# apt-get install apache2 libapache2-mod-auth-pgsql libapache2-svn\ postgresql postgresql-contrib subversion cert-ssl

$ sudo su postgres

postgres $ createdb svn

CREATE DATABASE

postgres $ createuser svn

Shall the new role be a superuser? (y/n) n

Shall the new user be allowed to create databases? (y/n) n

Shall the new user be allowed to create more new users? (y/n) n

CREATE USER

postgres $ psql -d svn < /usr/share/postgresql/8.3/contrib/pgcrypto.sql

SET

CREATE FUNCTION

CREATE FUNCTION

CREATE FUNCTION

...

postgres $ psql -d svn

svn =#

-- user table

    CREATE TABLE users (
        user_id SERIAL PRIMARY KEY,
        username VARCAHR(32) NOT NULL,
        passwd TEXT NOT NULL,
        email VARCHAR(255)
        );
    CREATE INDEX idx_users ON users (username);
    GRANT SELECT ON users TO svn;
-- group table

    CREATE TABLE groups (
        group_id SERIAL PRIMARY KEY,
        username VARCHAR(32) NOT NULL,
        memberof VARCHAR(64) NOT NULL -- group name

    );
    CREATE INDEX idx_groups ON groups (username, memberof);
    GRANT SELECT ON groups TO svn;
-- log table

    CREATE TABLE logs (
        logs_id SERIAL PRIMARY KEY,
        uname VARCHAR(32),
        time TIMESTAMP(8),
        uri VARCHAR(512),
        ip INET
    );
    CREATE INDEX idx_logs ON logs (uname, time);
    GRANT INSERT ON logs TO svn;


ALTER USER svn WITH ENCRYPTED PASSWORD '123456';


host all all 127.0.0.1 255.255.255.255 ident sameuser


host svn svn 127.0.0.1 255.255.255.255 md5


# /etc/init.d/postgresql-8.3 restart

# mkdir /opt/svn/
# svnadmin create /opt/svn/repo1

# svnadmin create /opt/svn/repo2


# chown -R www-data:www-data /opt/svn


# a2ensite default-ssl
# a2enmod ssl


# make-ssl-cert generate-default-snakeoil --force-overwrite


# a2enmod dav
# a2enmod dav_svn
# a2enmod 000_auth_pgsql


<Location /svn>
    DAV svn
    SVNParentPath /opt/svn
    
    AuthType Basic
    AuthName "Subversion Repository"

    Auth_PG_host localhost
    Auth_PG_port 5432
    Auth_PG_database svn
    Auth_PG_user svn
    Auth_PG_pwd 123456
    Auth_PG_pwd_table users
    Auth_PG_uid_field username
    Auth_PG_pwd_field passwd
    Auth_PG_grp_table groups
    Auth_PG_grp_group_field memberof
    Auth_PG_grp_user_field username
    Auth_PG_cache_passwords on
    Auth_PG_log_table logs
    Auth_PG_log_uname_field uname
    Auth_PG_log_date_field time
    Auth_PG_log_uri_field uri
    Auth_PG_log_addrs_field ip

    AuthzSVNAccessFile /etc/apache2/dav_svn.authz

    Require valid-user

    SSLRequireSSL
</Location>


$ sudo su postgres
postgres $ psql -d svn
svn =#


-- User 'test1', for 'repo1'

    INSERT INTO users (username, passwd, email)
        VALUES ('test1', crypt('123456', gen_salt('md5'), 'test1@localhost');
    INSERT INTO groups (username, memberof)
        VALUES('test1', 'testgrp');
-- User 'test2', for 'repo2'

    INSERT INTO users (username, passwd, email)
        VALUES ('test2', crypt('abcdef', gen_salt('md5'), 'test2@localhost');
    INSERT INTO groups (username, memberof)
        VALUES('test2', 'testgrp');


[groups]
testgrp=test1,test2

[repo1:/]
*=
test1=rw

# All members in group 'testgrp' could read repository 'repo2',
# user 'test2' has a full access previlege.
[repo2:/]
@testgrp=r
test2=rw