#
# $Id$
# Copyright 2004-2006 - Michael Sinz
#
# This is an apache configuration module that can be put into
# the http/conf.d directory of many systems. It lets you
# configure Insurrection & Subversion for apache without much or
# any change to the standard apache configuration file.
#
# (Note that this is just an example)
#
LoadModule dav_svn_module /home/subversion/apache/modules/mod_dav_svn.so
LoadModule authz_svn_module /home/subversion/apache/modules/mod_authz_svn.so
## The logformat that I use for Insurrection. Note that this looks just like
## the traditional extended log but I want to be sure of the format so I
## enforce/repeat it here
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" insurrection
#
# Note that the IP address is that of my server...
ServerName svn
ServerAlias svn.*
UseCanonicalName Off
CustomLog /home/subversion/logs/access_log insurrection
ErrorLog /home/subversion/logs/error_log
# To help reduce bandwidth usage, if the client supports it, use deflate
SetOutputFilter DEFLATE
AddOutputFilterByType DEFLATE text/* application/x-javascript
DeflateCompressionLevel 6
#
# The Insurrection tree lives here...
#
DocumentRoot /home/subversion/www
#
# Possible values for the Options directive are "None", "All",
# or any combination of:
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
#
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
#
# The Options directive is both complicated and important. Please see
# http://httpd.apache.org/docs-2.0/mod/core.html#options
# for more information.
#
Options FollowSymLinks ExecCGI
#
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# Options FileInfo AuthConfig Limit
#
AllowOverride All
#
# Controls who can get stuff from this server.
#
Order allow,deny
Allow from all
# Never show our internal .svn directories
Order allow,deny
Deny from all
DAV svn
SVNParentPath /home/subversion/repositories
SVNIndexXSLT "/insurrection.xsl"
# our access control policy
AuthzSVNAccessFile /home/subversion/authentication/access
# try anonymous but require a user if needed
Satisfy Any
Require valid-user
# how to authenticate a user
AuthType Basic
AuthName "Code-Host Repository"
AuthUserFile /home/subversion/authentication/passwords
#
# If there is SSL, enable that host too.
# Note that we annoyingly have to repeat the whole
# virtual host thing again. BTW - best to have this
# match completely (or at least mostly, since we
# want to force login for https access.)
#
ServerName svn
ServerAlias svn.*
UseCanonicalName Off
CustomLog /home/subversion/logs/access_log insurrection
ErrorLog /home/subversion/logs/error_log
# To help reduce bandwidth usage, if the client supports it, use deflate
SetOutputFilter DEFLATE
AddOutputFilterByType DEFLATE text/* application/x-javascript
DeflateCompressionLevel 6
## Get that SSL feature working...
SSLEngine on
SSLVerifyClient none
SSLCertificateFile /etc/httpd/conf/httpd.pem
## Turn off SSLv2
SSLProtocol all -SSLv2
SSLCipherSuite ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM
#
# The Insurrection tree lives here...
#
DocumentRoot /home/subversion/www
#
# Possible values for the Options directive are "None", "All",
# or any combination of:
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
#
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
#
# The Options directive is both complicated and important. Please see
# http://httpd.apache.org/docs-2.0/mod/core.html#options
# for more information.
#
Options FollowSymLinks ExecCGI
#
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# Options FileInfo AuthConfig Limit
#
AllowOverride All
#
# Controls who can get stuff from this server.
#
Order allow,deny
Allow from all
# We only want users with logins to use HTTPS
Require valid-user
# Never show our internal .svn directories
Order allow,deny
Deny from all
DAV svn
SVNParentPath /home/subversion/repositories
SVNIndexXSLT "/insurrection.xsl"
# our access control policy
AuthzSVNAccessFile /home/subversion/authentication/access
# try anonymous but require a user if needed
Satisfy Any
Require valid-user
# how to authenticate a user
AuthType Basic
AuthName "Code-Host Repository"
AuthUserFile /home/subversion/authentication/passwords