Home » Forums » JumpBox for Trac/Subversion Discussion

Enabling SSL for Trac and SVN

Submitted by ismangil on Mon, 01/21/2008 - 5:41pm.

The admin site uses SSL, very good.

Can I enable SSL for Trac and SVN itself?

‹ create a new trac project Help: SVN email notification ›
»

I got SSL working for SVN

Submitted by marc on Wed, 03/12/2008 - 4:05pm.

I got SSL working for SVN (over Webdav) too.

Here's how I did it:

  1. Like Austin mentioned, make sure you've got the Trac JB setup and registered--you'll need shell access.

  2. Dump and load existing SVN repository. You can follow the instructions over at http://www.jumpbox.com/node/253.

  3. Update your Apache2 /var/etc/apache2/sites-enabled/000-default config file

    $ sudo vi /var/etc/apache2/sites-enabled/000-default

    Here's what I changed my NameVirtualHost *:443 section to:

    ...
NameVirtualHost *:443
<VirtualHost *:443>
       SSLEngine on
       SSLCertificateFile /etc/apache2/ssl/apache.pem

       #RewriteEngine On
       #RewriteRule ^/(.*)   http://%{SERVER_ADDR}/$1 [L,R]
       <Location /svn/project>
         DAV svn
         SVNPath /var/data/projects/svn/project
         AuthType Basic
         AuthName "My awesome Subversion repository"
         AuthUserFile /var/data/projects/trac.passwd
         Require valid-user
       </Location>

</VirtualHost>
...

Couple of things to note:

  1. I disabled the RewriteEngine/RewriteRule statements 

    #RewriteEngine On
#RewriteRule ^/(.*)   http://%{SERVER_ADDR}/$1 [L,R]

  2. I added a <Location> directive with the path "/svn/project". You can change this to whatever you want; I chose "/svn/project" to keep consistent with stock Trac Jumpbox.

    <Location /svn/project>

  3. We're going to enable SVN over webdav

    DAV svn

  4. Point SVNPath to the location of your default Jumpbox repository. "/var/data/projects/svn/project" by default

    SVNPath /var/data/projects/svn/project

  5. Enable Basic HTTP authentication and tell Apache to use the AuthUserFile that Trac manages. This is basically where all the integration goodness happens.

    AuthType Basic
AuthName "My awesome top secret Subversion repository"
AuthUserFile /var/data/projects/trac.passwd
Require valid-user

  6. Once you've bounced Apache, you can visit https://192.168.x.x/svn/projects which will serve up your SVN repository.

Hope that helps!

-Marc

»

Enabling SSL for Trac and SVN

Submitted by godber on Tue, 01/22/2008 - 10:00am.

Sure, assuming you have registered your JumpBox you can enable shell access then modify the apache config:

sudo nano -B /etc/apache2/sites-available/default

replace the two lines that say:
RewriteEngine On
RewriteRule ^/(.*)   http://%{SERVER_ADDR}/$1 [L,R]

with:
Include /jumpbox/etc/apache2/jumpbox-app
Include /jumpbox/etc/apache2/jumpbox-widget
Include /jumpbox/etc/apache2/jumpbox-proxy

Alias /jbimages /jumpbox/application_portal/public/images
 <Directory /jumpbox/application_portal/public/images>
  AllowOverride None
  Order allow,deny
  allow from all
 </Directory>

There a several ways this can be accomplished, this is just one and may not be the best for your situation. You may also want to redirect your port 80 traffic to the SSL port. Also, upcoming versions are likely to have the ability to enable this in the admin interface.

Austin

»

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.