webDAV server using nginx module

airwoodix · September 1, 2020, 9:59pm

Hello!

As a follow-up to this question, does anyone have experience with serving webDAV requests using the built-in nginx module (with dav-ext) rather than a heavy app like seafile or nextcloud?

My naive try did not succeed. With the config below, a PROPFIND request to https://my-domain.tld/webdav gets redirected (302) to https://my-domain.tld/yunohost/sso which then logically fails with 405 (method not supported). I guess that the authentication is not handled properly. Any idea how to fix this?

Thanks in advance!

nginx config (/etc/nginx/conf.d/my-domain.tld.d/webdav.conf)

rewrite ^/webdav$ /webdav/ permanent;
location /webdav/ {
    # Force usage of https
    if ($scheme = http) {
    rewrite ^ https://$server_name$request_uri? permanent;
    }

    root /var/www/webdav;
    client_body_temp_path /tmp/nginx/client;

    dav_methods PUT DELETE MKCOL COPY MOVE;
    dav_ext_methods PROPFIND OPTIONS;
    create_full_put_path on;
    dav_access user:rw;

    include conf.d/yunohost_panel.conf.inc;
}

ljf · September 2, 2020, 11:15am

You need to add a persistent rules in SSOWat ( see /etc/ssowat ). the rule should disable sso on request /webdav/ . For example with skipped_uris property.

ivancan · September 2, 2020, 3:03pm

dav_access user:rw;

You have no yunohost user on the system, but admin.

example: if you create titi in yunohost, titi can not login via SSH (user)

so, either ngnix to LDAP or LDAP to PAM

let’s look at the options.

Any experts around ?

ljf · September 2, 2020, 3:19pm

Yunohost user are like system user thanks to the service nscdu (if i remember well). You can login with ssh if you enable the access (not recommended).

marc · October 22, 2022, 4:11pm

Hi,
I managed to create a Webdav server thanks to your discussion and to the nginx webdav documentation

I created a file named webdav.conf in /etc/nginx/conf.d/mon-domain.tld.d

rewrite ^/webdav$ /webdav/ permanent;
location /webdav/ {

    root     /var/www;

    client_body_temp_path /var/www/webdav_client_temp;

    dav_methods PUT DELETE MKCOL COPY MOVE;

    create_full_put_path  on;
    dav_access            group:rw  all:r;


  # Include SSOWAT user panel.
  include conf.d/yunohost_panel.conf.inc;
}

Then i created directories mentionned in this webavconf,

mkdir /var/www/webdav
mkdir /var/www/webdav_client_temp
chmod 777 /var/www/webdav
chmod 777 /var/www/webdav_client_temp

Of course, these chmod are not satisfying, they should be restricted to yunohost users

Then i edited the ssowat config to allow the connexion
it is in /etc/ssowat/conf.json

in "permissions":, i added


        "webdav.main": {
            "auth_header": true,
            "label": "Webdav",
            "public": true,
            "show_tile": true,
            "uris": [
                "mon-domain.tld/webdav"
            ],
            "users": [
                "utilisateur1",
                "uilisateur2" (etc)
            ]
        }

I restarted the nginx service
It works

I hope this can help

Maybe it would be convenient to transform this in a full Yunohost application.
Can somebody help?

gwlegion · February 7, 2023, 3:43pm

+1 for the webdav application …

Maknho · April 30, 2023, 7:35am

+1 for the
webdav app

gemlog · September 19, 2024, 2:41am

Hi, I have the same need. I currently have a webdav on a non-yunohost vps and I need to move it. I was wondering if your changes survived an update or got over-written by yunohost?
I know this post is two years old, but that actually works in favour of the question
Else, is there another way not involving the overkill of seafile/nextcloud?

marc · September 19, 2024, 5:35pm

Hello, I created an app, available in Yunohost Catalog.
Thus any update of Yunohost keeps the webdav server alive
see
https://apps.yunohost.org/app/my_webdav

jarod5001 · September 19, 2024, 6:59pm

Nice, if I understand correctly, every user has a folder served over webdav and the app can’t be installed multiple times.

Thanks for making it.

gemlog · September 20, 2024, 12:36am

Hi, thank you, yes - that was my first stop!
Unfortunately, it is shown as broken, so I was afraid to install it

marc · September 20, 2024, 4:54pm

Hi,
This is broken because of some automatic tests
These tests fail, but they should not be passed .
I am working on changing them. I think it should be ok next week

Nevertheless, i installed it on my machine. It works

gemlog · September 21, 2024, 1:00am

Thank you sir, I will try it then
I installed nextcloud last night and it broke for webdav saying nginx wasn’t cfg’d correctly. I just came home from work to tackle that new problem, but I’ll uninstall NC and try yours instead. Thank you very much!
Edit: I have nuked nextcloud and installed my_webdav successfully! I’ve also connected with Joplin. Right now I’m making a tarball on my normal vps to copy to my yunohost vps. I will undo it in the multimedia dir.
Edit2: Success! I have sync’d joplin on my OG pinephone and my desktop. Thank you for replying my question. It seems to work just fine. It should not be marked broken in yh.

mateMatt · October 25, 2025, 4:15pm

Hi @marc, I have installed the package, and in an attempt to sync my zotero library, it says I don’t have the write permissions on the folder. It was clear because Zotero offers the option to create the folder, and it was refused.
I ran a chmod command with my user name and group multimedia, since all the other folders were with identical metadata, but it does not change the limitation of rights.
Do you know what would be the root of the problem here?
Many thanks

marc · October 29, 2025, 6:20pm

Hi Mathieu
When Yunohost gets your credentials, it connects to the webdav. i dont remember if the user used for writing on the filesystem is your login or www-data.

Never mind, did you try to connect to your Webdav from another computer?
if so, are you able to create a folder?

marc