Redmine from wheezy-backports, autocreate repos and access control

I had some trouble getting Redmine with subversion installed on debian wheezy. The main problem was the outdated version in the default repositories. I decided to use wheezy-backports repo to get a fresh but reliable version installed.

I also wanted automatic repository creation and redmine usernames and passwords to control the access to the repositories. Below is the result.. 🙂

aptitude install mysql-server
aptitude -t wheezy-backports install redmine redmine-mysql
aptitude -t wheezy-backports install apache2 libapache2-mod-passenger
ln -s /usr/share/redmine/public /var/www/redmine
vim /etc/apache2/mods-available/passenger.conf
PassengerDefaultUser www-data
a2enmod passenger
vim /etc/apache2/sites-available/default
<Directory /var/www/redmine>
RailsBaseURI /redmine
PassengerResolveSymlinksInDocumentRoot on
</Directory>
a2enmod passenger
/etc/init.d/apache2 restart

after login

ln -s /var/cache/redmine/default/plugin_assets /usr/share/redmine/public/
aptitude install subversion libapache2-svn libapache-dbi-perl libapache2-mod-perl2 libdbd-mysql-perl libauthen-simple-ldap-perl ruby-dev make
 
mkdir /var/svn
chown root:www-data /var/svn
chmod 0750 /var/svn
 
gem install activeresource
ln -s /usr/share/redmine/extra/svn/Redmine.pm /usr/lib/perl5/Apache
vim /etc/apache2/mods-available/dav_svn.conf
   PerlLoadModule Apache::Redmine
   <Location /svn>
     DAV svn
     SVNParentPath "/var/svn"
     Order deny,allow
     Deny from all
     Satisfy any
     # If a client tries to svn update which involves updating many files,
     # the update request might result in an error Server sent unexpected
     # return value (413 Request  Entity Too Large) in response to REPORT
     # request,because the size of the update request exceeds the limit
     # allowed by the server. You can avoid this error by disabling the
     # request size limit by adding the line LimitXMLRequestBody 0
     # between the <Location...> and </Location> lines.
     LimitXMLRequestBody 0
 
     # Only check Authentication for root path, nor again for recursive
     # folder.
     # Redmine core does only permit access on repository level, so this
     # doesn't hurt security. On the other hand it does boost performance
     # a lot!
     SVNPathAuthz off
 
     PerlAccessHandler Apache::Authn::Redmine::access_handler
     PerlAuthenHandler Apache::Authn::Redmine::authen_handler
     AuthType Basic
     AuthName "Redmine SVN Repository"
     AuthUserFile /dev/null
 
     #read-only access
     <Limit GET PROPFIND OPTIONS REPORT>
        Require valid-user
        Allow from SERVER_IP
        # Allow from another-ip
        Satisfy any
     </Limit>
     # write access
     <LimitExcept GET PROPFIND OPTIONS REPORT>
       Require valid-user
     </LimitExcept>
 
     ## for mysql
     RedmineDSN "DBI:mysql:database=redmine_default;host=localhost"
     ## for postgres
     # RedmineDSN "DBI:Pg:dbname=databasename;host=my.db.server"
     ## for SQLite3
     # RedmineDSN "DBI:SQLite:dbname=database.db"
 
     RedmineDbUser "redmine_default"
     RedmineDbPass "PASSWORD"
  </Location>
a2enmod dav_svn

Add to cron:

* * * * * root ruby /usr/share/redmine/extra/svn/reposman.rb --redmine my.redmine.host --svn-dir /var/svn --owner www-data --url http://my.svn.server/svn/ --key=my_api_key >> /var/log/reposman.log

DONE!

Leave a Reply

Your email address will not be published. Required fields are marked *