Connection problems to github.com

One of my colleagues had a small issue with pulling the latest from github for my site today. The error was:

ssh: connect to host github.com port 22: Connection refused
fatal: The remote end hung up unexpectedly

Of course the word “fatal” would freak out any non linux user. So a with a little searching the following is the solution.

Add the following to your ./.ssh/config:

host github.com
    hostname ssh.github.com
    port 443

This forces ssh over https for github. All fixed! Now I do not have to bother networking for a firewall rule.

OAuth Flaws

Here is an interesting article on the flaws of OAuth:

http://insanecoding.blogspot.com/2013/03/oauth-great-way-to-cripple-your-api.html

Setting up a subversion repository

This is a bit old. From 2008 to be exact. But, I am putting it out there for reference anyway.

1. Install packages:
sudo apt-get install subversion libapache2-svn libapache-mod-dav apache2

 

Note: libapache-mod-dav is included in libapache2.2-common, so it may be unavailable or you do not need it.

 

2. Enable SSL:
sudo a2enmod ssl

 

check the ports.conf file, if ssl is already enabled we do not need to do the following:
sudo sh -c “echo ‘Listen 443’ >> /etc/apache2/ports.conf”

 

3. Generate Certificate:
Ubuntu < Feisty:
sudo apache2-ssl-certificate
Use the server name to be used for access the web server.

Ubuntu >= Feisty:
sudo apt-get install ssl-cert
sudo mkdir /etc/apache2/ssl
sudo /usr/sbin/make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /etc/apache2/ssl/apache.pem

 

4. Create Virtual Host:
sudo cp /etc/apache2/sites-available/default /etc/apache2/sites-available/$SITENAME
sudo vim /etc/apache2/sites-available/$SITENAME
change:
NameVirtualHost *:443
<VirtualHost *:443>
add:
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/apache.pem
SSLProtocol all
SSLCipherSuite HIGH:MEDIUM

 

5. Enable the site:
sudo a2ensite $SITENAME
sudo /etc/init.d/apache2 restart

A warning that complaints about failure of server name determination can be fixed by adding ServerName $SERVERNAME to the main Apache config /etc/apache2/apache2.conf

 


6. Adding repository(ies):
The following setup assumes we want to host multiple repositories.

$REPOS is “nbty” currently
sudo mkdir /var/svn/repositories
sudo svnadmin create /var/svn/repositories/$REPOS
sudo chown -R www-data:www-data /var/svn/repositories/$REPOS
sudo chmod -R g+ws /var/svn/$REPOS

 

7. Adding Basic Authentication:

$AUTH_USER is svn with password mypassword
sudo htpasswd -c -m /etc/apache2/dav_svn.passwd $AUTH_USER

 

8. Enable and configure WebDAV and SVN:
Add to /etc/apache2/mods-available/dav_svn.conf
DAV svn
SVNParentPath /var/svn/repositories
AuthType Basic
AuthName “Subversion Repository”
AuthUserFile /etc/apache2/dav_svn.passwd
Require valid-user
SSLRequireSSL

and for non-anonymous access comment out:
#<LimitExcept GET PROPFIND OPTIONS REPORT>
#</LimitExcept>

(optionally the same configuration can be set for particular virtual host only, i.e. /etc/apache2/sites-available/$SITENAME)

 

$SITENAME is svn (ssl on svn01 and svn02)

 

Add to $SITENAME in /etc/apache2/sites-available:

# Specially log any Subversion operations.

CustomLog /var/log/apache2/svn.log “%t %u %{SVN-ACTION}e” env=SVN-ACTION

 

<Location /svn/company>

DAV svn

SVNPath /var/svn/repositories/company

SVNReposName “Companies Main Subversion Repository”

</Location>

 


9. Finalization:
sudo /etc/init.d/apache2 restart

 

Testing:

$REPOS = company
Web access:
lynx https://svn01/svn/$REPOS exposes the repository.
lynx http://localhost/svn/$REPOS says: eat my shorts , i.e. 403-forbidden.

 

Now the sync:

 

  1. cd /var
  2. sudo mkdir svn
  3. sudo mkdir svn/repositories
  4. sudo svnadmin create /var/svn/repositories/company
  5. sudo adduser svn
    1. yourpassword is pwd
  6. sudo vipw
    1. change svn line from /bin/bash to /bin/false….we don’t want this user to log in to shell

 

 

Need to

 

 

An initial import:
svn import –username $AUTH_USER $A_FILE https://localhost/svn/$REPOS/testdir -m “Testing”

… and check-out:
svn co –username $AUTH_USER https://localhost/svn/$REPOS

To add a new repository just repeat the step 6 (without making the root directory of course).
If you wish to configure a single repository only, instead of point 6:
sudo svnadmin create /var/svn
sudo chown -R www-data:www-data /var/svn
sudo chmod -R g+ws /var/svn

and in /etc/apache2/mods-available/dav_svn.conf (step 8) use this instead of SVNParentPath:
SVNPath /var/svn

 

sudo svnsync initialize file:///var/svn/repositories/nbty https://svn01/svn/company –username svn –password yourpassword

 

sudo svnsync synchronize file:///var/svn/repositories/company –username svn –password yourpassword