New to bzr : two of my SVN usecases

Viktor Nagy viktor.nagy at gmail.com
Sat Sep 6 11:10:15 BST 2008


To use modwsgi you will need a line in your virtualhost like
WSGIScriptAlias /repos /my/project/apache/bzr-handler.py

then my bzr-handler.py is something like

from bzrlib.transport.http import wsgi
import sys
sys.path.append('/my/project')
from settings import BAZAAR_REPO_PATH

application = wsgi.make_app(
    root=BAZAAR_REPO_PATH,
    prefix='/repos/',
    path_var='REQUEST_URI',
    readonly=False)

now you can use the bzr+http:// smart protocol to read/write bazaar, BUT the
simple weblisting of your project directory won't work as it's handled to
the bzr-handler as well. (You can try to solve this by adding WSGIMatch (or
something like this) instead of the WSGIScriptAlias)

so, let's make the authentication!

    <Directory /my/project/apache>
        Order deny,allow
        Allow from all

        <Files bzr-handler.py>
        AuthType Basic
           AuthName "Coosci - Repositories"
           Require valid-user
        </Files>
    </Directory>

now you should access these repos with bzr+http://username@yourhost.com, and
bazaar will ask for a password

I hope this helps
V

2008/9/5 Lionel Dricot <zeploum at gmail.com>

>
>
> On Fri, Sep 5, 2008 at 3:56 PM, Viktor Nagy <viktor.nagy at gmail.com> wrote:
>
>>
>> 1) First use case : the LDAP centralized server.
>>>
>>> I want to have a centralized Bzr server for my "trunk". But it has some
>>> limitation : I want the access to be provided over http/https by Apache
>>> (like I'm doing with SVN currently). Also, the authentification is done by
>>> an LDAP server. But I still want to have per-user authorization (I'm
>>> currently doing it in a dav_svn.authz file). How can I reproduce this
>>> usecase ? I want to stress that in some of my project, confidentiality is
>>> really important so I must be able to be sure that read access is only
>>> available for a few allowed users. Also, if permissions are handled by dav,
>>> what about local users on the same filesystem ?
>>>
>>> Bonus point : if a user make its own branch. I understand that it can
>>> push it to the trunk if I give him the authorization. But how can I say :
>>> "It's a good branch, let's host it on the server alongside with the trunk" ?
>>>
>>
>> You can use mod_wsgi (or if you prefer modpyhton) and bazaar for example.
>> What I do is that I serve the bzr repo through mod_wsgi, but the wsgi
>> handler file has an Apache auth required statement. Actually, I use Basic
>> Auth and authenticate using a django site, but I guess LDAP should work as
>> well.
>>
>>
>
> Thanks a lot for your answer. Could you give me more information about your
> configuration ? (You apache config for that would be a great help). Indeed,
> if you succeed with BasicAuth, there's no problem switching to LDAP.
>
> Also, could you explain me how you "serve" bzr over Apache ?
>
> Thanks a lot, your information is invaluable for me !   I really thing that
> it's currently a great missing point in the Bzr documentation/Community :
> the server administrator point of view, the one who will not use bzr to
> develop but will provide tools for developers.
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.ubuntu.com/archives/bazaar/attachments/20080906/d083e1d6/attachment.htm 


More information about the bazaar mailing list