Issue with https mercurial push

David Kalliecharan davidkallie at gmail.com
Mon Feb 13 15:08:23 UTC 2017


Hi Don, and Andrew!

Thanks for your help! I forgot to hit reply all in my last e-mail!

I solved the issue, turns out it was http and https being blocked on the
internal network due to the firewall!

Trying out `hg serve` would just timeout, not even push or communicate on
the internal network. When I looked at my config and realized I was
blocking port 80 and 403 internally, unblocked them, and it works (even
nginx). I had recently upgraded the server and set up a new firewall months
ago, and forgot about it's settings.

Cheers!

On Mon, Feb 13, 2017 at 10:25 AM, Don Wills <don.wills at portablesoftware.com>
wrote:

> This might be relevant.  We had one work-at-home person using a private hg
> repo on a host at a commercial provider.  hg access was via ssh, using
> either the Eclipse plugin and command line tools.  Unbeknownst to all, at
> some point in time, IPv6 connectivity was established between the user's
> home location and the server containing the repo.  Performance of push and
> pull went from one second to a few minutes.  Adding this line:
>    AddressFamily inet
> to a configuration file fixed the problem by forcing use of IPv4 only.
>
> On Feb 13, 2017, at 7:47 AM, Andrew Fischer <andrew at apastron.co> wrote:
>
> While I am not sure what your problem is, as I have never run into an
> issue like this, I do run hgweb on uwsgi served behind nginx. It's been
> trouble free for years, so I'll post my configs (old though they may be)
> and maybe something will help. It almost sounds to me like uwsgi isn't
> getting a return code passed back properly to nginx.
>
> Also, it's worth verifying that the user uwsgi runs as has proper
> permissions on all parts of the hg repo being served. I have been burned by
> that before.
>
> My configs:
>
> ============
> START: nginx.conf
> ============
>     server {
>         #SSL, AUTH, ROOT, ETC
>
>         # Larger timeouts for hg
>         keepalive_timeout 120s;
>         send_timeout 120s;
>         client_body_timeout 120s;
>
>         # Disabled, you may push any size
>         client_max_body_size 0;
>
>         # Mercurial repositories are handled by uwsgi
>         location / {
>             include uwsgi_params;
>             uwsgi_pass unix:///run/uwsgi/hg.sock;
>             uwsgi_param SCRIPT_NAME /;
>
>             uwsgi_param AUTH_USER $remote_user;
>             uwsgi_param REMOTE_USER $remote_user;
>
>             uwsgi_param HTTPS on;
>         }
>
>         # Catch static mercurial webserver files
>         location /static/ {
>             rewrite /static/(.*) /$1 break;
>             root /usr/lib/python2.7/site-packages/mercurial/templates/
> static/;
>             expires 30d;
>         }
>     }
>
> ============
> END: nginx.conf
> ============
>
> ============
> START: uwsgi.ini
> ============
>
> [uwsgi]
> plugins = python2
> uid = http
> gid = http
> socket = /run/uwsgi/hg.sock
> master = true
> processes = 4
> buffer-size = 32786
> pythonpath = /srv/http/nginx/https/hg
> module = hgweb
> pidfile = /run/uwsgi/hg.pid
> logto = /var/log/hg.log
>
> ============
> END: uwsgi.ini
> ============
>
> =================
> START: hgweb.config
> =================
>
> [collections]
> /srv/http/nginx/https/hg/repository = /srv/http/nginx/https/hg/repository
>
> =================
> END: hgweb.config
> =================
>
>
> On Sat, Feb 11, 2017 at 9:39 PM, David Kalliecharan <davidkallie at gmail.com
> > wrote:
>
>> Hello!
>>
>> I have been having issues with `hg push` over HTTPS and get timeouts. My
>> setup is using nginx with uwsgi and hgweb.wsgi. The push times out, but the
>> push actually succeeds, but will not return until the timeout finishes,
>> which is annoying. Checking hg out after or the server side repo shows the
>> push in fact happened.
>>
>> A lot of people mention the use of a huge repo, but here I am using a
>> test repo with 1 file in it, and still to no avail.
>>
>> I have been filtering through the internet, trying to find solutions to
>> this problem as best as I could.
>>
>> hg pull, in, out works just fine, all features work with ssh just fine as
>> well.
>>
>> All directories have the same group and user for both nginx and uwsgi
>>
>> The web frontend works just fine.
>>
>> Any help would be greatly appreciated! Thanks
>>
>> Here is the relevant information I can provide:
>>
>> =================
>> START: hg --debug -vv push
>> =================
>> using ca certificates from certifi
>> using /usr/local/lib/python2.7/site-packages/certifi/cacert.pem for C
>> query 1; heads
>> sending batch command
>> searching for changes
>> all remote heads known locally
>> preparing listkeys for "phases"
>> sending listkeys command
>> received listkey for "phases": 15 bytes
>> checking for updated bookmarks
>> preparing listkeys for "bookmarks"
>> sending listkeys command
>> received listkey for "bookmarks": 0 bytes
>> sending branchmap command
>> sending branchmap command
>> preparing listkeys for "bookmarks"
>> sending listkeys command
>> received listkey for "bookmarks": 0 bytes
>> 1 changesets found
>> list of changesets:
>> d9bf739880c552856c6184f514aad5e127429565
>> bundle2-output-bundle: "HG20", 4 parts total
>> bundle2-output-part: "replycaps" 155 bytes payload
>> bundle2-output-part: "check:heads" streamed payload
>> bundle2-output-part: "changegroup" (params: 1 mandatory) streamed pay
>> bundle2-output-part: "pushkey" (params: 4 mandatory) empty payload
>> sending unbundle command
>> sending 938 bytes
>> bundle2-input-bundle: with-transaction
>> bundle2-input-part: "reply:changegroup" (advisory) (params: 0 advisord
>> bundle2-input-part: "output" (advisory) (params: 0 advisory) supporte
>> bundle2-input-part: total payload size 100
>> remote: adding changesets
>> remote: adding manifests
>> remote: adding file changes
>> remote: added 1 changesets with 1 changes to 1 files
>> bundle2-input-part: "reply:pushkey" (params: 0 advisory) supported
>> bundle2-input-part: "output" (advisory) supported
>> bundle2-input-bundle: 3 parts total
>> preparing listkeys for "phases"
>> sending listkeys command
>> abort: error: Operation timed out
>> =================
>> END hg push
>> =================
>>
>> =================
>> START: nginx.conf
>> =================
>> server {
>> # SSL certs, ciphers etc...
>>
>> limit_except GET HEAD {
>>     auth_basic "hg repo"
>>     auth_basic_user_file /usr/local/www/repo/auth.passwd;
>> }
>>
>> location / {
>>      try_files $uri @app;
>> }
>>
>> location @app {
>>     include uwsgi_params;
>>     uwsgi_pass unix:/usr/local/www/repo/hgweb.sock;
>>     uwsgi_param SERVER_ADDR $server_addr;
>>     uwsgi_param REMOTE_USER $remote_user;
>>     uwsgi_param SCRIPT_NAME "";
>> }
>>
>> location  /static {
>>             alias /usr/local/lib/python2.7/site-
>> packages/mercurial/templates/static;
>>             expires 30d;
>> }
>> }
>> =================
>> END: nginx.conf
>> =================
>>
>>
>> =================
>> START: uwsgi_hgweb.ini
>> =================
>> [uwsgi]
>> chdir           = /usr/local/www/repo
>> wsgi-file       = hgweb.wsgi
>>
>> processes       = 2
>> socket          = /usr/local/www/repo/hgweb.sock
>> pidfile         = /usr/local/www/repo/hgweb.pid
>> chmod-socket    = 664
>> =================
>> END: uwsgi_hgweb.ini
>> =================
>>
>> =================
>> START: hgweb.config
>> =================
>> [paths]
>> / = /usr/local/repo/hg/*
>>
>> [web]
>> baseurl = /
>> contact = Unknown
>> staticurl = /static
>> =================
>> END: hgweb.config
>> =================
>>
>> _______________________________________________
>> Mercurial mailing list
>> Mercurial at mercurial-scm.org
>> https://www.mercurial-scm.org/mailman/listinfo/mercurial
>>
>>
>
>
> --
> Andrew Fischer
> Apastron Co
> 903 1st ST N Hopkins, MN
> 952-373-1024 <(952)%20373-1024>
> _______________________________________________
> Mercurial mailing list
> Mercurial at mercurial-scm.org
> https://www.mercurial-scm.org/mailman/listinfo/mercurial
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mercurial-scm.org/pipermail/mercurial/attachments/20170213/3f67a12c/attachment-0002.html>


More information about the Mercurial mailing list