Deployment and Security Configuration of Apache-based Subversion Server on Ubuntu Systems

Dec 01, 2025 · Programming · 9 views · 7.8

Keywords: Subversion | Apache | Ubuntu | SSL | Version Control

Abstract: This article provides a comprehensive guide to configuring an Apache Subversion server on Ubuntu GNU/Linux. It covers the installation of Apache HTTP server and necessary modules, enabling SSL encryption, creating virtual hosts, configuring user authentication, and setting repository permissions to enable secure local and remote access. With detailed command examples and configuration files, the guide walks through the entire process from environment setup to initial commit validation, ensuring stable operation and data security for the Subversion server.

Introduction and Background

Subversion (SVN) is a widely-used version control system in software development projects. Deploying SVN via the Apache HTTP server on Ubuntu GNU/Linux not only offers efficient code management but also leverages Apache's modular features for flexible security configurations. Based on best-practice answers, this article systematically explains how to configure an Ubuntu laptop as an SVN server, supporting both local commits and remote access, with a focus on key steps such as Apache configuration, SSL encryption, user authorization, and initial validation.

Apache Server and Module Installation

First, ensure the Apache HTTP server and related Subversion modules are installed. Use the apt-get package manager with the following command:

sudo apt-get install libapache2-svn apache2

This command automatically installs dependencies like apache2-mpm-worker, apache2-utils, and apache2.2-common. After installation, the Apache server has basic functionality but requires further configuration for SVN support. Note that this article assumes sudo privileges and command-line operations; GUI tool enthusiasts can use text editors like Kate or Nano as alternatives to vi.

SSL Encryption Configuration

To ensure data transmission security, enabling the SSL module and generating certificates is crucial. Run the following command to enable SSL:

sudo a2enmod ssl

Next, edit the /etc/apache2/ports.conf file to ensure it includes:

<IfModule mod_ssl.c>
    Listen 443
</IfModule>

Then, install the ssl-cert package and generate an SSL certificate:

sudo apt-get install ssl-cert
sudo mkdir /etc/apache2/ssl
sudo /usr/sbin/make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /etc/apache2/ssl/apache.pem

This certificate will be used for subsequent HTTPS connections, preventing data theft during transmission.

Virtual Host and Site Configuration

Create a virtual host to isolate the SVN service. Copy the default site configuration file and modify it:

sudo cp /etc/apache2/sites-available/default /etc/apache2/sites-available/svnserver

Edit the new file, change <VirtualHost *> to <VirtualHost *:443>, and add SSL-related directives:

SSLEngine on
SSLCertificateFile /etc/apache2/ssl/apache.pem
SSLProtocol all
SSLCipherSuite HIGH:MEDIUM

Also, in ports.conf, change "NameVirtualHost *" to "NameVirtualHost *:443". Enable the site and restart Apache:

sudo a2ensite svnserver
sudo /etc/init.d/apache2 restart

To avoid warnings, add "ServerName $your_server_name" in /etc/apache2/apache2.conf.

Subversion Repository Creation

Create an SVN repository in the /var/svn directory. First, set up the directory and permissions:

sudo mkdir /var/svn
REPOS=myFirstRepo
sudo svnadmin create /var/svn/$REPOS
sudo chown -R www-data:www-data /var/svn/$REPOS
sudo chmod -R g+ws /var/svn/$REPOS

This configuration supports multiple repositories; for additional ones, repeat the steps (skipping mkdir). Ownership and permission settings ensure the Apache process can access repository files properly.

User Authentication and Access Control

Use the htpasswd tool to create authenticated users:

sudo htpasswd -c -m /etc/apache2/dav_svn.passwd $user_name

Then, configure the WebDAV and SVN modules. Edit /etc/apache2/mods-available/dav_svn.conf, adding or uncommenting:

<Location /svn>
DAV svn
SVNParentPath /var/svn
AuthType Basic
AuthName "Subversion Repository"
AuthUserFile /etc/apache2/dav_svn.passwd
Require valid-user
SSLRequireSSL
</Location>

This configuration requires all access via SSL encryption and user authentication for commits; to allow anonymous browsing, add a <LimitExcept GET PROPFIND OPTIONS REPORT> block. Restart Apache to apply the changes:

sudo /etc/init.d/apache2 restart

System Validation and Testing

Access http://localhost/svn/$REPOS and https://localhost/svn/$REPOS via a browser to verify prompts for username and password, displaying "Revision 0: /". Perform an initial commit test:

svn import --username $user_name anyfile.txt https://localhost/svn/$REPOS/anyfile.txt -m “Testing”

After accepting the certificate and entering the password, check out the content with:

svn co --username $user_name https://localhost/svn/$REPOS

This process confirms the server functions correctly, supporting secure commit and checkout operations.

Conclusion and Extensions

This article details the steps to deploy an Apache Subversion server on Ubuntu, from basic installation to advanced security configurations. By integrating Apache modules, SSL encryption, and user authentication, a flexible and secure version control environment is achieved. In practice, configurations can be adjusted based on needs, such as adding more repositories or refining access permissions. This solution is suitable not only for individual development but also for small team collaborations, providing a reliable infrastructure for code management.

Copyright Notice: All rights in this article are reserved by the operators of DevGex. Reasonable sharing and citation are welcome; any reproduction, excerpting, or re-publication without prior permission is prohibited.