not open the requested SVN filesystem
And I know I have a repository there… I double checked the SVNParentPath directive….
I’m going nuts about this….
I had the same issue as Gabriel. I restarted the apache daemon, and it started working correctly.
on Ubuntu edgy, the command is /etc/init.d/apache2 restart.
SVN Repository Information…
An SVN repository is set up on bowen2 inside the BTS SBS 2003 network. Outside web access url…
[...] que pueda acceder libremente a nuestro repositorio: sudo chown -R www-data.www-data /var/lib/svn M
Another happy customer, thanks for taking the time to do this - i’m about to go onto the trac integration!
[...] up: Ubuntu Development Server Guide My articles about setting up a Ubuntu Development Server (part 1 and part 2) have been very [...]
Nice guide, try http://www.howtogeek.com/howto/ubuntu/install-subversion-with-web-access-on-ubuntu/
for user read authentification
[...] How to setup a Ubuntu development server - Part 1 (tags: ubuntu subversion development server howto linux svn tutorial) [...]
Hey, this is a great guide, but I’m getting a 403 Forbidden error when I try to access /svn from a browser.
I saw the other posts about this problem, but I’m running Ubuntu feisty, and I don’t have any setenforce command.
Any ideas?
Thanks.
[...] Ariejan.net - » How to setup a Ubuntu development server - Part 1 (tags: ubuntu svn subversion install apache server) [...]
[...] reference: How to setup Subversion over WebDAV and How to setup Trac, both on Ubuntu Wednesday, October 31, 2007 11:40pm [...]
Thank for the tutorial, Ariejan! Works great for me.
One little thing I noticed: When you’re adding password info, you list the command:
$ sudo htpasswd2 -c /etc/apache2/dav_svn.passwd ariejan
I get an error with htpasswd2, but if it’s changed to remove the ‘2′, it works.
Hi Ariejan
Can you give me a couple of instructions about how to isntall kdesvn or rapidsvn.
I am not sure how to do this
@mario: I’m not currently using a Linux desktop. But if you’re on ubuntu, you can use the package manager.
As a wild guess:
sudo apt-get install kdesvn rapidsvn
If you want to know about configuring these apps, check the documentation for these projects.
When adding users to an existing dav_svn.passwd-file one should not use the -c option for htpasswd. From the manual:
-c Create the passwdfile. If passwdfile already exists, it is
rewritten and truncated. This option cannot be combined with the
-n option.
For those getting 403 errors, add (SVNListParentPath On) to your dav_svn.conf file. Ex,
# Set this to the path to your repository
SVNListParentPath On
SVNParentPath /var/lib/svn
Hi. Thanks for the wonderful tutorial. I was able to setup the whole environment without any trouble. Only a couple of minor comments that might be helpful (someone else also pointed them out, so you might consider to update the page):
> $ sudo htpasswd2 -c /etc/apache2/dav_svn.passwd ariejan
> Go ahead, add as many users as you need.
You probably want to specify that “-c” should be used only for the very first password, otherwise the old ones are deleted.
Besides, on my computer I could find only htpasswd, and not htpasswd2.
> Now kick Apache to reload
Maybe it’s better to specify to use “sudo /etc/init.d/apache2 force-reload”
In any case, thanks! Very well done.
Hey, thanks a lot for this tutorial!! I’ve been searching the Ubuntu forums for a nice and simple way of setting up my home svn server, cause I’m new to svn and I’ve been having a hard time figuring out how to have a central repository and not copy and paste my svn folder around on my USB drive to access my files from different machines.
Im looking forward on your next post about setting up Trac. I’ve seen it and it looks nice, but I have no clue how to set up and enjoy its features.