Apache-2.2

apache2.2 svn 伺服器的 nginx SSL 終止導致無休止的重定向

  • July 6, 2014

我正在嘗試在我們的新公司伺服器上設置一個 SVN 儲存庫。我們使用 nginx 作為 SSL 終止和 apache 作為 SVN 後端。

我不知道我的配置有什麼問題,但是如果我打電話svn info https://svn.example.com/repo,我會得到:

Redirecting to URL 'https://svn.example.com/repo':
Redirecting to URL 'https://svn.example.com/repo':
svn: E195019: Redirect cycle detected for URL 'https://svn.example.com/repo'

如果我使用 wireshark 來嗅探從 nginx 前端到我們的 apache 後端的未加密流量,我可以看到對“/repo”的“選項”請求,然後301 Moved Permanently重定向到http://svn.example.com/repo/. 但是 svn 客戶端顯然只看到了一個重定向https://svn.example.com/repo(尾斜線被 nginx 剝離),它只是為了再次獲得這個重定向

我認為我的錯誤是一些我忘記設置的簡單配置指令或類似的東西,但是在Google搜尋超過 3 個小時沒有找到任何幫助之後,我感到有點無助。

我的 nginx 配置:

server {
       ssl                     on;
       ssl_certificate         ssl/svn.example.com.crt;
       ssl_certificate_key     ssl/svn.example.com.key;
       listen                  1.2.3.4:443 ssl spdy;
       allow                   all;
       server_name             svn.example.com;
       location / {
               set $fixed_destination $http_destination;
               if ( $http_destination ~* ^https(.*)$ ) {
                       set $fixed_destination http$1;
               }
               proxy_set_header Destination $fixed_destination;
               proxy_set_header Host $http_host;
               proxy_set_header X-Real-IP $remote_addr;
               proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
               proxy_set_header X-Forwarded-By $server_addr:$server_port;
               proxy_set_header X-Forwarded-Proto $scheme;
               proxy_pass http://127.0.0.1:8080;
               proxy_redirect http:// https://;
       }
}

這是 apache 虛擬主機配置:

<VirtualHost *:8080>
       ServerName svn.example.com
       ServerAdmin spam@example.com

       DocumentRoot /srv/svn
       <Directory /srv/svn>
               Options none
               AllowOverride None
               Order deny,allow
               Deny from all
       </Directory>

       <Location />
               Order deny,allow
               Allow from all

               DAV svn
               SVNParentPath /srv/svn
               SVNReposName "Subversion Repository"

               #our access control policy
               AuthzSVNAccessFile /srv/svn/access

               #only authenticated users may access the repository
               Require valid-user

               #how to authenticate a user
               AuthType Basic
               AuthName "Subversion Repository"
               AuthUserFile /srv/svn/users

               Satisfy All
       </Location>

       ErrorLog ${APACHE_LOG_DIR}/svn_error.log

       # Possible values include: debug, info, notice, warn, error, crit,
       # alert, emerg.
       LogLevel warn

       CustomLog ${APACHE_LOG_DIR}/svn_access.log combined
</VirtualHost>

我的軟體版本:

# apache2ctl -v
Server version: Apache/2.2.22 (Debian)
Server built:   Feb  1 2014 21:26:04

# nginx -v
nginx version: nginx/1.6.0

#svn --version
svn, version 1.8.9 (r1591380)
  compiled May 21 2014, 03:09:46 on x86_64-pc-linux-gnu

Copyright (C) 2014 The Apache Software Foundation.
This software consists of contributions made by many people;
see the NOTICE file for more information.
Subversion is open source software, see http://subversion.apache.org/

The following repository access (RA) modules are available:

* ra_svn : Module for accessing a repository using the svn network protocol.
 - with Cyrus SASL authentication
 - handles 'svn' scheme
* ra_local : Module for accessing a repository on local disk.
 - handles 'file' scheme
* ra_serf : Module for accessing a repository via WebDAV protocol using serf.
 - using serf 1.3.6
 - handles 'http' scheme
 - handles 'https' scheme

客戶端上相同的svn版本。

好吧,在Google搜尋了一些之後,我終於找到了解決方案:https ://stackoverflow.com/questions/18474825/what-is-the-cause-of-svn-e195019-redirect-cycle-detected-for-url/18474826# 18474826

將 DocumentRoot 移動到“svn root”之外的另一個位置後,所有事情都按預期工作。

我希望這可以幫助遇到同樣問題的人。

引用自:https://serverfault.com/questions/610398