34 | | }}} |
35 | | |
36 | | == Subversion Server == |
37 | | |
38 | | There is no need for a Subversion server dedicated to Quattor. SCDB is just one repository from the Subversion point of view. If you already run a Subversion server, you can skip the installation part and go directly to the configuration part. |
39 | | |
40 | | === Subversion installation === |
41 | | |
42 | | There are many possible installation options for a Subversion server. The best is to install it as Apache module, anyway. There is no requirement for the Subversion server to run on a Linux machine, even if it is the installation option documented here. You can even choose to use a Subversion server outside of your site, if you think the network connection is good enough. |
43 | | |
44 | | If you need to install a Subversion server, the easiest is to install Apache and then retrieve the RPMs for Subversion from [http://subversion.tigris.org/project_packages.html Subversion site]. Don't forget to install the Apache module which is in a separate RPM. |
45 | | |
46 | | After installing, you have to configure the Subversion server. Look at Quattor installation guide on [http://quattor.org Quattor] web site. |
47 | | |
48 | | Quick setup: |
49 | | |
50 | | {{{ |
51 | | # Create SVN repository |
52 | | mkdir -p /var/svn/quattor |
53 | | svnadmin create /var/svn/quattor |
54 | | # Fetch the quattor specific post-commit hook |
55 | | wget --no-check-certificate "https://trac.lal.in2p3.fr/Quattor/browser/trunk/src/hooks/post-commit?format=raw" -O /var/svn/quattor/hooks/post-commit |
56 | | # Quattor deployment scripts (used by post-commit svn hook) |
57 | | mkdir -p /root/quattor/scripts |
58 | | wget --no-check-certificate "https://trac.lal.in2p3.fr/Quattor/browser/trunk/src/hooks/build-tag.pl?format=raw" -O /root/quattor/scripts/build-tag.pl |
59 | | |
60 | | }}} |
61 | | |
62 | | These scripts require some configuration files that will be created during [wiki:Download/SCDB#QuattorServerFinalconfiguration final configuration]. |
63 | | |
64 | | Quattor tools access SVN repository through {{{http(s):}}} method (not {{{file:}}}), thus it is necessary to install and configure Apache {{{mod_dav_svn}}} module. |
65 | | |
66 | | The SVN repository should belong to the identity that run the web server: |
67 | | |
68 | | {{{ |
69 | | chown -R apache:apache /var/svn/quattor |
70 | | }}} |
71 | | |
72 | | === Apache for subversion and package service === |
73 | | |
74 | | Files {{{/etc/httpd/conf.d/subversion.conf}}} and {{{/etc/httpd/conf.d/ssl.conf}}} (if using ssl) have to be edited and configured. |
75 | | |
76 | | In {{{/etc/http/conf/httpd.conf}}}, you may have to add the following lines to avoid a bug in the http interface of the rpm client. |
77 | | |
| 37 | </Directory> |
| 38 | }}} |
| 39 | |
| 40 | It is also better to add the following directive in our `/etc/httpd/conf.d/quattor.conf` to work around a problem in some RPM versions: |
| 45 | }}} |
| 46 | |
| 47 | ''Note: if you are installing a new Apache server, don't forget to edit `DocumentRoot` in `/etc/httpd/conf/httpd.conf` to reflect your local configuration.` |
| 48 | |
| 49 | == Subversion Server == |
| 50 | |
| 51 | There is no need for a Subversion server dedicated to Quattor. SCDB is just one repository from the Subversion point of view. If you already run a Subversion server, you can skip the installation part and go directly to the configuration part. |
| 52 | |
| 53 | === Subversion Installation and Configuration === |
| 54 | |
| 55 | There are many possible installation options for a Subversion server. The best is to install it as Apache module, anyway. There is no requirement for the Subversion server to run on a Linux machine, even if it is the installation option documented here. You can even choose to use a Subversion server outside of your site, if you think the network connection is good enough. |
| 56 | |
| 57 | If you need to install a Subversion server, the easiest is to install Apache using YUM. Another option is to retrieve the RPMs for Subversion from [http://subversion.tigris.org/project_packages.html Subversion site]. Don't forget to install the Apache module which is in a separate RPM. |
| 58 | |
| 59 | A typical SVN installation with YUM is: |
| 60 | {{{ |
| 61 | yum install subversion mod_dav_svn |
| 62 | }}} |
| 63 | |
| 64 | After installing, you have to configure the Subversion server. Refer to [http://subversion.tigris.org Subversion web site] for details. Configuration the SVN server typically involves: |
| 65 | * Creation of directory which will contain the Quattor repository (this example uses `/var/svn`): |
| 66 | {{{ |
| 67 | mkdir -p /var/svn |
| 68 | }}} |
| 69 | * Create Subversion repository that will be used for Quattor SCDB (don't forget to '''backup this directory'''): |
| 70 | {{{ |
| 71 | svnadmin create /var/svn/quattor |
| 72 | # Repository must be owned by Apache account |
| 73 | chown -R apache:apache /var/svn/quattor |
| 74 | }}} |
| 75 | |
| 76 | Apache SVN module configuration (`/etc/httpd/conf.d/subversion.conf`) must be edited to configure URL used by SVN. A typical example, based on previously created repository (adjust paths to reflect your configuration) is: |
| 77 | {{{ |
| 78 | <Location /svn> |
| 79 | DAV svn |
| 80 | SVNParentPath /var/svn |
| 81 | |
| 82 | AuthzSVNAccessFile security/svn-repositories-access |
| 83 | |
| 84 | AuthType Basic |
| 85 | AuthUserFile security/passwd |
| 86 | AuthGroupFile security/group |
| 87 | AuthName "Grid Tutorial SVN server" |
| 88 | |
| 89 | # Limit write permission to list of valid users. |
| 90 | <LimitExcept GET PROPFIND OPTIONS REPORT> |
| 91 | # Require SSL connection for password protection. |
| 92 | # SSLRequireSSL |
| 93 | |
| 94 | Require valid-user |
| 95 | </LimitExcept> |
| 96 | </Location> |
| 97 | }}} |
| 98 | |
| 99 | To configuration SVN authentication for SCDB repository, you need to create one or more accounts in `/etc/httpd/security/passwd`. You can use `htpasswd` or `openssl passwd -apr1` to generate an encrypted password. |
| 100 | |
| 101 | You also need to define SVN ACLs in `/etc/httpd/security/svn-repositories-access`. A typical file to start is (it assumes the account you created is called `quattormgr`, if this is a list it must be comma separated): |
| 102 | {{{ |
| 103 | [groups] |
| 104 | quattor-mgrs = quattormgr |
| 105 | |
| 106 | [/] |
| 107 | * = r |
| 108 | @quattor-mgrs = rw |