Setup mercurial over HTTP

Can you give some pointers to setup Mercurial over HTTP/HTTPS? I am setting up a development server (Debian), where i want to create a mercurial repository and push the changes to the server. I need to authenticate to prevent any unnecessary access.

Thanks in advance.


I think Apache is a great way of sharing hg repositories. Not only does the hgweb.wsgi script give one the possibility of running multiple repositories, but it allows developers to conveniently cross-reference the project source code by path or revision from a definitive source.

The following procedure will give an easy way of publishing a repository, and making it available over an https web connection to authenticated users.

First of all I suggest making a clone of your repo without a local file directory.

hg clone -U <myproject> <myproject_to_serve>

Next (using the WSGI configuration which is nice an easy), do the following:

Move your repo to a convenient place from which to serve it:

mv <myproject_to_serve> /var/www/hg/<myproject_to_serve>

Make sure that the repo is read/writable by the web server user:

chown -R www-data:www-data /var/www/hg/<myproject_to_serve>

Now setup read/write rights for users of the project, and provide some information for the project listing on your server's home page:

vim /var/www/hg/myproject_to_serve>/.hg/hgrc
[web]
description = 'This is my new web-enabled project <myproject>'
contact = [email protected]
# consider limiting push usage to only a subset of users
allow_push = *

Now setup WSGI

vim /var/www/hg/hgweb.config
[paths]
/myproj = /var/www/hg/my_project_to_serve

Now setup apache

<VirtualHost *:443>

    ServerName hg.mydomain.net
    ServerAdmin [email protected]

    ErrorLog /var/www/mydomain/logs/hg_error_log
    CustomLog /var/www/mydomain/logs/hg_access_log common

    SSLEngine on
    SSLCertificateFile /etc/ssl/mydomain_net.crt
    SSLCertificateKeyFile /etc/ssl/mydomain_net.key

    DocumentRoot "/var/www/hg/"

    <Location "/hg">
        SetHandler None
    </Location>

    # path to provided hgweb.wsgi script
    WSGIScriptAlias / /var/www/hg/scripts/hgweb.wsgi 

    <Location / >
        AuthType Digest
        AuthName "MySoftware"
        AuthUserFile /home/software/software_web_permissions
        Require valid-user
    </Location>

</VirtualHost>

The above requires you to have:

  1. The hgweb.wsgi script (which comes with a standard Mercurial install on, say, Debian) somewhere conveniently available
  2. An AuthUserFile in apache htdigest format for creating authenticated users.

Surfing to hg.mydomain.net will show you a nicely formatted list of available projects. hg.mydomain.net/myproj will show you, after successful authentication, the current status of your project as per the /var/www/hg/<myproject_to_serve> repo.


My recommendation, if you don't really need any kind of web interface is to use ssh as a transport protocol instead. It doesn't even need real configuration, all you need is ssh and Mercurial installed.

One example: To clone the remote repo named hgtest, which is located at ~username/hgtest into the current directory, use the command

hg clone ssh://[email protected]/hgtest