Setup mercurial over HTTP

http authentication mercurial

Can you give some pointers to setup Mercurial over HTTP/HTTPS? I am setting up a development server (Debian), where i want to create a mercurial repository and push the changes to the server. I need to authenticate to prevent any unnecessary access.

Thanks in advance.


I think Apache is a great way of sharing hg repositories. Not only does the hgweb.wsgi script give one the possibility of running multiple repositories, but it allows developers to conveniently cross-reference the project source code by path or revision from a definitive source.

The following procedure will give an easy way of publishing a repository, and making it available over an https web connection to authenticated users.

First of all I suggest making a clone of your repo without a local file directory.

hg clone -U <myproject> <myproject_to_serve>

Next (using the WSGI configuration which is nice an easy), do the following:

Move your repo to a convenient place from which to serve it:

mv <myproject_to_serve> /var/www/hg/<myproject_to_serve>

Make sure that the repo is read/writable by the web server user:

chown -R www-data:www-data /var/www/hg/<myproject_to_serve>

Now setup read/write rights for users of the project, and provide some information for the project listing on your server's home page:

vim /var/www/hg/myproject_to_serve>/.hg/hgrc
[web]
description = 'This is my new web-enabled project <myproject>'
contact = [email protected]
# consider limiting push usage to only a subset of users
allow_push = *

Now setup WSGI

vim /var/www/hg/hgweb.config
[paths]
/myproj = /var/www/hg/my_project_to_serve

Now setup apache

<VirtualHost *:443>

    ServerName hg.mydomain.net
    ServerAdmin [email protected]

    ErrorLog /var/www/mydomain/logs/hg_error_log
    CustomLog /var/www/mydomain/logs/hg_access_log common

    SSLEngine on
    SSLCertificateFile /etc/ssl/mydomain_net.crt
    SSLCertificateKeyFile /etc/ssl/mydomain_net.key

    DocumentRoot "/var/www/hg/"

    <Location "/hg">
        SetHandler None
    </Location>

    # path to provided hgweb.wsgi script
    WSGIScriptAlias / /var/www/hg/scripts/hgweb.wsgi 

    <Location / >
        AuthType Digest
        AuthName "MySoftware"
        AuthUserFile /home/software/software_web_permissions
        Require valid-user
    </Location>

</VirtualHost>

The above requires you to have:

  1. The hgweb.wsgi script (which comes with a standard Mercurial install on, say, Debian) somewhere conveniently available
  2. An AuthUserFile in apache htdigest format for creating authenticated users.

Surfing to hg.mydomain.net will show you a nicely formatted list of available projects. hg.mydomain.net/myproj will show you, after successful authentication, the current status of your project as per the /var/www/hg/<myproject_to_serve> repo.


My recommendation, if you don't really need any kind of web interface is to use ssh as a transport protocol instead. It doesn't even need real configuration, all you need is ssh and Mercurial installed.

One example: To clone the remote repo named hgtest, which is located at ~username/hgtest into the current directory, use the command 

hg clone ssh://[email protected]/hgtest

Related

Is there any reason to store my data in /var/?
Cannot write to CIFS share as non-root user - CentOS 6
Any fast way to assign NTFS permissions to a folder with a very big amount of subfolders and files?
How do I move my small business from a Windows Server 2003 machine to a Windows Server 2008 R2 machine? (Windows Server noob)
Server Bash Line Wrapping Over Text & In Wrong Place
Went from developer to IT Manager. Advice to survive? [closed]
Can't access NTFS file after BSOD. Corruption undetectable by chkdsk?
Is there a reason(s) I should not create a datastore to house a single VM?
Lightweight script for monitoring disk space, ports, etc.?
How does a SAN architecture work and more importantly scale?
Red Hat, Open-Source Server?
Testing VMware ESXi 5 on VMware Workstation 8