155 lines
4.7 KiB
TOML
155 lines
4.7 KiB
TOML
#
|
|
# Webdav server settings.
|
|
#
|
|
[server]
|
|
# Port(s) to listen on.
|
|
listen = [ "0.0.0.0:4918", "[::]:4918" ]
|
|
|
|
# Tls config.
|
|
# tls_listen = [ "0.0.0.0:443", "[::]:443" ]
|
|
# tls_cert = "/etc/ssl/certs/example.com-chained.crt"
|
|
# tls_key = "/etc/ssl/private/example.com.key"
|
|
|
|
# Unix uid/gid to run under (when not running setuid as user).
|
|
# Optional - if not set, will not change uid.
|
|
uid = 33
|
|
gid = 33
|
|
# Server: header to send (default: "webdav-server-rs")
|
|
identification = "webdav-server-rs"
|
|
|
|
#
|
|
# User settings.
|
|
#
|
|
# These are defaults. The same settings can be applied
|
|
# on the [[location]] level.
|
|
#
|
|
[accounts]
|
|
# how to authenticate: pam, htaccess.NAME (default: unset).
|
|
auth-type = "pam"
|
|
# what account "database" to use (default: unset).
|
|
acct-type = "unix"
|
|
# realm to use with basic authentication (default: "Webdav Server").
|
|
realm = "Webdav Server"
|
|
|
|
#
|
|
# PAM authentication settings.
|
|
#
|
|
[pam]
|
|
# PAM service to use.
|
|
service = "other"
|
|
# Cache timeout (secs). 0 disables the cache (default: 120).
|
|
cache-timeout = 120
|
|
# Number of thread to use for the PAM service threadpool (default: 8).
|
|
threads = 8
|
|
|
|
#
|
|
# Htpasswd authentication settings.
|
|
#
|
|
[htpasswd.example]
|
|
# htpasswd file.
|
|
htpasswd = "/etc/htpasswd.example"
|
|
|
|
# Unix account settings.
|
|
#
|
|
[unix]
|
|
# Cache timeout (secs). 0 disables the cache (default: 120).
|
|
cache-timeout = 120
|
|
# Accounts with a user-id lower than this value cannot login (default: 0).
|
|
min-uid = 1000
|
|
|
|
#
|
|
# Below follow a number of locations. Each location definition starts with
|
|
# [[location]] (literally). For every request, the "path" and "methods"
|
|
# settings of each location are checked in the same order # as they appear
|
|
# in this file. The first one that matches is used.
|
|
#
|
|
|
|
##
|
|
## Example location. Lists all settings.
|
|
##
|
|
[[location]]
|
|
# Matching route(s) to the resource.
|
|
#
|
|
# As is the convention with many http routers, you can use :PARAMETER
|
|
# (path element match) or *PARAMETER (path wildcard match) in the
|
|
# path definition. Everything between parentheses is optional.
|
|
#
|
|
# Currently 2 parameters can be used:
|
|
#
|
|
# - "path" is the part of the path to map to the filesystem
|
|
# - "user" matches the currently authenticated user.
|
|
#
|
|
# A couple of examples:
|
|
#
|
|
# - For authenticated webdav sessions: [ "/:user/*path" ] or [ "/:user(/*path)" ]
|
|
# - For serving / but no dirs below it: [ "/(:path)" ]
|
|
# - For serving / and everything below it: [ "/*path" ]
|
|
#
|
|
# Note that only "path" is what is applied to the "directory" setting to
|
|
# form a path on the filesystem. So route = [ "/loca/tion/*path" ] and
|
|
# directory = "/var/www/html" will serve the content of /var/www/html
|
|
# at the http path /loca/tion/.
|
|
#
|
|
# If there is no route defined, the location is ignored.
|
|
route = [ "/*path" ]
|
|
|
|
# Allowed methods (default: all).
|
|
#
|
|
# List of individual methods, or one of:
|
|
#
|
|
# http-ro: GET, HEAD
|
|
# http-rw: GET, HEAD, PUT
|
|
# webdav-ro: GET, HEAD, OPTIONS, PROPFIND
|
|
# webdav-rw: GET, HEAD, OPTIONS, PROPFIND, PUT, PATCH, PROPPATCH,
|
|
# MKCOL, COPY, MOVE, DELETE, LOCK, UNLOCK
|
|
methods = [ "webdav-ro" ]
|
|
|
|
# Authenticate? true, false, opportunistic, write (default: opportunistic).
|
|
#
|
|
# "opportunistic": means "if you send an Authorization: header, we'll check it".
|
|
# "write": means "for methods in webdav-rw that are not in webdav-ro".
|
|
auth = "false"
|
|
|
|
# Type of handler: filesystem, virtroot. Mandatory.
|
|
#
|
|
# The filesystem handler is what you would expect.
|
|
#
|
|
# The virtroot handler is a special handler for PROPFIND requests on
|
|
# authenticated sessions, i.e. where we have a username. It is useful
|
|
# when you have your webdav clients all under, say, /:user/*path.
|
|
# In that case, normally a PROPFIND of "/" would return either NOT_FOUND
|
|
# or the contents of the directory of some [[location]]. If the handler
|
|
# is set to "virtroot", a PROPFIND will list exactly one subdirectory,
|
|
# with the name of the authenticated user.
|
|
#
|
|
handler = "filesystem"
|
|
|
|
# what to do on 404 Not Found: continue, return (default: return).
|
|
on_notfound = "return"
|
|
|
|
# Change UID/GID to that of the authenticated user: true, false (default: false).
|
|
setuid = false
|
|
|
|
# Directory to serve. Mandatory.
|
|
#
|
|
# You can use "~" to indicate "homedirectory of authenticated user".
|
|
#
|
|
directory = "/var/www/html"
|
|
|
|
# Index file to serve when you GET a directory (if it exists) (default: none).
|
|
#indexfile = "index.html"
|
|
|
|
# Serve HTML directory indexes: true, false (default: false).
|
|
autoindex = false
|
|
|
|
# webdav PROPFIND: hide symbolic links: true, false (default: true).
|
|
hide-symlinks = true
|
|
|
|
# case insensitive lookups: true, false, ms (default: false).
|
|
# "ms" means "for Microsoft clients".
|
|
case-insensitive = "false"
|
|
|
|
# Another location definition could follow.
|
|
#[[location]]
|
|
|