tuesday12june2007
Splitting up a SVN repository
I finally split up my big ugly SVN repository into dedicated repos for each project. The process to do this is a little tricky, so I thought I’d write it up here:
- make a dump of the whole repository with
svnadmin dump REPOSITORY > svn.dump - create a new repository for each project with
svnadmin create PROJECT - for each project, run
svndumpfilter include PROJECT --drop-empty-revs --renumber-revs < svn.dump | svnadmin load REPOSITORYPROJECTis the project path in the original repository (e.g.trunk/foo)REPOSITORYis the path to the new repository you just created- if you made copies inside the repository which were originally outside the project path, you’ll have to include those too
- you also may want to rewrite the toplevel folder, for example if you had
trunk/fooin the old repository and want to have those files directly insidetrunkin the new one, usesed -r "s|^(Node-.*path): trunk/foo|\1: trunk|"before thesvnadmincall
- if all goes well, you now should have a new repository with only the desired files in it
- you need to checkout new working copies,
svn switchdoesn’t work here because you’ve created a completely new repository
If you use Apache with authz authentication, there will be some problems when you try to serve multiple repositories. The following configuration works for me (inside <VirtualHost>):
RewriteEngine On RewriteRule ^(/svn)$ $1/ [R] <Location /svn/> DAV svn SVNParentPath /var/lib/svn SVNListParentPath On SVNIndexXSLT /stylesheets/svnindex.xsl AuthType Digest AuthDigestDomain /svn/ AuthName "svn" AuthUserFile /etc/apache2/passwd AuthzSVNAccessFile /var/lib/svn/access Satisfy Any Require valid-user </Location>
- you have to add a slash at the end of the
<Location>tag - the
RewriteRuleis necessary to make/svn(without the slash) still work - inside the
authzconfiguration file, you can reference repositories with the[repo:path]syntax, see the SVN Book for more information
tuesday8august2006
Setting up SSL for Apache2 on Debian
There are a lot of howtos for this on the net, but most of them are far too in-depth, and left me just more confused. So here’s my version:
- Install the
opensslpackage. - Run the following command to generate a self-signed certificate which will expire in about 10 years:
openssl req -new -x509 -days 3650 -nodes \ -out /etc/apache2/ssl/apache.pem -keyout /etc/apache2/ssl/apache.pem
- Fill in the fields as you like, just make sure the server name (“Common Name”) matches your actual domain.
- The certificate will be saved in
/etc/apache2/ssl/apache.pem. You can rename it if you want, and also delete the symlink. Just make sure the file is only readable by root. - Enable the SSL module with
a2enmod ssl. - Add the line
Listen 443to/etc/apache2/ports.confif it isn’t already there. - Now here’s where I got stuck at first. There are two things you have to keep in mind:
- You can only have one SSL-enabled virtual host per IP address. This is a limitation of SSL itself.
- You need to have a separate vhost for the SSL-enabled site.
- If you’re like me, you just want everything to be also available through SSL, but don’t want to maintain two separate configurations. Fortunately you can move all settings into a separate file and
Includethem inside the virtual host:- Create a new file in
/etc/apache2/sites-availablewith all your current settings (without the enclosing<VirtualHost>tag). - Replace your default site configuration with something like this (make sure to change the
Includelines and the path to your certificate):
NameVirtualHost *:80 <VirtualHost *:80> Include /etc/apache2/sites-available/snafu-base </VirtualHost> NameVirtualHost *:443 <VirtualHost *:443> SSLEngine On SSLCertificateFile /etc/apache2/ssl/snafu.selfip.org.pem Include /etc/apache2/sites-available/snafu-base </VirtualHost>
- Create a new file in
- Restart Apache with
invoke-rc.d apache2 restart.
Now you should be able to access your site over HTTPS. Your browser will probably display a warning because the certificate is self-signed.
all rites reversed