穿越小说完本 ,武道至尊帝临小说

新聞中心

這里有您想知道的互聯(lián)網(wǎng)營(yíng)銷(xiāo)解決方案

CentOS搭建Nginx+Subversion環(huán)境（包括多個(gè)版本庫(kù)的配置）

apache Subversion（簡(jiǎn)稱(chēng)SVN，svn）

1 2	`因?yàn)槟撤N原因我們需要用Nginx作為Subversion的http前端，但目前沒(méi)有現(xiàn)成的Nginx+Subversion搭配方式。` `而Subversion提供Apache的http處理模塊。現(xiàn)在我們通過(guò)nginx反向代理給Apache的方式來(lái)實(shí)現(xiàn)Nginx+Subversion的組合方式。`

構(gòu)建Apache+Subversion的環(huán)境:

1 2	`[root@nginx-apache-svn ~]# yum install httd subversion mod_dav_svn -y` `#mod_dav_svn是Apache的svn模塊`

建立SVN庫(kù)：

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 [root@nginx-apache-svn ~]# mkdir -p /home/svn [root@nginx-apache-svn ~]# cd /home/svn/ [root@nginx-apache-svn svn]# svnadmin create work [root@nginx-apache-svn svn]# chown -R apache.apache work [root@nginx-apache-svn svn]# tree work/ work/ ├── conf │ ├── authz │ ├── passwd │ └── svnserve.conf ├── db │ ├── current │ ├── format │ ├── fsfs.conf │ ├── fs-type │ ├── min-unpacked-rev │ ├── rep-cache.db │ ├── revprops │ │ └── 0 │ │ └── 0 │ ├── revs │ │ └── 0 │ │ └── 0 │ ├── transactions │ ├── txn-current │ ├── txn-current-lock │ ├── txn-protorevs │ ├── uuid │ └── write-lock ├── format ├── hooks │ ├── post-commit.tmpl │ ├── post-lock.tmpl │ ├── post-revprop-change.tmpl │ ├── post-unlock.tmpl │ ├── pre-commit.tmpl │ ├── pre-lock.tmpl │ ├── pre-revprop-change.tmpl │ ├── pre-unlock.tmpl │ └── start-commit.tmpl ├── locks │ ├── db.lock │ └── db-logs.lock └── README.txt 10 directories, 28 files

添加Subversion賬號(hào)：(注意只是瀏覽項(xiàng)目的賬戶，并不能用它登錄SVN)

1 2 3 4 [root@nginx-apache-svn svn]# htpasswd -c /home/svn/work/conf/passwdfile visitor New password: visitor#用戶名和密碼都設(shè)為visitor Re-type new password:visitor Adding password for user visitor

修改/etc/httpd/conf.d/subversion.conf，內(nèi)容如下:

1 2 3 4 5 6 7 8 9 < Location /svn/work> DAV svn SVNPath /home/svn/work AuthType Basic AuthName "Authorization Realm" AuthUserFile /home/svn/work/conf/passwdfile AuthzSVNAccessFile /home/svn/work/conf/authz Require valid-user Location >

修改Apache的端口：

1 2	`[root@nginx-apache-svn svn]# grep "^Listen" /etc/httpd/conf/httpd.conf` `Listen 81`

1 2 3 4 5 6 [root@nginx-apache-svn svn]# service iptables stop && setenforce 0 iptables: Setting chains to policy ACCEPT: filter [ OK ] iptables: Flushing firewall rules: [ OK ] iptables: Unloading modules: [ OK ] [root@nginx-apache-svn svn]# getenforce Permissive

1 2 3 4 5 6 7 8 9 10 11 [root@nginx-apache-svn svn]# /etc/init.d/httpd start Starting httpd: [ OK ] [root@nginx-apache-svn svn]# netstat -lnutp Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1310/sshd tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1389/master tcp 0 0 :::81 :::* LISTEN 1632/httpd tcp 0 0 :::22 :::* LISTEN 1310/sshd tcp 0 0 ::1:25 :::* LISTEN 1389/master udp 0 0 0.0.0.0:68 0.0.0.0:* 1143/dhclient

使用Nginx反向代理：

1 2 3 4 5 [root@nginx-apache-svn src]# wget http://nginx.org/download/nginx-0.8.55.tar.gz [root@nginx-apache-svn src]# pwd /usr/local/src [root@nginx-apache-svn src]# ls nginx-0.8.55.tar.gz

1	`[root@nginx-apache-svn nginx-0.8.55]# tar -xzvf nginx-0.8.55.tar.gz && cd nginx-0.8.55`

添加nginx賬號(hào)：

1 2 3 [root@nginx-apache-svn nginx-0.8.55]# useradd -s /bin/false nginx /bin/false是最嚴(yán)格的禁止login選項(xiàng)，一切服務(wù)都不能用。 /sbin/nologin只是不允許login系統(tǒng)

安裝依賴包：

1	`[root@nginx-apache-svn nginx-0.8.55]# yum install gcc pcre-devel openssl-devel -y`

1 2 3 [root@nginx-apache-svn nginx-0.8.55]# ./configure --prefix=/app/server/nginx-0.8.55 \ --with-http_stub_status_module \ --with-http_gzip_static_module

1	`[root@nginx-apache-svn nginx-0.8.55]# make && make install`

1	`[root@nginx-apache-svn nginx-0.8.55]# cd /app/server/`

1 2 3 [root@nginx-apache-svn server]# ls nginx-0.8.55 [root@nginx-apache-svn server]# ln -sf nginx-0.8.55/ nginx && cd -

1 2 3 4 [root@nginx-apache-svn nginx-0.8.55]# ll /app/server/ total 4 lrwxrwxrwx. 1 root root 13 Jul 25 09:36 nginx -> nginx-0.8.55/ drwxr-xr-x. 6 root root 4096 Jul 25 09:35 nginx-0.8.55

配置Nginx反向代理,修改/app/server/nginx/conf/nginx.conf:

1 2 3 4 5 6 7 8 9 10 11 12 server { listen 80; server_name localhost ; location /svn/work { proxy_pass http://127.0.0.1:81/svn/work; } location / { return 404; } }

配置SNV：

1 2	`[root@nginx-apache-svn conf]# pwd` `/home/svn/work/conf`

1 2 3 4 5 6 [root@nginx-apache-svn conf]# egrep -v "^$|^#" svnserve.conf [general] anon-access = read auth-access = write password-db = /home/svn/work/conf/passwd authz-db = /home/svn/work/conf/authz

1 2 3 [root@nginx-apache-svn conf]# which svnserve /usr/bin/svnserve [root@nginx-apache-svn conf]# /usr/bin/svnserve -d -r /home/svn

1 2 3 4 5 6 7 8 9 10 [root@nginx-apache-svn conf]# netstat -lnutp Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:3690 0.0.0.0:* LISTEN 4806/svnserve tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1744/sshd tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1389/master tcp 0 0 :::81 :::* LISTEN 1632/httpd tcp 0 0 :::22 :::* LISTEN 1744/sshd tcp 0 0 ::1:25 :::* LISTEN 1389/master udp 0 0 0.0.0.0:68 0.0.0.0:* 1143/dhclient

1 2 3 4 5 6 7 8 9 10 11 12 [root@nginx-apache-svn conf]# /app/server/nginx/sbin/nginx [root@nginx-apache-svn conf]# netstat -lnutp Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:3690 0.0.0.0:* LISTEN 4806/svnserve tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 4809/nginx tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1744/sshd tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1389/master tcp 0 0 :::81 :::* LISTEN 1632/httpd tcp 0 0 :::22 :::* LISTEN 1744/sshd tcp 0 0 ::1:25 :::* LISTEN 1389/master udp 0 0 0.0.0.0:68 0.0.0.0:* 1143/dhclient

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 [root@nginx-apache-svn work]# cat /home/svn/work/conf/authz ### This file is an example authorization file for svnserve. ### Its format is identical to that of mod_authz_svn authorization ### files. ### As shown below each section defines authorizations for the path and ### (optional) repository specified by the section name. ### The authorizations follow. An authorization line can refer to: ### - a single user, ### - a group of users defined in a special [groups] section, ### - an alias defined in a special [aliases] section, ### - all authenticated users, using the '$authenticated' token, ### - only anonymous users, using the '$anonymous' token, ### - anyone, using the '*' wildcard. ### ### A match can be inverted by prefixing the rule with '~'. Rules can ### grant read ('r') access, read-write ('rw') access, or no access ### (''). [aliases] # joe = /C=XZ/ST=Dessert/L=Snake City/O=Snake Oil, Ltd./OU=Research Institute/CN=Joe Average [groups] # harry_and_sally = harry,sally # harry_sally_and_joe = harry,sally,&joe # [/foo/bar] # harry = rw # &joe = r # * = [/] visitor=r # [repository:/baz/fuz] # @harry_and_sally = rw # * = r

1	`svnserve -d -r /home/svn#注意啟動(dòng)的時(shí)候，一定不要:svnserve -d -r /home/svn/work`

1	`svn co svn://192.168.1.98/work work01#注意略徑`

真對(duì)/home/svn/work/conf/passwd是明文的不安全因素，可以考慮用vim passwd +X去加密passwd文件。(經(jīng)測(cè)試這種方法行不通，無(wú)法認(rèn)別，所以無(wú)法用VIM加密passwd文件?。?！)

特別要注意關(guān)掉selinux:(否則重啟會(huì)出現(xiàn)認(rèn)證失?。。。?

1 2	`[root@NGINX-APACHE-SVN ~]# getenforce` `Disabled`

＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝

可以配置多個(gè)版本庫(kù)：

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 主要是兩個(gè)文件：/var/http/conf.d/subversion.conf 和 /app/server/nginx/conf/nginx.conf [root@NGINX-APACHE-SVN ~]# egrep -v "(^$|^#)" /etc/httpd/conf.d/subversion.conf LoadModule dav_svn_module modules/mod_dav_svn.so LoadModule authz_svn_module modules/mod_authz_svn.so < Location /svn/pro> DAV svn SVNPath /var/www/html/svn/pro AuthType Basic AuthName "Authorization Realm" AuthUserFile /var/www/html/svn/pro/conf/passwdfile AuthzSVNAccessFile /var/www/html/svn/pro/conf/authz Require valid-user Location > < Location /svn/app01> DAV svn SVNPath /var/www/html/svn/app01 AuthType Basic AuthName "Authorization Realm" AuthUserFile /var/www/html/svn/pro/conf/passwdfile AuthzSVNAccessFile /var/www/html/svn/pro/conf/authz Require valid-user Location > 多一個(gè)版本庫(kù)就添加一個(gè)[Location].......[/Location] vi /app/server/nginx/conf/nginx.conf server { listen 80; server_name localhost; #charset koi8-r; #access_log logs/host.access.log main; location / { root html; index index.html index.htm; } location /svn/pro { proxy_pass http://127.0.0.1:81/svn/pro; } location /svn/app01 { proxy_pass http://127.0.0.1:81/svn/app01; } #error_page 404 /404.html; # redirect server error pages to the static page /50x.html # error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } #多一個(gè)版本庫(kù) 就多添加一個(gè)location /svn/xxxx {.......}

所有的版本庫(kù)的svnserver.conf都用相同的這樣更于管理:

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 [root@NGINX-APACHE-SVN ~]# egrep -v "(^$|^#)" /var/www/html/svn/pro/conf/svnserve.conf [general] anon-access = read auth-access = write password-db = /var/www/html/svn/pro/conf/passwd authz-db = /var/www/html/svn/pro/conf/authz [sasl] ============================================================================= [root@NGINX-APACHE-SVN ~]# egrep -v "(^$|^#)" /var/www/html/svn/app01/conf/svnserve.conf [general] anon-access = read auth-access = write password-db = /var/www/html/svn/pro/conf/passwd authz-db = /var/www/html/svn/pro/conf/authz [sasl] [root@NGINX-APACHE-SVN ~]#

這樣就OK了可以對(duì)于不能的版庫(kù)，有可以設(shè)不同的密碼在各自的passwd中。

文章標(biāo)題：CentOS搭建Nginx+Subversion環(huán)境（包括多個(gè)版本庫(kù)的配置）
本文URL：http://fisionsoft.com.cn/article/cojsjsd.html

新聞中心

其他資訊