玄箱+debian-etch+subversion+web-dav+ssl
参考はこちら
1.apache2,openssl,subversionインストール
# apt-get install apache2 # apt-get install subversion subversion-tools libapache2-svn # apt-get install openssl ssl-cert
2.リポジトリ作成
# mkdir /mnt/svn # svnadmin create --fs-type fsfs /mnt/svn/private # chown -R www-data:www-data /mnt/svn/* # chmod -R g+w /mnt/svn/*
3.パスワードファイル作成
# htpasswd -c /etc/apache2/dav_svn.passwd USER
4.SSLの証明書作成
# mkdir /etc/apache2/ssl # openssl req $@ -new -x509 -days 365 -nodes -out /etc/apache2/ssl/apache.pem -keyout /etc/apache2/ssl/apache.pem # chmod 600 /etc/apache2/ssl/apache.pem
5.SSLを使う設定
# vi /etc/apache2/ports.conf Listen 443 ←追加 # vi /etc/apache2/sites-available/default # diff -u /etc/apache2/sites-available/default.org /etc/apache2/sites-available/default # diff -u /etc/apache2/sites-available/default.org /etc/apache2/sites-available/default --- /etc/apache2/sites-available/default.org 2008-01-14 22:05:37.000000000 +0900 +++ /etc/apache2/sites-available/default 2008-01-15 22:13:34.000000000 +0900 @@ -1,5 +1,5 @@ -NameVirtualHost * -<VirtualHost *> +NameVirtualHost *:80 +<VirtualHost *:80> ServerAdmin webmaster@localhost DocumentRoot /var/www/ @@ -44,3 +44,9 @@ </Directory> </VirtualHost> +NameVirtualHost *:443 +<VirtualHost *:443> + ServerAdmin webmaster@localhost + SSLEngine on + SSLCertificateFile /etc/apache2/ssl/apache.pem +</VirtualHost> # diff -u /etc/apache2/mods-available/dav_svn.conf.org /etc/apache2/mods-available/dav_svn.conf # diff -u /etc/apache2/mods-available/dav_svn.conf.org /etc/apache2/mods-available/dav_svn.conf --- /etc/apache2/mods-available/dav_svn.conf.org 2008-01-14 23:31:04.000000000 +0900 +++ /etc/apache2/mods-available/dav_svn.conf 2008-01-15 22:16:40.000000000 +0900 @@ -10,17 +10,17 @@ # URL controls how the repository appears to the outside world. # In this example clients access the repository as http://hostname/svn/ # Note, a literal /svn should NOT exist in your document root. -#<Location /svn> +<Location /svn> # Uncomment this to enable the repository - #DAV svn + DAV svn # Set this to the path to your repository #SVNPath /var/lib/svn # Alternatively, use SVNParentPath if you have multiple repositories under # under a single directory (/var/lib/svn/repo1, /var/lib/svn/repo2, ...). # You need either SVNPath and SVNParentPath, but not both. - #SVNParentPath /var/lib/svn + SVNParentPath /mnt/svn # Access control is done at 3 levels: (1) Apache authentication, via # any of several methods. A "Basic Auth" section is commented out @@ -37,9 +37,9 @@ # manage the password file - and the documentation for the # 'auth_basic' and 'authn_file' modules, which you will need for this # (enable them with 'a2enmod'). - #AuthType Basic - #AuthName "Subversion Repository" - #AuthUserFile /etc/apache2/dav_svn.passwd + AuthType Basic + AuthName "Subversion Repository" + AuthUserFile /etc/apache2/dav_svn.passwd # To enable authorization via mod_authz_svn #AuthzSVNAccessFile /etc/apache2/dav_svn.authz @@ -48,7 +48,7 @@ # committers authenticate themselves. It requires the 'authz_user' # module (enable it with 'a2enmod'). #<LimitExcept GET PROPFIND OPTIONS REPORT> - #Require valid-user + Require valid-user #</LimitExcept> - -#</Location> +SSLRequireSSL +</Location>
6.SSLを有効に
# a2enmod ssl # /etc/init.d/apache2 force-reload
玄人志向 KURO-BOX/HG NAS組み立てキット
posted with amazlet on 08.01.11