HOWTO setup insurrection
From Chaos
Contents |
Summary
This HOWTO describes how to setup Insurrection, a very nice front-end to Subversion.
Prerequisites
- You'll need Apache 2, mod_dav_svn, mod_authz_svn, and SVN installed on a system.
- Insurrection needs to be installed on the same system that the svn repo is on.
Details
Download Insurrection
1. Check out a working copy of the most recent branch of Insurrection using svn:
| root@localhost:/usr/local/etc# svn co http://svn.code-host.net/svn/Insurrection/trunk insurrection |
Setup Insurrection
1. According to the Insurrection website, you need to do the following:
This is one of the places where there needs to be a lot more work. However, the basic trick is to edit and set your system specific parameters in the insurrection.xml, insurrection.pl, and insurrection.js files. I know, three places... but they are used independantly by different technologies so I am not sure what the best way to consolidate all of this is. Maybe an install script of some sort. One of the things I tend to do is to have a repository just for the Subversion web site itself. With a little bit of post-commit magic, this lets me commit new web site files/code/etc. and have it be on the Subversion server without the need to SSH/Login onto the server itself. This also provides for a good way of tracking changes to the site, including changes to the administration files (such as the password file and the access rights file).
So, we need to start by modifying insurrection.xsl (Yes, insurrection.xsl is correct, the above page is outdate), insurrection.pl, and insurrection.js. You will also need to modify your apache vhost definition, and the root .htaccess file within the insurrection directory.
/usr/local/www/data/
insurrection.conf
- All I did was take the relevant settings out of this file, and put them in my Apache VHost config. See below for further clarification.
insurrection.xsl
- Did not need to make any changes.
insurrection.pl
- The changes listed below only reflect things I changed from their default value(s).
- Changed SVN_INDEX_TITLE to 'Subversion Repository for Untouchable.net'.
- Changed SVN_BASE to '/home/svn' (where my main repo is located).
- Changed SVN_AUTH to '/home/svn/authentication' (the contents of which are below).
- Changed SVN_LOGS to '/home/svn/logs' (which is currently empty).
- Changed SVN_BIN to '/usr/local/bin/' (based on 'which svn').
- Changed EMAIL_DOMAIN to '@untouchable.net'.
- Changed HTTPS_LOGIN to 1 (requires authenticated users to use SSL to login).
- Changed SVN_URL_PATH to '/svn/'.
- Changed SVN_REPOSITORIES_URL to '/svn/'.
.htaccess
- Please note that changes below only reflect things that I have changed from their default value.
- Changed AuthUserFile to '/home/svn/authentication/passwords'.
- Changed AuthName to 'Untouchable.net Insurrection Repository'.
- Changed '/home/subversion/www/%{HTTP_HOST}.gif' to '/usr/local/www/data/%{HTTP_HOST}.gif' (since /usr/local/www/data/ is my document root).
insurrection.js
- Did not need to make any changes.
/home/svn/authentication/
mod_authz_svn_access.conf
- This is the file that tells mod_authz_svn how to behave. I only want read-access, so my setup is pretty simplistec.
#to allow everyone read access [/] * = r #[landfill:/] #allow all developers complete access #@developers = rw # #[/] # #* = rw
passwords
- This file is simply an htpasswd-style password file for user authentication. You can create it by using a command like the one below:
| root@localhost:/home/svn/authentication# htpasswd -c passwords -a Admin |
Apache Vhost
- Now comes the hard part. I have included my entire VHost config, in hopes that it will help someone out. If it is too confusing, please shoot me an email and I will try to clarify.
Listen 172.16.46.100:9168
NameVirtualhost 172.16.46.100:9168
<VirtualHost 172.16.46.100:9168>
DocumentRoot "/usr/local/www/data"
ServerName insurrection.untouchable.net
ServerAdmin webmaster{_[at]_}untouchable.net
ErrorLog /var/log/apache/insurrection.untouchable.net-error_log
TransferLog /var/log/apache/insurrection.untouchable.net-access_log
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /usr/local/etc/apache2/ssl/insurrection.untouchable.net/insurrection.untouchable.net.crt
SSLCertificateKeyFile /usr/local/etc/apache2/ssl/insurrection.untouchable.net/insurrection.untouchable.net.key
<Files ~ "\.(cgi|pl|shtml|phtml|php|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Directory "/usr/local/www/data">
AllowOverride All
DirectoryIndex index.cgi index.pl index.php index.php3 index.html
Options ExecCGI FollowSymLinks
AddHandler cgi-script .cgi
AddHandler cgi-script .pl
Order allow,deny
Allow from all
</Directory>
<DirectoryMatch "^/.*/\.svn">
Order allow,deny
Deny from all
</DirectoryMatch>
<Location "/svn">
DAV svn
SVNParentPath /home/svn
SVNIndexXSLT "/insurrection.xsl"
# our access control policy
AuthzSVNAccessFile /home/svn/authentication/mod_authz_svn_access.conf
# try anonymous but require a user if needed
#Satisfy Any
#Require valid-user
# how to authenticate a user
#AuthType Basic
#AuthName "Untouchable.net Repository"
#AuthUserFile /home/svn/authentication/passwords
</Location>
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog /var/log/apache/secure-ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
RewriteEngine on
RewriteLog /var/log/apache/insurrection.untouchable.net-rewrite_log
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
RewriteRule .* - [F]
</VirtualHost>
