![simple hg server ip simple hg server ip](https://s1.eestatic.com/2020/11/18/actualidad/Actualidad_536958525_165384507_1024x576.jpg)
Issue the following command to enable the service to have it start automatically when your computer starts. Systemd services are not enabled by default. Read the section Port Forwarding below to understand why I decided on this method. This is in place to create an iptables port forward from 80 to 8080. One weird aspect of the service file is the ExecStartPre directive. Protects against vulnerabilities such as CVE-2016-8655 RestrictAddressFamilies = AF_INET AF_INET6 AF_UNIX WantedBy = multi-user.target PrivateDevices = true # Required for dropping privileges and running as a different user CapabilityBoundingSet = CAP_SETGID CAP_SETUID CAP_SYS_RESOURCE CAP_NET_BIND_SERVICE # Restricts the set of socket address families accessible to the processes # of this unit.
#Simple hg server ip full
ProtectSystem = full # Ensures that the service process and all its children can never gain new # privileges NoNewPrivileges = true # Sets up a new /dev namespace for the executed processes and only adds API # pseudo devices such as /dev/null, /dev/zero or /dev/random (as well as # the pseudo TTY subsystem) to it, but no physical devices such as /dev/sda. PrivateTmp = true # Mounts the /usr, /boot, and /etc directories read-only for processes # invoked by this unit. Description = mercurial web service After = network-online.target Type = simple ExecStartPre = +iptables -t nat -A OUTPUT -p tcp -d 127.100.0.1 -dport 80 -j DNAT -to 127.100.0.1:8080 ExecStart = /usr/bin/hg serve -web-conf /etc/nf Restart = on-failure WorkingDirectory = /var/repos User = hg # Set up a new file system namespace and mounts private /tmp and /var/tmp # directories so this service cannot access the global directories and # other processes cannot access this service's directories. You can use any directory, partition, etc, as long as it’s available when your computer (or server) boots, or more specifically before the systemd service loads. I mounted a hard-drive to /var/repos using fstab. The idea is that you’ll only interact with these repositories through the mercurial server. Create Repository Directoryįirst, you’ll want to create a directory that will hold all of your repositories. Step by Step Mercurial Hostingīelow are the steps to create the same Mercurial hosting I have been using for the past month. At that point, I would probably use SSH in addition to HTTP. In the future, if I have a dedicated server in my office, I will add authentication which is outlined below in the “Authentication” section. Adding authentication wouldn’t have added any additional security compared to having the local files on my computer. The mercurial server is bound to a loopback IP address making it only available to my pc. The repositories are hosted on the same computer I develop on, which allowed me to skip adding authentication. Essentially, all I needed was to run hg serve all the time, which is what I did.
#Simple hg server ip code
I didn’t need bug tracking, code review, or anything fancy. Needed access from a single computer (which let me omit authentication).Accessible through a URL to easily pull dependencies.Hopefully, you will find it useful or the post at least gives you some ideas. I needed a local mercurial hosting option.