Daemon for maintaining svn authz files
APACHE-2.0 License
This daemon uses pubsub to watch for both:
If either is detected, an updated asf-authorization and
pit-authorization file will be generated in the directory
specified as output_dir
in the svnauthz.yaml.erb template
found in the subversion_server module.
This service uses the ASF's pipservice
Puppet class to operate
and configure the daemon, and is deployed using the custom
subversion_server::svnauthz
class.
Encrypted vars used to generate svnauthz.yaml from template are
handled by and scoped for the subversion_server::svnauthz
class.
These values are defined in the encrypted nodefile for the host running the service.
This service runs as www-data
.
The installation directory: /opt/svnauthz
and its contents are owned by www-data:www-data
This service is deployed and runs as a systemd service unit.
systemctl (start|stop|status) pipservice-svnauthz.service
journalctl -u pipservice-svnauthz.service
In order to test changes to template files
requirements.txt
svnauthz.yaml
output_dir
to (say) /tmp/authz
template_url
to /path/to/your/templates/
.../modules/subversion_server/files/authorization/
;ref
to hold "reference" outputs (call it anything and place it anywhere, it's just usedref
directory, fetch the current/live set of authz files using
$ scp svn-master.apache.org:/x1/svn/authorization/*n .
$ ./authz.py --test
(note the daemon will not start; the script will produce the authz$ diff /tmp/authz/asf-authorization ref/
[1] The 'check' is currently just diffing the output, future may provide a syntax checker for validity.