webDAV server using nginx module

airwoodix · September 1, 2020, 9:59pm

Hello!

As a follow-up to this question, does anyone have experience with serving webDAV requests using the built-in nginx module (with dav-ext) rather than a heavy app like seafile or nextcloud?

My naive try did not succeed. With the config below, a PROPFIND request to https://my-domain.tld/webdav gets redirected (302) to https://my-domain.tld/yunohost/sso which then logically fails with 405 (method not supported). I guess that the authentication is not handled properly. Any idea how to fix this?

Thanks in advance!

nginx config (/etc/nginx/conf.d/my-domain.tld.d/webdav.conf)

rewrite ^/webdav$ /webdav/ permanent;
location /webdav/ {
    # Force usage of https
    if ($scheme = http) {
    rewrite ^ https://$server_name$request_uri? permanent;
    }

    root /var/www/webdav;
    client_body_temp_path /tmp/nginx/client;

    dav_methods PUT DELETE MKCOL COPY MOVE;
    dav_ext_methods PROPFIND OPTIONS;
    create_full_put_path on;
    dav_access user:rw;

    include conf.d/yunohost_panel.conf.inc;
}

ljf · September 2, 2020, 11:15am

You need to add a persistent rules in SSOWat ( see /etc/ssowat ). the rule should disable sso on request /webdav/ . For example with skipped_uris property.

ivancan · September 2, 2020, 3:03pm

dav_access user:rw;

You have no yunohost user on the system, but admin.

example: if you create titi in yunohost, titi can not login via SSH (user)

so, either ngnix to LDAP or LDAP to PAM

let’s look at the options.

Any experts around ?

ljf · September 2, 2020, 3:19pm

Yunohost user are like system user thanks to the service nscdu (if i remember well). You can login with ssh if you enable the access (not recommended).

marc · October 22, 2022, 4:11pm

Hi,
I managed to create a Webdav server thanks to your discussion and to the nginx webdav documentation

I created a file named webdav.conf in /etc/nginx/conf.d/mon-domain.tld.d

rewrite ^/webdav$ /webdav/ permanent;
location /webdav/ {

    root     /var/www;

    client_body_temp_path /var/www/webdav_client_temp;

    dav_methods PUT DELETE MKCOL COPY MOVE;

    create_full_put_path  on;
    dav_access            group:rw  all:r;


  # Include SSOWAT user panel.
  include conf.d/yunohost_panel.conf.inc;
}

Then i created directories mentionned in this webavconf,

mkdir /var/www/webdav
mkdir /var/www/webdav_client_temp
chmod 777 /var/www/webdav
chmod 777 /var/www/webdav_client_temp

Of course, these chmod are not satisfying, they should be restricted to yunohost users

Then i edited the ssowat config to allow the connexion
it is in /etc/ssowat/conf.json

in "permissions":, i added


        "webdav.main": {
            "auth_header": true,
            "label": "Webdav",
            "public": true,
            "show_tile": true,
            "uris": [
                "mon-domain.tld/webdav"
            ],
            "users": [
                "utilisateur1",
                "uilisateur2" (etc)
            ]
        }

I restarted the nginx service
It works

I hope this can help

Maybe it would be convenient to transform this in a full Yunohost application.
Can somebody help?

gwlegion · February 7, 2023, 3:43pm

+1 for the webdav application …

Maknho · April 30, 2023, 7:35am

+1 for the
webdav app

gemlog · September 19, 2024, 2:41am

Hi, I have the same need. I currently have a webdav on a non-yunohost vps and I need to move it. I was wondering if your changes survived an update or got over-written by yunohost?
I know this post is two years old, but that actually works in favour of the question
Else, is there another way not involving the overkill of seafile/nextcloud?

marc · September 19, 2024, 5:35pm

Hello, I created an app, available in Yunohost Catalog.
Thus any update of Yunohost keeps the webdav server alive
see
https://apps.yunohost.org/app/my_webdav

jarod5001 · September 19, 2024, 6:59pm

Nice, if I understand correctly, every user has a folder served over webdav and the app can’t be installed multiple times.

Thanks for making it.

gemlog · September 20, 2024, 12:36am

Hi, thank you, yes - that was my first stop!
Unfortunately, it is shown as broken, so I was afraid to install it

marc · September 20, 2024, 4:54pm

Hi,
This is broken because of some automatic tests
These tests fail, but they should not be passed .
I am working on changing them. I think it should be ok next week

Nevertheless, i installed it on my machine. It works

gemlog · September 21, 2024, 1:00am

Thank you sir, I will try it then
I installed nextcloud last night and it broke for webdav saying nginx wasn’t cfg’d correctly. I just came home from work to tackle that new problem, but I’ll uninstall NC and try yours instead. Thank you very much!
Edit: I have nuked nextcloud and installed my_webdav successfully! I’ve also connected with Joplin. Right now I’m making a tarball on my normal vps to copy to my yunohost vps. I will undo it in the multimedia dir.
Edit2: Success! I have sync’d joplin on my OG pinephone and my desktop. Thank you for replying my question. It seems to work just fine. It should not be marked broken in yh.