Project

General

Profile

History

HowTos » HowTo configure Redmine for advanced Subversion integration »

Repositories access control with apache mod dav svn and mod perl » History » Revision 3

Revision 2 (Nicolas Chuche, 2007-11-18 21:13) → Revision 3/47 (Jean-Philippe Lang, 2007-11-18 21:41) 

h1. Repositories access control with apache mod dav svn and mod perl 

 {{>TOC}} 

 h2. overview 

 In this documentation, we will configure apache to delegate 
 authentication to mod_perl. It's tested on apache2 with mysql and 
 postgresql but should work with allmost every databases for which 
 there is a perl DBD module. 

 You need a Redmine r860 re. 860 or later. If your Redmine is older than r916, re .916, download "Redmine.pm":http://redmine.rubyforge.org/svn/trunk/extra/svn/Redmine.pm 

 You need to have a working apache on your SVN server and you must 
 install some modules at least mod_dav_svn, mod_perl2, DBI and DBD::mysql (or the 
 DBD driver for you database as it should work on allmost all 
 databases). 

 On Debian/ubuntu you must do : 

   

 <pre> 
   aptitude install libapache2-svn libapache-dbi-perl libapache2-mod-perl2 libdbd-mysql-perl 
 </pre> 

 h2. enabling apache modules 

 On debian/ubuntu : 

 <pre> 
 a2enmod dav 
 a2enmod dav_svn 
 a2enmod perl 
 </pre> 

 h2. apache configuration 

 You need to copy "Redmine.pm" on your svn server and 
 add something like that to your apache configuration (for example in @/etc/APACHE_DIR/conf.d/@) @/etc/APACHE_DIR/conf.d/@ 

 You must change the Redmine.pm path and database informations to fit your needs. 

 <pre> 
    PerlRequire /usr/local/apache/Redmine.pm 
    <Location /svn> 
      DAV svn 
      SVNParentPath "/var/svn" 

      AuthType Basic 
      AuthName redmine 
      Require valid-user 

      PerlAccessHandler Apache::Authn::Redmine::access_handler 
      PerlAuthenHandler Apache::Authn::Redmine::authen_handler 
  
      ## for mysql 
      PerlSetVar dsn DBI:mysql:database=databasename;host=my.db.server 
      ## for postgres 
      # PerlSetVar dsn DBI:Pg:dbname=databasename;host=my.db.server 

      PerlSetVar db_user redmine 
      PerlSetVar db_pass password 
   </Location> 

    # a private location in read only mode to allow Redmine browsing 
    <Location /svn-private> 
      DAV svn 
      SVNParentPath "/var/svn" 
      Order deny,allow 
      Deny from all 
      # only allow reading orders 
      <Limit GET PROPFIND OPTIONS REPORT> 
        Allow from redmine.server.ip 
      </Limit> 
    </Location> 
 </pre> 

 It will add add two Location directives, one @/svn@ /svn with authentication 
 and access control against the Redmine database for users and one @/svn-private@ 
 /svn-private in read-only with IP ip limitation for Redmine browsing. 

 And that's done. You can try to browse some public repository with: with : 
 <pre> 
 svn ls http://my.svn.server/svn/myproject 
 </pre> 

 If you try to browse some non public repository, it will ask you a password.