mercurial-server does not seem to be maintained anymore and it has no support for Python3 (it will be masked on Gentoo in 30 days). I think it will be better to use hg-ssh. For that we need:
* update tryton-tools/roundup_sshkeys.py to generate a proper .ssh/authorized_keys for user hg.
* patch (and propose upstream) to set HGUSER environment per key like I did for mercurial-server  to support acl.