Setup mercurial over HTTP
Can you give some pointers to setup Mercurial over HTTP/HTTPS? I am setting up a development server (Debian), where i want to create a mercurial repository and push the changes to the server. I need to authenticate to prevent any unnecessary access.
Thanks in advance.
I think Apache is a great way of sharing hg repositories. Not only does the hgweb.wsgi script give one the possibility of running multiple repositories, but it allows developers to conveniently cross-reference the project source code by path or revision from a definitive source.
The following procedure will give an easy way of publishing a repository, and making it available over an https web connection to authenticated users.
First of all I suggest making a clone of your repo without a local file directory.
hg clone -U <myproject> <myproject_to_serve>
Next (using the WSGI configuration which is nice an easy), do the following:
Move your repo to a convenient place from which to serve it:
mv <myproject_to_serve> /var/www/hg/<myproject_to_serve>
Make sure that the repo is read/writable by the web server user:
chown -R www-data:www-data /var/www/hg/<myproject_to_serve>
Now setup read/write rights for users of the project, and provide some information for the project listing on your server's home page:
vim /var/www/hg/myproject_to_serve>/.hg/hgrc
[web]
description = 'This is my new web-enabled project <myproject>'
contact = [email protected]
# consider limiting push usage to only a subset of users
allow_push = *
Now setup WSGI
vim /var/www/hg/hgweb.config
[paths]
/myproj = /var/www/hg/my_project_to_serve
Now setup apache
<VirtualHost *:443>
ServerName hg.mydomain.net
ServerAdmin [email protected]
ErrorLog /var/www/mydomain/logs/hg_error_log
CustomLog /var/www/mydomain/logs/hg_access_log common
SSLEngine on
SSLCertificateFile /etc/ssl/mydomain_net.crt
SSLCertificateKeyFile /etc/ssl/mydomain_net.key
DocumentRoot "/var/www/hg/"
<Location "/hg">
SetHandler None
</Location>
# path to provided hgweb.wsgi script
WSGIScriptAlias / /var/www/hg/scripts/hgweb.wsgi
<Location / >
AuthType Digest
AuthName "MySoftware"
AuthUserFile /home/software/software_web_permissions
Require valid-user
</Location>
</VirtualHost>
The above requires you to have:
- The hgweb.wsgi script (which comes with a standard Mercurial install on, say, Debian) somewhere conveniently available
- An AuthUserFile in apache htdigest format for creating authenticated users.
Surfing to hg.mydomain.net
will show you a nicely formatted list of available projects. hg.mydomain.net/myproj
will show you, after successful authentication, the current status of your project as per the /var/www/hg/<myproject_to_serve>
repo.
My recommendation, if you don't really need any kind of web interface is to use ssh
as a transport protocol instead. It doesn't even need real configuration, all you need is ssh
and Mercurial installed.
One example: To clone the remote repo named hgtest
, which is located at ~username/hgtest
into the current directory, use the command
hg clone ssh://[email protected]/hgtest