Documentation in this arena being slim, I felt it would be helpful to write a short article on my configuration. FastCGI examples are generally documented in about two or three blog posts on the subject, all of which have become dated. For the basic ground work take a look at streamhacker.

Firstly, the fastcgi process is unaware whether you are using HTTP or HTTPS, another fastcgi_param must be passed to solve the following error:

searching for changes
ssl required

fastcgi_param   HTTPS           on;

If you are having the following error, and you have ensured that HTTPS is functioning and allow_push = username is specified in the repo’s .hg/hgrc:

searching for changes
27 changesets found
abort: authorization failed

Then the fastcgi process isn’t receiving the username from nginx. Ensure that the following lines are added to your nginx config:

fastcgi_param   AUTH_USER       $remote_user;
fastcgi_param   REMOTE_USER     $remote_user;

Nginx is also liable to spit out a:

413 Request Entity Too Large

on your first major commit. This is because the max_body_size is set low by default and is unacceptable for a mercurial application. Ensure to add and modify this line to your needs:

client_max_body_size    100M;

my entire nginx vhost.conf

server {
    listen      443;
    server_name hg.DOMAIN.COM;

    ssl                  on;
    ssl_certificate      server.crt;
    ssl_certificate_key  server.key;
    ssl_session_timeout  5m;
    ssl_protocols  SSLv2 SSLv3 TLSv1;
    ssl_ciphers  ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
    ssl_prefer_server_ciphers   on;

        # Increase transfer size to accommodate large pushes
        client_max_body_size    100M;

        location / {
                auth_basic "Restricted Access";
                auth_basic_user_file /repo/sites/hg.DOMAIN.COM/mercurial_passwd;
                fastcgi_pass    127.0.0.1:9001;
                fastcgi_param   PATH_INFO       $fastcgi_script_name;
                fastcgi_param   AUTH_USER       $remote_user;
                fastcgi_param   REMOTE_USER     $remote_user;
                fastcgi_param   QUERY_STRING    $query_string;
                fastcgi_param   REQUEST_METHOD  $request_method;
                fastcgi_param   CONTENT_TYPE    $content_type;
                fastcgi_param   CONTENT_LENGTH  $content_length;
                fastcgi_param   SERVER_PROTOCOL $server_protocol;
                fastcgi_param   SERVER_PORT     $server_port;
                fastcgi_param   SERVER_NAME     $server_name;
                fastcgi_param   HTTPS           on;
        }
        location ~ /\.ht {
            deny  all;
        }
}

“Why on earth would you delete a Facebook account?!?! ITS THE BESTEST THING EVER!

You have some catching up to do, the rest of you skip down:

1. SOPHOS Facebook Study – good facts, interesting experiment
2. Facebook Privacy Policy – I don’t suggest reading the whole thing, its quite lame.
3. Facebook’s Privacy Trainwreck – You remember people freaking out when the News Feeds came in?
4. Facebook: Threats to Privacy – H.Jones & J.Soltren, MIT in 2005!

And the list goes on and on, I’ve had enough. Google around yourself if you still feel cool with Facebook. All you need is “privacy” and “facebook” in one query. “Facebook” and “biometrics” is another good one, see if it produces the results you’re looking for.

Deactivation

If you’d like to go through the ordeal of asking Facebook, you can do yourself a favour and check out many blog posts that have already tried. Basically the process boils down to this:

1. Reactivate your facebook account (if necessary)
2. In Profile -> Edit, go through and delete every piece of information, field by field. prepare to cry
3. Wall post by Wall post delete every one. cry
4. Photos, not so bad go to Edit Album and check all the delete boxes for the photos then delete album.
5. Remove yourself from all networks (clever little leave network link at the bottom of the Networks page). This will take care of groups and events.
6. Delete all friends.

Dear Facebook Privacy Staff,
I have removed all of my profile content. Please remove my account from your database and confirm when this is complete.

account: email login

Regards,

Chater

The Response

Hi Herb,

Your information no longer appears on the site, and we have removed your login email address from our system.
Thanks,

Paul

User Operations

Facebook

Other Comments

What’s with this?

Please enter your full birthday. We are required to retrieve this information by law, but you will have control over whether others see it.

You’re not required by law to do anything. Sure in the U.S there is the COPPA, but (and I quote below) if you go read the laws you might realize it only has to do with a person’s age. It is meant to protect children’s privacy, which is fair enough; I wouldn’t want any kiddies using Facebook either.

(1) CHILD.â€ The term “child” means an individual under the age of 13¹.

Sounds to me like all that has to be done here is verify my age. Why don’t they just ask for that?

The wording that is used is interesting as well. Why is Facebook retrieving information from you? For whom? As if I am worried about the noobs with accounts on there viewing my info; well, aside from the identity theives and fraudsters, who can make a killing with Facebook (ref SOPHOS), I don’t really care, its the corporation that we should be worried about. COPPA Section 1302.1

Attempts to create an account:

Checking input data......Done
WWWAcct 12.0 (c) 1997-2007 cPanel, Inc.......Done
Running pre creation script (/scripts/prewwwacct)......Done
Adding User...Unable to add group deuce

The script actually manages to create the group, which can be verified in /etc/groups.

# cat /etc/group
---
deuce:x:32070:

Which you have to manually remove to get the script to work again.

# /usr/sbin/groupdel deuce

As mentioned in the above post, (paraphrasing the Cpanel techs) the problem was that nscd is running.

# /sbin/service nscd stop

Account gets created without a hitch (assuming that group is removed manually). Easily reproducible.