[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: svnadmin create and not being method agnostic

From: Thorsten Schöning <tschoening_at_am-soft.de>
Date: Tue, 28 Dec 2010 09:05:43 +0100

Guten Tag Philip Prindeville,
am Montag, 27. Dezember 2010 um 22:28 schrieben Sie:

> In our case, we're setting up a secured source repository inside
> our network, for outside access (via port-forwarding on our gateway).

In this scenario and if security is this important for you, then why
not just use svnserve? Depending on how extern suers should access, of
course. svnserve can be bound to it's specific address and port which
is much easier to configure on gateways and firewalls, tunnel through
SSH and all that stuff. Each repository gets it's own physical
configuration per default and you don't need to combine Apache and svn
configuration in any way, which is error prone in my opinion.

At least you wouldn't need to worry about unused configuration files
or even worse, unused code in the built software. :-)

We for example use SSH for gateway authentication, let the SSH users
for repository access just talk to one IP and port where a dedicated
svnserve is hosted just for extern access on it's own repositories.
This svnserve instance can't see our code repositories, because of it's
own user and root path, and each of it's repositories has it's own
user and authz access configuration. Results in encrypted traffic,
Subversion and Apache can be updated independently and easier and
distinguished configuration.

Mit freundlichen Grüßen,

Thorsten Schöning

-- 
Thorsten Schöning
AM-SoFT IT-Systeme - Hameln | Potsdam | Leipzig
 
Telefon: Potsdam: 0331-743881-0
E-Mail:  tschoening_at_am-soft.de
Web:     http://www.am-soft.de
AM-SoFT GmbH IT-Systeme, Konsumhof 1-5, 14482 Potsdam
Amtsgericht Potsdam HRB 21278 P, Geschäftsführer: Andreas Muchow
Received on 2010-12-28 09:06:16 CET

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.