You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@maven.apache.org by Greg Morgan <dr...@cox.net> on 2007/10/29 02:34:32 UTC
Sonatype Book and Repository Configuration
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
So I am following this page http://www.sonatype.com/book/repository.html
. I get the idea that after I have a closed source local repo inplace,
I can configure the parent pom.xml with the information and the
settings.xml with the passwords. So I am feeling a bit stretched and
google isn't being kind about 'setup apache "REST server"' I was
wondering if someone can provide me with some additional background?
I have pasted my apache maven-snap.conf below. At first I just want a
simple solution. Later I can try archiva and similar solutions. What I
find unsavory about the path I am taking, in the file below is enabling
a shared upload mechanism and all the pathological problems of squaring
away team security and apache security. If I already have a working
authz_mod_svn security configuration and basic auth scheme going for
subversion, might I be able to revise the maven-snap.conf below so that
webdav is used for the transport? Can anyone point me to a URL for an
example configuration? Also would I use webdav_fs with this configuration?
Regards,
Greg
# Ident: maven-snap.conf
#
# maven-snap.conf provides steps to configure a simple Maven
# Snap_shot_repo, Release_repo, and required_files location
# on a maven box,
#
# Steps
# su - root
# cd /var/www
# mkdir maven2
# cd maven2
# mkdir snapshot_repo
# mkdir release_repo
# mkdir required_files
# cd /var/www
# chown -R apache.apache maven2
# chmod -R g+rwsx maven2
# copy this file to fedora /etc/httpd/conf.d directory
# /etc/rc.d/init.d/httpd restart
# exit # root login
#
<IfModule !mod_dir.c>
LoadModule dir_module modules/mod_dir.so
</IfModule>
<IfModule !mod_autoindex.c>
LoadModule autoindex_module modules/mod_autoindex.so
</IfModule>
# This error_log message on linux said I needed to remove a security
setting.
# this may be OK on an internal network!
#
# [Sun Oct 28 17:31:41 2007] [error] [client 172.20.3.25] ModSecurity:
Access denied with code 403 (phase 4). Pattern match "(?:>\\\\[To Parent
Directory\\\\]<\\\\/[Aa]><br>|<title>Index of.*?<h1>Index of)" at
RESPONSE_BODY. [id "970013"] [msg "Directory Listing"] [severity
"WARNING"] [hostname "bagheera"] [uri "/maven-snap/"] [unique_id
"0vxS86wUAxcAAF7zk4IAAAAA"]
#
# Note remove error for directory listing?
# Found in /etc/httpd/modsecurity.d/modsecurity_crs_50_outbound.conf
# SecRule RESPONSE_BODY "(?:>\[To Parent
Directory\]<\/[Aa]><br>|<title>Index of.*?<h1>Index of)" \
#
"ctl:auditLogParts=+E,deny,log,auditlog,status:403,msg:'Directory
Listing',,id:'970013',severity:'4'"
#
Alias /maven-snap "/var/www/maven2/snapshot_repo"
<Directory "/var/www/maven2/snapshot_repo">
DirectoryIndex index.html index.htm
Options Indexes
IndexOptions FancyIndexing
Order allow,deny
Allow from all
</Directory>
# Maven Release repo
Alias /maven-release "/var/www/maven2/release_repo"
<Directory "/var/www/maven2/release_repo">
DirectoryIndex index.html index.htm
Options Indexes
IndexOptions FancyIndexing
Order allow,deny
Allow from all
</Directory>
# Required files for dependencies. The idea behind this
# web location is that you store all the jars and other archives
# that were used to build your application. Team would go to this
# URL to make sure that a common set of JDKs and other applications
# are used on all developer's work stations.
Alias /required-files "/var/www/maven2/required_files"
<Directory "/var/www/maven2/required_files">
DirectoryIndex index.html index.htm
Options Indexes
IndexOptions FancyIndexing
Order allow,deny
Allow from all
</Directory>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iD8DBQFHJTioxyxe5L6mr7IRAmaJAKCfc3PJzQ/5gYqms3U/78Bjj5KEUQCfati6
nL+Mv7zbFV550gfArwrCgwc=
=BXam
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
For additional commands, e-mail: users-help@maven.apache.org
Re: Sonatype Book and Repository Configuration
Posted by Greg Morgan <dr...@cox.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Insitu wrote:
> Hello Greg,
> Setting up webdav in Apache (2.2) is kind of trivial:
>
> DavLockDB "/var/lock/dav/lock"
>
> Alias /maven2 "/var/www/maven2"
>
> <Directory /var/www/maven2>
> Dav On
> AllowOverride None
> </Directory>
>
> That said, this is a maven list and your question is rather httpd
> specific. Did you have a look at /usr/share/doc/apache2 for example on
> a debian like linux system, or better http://httpd.apache.org ?
Yes Yes you are correct about the httpd specifics and the maven list.
However, you provided me with the pointer to get going. Thank you very
much for posting a response.
>
> If your question is about configuring webdav in maven, this is covered
> http://maven.apache.org/wagon/ in great details ;-). More seriously,
> you just add wagon-dav extension to your pom and you can use dav://
> urls.
>
> REgards,
>
Thanks again.
Regards,
Greg
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iD8DBQFHKY3sxyxe5L6mr7IRArG9AJ9yBPCnaN+5o7N5LH1RWV8Ym0aJxgCeJLA/
ov77jzw5/uFWUkc+q9Om61A=
=os9R
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
For additional commands, e-mail: users-help@maven.apache.org
Re: Sonatype Book and Repository Configuration
Posted by Insitu <ab...@oqube.com>.
Hello Greg,
Setting up webdav in Apache (2.2) is kind of trivial:
DavLockDB "/var/lock/dav/lock"
Alias /maven2 "/var/www/maven2"
<Directory /var/www/maven2>
Dav On
AllowOverride None
</Directory>
That said, this is a maven list and your question is rather httpd
specific. Did you have a look at /usr/share/doc/apache2 for example on
a debian like linux system, or better http://httpd.apache.org ?
If your question is about configuring webdav in maven, this is covered
http://maven.apache.org/wagon/ in great details ;-). More seriously,
you just add wagon-dav extension to your pom and you can use dav://
urls.
REgards,
--
OQube < software engineering \ génie logiciel >
Arnaud Bailly, Dr.
\web> http://www.oqube.com
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
For additional commands, e-mail: users-help@maven.apache.org