PublishRepositoriesOnNginx

This is a solution I found for hosting personal projects. I already was using Nginx, didn't want to mess with (Fast)CGI, but still wanted some basic authentication for pushing. This method allows repositories to be served using hg serve, and then be cloned and accessed via the web interface anonymously, but HTTP authentication is required for pushing.

Configuring Nginx

The first step is to configure Nginx.

server {
    listen      80;
    server_name <your-server-name>;    # standard stuff
    access_log  /path/to/access/log;
    error_log   /path/to/error/log;

    location / {
        limit_except GET { # do this for all requests but GETS
            auth_basic           "Restricted";
            auth_basic_user_file /path/to/htpasswd/file;
        }

    proxy_pass http://localhost:8000; # or wherever hg serve is running
}

Configure htpasswd

cd into the root directory of your repos (i.e. /var/hg/repos), and run htpasswd -c htpasswd <user-name> and supply a password. If you want to give a new user commit rights, simply cd back to that directory and run htpasswd <user-name>.

Now run hg serve as normal, and you should be able to access the web interface and clone the repository with no authentication, but to push to the central repository you need to have a user name and password from the htpasswd file.