Sunday, 20 July 2014

How to build a read only file server using Apache in Debian


This post explains how to create an anonymous read only file server using apache web server in Debian.

INSTALL APACHE


First we need apache installed in our system:

Debian:
$ sudo aptitude install apache2

In my system: apache 2.4.9-2 version gets installed.


Centos:
$ sudo yum install httpd


HOW TO LISTEN TO A PORT DIFFERENT FROM 80


We will set our file server to listen on port 2221.


Edit /etc/apache2/ports.conf and add this line:
Listen 2221

Restart apache server:
$ sudo apache2ctl restart

After having apache listening on port 2221 we will be able to edit configuration file to add a virtual host for that port.

<VirtualHost *:2221>
...
</VirtualHost><

http://httpd.apache.org/docs/current/bind.html


ENABLE REWRITE MODULE


If we want to rewrite the url passed from the browser:

Enable rewrite module:
# a2enmod rewrite

To activate the new configuration, you need to restart apache:
# service apache2 restart


In config file we will rewrite root to fserver:
RewriteRule ^/$  /fserver  [R]


ALIAS


Alias command in config file allows us to set the file server in a different directory from document root.


NOTE: If there are several aliases, first one matches first.
So more restrictive ones should come before.

We set our server actual directory in /srv/Share.
Alias /fserver /srv/Share


GRANT PERMISSIONS


Permissions are granted in configuration file.


Granting permission to everyone:

Require all granted


Grant permission depending on the ip value:

Require ip 192.168.0 192.168.1 127.0.0.1

I.e: grants permission to networks 192.168.0.* 192.168.1.* and localhost.


SHOW AN INDEX OF A DIRECTORY


Displays a directory list as default index.

Options +Indexes


CREATE SPECIFIC LOGS FOR THE FILE SERVER


Following commands create file_server_error.log and file_server_access.log in apache general log directory:

ErrorLog ${APACHE_LOG_DIR}/file_server_error.log
CustomLog ${APACHE_LOG_DIR}/file_server_access.log combined

$ sudo ls /var/log/apache2/
access.log  file_server_access.log  other_vhosts_access.log
error.log   file_server_error.log


CREATE APACHE CONFIGURATION FOR OUR FILE SERVER


Using the keys provided before we finally set our configuration file:

Create and edit /etc/apache2/sites-available/001-file-server.conf

<VirtualHost *:2221>

    DocumentRoot /var/www/html

    Alias /fserver /srv/Share

    # turning on mod rewrite
    RewriteEngine on

    RewriteRule ^/$  /fserver  [R]

    <Directory /srv/Share/>
 AllowOverride None
        Options +Indexes
#       Require all granted
 Require ip 192.168.0 192.168.1 127.0.0.1
    </Directory>

    ErrorLog ${APACHE_LOG_DIR}/file_server_error.log
    CustomLog ${APACHE_LOG_DIR}/file_server_access.log combined

</VirtualHost>


SETTING ACTUAL DIRECTORY WITH SHARED FILES.

Create the directory where shared files will reside:
$ mkdir /srv/Share && cd /srv/Share

Copy there whatever files you want to share.
$ cp whatever /srv/Share

Set those files to the same group as apache server:
$ sudo chgrp -R www-data /srv/Share

Grant read permissions for group to files, and execution permissions to directories:
$ find /srv/Share -type d | xargs -I foo chmod 750 'foo'
$ find /srv/Share -type f -print0 | xargs -0 -I foo chmod 640 'foo'



Enable the configuration file

$ sudo a2ensite 001-file-server

$ sudo service apache2 reload


Our file server should work, in a web browser you could type: http://localhost:2221/fserver

and a directory listing should appear.


Custom Footer


If we want to create a customized footer for our file server:

E.g:
$ cat FOOTER.html

<!-- Footer -->

<a href="http://linuxclues.blogspot.com"><b>Linux Clues Blog</b></a>

We copy it to apache root directory:
# cp FOOTER.html /var/www/html/ -v

And edit config file:
<Directory>
...
    ReadmeName /FOOTER.html
#    IndexIgnore FOOTER.html
</Directory>

If FOOTER.html path starts with / it is referred to document root, and it applies to every directory within the file server.

ReadmeName FOOTER.html applies to current directory only, and FOOTER.html should be placed in that directory.

IndexIgnore avoids FOOTER.html to be listed (if placed in the same directory as files).


Reload apache configuration:
# service apache2 reload


Customized HEADER


If we want to create a customized header for our file server pages:

E.g:
# cat HEADER.html 

<!-- HEADER -->

<h1>FILE REPOSITORY</h1>

<hr/>

<!-- End of HEADER -->

To enable the header we will use HeaderName command within config file:
http://httpd.apache.org/docs/trunk/mod/mod_autoindex.html#headername

<Directory>
...
   HeaderName /HEADER.html
</Directory>

If we set a file named HEADER.html in a directory, apache uses that as default header for that directory, and HeaderName command is not needed.


Reload apache configuration:
# service apache2 reload


Reference


$ man a2ensite

$ man a2enconf

http://httpd.apache.org/docs/2.2/mod/mod_autoindex.html

http://httpd.apache.org/docs/2.2/mod/core.html#directory

http://httpd.apache.org/docs/2.2/mod/mod_alias.html

https://wiki.apache.org/httpd/DirectoryListings


0 comentarios: