I switched from a single Mercurial repository configuration (cf previous post) to one-per-project-so-multiple-repositories on my Synology.
All my projects would be stored on NAS, located under a specific directory /volume1/repos , and browsable through internet at http://diskstation/hg
I was using ssh until now but someone suggested an hg web configuration: so, basically we are going to configure the native Apache web server to allow Mercurial transactions *and repositories browsing* via http/https.
This is how i did it, the 'minimal Apache fuss' way, dealing with a dedicated web directory via .htaccess/.htpasswd files: it's far from perfect, security speaking, as it does not follow every Apache recommendations.
Sorry, but i didn't want to cripple this How-To with too much external considerations.
Sorry, but i didn't want to cripple this How-To with too much external considerations.
1) Requirements:
- being able to telnet into your synology box
- being able to ipkg packages
- having mercurial installed
- having nano installed, or mastering vi
Note:
- to edit text files, install nano with ipkg install nano
- if you're editing files into windows through shared directories (using pspad ?) dont forget to save files the unix way (CR). Or Apache will fail @ parsing them.
2) Enable Web Service on Synology:
- using synology control panel (http://diskstation:5000), enable web services, and enable https
Apache web service should now be 'live', and you should have a new 'web' shared directory in /volume1/web or /var/services/web (both paths are identical).
3) Creating a directory of Repositories (with correct credentials):
- telnet into your diskstation, and type
mkdir /volume1/repos/hg
chown -R nobody:users /volume1/repos
hgweb/apache would have problems to access repos otherwise (Error: abort: HTTP Error 500: Permission denied: .hg/store/lock), as processes are spawned with nobody:users credentials (check this with 'ps', looking at httpd processes group and user).
could be good to create a shared repos/ directory (via syno control panel).
- now create a /volume1/repos/hg/test repository, type :
cd /volume1/repos/hg
hg init test
cd test
nano test.txt (write some and save)
hg add test.txt
hg commit -u yourname -m first
- create a /volume1/web/hg subdirectory
cd /volume1/web
mkdir hg
4) Time for Script and Config
- create a .htaccess file to allow script executions in /volume1/web/hg/.htaccess
cd /volume1/web/hg (or cd /var/services/web/hg)
nano .htaccess
(.htaccess is an Apache config file specifying options for this specific directory)
Then, to password access /volume1/web/hg/:
nano .htpasswd
(.htaccess is an Apache config file specifying options for this specific directory)
- insert this:
AddHandler cgi-script .cgiIn this directory, Apache is allowed to execute cgi scripts and will protect access with login/passwords. If you don't want a password protected directory, erase all but the two first lines.
Options +FollowSymLinks +ExecCGI
AuthUserFile /var/services/web/hg/.htpasswd
AuthName "Protected Access"
AuthType Basic
Require valid-user
Then, to password access /volume1/web/hg/:
- create a .htpasswd file in /volume1/web/hg/ to store login info
nano .htpasswd
- insert login:crypted_password entries (such as johndoe:ES7PtTtC.vd8E) for each user you need an access for. As Synology does not embed htpasswd command, use http://www.xs4all.nl/~remcovz/htpasswd.html to generate them. For those who do not trust websites that generate passwords (like Mike) download the htpasswd generator form apachefriends inside xampp apache bin bundle http://sourceforge.net/projects/xampp/files/ (thx Mike).
now, get and modify the Mercurial web cgi script (into /volume1/web/hg)
- get mercurial hgweb.cgi from there or via
cd /volume1/web/hg
wget http://www.selenic.com/repo/hg-stable/raw-file/7cf258b2d0cc/hgweb.cgi
wget http://www.selenic.com/repo/hg-stable/raw-file/7cf258b2d0cc/hgweb.cgi
- rename it into index.cgi
mv hgweb.cgi index.cgi
- flag this python script as executable, and assign credentials (thx anon)
chmod u+x index.cgi
chown -R nobody:users index.cgi
chown -R nobody:users index.cgi
- create a symbolic link to your favorite python executable:
ln /opt/bin/python2.6 /opt/bin/python
- change /volume1/web/hg/index.cgi first line to:
#!/opt/bin/python
- change in index.cgi (thx Mike):
config = "/var/services/web/hg/hgweb.config"
- create hgweb config file in /volume1/web/hg/hgweb.config
- write
[collections]
/volume1/repos/hg = /volume1/repos/hg
this config file is parsed by hgweb.cgi (now index.cgi), and will allow it to scan the whole directory to build the repository list. They are other options to play with.5?) Optionally, error feedbacks from Apache:
- edit apache config /usr/syno/apache/conf/httpd.conf-user
nano /usr/syno/apache/conf/httpd.conf-user
- to get log informations, change the line
ErrorLog /dev/null
into
ErrorLog /var/log/httpd-error-user.log
- save and restart apache
/usr/syno/etc.defaults/rc.d/S97apache-user.sh restart
- then, to access apache log
cat /var/log/httpd-error-user.log|more
Final notes:
You should be able to browse your repos via http://diskstation/hg, http://diskstation/hg/index.cgi/test or https://diskstation/hg/index.cgi/test
Use the latter two to pull/push changes from/into other repos.
Mercurial pushes are only allowed through https: it's possible to change this behavior in hgweb.config. Otherwise, dont forget to open your router to port 443 transactions.
Mercurial pushes are only allowed through https: it's possible to change this behavior in hgweb.config. Otherwise, dont forget to open your router to port 443 transactions.
And yes it's working: i'm using it every day :)
With Redmine. Next post should be totally about RedMine.
References:
9 comments:
I tried this but it doesn't seem to work for me. I have run it all step by step. the only line that confused me is:
and edit index.cgi first line to address your /obt/bin/python
I edited this line to say:
#!/obt/bin/python python
should it be?
#!/obt/bin/python
When i try to do to the web page i get the default synology missing page error.
additionally should we change
config = "path/to/blah blah blah" to
config = "/volume1/web/hg/hgweb.config"
?
My email is jmerkow.at.gmail.com any help would be awesome
hi,
it is
#!/opt/bin/python-2.6
To fix that Apache error, you need to:
chown -R nobody:users /volume1/web/hgweb/
where hgweb is the directory of the website where index.cgi is located.
I've run into another problem with the Hg. For some reason, I keep running into this error when pushing an especially large changeset.
HTTP Error 500: No space left on device
I have PLENTY of space left. I googled this and tried using the solution I found online. But it doesn't seem to work.
Have you come across this problem? Potentially have a fix for the synology NAS.
Fantastic!!! Thx
in the manual change from to:
chown -R nobody:users
chown -R nobody:users index.cgi
in the manual add:
change in index.cgi:
config = "/var/services/web/hg/hgweb.config"
for those who do not trust websites that generate passwords (like me) download the htpasswd generator form apachefriends inside xampp apache bin bundle http://sourceforge.net/projects/xampp/files/
Thx for your time Mike, i inserted all your remarks into the manual :)
You should use the -s option for ln, because the default behavior would create an hard link.
Thanks so much! That note about linux CR was also helpful. I use mercurial at work, which is configured differently, and have been pulling out my hair trying to get this to work on my synology box.
This doesn't work anymore. No matter what I do, the .cgi file won't run, always returning an error 500. I checked the .htaccess file a thousand times.
Apache 2.4 is installed through Synology's package manager (and Web Station is set to use it), but /usr/syno/apache/ doesn't exist.
Post a Comment