Saturday, 5 January 2008

Configuring SubVersion under Windows.

Whilst I'm an advocate of TFS as a dev process management and version control system, I also like subversion - it's a great, free, source control system with a vibrant community of users and a host of supporting tools. The following post is a quick and handy reference to getting SVN to run over the network.

First steps
First of all get hold of the latest subversion and tortoiseSVN and install them. Once that's complete, create a repository using the tortoiseSVN tools.

Setting up the network
To get it working, you can initially run the SVN server from the command line. Use something like this;

svnserve -d --listen-port 44818 -r e:\myRepository

-d puts the server into daemon (listening) mode
--listen-port parameter and argument is optional and specifies what port to listen on
-r then specifies the repository you've just created above.

With that working, you'll now want to run this as a windows service. In comes the ubiquitous sc.exe (part of your windows O/S)

Installing as a service
Run the SC tool to add scnserve as a service;

sc create "SVNServe" binpath="c:\SubVersion\bin\svnserve.exe --service -r e:\myRepository" displayname="Subversion Repository" depend=Tcpip

From there you can then set your service to start automatically and start the service.

Adding security
Its all well and good having SVN running, but a little security wouldn't go amiss! The files you need to edit are all contained in the conf sub-directory within your repository directory. 3 files - svnserve.conf, authz and passwd. Quick overview below;

anon-access = none
# auth-access = write
password-db = passwd
authz-db = authz
realm = My SVN server

This disables anonymous access to the svn server and forces the passwd and authz files to be used to configure the users and path based security permissions. The realm parameter will be presented to users when the SVN client asks them to login.

#Define some groups of users

#Set the root of the repository to read
#only by any authenticated user
* = r

#Set a location in the tree to not available
to users initially, read/write for groupY users,
#read only for groupX users and specifically grant
#user1 read/write access.
* = 
@groupY = rw
@groupX = r
user1 = rw

# Give all authenticated user read/write access
* = rw

And last, but not least, the passwd file in this instance is where all the usernames and passwords are held.


No comments:

Post a Comment