Updated documentation to match the current implementation.

fixes #3
This commit is contained in:
Jan Dittberner 2007-11-23 20:53:20 +00:00
parent 90dbac0f20
commit 8f1c952074
8 changed files with 173 additions and 301 deletions

290
INSTALL
View file

@ -1,211 +1,161 @@
======================================= = Installation of DAVAdmin =
WebDAVAdmin installation instructions
=======================================
:Author: Jan Dittberner
:Contact: jan@dittberner.info
:Version: 0.1
:Revision: $Revision$
:Date: $Date$
:Copyright: Copyright (C) 2007 Jan Dittberner
.. contents:: To install DAVAdmin you need:
Unpack WebDAVAdmin * an Apache 2.2 webserver http://httpd.apache.org/
================== * mod_auth_digest
* mod_dav
* mod_env
* mod_auth_file
* mod_authz_groupfile
* administration privileges for the webserver or a cooperative ISP
* shell access to create administration users for you DAVAdmin installation
* for site installation you need write access to a globally available directory on the webserver host (i.e. /usr/local)
1. unpack the WebDAVAdmin distribution file somewhere:: == DAVAdmin installation ==
cd ~/tmp/ Download the release file from the [wiki:Downloads downloads page].
tar xjf webdavadmin-0.1.tar.bz2
``~/tmp/`` is just an example to be able to reference it in these Extract the release file in a directory
installation instructions
Setup PostgreSQL and your database {{{
================================== cd /usr/local
tar xzf davadmin-0.1.tar.gz
}}}
1. Install PostgreSQL by the means of your operating system. For == Apache Setup ==
Debian GNU/Linux 4.0 Etch execute::
sudo aptitude install postgresql-8.1 The following apache configuration file snippet shows the configuration of a !VirtualHost to use WebDAV for a directory {{{dav}}} inside the !VirtualHost's document root:
2. Switch to user postgres:: {{{
<VirtualHost 127.0.0.1:80>
ServerAdmin jan@davhost.example.com
ServerName dav.localhost
sudo su - postgres DavLockDb /var/run/apache2/davlock/davhost.example.com
DocumentRoot /var/www/html
and Alias /davadmin /usr/local/davadmin-0.1/admin
1) create a user for WebDAVAdmin::
createuser -SDRP myuser
when prompted type the password for the database user twice
2) create a database::
createdb --owner=myuser --encoding=UTF-8 mydb
3) exit the postgres shell
You may skip theese steps if you want to use an existing database
3. Import the schema for WebDAVAdmin::
psql -h localhost -U myuser mydb < ~/tmp/webdavadmin-0.1/setup/schema.sql
when prompted type the password for your database user.
Setup Apache
============
1. Install, enable and configure apache and the apache modules
- mod_dav
- mod_dav_fs
- mod_auth_pgsql
- libphp5
by the means of your operating system vendor. For Debian GNU/Linux 4.0
Etch this means [1]_::
sudo aptitude install apache2-mpm-prefork libapache2-mod-php5 libapache2-mod-auth-pgsql
sudo a2enmod php5
sudo a2enmod auth_pgsql
sudo a2enmod dav
sudo a2enmod dav_fs
.. [1] if you don't want to use ``sudo`` you may also switch to root.
2. Configure a VirtualHost to use WebDAV and PostgreSQL
authentication, this VirtualHost configuration could look like::
<VirtualHost *:80>
ServerName davhost.yourdomain.net
DavLockDb /var/run/apache2/davlock/davhost.yourdomain.net
DocumentRoot /var/www
<Directory /var/www/dav>
Options Indexes
Order allow,deny
allow from all
php_admin_value allow_call_time_pass_reference 1
<Directory /var/www/html/dav>
Dav on Dav on
AllowOverride AuthConfig Indexes
# Authentication/Authorization Order Allow,Deny
AuthType Basic allow from all
AuthName "WebDAVAdmin example"
AuthBasicAuthoritative Off
AuthUserFile /etc/apache2/auth/davhost.yourdomain.net.passwd
Auth_PG_host localhost
Auth_PG_port 5432
Auth_PG_user myuser
Auth_PG_pwd secret
Auth_PG_database mydb
Auth_PG_pwd_table dav_password
Auth_PG_uid_field username
Auth_PG_pwd_field password
Auth_PG_grp_table dav_group
Auth_PG_grp_user_field username
Auth_PG_grp_group_field groupname
Auth_PG_hash_type MD5
#Auth_PG_log_table dav_log
#Auth_PG_log_uname_field username
#Auth_PG_log_date_field reqdate
#Auth_PG_log_uri_field uri
#Auth_PG_log_addrs_field ipaddr
Auth_PG_authoritative on
require group davroot
</Directory> </Directory>
ErrorLog /var/log/apache2/davhost.yourdomain.net_error.log <Location /davadmin>
CustomLog /var/log/apache2/davhost.yourdomain.net_access.log combined AuthType Digest
</VirtualHost> AuthName "WebDAV Administration"
AuthDigestDomain /davadmin http://davhost.example.com/davadmin
SetEnv DavAdminConfDir /var/www/conf
The directory specified for ``DavLockDb`` must be writable for the AuthDigestProvider file
user your apache processes run as. The ``AuthUserFile`` is AuthUserFile /var/www/auth/davadmin.htdigest
specified as a fallback if your PostgreSQL database is not require valid-user
available. </Location>
Install required php modules and classes <Location /dav/>
======================================== AuthType Digest
AuthName "WebDAV on davhost.example.com"
AuthDigestDomain /dav/
WebDAVAdmin needs Smarty and a PostgreSQL PDO driver for PHP5. To AuthDigestProvider file
install these requirements perform the following step:: AuthUserFile /var/www/auth/dav.htdigest
AuthGroupFile /var/www/auth/dav.groups
</Location>
sudo aptitude install smarty php5-pgsql ErrorLog /var/log/apache2/davhost.example.com_error.log
LogLevel warn
CustomLog /var/log/apache2/davhost.example.com_access.log combined
</VirtualHost>
}}}
on operating systems other then Debian GNU/Linux consult your system The snippet is included in the release file as {{{davadmin.vhost}}} inside the directory {{{setup}}}. You will want to change the IP address, directory names, realm names ({{{AuthName}}} directive), and other settings relevant for your site.
documentation.
Copy WebDAVAdmin files All following instructions refer to the information used in the above configuration snippet. You need to make sure that you have write access to the used files or have a friendly administrator at hand who performs the tasks for you.
======================
2. create a new document root directory or a subdirectory inside an === Creating necessary files and directories ===
existing one
3. create a subdirectory which you'll later use for WebDAVAdmin:: {{{
mkdir -p /var/www/auth
mkdir -p /var/www/html/dav
mkdir -p /var/www/conf
touch /var/www/auth/dav.htdigest
touch /var/www/auth/dav.groups
touch /var/www/auth/dav.namemap
}}}
mkdir /var/www/dav === Granting neccessary write access to the apache user ===
In the following lines we assume your apache user is {{{www-data}}} ([http://www.debian.org/ Debian's] default). Consult your operating system manual to find out what is the correct username for your system.
4. copy the admin subdirectory of the unpacked webdavadmin distribution == Creation of DAVAdmin users ==
file to the directory just created:: To add DAVAdmin users you need to create the authentication file using Apache's {{{htdigest}}} tool.
cp -R webdavadmin-0.1/admin /var/www/dav/ {{{
htdigest -c /var/www/auth/davadmin.htdigest "WebDAV Administration" admin
}}}
5. set the filesystem permissions of the dav directory to allow the The tool asks you for the password for the user admin and a confirmation of the password.
user apache is running as to write to the directory
Configure WebDAVAdmin ==== Using ACLs ====
===================== If you have an ACL enabled file system you may use the following instructions to grant the necessary rights.
The WebDAVAdmin distribution contains a directory ``config`` with * grant write access to the WebDAV root:
configuration templates that you need to customize for your {{{
environment. setfacl -d -m u:www-data:rwx /var/www/html/dav
setfacl -m u:www-data:rwx /var/www/html/dav
}}}
1. ``dbsettings.inc.php`` * grant write access to the authentication and authorization files
{{{
setfacl -m u:www-data:rw- /var/www/auth/dav.htdigest /var/www/auth/dav.groups /var/www/auth/dav.namemap
}}}
This file contains the settings for your database connection. The ==== Without using ACLs ====
file should be placed outside the document root for security If you cannot use ACLs you have two options:
reasons. A customized version of this file may look like::
<?php * making the directories and files world writable
/** Data source name. */ {{{
$dsn = "pgsql:host=localhost port=5432 dbname=mydb"; chmod 0777 /var/www/html/dav
/** Database user. */ chmod 0666 /var/www/auth/dav.htdigest /var/www/auth/dav.groups /var/www/auth/dav.namemap
$dbuser = "myuser"; }}}
/** Database password. */
$dbpass = "secret";
?>
2. ``config.inc.php`` * changing the owner of the files to the apache user
{{{
chown www-data /var/www/html/dav
chown www-data /var/www/auth/dav.htdigest /var/www/auth/dav.groups /var/www/auth/dav.namemap
}}}
This file contains the absolute path to your WebDAVAdmin == DAVAdmin configuration ==
installation and to your ``dbsettings.inc.php``. A customized
version of this file could be::
<?php DAVAdmin is configured via a file {{{config.inc.php}}} in the directory defined via the {{{SetEnv DavAdminConfDir}}} directive in the apache configuration. For the above setup the configuration file has the following content:
/** DAV area root directory. */
define(DAV_ROOT, '/var/www/dav');
/** Include the database settings. */ {{{
include_once('/etc/webdavadmin/dbsettings.inc.php'); <?php
?> /*
* DavAdmin configuration file.
*/
After adapting the contents to your environment put this file into $davconfig = array(
your WebDAVAdmin directory. For example:: 'compile_dir' => '/var/www/templates_c',
'digest.file' => '/var/www/auth/dav.htdigest',
'group.file' => '/var/www/auth/dav.groups',
'namemap.file' => '/var/www/auth/dav.namemap',
'dav.dir' => '/var/www/html/dav',
'dav.realm' => 'WebDAV on davhost.example.com',
'dav.uri' => 'http://davhost.example.com/dav/',
);
?>
}}}
cp config.inc.php /var/www/dav/admin/ == Restart apache ==
Be sure to make the subdirectory templates_c of your WebDAVAdmin To make the setup active you need to restart your apache webserver. On a Debian system with {{{sudo}}} use:
directory writable for your apache user [2]_.
.. [2] you could use chown, chmod and/or ACLs to perform this task {{{
sudo invoke-rc.d apache2 restart
Now you should be able to use your installation of WebDAVAdmin by }}}
opening the URL http://davhost.yourdomain.net/dav/admin/ (if you just
followed this instructions).
For other systems please read the manuals on how to restart the apache webserver.

17
README
View file

@ -17,23 +17,6 @@ The goal of this software is to provide an easy to use administration
interface for a WebDAV repository using mod-auth-pgsql as its interface for a WebDAV repository using mod-auth-pgsql as its
authentication and authorization source. authentication and authorization source.
Requirements
============
To use this software you need an Apache webserver configured with the
dav module and mod-auth-pgsql, PHP 5 with PostgreSQL PDO driver, the
Smarty_ template engine and a PostgreSQL database. The software has
been developed using the versions contained in Debian GNU/Linux 4.0
Etch.
- Apache 2.2.3
- PostgreSQL 8.1.8
- mod-auth-pgsql 2.0.3
- PHP 5.2.0
- Smarty 2.6.14
.. _Smarty: http://smarty.php.net/
Installation Installation
============ ============

1
TODO
View file

@ -3,4 +3,3 @@ TODO
- create an installer - create an installer
- setup admin user during installation - setup admin user during installation
- better integration into existing databases

View file

@ -5,10 +5,12 @@
$davconfig = array( $davconfig = array(
// Absolute path to template compile dir // Absolute path to template compile dir
'compile_dir' => '/home/www/dav/templates_c', 'compile_dir' => '/var/www/templates_c',
'digest.file' => '/home/www/dav/auth/dav.htdigest', 'digest.file' => '/var/www/auth/dav.htdigest',
'group.file' => '/home/www/dav/auth/dav.groups', 'group.file' => '/var/www/auth/dav.groups',
'namemap.file' => '/home/www/dav/auth/dav.namemap', 'namemap.file' => '/var/www/auth/dav.namemap',
'dav.dir' => '/home/www/dav/html/dav', 'dav.dir' => '/var/www/html/dav',
); 'dav.realm' => 'WebDAV on davhost.example.com',
'dav.uri' => 'http://davhost.example.com/dav/',
);
?> ?>

View file

@ -1,36 +0,0 @@
<?php
/**
* Database settings.
*
* @author Jan Dittberner <jan@dittberner.info>
* @version $Id$
* @license GPL
* @package WebDAVAdmin
*
* Copyright (c) 2007 Jan Dittberner
*
* This file is part of WebDAV administration.
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License as
* published by the Free Software Foundation; either version 2 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
* 02110-1301 USA.
*/
/** Data source name. */
$dsn = "pgsql:host=localhost port=5432 dbname=@dbname@";
/** Database user. */
$dbuser = "@dbuser@";
/** Database password. */
$dbpass = "@dbpass@";
?>

42
setup/davadmin.vhost Normal file
View file

@ -0,0 +1,42 @@
<VirtualHost 127.0.0.1:80>
ServerAdmin jan@davhost.example.com
ServerName davhost.example.com
DavLockDb /var/run/apache2/davlock/davhost.example.com
DocumentRoot /var/www/html
Alias /davadmin /usr/local/davadmin-0.1/admin
php_admin_value allow_call_time_pass_reference 1
<Directory /var/www/html/dav>
Dav on
AllowOverride AuthConfig Indexes
Order Allow,Deny
allow from all
</Directory>
<Location /davadmin>
AuthType Digest
AuthName "WebDAV Administration"
AuthDigestDomain /davadmin http://davhost.example.com/davadmin
SetEnv DavAdminConfDir /var/www/conf
AuthDigestProvider file
AuthUserFile /var/www/auth/davadmin.htdigest
require valid-user
</Location>
<Location /dav/>
AuthType Digest
AuthName "WebDAV on davhost.example.com"
AuthDigestDomain /dav/
AuthDigestProvider file
AuthUserFile /var/www/auth/dav.htdigest
AuthGroupFile /var/www/auth/dav.groups
</Location>
ErrorLog /var/log/apache2/davhost.example.com_error.log
LogLevel warn
CustomLog /var/log/apache2/davhost.example.com_access.log combined
</VirtualHost>

View file

@ -1,25 +0,0 @@
CREATE TABLE dav_password (
uid SERIAL PRIMARY KEY,
username VARCHAR(16) NOT NULL UNIQUE,
password VARCHAR(34) NOT NULL,
firstname VARCHAR(64),
lastname VARCHAR(64)
);
CREATE TABLE dav_group (
gid SERIAL PRIMARY KEY,
username VARCHAR(16) NOT NULL REFERENCES dav_password(username),
groupname VARCHAR(32) NOT NULL,
UNIQUE(username, groupname)
);
CREATE TABLE dav_log (
logid SERIAL PRIMARY KEY,
username VARCHAR(16),
reqdate VARCHAR(20),
uri TEXT,
ipaddr VARCHAR(16)
);
INSERT INTO dav_password (username, password) VALUES ('admin', md5('secret'));
INSERT INTO dav_group (username, groupname) VALUES ('admin', 'davadmin');

View file

@ -1,43 +0,0 @@
<VirtualHost 127.0.0.1:80>
ServerAdmin jan@dittberner.info
ServerName dav.localhost
DavLockDb /var/run/apache2/davlock/davhost.localhost
DocumentRoot /home/www/dav/html
Alias /davadmin /home/jan/work/projects/davadmin/trunk/admin
php_admin_value allow_call_time_pass_reference 1
<Directory /home/www/dav/html/dav>
Dav on
AllowOverride AuthConfig Indexes
Order Allow,Deny
allow from all
</Directory>
<Location /davadmin>
AuthType Digest
AuthName "WebDAV Administration"
AuthDigestDomain /davadmin http://dav.localhost/davadmin
SetEnv DavAdminConfDir /home/www/dav/conf
AuthDigestProvider file
AuthUserFile /home/www/dav/auth/davadmin.htdigest
require valid-user
</Location>
<Location /dav/>
AuthType Digest
AuthName "WebDAV on dav.localhost"
AuthDigestDomain /dav/
AuthDigestProvider file
AuthUserFile /home/www/dav/auth/dav.htdigest
AuthGroupFile /home/www/dav/auth/dav.groups
</Location>
ErrorLog /var/log/apache2/davhost.localhost_error.log
LogLevel warn
CustomLog /var/log/apache2/davhost.localhost_access.log combined
</VirtualHost>