Ubuntu Server 安装 Mercurial + UWSGI + Nginx + HTTPS

安装所需的软件

Python

首先安装 Python.

apt-get install python

安装 python-software-properties - 最简单的方式是加入PPA 🙂

apt-get install python-software-properties

安装完后,你可以通过下面的命令添加PPA.

add-apt-repository ppa:xxx/yyy

Mercurial

为最新版的 mercurial 添加第三方 PPA:

add-apt-repository ppa:mercurial-ppa/stable-snapshots
apt-get update
apt-get install mercurial

Nginx

从第三方 PPA 安装 Nginx.

add-apt-repository ppa:nginx/stable
apt-get update
apt-get install nginx

uwsgi-python

安装 uwsgi-python 为 python application server.

add-apt-repository ppa:uwsgi/release
apt-get update
apt-get install uwsgi-python

配置

安装完软件后进行下一步 - 配置.

首先, 查看一下本指南中使用的目录结构.

/var/www/hosts/hg.server.net/conf    #配置文件
/var/www/hosts/hg.server.net/logs    #日志目录
/var/www/hosts/hg.server.net/repos   #版本库目录

Mercurial + uwsgi

创建 UWSGI-application/etc/uwsgi-python/apps-available/hgweb.xml:

hgweb.xml

<uwsgi>
    <socket>/var/run/uwsgi.hgweb.sock</socket>
    <master/>
    <workers>2</workers>
    <![CDATA[
     import uwsgi
     import os

     os.environ["HGENCODING"] = "UTF-8"

     from mercurial import demandimport; demandimport.enable()
     from mercurial.hgweb.hgwebdir_mod import hgwebdir

     application = hgwebdir('/var/www/hosts/hg.server.net/conf/hgweb.config')
 ]]>
</uwsgi>

需要注意的是,在第14行你需要修改hgweb config的路径.

创建文件/var/www/hosts/hg.server.net/conf/hgweb.config:

hgweb.config

[web]
push_ssl = true
allow_push = *
style = gitweb
allow_archive = gz, zip, bz2

[collections]
/var/www/hosts/hg.server.net/repos/ = /var/www/hosts/hg.server.net/repos/

在最后一行，你需要修改版本库目录.

现在,我们可以查看uwsgi server如何工作. 为了测试, 将hgweb.xml文件中<socket>/var/run/uwsgi.hgweb.sock</socket>修改为<socket>127.0.0.1:3031</socket>并运行:

uwsgi-python -x /etc/uwsgi-python/apps-available/hgweb.xml

如果一切OK,可以访问http://127.0.0.1:3031/去查看版本库列表. 如果结果正确, 还原 hgweb.xml 并 创建软链接至/etc/uwsgi-python/apps-enabled:

ln -s /etc/uwsgi-python/apps-{available,enabled}/hgweb.xml

Nginx

用 htpasswd 工具创建 auth 认证文件

htpasswd -c /var/www/auth/.htpasswd <username>

创建 nginx 配置文件 /etc/nginx/sites-available/hg.server.net

hg.server.net

server {
  listen               443;
  listen               80;
  server_name          hg.server.net;

  ssl                  on;
  ssl_protocols        SSLv3 TLSv1;
  ssl_certificate      /var/www/hosts/hg.server.net/ssl/ssl_certificate.crt;
  ssl_certificate_key  /var/www/hosts/hg.server.net/ssl/ssl_certificate.key;

  root                 /var/www/hosts/hg.server.net/www;
  access_log           /var/www/hosts/hg.server.net/logs/access.log;
  error_log            /var/www/hosts/hg.server.net/logs/error.log;

  # Need for very big files
  client_max_body_size 100m;

  if ( $scheme = "http" ) {
      rewrite ^/(.*)$  https://$host/$1 permanent;
  }

  location / {
      auth_basic                  "Mercurial Repository";
      auth_basic_user_file        /var/www/auth/.htpasswd;
      include     uwsgi_params;
      uwsgi_param REMOTE_PORT     $remote_port;
      uwsgi_param SERVER_PORT     $server_port;
      uwsgi_param SERVER_PROTOCOL $server_protocol;
      uwsgi_param UWSGI_SCHEME    $scheme;
      uwsgi_param SCRIPT_NAME     /;
      uwsgi_param AUTH_USER       $remote_user;
      uwsgi_param REMOTE_USER     $remote_user;
      uwsgi_pass  hgweb;
  }

  location /static/ {
      rewrite       /static/(.*)  /$1 break;
      root          /usr/share/mercurial/templates/static;
      expires 30d;
  }

  location ~ /\. {
      deny all;
  }
}

upstream hgweb {
  server unix:/var/run/uwsgi.hgweb.sock;
}

在/etc/nginx/sites-enabled目录中给 config 配置文件创建软链接:

ln -s /etc/nginx/sites-{available,enabled}/hg.server.net

启动服务:

service uwsgi-python start
service nginx start

在浏览器中打开http://hg.server.net/. 如果一切正常,你会看到版本库列表. 如果出现错误请检查设置.

现在我们可以设置所有服务自动启动.

在启动时自动启动服务

配置必须的服务在启动时自动运行:

update-rc.d uwsgi-python defaults
update-rc.d nginx defaults

现在. 你可以重启并检查是否工作正常.