SubversionEdge安装
<h2>SubversionEdge安装</h2>
<p><code>推荐配置</code></p>
<blockquote>
<p>OS:CentOs7.5+
最低配置:2核4G
推荐配置:4核8G (用户量够大可考虑8C16G)
若采用https协议建议使用高配</p>
</blockquote>
<h4>1、JDK-1.8安装</h4>
<p><code>下载</code></p>
<pre><code class="language-shell">#安装wget
yum -y install wget
#下载JDK-1.8压缩包
wget --no-check-certificate --no-cookies --header "Cookie: oraclelicense=accept-securebackup-cookie" http://download.oracle.com/otn-pub/java/jdk/8u131-b11/d54c1d3a095b4ff2b6607d096fa80163/jdk-8u131-linux-x64.tar.gz
#若无法下载或者下载较慢,则使用下面这条命令下载
wget "http://huangwj.top/download/Others/jdk-8u131-linux-x64.tar.gz"</code></pre>
<p><code>解压</code></p>
<pre><code>mv jdk-8u131-linux-x64.tar.gz /usr/local/;cd /usr/local/;tar -vxf jdk-8u131-linux-x64.tar.gz;mv jdk1.8.0_131 jdk</code></pre>
<p><code>JAVA_HOME环境变量配置</code></p>
<pre><code>vim /etc/profile</code></pre>
<pre><code>#Java_Home
export JAVA_HOME=/usr/local/jdk
export CLASSPATH=$CLASSPATH:$JAVA_HOME/lib:$JAVA_HOME/jre/lib
export PATH=$JAVA_HOME/bin:$JAVA_HOME/jre/bin:$PATH</code></pre>
<pre><code>source /etc/profile</code></pre>
<h4>2、CSVN安装</h4>
<p><code>下载</code></p>
<p><a href="https://www.collab.net/downloads/subversion#show-Linux">https://www.collab.net/downloads/subversion#show-Linux</a></p>
<p>下载的时候需要注册collabnet账号</p>
<p>可直接使用如下命令下载</p>
<pre><code>wget "http://huangwj.top/download/Others/CollabNetSubversionEdge-5.2.4_linux-x86_64.tar.gz"</code></pre>
<p><code>创建用户</code></p>
<pre><code class="language-shell">useradd csvn #创建csvn用户
passwd csvn #修改csvn密码,待会会用到
#使用root用户
visudo #编辑sudoers文件
#在root ALL=(ALL) ALL下添加
csvn ALL=(ALL) ALL #csvn为安装用户
#保存退出即可
su csvn
sudo tar -xvf CollabNetSubversionEdge-5.2.4_linux-x86_64.tar.gz
sudo mv csvn /usr/local/
cd /usr/local/csvn/
sudo chown -R csvn:csvn /usr/local/csvn/
#配置csvn使用1-1023端口的权限
sudo chown root:csvn /usr/local/csvn/lib/httpd_bind/httpd_bind
sudo chmod u+s /usr/local/csvn/lib/httpd_bind/httpd_bind
sudo /usr/local/csvn/bin/csvn-httpd install
`Detected RHEL or Fedora:
Installing the Subversion Edge Apache Server daemon..`
#开始安装
sudo -E /usr/local/csvn/bin/csvn install
`Detected RHEL or Fedora:
Installing the CSVN Console daemon..
Setting RUN_AS_USER to: 'csvn'. Please edit '../data/conf/csvn.conf' if this needs to be adjusted
Setting JAVA_HOME to: '/usr/local/jdk'. Please edit '../data/conf/csvn.conf' if this needs to be adjusted.`
#启动CSVN服务
/usr/local/csvn/bin/csvn start
`Starting CSVN Console...
...
CSVN Console started
Initializing CSVN Console at http://localhost:3343/csvn. Please wait a moment for server to become available.`</code></pre>
<p><code>安装完成</code>
默认管理员账号:admin
默认管理员密码:admin</p>
<h4>3、权限配置</h4>
<ul>
<li>由于SubversionEdge需要和svnserve共同运作提供服务,需要配置相应权限</li>
</ul>
<p><code>配置umask权限,是默认新建文件用户和组权限均具有读写权限</code></p>
<pre><code>umask 0002</code></pre>
<p><code>关闭selinux权限</code></p>
<pre><code class="language-bash">#临时关闭,立马生效,重启后失效
setenforce 0
#永久关闭
vim /etc/sysconfig/selinux
SELINUX=disabled</code></pre>
<p><code>将csvn用户加入root组</code></p>
<pre><code>usermod -a -G root csvn</code></pre>
<p><code>刷新SVN仓库根目录权限,使得csvn用户及root组用户均有读写权限</code></p>
<pre><code class="language-bash">chmod -R g+w /data/svnroot
chown -R csvn:root /data/svnroot</code></pre>
<h4>防火墙配置</h4>
<blockquote>
<p>主要确保22、443、3690端口开放状态。8080为csvn控制台授权端口,确保配置管理员所在局域网IP网段可访问即可。</p>
</blockquote>
<p><code>编辑防火墙配置,确保如下内容注意顺序</code></p>
<pre><code>vim /etc/sysconfig/iptables</code></pre>
<pre><code class="language-bash">-A INPUT -s 172.16.110.0/24 -p tcp -m tcp --dport 8080 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 8080 -j DROP
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 3690 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited</code></pre>
<pre><code>#重启防火墙
service iptables restart
#查看防火墙是否生效
service iptables status
Table: filter
Chain INPUT (policy ACCEPT)
num target prot opt source destination
1 ACCEPT tcp -- 172.16.110.0/24 0.0.0.0/0 tcp dpt:8080
2 DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:8080
3 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
4 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0
5 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
6 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
7 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:3690
8 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:443
9 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
</code></pre>
<h4>配置文件合并及转换</h4>
<p><strong>由于切换后需要将svnserve服务所使用的每个单独的authz合并为SubversionEdge所使用的一个统一的授权配置文件,通过如下脚本批量转换合并生成新的配置文件<code>/tmp/authz</code></strong></p>
<pre><code class="language-shell">#!/bin/bash
rm -rf /tmp/groups
echo [groups] >/tmp/authz
for authz in `find /data/svnroot/ -type f -name "authz"`
do
if [ `echo $authz | awk -F '/' '{print NF}'` == "6" ];then
reponame=`echo $authz | awk -F '/' '{print $4}'`
elif [ `echo $authz | awk -F '/' '{print NF}'` == "7" ];then
reponame=`echo $authz | awk -F '/' '{print $4"_"$5}'`
fi
echo -e "\n#-----------------$reponame----------------------">>/tmp/groups
sed "/#\| = r\|*\|\[/d;s/^M//g;/^\s*$/d;s/^/&$reponame\-/g;s/@/@$reponame\-/g;s/,\s*$\|\s*$//g" $authz >> /tmp/authz
sed -n "/#\|\[groups\]\|\[aliases\]\|,/d;s/^M//g;/^\s*$/d;s/\[/\n\[/g;s/\[\//\[$reponame:\//g;s/@/@$reponame\-/g;s/\s*$//g;/\]\|* =\s*$\|= r\s*$\|= rw\s*/p" $authz >> /tmp/groups
done
cat /tmp/groups >> /tmp/authz
vim /tmp/authz
#注意^M符号复制无效,必须通过按住ctrl+v再按出ctrl+M来输出该符号才有效。</code></pre>
<h4>检出超大文件或者大量文件失败报错。</h4>
<p><a href="https://stackoverflow.com/questions/27267742/why-do-i-get-svn-e120106-ra-serf-the-server-sent-a-truncated-http-response-b">https://stackoverflow.com/questions/27267742/why-do-i-get-svn-e120106-ra-serf-the-server-sent-a-truncated-http-response-b</a></p>
<pre><code>vim /usr/local/csvn/data/conf/httpd.conf
#Fix
Timeout 36000
KeepAlive On
KeepAliveTimeout 120
#MaxKeepAliveRequests 100
#svn开启中文仓库名编码支持
AddDefaultCharset UTF-8</code></pre>