23日 6月 2017

Debian 9: Install WebDAV for file server

This article will describe installing WebDAV.

1 Install WebDAV

  • This article uses default SSL/TLS certicication file for https. Please change your SSL/TLS certification file.
  • Use https or davs for SSL.
  • WEBDAV_USERNAME is username and WEBDAV_PASSWORD is password for digest authentication. 
#!/bin/sh

set -e

[ -z "${WEBDAV_USERNAME}" ] && \
  WEBDAV_USERNAME=webdav
[ -z "${WEBDAV_PASSWORD}" ] && \
  WEBDAV_PASSWORD=webdav

sudo apt install -y apache2

cat <<EOF | sudo tee /etc/apache2/sites-available/webdav.conf
Alias /webdav /var/www/webdav

<VirtualHost _default_:443>
  SSLEngine on
  SSLCertificateFile    /etc/ssl/certs/ssl-cert-snakeoil.pem
  SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
</VirtualHost>

<Location /webdav>
  DAV On
  SSLRequireSSL
  AuthType Digest
  AuthName webdav
  AuthUserFile /etc/apache2/.webdav
  Require valid-user
</Location>
EOF

sudo mkdir /var/www/webdav
sudo chown www-data:www-data /var/www/webdav

for mod in dav dav_fs dav_lock ssl auth_digest; do
  sudo a2enmod ${mod}
done
sudo a2ensite webdav
sudo systemctl restart apache2

# Create digest password file with expect command.
sudo apt install -y expect
expect -c "
set timeout -1
spawn sudo htdigest -c /etc/apache2/.webdav webdav ${WEBDAV_USERNAME}
expect \"New password: \"
send \"${WEBDAV_PASSWORD}\n\"
expect \"Re-type new password: \"
send \"${WEBDAV_PASSWORD}\n\"
expect eof
"

2 Access to WebDAV

Install davfs2 package for mounting davfs. 

$ sudo apt install -y davfs2

Run "mount -t davfs". 

$ sudo mount -t davfs https://localhost/webdav /mnt
Please enter the username to authenticate with server
https://localhost/webdav or hit enter for none.
  Username: webdav
Please enter the password to authenticate user webdav with server
https://localhost/webdav or hit enter for none.
  Password:
/sbin/mount.davfs: the server certificate does not match the server name
  issuer:      debian-8.hiroom2.com
  subject:     debian-8.hiroom2.com
  identity:    debian-8.hiroom2.com
  fingerprint: 0f:12:e7:65:67:63:7a:a8:e5:54:14:69:dd:6f:b5:80:1c:01:9f:cd
You only should accept this certificate, if you can
verify the fingerprint! The server might be faked
or there might be a man-in-the-middle-attack.
Accept certificate for this session? [y,N] y

Write file via WebDAV. 

$ echo hello | sudo tee /mnt/hello.txt

For updating written file immediately, unmount /mnt. 

$ sudo umount /mnt

Written file can be read in /var/www/webdav. 

$ sudo cat /var/www/webdav/hello.txt
hello
カテゴリ: en, 201706, webdav, debian-9