Friday, November 13, 2009


HOWTO - Apache2 + Subversion + SSL

I needed install Apache2 + Subversion and i have searching for info, etc. and now i'm decide to create this tutorial, i hope you like!

Here we go:

INSTALL APACHE2

To install apache2 run that command:
Code:
sudo apt-get install apache2
(if you want also install php and mysql just follow this Link)

After you will install subversion:
Code:
sudo apt-get install subversion
(in that moment doens't exist the pre-buil binary of the last version (1.2.1), but when it's out you can simple upgrade )

To use svn with apache you need install libapache2-svn:
Code:
sudo apt-get install libapache2-svn
Now is better restart apache :
Code:
sudo /etc/init.d/apache2 restart
If you don't want SSL go to the last instructions (dav_svn.conf configurations, and users accounts).

Run:
Code:
a2enmod ssl
Add "Listen 443" to /etc/apache2/ports.conf:
Code:
sudo gedit /etc/apache2/ports.conf
Run:
Code:
apache2-ssl-certificate
Create a new SSL configuration file:
Code:
sudo cp /etc/apache2/sites-available/default /etc/apache2/sites-available/myown-ssl
Edit myown-ssl file:
Code:
sudo gedit /etc/apache2/sites-available/myown-ssl
Change:
Code:
NameVirtualHost *
to
Code:
NameVirtualHost *:443
and
Code:
to
Code:
Add before :
Code:
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/apache.pem
SSLProtocol all
SSLCipherSuite HIGH:MEDIUM
Run:
Code:
a2ensite myown-ssl
Restart Apache:
Code:
sudo /etc/init.d/apache2 restart
Last instruction:

Edit dav_svn configuration file and follow the instructions:
Code:
sudo gedit /etc/apache2/mods-available/dav_svn.conf
Restart apache:
Code:
 sudo /etc/init.d/apache2 restart - werkt niet meer-> nu
# /usr/sbin/make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /etc/apache2/apache.pem
Daarna apache.pem in /etc/apache2/ssl/ stoppen (waarbij ssl handmatig aangemaakt)
Create SVN folder:
Code:
sudo svnadmin create /srv/svn
sudo chown -R www-data:www-data /srv/svn
sudo chmod -R g+ws /srv/svn
Create the users account file:
Code:
sudo htpasswd2 -c /etc/apache2/dav_svn.passwd svnuser
(after asks for a password)

Test SVN:
Code:
svn import .bashrc https://localhost/svn/testfile -mlogentry
That is all!!!


For the SSL instructions i have follow this Tutorial.
About how using SVN see the official SVN book here or visit the official website (Link).

Any error, please report! (and not only in the istructions but also in the english...)

Tuesday, November 10, 2009

webmin installeren

http://www.webxpert.ro/andrei/2009/05/30/install-webmin-on-ubuntu-server-904-jaunty-jackalope/

I am a big fan of Ubuntu Server. It’s exactly what you need for a server, no fancy UI, just services.
Dealing with all the text configuration files can be a time consuming task and there is something that can help a lot. It’s called Webmin and it is a web interface for configuring your linux box.
figure1

You need to install first some perl-related libraries required by webmin:

sudo apt-get install perl libnet-ssleay-perl openssl libauthen-pam-perl libpam-runtime libio-pty-perl libmd5-perl


The you need to download the latest webmin archive (this might change in time). I am downloading the Debian package:
wget http://prdownloads.sourceforge.net/webadmin/webmin_1.470_all.deb

wget http://www.webmin.com/download/deb/webmin-current.deb

(thanks @macrocode)

Install the Debian package with dpkg, not Aptitude:
sudo dpkg -i webmin_1.470_all.deb

sudo dpkg -i webmin_1.490_all.deb

* Your downloaded version may differ. Just use the deb package you’ve just downloaded.

Enjoy your Webmin installation at https://[serverIP]:10000 .
What I am normally doing is forwarding the port 10000 out of my router and access my webmin from anywhere on the internet. You can forward it to another port and to be user-friendly and easy-to-remember you can use DynDNS to pick a nice name.

Enjoy!

Subversion over https met basic authentificatie

  1. Subversion gedeelte

[bron http://odyniec.net/articles/ubuntu-subversion-server/ ]

Begin by installing the Subversion package:

$ sudo apt-get install subversion

You're going to need a directory for your repositories, as well as other Subversion-related files. Most people use /home/svn or /usr/local/svn for this purpose, and you can choose either. I personally prefer /usr/local/svn over /home/svn, as I like to keep /home for home directories of real users of the system.

$ sudo mkdir /usr/local/svn

Inside this directory, create another one to hold your repositories:

$ sudo mkdir /usr/local/svn/repos

Now, you need to set some access permissions on those directories. You only want to allow certain users of your system (that is, yourself and the other developers) to access the repositories, so add a new group for those users. Name the group svn.

$ sudo groupadd svn

Then, change the group ownership of /usr/local/svn/repos to the new group using the chgrp command:

$ sudo chgrp svn /usr/local/svn/repos

The members of the svn group also need write access to the repos directory, so use chmod to add the write permission for the group:

$ sudo chmod g+w /usr/local/svn/repos

Additionally, you need to make sure that all new files and directories created in the repos directory (in other words, anything committed to the repositories) will also be owned by the group. To accomplish this, use chmod again to set the set-group-ID bit on the directory, which causes any file created inside it to have the same group ownership as the directory itself. Effectively, everything in repos will belong to the svn group.

$ sudo chmod g+s /usr/local/svn/repos

OK, so you now have the repositories directory with proper permissions, ready to be used by the svn group. Go ahead and add yourself to the group:

$ sudo usermod -a -G svn michal

However, your new group membership will not be effective for the current session, so you need to log out and log back in. When you're back, you can verify that your account is recognized as a member of the svn group:

$ groups michal adm dialout cdrom plugdev lpadmin admin sambashare svn

If the other developers have user accounts on your server, add them to the group too:

$ sudo usermod -a -G svn jimmy $ sudo usermod -a -G svn craig

If they don't, they will still be able to access the repositories, but only using the basic svn protocol, not the secure svn+ssh method.

Creating a Test Repository

You can now create a repository. In the following steps, I'll demonstrate how to create a simple test repository containing one text file, and how to check out and commit files. If you're not familiar with Subversion, then this could be a good exercise to learn the basics. Otherwise, you can skip all the test checkouts and commits and just create the repository for your project.

The repository will be a subdirectory in the repos directory, and will have its group ownership set to svn (thanks to the chmod g+s you did earlier). However, that's not all – you also need to make sure the repository will be group writable, so that the other members of the svn group will be able to commit files. To do this, set the umask to 002:

$ umask 002

This command sets the new file mode creation mask which controls the default permissions of any new file that you create. The default value is 022 and it corresponds to read/write permissions for the file owner, and read permissions for the group and others. The new value, 002, also gives write permissions to the group, which is just what you need.

Create the repository using the svnadmin command:

$ svnadmin create /usr/local/svn/repos/test

And set back the default umask:

$ umask 022

So you now have an empty repository, waiting for you to commit something to it. But, before you do this, you need to check out the current version (i.e., the empty directory) to create a working copy.

$ svn checkout file:///usr/local/svn/repos/test Checked out revision 0.

The working copy has been checked out to a new directory named test. Go ahead and create a simple "hello world" text file in that directory:

$ cd test $ echo 'Hello, World!' > hello.txt

Then, add it to version control with the svn add command:

$ svn add hello.txt A hello.txt

Finally, commit it using svn commit:

$ svn commit -m "Added a 'hello world' text file." Adding hello.txt Transmitting file data . Committed revision 1.

The hello.txt file is now in the repository.

Apache configuratie

[bron: http://www.debuntu.org/2006/05/20/54-how-to-subversion-svn-with-apache2-and-dav ]

First of all we need to install the required packages:

apt-get install subversion libapache2-svn

Repository structure:

The projects are going to be hosted on /var/svn/repository. We need to create to directories and give full permission to the apache user:

mkdir /var/svn
mkdir /var/svn/repository

Now that the directory exist, we need to give write access to the apache user:

chown www-data:www-data -R /var/svn/repository
chmod 770 -R /var/svn/repository

Configuring Apache:

Now, we need to modify apache svn module configuration file, edit /etc/apache2/mods-available/dav_svn.conf and make sure the following argument are properly setted up:

...
SVNParentPath /var/svn/repository
#SVNPath /var/svn/repository
.....
AuthType Basic
AuthName "Subversion Repository"
AuthUserFile /etc/apache2/dav_svn.passwd
Require valid-user
...

In order to be able to track who modify the different files of the project, we need to create users. Create the first user (tester) and supply a password:

htpasswd2 -c /etc/apache2/dav_svn.passwd tester

Creating a first repository:
Get apache user access (so files and directories are created with proper rights:

su www-data

and create your first repository (example):

svnadmin create /var/svn/repository/example

import your project:

svn import /path/to/projectexample file:///var/svn/repository/example/examplev1 -m"initial import"

Now, get back to root user (Ctrl-D) and restart apache:

/etc/init.d/apache2 restart

Your project is now avalaible to the different user you will add in /etc/apache2/dav_svn.passwd .
User tester can now access the project at http://svnhostaddress/example and checkout a first copy to his computer, modify files and commit back his changes to the server.

Achtergrond

Deze blog is met name voor mijzelf geschreven. Normaliter zou ik het in een simpel textbestandje opslaan en bewaren voor wanneer ik het weer nodig heb. Ik probeer het voor het eerst te "bloggen", wie weet heeft iemand anders er wat aan.

Achtergrond:

Ik ben verwent Microsoft gebruiker en heb de nodige frustraties (meegemaakt) met Linux.
Enige tijd geleden heb ik voor mijn afstudeerstage een Ubuntu-server opgezet. Ik heb hierop een subversion repository aangemaakt die gekoppeld is aan een bugreport systeem (Mantis). Nu draaide dit onder VmWare Server, thuis. Hoewel ik momenteel nog glasvezel heb liggen (studentenflat) wil ik de server het liefst extern onderbrengen. Ook met het oog op betrouwbaarheid van de huidige verbinding hier.

De server was indertijd opgezet met haast en 0% linux kennis en dankzij de ubuntu-desktop editie ook enorm groot van omvang qua ram/hdd voor een server die alleen als repro en webserver dient. Daarom wil ik graag deze in de komende tijd (geen haast :) ) omzetten naar een ubuntu server editie en het liefst wil ik alles zoveel mogelijk via de command line interface doen.

Dat ik nu een blog erover schrijf heeft ermee te maken dat ik het 8 maanden geleden allemaal zelf heb geïnstalleerd, maar inmiddels geen idee meer heb wat ik allemaal gedaan had om het goed/betrouwbaar werkend te krijgen. Deze blog is dus voor mij een how-to voor als ik ooit opnieuw zo`n server moet inrichten.