Hosting Subversion Repositories
This page describes how to set up, on the CS Department servers, Subversion repositories that you can use to collaborate with other people (whether or not those other people are at Johns Hopkins). This is a somewhat complicated process. If you're comfortable with any of the distributed version control systems (Git, Mercurial, Bazaar, Darcs), you should use those instead, as the setup is a lot simpler. Instructions for those systems can be found on our general version control page.
What we'll be doing here is creating a WebDAV interface to a collection of Subversion repositories. You don't have to use more than one repository if you don't want to, but the option is there if you need it. You will have complete control over (and responsibility for) who can access the contents of these repositories.
In order to allow access to both you and our webserver, the repository has some moderately complicated Access Control Lists (ACLs) that need to be set up. This should be a one-time operation, but be aware that they may make some of the file permissions within the repositories work differently than you might expect.
The URL for your repository will be https://www.cs.jhu.edu/~your-account/svn/your-repository. Note that it starts with "https"; if you leave off the "s", it will not work.
About the Procedures Here
All of these commands must be run from the command line on one of our grad net Linux clients. Subversion repositories are not supported for undergraduate accounts.
All of the examples will use the text "your-account" anywhere you should use your CS account name. Similarly, the text "your-repository" should be replaced by the name of the Subversion repository you want to create.
Things You Do Once
There are a few things you have to do just once, when you want to get all of this started.
First, Tell CS IT Support
There are some changes that need to be made to the department's webserver in order for this to work, so the first thing to do is for you to email email@example.com and let us know that you need to set up a hosted Subversion repository, so that we can do our part.
You can continue with the rest of the instructions on this page while you wait for a response, but you won't be able to use your repositories via https://www.cs.jhu.edu URLs until we've made the necessary changes on our end. We'll email you once we've completed those changes.
Create a Directory for the Repositories
Next, you need to create a directory to hold your repositories. We expect it to be named .svnrepos and be in the root of your home directory.
Allow the Webserver to Access Your Repositories
You need to run the following three commands to give the webserver access to your repositories. These will also give you access to the files created by the webserver once the repository is in use.
(Note that you should be putting your own account name into the first command in two places!)
setfacl --mask -Rm user::rwx,default:user::rwx,user:your-account:rwx,default:user:your-account:rwx ~/.svnrepos setfacl --mask -Rm group::000,default:group::000,group:apache:rwx,default:group:apache:rwx,mask:000 ~/.svnrepos setfacl --mask -Rm other:000,default:other:000 ~/.svnrepos
Create a Web-Access Directory
mkdir -p ~/public_html/svn chmod 0701 ~/public_html chmod 0701 ~/public_html/svn
Create a .htaccess File
You will need a ~/public_html/svn/.htaccess file with the following contents:
(NOTE: You'll need to modify the file per the instructions within the file.)
# These first two lines give general access to your Subversion repositories. # These lines won't interfere with your ability to limit access to particular # people later. Order allow,deny Allow from all ### Authentication # You can use any name here. It will show up when people try to do checkouts, # so you should pick something informative. Note that the AuthUserFile # directive needs to have your account name in it. AuthName "your-name's Subversion Repositories" AuthType Basic AuthUserFile /users/your-account/public_html/svn/.htpasswd # This just prevents people from grabbing your configuration files. The CS # webserver actually has this as a global setting, but it doesn't hurt to repeat # it here, just to be safe. <Files ~ "^\.ht"> Order allow,deny Deny from all </Files> ### Authorization # This is your Subversion access file. Replace "your-account" appropriately. AuthzSVNAccessFile /users/your-account/public_html/svn/.svnaccess # Just like the earlier <Files> section, this prevents people from grabbing your # entire access ruleset. <Files .svnaccess> Order allow,deny Deny from all </Files> # Finally, this is the directive that actually prevents people from accessing # your repositories if they're not logged in. Require valid-user
Make sure you replace all of the occurrences of "your-account".
After saving the file, make sure the webserver can access it:
chmod 0604 ~/public_html/svn/.htaccess
Create a .htpasswd File
Give yourself a login with the following commands:
htpasswd -c ~/public_html/svn/.htpasswd your-account chmod 0604 ~/public_html/svn/.htpasswd
Create a .svnaccess file
Create a file named ~/public_html/svn/.svnaccess and give it appropriate permissions:
touch ~/public_html/svn/.svnaccess chmod 0604 ~/public_html/svn/.svnaccess
You'll add content to this file later.
Things You Need to do For Each Repository
If you only need one repository, you only need to do these once, but you might need to repeat these steps if you decide you need more than one repository.
Create a Repository
svnadmin create --compatible-version 1.6.11 ~/.svnrepos/your-repository
The --compatible-version parameter is important. If you don't use it, the repository will not be compatible with our webserver.
Copy an Existing Repository, if Needed
If you have an existing repository (located elsewhere) that you want to move to the CS webserver, you need to copy its data over. (If you're starting from scratch, you can skip this step.)
You do need to create an empty repository in ~/.svnrepos first. Once that's done, you can use svnadmin dump on the old system and svnadmin load on a CS Linux client to move the data over.
If the old system is also Unix-based, you can often elegantly transfer the data by running the following command on the old system:
svnadmin dump /path/to/old/repository | ssh firstname.lastname@example.org svnadmin load .svnrepos/your-repository
More generically, you take the Subversion software installed on the system that currently holds the repository and use that software to create a repository dump file. Then you copy that file to one of our Linux clients and run:
svnadmin load .svnrepos/your-repository </path/to/dump/file
Give Yourself Access to the Repository
In ~/public_html/svn/.svnaccess, add the following lines:
[~your-account:/svn/your-repository] your-account = rw
The tilde ("~") needs to be in that first line; only replace "your-account" and "your-repository".
Things You Need to do For Each Collaborator
Each collaborator needs to be given access to the appropriate repositories or projects. Here's how you do that.
Add the Person to the .htpasswd File
For each person who needs access to your repositories, have them run the following command on a Unix system:
htpasswd -n their-account
Then have them email you the line that htpasswd printed out. It should look something like this:
Add that line to the end of your ~/public_html/svn/.htpasswd file.
Add the Person to the .svnaccess File
The short version of this step is to edit your ~/public_html/svn/.svnaccess file, find the section for the repository the person should be able to access, and add a line for them in that section that looks like this (replacing their-account with the person's account name):
their-account = rw
Note that because of the way Subversion is set up on our systems, the "repository name" is always "~your-account" and the path always starts with "/svn/your-repository".
Congratulations! You're done!
You can now access your repository via the URL https://www.cs.jhu.edu/~your-account/svn/your-repository and work with it just as you would with a file- or ssh-based repository. If you need to use svnadmin on the repository, just remember that it's in ~/.svnrepos.
If you have any problems with the instructions or just need extra help, please feel free to email email@example.com.