AWS: 우분투 SVN서버

* 세팅환경

> AWS

> Ubuntu Server 16.04 LTS (HVM), SSD Volume Type

> svn, version 1.9.3 (r1718519)

* 중간에 세팅이 잘못 적용될 경우, 이전 과정으로 돌아가기쉽게 단계별로 쪼갰습니다.

0. AWS 인스턴스 생성

AWS: EC2 인스턴스 서버 기본세팅

> 1. EC2 인스턴스 생성 참조.

> 2. 터미널 연결 참조.

> 인스턴스에서 22, 80, 3690포트등 자주쓰는걸 미리 해두는것도 나쁘진 않습니다.

1. 기본설치

1) root권한

login as: ubuntu
Authenticating with public key "imported-openssh-key"
Welcome to Ubuntu 16.04.4 LTS (GNU/Linux 4.4.0-1052-aws x86_64)
 
ubuntu:~$ sudo passwd root
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
 
ubuntu:~$ su
Password:
root:/home/ubuntu#

2) 패키지

root:/home/ubuntu# apt-get update
Hit:1 http://ap-xxxxxx-x.ec2.archive.ubuntu.com/ubuntu xenial InRelease
... ... ...
... ... ...
Fetched 25.1 MB in 5s (4,906 kB/s)
 
Reading package lists... Done
 
root:/home/ubuntu# svn
The program 'svn' is currently not installed. You can install it by typing:
apt install subversion
root:/home/ubuntu# apt install subversion  //<-해당 명령어가 안 먹히면 apt-get install -y subversion
... ... ...
... ... ...
Do you want to continue? [Y/n] y
 
... ... ...
... ... ...
root:/home/ubuntu# svn
Type 'svn help' for usage.

2. 세팅

1) 저장소 생성

> 설정 잘못해서 삭제가 필요하면 'rm -r (저장소_디렉토리명)'

root:/home/ubuntu# cd /
root:/# mkdir -p /svn/repos
root:/# svnadmin create /svn/repos/testRepo
root:/# chown -R root:root /svn/repos   //하위폴더까지 일괄적 처리

2) 설정

//저장소 기본설정
root:/# vi /svn/repos/testRepo/conf/svnserve.conf
... ... ...
[general]
anon-access=none
auth-access=write
password-db=passwd
authz-db=authz
... ... ...
... ... ...
  :wq
 
 
//계정등록
root:/# vi /svn/repos/testRepo/conf/passwd
... ... ...
[users]
master=this_is_pw
  :wq
 
 
//권한
root:/# vi /svn/repos/testRepo/conf/authz
... ... ...
... ... ...
[/]
master=rw
  :wq

3) 서비스 설정 및 등록

root:/# vi /etc/init.d/svnserve
 
#! /bin/sh
### BEGIN INIT INFO
# Provides:          svnserve
# Required-Start:    $local_fs $syslog $remote_fs
# Required-Stop:     $local_fs $syslog $remote_fs
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: Start svnserve
### END INIT INFO
 
# Author: Michal Wojciechowski <odyniec@odyniec.net>
 
PATH=/sbin:/usr/sbin:/bin:/usr/bin
DESC="svnserve"
NAME=svnserve
DAEMON=/usr/bin/$NAME
DAEMON_ARGS="-d -r /svn/repos"
PIDFILE=/var/run/$NAME.pid
SCRIPTNAME=/etc/init.d/$NAME
 
[ -x "$DAEMON" ] || exit 0
 
[ -r /etc/default/$NAME ] && . /etc/default/$NAME
 
. /lib/init/vars.sh
 
. /lib/lsb/init-functions
 
do_start()
{
        start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \
                || return 1
        start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \
                $DAEMON_ARGS \
                || return 2
}
 
do_stop()
{
        start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE --name $NAME
        RETVAL="$?"
        [ "$RETVAL" = 2 ] && return 2
        start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 --exec $DAEMON
        [ "$?" = 2 ] && return 2
        rm -f $PIDFILE
        return "$RETVAL"
}
 
case "$1" in
  start)
        [ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME"
        do_start
        case "$?" in
                0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
                2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
        esac
        ;;
  stop)
        [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"
        do_stop
        case "$?" in
                0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
                2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
        esac
        ;;
  restart|force-reload)
        log_daemon_msg "Restarting $DESC" "$NAME"
        do_stop
        case "$?" in
          0|1)
                do_start
                case "$?" in
                        0) log_end_msg 0 ;;
                        1) log_end_msg 1 ;; # Old process is still running
                        *) log_end_msg 1 ;; # Failed to start
                esac
                ;;
          *)
                # Failed to stop
                log_end_msg 1
                ;;
        esac
        ;;
  *)
        echo "Usage: $SCRIPTNAME {start|stop|restart|force-reload}" >&2
        exit 3
        ;;
esac
 
exit 0

root:/# chmod 755 /etc/init.d/svnserve
root:/# update-rc.d svnserve defaults
root:/# service svnserve restart

3. 포트

* SVN 기본포트 적용.

root:/svn/repos# firewall-cmd --permanent --zone=public --add-port=3690/tcp
The program 'firewall-cmd' is currently not installed. You can install it by typing:
apt install firewalld
root:/svn/repos# apt install firewalld
Reading package lists... Done
Building dependency tree
... ... ...
... ... ...
root:/svn/repos# firewall-cmd --permanent --zone=public --add-port=3690/tcp
success
root:/# firewall-cmd --reload
success
root:/# netstat -anp | grep svnserve
tcp        0      0 0.0.0.0:3690            0.0.0.0:*               LISTEN      4792/svnserve
 
root:/# cd ~
root:~# vi .bash_profile
 
SVN_EDIROT=/usr/bin/vim
export SVN_EDITOR
 
root:~# source .bash_profile

4. 저장소 분할

root:~# svn mkdir svn://xxx.xxx.xxx.xxx/testRepo/trunk
//  Ctrl+X로 입력메뉴 종료
Log message unchanged or not specified
(a)bort, (c)ontinue, (e)dit:
c
Authentication realm: <svn://xxx.xxx.xxx.xxx:3690> xxxxxx-xxx-xxx-xxx-xxxxxxxxx
Password for 'root': *************
 
Authentication realm: <svn://xxx.xxx.xxx.xxx:3690> xxxxxx-xxx-xxx-xxx-xxxxxxxxx
Username: master
Password for 'master': ***********
 
 
-----------------------------------------------------------------------
ATTENTION!  Your password for authentication realm:
 
   <svn://xxx.xxx.xxx.xxx:3690> xxxxxx-xxx-xxx-xxx-xxxxxxxxx
 
can only be stored to disk unencrypted!  You are advised to configure
your system so that Subversion can store passwords encrypted, if
possible.  See the documentation for details.
 
You can avoid future appearances of this warning by setting the value
of the 'store-plaintext-passwords' option to either 'yes' or 'no' in
'/root/.subversion/servers'.
-----------------------------------------------------------------------
Store password unencrypted (yes/no)? y
Committing transaction...
Committed revision 1.
 
root:~# svn mkdir svn://xxx.xxx.xxx.xxx/testRepo/tags
//  Ctrl+X로 입력메뉴 종료
Log message unchanged or not specified
(a)bort, (c)ontinue, (e)dit:
c
Committing transaction...
Committed revision 2.
 
root:~# svn mkdir svn://xxx.xxx.xxx.xxx/testRepo/branch
//  Ctrl+X로 입력메뉴 종료
Log message unchanged or not specified
(a)bort, (c)ontinue, (e)dit:
c
Committing transaction...
Committed revision 3.

5. 체크아웃

svn://master@xxx.xxx.xxx.xxx/testRepo

> xxx.xxx.xxx.xxx부분은 EC2 인스턴스의 IPv4 Public IP등을 기입.

기타. 백업

* SVN 저장소자체가 깨질때를 대비해 dump명령등으로 백업하는 추가작업입니다.

1) S3 패키지

root:/svn/repos/testRepo# apt-get install s3cmd
... ... ...
... ... ...
Need to get 4,028 kB of archives.
After this operation, 17.3 MB of additional disk space will be used.
Do you want to continue? [Y/n] y
... ... ...
... ... ...
root:/svn/repos/testRepo# s3cmd --configure
Enter new values or accept defaults in brackets with Enter.
Refer to user manual for detailed description of all options.
Access key and Secret key are your identifiers for Amazon S3. Leave them empty for using the env variables.
Access Key: xxxKey
Secret Key: xxxxxxxxxxXXXXXXXXXX
Default Region [US]: KO
Encryption password is used to protect your files from reading
by unauthorized persons while in transfer to S3
Encryption password: xxxxxxxxxxXXXXXXXXXX
Path to GPG program [/usr/bin/gpg]: (not set val, just Enter key)
When using secure HTTPS protocol all communication with Amazon S3
servers is protected from 3rd party eavesdropping. This method is
slower than plain HTTP, and can only be proxied with Python 2.7 or newer
Use HTTPS protocol [Yes]: (not set val, just Enter key)
On some networks all internet access must go through a HTTP proxy.
Try setting it here if you can't connect to S3 directly
HTTP Proxy server name: (not set val, just Enter key)
New settings:
  Access Key: xxxKey
  Secret Key: xxxxxxxxxxXXXXXXXXXX
  Default Region: KO
  Encryption password: xxxxxxxxxxXXXXXXXXXX
  Path to GPG program: /usr/bin/gpg
  Use HTTPS protocol: True
  HTTP Proxy server name:
  HTTP Proxy server port: 0
Test access with supplied credentials? [Y/n] Y
Please wait, attempting to list all buckets...
Success. Your access key and secret key worked fine :-)
Now verifying that encryption works...
Success. Encryption and decryption worked fine :-)
Save settings? [y/N] y
Configuration saved to '/root/.s3cfg'

2) 쉘 스크립트

> 지난 백업파일 삭제: 60일 이상 오래된 로그 삭제 쉘스크립트 – 모람씨앤티

root:/svn/repos# cd /
root:/# mkdir /svnBackup
root:/# vi /svnBackup/backup.sh
 
 
#!/bin/bash
svnadmin dump --quiet /svn/repos/testRepo | gzip > /svnBackup/testRepo/svn_$(date +%Y-%m-%d_%H)_[UTC].gz
s3cmd sync /svnBackup/testRepo s3://svnBackup/testRepo/
 
 
root:/# chmod 755 /svnBackup/backup.sh
root:/# cd /svnBackup
 
 
//쉘 스크립트 테스트
root:/# ./backup.sh
upload: '/svnBackup/testRepo/svn_2018-04-12_04_[UTC].gz' -> 's3://svnBackup/testRepo/svn_2018-04-12_04_[UTC].gz'  [1 of 1]
 8871671 of 8871671   100% in    0s    29.07 MB/s  done
Done. Uploaded 8871671 bytes in 1.0 seconds, 8.46 MB/s.

3) crontab(크론탭)을 이용한 스케줄러 등록

root:/svnBackup# vi /etc/crontab
... ... ...
... ... ...
00 0    * * *   root    /svnBackup/backup.sh
00 12    * * *   root    /svnBackup/backup.sh

기타. 참조자료

1) 우분투 기본 제어

우분투 root 계정 암호 설정 및 사용하기 :: Study For Us

수알치 블로그 (수알치@블로그)

2) SVN

DDART - 우분투 16.04 Subversion - SVN서버, SVN+SSH 클라이언트

AWS SVN 설정하기 :: 코딩하는 당근쥬스

이건없지 :: svn trunk, tags, branches 기본 디렉토리 만들기

Hello World!! :: [AWS] svn 설치 후 연결

How to Set Up SVN repository with Amazon AWS | Meng Tang's Blog

3) S3

Backing up a Subversion repository to Amazon’s S3 | this is Blog

PYRASIS.COM: 아마존 웹 서비스를 다루는 기술 부록 - 4. S3을 s3cmd로 관리하기

기타. 변경이력

일자	변경이력
2018-04-12	초안