TurnKey Linux Virtual Appliance Library

Redmine appliance and Mercurial setup to enable SSH push (with MacHG)

Otrebor's picture

Few days ago I downloaded the latest Redmine appliance and I was very happy to see all the improvements over the past version. I immediately started to use it with VMFusion on my Mac (yes, I use a Mac).

I wanted to use Redmine and Mercurial to host my small dev projects and eventually put order in a messy development folder.

Of course, the first thing I did has been to create a Mercurial repo for my project. I logged as root, I created the /srv/repos/hg/myproject/ folder and there initialized the mercurial repo with "hg init". The repository was immediately available on the http://<myserverip>:8080/myproject/ folder.

As I've been a Mac user since 3 years now, I downloaded the cute MacHG free software to handle the connection to my redmine appliance and my local repositories. I then cloned the "myproject" repo locally and added the files of my project to it. I did a local commit and prepared to push the files back to my redmine appliance. With my surprise, I could not push and I got a message saying "ssl required". 8-)

After few days of tentatives and some intensive googling sessions, I found out a two possibilities to solve the problem: the dirty and the clean ways.

The dirty way consisted in adding the following text

 

[web]
push_ssl=False
allow_push=*

to the .hg/hgrc file in the turnkey instance, as also suggested here. But this solution is totally insecure as it would allow everybody to clone and commit to your repository. Although the appliance is for my personal use, I care a lot about security and opening the doors to the entire world, even for my small repo, wasn't a pleasant thought.

After some more browsing, I think I found a cleaner way to do it. This consisted in using SSH to access my repository. However, when I did it on MacHG, the repository seemed always unreachable. The reason I discovered was that in MacHG the SSH session could not be interactive (i.e. you cannot enter a password, although there's a field to enter the password in MacHG!).

So I decided to make the SSH session automatic. This means that if I connect to my appliance with the following command:

ssh <myapplianceip> -l root

I should be able to enter without being asked for a password, but still keeping the security enforced. The solution was to enable ssh autologin with my appliance. I found perfect instructions to do so here. Of course, on my Mac, the ssh package is there by default.

Now I can add my repositories on the virtual appliance as root (no need to create an extra user for that, at least for home use) and login on them without problems and using all the turnkeylinux features out of the box and no other modifications.

This made my life easier and now I managed to clone and push my repos to and from the turnkeylinux with just 1 modification to the appliance itself. This gets close to my understanding of the turnkeylinux background idea: use it out of the box.

Thanks to the turnkeylinux team! :-)

Post new comment

The content of this field is kept private and will not be shown publicly. If you have a Gravatar account, used to display your avatar.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <p> <span> <div> <h1> <h2> <h3> <h4> <h5> <h6> <img> <map> <area> <hr> <br> <br /> <ul> <ol> <li> <dl> <dt> <dd> <table> <tr> <td> <em> <b> <u> <i> <strong> <font> <del> <ins> <sub> <sup> <quote> <blockquote> <pre> <address> <code> <cite> <strike> <caption>

More information about formatting options

Leave this field empty. It's part of a security mechanism.
(Dear spammers: moderators are notified of all new posts. Spam is deleted immediately)