Share files on WebDAV on OpenWrt

Lookas2001 copyright, this work is licensed under the knowledge sharing signature 4 international license agreement. Please indicate the author and source when reusing.

OpenWrt (https://openwrt.org/) is a very powerful router firmware, and many functions can be achieved by installing software packages. WebDAV (http://www.webdav.org/) is an extension to HTTP, which can be used to share files. So we can try to install the corresponding software package on OpenWrt and let the device support WebDAV.

Compared to SMB, AFP, in actual testing, the speed of WebDAV is more dominant. This may benefit from the fact that WebDAV is based on HTTP, and the HTTP server may have some black technology to increase speed when reducing occupancy (or possibly because WebDAV in the next step is based on HTTP instead of HTTPS).

Another reason for writing this article is that SMB and AFP already have relatively complete tutorials, such as these two articles, https://openwrt.org/docs/guide-user/services/nas/samba_configuration https://openwrt.org/docs/guide-user/services/nas/netatalk_configuration, but WebDAV lacks documentation.

Lighttpd (https://www.lighttpd.net/) is a lightweight, yet fully functional HTTP server. It is observed that he provides WebDAV mod, so it can be used to implement WebDAV server.

Install Lighttpd and WebDAV Auth module

before Opkg update To update the local package information.

adopt Opkg install lighttpd lighttpd-mod-webdav lighttpd-mod-auth lighttpd-mod-authn_file You can install the key packages that you rely on.

If the download speed is slow or download is difficult, you can manually download the corresponding package on http://downloads.openwrt.org, install it, or set up a network agent (this is not the scope of this article, you need to find your own way).

Configure Lighttpd

Unlike SMB, which provides UCI unified configuration interface, Lighttpd needs to be modified under /etc/lighttpd.

adopt VI /etc/lighttpd/lighttpd.conf Open the main configuration file of lighttpd.

May pass CP /etc/lighttpd/lighttpd.conf /etc/lighttpd/lighttpd.conf.bak Set up a backup to restore when configuration is wrong.

This is a configured configuration file:

 /mnt "
server.upload-dirs = (" /tmp ") 
server.errorlog =" /var/log/lighttpd/error.log "
server.pid-file =" /var/run/lighttpd.pid "
server.username =" HTTP "= =" (")", "=" "," "("), "(") "," (")", "(") "," (")", "(") "," (")," (")", "(") "," (")", "(") "," (")", "(") "," (")", "(") "," (")", "(") "," (")", "(") "," (")", "(") "," (")", "(") "," (")", "(") "," (")", "(") "," (")", "(") "," (")", "(") "," (")", "(") "," (")", "(") "," (")", "(") "," (")", "(") "," (")", "(") "," (")", "=", "=", "=", "=", "=", "=", "=", "=", "=", "=", "=", "=", "," = "," = "," = "," = "," = "," = "," = "," (")", "(") "," (")", "(") "," (")", "(") "," (")", "(") "," (")", "("), "(") "," (")", "(") "," (")", "server.document-root ="

The annotation in the lighttpd configuration file is implemented by adding "a" in front of the line.

Here are some changes.

Server.document-root = "/mnt" The document root is set to /mnt I added two hard disks to the router, which are mounted on /mnt/sda1 and /mnt/sdb1 respectively. This storage location is not fixed and can be adjusted according to your own preferences.

Server.port = 81 That is, the port we used to access later, the 80 port has been occupied by the uHTTPd with the system, and another conflict prevention is set up here.

Server.errorlog-use-syslog = "enable" This option can output the error log to syslog, so that we can see the error in the web console.

Server.dir-listing = "enable" , Dir-listing.encoding = "UTF-8" These two options enable you to enable listing of file functions and prevent file name garbled.

Configure WebDAV module

adopt VI /etc/lighttpd/conf.d/30-webdav.conf Open the main configuration file of lighttpd.

This is a configured configuration file:

 #######################################################################
##
##  WebDAV Module
## ---------------
##
## See https://redmine.lighttpd.net/projects/lighttpd/wiki/Docs_ModWebDAV
##
server.modules += ( "mod_webdav" )

#$HTTP["url"] =~ "^/dav($|/)" {
  ##
  ## enable webdav for this location
  ##
  webdav.activate = "enable"

  ##
  ## By default the webdav url is writable.
  ## Uncomment the following line if you want to make it readonly.
  ##
  webdav.is-readonly = "enable"

  ##
  ## Log the XML Request bodies for debugging
  ##
  #webdav.log-xml = "disable"

  ##
  ##
  ##
  webdav.sqlite-db-name = "/tmp/lighttpd-webdav.db"
#}
##
#######################################################################

Here are some changes.

Notes have been dropped. $HTTP["URL"] = = "^/dav ($/") { , } The two line, the purpose of installing Lighttpd here is to WebDAV, and annotate these two rows to set the whole website to WebDAV.

Webdav.activate = "enable" WebDAV has been enabled for the entire site.

Webdav.is-readonly = "enable" Set the operation mode in read-only mode. Set up here. Disable You can disable read-only (readable, readable).

"/mnt/sda1/.lighttpd-webdav.db" Here, we need to set up a database storage location for the WebDAV module. The location is recommended to be selected on the hard disk. This database file needs to store some attributes besides locking, if it is stored in places that are easy to lose. /tmp It will lead to data loss. Storage in addition to the location outside the hard disk will shorten the lifetime of flash memory (flash erasure upper limit). Please note that Lighttpd needs to write permission to store location directory. Chmod a+w XXX To grant permission.

Ref

  • Contents of OpenWrt forum https://forum.openwrt.org/t/webdav-configuration-essense-with-lighttpd-on-openwrt/25357
  • Document https://redmine.lighttpd.net/projects/lighttpd/wiki/Docs_ModWebDAV provided by Lighttpd

Configure Auth module

This configuration is used to enhance the security of your files, but it is not necessary, and the configuration can only enhance a little security. Attackers can still intercept passwords halfway. If you want to better enhance the security, please configure HTTPS.

adopt VI /etc/lighttpd/conf.d/20-auth.conf Open the main configuration file of lighttpd.

This is a configured configuration file:

 #######################################################################
##
##  Authentication Module
## -----------------------
##
## See https://redmine.lighttpd.net/projects/lighttpd/wiki/docs_modauth
## for more info.
##
server.modules += ( "mod_auth" )

auth.backend                 = "plain"
auth.backend.plain.userfile  = "/etc/lighttpd/lighttpd.user"
#auth.backend.plain.groupfile = "/etc/lighttpd/lighttpd.group"

#auth.backend.ldap.hostname = "localhost"
#auth.backend.ldap.base-dn  = "dc=my-domain,dc=com"
#auth.backend.ldap.filter   = "(uid=$)"

auth.require               = ( "/" =>
                               (
                                 "method"  => "basic",
                                 "realm"   => "Personal File Server",
                                 "require" => "valid-user"
                               ),
                             )

##
#######################################################################

Here are some changes.

It may be the carelessness of the baling personnel. There is no original configuration file. Server.modules + = ("mod_auth") One line, in order to enable this module, must be manually added.

Auth.backend = "plain" Set the authentication backend to Plain

Auth.backend.plain.userfile = "/etc/lighttpd/lighttpd.user" Set the location of authenticated backend to store authentication information.

Auth.require =... To cancel the annotation here means that authentication is enabled.

"/" This is the total station.

"Method" = > "basic" The type of authentication is set to Basic For better client compatibility.

"Realm" = > "Personal File Server". That is, when prompted, the message can be set at random.

adopt Touch /etc/lighttpd/lighttpd.user We can create the authentication information file we need.

adopt VI /etc/lighttpd/lighttpd.user Edit and authenticated information file.

This is a sample:

 User1:password1
user2:password2

See user name and password. : Separated, separated by empty lines between multiple users.

Ref

  • Document https://redmine.lighttpd.net/projects/lighttpd/wiki/docs_modauth provided by Lighttpd

2 replies to "sharing files through WebDAV on OpenWrt"

Comment

E-mail addresses will not be made public. Required items have been used. * Tagging

This site uses Akismet to reduce spam reviews. Learn how we process your comment data.