I use svn+apache2 to give access to all my repos. This is acomplished with dav_svn_module that allows you to give DAV SVN acess to one directory on your file system.
I drop all my projects in /servers/svn/rep/ so, for a while, giving DAV access to /servers/svn/rep/ did the trick. The problem arises when you need to give different permissions to each repository ( and i really didn’t want to write one <Directory>
directive for each repository ).
Well, fine-grain permissions ( r/w) per repository using DAV can be accomplished using the SVN AUTHZ. You can allow or deny read or write access to one user or user group by repository.
I’ll post a quick walktrough by my setup, it assumes you already have apache2 rolling with dav_svn_module and authz_svn_module.
Apache Configuration
First of all create a vhost/location for your SVN repo:
<VirtualHost *>
ServerName svn.yourhost.com
<Location />
DAV svn
# path to the directory holding your projects repositories.
SVNParentPath /servers/svn/reps
AuthType Basic
AuthName "Subversion Repository"
AuthUserFile /servers/svn/etc/svn-auth-file
AuthzSVNAccessFile /servers/svn/etc/svn-authz-file
require valid-user
</Location>
</VirtualHost>
This above configuration will provide DAV access to /servers/svn/reps, mapping / to /servers/svn/reps. So, if you have a project called app1 you can acess app1 repository by pointing your browser to http://svn.yourhost.com/app1.
Authentication
We autenticate the users using apache builtin basic auth module. Just create the users file /servers/svn/etc/svn-auth-file using htpasswd command line util.
Let’s add three users to illustrate our example: an app1 coder named Ruth, the server admin “bat” and a guest user.
( Well, unfortunatelly the guest user will also have to have a password )
htpasswd -c /servers/svn/etc/svn-auth-file bat
htpasswd /servers/svn/etc/svn-auth-file ruth
htpasswd /servers/svn/etc/svn-auth-file guest
Authorization
Now we need to limit certain users to certain repositories .This is accomplished by adding some rules to the /servers/svn/etc/svn-authz-file file.
First of all state your user groups by adding the following block to the file:
[groups]
admin=bat
others=guest
coders=ruth
As a fail safe, let’s deny read acess to the base dir to anyone except admins
[/]
* =
@admin = rw
Finally, lets give our coder, Ruth, rw acess to our app1 repository.
Since our app1 is open source, let’s also allow our guest to read from the repository to checkout the latest developments.
[app1:/]
@coders = rw
@others = r
@admin = rw
Just restart your apache and checkout app1 by typing:
$ svn co http://svn.yourhost.com/app1/trunk