Issue with https mercurial push
David Kalliecharan
davidkallie at gmail.com
Mon Feb 13 15:08:23 UTC 2017
Hi Don, and Andrew!
Thanks for your help! I forgot to hit reply all in my last e-mail!
I solved the issue, turns out it was http and https being blocked on the
internal network due to the firewall!
Trying out `hg serve` would just timeout, not even push or communicate on
the internal network. When I looked at my config and realized I was
blocking port 80 and 403 internally, unblocked them, and it works (even
nginx). I had recently upgraded the server and set up a new firewall months
ago, and forgot about it's settings.
Cheers!
On Mon, Feb 13, 2017 at 10:25 AM, Don Wills <don.wills at portablesoftware.com>
wrote:
> This might be relevant. We had one work-at-home person using a private hg
> repo on a host at a commercial provider. hg access was via ssh, using
> either the Eclipse plugin and command line tools. Unbeknownst to all, at
> some point in time, IPv6 connectivity was established between the user's
> home location and the server containing the repo. Performance of push and
> pull went from one second to a few minutes. Adding this line:
> AddressFamily inet
> to a configuration file fixed the problem by forcing use of IPv4 only.
>
> On Feb 13, 2017, at 7:47 AM, Andrew Fischer <andrew at apastron.co> wrote:
>
> While I am not sure what your problem is, as I have never run into an
> issue like this, I do run hgweb on uwsgi served behind nginx. It's been
> trouble free for years, so I'll post my configs (old though they may be)
> and maybe something will help. It almost sounds to me like uwsgi isn't
> getting a return code passed back properly to nginx.
>
> Also, it's worth verifying that the user uwsgi runs as has proper
> permissions on all parts of the hg repo being served. I have been burned by
> that before.
>
> My configs:
>
> ============
> START: nginx.conf
> ============
> server {
> #SSL, AUTH, ROOT, ETC
>
> # Larger timeouts for hg
> keepalive_timeout 120s;
> send_timeout 120s;
> client_body_timeout 120s;
>
> # Disabled, you may push any size
> client_max_body_size 0;
>
> # Mercurial repositories are handled by uwsgi
> location / {
> include uwsgi_params;
> uwsgi_pass unix:///run/uwsgi/hg.sock;
> uwsgi_param SCRIPT_NAME /;
>
> uwsgi_param AUTH_USER $remote_user;
> uwsgi_param REMOTE_USER $remote_user;
>
> uwsgi_param HTTPS on;
> }
>
> # Catch static mercurial webserver files
> location /static/ {
> rewrite /static/(.*) /$1 break;
> root /usr/lib/python2.7/site-packages/mercurial/templates/
> static/;
> expires 30d;
> }
> }
>
> ============
> END: nginx.conf
> ============
>
> ============
> START: uwsgi.ini
> ============
>
> [uwsgi]
> plugins = python2
> uid = http
> gid = http
> socket = /run/uwsgi/hg.sock
> master = true
> processes = 4
> buffer-size = 32786
> pythonpath = /srv/http/nginx/https/hg
> module = hgweb
> pidfile = /run/uwsgi/hg.pid
> logto = /var/log/hg.log
>
> ============
> END: uwsgi.ini
> ============
>
> =================
> START: hgweb.config
> =================
>
> [collections]
> /srv/http/nginx/https/hg/repository = /srv/http/nginx/https/hg/repository
>
> =================
> END: hgweb.config
> =================
>
>
> On Sat, Feb 11, 2017 at 9:39 PM, David Kalliecharan <davidkallie at gmail.com
> > wrote:
>
>> Hello!
>>
>> I have been having issues with `hg push` over HTTPS and get timeouts. My
>> setup is using nginx with uwsgi and hgweb.wsgi. The push times out, but the
>> push actually succeeds, but will not return until the timeout finishes,
>> which is annoying. Checking hg out after or the server side repo shows the
>> push in fact happened.
>>
>> A lot of people mention the use of a huge repo, but here I am using a
>> test repo with 1 file in it, and still to no avail.
>>
>> I have been filtering through the internet, trying to find solutions to
>> this problem as best as I could.
>>
>> hg pull, in, out works just fine, all features work with ssh just fine as
>> well.
>>
>> All directories have the same group and user for both nginx and uwsgi
>>
>> The web frontend works just fine.
>>
>> Any help would be greatly appreciated! Thanks
>>
>> Here is the relevant information I can provide:
>>
>> =================
>> START: hg --debug -vv push
>> =================
>> using ca certificates from certifi
>> using /usr/local/lib/python2.7/site-packages/certifi/cacert.pem for C
>> query 1; heads
>> sending batch command
>> searching for changes
>> all remote heads known locally
>> preparing listkeys for "phases"
>> sending listkeys command
>> received listkey for "phases": 15 bytes
>> checking for updated bookmarks
>> preparing listkeys for "bookmarks"
>> sending listkeys command
>> received listkey for "bookmarks": 0 bytes
>> sending branchmap command
>> sending branchmap command
>> preparing listkeys for "bookmarks"
>> sending listkeys command
>> received listkey for "bookmarks": 0 bytes
>> 1 changesets found
>> list of changesets:
>> d9bf739880c552856c6184f514aad5e127429565
>> bundle2-output-bundle: "HG20", 4 parts total
>> bundle2-output-part: "replycaps" 155 bytes payload
>> bundle2-output-part: "check:heads" streamed payload
>> bundle2-output-part: "changegroup" (params: 1 mandatory) streamed pay
>> bundle2-output-part: "pushkey" (params: 4 mandatory) empty payload
>> sending unbundle command
>> sending 938 bytes
>> bundle2-input-bundle: with-transaction
>> bundle2-input-part: "reply:changegroup" (advisory) (params: 0 advisord
>> bundle2-input-part: "output" (advisory) (params: 0 advisory) supporte
>> bundle2-input-part: total payload size 100
>> remote: adding changesets
>> remote: adding manifests
>> remote: adding file changes
>> remote: added 1 changesets with 1 changes to 1 files
>> bundle2-input-part: "reply:pushkey" (params: 0 advisory) supported
>> bundle2-input-part: "output" (advisory) supported
>> bundle2-input-bundle: 3 parts total
>> preparing listkeys for "phases"
>> sending listkeys command
>> abort: error: Operation timed out
>> =================
>> END hg push
>> =================
>>
>> =================
>> START: nginx.conf
>> =================
>> server {
>> # SSL certs, ciphers etc...
>>
>> limit_except GET HEAD {
>> auth_basic "hg repo"
>> auth_basic_user_file /usr/local/www/repo/auth.passwd;
>> }
>>
>> location / {
>> try_files $uri @app;
>> }
>>
>> location @app {
>> include uwsgi_params;
>> uwsgi_pass unix:/usr/local/www/repo/hgweb.sock;
>> uwsgi_param SERVER_ADDR $server_addr;
>> uwsgi_param REMOTE_USER $remote_user;
>> uwsgi_param SCRIPT_NAME "";
>> }
>>
>> location /static {
>> alias /usr/local/lib/python2.7/site-
>> packages/mercurial/templates/static;
>> expires 30d;
>> }
>> }
>> =================
>> END: nginx.conf
>> =================
>>
>>
>> =================
>> START: uwsgi_hgweb.ini
>> =================
>> [uwsgi]
>> chdir = /usr/local/www/repo
>> wsgi-file = hgweb.wsgi
>>
>> processes = 2
>> socket = /usr/local/www/repo/hgweb.sock
>> pidfile = /usr/local/www/repo/hgweb.pid
>> chmod-socket = 664
>> =================
>> END: uwsgi_hgweb.ini
>> =================
>>
>> =================
>> START: hgweb.config
>> =================
>> [paths]
>> / = /usr/local/repo/hg/*
>>
>> [web]
>> baseurl = /
>> contact = Unknown
>> staticurl = /static
>> =================
>> END: hgweb.config
>> =================
>>
>> _______________________________________________
>> Mercurial mailing list
>> Mercurial at mercurial-scm.org
>> https://www.mercurial-scm.org/mailman/listinfo/mercurial
>>
>>
>
>
> --
> Andrew Fischer
> Apastron Co
> 903 1st ST N Hopkins, MN
> 952-373-1024 <(952)%20373-1024>
> _______________________________________________
> Mercurial mailing list
> Mercurial at mercurial-scm.org
> https://www.mercurial-scm.org/mailman/listinfo/mercurial
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mercurial-scm.org/pipermail/mercurial/attachments/20170213/3f67a12c/attachment-0002.html>
More information about the Mercurial
mailing list