Iterate Through Directories and Backup SVN Repositories

I found this useful as I have quite a few SVN repositories that I’m responsible for maintaining. Due to the large number I didn’t want to manually specify each directory in an array as that involved more upkeep that I really wanted to have on my plate. This script will go through a target parent directory and perform an svnadmin dump on each repository to a gzipped file in the target backup directory. So for example if all of your svn repositories reside in /srv/svn and you want your gzip files to end up in /home/backup then create a shell script from the below info and set SVN_PARENT=/srv/svn and SVN_BACKUP=/home/backup. Right now I only care about keeping a day of backups so this script deletes all of the backup files prior to performing the next round of backups. Delete that line if you’re looking to keep a larger backup history.

#/bin/bash

SVN_PARENT=
SVN_BACKUP=
DATE=`date '+%F'`
TEMPFILE=/tmp/svn_backup.tmp

touch $TEMPFILE
ls $SVN_PARENT >> $TEMPFILE
DIR_LIST=( `cat "$TEMPFILE" `)

rm -rf $SVN_BACKUP/*.gz

for i in "${DIR_LIST[@]}"
do
        svnadmin dump $SVN_PARENT/$i | gzip > $SVN_BACKUP/$i.$DATE.svn.gz
done

rm -rf $TEMPFILE

Subversion and LDAP

When I started here, we had 12 SVN repositories (and a valid reason for having all 12). Maintaining the user database was really not doable given that setup as each repository had a distinct user database. I had two goals coming into this – make the management of the user database easier, and make new user setup doable by someone without Linux know-how. To do that I decided to tie things into the AD and make use of that for authentication as well as user setup. Here’s a brief overview of how I made it happen. This assumes a CentOS install but should be easily modified for Debian or other platforms.

  1. Create a connector account in your AD that will be used to query username/password. I granted mine admin rights but you’re probably alright without them, it just needs to query.
  2. Create a user group in the AD that will act as a container for authenticated users and the users than require SVN access into that group
  3. Install Apache, PHP, and the mod_dav and mod_dav_svn modules.
  4. Create your SVN repository (svnadmin create /foo/bar/repo)
  5. On CentOS you should get a subversion.conf file that is already generated for you (not sure on Debian and its ilk) that you’ll need to edit. Here’s a template to use. This assumes your domain name is example.com, the group name you create is “svn,” the connector account is called “SVN CONNECTOR”:
  6. LoadModule dav_svn_module     modules/mod_dav_svn.so
    LoadModule authz_svn_module   modules/mod_authz_svn.so
    
    <VirtualHost *:80>
            DocumentRoot /var/www/html/virtualhosts/svn
            ServerName svn.example.com
            ServerAlias svn
            ErrorLog logs/svn.example.com-error_log
            CustomLog logs/svn.example.com-access_log common
            <Location /repository>
                    DAV svn
                    SVNPath /srv/svn/repository
                    AuthBasicProvider ldap
                    AuthType Basic
                    AuthzLDAPAuthoritative off
                    AuthName "This is your SVN Repository"
                    AuthLDAPURL "ldap://DC.example.com:3268/DC=example,DC=com?sAMAccountName?sub?(&(&(objectClass=user)(objectCategory=person))(memberof=CN=svn,DC=example,DC=com))"
                    AuthLDAPBindDN "CN=SVN CONNECTOR,DC=example,DC=com"
                    AuthLDAPBindPassword "your connector password"
                    Require valid-user
                    Require ldap-group "CN=svn,DC=example,DC=com"
            </Location>

  7. That’s it. Bounce Apache and then test your access to the repository using your domain credentials

Copyright © All Rights Reserved · Green Hope Theme by Sivan & schiy · Proudly powered by WordPress