This guide will walk you through installing Apache2 and SVN using Fink on OS X 10.4. You should be able to follow the same instructions for 10.3; however, there is not currently a stable release of SVN in the fink repository for OS X 10.2 and earlier.
Fink is a package management system for OS X based on Debian Linux’s apt-get system. Since it compiles packages from source, you’ll need to have Apple’s Developer Tools installed. The latest version of the developer tools will install the necessary compilers – GCC 4.0 and GCC 3.3.
Installation
Fink
You can download Fink at fink.sourceforge.net. Currently, the latest stable release is 0.8.0 for OS X 10.4, 0.7.2 for OS X 10.3 and 0.6.4 for OS X 10.2. You should download the latest available stable release for your platform.
Once you’ve installed Fink you should update it. Open a Terminal window and run:
sudo fink self-update
This will cause Fink to check for updates to itself, as well as download the latest package information. You may be asked to provide information about how Fink should be configured, and in most circumstances you’ll be fine to just accept the defaults.
Apache2
We’ll install Apache 2 with SSL support first. This will allow us to configure Subversion to work through secure http connections.
sudo fink install apache2-ssl
You’ll be prompted by Fink to satisfy a virtual dependency:
fink needs help picking an alternative to satisfy a virtual dependency. The candidates: (1) apache2-ssl-mpm-worker: Apache2 Server Binary - [MPM WORKER] (2) apache2-ssl-mpm-perchild: Apache2 Server Binary - [MPM PERCHILD *EXPERIMENTAL*] (3) apache2-ssl-mpm-prefork: Apache2 Server Binary - [MPM PREFORK] (4) apache2-ssl-mpm-leader: Apache2 Server Binary - [MPM LEADER *EXPERIMENTAL*] (5) apache2-ssl-mpm-threadpool: Apache2 Server Binary - [MPM THREADPOOL *EXPERIMENTAL*]
Unless you have a preference in mind already, choose the default (1) to install MPM Worker. You may be prompted again to satisfy a second dependency:
fink needs help picking an alternative to satisfy a virtual dependency. The candidates: (1) db43-ssl: Berkeley DB embedded database (2) db43: Berkeley DB embedded database - non crypto
And again, unless you have a preference in mind, choose the default.
Fink will prompt you with the list of dependant packages that will be installed, simply press enter to accept, and let Fink work its magic.
Next we’ll install the mod_ssl module for Apache2, by executing:
sudo fink install libapache2-ssl-mod-ssl
When it’s done, you’ll be able to start Apache2 by executing:
/sw/sbin/apachectl start
And stop it using:
/sw/sbin/apachectl stop
Subversion
Installing Subversion with Fink is equally simple. svn-ssl installs the SVN server utilities, and svn-client
installs the SVN client software; we’ll install the SSL enabled versions of both these packages.
sudo fink install svn-ssl sudo fink install svn-client-ssl
If you’re prompted to satisfy dependencies, the defaults will usually do. Simply sit back and and let Fink work its magic.
WebDAV
The final package we’ll install is libapache2-ssl-mod-svn which enables serving respositories using WebDAV.
sudo fink install libapache2-ssl-mod-svn
Configuration
SSL
Now that we have everything installed, we’ll configure Apache2 for SSL support. Most of the work has already been done for us by Fink, but we still need to create and install our own self signed RSA certificate. See my guide to creating an apache2 SSL certificate to create a private key file and self signed public key certificate, and then do the following to install it into Apache2:
sudo mkdir /sw/etc/apache2/ssl.key sudo mkdir /sw/etc/apache2/ssl.crt sudo cp ~/server.key /sw/etc/apache2/ssl.key/ sudo cp ~/server.crt /sw/etc/apache2/ssl.crt/ chmod 0400 /sw/etc/apache2/ssl.key/server.key chmod 0400 /sw/etc/apache2/ssl.crt/server.crt
Now, when you start Apache, you’ll be prompted for your private key’s password; this is because it is encrypted for security reasons. This can be a nuissance, but it’s recommended that you keep it this way. If you decide not to, however, here’s the steps to decrypt it so you’re not prompted anymore:
cd /sw/etc/apache2/ssl.key cp server.key server.key.orig openssl rsa -in server.key.orig -out server.key
Creating SVN Repositories
Choose a location on your hard drive under which all your SVN repositories will reside. I’ll use /opt/repositories, but
the location really doesn’t matter. We’ll create a new “test” repository in this directory:
mkdir /opt/repositories/ mkdir /opt/repositories/test svnadmin create /opt/repsitories/test
I like to set the file system permissions on it such that only Apache2 can write to it:
sudo chown -R www /opt/repositories/test sudo chmod -R 0700 /opt/repositories/test
You should substitute the name of the user you run Apache2 as for “www”.
WebDAV Access and Authentication
Finally, we’ll enable WebDAV access to your SVN repository in Apache and set up user authentication. Add the following
to your /sw/etc/apache2/ssl.conf file:
<Location /svn>
DAV svn
SVNParentPath /opt/repositories
AuthType BASIC
AuthName "Subversion Repository"
AuthUserFile /sw/etc/apache2/svn-auth-file
Require valid-user
</Location>
We’ll then create the /sw/etc/apache2/svn-auth-file using htpasswd. You’ll use this file to maintain the list
of users and passwords that can access your repositories.
sudo htpasswd -cm /sw/etc/apache2/svn-auth-file
This will create a new user file and add the specified user to it. You can use htpasswd to add, remove and edit users from this file as you see fit.
Conclusion
You’ll now have a secure SVN server accessible through Apache2 using WebDAV.