hg ~ # emerge mercurial <br> hg ~ # emerge nginx
The built-in http server will be launched with the commandhg ~ # /usr/bin/hg serve -d -A /var/log/hg_access.log -p 8080 -a 127.0.0.1 --pid-file /var/run/hgserver.pid --encoding utf8 --webdir-conf /etc/hg/web.config
Launch directives:
hg ~ # cat /etc/hg/web.config <br> [web] // <br> allow_push = * // “” ( ) <br> push_ssl = false // ssl ( ) <br> [paths] // “” <br> rep1=/home/repos/rep1 // : - rep1 <br> rep2=/home/repos/rep2 // : - rep2 <br>
Writing the Include directive to the main Nginx configuration filehg ~ # cat /etc/nginx/nginx.conf |grep -i include <br> include "/etc/hg/nginx.conf";
Example configuration file /etc/hg/nginx.confhg ~ # cat /etc/hg/nginx.conf <br> server <br> {<br> listen 443;<br> server_name hg.example.com;<br> client_max_body_size 128M;<br> ssl on;<br> ssl_certificate /etc/ssl/nginx/nginx.pem;<br> ssl_certificate_key /etc/ssl/nginx/nginx.key;<br>location /repo1<br> {<br> proxy_pass http://127.0.0.1:8080;<br> auth_basic "Restricted";<br> auth_basic_user_file /etc/hg/nginx/repo1.pass;<br> access_log /var/log/nginx/repo1.hg.example.com.ssl_access_log main;<br> error_log /var/log/nginx/repo1.hg.example.com.ssl_error_log info;<br> }<br>location /repo2<br> {<br> proxy_pass http://127.0.0.1:8080;<br> auth_basic "Restricted";<br> auth_basic_user_file /etc/hg/nginx/repo2.pass;<br> access_log /var/log/nginx/repo2.hg.example.com.ssl_access_log main;<br> error_log /var/log/nginx/repo2.hg.example.com.ssl_error_log info;<br> }<br>}<br>
Consider the section: location / repo1
hg ~ # htpasswd -bc /etc/hg/nginx/repo2.pass test2 testpass2 <br> hg ~ # htpasswd -bc /etc/hg/nginx/repo1.pass test1 testpass1
-b - use the password specified on the command line.
hg ~ # hg init /home/repos/repo1 <br> hg ~ # hg init /home/repos/repo2
We start Nginx teamhg ~ # /etc/init.d/nginx start
Now repo1 and repo2 repositories
[users] - : -. “=”<br>user1=pass1<br>user2=pass2<br>user3=pass3<br> [repos] - <br>repo1<br>repo2<br>repo3<br> [access] - , “,”<br>repo1 = user1 , user2,user3 - user1,user2,user3<br>repo2 = user1,user2 - user1 user2<br>repo3 = user3 - user3<br>
Listing script /usr/local/sbin/hgmkrep.shI also post a link to the working script and the config example: hgmkrep.tar.gz
- #! / bin / bash
- tmphtpass = "/ var / tmp / htpass" # define a temporary password database file
- repohome = "/ home / repos /" # define the root folder for repositories
- hgservepid = "/var/run/hgserver.pid" #pid hg serve
- hgaccesslog = "/var/log/hg_access.log" #access log file for hg server
- domain = "exapmple.com" #tld server name
- confdir = "/ etc / hg /" # define the root folder for configs
- confile = $ {confdir} "repo.cfg" # main config file /etc/hg/repo.cfg
- webconfig = $ {confdir} "web.config" # config for hg server /etc/hg/web.config
- nginxconfig = $ {confdir} "nginx.conf" # config for nginx /etc/hg/nginx.conf
- nginxauthdir = $ {confdir} "nginx /" # folder for password bases for access to repositories
- [ -s $ {confile} ] || echo "where is config file?" # check the presence of the main config
- [ -s $ {confile} ] || exit 0 # grieve if there is no main config
- # parsim section [repos] for repositories
- repos = ` cat $ {confile} | sed '/ ^ $ / d' | sed '/ ^ # / d' | sed 's / \ // g' | awk '/ \ [repos \] / {
- is_repos = 1;
- while (is_repos == 1)
- {if (getline <= 0 || index ($ 0, "[") == 1)
- {is_repos = 0;}
- else
- {print $ 0;}}} ' `
- # Check the availability of folders with repositories and, if necessary, create
- for i in $ {repos}
- do ; [ -d $ {repohome} $ {i} ] || / usr / bin / hg init $ {repohome} $ {i} ; done
- # generate config for hg server
- echo "[web]
- allow_push = *
- push_ssl = false
- [paths] " > $ {webconfig}
- # allow access only to active repositories
- for i in $ {repos}
- do ; echo $ {i} = $ {repohome} $ {i} >> $ {webconfig} ; done
- # reboot hg serve
- [ -a $ {hgservepid} ] && / bin / kill `/ bin / cat $ {hgservepid} ` && rm $ {hgservepid}
- / usr / bin / hg serve -d -A $ {hgaccesslog} -p 8080 -a 127.0.0.1 --pid-file $ {hgservepid} --encoding utf8 --webdir-conf $ {webconfig}
- # create config for nginx
- echo "server
- {
- listen 443;
- server_name hg. " $ {domain} ";
- client_max_body_size 128M;
- ssl on;
- ssl_certificate /etc/ssl/nginx/nginx.pem;
- ssl_certificate_key /etc/ssl/nginx/nginx.key; " > $ {nginxconfig}
- # create lacation for active repositories
- for i in $ {repos}
- do
- echo "location /" $ {i} "
- {
- proxy_pass http://127.0.0.1:8080;
- auth_basic \ " Restricted \" ;
- auth_basic_user_file " $ {nginxauthdir} $ {i} " .pass;
- access_log / var / log / nginx / " $ {i} " .hg. " $ {domain} " .ssl_access_log main;
- error_log / var / log / nginx / " $ {i} " .hg. " $ {domain} " .ssl_error_log info;
- } " >> $ {nginxconfig}
- done
- echo "}" >> $ {nginxconfig}
- # create (reset, just in case) temporary password database
- cat / dev / null > $ {tmphtpass}
- # parsim section of the main config [users]
- # generate passwords for all active users
- cat $ {confile} | sed '/ ^ $ / d' | sed '/ ^ # / d' | sed 's / \ // g' | awk -v passfile = $ tmphtpass ' / \ [users \] / {
- is_users = 1;
- while (is_users == 1)
- {if (getline <= 0 || index ($ 0, "[") == 1)
- {is_users = 0;}
- else
- {split ($ 0, userpass, "="); system ("htpasswd -b" passfile "" userpass [1] "" userpass [2]);}}} '
- # parsim section [access] of the main config
- # and get the list of privileges of the form repo = user1, user2
- access = ` cat $ {confile} | sed '/ ^ $ / d' | sed '/ ^ # / d' | sed 's / \ // g' | awk '/ \ [access \] / {
- is_access = 1; while (is_access == 1)
- {if (getline <= 0 || index ($ 0, "[") == 1)
- {is_access = 0;}
- else
- {print $ 0;}}} ' `
- # check if there is a folder for storing password databases
- [ -d $ {nginxauthdir} ] || mkdir -p $ {nginxauthdir}
- # delete old password database files
- find $ {nginxauthdir} -type f -name * .pass -delete
- # for each repository from the [access] section we generate a personal password database
- for i in $ {access}
- do ; echo $ {i} | sed 's /, / \ | / g' | awk -v tmphtpass = $ {tmphtpass} -v nginxauthdir = $ {nginxauthdir} \
- 'BEGIN {FS = "="} {system ("cat" tmphtpass "| egrep \" "$ 2" \ ">" nginxauthdir "" $ 1 ".pass")}' done
- # restart nginx
- / etc / init.d / nginx restart
- # delete temporary password database file
- rm $ {tmphtpass}
Source: https://habr.com/ru/post/115007/