Loading ...
Sorry, an error occurred while loading the content.

Re: UnSlung -- lighttpd/WebDAV/SSL/Authentication [UPDATE]

Expand Messages
  • sruckh
    ... mod_accesslog. ... help. ... I tried to change the SSL settings (see below), but it did not have any impact. $SERVER[ socket ] == 192.168.1.254:8443 {
    Message 1 of 3 , Aug 10, 2007
    • 0 Attachment
      --- In nslu2-linux@yahoogroups.com, "sruckh" <sruckh@...> wrote:
      >
      > I am trying to get WebDAV and lighttpd working under the UnSlung
      > environment on the NSLU2.
      >
      > NOTE: My lighty version is as follows.
      > lighttpd-1.4.16 (ssl) - a light and fast webserver
      > Build-Date: Jul 26 2007 15:22:56
      >
      > lighttpd is installed and seems to be functioning normally (ie, it
      > serves up the default web page in
      > /opt/share/www/lighttpd/ ).
      >
      > The ultimate goal is to get lighty working with WebDAV, SSL, and user
      > authentication.
      >
      > The following modules are enabled:
      >
      > mod_access, mod_webdav, mod_fastcgi, mod_simple_vhost, and
      mod_accesslog.
      >
      > The main lighttpd binding port is 8000
      > server.port = 80000
      >
      > The following is from the lighttpd.conf file.
      >
      > [SNIP]
      >
      > $SERVER["socket"] == "192.168.1.254:8443" {
      > var.host-root = "/"
      > server.document-root = var.host-root + "public/"
      > accesslog.filename =
      > "/opt/var/log/lighttpd/webdav.example.domain/access_ssl.log"
      > server.errorlog =
      > "/opt/var/log/lighttpd/webdav.example.domain/error_ssl.log"
      > webdav.activate = "enable"
      > webdav.is-readonly = "disable"
      > webdav.sqlite-db-name =
      > "/opt/etc/lighttpd/webdav.example.domain/webdav_lock_ssl.db"
      > $HTTP["url"] =~ "^/" {
      > auth.backend = "htpasswd"
      > auth.debug = 2
      > auth.backend.htpasswd.userfile = var.host-root +
      > "public/.passwd"
      > auth.require = ("/" =>
      > (
      > "method" => "basic",
      > "realm" => "example.domain webdav",
      > "require" => "valid-user"
      > )
      > )
      > ssl.engine = "enable"
      > ssl.pemfile =
      > "/opt/etc/lighttpd/webdav.example.domain/webdav.example.domain.pem"
      > ssl.ca-file =
      > "/opt/etc/lighttpd/webdav.example.domain/rootca.cacert.org.crt"
      > }
      > }
      >
      > $HTTP["host"] =~ "webdav.example.domain" {
      > var.host-root = "/webdav/webdav.example.domain"
      > server.document-root = var.host-root + "/"
      > webdav.activate = "enable"
      > webdav.is-readonly = "disable"
      > auth.backend = "htpasswd"
      > auth.backend.htpasswd.userfile = var.host-root + "/.passwd"
      > auth.require = ("/data/" =>
      > (
      > "method" => "basic",
      > "realm" => "WebDAV gemneye.org",
      > "require" => "valid-user"
      > )
      > )
      > }
      >
      > Although this configuration passes lighty's parsing and allows the
      > server to start, it does not
      > appear to function as I would like.
      >
      > In the non-SSL section I am trying to share the physical directory
      > /webdav/webdav.example.domain/data. To connect I am trying to use the
      > following URL:
      >
      > http://webdav.example.domain:8000/data/
      >
      > In the SSL portion I am trying to share the physical directory
      > /public. To connect I am trying to
      > use the following URL:
      >
      > https://webdav.example.domain:8443/
      >
      > NOTE: webdav.example.domain resolves to 192.168.1.254
      >
      > I am not able to connect using either URL. I have tried turning off
      > authentication to see if it
      > helps, but the end result does not change. I can not connect (using a
      > Windows XP workstation).
      >
      > I do not get any errors in the error logs. I do get a hit in the
      > access log, but that is it.
      >
      > Does anyone have lighty, WebDAV, SSL, and authentication working under
      > UnSlung? If so can you
      > please post a working configuration and an explanation of the physical
      > file system? If you can spot
      > the errors in my configuration can you please point them out?
      >
      > I have not been able to get this setup working, and I could use some
      help.
      >
      > Thank You.
      >

      I tried to change the SSL settings (see below), but it did not have
      any impact.

      $SERVER["socket"] == "192.168.1.254:8443" {
      ssl.engine = "enable"
      ssl.pemfile =
      "/opt/etc/lighttpd/webdav.example.domain/webdav.example.domain.pem"
      ssl.ca-file =
      "/opt/etc/lighttpd/webdav.example.domain/rootca.cacert.org.crt"
      server.name = "webdav.example.domain"
      var.host-root = "/"
      server.document-root = var.host-root + "public/"
      accesslog.filename =
      "/opt/var/log/lighttpd/webdav.example.domain/access_ssl.log"
      server.errorlog =
      "/opt/var/log/lighttpd/webdav.example.domain/error_ssl.log"
      webdav.activate = "enable"
      webdav.is-readonly = "disable"
      webdav.sqlite-db-name =
      "/opt/etc/lighttpd/webdav.example.domain/webdav_lock_ssl.db"
      auth.backend = "htpasswd"
      auth.debug = 2
      auth.backend.htpasswd.userfile = var.host-root + "public/.passwd"
      auth.require = ("/" =>
      (
      "method" => "basic",
      "realm" => "example.domain webdav",
      "require" => "valid-user"
      )
      )
      }

      Your help is appreciated.
    • Scott Ruckh
      ... Even this non-SSL (simple) configuration fails: $HTTP[ host ] =~ webdav.example.domain { var.host-root = /webdav/webdav.example.domain
      Message 2 of 3 , Aug 10, 2007
      • 0 Attachment
        >
        > I tried to change the SSL settings (see below), but it did not have
        > any impact.
        >
        > $SERVER["socket"] == "192.168.1.254:8443" {
        > ssl.engine = "enable"
        > ssl.pemfile =
        > "/opt/etc/lighttpd/webdav.example.domain/webdav.example.domain.pem"
        > ssl.ca-file =
        > "/opt/etc/lighttpd/webdav.example.domain/rootca.cacert.org.crt"
        > server.name = "webdav.example.domain"
        > var.host-root = "/"
        > server.document-root = var.host-root + "public/"
        > accesslog.filename =
        > "/opt/var/log/lighttpd/webdav.example.domain/access_ssl.log"
        > server.errorlog =
        > "/opt/var/log/lighttpd/webdav.example.domain/error_ssl.log"
        > webdav.activate = "enable"
        > webdav.is-readonly = "disable"
        > webdav.sqlite-db-name =
        > "/opt/etc/lighttpd/webdav.example.domain/webdav_lock_ssl.db"
        > auth.backend = "htpasswd"
        > auth.debug = 2
        > auth.backend.htpasswd.userfile = var.host-root + "public/.passwd"
        > auth.require = ("/" =>
        > (
        > "method" => "basic",
        > "realm" => "example.domain webdav",
        > "require" => "valid-user"
        > )
        > )
        > }
        >

        Even this non-SSL (simple) configuration fails:

        $HTTP["host"] =~ "webdav.example.domain" {
        var.host-root = "/webdav/webdav.example.domain"
        server.document-root = var.host-root + "/data/"
        webdav.activate = "enable"
        webdav.is-readonly = "enable"
        webdav.sqlite-db-name =
        "/opt/etc/lighttpd/webdav.example.domain/webdav_lock.db"
        }

        I can serve up .html and .php content from the name based document-root,
        so I believe at least the virtual host configuration is working.
        Unfortunately I can not use Windows XP's "Add Network Connection" Wizard
        to map a WebDAV connection.

        Can someone who has this working please show me the errors of my way?

        Thanks.
      Your message has been successfully submitted and would be delivered to recipients shortly.