Google Git
Sign in
apache / infrastructure-svnauthz / 1e144165dd1483dbdd6023734fb24c9c45d48e03
commit1e144165dd1483dbdd6023734fb24c9c45d48e03[log] [tgz]
authordfoulks1 <48735727+dfoulks1@users.noreply.github.com>Mon Apr 05 15:22:30 2021 -0500
committerGitHub <noreply@github.com>Mon Apr 05 15:22:30 2021 -0500
tree9769d1e2a5f2761b3e8174c3b57a757b3f1eed23
parent8bf0ec3ddecca18084cfd1027d569b9ebac65522 [diff]
Update README.md
1 file changed
tree: 9769d1e2a5f2761b3e8174c3b57a757b3f1eed23
  1. .gitignore
  2. authz.py
  3. gen.py
  4. LICENSE
  5. pipservice-svnauthz.service
  6. README.md
  7. requirements.txt
  8. svnauthz.yaml
  9. svnauthz.yaml.sample
README.md

Daemon to maintain authz files for Apache Subversion

About the SVNAuthz Service

This daemon uses pubsub to watch for both:

  • template/defition changes for authz files
  • LDAP group changes to fill into the template(s).

If either are detected, an updated asf-authorization and pit-authorization file will be generated in the directory specified as output_dir in the svnauthz.yaml.erb template found in the subversion_server module.

SVNAuthz Service configuration

This service uses the ASF's pipservice Puppet class to operate and configure the daemon, and is deployed using the custom subversion_server::svnauthz class.

Encrypted vars used to generate svnauthz.yaml from template are handled by and scoped for the subversion_server::svnauthz class.

These values are defined in the encrypted nodefile for the host running the service.

This service runs as www-data. The installation directory: /opt/svnauthz and its contents are owned by www-data:www-data

This service is deployed and runs as a systemd service unit.

Process control

systemctl (start|stop|status) pipservice-svnauthz.service

Logging

journalctl -u pipservice-svnauthz.service