## Bitnami Subversion Installer

 NOTE: Before running the commands shown on this page, you should load the Bitnami stack environment by executing the installdir/use_APPNAME script (Linux and Mac OS X) or by clicking the shortcut in the Start Menu under "Start -> Bitnami APPNAME Stack -> Application console" (Windows). Learn more.
 NOTE: When running the commands shown on this page, replace the installdir placeholder with the full installation directory for your Bitnami stack.

### Description

Subversion enables globally distributed software development teams to efficiently version and share source code with low administrative overhead.

### First steps with the Bitnami Subversion Stack

Welcome to your new Bitnami application! Here are a few questions (and answers!) you might need when first starting with your application.

#### How do I install the Bitnami Subversion Stack?

##### Windows, OS X and Linux installer
• Download the executable file for the Bitnami Subversion Stack from the Bitnami website.

• On Linux, give the installer executable permissions and run the installation file in the console.
• On other platforms, double-click the installer and follow the instructions shown.

Check the FAQ instructions on how to download and install a Bitnami Stack for more details.

The application will be installed to the following default directories:

Operating System Directory
Windows C:\Bitnami\APPNAME-VERSION
Mac OS X /Applications/APPNAME-VERSION
Linux /opt/APPNAME-VERSION (running as root user)
##### OS X VM
• Download the OS X VM file for the Bitnami Subversion Stack from the Bitnami website.
• Begin the installation process by double-clicking the image file and dragging the WordPress OS X VM icon to the Applications folder.
• Launch the VM by double-clicking the icon in the Applications folder.

#### What credentials do I need?

• For Windows, Linux and OS X installers, the username was configured by you when you first installed the application.
• For OS X VMs, the username can be obtained by clicking the Bitnami badge at the bottom right corner of the application welcome page.

• For Windows, Linux and OS X installers, the password was configured by you when you first installed the application.
• For OS X VMs, the password can be obtained by clicking the Bitnami badge at the bottom right corner of the application welcome page.

### How to start or stop the services?

#### Linux

Bitnami native installers include a graphical tool to manage services. This tool is named manager-linux-x64.run on Linux and is located in the installation directory. To use this tool, double-click the file and then use the graphical interface to start, stop or restart services. Server log messages can be checked in the "Server Events" tab.

The native installer also includes a command-line script to start, stop and restart applications, named ctlscript.sh. This script can be found in the installation directory and accepts the options start, stop, restart, and status. To use it, log in to the server console and execute it following the examples below:

• Call it without any service names to start all services:

  $sudo installdir/ctlscript.sh start  • Use it to restart a specific service only by passing the service name as argument - for example, mysql, postgresql or apache: $ sudo installdir/ctlscript.sh restart mysql
$sudo installdir/ctlscript.sh restart postgresql$ sudo installdir/ctlscript.sh restart apache

• Obtain current status of all services:

  $installdir/ctlscript.sh status  The list of available services varies depending on the required components for each application. #### Mac OS X Bitnami native installers include a graphical tool to manage services. This tool is named manager-osx on Mac OS X and is located in the installation directory. To use this tool, double-click the file and then use the graphical interface to start, stop or restart services. Server log messages can be checked in the "Server Events" tab. The native installer also includes a command-line script to start, stop and restart applications, named ctlscript.sh. This script can be found in the installation directory and accepts the options start, stop, restart, and status. To use it, log in to the server console and execute it following the examples below: • Call it without any service names to start all services: $ sudo installdir/ctlscript.sh start

• Use it to restart a specific service only by passing the service name as argument - for example, mysql or apache:

 $sudo installdir/ctlscript.sh restart mysql$ sudo installdir/ctlscript.sh restart apache

• Obtain current status of all services:

 $installdir/ctlscript.sh status  The list of available services varies depending on the required components for each application.  NOTE: If you are using the stack manager for Mac OS X-VM, please check the following blog post to learn how to manage services from its graphical tool. #### Windows Bitnami native installers include a graphical tool to manage services. This tool is named manager-windows.exe on Windows and is located in the installation directory. To use this tool, double-click the file and then use the graphical interface to start, stop or restart services. Server log messages can be checked in the "Server Events" tab. The Windows native installer creates shortcuts to start and stop services created in the Start Menu, under "Programs -> Bitnami APPNAME Stack -> Bitnami Service". Servers can also be managed from the Windows "Services" control panel. Services are named using the format APPNAMESERVICENAME, where APPNAME is a placeholder for the application name and SERVICENAME is a placeholder for the service name. For example, the native installer for the Bitnami WordPress Stack installs services named wordpressApache and wordpressMySQL. These services will be automatically started during boot. To modify this behaviour, refer to the section on disabling services on Windows. ### How to create a full backup of Subversion? The Bitnami Subversion Stack is self-contained and the simplest option for performing a backup is to copy or compress the Bitnami stack installation directory. To do so in a safe manner, you will need to stop all servers, so this method may not be appropriate if you have people accessing the application continuously.  NOTE: If you want to create only a database backup, refer to these instructions for MySQL and PostgreSQL. #### Backup on Linux and Mac OS X Follow these steps: • Change to the directory in which you wish to save your backup. $ cd /your/directory

• Stop all servers.

 $sudo installdir/ctlscript.sh stop  • Create a compressed file with the stack contents. $ sudo tar -pczvf application-backup.tar.gz installdir

• Start all servers.

 $sudo installdir/ctlscript.sh start  • Download or transfer the application-backup.tar.gz file to a safe location. You should now download or transfer the application-backup.tar.gz file to a safe location. #### Backup on Windows Follow these steps: • Stop all servers using the shortcuts in the Start Menu or the graphical manager tool. • Create a compressed file with the stack contents. You can use a graphical tool like 7-Zip or WinZip or just right-click the folder, click "Send to", and select the "Compressed (zipped) folder" option. • Download or transfer the compressed file to a safe location. • Start all servers using the shortcuts in the Start Menu or the graphical manager tool. #### Restore on Linux and Mac OS X Follow these steps: • Change to the directory containing your backup: $ cd /your/directory

• Stop all servers.

$sudo installdir/ctlscript.sh stop  • Move the current stack to a different location: $ sudo mv installdir /tmp/bitnami-backup

• Uncompress the backup file to the original directory:

$sudo tar -pxzvf application-backup.tar.gz -C /  • Start all servers. $ sudo installdir/ctlscript.sh start

 IMPORTANT: When restoring, remember to maintain the original permissions for the files and folders. For example, if you originally installed the stack as the root user on Linux, make sure that the restored files are owned by root as well.

#### Restore on Windows

• Change to the directory containing your backup:

   $cd /your/directory  • Stop all servers using the shortcuts in the Start Menu or the graphical manager tool. • Uninstall the previous services by executing the following command: $ serviceinstall.bat

• Create a safe folder named Backups in the desktop and move the current stack to it. Remember to replace PATH with the right location of your folder:

    $move installdir \PATH\Backups  • Uncompress the backup file using a tool like 7-Zip or Winzip or just double-click the .zip file to uncompress it, and move it to the original directory. • Install services by running the following commands from an elevated command prompt: $ cd installdir
$serviceinstall.bat INSTALL  • Start all servers using the shortcuts in the Start Menu or the graphical manager tool. ### How to enable HTTPS support with SSL certificates?  NOTE: The steps below assume that you are using a custom domain name and that you have already configured the custom domain name to point to your cloud server. Bitnami images come with SSL support already pre-configured and with a dummy certificate in place. Although this dummy certificate is fine for testing and development purposes, you will usually want to use a valid SSL certificate for production use. You can either generate this on your own (explained here) or you can purchase one from a commercial certificate authority. Once you obtain the certificate and certificate key files, you will need to update your server to use them. Follow these steps to activate SSL support: • Use the table below to identify the correct locations for your certificate and configuration files. Variable Value Current application URL https://[custom-domain]/ Example: https://my-domain.com/ or https://my-domain.com/appname Apache configuration file installdir/apache2/conf/bitnami/bitnami.conf Certificate file installdir/apache2/conf/server.crt Certificate key file installdir/apache2/conf/server.key CA certificate bundle file (if present) installdir/apache2/conf/server-ca.crt • Copy your SSL certificate and certificate key file to the specified locations.  NOTE: If you use different names for your certificate and key files, you should reconfigure the SSLCertificateFile and SSLCertificateKeyFile directives in the corresponding Apache configuration file to reflect the correct file names. • If your certificate authority has also provided you with a PEM-encoded Certificate Authority (CA) bundle, you must copy it to the correct location in the previous table. Then, modify the Apache configuration file to include the following line below the SSLCertificateKeyFile directive. Choose the correct directive based on your scenario and Apache version: Variable Value Apache configuration file installdir/apache2/conf/bitnami/bitnami.conf Directive to include (Apache v2.4.8+) SSLCACertificateFile "installdir/apache2/conf/server-ca.crt" Directive to include (Apache < v2.4.8) SSLCertificateChainFile "installdir/apache2/conf/server-ca.crt"  NOTE: If you use a different name for your CA certificate bundle, you should reconfigure the SSLCertificateChainFile or SSLCACertificateFile directives in the corresponding Apache configuration file to reflect the correct file name. • Once you have copied all the server certificate files, you may make them readable by the root user only with the following commands: $ sudo chown root:root installdir/apache2/conf/server*

$sudo chmod 600 installdir/apache2/conf/server*  • Open port 443 in the server firewall. Refer to the FAQ for more information. • Restart the Apache server. You should now be able to access your application using an HTTPS URL. ### How to create an SSL certificate? OpenSSL is required to create an SSL certificate. A certificate request can then be sent to a certificate authority (CA) to get it signed into a certificate, or if you have your own certificate authority, you may sign it yourself, or you can use a self-signed certificate (because you just want a test certificate or because you are setting up your own CA). Follow the steps below for your platform. #### Linux and Mac OS X  NOTE: OpenSSL will typically already be installed on Linux and Mac OS X. If not installed, install it manually using your operating system's package manager. Follow the steps below: • Generate a new private key: $ sudo openssl genrsa -out installdir/apache2/conf/server.key 2048

• Create a certificate:

 $sudo openssl req -new -key installdir/apache2/conf/server.key -out installdir/apache2/conf/cert.csr   IMPORTANT: Enter the server domain name when the above command asks for the "Common Name". • Send cert.csr to the certificate authority. When the certificate authority completes their checks (and probably received payment from you), they will hand over your new certificate to you. • Until the certificate is received, create a temporary self-signed certificate: $ sudo openssl x509 -in installdir/apache2/conf/cert.csr -out installdir/apache2/conf/server.crt -req -signkey installdir/apache2/conf/server.key -days 365

• Back up your private key in a safe location after generating a password-protected version as follows:

 $sudo openssl rsa -des3 -in installdir/apache2/conf/server.key -out privkey.pem  Note that if you use this encrypted key in the Apache configuration file, it will be necessary to enter the password manually every time Apache starts. Regenerate the key without password protection from this file as follows: $ sudo openssl rsa -in privkey.pem -out installdir/apache2/conf/server.key


#### Windows

 NOTE: OpenSSL is not typically installed on Windows. Before following the steps below, download and install a binary distribution of OpenSSL.

Follow the steps below once OpenSSL is installed:

• Set the OPENSSL_CONF environment variable to the location of your OpenSSL configuration file. Typically, this file is located in the bin/ subdirectory of your OpenSSL installation directory. Replace the OPENSSL-DIRECTORY placeholder in the command below with the correct location.

 $set OPENSSL_CONF=C:\OPENSSL-DIRECTORY\bin\openssl.cfg  • Change to the bin/ sub-directory of the OpenSSL installation directory. Replace the OPENSSL-DIRECTORY placeholder in the command below with the correct location. $ cd C:\OPENSSL-DIRECTORY\bin

• Generate a new private key:

 $openssl genrsa -out installdir/apache2/conf/server.key 2048  • Create a certificate: $ openssl req -new -key installdir/apache2/conf/server.key -out installdir/apache2/conf/cert.csr

 IMPORTANT: Enter the server domain name when the above command asks for the "Common Name".
• Send cert.csr to the certificate authority. When the certificate authority completes their checks (and probably received payment from you), they will hand over your new certificate to you.

• Until the certificate is received, create a temporary self-signed certificate:

 $openssl x509 -in installdir/apache2/conf/cert.csr -out installdir/apache2/conf/server.crt -req -signkey installdir/apache2/conf/server.key -days 365  • Back up your private key in a safe location after generating a password-protected version as follows: $ openssl rsa -des3 -in installdir/apache2/conf/server.key -out privkey.pem


Note that if you use this encrypted key in the Apache configuration file, it will be necessary to enter the password manually every time Apache starts. Regenerate the key without password protection from this file as follows:

 $openssl rsa -in privkey.pem -out installdir/apache2/conf/server.key  Find more information about certificates at http://www.openssl.org. ### How to force HTTPS redirection? Add the following to the top of the installdir/apps/subversion/conf/httpd-prefix.conf file: RewriteEngine On RewriteCond %{HTTPS} !=on RewriteRule ^/(.*) https://%{SERVER_NAME}/$1 [R,L]


After modifying the Apache configuration files:

• Open port 443 in the server firewall. Refer to the FAQ for more information.

• Restart Apache to apply the changes.

### How to debug Apache errors?

Once Apache starts, it will create two log files at installdir/apache2/logs/access_log and installdir/apache2/logs/error_log respectively.

• The access_log file is used to track client requests. When a client requests a document from the server, Apache records several parameters associated with the request in this file, such as: the IP address of the client, the document requested, the HTTP status code, and the current time.

• The error_log file is used to record important events. This file includes error messages, startup messages, and any other significant events in the life cycle of the server. This is the first place to look when you run into a problem when using Apache.

If no error is found, you will see a message similar to:

Syntax OK


By default, Bitnami provides a Subversion repository and Apache server to access it using a Web browser. The default configuration uses svnserver but other methods (like SSH) can also be used to access the repository.

 NOTE: The default Subversion port is 3690 and it is necessary to open this port in the server firewall for remote access. Refer to the FAQ for more information.

Get started with Subversion as follows:

For example, uncomment these lines for a reasonable starting configuration:

 [general]
auth-access = write

• Edit the passwd file in the same directory to manage Subversion users. For example, uncomment these lines to create two subversion users: harry and sally.

 [users]
harry = harryssecret
sally = sallyssecret

• Restart the Subversion server to load the changes.

 $sudo installdir/ctlscript.sh restart subversion  • Import a project directory to Subversion from your local machine and check the files in your browser: $ svn import /path/to/project/ svn://localhost/repository/ -m "First import"


### How to create a Subversion repository?

Connect to your server via SSH and execute the following commands to create the repositories directory at installdir/repositories and then a new Subversion repository named myapp:

$sudo mkdir installdir/repositories$ sudo svnadmin create installdir/repositories/myapp
$sudo chown -R bitnami:bitnami installdir/repositories  ### How to see the Subversion repository from the web browser? To browse the Subversion repository using a Web browser, follow the steps below: • Update the Apache configuration file at installdir/apache2/conf/httpd.conf to load the following modules:  LoadModule dav_module modules/mod_dav.so LoadModule dav_fs_module modules/mod_dav_fs.so LoadModule dav_svn_module modules/mod_dav_svn.so LoadModule authz_svn_module modules/mod_authz_svn.so  • In the same file, verify the endpoint URL and path for your Subversion repository. For example, the directives below will let you view the default repository at installdir/repository by browsing to http://localhost/repository.  <Location /subversion> DAV svn SVNPath "installdir/repository" </Location>  • Restart Apache: $ sudo installdir/ctlscript.sh restart apache


You should now be able to checkout the repository using a tool like TortoiseSVN. Simply enter the URL as http://localhost/repository as the repository checkout URL in the TortoiseSVN interface, as shown below.

#### Enabling access over HTTPS

You can also access the repository over HTTPS if you have configured the Apache SSL certificate for your server. The following error can occur if the hostname reported by the server does not match the hostname in the SSL certificate. Make sure your server configuration uses the correct ServerName value.

svn: OPTIONS of 'https://example.com/repository': SSL negotiation failed: SSL error code -1/1/336032856 (https://example.com)


#### Enabling commits over HTTP(S)

For security reasons, the default configuration does not allow users to commit changes to the repositories over HTTP or HTTPS. To permit this, change the permissions of your repository directory so that the Apache user is able to write to it.

Run the following command, assuming your repository is located at the default location of installdir/repository:

$sudo chown -R daemon:subversion installdir/repository   IMPORTANT: Making this change will allow any user to commit changes to your repository. To avoid unauthorized commits and possible data loss, configure basic authentication for your repository as discussed in the next section You should now be able to commit changes to the repository using a tool like TortoiseSVN, as shown below. ### How to configure the repository URL? If no prefix is set in the Subversion scripts, specify the full path to the repository - for instance, svn://localhost/home/user/repository. In case this is not possible, add the repository path to the Subversion control script. #### Windows • Edit the file installdir/subversion/scripts/serviceinstall.bat* and add the path as follows:  -d --listen-port=3690 --root "C:\path\to\repository"  • Run the script from an elevated command prompt to apply the changes:  serviceinstall.bat UNINSTALL serviceinstall.bat INSTALL  #### Linux and Mac OS X • Edit the file installdir/subversion/scripts/ctl.sh and add the path as follows:  -d --listen-port=3690 --root=/path/to/repository  • Restart the Subversion server. ### How to configure basic authentication for your repository? Once your repository is accessible over HTTP(s), it is recommended that you protect it from unauthorized access by configuring authentication for different users. To do this, follow the steps below: • Update the Apache configuration file at installdir/apache2/conf/httpd.conf and add the highlighted directives below.  <Location /subversion> DAV svn SVNPath "installdir/repository" AuthType Basic AuthName "Subversion repository" AuthUserFile installdir/repository/users require valid-user </Location>  With this configuration, repository access is only available to those users listed in the installdir/repository/users file and they will need to authenticate themselves before gaining access. Note that you should update the path to the file based on the actual location of your repository. • Create the installdir/repository/users file and add a user account named myuser to it using the following command. You will be prompted to enter a password for the user account. Note that you should update the path to the file based on the actual location of your repository. $ sudo installdir/apache2/bin/htpasswd -c installdir/repository/users myuser

• Repeat this step to add more users, omitting the -c argument on subsequent invocations. For example:

 $sudo installdir/apache2/bin/htpasswd installdir/repository/users myotheruser  • Restart the Apache server. $ sudo installdir/ctlscript.sh restart apache


If you now attempt to browse to the repository or access it using TortoiseSVN, you will be prompted for a user name and password, as shown below:

#### Anonymous browsing

If you want your repository readable but not editable by any other user, perform the steps above but changing the line

require valid-user


to

<LimitExcept GET PROPFIND OPTIONS REPORT>
require valid-user
</LimitExcept>


#### HTTPS access only

If you only want to only allow access through HTTPS, not HTTP, you should add SSLRequireSSL to the directives described above:

  ...
AuthName "Subversion repository"
AuthUserFile installdir/repository/users
require valid-user
SSLRequireSSL
</Location>


### How to enable post-commit notifications via email for Subversion?

To configure a Subversion repository to send emails via SMTP with the commit log, follow these steps:

• Download the latest source code from Subversion and copy the hooks directory into the installdir/subversion directory:

 $wget http://apache.mesi.com.ar/subversion/subversion-1.8.9.tar.gz$ tar -xzvf subversion-1.8.9.tar.gz
$sudo cp -r subversion-1.8.9/tools/hook-scripts installdir/subversion/hooks  • Copy the example mailer.conf file: $ sudo cp installdir/subversion/hooks/mailer/mailer.conf.example installdir/subversion/hooks/mailer/mailer.conf

• Configure the SMTP mail settings in the mailer.conf file. Here is an example for a Gmail account:

 [General]
smtp_hostname = smtp.gmail.com:587
smtp_use_ssl = true

...

[defaults]

# separated by whitespace (no commas).
# NOTE: If you want to use a different character for separating the
#       addresses put it in front of the addresses included in square
#       brackets '[ ]'.

# If this is set, then a Reply-To: will be inserted into the message.


To use a Gmail account or an SSL connection for SMTP settings, modify the SMTPOutput class in mailer.py with a patch in order to use the added smtp_use_ssl setting. This patch was submitted by Alexey Samodov:

 @@ -278,6 +278,12 @@
def finish(self):
server = smtplib.SMTP(self.cfg.general.smtp_hostname)
+   # 2009-12-13 asadomov: add ssl configuration (e.g. for gmail smtp server)
+    if self.cfg.is_set('general.smtp_use_ssl') and self.cfg.general.smtp_use_ssl.lower() == "true":
+       server.ehlo()
+       server.starttls()
+       server.ehlo()
+

• Configure your post-commit hook script to use the mailer.py and mailer.conf files. The location of your post-commit script depends on the location of your repository. Edit the installdir/repositories/REPOSITORY-NAME/hooks/post-commit.tmpl file and replace the last line with the following one:

 installdir/python/bin/python installdir/subversion/hooks/mailer/mailer.py commit "$REPOS" "$REV" installdir/subversion/hooks/mailer/mailer.conf


In case the installdir/python directory does not exist, use the system's Python binary, usually at /usr/bin/python.

• Enable the post-commit hook by renaming the post-commit script and removing the .tmpl extension:

 \$ sudo mv installdir/repositories/your_repo/hooks/post-commit.tmpl installdir/repositories/your_repo/hooks/post-commit


To test it, change a file and commit the changes. In case of an error, the error message will be displayed after the commit.

nativeInstaller