Difference between revisions of "Simple LAN filesharing with WebDAV"
(→Example Configuration) |
(→Example Configuration) |
||
| Line 9: | Line 9: | ||
=== Example Configuration === | === Example Configuration === | ||
| − | Basically the configuration are in <code>/etc/lighttpd/conf-available</code> and with symlinks in <code>/etc/lighttpd/conf-enabled</code>. In our simple example we have | + | Basically the configuration are in <code>/etc/lighttpd/conf-available</code> and with symlinks in <code>/etc/lighttpd/conf-enabled</code>. '''In our simple example we have three shared folders, one that can be mounted read-only by anyone, and two that are read-write but requires a username and password'''. |
* By default a temp config file called <code>99-unconfigured.conf</code> provides a generic landing page. We don't need it and we just have to enable the authentication config. | * By default a temp config file called <code>99-unconfigured.conf</code> provides a generic landing page. We don't need it and we just have to enable the authentication config. | ||
| Line 47: | Line 47: | ||
# shared pit of madness | # shared pit of madness | ||
$HTTP["url"] =~ "^/readwrite1(?:/|$)" { | $HTTP["url"] =~ "^/readwrite1(?:/|$)" { | ||
| − | alias.url = ( "/readwrite1" => "/local/path/to/ | + | alias.url = ( "/readwrite1" => "/local/path/to/readwrite1" ) |
dir-listing.activate = "enable" | dir-listing.activate = "enable" | ||
webdav.activate = "enable" | webdav.activate = "enable" | ||
| Line 53: | Line 53: | ||
} | } | ||
$HTTP["url"] =~ "^/readwrite2(?:/|$)" { | $HTTP["url"] =~ "^/readwrite2(?:/|$)" { | ||
| − | alias.url = ( "/readwrite2" => "/local/path/to/ | + | alias.url = ( "/readwrite2" => "/local/path/to/readwrite2" ) |
dir-listing.activate = "enable" | dir-listing.activate = "enable" | ||
webdav.activate = "enable" | webdav.activate = "enable" | ||
| Line 59: | Line 59: | ||
} | } | ||
</pre> | </pre> | ||
| + | |||
| + | Now if you wonder what kind of magic will happen so that the lighttpd process, local and remote users can happily edit the same files, well, none. It won't work and you will be sad. Then you will start to drink to forget about server administration, go in the streets pick up fights with strangers who are much better physical condition because they don't spend hours configuring neovim plugins that you don't even use. It will be painful. To avoid this unfortunate situation you need to do two things: | ||
| + | 1. the folder needs to be group-owned by the lighttpd process owner, in this <code>www-data</code> and you also need to set the group ID bit on the folder, so that all newly created files will inherit the group ownership. | ||
| + | sudo chown regular_user:www-data /local/path/to/readwrite1 | ||
| + | sudo chmod g+ws /local/path/to/readwrite1 | ||
| + | 2. | ||
== Client side == | == Client side == | ||
Revision as of 22:41, 1 March 2024
WebDAV is both an overlooked and quite popular way to access and edit files remotely across a wide range of operating systems. Yes it's web stuff, again, but surprisingly fast, lightweight, and that can recover quite well on unstable networks or when the server has to be restarted, or has gone for lunch. A reason why it may be overlooked is possibly because it's often associated with sausage factories like own/nextcloud, or standalone implementations that are not particularly exciting. What is less known is that many web servers come with their own WebDAV implementation out of the box. Out of the usual suspects, nginx, Apache, and lighttpd, the latter has both the most lightweight and most complete implementation. No need for anything else!
In these notes we only cover a simple LAN setup, you can build upon it for more complex use case of course.
Server side
Installation
- This is for Debian, but you're smart
sudo apt install lighttpd lighttpd-mod-webdav
Example Configuration
Basically the configuration are in /etc/lighttpd/conf-available and with symlinks in /etc/lighttpd/conf-enabled. In our simple example we have three shared folders, one that can be mounted read-only by anyone, and two that are read-write but requires a username and password.
- By default a temp config file called
99-unconfigured.confprovides a generic landing page. We don't need it and we just have to enable the authentication config.
sudo lighttpd-disable-mod unconfigured sudo lighttpd-enable-mod auth
- Create a user and password for the read-write share
sudo apt install apache2-utils sudo htpasswd -c /etc/lighttpd/user.htpasswd turtleprincess
- create a new configuration file
/etc/lighttpd/conf-available/66-webdav.confwith the following:
server.modules += ( "mod_webdav" )
dir-listing.encoding = "utf-8"
# This is needed for keepings tracks of locks and props which
# are needed for shares that can be edited
webdav.sqlite-db-name = "/var/cache/lighttpd/lighttpd.webdav.db"
# auth
server.modules += ("mod_authn_file")
auth.backend = "htpasswd"
auth.backend.htpasswd.userfile = "/etc/lighttpd/user.htpasswd"
auth.require = ( "/readwrite1" => ( "method" => "basic",
"realm" => "YOU WOT MATE",
"require" => "valid-user" ),
"/readwrite2" => ( "method" => "basic",
"realm" => "YOU WOT MATE",
"require" => "valid-user" ))
# read-only stuff
$HTTP["url"] =~ "^/readonly(?:/|$)" {
alias.url = ( "/readonly" => "/local/path/to/readonly" )
dir-listing.activate = "enable"
webdav.activate = "enable"
webdav.is-readonly = "enable"
}
# shared pit of madness
$HTTP["url"] =~ "^/readwrite1(?:/|$)" {
alias.url = ( "/readwrite1" => "/local/path/to/readwrite1" )
dir-listing.activate = "enable"
webdav.activate = "enable"
webdav.is-readonly = "disable"
}
$HTTP["url"] =~ "^/readwrite2(?:/|$)" {
alias.url = ( "/readwrite2" => "/local/path/to/readwrite2" )
dir-listing.activate = "enable"
webdav.activate = "enable"
webdav.is-readonly = "disable"
}
Now if you wonder what kind of magic will happen so that the lighttpd process, local and remote users can happily edit the same files, well, none. It won't work and you will be sad. Then you will start to drink to forget about server administration, go in the streets pick up fights with strangers who are much better physical condition because they don't spend hours configuring neovim plugins that you don't even use. It will be painful. To avoid this unfortunate situation you need to do two things:
1. the folder needs to be group-owned by the lighttpd process owner, in this www-data and you also need to set the group ID bit on the folder, so that all newly created files will inherit the group ownership.
sudo chown regular_user:www-data /local/path/to/readwrite1 sudo chmod g+ws /local/path/to/readwrite1
2.
