SVN服务器部署并实现双机同步及禁止普通用户删除文件

下面来布署svn服务器

所有文件下载地址： http://pan.baidu.com/share/link?shareid=395023&uk=2501966565

环境：CentOS5.8 x64 ,开发包组已安装,iptables,selinux已经关闭

一.安装配置apache

1.1 下载编译安装apache

tar xvf httpd-2.2.22.tar.bz2
cd httpd-2.2.22
./configure --prefix=/opt/apache \
--enable-so \
--enable-dav \
--enable-dav-fs \
--enable-maintainer-mode \
--with-included-apr \
--enable-rewrite \
--enable-ssl \
--enable-proxy \
--enable-proxy-http
make && make install

1.2 配置apache

添加apache 用户

useradd -r apache

以apache身份运行httpd

sed -i 's@User daemon@User apache@g' /opt/apache2/conf/httpd.conf
sed -i 's@Group daemon@Group apache@g' /opt/apache2/conf/httpd.conf

1.3 为了方便将apache命令加入PATH，并将apache库导出

echo 'export PATH=$PATH:/opt/apache2/bin' > /etc/profile.d/httpd.sh
. /etc/profile.d/httpd.sh
echo '/opt/apache2/lib' > /etc/ld.so.conf.d/apache.conf

导出

ldconfig
rm -rf httpd-2.2.22

二.安装MySQL

2.1安装cmake

tar xvf cmake-2.8.4.tar.gz
cd cmake-2.8.4
./configure
make && make install
cd ..
rm -rf cmake-2.8.4

2.2 安装mysql

tar xf mysql-5.5.28.tar.gz
cd mysql-5.5.28
cmake -DCMAKE_INSTALL_PREFIX=/opt/mysql \
-DSYSCONFDIR=/opt/mysql/etc \
-DMYSQL_DATADIR=/opt/mysql/data \
-DMYSQL_TCP_PORT=3306 \
-DMYSQL_UNIX_ADDR=/tmp/mysqld.sock \
-DMYSQL_USER=mysql \
-DEXTRA_CHARSETS=all \
-DWITH_READLINE=1 \
-DWITH_SSL=system \
-DWITH_EMBEDDED_SERVER=1 \
-DENABLED_LOCAL_INFILE=1 \
-DWITH_INNOBASE_STORAGE_ENGINE=1
make && make install

cd ..
rm -Rf mysql-5.5.28

配置文件与启动脚本

cd /opt/mysql
cp support-files/my-huge.cnf /etc/my.cnf
cp support-files/mysql.server /etc/init.d/mysqld

2.3 以mysql用户运行mysql,修改PATH并导出库

useradd -r mysql
chown -R mysql:root .
./scripts/mysql_install_db --user=mysql --datadir=data/

echo 'export PATH=$PATH:/opt/mysql/bin' > /etc/profile.d/mysql.sh
. /etc/profile.d/mysql.sh

echo '/opt/mysql/lib' > /etc/ld.so.conf.d/mysql.conf
ldconfig

启动mysql

service mysqld start

三.安装php

3.1 安装php,安装它是因为svnmanager需要

cd /root/svn
tar xvf php-5.3.18.tar.gz
cd php-5.3.18
./configure --prefix=/opt/php \
--with-apxs2=/opt/apache2/bin/apxs \
--with-mysql=/opt/mysql \
--enable-mbstring
make && make install

cp php.ini-production /etc/php.ini

cd ..
rm -Rf php-5.3.18

添加apache的php支持

sed -i '/AddType application\/x-gzip .gz .tgz/a\
AddType application/x-httpd-php .php' /opt/apache2/conf/httpd.conf
sed -i 's@DirectoryIndex index.html@DirectoryIndex index.php index.html@g' /opt/apache2/conf/httpd.conf

启动apache测试

rm -f /opt/apache2/htdocs/index.html
echo '<?php
phpinfo()
?>' > /opt/apache2/htdocs/index.php

apachectl start

访问http://$IP/测试apache，php,mysql是否部署下确

四.安装subversion

4.1 解压安装subversion

tar xf subversion-1.6.13.tar.bz2
tar xf subversion-deps-1.6.13.tar.bz2
cd subversion-1.6.13

./configure --prefix=/opt/subversion \
--with-apxs=/opt/apache2/bin/apxs \
--with-apr=/opt/apache2/bin/apr-1-config \
--with-apr-util=/opt/apache2/bin/apu-1-config
make && make install

echo 'export PATH=$PATH:/opt/subversion/bin' > /etc/profile.d/svn.sh
. /etc/profile.d/svn.sh

cd ..
rm -rf subversion-1.6.13

4.2 让apache与svn结合

sed -i '/httpd-default.conf/a\
Include conf/extra/httpd-svn.conf' /opt/apache2/conf/httpd.conf

echo '
<Location /svn>
DAV svn
SVNListParentPath On
SVNParentPath /opt/svn_repos
AuthType Basic
AuthName "Subversion Repository"
AuthUserFile /opt/subversion/conf/passwdfile
AuthzSVNAccessFile /opt/subversion/conf/accessfile
Require valid-user
</Location> ' > /opt/apache2/conf/extra/httpd-svn.conf

4.3 创建提到的文件

mkdir /opt/subversion/conf
touch /opt/subversion/conf/passwdfile
touch /opt/subversion/conf/accessfile
mkdir /opt/svn_repos

4.4 创建一个repo,添加一个测试账户,配置权限，测试

svnadmin create /opt/svn_repos/test/ ##创建一个repo
chown -R apache:apache /opt/subversion/ ##我们通过apache来管理svn的
chown -R apache:apache /opt/svn_repos/
htpasswd -bm /opt/subversion/conf/passwdfile test "admin"

echo '
[test:/]
* = r
test = rw ' > /opt/subversion/conf/accessfile ##access文件是权限控制文件

4.5 重启apache测试

apachectl restart

访问http://$IP/svn/test

输入账号，密码

如果看到test - Revision 0: / 证明没问题，继续

五.安装svnmanager,以图形化的方式管理svn

5.1 安装VersionControl_SVN，svnmanager需要它

/opt/php/bin/pear install VersionControl_SVN-0.3.4

出现ok，等代表成功

5.2 安装svnmanager

tar xf svnmanager-1.08.tar.gz
mv svnmanager-1.08 /opt/apache2/htdocs/svnman

5.3 修改配置文件

cp /opt/apache2/htdocs/svnman/config.php.linux /opt/apache2/htdocs/svnman/config.php
vim /opt/apache2/htdocs/svnman/config.php
$htpassword_cmd = "/opt/apache2/bin/htpasswd"; ##意思很明显
$svn_cmd = "/opt/subversion/bin/svn";
$svnadmin_cmd = "/opt/subversion/bin/svnadmin";
//Subversion locations
$svn_config_dir = "/opt/subversion/conf";
$svn_repos_loc = "/opt/svn_repos";
$svn_passwd_file = "/opt/subversion/conf/passwdfile";
$svn_access_file = "/opt/subversion/conf/accessfile";
$dsn = "mysql://svnmanager:admin@localhost/svnmanager"; ##mysql，去掉i
$admin_name = "admin"; ##初始的账号密码
$admin_temp_password = "admin";

5.4 创建数据库

mysql
mysql> create database svnmanager;
mysql> grant all on svnmanager.* to 'svnmanager'@'localhost' identified by 'admin';
mysql> flush privileges;

5.5 将VersionControl_SVN拷到svnmanager中

tar xvf VersionControl_SVN-0.3.4.tgz
mv VersionControl_SVN-0.3.4 /opt/apache2/htdocs/svnman/VersionControl
chown -R apache:apache /opt/apache2

5.6 访问测试

http://$IP/svnman

初始账号：admin

初始密码：admin

建立新的管理账号后旧的就停用了

svnmanager用法见http://wenku.baidu.com/view/4d95d0303968011ca30091a2.html

建立库，与用户后测试。到此svn服务器构建完毕

六.配置svn双机同步

原来有svn服务器，现在做一个镜像服务器，当原来的服务器down掉后可以代替它

源服务器：192.168.17.140

镜像服务器：192.168.17.139

实例同步的为源服器为crm的项目到镜像服务器

6.1 在镜像服务器上建立一新库crm,与具有读写权限的用户

用svnmanager来建，svnadmin create 的话svnmanager中看不到

这个就不写了，假设源上是http://192.168.17.140/svn/crm,镜像的为http://192.168.17.139/svn/crm,用户为:laoguang,密码为:admin 对两个项目都可读可写

6.2 修改镜像服务下项目hook目录下的脚本并启用

cp /opt/svn_repos/crm/hooks/pre-revprop-change.tmpl /opt/svn_repos/crm/hooks/pre-revprop-change
vim /opt/svn_repos/crm/hooks/pre-revprop-change
把最后的exit 1改为exit 0 即可

6.3 镜像服务器执行初始化

svnsync init file:///opt/svn_repos/crm/ http://192.168.17.140/svn/crm/

输入具有读写账号密码，root的好像写的不对也没事

比如，我在192.168.17.140的一个账号laoguang 密码 admin

出现Copied properties for revision 0. 代表正确

6.4 开始同步源服务器上的数据

svnsync sync file:///opt/svn_repos/crm/

---------------------------
Store password unencrypted (yes/no)? yes
Transmitting file data ..............................
Committed revision 1.
Copied properties for revision 1.
Transmitting file data .
Committed revision 2.
Copied properties for revision 2.
Transmitting file data .
Committed revision 3.
Copied properties for revision 3.
-----------------------------
代表同步成功

6.5 配置当源版本改变时自动同步

下面开始在源服器上操作

cp /opt/svn_repos/crm/hooks/post-commit.tmpl /opt/svn_repos/crm/hooks/post-commit
chmod 755 /opt/svn_repos/crm/hooks/post-commit

删除未注释的内容

在最下面写上

/opt/subversion/bin/svnsync sync --non-interactive http://192.168.17.139/svn/crm/ --username laoguang --password admin

升级源svn版本，测试镜像上同步了没。

七.配置svn 禁止普能用记删除文件

7.1修改源上的钩子脚本

cp /opt/svn_repos/crm/hooks/pre-commit.tmpl /opt/svn_repos/crm/hooks/pre-commit
chmod +x /opt/svn_repos/crm/hooks/pre-commit
vim /opt/svn_repos/crm/hooks/pre-commit
REPOS="$1" ##库位置
TXN="$2" ##版本
SVNLOOK=/opt/subversion/bin/svnlook ##svnlook的位置
SCMLIST="admin" ##允许删除的用记
C_USER=`$SVNLOOK info -t $TXN $REPOS | sed -n "1p"` ##执行commit的用户
if [ -z `echo $SCMLIST | grep $C_USER` ];then ## 如果commit的用户没在允许的里面
echo `$SVNLOOK changed -t $TXN $REPOS` > /opt/svn_repos/qingdao/commit_log ##将操作写入日志
if cat /opt/svn_repos/crm/commit_log|cut -d" " -f1|uniq -u|grep "^D";then ##如果日志开头包含D（D代表删除）
echo "You do not have permisson to delete a file" > /dev/stderr ##提示错误
rm -rf /opt/svn_repos/crm/commit_log ##删除文件
exit 1 ##错误退出
fi
fi
exit 0

到此本文完毕，构建svn主要参考 http://300second.blog.51cto.com/7582/1065758，感谢300second

秒客网

SVN服务器部署并实现双机同步及禁止普通用户删除文件

相关文章