WebDAV (Web Distributed Authoring and Versioning)是 HTTP/1.1 的擴展,因此可以作為一個協議考慮。它包含了一系列概念和由此產生的擴展方法,用以允許通過 HTTP/1.1 讀寫。WebDAV 不使用 NFS 或 SMB,而是通過HTTP傳輸文件。
本指南目的是通過 web 伺服器配置簡單的WebDAV。
伺服器
Apache
下載 Apache HTTP 伺服器。
取消 DAV 和 auth_digest 這兩個模塊的注釋:
LoadModule dav_module modules/mod_dav.so LoadModule dav_fs_module modules/mod_dav_fs.so LoadModule dav_lock_module modules/mod_dav_lock.so LoadModule auth_digest_module modules/mod_auth_digest.so
取消注釋 conf/extra/httpd-dav.conf
文件中的行:
# Distributed authoring and versioning (WebDAV) Include conf/extra/httpd-dav.conf
檢查文件 /etc/httpd/conf/extra/httpd-dav.conf
中的行:
DAVLockDB /etc/httpd/var/DavLock
確保你把上面的行放在了其它指令的外面,比如在 DocumentRoot
定義中:
如果你希望進行乾淨的部署,可以考慮使用 /srv/dav
結構來替代默認的 /etc/httpd/uploads
。(與原文有出入,請對照英文頁面閱讀)
接下來,檢查 /etc/httpd/conf/extra/httpd-dav.conf
中別名相關的設置(同樣要放在其它指令的外面):
DavLockDB "/etc/httpd/var/DavLock" Alias /uploads "/etc/httpd/uploads" <Directory "/etc/httpd/uploads"> Dav On AuthType Digest AuthName DAV-upload # You can use the htdigest program to create the password database: # htdigest -c "/etc/httpd/user.passwd" DAV-upload admin AuthUserFile "/etc/httpd/user.passwd" AuthDigestProvider file # Allow universal read-access, but writes are restricted # to the admin user. <RequireAny> # require that these methods are used (PROPFIND allows directory listing) ... Require method GET POST OPTIONS PROPFIND # or that the user is admin (f.e. PUT is required to write a file, MKCOL for folders) Require user admin # -- Notes --- # more info on methods in the webdav rfc: http://www.webdav.org/specs/rfc4918.html # POST treated as PUT: https://datatracker.ietf.org/doc/html/rfc5995 </RequireAny> </Directory>
創建目錄:
# mkdir -p /etc/httpd/var
檢查 DavLockDB 目錄的權限並確保Web伺服器用戶 http
有權寫入此目錄:
# chown -R http:http /etc/httpd/var # mkdir -p /etc/httpd/uploads # chown -R http:http /etc/httpd/uploads
nginx
安裝 nginx-mainline包 (nginx的Mainline版本)和 nginx-mainline-mod-dav-extAUR。
在 /etc/nginx/nginx.conf
文件的頭部以及其它塊的外面添加下面的行:
load_module /usr/lib/nginx/modules/ngx_http_dav_ext_module.so;
在 server
塊中為WebDAV添加新的 location
,例如:
location /dav { root /srv/http; dav_methods PUT DELETE MKCOL COPY MOVE; dav_ext_methods PROPFIND OPTIONS; # Adjust as desired: dav_access user:rw group:rw all:r; client_max_body_size 0; create_full_put_path on; client_body_temp_path /srv/client-temp; autoindex on; allow 192.168.178.0/24; deny all; }
上面的例子需要 /srv/http/dav
目錄和 /srv/client-temp
目錄存在。
你也許希望通過使用綁定掛載來讓其它目錄也能通過WebDAV訪問。
rclone
安裝 rclone包 。它支持使用 webdav 導出遠程或本地目錄。
在不使用任何認證的情況下提供 /srv/http
目錄下的內容:
$ rclone serve webdav /srv/http
Caddy
安裝 caddy-webdav-gitAUR 或者先安裝 xcaddy-binAUR 再使用 WebDAV 模塊構建 Caddy :
$ xcaddy build --with github.com/mholt/caddy-webdav
若要使用80埠以 dav
路徑提供 /srv/webdav
目錄下的內容,將下面的內容添加到 Caddyfile :
:80 { rewrite /dav /dav/ webdav /dav/* { root /srv/webdav prefix /dav } file_server }
運行 Caddy :
$ caddy run
Client
Cadaver
After installation, test the WebDAV server:
$ cadaver http://localhost/dav dav:/dav/> mkcol test Creating `test': succeeded. dav:/dav/> ls Listing collection `/dav/': succeeded. Coll: test
Dolphin
To create a permanent WebDAV folder in Dolphin select Network in the remotes section of the places sidebar, then press the Add Network Folder button. The network folder wizard will appear. Select WebFolder (webdav), and fill in the subsequent form.
Alternately just click the path bar and then enter the url with webdav:// protocol specifier.
Nautilus
Install the gvfs包 and gvfs-dnssd包 packages.
In Nautilus choose "connect to server" and enter the address with dav://
or davs://
protocol specified:
dav://127.0.0.1/dav
dav://
, try to use davs://
as the protocol instead.rclone
rclone包 is a command line tool that lets you sync to/from, or mount (with many caching options), remote file systems including WebDAV.
Thunar
Install the gvfs包 and gvfs-dnssd包 packages.
In Thunar press Ctrl+l
and enter the address with dav or davs protocol specified:
davs://webdav.yandex.ru
Authentication
There are numerous different protocols you can use:
- plain
- digest
- others
Apache
Using htdigest(1) (remove the -c
option if the file exists):
# htdigest -c /etc/httpd/conf/passwd WebDAV username
httpd.conf
by the presence of this entry: LoadModule auth_digest_module modules/mod_auth_digest.so
Using plain htpasswd(1) (remove the -c
option if the file exists):
# htpasswd -c /etc/httpd/conf/passwd username
Next, httpd.conf
must be edited to enable authentication. One method would be to require the user foo
for everything:
<Directory "/home/httpd/html/dav"> DAV On AllowOverride None Options Indexes FollowSymLinks AuthType Digest # substitute "Basic" for "Digest" if you used htpasswd above AuthName "WebDAV" AuthUserFile /etc/httpd/conf/passwd Require user foo </Directory>
AuthName
must match the realm name passed when using the htdigest
command for digest authentication. For basic/plain authentication, this line may be removed. Also, make sure that the AuthUserFile
path matches that used with the htdigest
or htpasswd
commands above.If you want to permit everybody to read, you could use this in your httpd.conf
<Directory "/home/httpd/html/dav"> DAV On AllowOverride None Options Indexes FollowSymLinks AuthType Digest # substitute "Basic" for "Digest" if you used htpasswd above AuthName "WebDAV" AuthUserFile /etc/httpd/conf/passwd Require all granted <LimitExcept GET HEAD OPTIONS PROPFIND> Require user foo </LimitExcept> </Directory>
Do not forget to restart httpd.service
after making changes.
DirectoryIndex disabled
to your Directory
section.Troubleshooting
Some file explorers cannot edit directories in nginx WebDAV
nginx WebDAV requires a directory path ends with a slash (/
), but some file explorers does not append a /
at the end of the path.
This can be worked-around, by either removing the corresponding checking code and recompile it, or by appending the following code in a nginx server
block to add /
at the end of a request, if needed:
# The configuration was based on: https://nworm.icu/post/nginx-webdav-dolphin-deken/ # if the request method is MKCOL or is to a directory, add / at the end of the request if it was missing if ($request_method = MKCOL) { rewrite ^(.*[^/])$ $1/ break; } if (-d $request_filename) { rewrite ^(.*[^/])$ $1/ break; } # if the request method is copy or move a directory, add / at the end of the request if it was missing set $is_copy_or_move 0; set $is_dir 0; if (-d $request_filename) { set $is_dir 1; } if ($request_method = COPY) { set $is_copy_or_move 1; } if ($request_method = MOVE) { set $is_copy_or_move 1; } set $is_rewrite "${is_dir}${is_copy_or_move}"; if ($is_rewrite = 11) { rewrite ^(.*[^/])$ $1/ break; }