Setting up mercurial with HTTP authentication - Windows
This page describes a complete set of steps for installing hg as a windows service, along with nginx for HTTP proxy authentication. As it is, it is most appropriate for intranet configurations but by adding HTTPS to the mixture, the world is your sea food...
Wish list:
- We use mercurial in "hg serve" mode
- For HTTP authentication, we use nginx
- For nginx/hg windows service integration, we use “Windows Service Wrapper” (winsw)
1. Download necessary files
“Windows Service Wrapper” - http://maven.dyndns.org/2/com/sun/winsw/
- nginx windows binary
- mercurial windows binary
2. Configuration
- Unzip nginx in c:\nginx
- Copy winsw-1.9-bin.exe in c:\nginx and rename to nginx-service.exe
- Create file nginx-service.xml with the following contents:
<service> <id>nginx</id> <name>nginx</name> <description>nginx</description> <executable>c:\nginx\nginx.exe</executable> <logpath>c:\nginx\servicelogs</logpath> <logmode>roll</logmode> <depend>Mercurial</depend> <startargument>-p c:\nginx</startargument> <stopargument>-p c:\nginx -s stop</stopargument> </service>
- Configure nginx with the following setup (save as c:\nginx\nginx.conf). We assume port 5000 for intranet usage, hg will run at port 5500 locally only.
server { listen 5000; server_name mis-srv; access_log logs/mis-srv.access.log; error_log logs/mis-srv.error.log; location / { auth_basic "Mercurial restricted"; auth_basic_user_file passwd; proxy_pass http://localhost:5500; } }
Create a password file at conf\passwd WARNING: On Windows, the passwd file can only contain plaintext passwords1. Sample passwd file:
test:testpass
- Install mercurial binary
- Create directory for mercurial installation as a service, at c:\nginx\hg
- Copy winsw-1.9-bin.exe in c:\nginx and rename to hg-service.exe
- Create file hg-service.xml with the following contents:
<service> <id>Mercurial</id> <name>Mercurial</name> <description>Mercurial</description> <executable>cmd.exe</executable> <logpath>c:\nginx\hg\servicelogs</logpath> <logmode>roll</logmode> <depend></depend> <startargument>/c "c:\nginx\hg\hg-run start"</startargument> <stopargument>/c "c:\nginx\hg\hg-run stop"</stopargument> </service>
Because winsw has a limitation where a single executable is assumed to start and stop the service, we need to use an intermediate .bat file to simulate this behaviour. Also note that we bind hg.exe to localhost only, so port 5500 will not be directly accessible outside our server.
- Create file hg-run.bat with the following contents:
@echo off if "%1"=="start" (goto :start) :stop taskkill /F /IM hg.exe /T goto :end :start "c:\Program Files\Mercurial\hg.exe" serve --address localhost --port 5500 --web-conf c:\nginx\hg\hgweb.conf :end
- Create file hgweb.conf with the following contents:
[web] push_ssl = false allow_push = * [paths] test = c:\nginx\hg\repository\test
- Install services, by starting a command line, cd-ing to c:\nginx and executing the following commands:
c:\nginx> nginx-service install c:\nginx> hg-service install
And that's all!
3. Troubleshooting
If you have failed in starting services, check following items.
hg-service.*, nginx-service.* and serviceslogs\ (create it) should be in c:\nginx\
hg-run.bat, hgweb.conf and servicelogs\ (create it) should be in c:\nginx\hg\
nginx.conf should be in c:\nginx\conf\. You don't need to create it. Just edit the existing file.
Actually, it's not true. Create and copy .htpasswd from *nix machine, or use Htpasswd Generator for Windows, or use htpasswd.exe from Apache HTTP Server installation. (1)