We recently had to setup Apache, Subversion and Trac all within a virtual hosting environment for one of our Clients to be able to develop easily and effictively among team members. They wanted to use multiple domain names for separate projects. Made sense to us, so we started looking for instructions on setting this up.
We wanted to setup LigHTTPD, however it’s not nearly as easy because of no svn-dav module available, so we stuck with Apache 2 for now.
We found a howto on doing this, however there were a few vital steps and explanations missing so we’ve re-written it in hopes it will help others the trouble of searching to find this information.
So, lets move on to the tutorial shall we.
First install the required packages on your system. We started with a clean Ubuntu JEOS 8.0.4 Install on our server.
# sudo aptitude install enscript libapache2-mod-python python-docutils trac db4.3-util libapache2-svn subversion-tools
Now create a virtual host for your SVN container.
# mkdir -p /var/local/svn/svn.yourdomain.com
Now create a development group, and add the web user to it.
# addgroup svngroup; adduser www-data svngroup
Now Add a user to the system and add them to that group
# adduser username # passwd username
Now add that user to the group required for SVN
# adduser username svngroup
Now setup the permissions for your SVN site.
# chmod 2770 /var/local/svn/svn.yourdomain.com
Now setup the repo as you normally would
# svnadmin create /var/local/svn/svn.yourdomain.com
Remove the current password file. We’re using HTTPS (or HTTP) instead of SVNSERVE so no need for it.
# rm /var/local/svn/svn.yourdomain.com/conf/passwd # touch /var/local/svn/svn.yourdomain.com/conf/passwd
Allow your group to write to the repo
# chmod -R g+w www-data:svngroup /var/local/svn/svn.yourdomain.com
Now set the repo access permissions.
# nano /var/local/svn/svn.yourdomain.com/conf/authz
It should look something similar to the following. If in doubt, refer to the Path-Based Auth section of Subversion.
[groups] svngroup = username1,username2,username2 [/] @svngroup = rw
Now, create a log directory within apache for your development site.
# mkdir /var/log/apache2/svn.yourdomain.com
Now create your virtual host.
# nano /etc/apache2/sites-available/svn.yourdomain.com
Copy the following in, editing to suit your environment. Note we’re using a self signed certificate, you can change this to a properly signed one if you have it.
<VirtualHost [server's IP address]:443> ServerName svn.yourdomain.com <Location /> DAV svn AuthType Basic AuthName "svn.yourdomain.com" AuthUserFile /var/local/svn/svn.yourdomain.com/conf/passwd AuthzSVNAccessFile /var/local/svn/svn.yourdomain.com/conf/authz SVNPath /var/local/svn/svn.yourdomain.com Require valid-user </Location> CustomLog /var/log/apache2/svn.yourdomain.com/access.log combined ErrorLog /var/log/apache2/svn.yourdomain.com/error.log SSLEngine on SSLCertificateFile /etc/ssl/certs/selfsigned.pem #Add this once there is a real (non self-signed) certificate. #SSLCertificateKeyFile /etc/apache2/ssl/server.key </VirtualHost> <VirtualHost [server's IP address]:80> ServerName svn.yourdomain.com Redirect / <https://svn.yourdomain.com/> </VirtualHost>
Now, enable the site
# a2ensite svn.yourdomain.com
Now, create a username and password to access the svn site.
# htpasswd /var/local/svn/svn.yourdomain.com/conf/passwd username1
Now, create your SSL certificate. Details are here if you need them.
# sudo aptitude install ssl-cert
Now, we found out that the default Ubuntu SSL cert is only for 30 days, so, we changed this to be 365 a little more sane no? Thanks for the tip Devio.
# which make-ssl-cert # /usr/sbin/make-ssl-cert # nano /usr/sbin/make-ssl-cert
Replace the line near the bottom that looks like this
openssl req -config $TMPFILE -new -x509 -nodes -out $output -keyout $output
With a line that looks like this instead
openssl req -config $TMPFILE -new -x509 **-days 365** -nodes -out $output -keyout $output
Exit and save the file. Now we’re ready to generate our final self signed SSL certificate for Apache on Ubuntu. Like this;
# make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /etc/ssl/certs/selfsigned.pem
Make sure to set your “common name” to your server name – ie: svn.yourdomain.com
Now you can go ahead and restart Apache to verify your DAV enabled SVN site functions.
# /etc/init.d/apache2 restart
To verify, hit it’s url in a browser
If everthing was successful, you now have SVN setup, with WEB-Dav support in Apache2 on Ubuntu. Continue to setup Trac.
First we have to create the web directory for Trac.
# mkdir -p /var/local/trac/trac.yourdomain.com
Now we setup the permissions
# chmod 2770 /var/local/trac/trac.yourdomain.com
Create a Trac instance for your project
# trac-admin /var/local/trac/trac.yourdomain.com initenv
Setup the proper ownerships for the directory
# chown -R www-data:svngroup /var/local/trac/trac.yourdomain.com
Now make sure the group is added to the repo
# chmod -R g+w /var/local/trac/trac.yourdomain.com
Configure Trac where required
# nano /var/local/trac/trac.yourdomain.com/conf/trac.ini
Create a directory for log files
# mkdir /var/log/apache2/trac.yourdomain.com
Now create a virtual host for your trac instance
# nano /etc/apache2/sites-available/trac.yourdomain.com
Now, copy the following into the virtual host configuration, changing to suit your domain and configuration
#Trac Configuration <VirtualHost [server's IP address]:80> ServerName trac.yourdomain.com Redirect / <https://trac.yourdomain.com/> </VirtualHost> <VirtualHost [server's IP address]:443> ServerName trac.yourdomain.com DocumentRoot /var/local/trac/trac.yourdomain.com/ Alias /trac/ /usr/share/trac/htdocs <Directory "/usr/share/trac/htdocs/"> Options Indexes MultiViews AllowOverride None Order allow,deny Allow from all </Directory> <Location /> SetHandler mod_python PythonHandler trac.web.modpython_frontend PythonInterpreter main_interpreter PythonOption TracEnv /var/local/trac/trac.yourdomain.com/ PythonOption TracUriRoot / AuthType Basic AuthName "trac.yourdomain.com" #Use the SVN password file. AuthUserFile /var/local/svn/svn.yourdomain.com/conf/passwd Require valid-user </Location> CustomLog /var/log/apache2/trac.yourdomain.com/access.log combined ErrorLog /var/log/apache2/trac.yourdomain.com/error.log SSLEngine on SSLCertificateFile /etc/ssl/certs/selfsigned.pem #Add this once there is a real (non self-signed) certificate. #SSLCertificateKeyFile /etc/apache2/ssl/server.key > </VirtualHost>
Now, enable this virtual host as well
# a2ensite trac.yourdomain.com
Configure Trac Permissions for your Trac instance.
# trac-admin /var/local/trac/trac.yourdomain.com
Use the following commands to view permissions, and set permissions.
We set the following permissions to one of our users from the command line
# trac-admin /var/local/trac/trac.yourdomain.com permission add username1 TRAC_ADMIN
Now you’re ready to restart Apache with your new Trac VHOST.
# /etc/init.d/apache2 restart
Now you’re ready to restart Apache and visit your Trac installation
Login with your user (username1) and password you setup earlier.
We hope this tutorial helps others when trying to setup SVN and Trac on Ubuntu with Virtual Hosts. Let us know if you have any other handy tips!