Apache2/WebDAV
Contents |
Apache2 with WebDav
This howto will cover howto implement Apache2 with WebDav support. WebDav can be used for many things including iCal/Sunbird repository. This will assume you have understanding on how gentoo works along with portage commands. This will focus on the new Apache2 conf setup, since the old file support will be dropped shortly.
Updating the system
First update the portage along with any packages that are out of date.
If your Apache settings are old or you're experiencing problems with Apache, its recommended that you start with a fresh install of Apache.
| Code: Cleaning Apache2 Installation |
emerge --unmerge apache rm -Rf /var/www rm -Rf /etc/apache2 rm /etc/conf.d/apache2 rm /etc/init.d/apache2 |
Installing Apache2
Next install Apache2
| Code: Install Apache |
emerge apache |
Apache will want to the following
| Code: Apache dependants |
[ebuild N ] net-www/gentoo-webroot-default-0.2 -no-htdocs 64 kB [ebuild N ] dev-libs/apr-0.9.7 +ipv6 -urandom 1,020 kB [ebuild N ] app-misc/mime-types-4 7 kB [ebuild N ] dev-libs/apr-util-0.9.7 +berkdb +gdbm -ldap 724 kB [ebuild N ] net-www/apache-2.0.55-r1 -apache2 -debug -doc -ldap -mpm-leader -mpm-peruser -mpm-prefork -mpm-threadpool -mpm-worker -no-suexec (-selinux) +ssl -static-modules |
As of October 2008, my apache's `emerge -av` looks more like this:
| Code: Apache dependants |
[ebuild U ] www-servers/apache-2.2.9-r1 [2.2.9] USE="ssl threads -debug -doc -ldap (-selinux) -sni -static -suexec"\ APACHE2_MODULES="actions alias auth_basic auth_digest authn_anon authn_dbd authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile \ authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock dbd deflate dir disk_cache env expires ext_filter file_cache filter headers ident \ imagemap include info log_config logio mem_cache mime mime_magic negotiation proxy proxy_ajp proxy_balancer proxy_connect proxy_http rewrite setenvif \ speling status unique_id userdir usertrack vhost_alias -asis -authn_alias -cern_meta -charset_lite -dumpio -log_forensic -proxy_ftp -substitute -version" \ APACHE2_MPMS="-event -itk -peruser -prefork -worker" 4,887 kB |
Note dav, davfs, and dav_lock in APACHE2_MODULES.
Configuring Apache for WebDav
Once Apache is installed, you will want to edit the conf.d file to tell Apache to start with support for WebDav
| File: /etc/conf.d/apache2 |
APACHE2_OPTS="-D DEFAULT_VHOST -D DAV -D DAV_FS" |
Now you need to create a repository for WebDav. This should not be anywhere on the web directory. This folder will contain usernames and passwords file, along with your WebDav content.
| Code: Creating WebDav Repository |
mkdir -p /var/dav/mydavserver chown -R apache:apache /var/dav mkdir -p /var/lib/dav chown -R apache:apache /var/lib/dav |
| Code: First user |
htpasswd2 -c /var/dav/.davpasswd myfirstdavuser |
The -c option will create the file, or empties the existing file if one exists.
| Code: All other users |
htpasswd2 /var/dav/.davpasswd mydavuser |
Now you need to configure mod_dav
| File: /etc/apache2/modules.d/45_mod_dav.conf |
<IfModule mod_dav.c>
Alias /mydavserver /var/dav/mydavserver
DavMinTimeout 600
<Location /mydavserver>
Options None
Dav On
<Limit GET PUT POST DELETE PROPFIND PROPPATCH MKCOL COPY MOVE LOCK UNLOCK>
AuthType Basic
AuthName "WebDav Restricted Repository"
AuthUserFile /var/dav/.davpasswd
Require valid-user
</Limit>
</Location>
</IfModule>
|
Note: If you want to allow standard web browser read access without authentication, remove the "GET" from the LIMIT statement above.
You might want to edit /etc/apache2/http.conf and edit the ServerName variable (line 415) so you don't get the ServerName error.
Additional Notes ((--Chuck Theobald 18:02, 26 September 2007 (UTC))): The Apache documentation for versions 2.0 and 2.2 recommend against using the Location directive to specify a location within the file system and instead recommend <Directory> or <File>. See [1] for details.
I also found a problem with Apache denying access to the WebDAV file/directory. One fix is to include
| File: /etc/apache2/modules.d/45_mod_dav.conf |
AllowOverride None Order allow,deny Allow from all |
within the <Directory> (or <File>) directive. This was recommended by jamesrh in a post at [2].
Another comment: I had to place the config inside of the vhosts file or Apache would give me 405 errors. - Brian
SSL Support
When installing Apache, at the end, you get self-sign certificates that are put in /etc/apache2/ssl/. They will also work
| Code: setting up SSL |
$ cd /etc/ssl
$ nano -w openssl.cnf
Change the following options:
countryName_default
stateOrProvinceName_default
localityName_default
0.organizationName_default
commonName_default
emailAddress_default
$ cd misc
$ nano -w CA.pl
We need to add "-nodes" to "create a certificate" and
"create a certificate" request code in order to let our new ssl
certs be loaded without a password. Otherwise when you
reboot your ssl certs will not be available.
# create a certificate
system ("$REQ -new -nodes -x509 -keyout newkey.pem -out newcert.pem $DAYS");
...
# create a certificate request
system ("$REQ -new -nodes -keyout newkey.pem -out newreq.pem $DAYS");
$ ./CA.pl -newca
$ ./CA.pl -newreq
$ ./CA.pl -sign
$ openssl req -new > apache.cert.csr
$ openssl rsa -in privkey.pem -out apache.cert.key
$ openssl x509 -in apache.cert.csr -out apache.cert.csr -req -signkey apache.cert.key -days 365
$ cp apache.cert.cert /etc/apache2/ssl
$ cp apache.cert.key /etc/apache2/ssl |
Now add support for your default vhost
| File: /etc/apache2/vhosts.d/00_default_ssl_vhost.conf |
SSLCertificateFile /etc/apache2/ssl/apache.cert.cert SSLCertificateKeyFile /etc/apache2/ssl/apache.cert.key |
Now restart Apache and you should be up and running.
Troubleshooting
- First of all, a normal web browser will not list a web dav directory, instead you get this forbidden error (HTTP 403). Make sure you are actually using a webdav client to access your server and not a web browser. See the testing chapter in the FAQ how build-in webdav clients are used for different client operating systems. Additionally a web browser can be used to access a single file, so entering the webdav-url + file-name should work too.
- If your are using vhost, you should do the webdav configuration into your vhost.conf file, like i did :
cat /etc/apache2/modules.d/45_mod_dav.conf >> /etc/apache2/vhosts.d/your_vhost.conf rm /etc/apache2/modules.d/45_mod_dav.conf nano /etc/apache2/vhosts.d/your_vhost.conf
Note : Apache 2.2.6
Bugs? Issue? Please use Gentoo Forums to http://forums.gentoo.org/privmsg.php?mode=post&u=44232 PM me]
Most information is taken from Pergamon forum post
Last edit 13:37 10/12/2008
Created by NickStallman.net, Luxury Homes Australia
Real estate agents should be using interactive floor plans and real estate agent tools.