Debian has its own package for Subversion, but most of the time you want to use the latest Subversion package that’s out there. This explains how to build and use that over Apache and HTTPS.

Installation

This particular install does not use the Berkeley DB method of code repository storage, but rather the flat file system storage method. Both have their advantages, but the file is believed to be faster. Read more here.

First setup Apache and get all the Subversion dependencies.

apt-get install apache2
apt-get build-dep subversion
cd /usr/src
wget http://subversion.tigris.org/downloads/subversion-1.6.11.tar.gz
tar zxvf subversion -1.6.11.tar.gz
cd subversion-1.6.11
./configure --prefix=/usr/local

Then we get this warning, but FSFS is fine to use instead of Berkeley.

configure: WARNING: we have configured without BDB filesystem support

You don't seem to have Berkeley DB version 4.0.14 or newer
installed and linked to APR-UTIL.  We have created Makefiles which
will build without the Berkeley DB back-end; your repositories will
use FSFS as the default back-end.  You can find the latest version of
Berkeley DB here:

http://www.oracle.com/technology/software/products/berkeley-db/index.html

Continue with the build:

make
make install

After install, this error comes up, but it can be ignored and the next few steps will fix.

apxs:Error: Activation failed for custom /etc/apache2/httpd.conf file..
apxs:Error: At least one `LoadModule' directive already has to exist..
make: *** [install-mods-shared] Error 1

Create the file /etc/apache2/mods-available/dav_svn.load with the following:

# Depends: dav
LoadModule dav_svn_module /usr/lib/apache2/modules/mod_dav_svn.so
LoadModule authz_svn_module /usr/lib/apache2/modules/mod_authz_svn.so

Copy over the modules from source and install them in the Apache directories; also enable SSL since we want to push this over a secure channel:

cp /usr/src/subversion-1.6.11/subversion/mod_dav_svn/.libs/mod_dav_svn.so /usr/lib/apache2/modules/
cp /usr/src/subversion-1.6.11/subversion/mod_authz_svn/.libs/mod_authz_svn.so /usr/lib/apache2/modules/
a2enmod dav_svn
a2enmod ssl

Configuration

Create the file /etc/apache2/sites-available/svn so that Apache knows about the SVN repository:

NameVirtualHost svn.mysite.com:443

<VirtualHost svn.mysite.com:443>

DocumentRoot /var/svn

# SSL Definitions
SSLEngine on
SSLCertificateFile /etc/ssl/private/myserver_svn.crt
SSLCertificateKeyFile /etc/ssl/private/myserver_svn.key

# Subversion
<Location /svn>
    DAV svn
    SVNListParentPath on
    SVNParentPath /var/svn
    AuthType Basic
    AuthName "Subversion Repository"
    AuthUserFile /etc/svn/dav_svn.passwd
    AuthzSVNAccessFile /etc/svn/dav_svn.control
    Require valid-user
</Location>
</VirtualHost>

Now enable the site and start/restart Apache:

a2ensite svn
/etc/init.d/apache2 restart

Setup the initial repository with the svncreate command and make the user running the web service the owner, since they will be the user actually modifying the repository files.

mkdir /var/svn
svnadmin create /var/svn/myproject
chown -R www-data:www-data /var/svn/myproject

Now we can create the username/password files along with the access files.

mkdir /etc/svn
touch /etc/svn/dav_svn.passwd
htpasswd -mb /etc/svn/dav_svn.passwd myuser mypassword

Create the access file to your repositories.

touch /etc/svn/dav_svn.control

And now edit the file. You can set users using r and rw access writes. First you list the repository, and then the folder location after that for more fine grained permissions.

[myproject:/]
myuser = r

[myproject:/trunk/base/code]
myuser = rw

Now reboot the server and test access; it should start up automatically.

Maintenance and Use

The best way to use SVN over HTTPS is with Tortoise for Windows or some other tool if using Linux, like RapidSVN.

Adding Additional Users

To add more users, just run the htpasswd command linked to your dav_svn.passwd file, same as the initial configuration for users.

htpasswd -mb /etc/svn/dav_svn.passwd newuser newpassword

And now edit the access file containing the other users and defined in the Apache configuration. You can set users using r and rw access writes. First you list the repository, and then the folder location after that for more fine grained permissions.

[myproject:/]
myuser = r
newuser = r

[myproject:/trunk/base/code]
myuser = rw
newuser = rw

Backing Up the Repositories

To backup a repository, use the svnadmin dump command which will export the entire database and revisions. You can then tar up and gzip the dump file for compression, and back it up to tape or disk somewhere else. There are also incremental backups that can be done of disk/tape space is an issue.

svnadmin dump /home/svn/myproject > /home/backups/myproject_dumpfile

Restoring the Repositories

Restoring the SVN database is simply rewriting all the revisions from the dump back into a database. The restore process also works well for moving an older repository over to a new one since restoring the dump into a new SVN database will update it to that version.

svnadmin create /home/svn/restoredproject
svnadmin load /home/svn/restoredproject < /home/backups/myproject_dumpfile
chown -R www-data:www-data /home/svn/restoredproject
chmod -R 770 /home/svn/restoredproject