全部博文(136)
分类: LINUX
2008-08-29 15:31:36
OS:Centos5.2
需要安装几个必须的软件
1 install berkeley-db
To do a standard UNIX build of Berkeley DB, change to the build_unix directory and then enter the following two commands:
../dist/configure --prefix=/usr/local/db
make
This will build the Berkeley DB library.
To install the Berkeley DB library, enter the following command:
make install
To uninstall Berkeley DB, enter:
make uninstall
2 安装apr-util-1.3.2和 apr-util-1.3.2
downlaod apr and apr-util
1)install apr
#./configure --prefix=/usr/local/apr/
make && make install
2)install apr-util
#./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr/ --with-berkeley-db=/usr/local/db
make && make install
3) install apache
#./configure --prefix=/usr/local/apache --enable-so --enable-dav --enable-dav-fs --enable-maintainer-mode --with-apr=/usr/local/apr1.3.3/bin/apr-1-config --with-apr-util=/usr/local/apr-util1.3.4/bin/apu-1-config --enable-ssl
#make && make install
apache 的modules模块目录位于/usr/local/apache/modules
配置文件位于/usr/local/apache/conf/httpd.conf文件中
一般情况下以下语句已经加入进去了
LoadModule dav_svn_module modules/mod_dav_svn.so
LoadModule authz_svn_module modules/mod_authz_svn.so
LoadModule mysql_auth_module modules/mod_auth_mysql.so
2 install mysql
#cd mysql-5.0.22
#./configure --prefix=/usr/local/mysql
#make && make install
#cp ./support-files/my-medium.cnf /etc/my.cnf
#groupadd mysql
#useradd -g mysql –s /sbin/noshell mysql
#./scripts/mysql_install_db --user=mysql
#chown –R mysql.mysql /usr/local/mysql
启动mysql
#/usr/local/mysql/bin/mysqld_safe --user=mysql
更改root密码
#mysqladmin password ‘新密码’
3 instal subversion
./configure --prefix=/usr/local/subversion --enable-maintainer-mode --with-apxs=/usr/local/apache/bin/apxs --with-apr=/usr/local/apr1.3.3/ --with-apr-util=/usr/local/apr-util1.3.4 --with-berkeley-db=/usr/local/db/lib
4 #mkdir /home/svnroot
#svnadmin create --fs-type fsfs /home/svnroot/repos1
#chown -R daemon.daemon /home/svnroot
更改httpd.conf配置,增加如下:
#add for svn
Order allow,deny
Allow from all
DAV svn
SVNParentPath /home/svnroot/
AuthType Basic
AuthName "Subversion Repository"
AuthUserFile /etc/svn/passwd
AuthzSVNAccessFile /etc/svn/accesspolicy
Require valid-user
# SSLRequireSSL 如果必须通过https连接请注释掉此行,并安装下面的方法生成ssl证书
创建passwd文件和accesspolicy文件
#htpasswd –c –m /etc/svn/passwd tom
系统会提示输入密码两次
-c 创建文件passwd,第一次请加此参数
-m 增加用户
Accesspolicy文件内容
[groups]
developers = tom,mike,jack
[/]
@developers = rw
* = r
5 启动svn
#svnserve -d
6 instal svn manager
1)instal php
./configure --prefix=/usr/local/php --with-apxs2=/usr/local/apache/bin/apxs --with-mysql=/usr/local/mysql --with-zlib
2)install php pear
/usr/local/php/bin/pear install VersionControl_SVN1.0.3.tgz
3)初始话config.php
4)
为SVNManager创建访问用户及数据库:
#mysql –u root –p
Mysql>create database svnuser;
Mysql>grant all on svn.* to svnadmin@’localhost’ identified by ‘svnadmin’;
Mysql>flush prifileges;
Mysql>quit;
4)打开IE,输入地址
用admin:admin登陆
新建admin权限的用户,最后的password输入admin
7安装https
使用https方式验证
vi /usr/local/apache/conf/http.conf
# Secure (SSL/TLS) connections
Include conf/extra/httpd-ssl.conf //把此处的#去掉
对证书不熟悉的人,有一个工具可以使用:
# cd /usr/local/apache2/conf
# tar zxvf ssl.ca-0.1.tar.gz
# cd ssl.ca-0.1
# ./new-root-ca.sh (生成根证书)
No Root CA key round. Generating one
Generating RSA private key, 1024 bit long modulus
...........................++++++
....++++++
e is 65537 (0x10001)
Enter pass phrase for ca.key: (输入一个密码)
Verifying - Enter pass phrase for ca.key: (再输入一次密码)
......
Self-sign the root CA... (签署根证书)
Enter pass phrase for ca.key: (输入刚刚设置的密码)
........
........ (下面开始签署)
Country Name (2 letter code) [MY]: CN
State or Province Name (full name) [Perak]:
Locality Name (eg, city) [Sitiawan]:
Organization Name (eg, company) [My Directory Sdn Bhd]: jishikeyan
Organizational Unit Name (eg, section) [Certification Services Division]: ACSTAR
Common Name (eg, MD Root CA) []: yong
Email Address []: yong@yong.com.cn
这样就生成了ca.key和ca.crt两个文件,下面还要为我们的服务器生成一个证书:
# ./new-server-cert.sh server (这个证书的名字是server)
......
......
Country Name (2 letter code) [MY]: CN
State or Province Name (full name) [Perak]:
Locality Name (eg, city) [Sitiawan]:
Organization Name (eg, company) [My Directory Sdn Bhd]: jishikeyan
Organizational Unit Name (eg, section) [Secure Web Server]: ACSTAR
Common Name (eg, ) []: localhost
Email Address []: yong@yong.com.cn
这样就生成了server.csr和server.key这两个文件。
还需要签署一下才能使用的:
# ./sign-server-cert.sh server
CA signing: server.csr -> server.crt:
Using configuration from ca.config
Enter pass phrase for ./ca.key: (输入上面设置的根证书密码)
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
countryName :PRINTABLE:'CN'
stateOrProvinceName :PRINTABLE:'
localityName :PRINTABLE:'
organizationName :PRINTABLE:'jishikeyan'
organizationalUnitName:PRINTABLE:'ACSTAR'
commonName :PRINTABLE:'localhost'
emailAddress :IA5STRING:'yongl@yong.com.cn'
Certificate is to be certified until Jul 16 12:55:34 2005 GMT (365 days)
Sign the certificate? [y/n]: y
1 out of 1 certificate requests certified, commit? [y/n] y
Write out database with 1 new entries
Data Base Updated
CA verifying: server.crt <-> CA cert
server.crt: OK
下面要按照ssl.conf里面的设置,将证书放在适当的位置(/usr/local/apache/conf)。
# chmod 400 server.key
# cd ..
# mv ssl.ca-0.1/server.key server.key
# mv ssl.ca-0.1/server.crt server.crt
然后就可以启动啦!
# cd /usr/local/apache2
# ./bin/apachectl start
在浏览器中
