Switch Rancid to SVN and view your SVN DB with WEBSVN

In the previous blog I explained how you can use Rancid to create back-ups of your network devices. Now I will explain how you can create a website where you can view the configurations and compare them with previous versions. This can be a powerful tool for solving problems.

Since I like SVN more then CVS as a version control system, I go for SVN with WebSVN as GUI. Everything is running on a virtual machine running OpenSuse 11.2.

image

In the previous blog, Rancid was configured with CVS, since this is the default setting. So first of all we need to change this to SVN. For this, go to the Rancid directory and change the following lines in the rancid.conf configuration. For safety, make sure you’re using the rancid user.

su – rancid
nano etc/rancid.conf

rancid.conf

RCSSYS=svn; export RCSSYS

CVSROOT=$BASEDIR/SVN; export CSVROOT

This is all we have to change for rancid to use SVN. Now the CVS repository is superfluous. For safety reason I deleted al the files and directories within the var directory. If you added a lot or devices to the router.db file(s), you may want to back-up them.

rm –Rf ~/var/*

Now we run “rancid-cvs” to create new folders and a new SVN database.

~/bin/rancid-cvs

Fill up router.db or replace the new created one, with a back-up. Unfortunately it seems there is a little bug in version 2.3.4 of Rancid, which corrupts the SVN database after editting router.db. This can easily being solved with the command “svn update”.

cd ~/var/location
nano router.db
svn update

After this we are done with the Rancid part. Next is installing and configuring WebSVN. Make sure you have installed Apache. It can be found in the repositories of OpenSuse, unfortunately WebSVN can’t.

Logout as the rancid user and go to your own homedirectory.

exit
cd ~

Now download (the latest) WebSVN which can be found on http://www.websvn.info/. Extract the file and copy it to a “logic” location, I use /usr/local/websvn and set the permission for the web server.

wget http://websvn.tigris.org/files/documents/1380/47525/websvn-2.3.1.tar.gz
tar xvf websvn-2.3.1.tar.gz
mkdir /usr/local/websvn
cp –R ~/websvn-2.3.1/* /usr/local/websvn/
chown wwwrun:www /usr/local/websvn

Now we need the configure apache so we can access the websvn website. I use a virtualhost for this, cause I’m also running Cacti on this server.

Create a file in the directory /etc/apache2/vhosts.d/ and add the configuration to it. You may also make a copy of the vhost.template, but I think it is a bit overwhelming for such an easy site like WebSVN. Make sure you have enough rights to edit this file.

nano /etc/apache2/vhosts.d/websvn.conf

websvn.conf

<VirtualHost *:80>
        ServerName switchsvn
        Documentroot /usr/local/websvn

        <Directory "/usr/local/websvn/">
                Options Includes Indexes
                Order allow,deny
                Allow from all
        </Directory>

</VirtualHost>

If you restart apache, this configuration is loaded. I added switchsvn to our DNS to access this site, but you can offcourse always edit you hosts file, to test.

If you now go to http://switchsvn, you should see the Websvn website. If not, check if the firewall is not blocking port 80. You can also check if the server is listening on port 80, with netstat –nat. If it isn’t, you should check the /etc/apache2/listen.conf file.

image

The last step in the configuration is to point WebSVN to the SVN database and grant the webserver enough rights to work with SVN within the SVN repository.

First we need to copy the initial configuration file and second we need to modify it and tell it where the repository can be found.

cp /usr/local/websvn/include/distconfig.php /usr/local/websvn/include/config.php
nano /usr/local/websvn/config.php

config.php

$config->addRepository(‘Switches’, ‘file:///usr/local/rancid/var/CVS/’);

To make sure the webserver has enough rights I added the wwwrun user to the users group. I can imagine that for security reasons you create(d) a group networking.

usermod –A users wwwrun

If you now access the website, you should see the repository and you can browse through configurations and compare them with previous versions.

Facebooktwittergoogle_plusredditpinterestlinkedinmailby feather

30 thoughts on “Switch Rancid to SVN and view your SVN DB with WEBSVN

  1. Having this problem where websvn tells me : “/var/lib/rancid/CVS/db/uuid’: Permission denied” the CVS directory is owned by the user rancid:rancid, what should I DO?

  2. Haven’t had this error, but I think it is a permission problem with the Apache user. Depending on which Linux distribution it can vary. On Open Suse where wwwrun is the Apache user you can easily add this to the group rancid. So that it gets the group permissions. To accomplish this type: “usermod -A rancid wwwrun”. Please let me know if this was any helpful for you. Don’t hesitate to contact me if you need further assistance.

  3. Added the user www-data ( I’m using ubuntu) to the group rancid with the following command: usermod -a -G rancid www-data and it worked!! I been trying to get this set up to work for 2 days now, so it feels better 😉 . Thanks very much for the suggestion and keep up the good articles!

  4. Hi,

    when I try to browse the repository, the repository was blank w/out any error.
    I have configured (On Debian 5, WebSVN installed via apt) the file /etc/websvn/svn_deb_conf.inc

    $config->addRepository(“NETCONFIG”, “file:///var/lib/rancid/SVN”);

    Any Idea? Where I can find a log to find the issue?
    Ciao
    Robby

  5. Most of the problems seems to be related to permissions, so maybe you can try the same solutions, as I advised to Geo, by adding the Apache user to the group of the SVN DB.

    I also installed WebSVN on my Debian machine, unfortunately I have no SVN DB on it, but I see that also the ParentPath is configured, maybe you can comment this line?

    Please let me know if this was any help to you and don’t hesitate to contact me for further questions.

  6. Ciao,

    the problem of the blank repository w/out any error is depended by the version of the WebSVN, infact with the debian aptitude install the 2.0, manually upgrading to the actual 2.3.1 the error magically appears.

    The error display a permission deny.
    On my old database infact the user www-data (apache user) cannot write to the .cvs folder inside each of the subfolders of the repository. I have changed permission from 644 to 664 and all warked fines.

    byby
    Robby

  7. hi,
    I did all this, but when load my url i get this:
    Error running this command: svn –non-interactive –config-dir /tmp list –xml ‘file:///usr/local/rancid/var/CVS/%29/@’
    URL ‘file:///usr/local/rancid/var/CVS/%29’ non-existent in that revision

    i’m using subversion as the backend. Anyone have ideas, i’m fresh out.

  8. dweise :

    hi,
    I did all this, but when load my url i get this:
    Error running this command: svn –non-interactive –config-dir /tmp list –xml ‘file:///usr/local/rancid/var/CVS/%29/@’
    URL ‘file:///usr/local/rancid/var/CVS/%29′ non-existent in that revision

    i’m using subversion as the backend. Anyone have ideas, i’m fresh out.

    I recognize this error, but unfortunately I have no solution for it. When I had this error I just started over, not a great solution, but it worked for me 😉

    But let use this as a last resort. It would be nice if we can figure out what goes wrong and how to solve it. Can you tell us the version of SVN you use? Also make sure that the “www” user has enough rights or participates in the right groups, I saw a lot of different problems that had to do with permission problems.

    Also please let me know if you made any progress or solved the problem.

  9. Hi,
    I was good up to the point where you attempt to run SVN in a browser. When I try to just ocnnect to local host I just get the index of the server, no SVN, is there a directory in the URL I have to enter?

  10. Jeff :

    Hi,
    I was good up to the point where you attempt to run SVN in a browser. When I try to just ocnnect to local host I just get the index of the server, no SVN, is there a directory in the URL I have to enter?

    Can you post your websvn.conf, which is in the apache directory?
    I think the error is caused by either a bad websvn.conf or the apache which doesn’t know which filetypes or documents to serve.

  11. Here it is – Thanks!

    admin@linux-iaux:/etc/apache2/vhosts.d> cat websvn.conf

    ServerName switchsvn
    Documentroot /usr/local/websvn

    Options Includes Indexes
    Order allow,deny
    Allow from all

    admin@linux-iaux:/etc/apache2/vhosts.d>

  12. I will try again here:
    admin@linux-iaux:/etc/apache2/vhosts.d> cat websvn.conf

    ServerName switchsvn
    Documentroot /usr/local/websvn

    Options Includes Indexes
    Order allow,deny
    Allow from all

  13. the greater than and less to signs, here it is without them:
    admin@linux-iaux:/etc/apache2/vhosts.d> cat websvn.conf
    VirtualHost *:80
    ServerName switchsvn
    Documentroot /usr/local/websvn

    Directory “/usr/local/websvn/”
    Options Includes Indexes
    Order allow,deny
    Allow from all
    /Directory

    /VirtualHost

  14. Don’t know if something went wrong with copy/pasing, but I miss .

    Something like this below:
    [code]

    ServerName switchsvn
    Documentroot /usr/local/websvn


    Options Includes Indexes
    Order allow,deny
    Allow from all


    [/code]

  15. Hmm I see something went wrong with copy/paste, does the < directory ... end with an forwared slash? Wednesday when I'm back at work, I will look up the exact apache configuration, it seems that the documenttype isn't handled correctly, i.e. index.html isn't picked up. I already did some internet searching and it seems the parameter I ment is called: DirectoryIndex and that this can be found in the httpd.conf file. Please let me know if this was any help for you.

  16. I reintstalled and everything is fine, I get the SVN web page.
    After I add the commands to point it to the SVN database I receive a blank web page now, if I remove the pointer from the config.php the SVN webpage returns. So is there is something not right with the repository?
    Also the repository file: file:///usr/local/rancid/var/CVS, point to a CVS directory, CVS does not exist in that directory, only SVN. Any ideas?

  17. Ok, I got a little farther now I get this error in the SVN web page:
    Error running this command: svn –non-interactive –config-dir /tmp list –xml ‘file:///usr/local/rancid/var/CVS/@’
    Unable to open an ra_local session to URL
    Unable to open repository ‘file:///usr/local/rancid/var/CVS’
    Can’t open file ‘/usr/local/rancid/var/CVS/format’: Permission denied

  18. @BlackBurn

    I ran into the issue the last person asked about. For the benefit of anyone arriving late the rancid-cvs script now creates an SVN directory if the rancid,conf file directs it to.

    Super cool.

    The longest part of putting this together was realizing that I needed the more specific entries in my .cloginrc file before the wildcarded entries.

    I think it took me 4 hours to sort that out, because I don’t trust myself to follow instructions and the devices I couldn’t reach were only available via ssh. Once I temporarily enabled telnet on the device and in the file and ran tcpdump, I realized I was trying the more generic credentials because I put the list together upside down 🙂

  19. So I’m having the blank websvn page issue that you guys are talking about.

    If I add this to the config, the web page goes blank. If I remove it, it comes back. I’m not sure where to go from here. Any ideas?

    $config->addRepository(‘Switches’, ‘file:///usr/local/rancid/var/SVN/’);

  20. @Scott
    Could you tell me some more about your configuration, which OS and what version of websvn?
    Further tell me something about the users and rights.

    Most problems seems related to access rights.

  21. hello,

    I have a problem with websvn.
    I see all my files and folders on the web page. But when I click router.db or configuration of a switch, the file is apparently empty.
    While the corresponding files, which are in the directory contains the setup.
    Do you know where it comes from?

  22. Pierra :

    hello,

    I have a problem with websvn.
    I see all my files and folders on the web page. But when I click router.db or configuration of a switch, the file is apparently empty.
    While the corresponding files, which are in the directory contains the setup.
    Do you know where it comes from?

    I’m not sure, but it could have to do something with the rights on the file. A bit nasty but you could set “777” rights to a particular file and test it.

  23. Thank for your answer!

    I gave all the rights to a configuration file that is located in / configs.
    and this has not changed, idon’t read it!

  24. Pingback: Behind the scenes of RANCID (5 of 30) | IT Depends Networks

Leave a Reply

Your email address will not be published. Required fields are marked *

*