Webdav

From openSUSE

Setting up a Webdav server

I want to access my calendar and addressbook from my mainframe and from my notebook. I write exams at the moment so it is the best time to do something else. I've setup a webdav to store my adressbook and calendar so I can access it with KOrganizer, Mozilla Sunbird or KAdressbook from everywhere.

First we have to create a directory for the webdav databases (lock, user).

mkdir -p /var/lib/apache2/dav
chown wwwrun /var/lib/apache2/dav
chgrp www /var/lib/apache2/dav
chmod 775 /var/lib/apache2/dav

Now we need a user:

htpasswd2 -c /etc/apache2/dav_users.db <username>

Change <username> to your user and enter a password (the -c creates the dav_users.db. It can be left out when others users are added to the database).

Now lets create the web accessible directory:

mkdir /srv/www/webdav
chown wwwrun /srv/www/webdav
chgrp www /srv/www/webdav
chmod 775 /srv/www/webdav

mod_dav.conf

The next step is to create a config file and add the dav modules.

Edit /etc/sysconfig/apache2 and add dav and dav_fs to the APACHE_MODULES variable. Then create a file /etc/apache2/conf.d/dav.conf with the following content:

 <IfModule mod_dav_fs.c>
    # Location of the WebDAV lock database.
    DavLockDB /var/lib/apache2/dav/lockdb
 </IfModule>

 <IfModule mod_dav.c>
    # XML request bodies are loaded into memory;
    # limit to 128K by default
    LimitXMLRequestBody 131072
    
    # Location of the WebDav Repository.
    Alias /webdav "/srv/www/webdav"
    
    <Directory /srv/www/webdav>
        # enable webdav for this directory
        Dav On
        Options +Indexes
        IndexOptions FancyIndexing
        AddDefaultCharset UTF-8
        AuthType Basic
        AuthName "WebDAV Server"

        # htpasswd2 -c /etc/apache2/dav_users.db <username>
        AuthUserFile /etc/apache2/dav_users.db
        <LimitExcept GET OPTIONS>
           Require valid-user
        </LimitExcept>
        Order allow,deny
        Allow from all
    </Directory>
 </IfModule>

The configuration file will automatically be included.

Now you can access your webdav directory with http://domain.tld/webdav

Remark: the IfModule tags can be left out.

An example dav conf module file is located at: /etc/apache2/extra/httpd-dav.conf

SSL

I'm sure you want to access your server the secure way, so we need mod_ssl and a certificate. I have an CACert account so I created a real one ;)

You have to create a CSR (Certificate Signing Request) for CACert. This file contains pieces of information about your cert and your public key. It is used by the Certification Authority to sign your cert.

Generate an encrypted key

Type the following command to generate a private key that is file encrypted.

openssl genrsa -des3 -out server.key 1024

You will be prompted for the password to access the file and also when starting your webserver. Warning: If you lose or forget the passphrase, you must generate another certificate. If you decide at a later stage that you would rather use an unencrypted key (cause you don't want to enter the key at boot time), you may create an unencrypted version of server.key in server.key.unsecure by executing:

openssl rsa -in server.key -out server.key.unsecure

Request a Server Certificate

Log in to your CACert account and post the CSR, you'll will receiver the server.crt by mail. Replace the server.key in /etc/apache2/ssl.key and server.crt in /etc/apache2/ssl.crt with your CSR and your cert.

Configure SSL

Edit in /etc/sysconfig/apache2 the add to APACHE_SERVER_FLAGS the option -DSSL. Restart your apache2 and connect e.g. with konqueror to your webdav and log in:

webdavs://domain.tld/webdav