Feb 192011
My last post about Mercurial left us with Mercurial server listening to https-only requests. This is probably best solution security-wise but there might be valid reasons for having it on http also (e.g. performance within local network).
Solution lies in editing “/etc/apache2/sites-available/hg” to have two configurations – one for http and one for https:
NameVirtualHost *:80 NameVirtualHost *:443 <VirtualHost *:80> ServerAdmin webmaster@localhost DocumentRoot /srv/hg/cgi-bin <Directory "/srv/hg/cgi-bin/"> SetHandler cgi-script AllowOverride None Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch Order allow,deny Allow from all </Directory> ErrorLog /var/log/apache2/hg.log <Location /> AuthType Basic AuthName "Mercurial" AuthUserFile /srv/hg/.htpasswd Require valid-user </Location> RewriteEngine on RewriteRule (.*) /srv/hg/cgi-bin/hgweb.cgi/$1 </VirtualHost> <VirtualHost *:443> ServerAdmin webmaster@localhost DocumentRoot /srv/hg/cgi-bin <Directory "/srv/hg/cgi-bin/"> SetHandler cgi-script AllowOverride None Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch Order allow,deny Allow from all </Directory> ErrorLog /var/log/apache2/hg.log <Location /> AuthType Basic AuthName "Mercurial" AuthUserFile /srv/hg/.htpasswd Require valid-user </Location> RewriteEngine on RewriteRule (.*) /srv/hg/cgi-bin/hgweb.cgi/$1 SSLEngine on SSLOptions +StrictRequire SSLCertificateFile /srv/hg/https.crt SSLCertificateKeyFile /srv/hg/https.key </VirtualHost>
After quick Apache restart your Mercurial will answer both http and https requests.