Installing a mercurial repository on a debian server with apache2

I wrote in my blog a detailed manual on how to create and bring to the web through apache2 my own mercurial repository on the server with debian. Probably suitable for ubunt.

If possible, I will try to update simultaneously in the blog and here, but the blog is more important. Immediately I apologize for the unparsed <code> blocks, on the markdown blog, and then html, the parser does not want to understand the generated html, so ignore <code> and </ code>


')
Task: create and configure a mercurial repository on a debian server with apache2 installed.

It's pretty simple, but there are a few subtle points. All steps are valid for debian lenny and, possibly, for ubuntu (I do not know which version). It is assumed that our repository will be available at hg.example.com/public hg.example.com/public .

Some agreements

• All commands that need to be executed are preceded by either a “ # ” symbol (the command must be executed with superuser rights); or the “ $ ” symbol (the command must be executed with the rights of a regular user).
• All steps are given in the recommended order of execution. Any step can be omitted only if you really understand what you are doing.
• As an editor, vi used everywhere, but of course, you can use any other to your liking.

Installation steps

1. Install mercurial :
   
   

     <code> # aptitude install mercurial
    </ code> 

2. We create a separate user in the system, it is this user who will own the repositories. The user's home directory will be /home/hg .
   
   

     <code> # useradd hg
    # mkdir / home / hg
    # chown hg: hg / home / hg
    </ code> 

3. Login (via sudo su - hg ) under this user. Create a directory for the repository (in our example: /home/hg/repo )
   
   

     <code> $ mkdir / home / hg / repo
    </ code> 

   
   
   and directory for a DocumentRoot virtual host:
   
   

     <code> $ mkdir / home / hg / web
    </ code> 

4. Create a repository directly:
   
   

     <code> $ cd repo
    $ hg init
    </ code> 

   
   
   The repository is created, now you need to configure apache so that you can access it via http.
5. Install apache2 and suexec module:
   
   

     <code> # aptitude install apache2 apache2-suexec
    # a2enmod suexec
    </ code> 

6. Set up a virtual host for the hg.example.com domain. To do this, create a file with the description of the virtual host parameters in the /etc/apache2/sites-available directory:
   
   

     <code> # vi /etc/apache2/sites-available/hg.regolit.com
    </ code> 

   
   
   Create a file with approximately the following content:
   
   

     <code> NameVirtualHost *: 80
    <VirtualHost *: 80>
        ServerName hg.example.com
        DocumentRoot / home / hg / web
        Suxecusergroup hg hg
   
        Alias ​​/ public / var / www / hg-public
        <Directory "/ var / www / hg-public">
            Options execcgi
            DirectoryIndex hgweb.cgi
            AddHandler cgi-script .cgi
            Order allow, deny
            Allow from all
   
            AuthUserFile /home/hg/.hg.htpasswd
            AuthGroupFile / dev / null
            AuthName "public repo"
            AuthType Basic
   
            <LimitExcept GET>
                Require valid-user
            </ LimitExcept>
        </ Directory>
   
    </ Virtualhost>
    </ code> 

   
   
   Turn on the newly created virtual host and restart apache:
   
   

     <code> # a2ensite hg.example.com
    # /etc/init.d/apache2 force-reload
    </ code> 

   
   
   Pay attention to the <LimitExcept GET> block, it means that the password will not be asked when reading the repository (that is, http requests like GET ). If you want to organize a private repository, comment out this block.
7. Now you need to create a script through which the repository will be accessed. The mercurial-common package already has the file we need: /usr/share/doc/mercurial-common/examples/hgweb.cgi . It needs to be copied to the /var/www/hg-public directory and slightly corrected.
   
   

     <code> # mkdir / var / www / hg-public
    # cp /usr/share/doc/mercurial-common/examples/hgweb.cgi / var / www / hg-public /
    # chown -R hg: hg / var / www / hg-public
    # chmod + x /var/www/hg-public/hgweb.cgi
    </ code> 

   
   
   For suexec to work correctly, the script must be in the /var/www directory and its owner / group must be hg (remember the SuexecUserGroup hg hg directive).
8. Open the file /var/www/hg-public/hgweb.cgi in a text editor and edit. Replace:
   
   

     <code> application = hgweb ("/ path / to / repo", "repository name")
    </ code> 

   
   
   on
   
   

     <code> application = hgweb ("/ home / hg / repo", "Our public repo")
    </ code> 

   
   
   The line may look different, but you can easily find it and enter the full path to the created repository (change /path/to/repo to /home/hg/repo ).
9. Now you need to determine what user name will be used for push-actions. In this example, we use the name hg-user :
   
   

     <code> # su - hg
    $ htpasswd -c /home/hg/.hg.htpasswd hg-user
    </ code> 

   
   
   We set some password. Next, you must specify this name directly in the repository settings, for this we create the file /home/hg/repo/.hg/hgrc with the following contents:
   
   

     <code> [web]
    allow_push = hg-user
    push_ssl = false
    </ code> 

10. Done, our online repository has a URL hg.example.com/public hg.example.com/public , hg push is executed under the name hg-user and the password specified in the htpasswd command. Enjoy

A few notes

The process of creating a non-SSL repository is described, for SSL everything is, in principle, the same way, only in the block for a virtual host you need to add directives for SSL.

A separate user is used not to make a mess in the directories of other users.

The script is placed in the /var/www directory for the reason that suexec requires the scripts to be located there.