Latest days I’ve been fighting with installing Redmine (which is a history of it’s self when your new to Ruby and Rails). Finally I’ve managed to migrate from Trac to Redmine which is super sweet. You can manage subversion & git (haven’t tried git yet!) access directly with Redmine by just adding projects members – which is lovely! Since I was still playing with my setup, I tried to setup mercurial – which sadly has no support yet for Redmine’s Redmine.pm apache module. I did some dirty apache tricks using mod_perl so I can manage HG-repository access with a normal htpasswd file and groups.
You can find my scripts over at: https://projects.norrs.no/projects/show/scripts , or you could just use your favorite mercurial client to clone https://www.norrs.no/hg/pub/scripts/apache2
My next goal when I find some time, is to patch Redmine.pm so we can easily maintain mercurial repositories through Redmine too!
For those who are interested, you can read more to also fetch my apache2 virtual host config which should make it more simple for you to setup and see as an example 
<VirtualHost 158.38.48.16:80>
ServerAdmin use_contact@page
DocumentRoot /var/websites/norrs.no/public_html/
ServerName norrs.no
ServerAlias www.norrs.no
ErrorLog /var/log/apache2/error-norrs.no.log
TransferLog /var/log/apache2/access-norrs.no.log
<Directory /var/websites/norrs.no/public_html>
</Directory>
# Redirects to secure area.
RewriteEngine On
RewriteRule ^/hg$ https://www.norrs.no/hg/pub$1 [R]
RewriteRule ^/hg/$ https://www.norrs.no/hg/pub/$1 [R]
RewriteRule ^/hg/(.*)$ https://www.norrs.no/hg/$1 [R]
RewriteRule ^/svn/(.*)$ https://www.norrs.no/svn/$1 [R]
RewriteRule ^/p/(.*)$ https://www.norrs.no/p/$1 [R]
</VirtualHost>
<VirtualHost 158.38.48.16:443>
ServerAdmin use_contact@page
DocumentRoot /var/websites/norrs.no/public_html/
ServerName www.norrs.no
ServerAlias norrs.no
SSLEngine on
SSLCertificateFile /etc/ssl/geekrevolution/certs/ssl.geekrevolution.net-cert.pem
SSLCertificateKeyFile /etc/ssl/geekrevolution/private/ssl.geekrevolution.net-key.pem
SSLCertificateChainFile /etc/ssl/geekrevolution/cacert.pem
ErrorLog /var/log/apache2/error-norrs.no.log
TransferLog /var/log/apache2/access-norrs.no.log
<Directory /var/websites/norrs.no/public_html>
</Directory>
# Redirects
RewriteEngine on
RewriteRUle ^/hg/$ https://www.norrs.no/hg/pub/$1 [R]
RewriteRUle ^/hg$ https://www.norrs.no/hg/pub$1 [R]
PerlRequire /usr/lib/apache2/Redmine.pm
Alias /svn /home/projects
<Location /svn>
DAV svn
SVNParentPath "/home/projects/svn"
AuthType Basic
AuthName "Projects at norrs.no"
Require valid-user
PerlAccessHandler Apache::Authn::Redmine::access_handler
PerlAuthenHandler Apache::Authn::Redmine::authen_handler
## for postgres
PerlSetVar dsn "DBI:Pg:dbname=xxxxx;host=localhost"
PerlSetVar db_user "xxxxxxxxx"
PerlSetVar db_pass "xxxxxxxxxx"
## for mysql
#RedmineDSN "DBI:mysql:database=databasename;host=my.db.server"
</Location>
# a private location in read only mode to allow Redmine browsing
<Location /p/redmine/svn>
DAV svn
SVNParentPath "/home/projects/svn"
Order deny,allow
Deny from all
# only allow reading orders
<Limit GET PROPFIND OPTIONS REPORT>
Allow from 127.0.0.1
Allow from 158.38.48.16
</Limit>
</Location>
# This could be droped, will keep it for when working on my next goal..
ScriptAlias /p/redmine/hg/pub /var/hg/hgweb/pub/hgwebdir.cgi
<Location /p/redmine/hg/pub>
DirectoryIndex hgwebdir.cgi
AddHandler cgi-script .cgi
Options ExecCGI
Options +FollowSymLinks
Order deny,allow
Deny from all
<Limit GET PROPFIND OPTIONS REPORT>
Allow from 127.0.0.1
Allow from 158.38.48.16
</Limit>
</Location>
# This could be droped, will keep it for when working on my next goal..
ScriptAlias /p/redmine/hg/priv /var/hg/hgweb/priv/hgwebdir.cgi
<Location /p/redmine/hg/priv>
DirectoryIndex hgwebdir.cgi
AddHandler cgi-script .cgi
Options ExecCGI
Options +FollowSymLinks
Order deny,allow
Deny from all
AuthType Basic
AuthName "Private repositories for norrs.no"
AuthUserFile /etc/hg/users
require valid-user
# Could limit to a system bot.. for redmine..
<Limit GET PROPFIND OPTIONS REPORT>
Allow from 127.0.0.1
Allow from 158.38.48.16
</Limit>
</Location>
ScriptAlias /hg/pub /var/hg/hgweb/pub/hgwebdir.cgi
<Directory /var/hg/hgweb/pub>
DirectoryIndex hgwebdir.cgi
AddHandler cgi-script .cgi
Options ExecCGI
Options +FollowSymLinks
Order allow,deny
Allow from all
</Directory>
ScriptAlias /hg/priv /var/hg/hgweb/priv/hgwebdir.cgi
<Directory /var/hg/hgweb/priv>
DirectoryIndex hgwebdir.cgi
AddHandler cgi-script .cgi
Options ExecCGI
Options +FollowSymLinks
Order allow,deny
Allow from all
AuthType Basic
AuthName "Private repositories for norrs.no"
AuthUserFile /etc/hg/users
require valid-user
</Directory>
# public hg restrictions when it comes to push. Need to be in project group
# to push.
<Perl>
#!/usr/bin/perl
my $location = "/hg/pub";
my $hg_url = "norrs.no/hg/pub";
my $repos_path = "/var/hg/repos/pub";
my $auser = "/etc/hg/users";
my $agroups = "/etc/hg/groups";
my $debug = 0;
my $repos = `find $repos_path/ -name .hg`;
$repos =~ s/^$repos_path\/(.+)\/\.hg/$1/mg;
my @tmp = split("\n",$repos);
foreach (@tmp) {
if ($debug) {print "Found HG-repo: $_\n";}
$Location{"$location/$_"} = {
AuthType => "Basic",
AuthName => "\"HG authentification for $_ @ $hg_url\"",
AuthUserFile => $auser,
AuthGroupFile => $agroups,
Limit => {
"POST PUT" => {
require => "group $_",
}
},
};
}
__END__
</Perl>
# private hg restriction, need to be in project group to be able to view and push.
<Perl>
#!/usr/bin/perl
my $location = "/hg/priv";
my $hg_url = "norrs.no/hg/priv";
my $repos_path = "/var/hg/repos/priv";
my $auser = "/etc/hg/users";
my $agroups = "/etc/hg/groups";
my $debug = 0;
my $repos = `find $repos_path/ -name .hg`;
$repos =~ s/^$repos_path\/(.+)\/\.hg/$1/mg;
my @tmp = split("\n",$repos);
foreach (@tmp) {
if ($debug) {print "Found HG-repo: $_\n";}
$Location{"$location/$_"} = {
AuthType => "Basic",
AuthName => "\"HG authentification for $_ @ $hg_url\"",
AuthUserFile => $auser,
AuthGroupFile => $agroups,
Require => "group $_",
};
}
__END__
</Perl>
</VirtualHost>
<VirtualHost 158.38.48.16:443>
ServerAdmin use_contact@page
ServerName projects.norrs.no
ProxyPreserveHost On
ProxyPass / http://localhost:3000/
ProxyPassReverse / http://localhost:3000/
<Proxy http://localhost:3000>
Order allow,deny
Allow from all
</Proxy>
ErrorLog /var/log/apache2/error-norrs.no.log
TransferLog /var/log/apache2/access-norrs.no.log
</VirtualHost>
<VirtualHost 158.38.48.16:80>
ServerAdmin use_contact@page
ServerName projects.norrs.no
Redirect permanent / https://projects.norrs.no/
</VirtualHost>
<VirtualHost 158.38.48.16:80>
ServerAdmin use_contact@page
DocumentRoot /var/websites/planet.norrs.no/public_html/
ServerName planet.norrs.no
ErrorLog /var/log/apache2/error-norrs.no.log
TransferLog /var/log/apache2/access-norrs.no.log
<Directory /var/websites/planet.norrs.no/public_html>
</Directory>
</VirtualHost>
0 Responses
Stay in touch with the conversation, subscribe to the RSS feed for comments on this post.