Setting up ssl Subversion Mirror on Ubuntu 12.04

These are some quick notes on how to setup a subversion mirror on ubuntu 12.04

First install apache2, subversion and the binding

apt-get install apache2
apt-get install subversion
apt-get install libapache2-svn

create dir /etc/apache2/ssl and copy you ssl files to this folder.

Update /etc/apache2/sites-available/default-ssl or create a new site.

Make these changes to the site config.

SSLCertificateFile /etc/apache2/ssl/my-site.com.crt
SSLCertificateKeyFile /etc/apache2/ssl/my-site.com.key
SSLCertificateChainFile /etc/apache2/ssl/gd_bundle.crt

Enable ssl module, the ssl site and then restart apache2:

a2enmod ssl
a2ensite default-ssl
service apache2 restart

Now you should ssl working and it is time to add the subversion proxy.

Add the proxy module to apache2:

a2enmod proxy
a2enmod proxy_http
a2enmod rewrite

Update default-sll, after ServerName add
SSLProxyEngine on
Before BrowserMatch add:

SSLProtocol -ALL +SSLv3

<Location /svn>
DAV svn
SVNParentPath /www1/svn
SVNMasterURI https://masterip/svn
AuthType Basic
AuthName "Subversion repository"
AuthUserFile /www1/etc/local-authentication
Require valid-user
</Location>

Proxy for a Trac instance:

ProxyPass /trac https://masterip/trac
ProxyPassReverse /trac https://masterip/trac

Make sure you proxy https to https. Mixing http and https will cause problem later on when performing copies in subversion commits and they will fail.

Leave a comment

Your email address will not be published. Required fields are marked *