From 61dff648826303a902d35f9dd641f0a8d501cbc0 Mon Sep 17 00:00:00 2001 From: Jason Phan Date: Mon, 2 Nov 2020 12:37:32 -0600 Subject: Update hg.sr.ht installation/config pages --- hg.sr.ht/configuration.md | 58 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 58 insertions(+) create mode 100644 hg.sr.ht/configuration.md (limited to 'hg.sr.ht/configuration.md') diff --git a/hg.sr.ht/configuration.md b/hg.sr.ht/configuration.md new file mode 100644 index 0000000..dcdaeac --- /dev/null +++ b/hg.sr.ht/configuration.md @@ -0,0 +1,58 @@ +--- +title: hg.sr.ht Configuration +--- + +This document covers the configuration process for hg.sr.ht. + +# Cronjobs + +- `hgsrht-periodic`: The recommended configuration is + `*/20 * * * * hgsrht-periodic`. +- `hgsrht-clonebundles` (optional): It is recommend to run this job daily. + +# Storage + +## Repository + +
+ Note: If hg.sr.ht was installed in a package, you may skip + this section. +
+ +As a repository hosting service, hg.sr.ht requires a place for storing +repositories (we recommend `/var/lib/hg/`). It also requires a `hg` user who +has ownership over the repository storage location. + +# SSH Dispatch + +At the moment, hg.sr.ht uses git.sr.ht's SSH dispatcher, which you need to set +up as the system-wide SSH authorization hook. See git.sr.ht's [Configuration +page](/git.sr.ht/configuration.md) for more information. + +Once this is done, you need to make the hg.sr.ht authorization hook be part of +the SSH dispatching, via the `hgsrht-keys` and `hgsrht-shell` scripts. See the +`[dispatch]` section of your hg.sr.ht configuration for more details. + +Authorization logs are written to `hg-srht-shell`. + +# HTTP(S) Cloning + +hg.sr.ht does not do HTTP(S) cloning for you, so you'll need to set it up +yourself in Nginx. Here's an example Nginx configuration: + +```nginx +location = /authorize { + proxy_pass http://127.0.0.1:5001; + proxy_pass_request_body off; + proxy_set_header Content-Length ""; + proxy_set_header X-Original-URI $request_uri; +} + +location ~ ^/[~^][a-z0-9_]+/[a-zA-Z0-9_.-]+/\.hg.*$ { + auth_request /authorize; + root /var/lib/mercurial; +} +``` + +It is important that you set up the `/authorize` endpoint to enforce the +privacy of private repositories. -- cgit