We have a subversion repository behind our firewall, and I'm trying to figure out how to provide remote developers with access (without giving them access to the whole machine or VPN).
Is there a way that we can have our webserver point to the subversion repository, and redirect all subversion actions? This way the developer only needs to access our web server, not the secure file server which also holds the subversion repository.
You can probably get Apache to proxy WebDAV through to an SVN server, although I don't know if you'll need something more than the usual ProxyPass dance. The other way is to let the developers access the SVN server directly using suitably restricted SSH accounts, which works quite well and involves a lot less insanity.
We ended up creating a new locked-down VPN for subversion access only. Seemed like too big of a pain otherwise, plus we're going to be migrating from Linux to Windows Server pretty soon.
Yes, the most obvious way is to mount the SVN repo using NFS, then the webserver will not know that the repo is held on a different machine. Performance might suffer, but the only way to determine that is to try it.
The webserver could be configured with mod_proxy or iptables to forward the requests to a different server, but you'd need a webserver running on your fileserver too, which almost defeats the point.
NFS option is the easiest and best way.