Install Subversion with Web Access on Ubuntu

This article covers installing subversion with the apache module so that it can be easily accessed from other systems on a public network. If you want a more secure svn server, you could use svnserve+ssh, which isn’t covered in this article.

To install subversion, open a terminal and run the following command:

sudo apt-get install subversion libapache2-svn

We’re going to create the subversion repository in /svn, although you should choose a location that has a good amount of space.

sudo svnadmin create /svn

Next we’ll need to edit the configuration file for the subversion webdav module. You can use a different editor if you’d like.

sudo gedit /etc/apache2/mods-enabled/dav_svn.conf

The Location element in the configuration file dictates the root directory where subversion will be acessible from, for instance: http://www.server.com/svn

The DAV line needs to be uncommented to enable the dav module

# Uncomment this to enable the repository,
DAV svn

The SVNPath line should be set to the same place your created the repository with the svnadmin command.

# Set this to the path to your repository
SVNPath /svn

The next section will let you turn on authentication. This is just basic authentication, so don’t consider it extremely secure. The password file will be located where the AuthUserFile setting sets it to… probably best to leave it at the default.

# Uncomment the following 3 lines to enable Basic Authentication
AuthType Basic
AuthName “Subversion Repository”
AuthUserFile /etc/apache2/dav_svn.passwd

To create a user on the repository use, the following command:

sudo htpasswd2 -cm /etc/apache2/dav_svn.passwd

Note that you should only use the -c option the FIRST time that you create a user. After that you will only want to use the -m option, which specifies MD5 encryption of the password, but doesn’t recreate the file.

Example:

sudo htpasswd2 -cm /etc/apache2/dav_svn.passwd geek
New password:
Re-type new password:
Adding password for user geek

Restart apache by running the following command:

sudo /etc/init.d/apache2 restart

Now if you go in your browser to http://www.server.com/svn, you should see that the repository is enabled for anonymous read access, but commit access will require a username.

If you want to force all users to authenticate even for read access, add the following line right below the AuthUserFile line from above. Restart apache after changing this line.

Require valid-user

Now if you refresh your browser, you’ll be prompted for your credentials:

You now have a working subversion server!

Git

Git is an open source, distributed version control system designed to handle everything from small to very large projects with speed and efficiency.

Every Git clone is a full-fledged repository with complete history and full revision tracking capabilities, not dependent on network access or a central server. Branching and merging are fast and easy to do.

Installation

Following these instructions we assume you already have a Ubuntu Hardy or later version installed on you computer/server and that you already have a public ssh key on your machine you can use that to initalize the repository (Don't have one, look here). The following instructions will guide you on how to set up and run a fully managed hosting for projects using git on your server.

Used software

This tutorial was done using a Ubuntu Hardy server edition setup.

We'll be using the latest git package available in the launchpad at: https://launchpad.net/ubuntu/+source/git-core

For a more up to date version of git, packages for both Karmic and Jaunty are available in an unofficial repository. More information about using the repository at: http://blog.avirtualhome.com/git-packages-for-ubuntu/

For git project management will be using Gitosis. The latest builds for Ubuntu can be found at https://launchpad.net/ubuntu/+source/gitosis

For repository web browsing we will be using ViewGit. The latest version we will clone directly from a git repository: git clone git://repo.or.cz/viewgit.git

Setting up Git and Project Management

Use your favorite package installer to install git-core package:

apt-get install git-core

In Hardy the package gitosis is not available yet, so we will use this package from a later version of Ubuntu. In this case I will use version 0.2+20080826-2 downloading it directly from launchpad.Net and installing it:

cd /tmp
wget http://launchpadlibrarian.net/16540443/gitosis_0.2%2B20080626-2_all.deb
sudo dpkg -i gitosis_0.2%2B20080626-2_all.deb
sudo apt-get install -fy

The last line is needed to fulfill the gitosis dependencies. It is written in Python, so it may require additional packages than those you probably installed already.

We have to add a system user in order to run gitosis:

sudo adduser \
--system \
--shell /bin/sh \
--gecos 'git version control' \
--group \
--disabled-password \
--home /srv/gitosis/ \
git

Now that you should have both packages installed, we can set up gitosis. First copy your public key to the server:

scp .ssh/id_dsa.pub username@serveraddress.tld:/tmp

Initialize gitosis using your copied key:

sudo -H -u git gitosis-init < /tmp/id_dsa.pub

Once you saw some output like this: Initialized empty Git repository in ./ Your gitosis is installed. You can now remove the copied key.

rm /tmp/id_dsa.pub

Once done, you can now checkout the gitosis-admin branch on your local machine:

git clone git@yourserver.com:gitosis-admin.git

Use your favorite editor to modify the contents of the gitosis configuration file:

cd gitosis-admin
vim gitosis.conf

Adding a new project to the repository

Here is an example of the gitosis configuration file you clone before. Here it contains the default gitosis entry, and a new project entry:

[gitosis]

[group team]
writable = testproject
members = hostname.serveraddress.tld

[group gitosis-admin]
writable = gitosis-admin
members = keyfilename

hostname.serveraddress.tld or keyfilename is the name of the public key without .pub extension you copied into gitosis-admin/keydir/ directory.

After you've done editing, save the file, and commit it back to the server.

git commit -a -m "Added a new project"
git push

Any future projects will be added the same way.

Committing to the first project

To commit the project you just created, initiate a new git project, add files to it, commit it, then push it to your repository with the name you set up in gitosis config file.

git init
touch a_text_file.txt
git add .
git commit -m "initial import"
git remote add origin gitosis@serveraddress.tld:testproject.git
git push --all

The project should be committed!

If not, please check your /srv/gitosis/.ssh/authorized_keys file, if that one contains your correct public key!

The web browsing interface

Server will need a web server so I recommend you to install Apache with support for php. Once ViewGit can be linked to GeSHI, I also recommend you installing the php-geshi package:

sudo apt-get install apache2 libapache2-mod-php5 php-geshi

For more extended Apache installation we recommend you reading a dedicated page like this ApacheMySQLPHP.

Once done, /var/www/ directory will be created. Go there and clone the latest git version of ViewGIT:

cd /var/www
sudo git clone git://repo.or.cz/viewgit.git
sudo chown -vR www-data:www-data viewgit

After finishing this operation, use your favorite editor to edit the config file for ViewGit:

cd /var/www/viewgit/inc
sudo cp config.php localconfig.php
sudo chown www-data:www-data localconfig.php
sudo vim localconfig.php

Here is an example of the ViewGit localconfig.php with GeSHI and the testproject.git we created:

 array('repo' => '/srv/gitosis/repositories/testproject.git/'),
);

// Where git is. Default is to search from PATH, but you can use an absolute
// path as well.
$conf['git'] = 'git';

// If set, contains an array of globs/wildcards where to include projects.
// Use this if you have a lot of projects under a directory.
//$conf['projects_glob'] = array('/path/to/*/.git', '/var/git/*.git');

$conf['datetime'] = '%Y-%m-%d %H:%M';

// More complete format for commit page
$conf['datetime_full'] = '%Y-%m-%d %H:%M:%S';

// Maximum length of commit message's first line to show
$conf['commit_message_maxlen'] = 50;

// Maximum number of shortlog entries to show on the summary page
$conf['summary_shortlog'] = 30;

// Maximum number of tags to show on the summary page
$conf['summary_tags'] = 10;

// Whether to show remote labels on shortlog
$conf['shortlog_remote_labels'] = false;

// Allow checking out projects via "git clone"
$conf['allow_checkout'] = true;

// If set, this function is used to obfuscate e-mail addresses of authors/committers
// The 'obfuscate_mail' function simply replaces @ with ' at ' and . with ' dot '
//$conf['mail_filter'] = 'obfuscate_mail';
//$conf['mail_filter'] = create_function('$mail', 'return str_rot13(strtoupper($mail));');

// Whether to use GeSHi for source highlighting
$conf['geshi'] = true;

// Path to geshi.php
$conf['geshi_path'] = 'inc/geshi/geshi.php';
$conf['geshi_path'] = '/usr/share/php-geshi/geshi.php'; // Path on Debian

// Use line numbers in geshi?
// Setting this to "false" disables line numbers
// Using a value of 0 will enable "NORMAL" geshi line numbers
// Using values of 1 or more will enable "FANCY" geshi line numbers
$conf['geshi_line_numbers'] = 5;

// RSS time to live (how often clients should update the feed), in minutes.
$conf['rss_ttl'] = 10;

// RSS: Maximum number of items in feed
$conf['rss_max_items'] = 30;

// RSS item format. Allowed formatting:
// {AUTHOR}, {AUTHOR_MAIL}, {SHORTLOG}, {LOG}, {COMMITTER}, {COMMITTER_MAIL}, {DIFFSTAT}
$conf['rss_item_title'] = '{SHORTLOG} ({AUTHOR})';
$conf['rss_item_description'] = '
{LOG}
{AUTHOR} <{AUTHOR_MAIL}>
{DIFFSTAT}
';

$conf['debug'] = false;

// Includes a small link to the ViewGit homepage on each page
$conf['ad'] = false;

Now you should be able to browse your Git repository by going to http://localhost/viewgit/ if you got problems on accessing repositories, add your web server user to the same group gitosis user is:

adduser www-data git

Making available public cloning of the projects

To make available public access for cloning of the projects, you have to set up git-daemon. git-daemon is a service which runs on port 9418 and handles public requests for project cloning. git-daemon comes together with git-core so no additional installation is required.

To make this service easier to administrate, here is an init script to start and stop the daemon:

# Taken from here: http://pastie.org/227647

PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
NAME=git-daemon
PIDFILE=/var/run/$NAME.pid
DESC="the git daemon"
DAEMON=/usr/lib/git-core/git-daemon
DAEMON_OPTS="--base-path=/srv/gitosis/repositories --export-all --verbose --syslog --detach --pid-file=$PIDFILE --user=git --group=nogroup"

test -x $DAEMON || exit 0

[ -r /etc/default/git-daemon ] && . /etc/default/git-daemon

. /lib/lsb/init-functions

start_git() {
start-stop-daemon --start --quiet --pidfile $PIDFILE \
--startas $DAEMON -- $DAEMON_OPTS
}

stop_git() {
start-stop-daemon --stop --quiet --pidfile $PIDFILE
rm -f $PIDFILE
}

status_git() {
start-stop-daemon --stop --test --quiet --pidfile $PIDFILE >/dev/null 2>&1
}

case "$1" in
start)
log_begin_msg "Starting $DESC"
start_git
log_end_msg 0
;;
stop)
log_begin_msg "Stopping $DESC"
stop_git
log_end_msg 0
;;
status)
log_begin_msg "Testing $DESC: "
if status_git
then
log_success_msg "Running"
exit 0
else
log_failure_msg "Not running"
exit 1
fi
;;
restart|force-reload)
log_begin_msg "Restarting $DESC"
stop_git
sleep 1
start_git
log_end_msg 0
;;
*)
echo "Usage: $0 {start|stop|restart|force-reload|status}" >&2
exit 1
;;
esac

exit 0

To make it usable, and make possible it's automatic startup on server boot change its permissions and update-rc.d

sudo chmod +x /etc/init.d/git-daemon
sudo update-rc.d git-daemon defaults

The daemon can be started or stoped by accesing:

sudo /etc/init.d/git-daemon start
sudo /etc/init.d/git-daemon stop

Using PuTTY ssh keys with OpenSSH on Ubuntu

Anyone who needs to access a unix/linux/osx machine from windows via ssh will be familiar with PuTTY, the free ssh client. PuTTYGen, available to download here, is a handy utility for creating RSA/DSA public/private keys for authentication. If you have generated your RSA keys using PuTTYGen, and would like to use them with OpenSSH on Ubuntu, you just need to follow a few simple steps:

• Install putty with: sudo apt-get install putty
• Create the public key file:
  puttygen /path/to/puttykey.ppk -L > ~/.ssh/id_rsa.pub
• Create the private key file:
  puttygen /path/to/puttykey.ppk -O private-openssh -o ~/.ssh/id_rsa

You should now be able to log into an SSH server using your private key. To install your public key simply copy from ~/.ssh/id_rsa.pub on your local machine to ~/.ssh/authorized_keys on the remote server.

Untangle Video Mode Problem

Versions 6.1 and 6.2 of Untangle had a known video resolution problem requiring resolutions greater than 1024 x 768. This required users to use LCD monitors larger than 17-inch.

The xorg.conf that will solve the problem should have the following:
Section "Device"
Identifier "Configured Video Device"
Driver "vesa"
EndSection
Section "Monitor"
Identifier "Vesa Monitor"
VertRefresh 60
EndSection
Section "Screen"
Identifier "Default Screen"
Device "vesa"
Monitor "Vesa Monitor"
SubSection "Display"
Virtual 1024 768
Modes "1024x768"
EndSubSection
EndSection

The DPMS and horizontal sync lines are not necessary for most monitors. The vertical refresh rate should be set to just 60 Hz, for which the above line should work. The depth need not be specified -- Xserver will figure it out. But the virtual screen size must be specified or the user ends up with a display page that's much larger than the monitor, and that scrolls up/down/left/right as the mouse moves beyond the monitor edges (and that odd behavior is not necessary nor important for the information conveyed in the Untangle main display page and in the web pages)

Netflix and Untangle

Users using Untangle had a problem with using Netflix on being able to play movies. Unchecking the Disable HTTP Resume option in Advanced options of the Virus blocker resolves the problem.

Create Your Own MX Backup Server

I needed a MX backup server so that i can move my exchange server.
I came up with this:

Download and install Ubuntu server 9.04. (Virtual or hardware)

When the installation is done run:

Code:

sudo -s

Type your root password
Now when you have a root terminal run:

Code:

apt-get update

After the upgrade run:

Code:

apt-get install postfix

Now it is configure time.

Code:

nano /etc/postfix/main.cf

go to the buttom and add in one line:

Code:

smtpd_recipient_restrictions = permit_mynetworks reject_unauth_destination

Then add another line:

Code:

relay_domains = $mydestination domain1.com domain2.net domain3.org

*change domainname to your domains.
And the last line:

Code:

transport_maps = hash:/etc/postfix/transport

Now save the file ctrl + O the exit ctrl + x.

Now we need to create the transport file so run:

Code:

nano /etc/postfix/transport

Enter this to the file:

Code:

domain1.com smtp:mail.domain1.com
domain2.net smtp:mail.domain2.net
domain3.org smtp:mail.domain3.org

*Change to your domains and smtp addresses.
Now save the file ctrl + O the exit ctrl + X.

Now we have to create a binary database for the transport.

Code:

cd /etc/postfix/

then run:

Code:

postmap transport

Now reboot the server or run:

Code:

postfix reload

Good commands to know of:
mailq (List the mail queue)
postsuper -r queueid (sends that mail from the queue)

From a external ip portforward port 25 to this unit.
Now add that external ip to your MX records. (with a higer value than your standard mailserver)
When the main MX record server goes down email will be sent to the backup server.
When the primary server gets back online again postfix will send all mails to the smtp specified in "/etc/postfix/transport".

Try to see that it works.
download mailsend.exe
http://www.muquit.com/muquit/softwar.../mailsend.html
Enter the ip to the backupserver and follow the instructions.
if it works it will relay the mail to your server.