apache2.2 svn 服务器的 nginx SSL 终止导致无限重定向

apache2.2 svn 服务器的 nginx SSL 终止导致无限重定向

我正在尝试在我们新的公司服务器上设置 SVN 存储库。我们使用 nginx 作为 SSL 终止,并使用 apache 作为 SVN 后端。

我不知道我的配置有什么问题,但如果我打电话,svn info https://svn.example.com/repo我会得到:

Redirecting to URL 'https://svn.example.com/repo':
Redirecting to URL 'https://svn.example.com/repo':
svn: E195019: Redirect cycle detected for URL 'https://svn.example.com/repo'

如果我使用 wireshark 嗅探从 nginx 前端到我们的 apache 后端的未加密流量,我可以看到对“/repo”的“选项”请求,然后重定向301 Moved Permanentlyhttp://svn.example.com/repo/。但 svn 客户端显然只看到重定向到https://svn.example.com/repo(nginx 删除了尾随斜杠),它随后再次获得此重定向

我认为我的错误是忘记设置一些简单的配置指令或类似的东西,但是在谷歌搜索了 3 个多小时却没有找到任何有用的信息后,我感到有点无助。

我的 nginx 配置:

server {
        ssl                     on;
        ssl_certificate         ssl/svn.example.com.crt;
        ssl_certificate_key     ssl/svn.example.com.key;
        listen                  1.2.3.4:443 ssl spdy;
        allow                   all;
        server_name             svn.example.com;
        location / {
                set $fixed_destination $http_destination;
                if ( $http_destination ~* ^https(.*)$ ) {
                        set $fixed_destination http$1;
                }
                proxy_set_header Destination $fixed_destination;
                proxy_set_header Host $http_host;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header X-Forwarded-By $server_addr:$server_port;
                proxy_set_header X-Forwarded-Proto $scheme;
                proxy_pass http://127.0.0.1:8080;
                proxy_redirect http:// https://;
        }
}

这是 apache 虚拟主机配置:

<VirtualHost *:8080>
        ServerName svn.example.com
        ServerAdmin [email protected]

        DocumentRoot /srv/svn
        <Directory /srv/svn>
                Options none
                AllowOverride None
                Order deny,allow
                Deny from all
        </Directory>

        <Location />
                Order deny,allow
                Allow from all

                DAV svn
                SVNParentPath /srv/svn
                SVNReposName "Subversion Repository"

                #our access control policy
                AuthzSVNAccessFile /srv/svn/access

                #only authenticated users may access the repository
                Require valid-user

                #how to authenticate a user
                AuthType Basic
                AuthName "Subversion Repository"
                AuthUserFile /srv/svn/users

                Satisfy All
        </Location>

        ErrorLog ${APACHE_LOG_DIR}/svn_error.log

        # Possible values include: debug, info, notice, warn, error, crit,
        # alert, emerg.
        LogLevel warn

        CustomLog ${APACHE_LOG_DIR}/svn_access.log combined
</VirtualHost>

我的软件版本:

# apache2ctl -v
Server version: Apache/2.2.22 (Debian)
Server built:   Feb  1 2014 21:26:04

# nginx -v
nginx version: nginx/1.6.0

#svn --version
svn, version 1.8.9 (r1591380)
   compiled May 21 2014, 03:09:46 on x86_64-pc-linux-gnu

Copyright (C) 2014 The Apache Software Foundation.
This software consists of contributions made by many people;
see the NOTICE file for more information.
Subversion is open source software, see http://subversion.apache.org/

The following repository access (RA) modules are available:

* ra_svn : Module for accessing a repository using the svn network protocol.
  - with Cyrus SASL authentication
  - handles 'svn' scheme
* ra_local : Module for accessing a repository on local disk.
  - handles 'file' scheme
* ra_serf : Module for accessing a repository via WebDAV protocol using serf.
  - using serf 1.3.6
  - handles 'http' scheme
  - handles 'https' scheme

客户端上的 svn 版本相同。

答案1

好吧,经过更多谷歌搜索后,我终于找到了解决方案:https://stackoverflow.com/questions/18474825/what-is-the-cause-of-svn-e195019-redirect-cycle-detected-for-url/18474826#18474826

将 DocumentRoot 移动到“svn root”以外的其他位置后,一切都按预期工作。

我希望这能帮助遇到同样问题的人。

相关内容