On Thu, Feb 9, 2012 at 3:15 AM, <d.guthmann_at_gmx.net> wrote:
> Hello,
>
> first of all: I'm really sorry for the missing subject-line.
>
> -------- original message --------
>> Will it stay with access on the repositories only or is it will your
>> external devs need access to test infrastructure, documentation or
>> whatever, too? In the latter case I would prefer setting up a proper
>> VPN infrastructure which allows you to use Apache as the svn host for
>> your external devs and only let them see specific networks they need
>> via routing, firewall etc.
>
> Normally I would agree to you, but it would be too extensive to gave only to that part of our network, which is necessary for that project, when using a VPN-Client. So the VPN-Connection would be restricted only to the Subversion-Service, so I seems to be easier to set up a SSH-Tunnel than a VPN-Service.
>
> A better solution would be a kind of proxy-service that I can place in the DMZ... is there a working proxy-solution for subversion?
> Some time ago I've gave access to a subversion-repository via a reverse-proxy running on apache... that wasn't working properly...
> Are there other proxy-like services which will work well with subversion?
What kind of trouble did you have with apache in the reverse-proxy
mode? I've had that working and I think the only issue was that the
relative path had to be the same as the actual target. That is you
can't proxy http:/realhost/svn as http://proxyhost/somewhere/svn.
Also for a straight passthrough you might run stunnel accepting https
from outside your dmz, connecting to http on the inside server.
--
Les Mikesell
lesmikesell_at_gmail.com
Received on 2012-02-09 14:55:03 CET