HowTo to handle SVN repositories creation and access control with Redmine (part 2) » History » Revision 2
Revision 1 (Nicolas Chuche, 2007-10-21 19:20) → Revision 2/3 (Jean-Philippe Lang, 2007-10-21 20:15)
h1. HowTo to handle SVN repositories creation and access control with Redmine (part 2)
{{>TOC}}
If you haven't configured Redmine configure redMine and Subversion subversion integration, begin with the first part: part :
[[HowTo to handle SVN repositories creation and access control with Redmine]]
Be careful, the following recipes only work with a fairly recent
redmine/reposman.rb (r860 (Rev. 860 and later). They won't work with the
perl version of reposman.
h2. How to automatically update the url of your new repositories in Redmine
redMine with reposman ?
You can do that by using the @--url@ argument.
<pre>
ruby ./reposman.rb --redmine-host localhost:3000 --svn-dir /var/svn \
--url file:///var/svn/
</pre>
reposman will send back return to Redmine redMine the url of your repository. repository (the url
argument plus the idendified)
Next time you create a project, project with a repository, reposman will
informe Redmine that the repository was created redMine that's done and Redmine redMine will save the new repository url.
This way, the administrator won't have to enter the repositories urls manually in Redmine. information returned by reposman.
h2. What if you want to allow Redmine redMine to browse private repository ?
The previous recipes allow you to create repository on the fly and
anonymous browsing. But, if your project is private or if the project
isn't on the same server, you won't be able to browse it in Redmine. redMine.
h3. Redmine redMine and svn are on the same server
In this case, If your reposities and redmine are on the same server, you just need
to use the @--url@ option like in the previous item to register the
repository and the @--owner@ argument to set the repository owner to the
mongrel/apache user so that it can access the repositories. parse files.
<pre>
ruby ./reposman.rb --redmine-host localhost:3000 --svn-dir /var/svn \
--url file:///var/svn/ --owner MONGREL_USER
</pre>
BUT, you won't be able to separate svn repositories and Redmine hosts redMine in the
future (in fact you will be able to but you would have need to manually update change the repositories urls in the database
manually and that's bad). A better way to do this, if you think you
will need to separate those two servers one day, is to do like you
already have two servers. To do this, read the next recipe.
h3. Redmine redMine and svn aren't on the same server
There's more than one way to do this, one could be to use a specific
user to browse the repository with svnserve or svn+ssh but I don't
like this way (don't ask why). Another way is to add a third
access way (we already have svn+ssh for registered users and svnserve
for anonymous users).
In the following, the Redmine redmine server is known as redmine.my.domain and
the svn as svn.my.domain. You need to have apache/apache2 and mod_dav_svn on
the svn server.
1. configure your apache to serve the svn repository just for the Redmine redmine server
Just add something like that in your @apache.conf@ apache.conf or in a file in the
directory @/etc/apache/conf.d@: /etc/apache/conf.d :
<pre>
LoadModule dav_svn_module /usr/lib/apache2/modules/mod_dav_svn.so
<Location /svn>
DAV svn
# this must be the path you give to reposman with -s,--svn-dir argument
SVNParentPath "/var/svn"
Order allow,deny
Allow from ip.of.my.redmine.server
</Location>
</pre>
Verify you can access it from your Redmine redMine server.
2. change your reposman cron by adding the @--owner@ argument with the apache user :
<pre>
ruby ./reposman.rb --redmine-host http://redmine.my.domain/ --svn-dir /var/svn
--url http://svn.my.domain/svn/ --owner APACHE_USER
</pre>
h2. Web Service and Security
For the moment, the WS is open to everybody once actived and you surely don't want
that someone register project for you. You can block access to the WS
with apache/mongrel (if you don't use apache, I let you do your
homework...) with the Location apache directive like this :
<pre>
<VirtualHost *:80>
ServerName redmine.my.domain
ServerAdmin webmaster@localhost
<Location /sys>
Order allow,deny
Allow from ip.of.my.svn.server
</Location>
ProxyPass / http://localhost:3000/
ProxyPassReverse / http://localhost:3000/
</VirtualHost>
</pre>