Ubuntu : Apache 2 WebDAV with Directory List

At times, we need to serve some sort of file sharing over the Internet but instead of just grant the access anonymously, we need also to control who can access it. And also some SSL encryptions along the way.

The instructions herein are based on Ubuntu Server v.22.04.3 system, a TrueNAS Scale and all in the same VLAN.

The TrueNAS Scale server already have Samba Service (SMB) enabled with all the necessary credentials and folders permissions created.

1. As always, ensure the Ubuntu repositories are up-to-date. If there are "Kernel" update, a system restart is required.

sudo apt update && sudo apt upgrade -y

2. Next is to install Apache2 server.

sudo apt install apache2 -y

3. Now we need to create a folder to hold the website. Replace "demo.com.my" with your domain name. You can also a Dynamic DNS, ensure the DDNS is updated.

sudo mkdir /var/www/demo.com.my

4. Next is to assign the proper ownership and access to the new folder. Replaced the text in "Red" accordingly.

sudo chown -R $USER:$USER /var/www/demo.com.my

sudo chmod -R 755 /var/www/demo.com.my

5. For testing purposes, we need to create a temporary "index.html" file so that we can be sure the website is working as expected. Replaced the text in "Red" accordingly.

sudo nano /var/www/demo.com.my/index.html

6. Type-in the following scripts.

<html>     <head>         <title>WELCOME TO MY WEBSITE</title>     </head>     <body>         <h1>MY WEBSITE IS WORKING !</h1>     </body> </html>

7. Next is to create apache's configuration file that correspond to the website. Replaced the text in "Red" accordingly.

sudo nano /etc/apache2/sites-available/demo.com.my.conf

8. Type-in the following configuration scripts. Replace text in "Red" accordingly.

<VirtualHost *:80>     ServerAdmin webmaster@localhost     ServerName demo.com.my     ServerAlias www.demo.com.my     DocumentRoot /var/www/demo.com.my     ErrorLog ${APACHE_LOG_DIR}/error.log     CustomLog ${APACHE_LOG_DIR}/access.log combined </VirtualHost>

9. Then we need to enable the new site. Replaced the text in "Red" accordingly.

sudo a2ensite demo.com.my.conf

10. Next is to disabled the "Default" site.

sudo a2dissite 000-default.conf

11. To ensure the configuration file is error free, perform a simple test. The result of the test return back should have "Syntax OK" displayed on the screen.

sudo apache2ctl configtest

12. Now, restart apache2 services.

sudo systemctl restart apache2

13. Next is to test whether the apache server is running correctly or not, open any preferred browser and browse to the URL. You will see the simple text word created earlier in the "index.html" file. Replaced the text in "Red" accordingly.

http://demo.com.my

In case, that the DNS is not up-to-date; you can use IP Address instead. Replaced the text in "Red" accordingly.

http://[IP Address]

13. In order for the server to access the TrueNAS Scale's SMB service, we need to install CIFS Utility.

sudo apt install cifs-utils -y

14. After installation complete, we now need to create a "Mount Point" or folder in the server first. Replaced the text in "Red" accordingly.

sudo mkdir /mnt/samba_share

15. Now, assuming that my TrueNAS Scale's IP Address is "192.168.0.2", where the intended share folder name is "Public", we need to manually mount the share to our local mount point. Replaced the text in "Red" accordingly.

sudo mount -t cifs //192.168.0.2/public -o username=demo_user /mnt/samba_share

You will be prompted for the password, type-in the password that corresponds to the credentials in TrueNAS Scale.

16. Next is to enabled the "WebDAV" module in Apache2 and restart the service.

sudo a2enmod dav

sudo a2enmod dav_fs

sudo systemctl restart apache2

17. Grant the proper access permissions for apache to that folder. Replaced the text in "Red" accordingly.

sudo chown www-data:www-data /mnt/samba_share

18. We need to create a folder location to store WedDAV's database file for storing username and password that have access to the webdav services.

sudo mkdir -p /usr/local/apache/var

19. Now, we need to modify the configuration of the website to work with webdav. Replaced the text in "Red" accordingly.

DavLockDB /usr/local/apache/var/DavLock <VirtualHost *:80>     ServerAdmin webmaster@localhost     ServerName demo.com.my     ServerAlias www.demo.com.my     DocumentRoot /var/www/demo.com.my     ErrorLog ${APACHE_LOG_DIR}/error.log     CustomLog ${APACHE_LOG_DIR}/access.log combined     Alias /samba_share /mnt/samba_share     <Directory /mnt/samba_share>         Options Indexes         DAV ON         AuthType Digest         AuthName "webdav"         AuthUserFile /usr/local/apache/var/users.password         Require valid-user     </Directory> </VirtualHost>

20. Verify the configurations and restart apache2 service.

sudo apache2ctl configtest

sudo systemctl restart apache2

21. Next is to create the WebDAV's database file for storing the username and password, the password is encrypted in the file.

sudo touch /usr/local/apache/var/users.password

22. Assign the proper ownership to the file.

sudo chown www-data:www-data /usr/local/apache/var/users.password

23. Next is to create the first user into the database. Replaced the text in "Red" accordingly

sudo htdigest -c /usr/local/apache/var/users.password webdav demo_user

Note :

(1) "webdav"     = Realm

You will be prompted to key-in a password for this username and re-confirm the password again. Ensure that both password matches exactly the same.

24. Now, we need to enable the Authentication Digest module in apache and restart the service.

sudo a2enmod auth_digest

sudo systemctl restart apache2

25. Once all done, we can test whether the WebDAV services is configured directly or not. Open any preferred browser and type-in the following URL. Replaced the text in "Red" accordingly

http://demo.com.my/samba_share

You should be prompted for a username and password, key-in the credentials we have created earlier for WebDAV services.

26. You might also want to configure the auto-mount for the samba services, after every-time the server restart. This step is OPTIONAL.

sudo nano /etc/fstab

Type-in the following configurations. Replaced the text in "Red" accordingly

//192.168.0.1/public /mnt/samba_share cifs username=demo_user,password=demo123 0 0

27. If you want to allow access from External Internet, it is advised to have SSL Certificate (Let's Encrypt) installed. Also ensure that your "Router" or "Firewall" have the appropriate port "Whitelisted" or enabled "Port Forwarding" accordingly. (eg. 443/TCP)

sudo apt install certbot python3-certbot-apache -y

28. Now request for a new SSL Certificate from Let's Encrypt.

sudo certbot --apache

29. You will be prompted for an email address, please ensure the email address you type-in is "VALID", this is to ensure you will receive email notification about the renewal of the SSL Certificate.

Also you must agreed to Let's Encrypt's Terms and Conditions of use, type-in "Y" to accept it.

You can also opt-in to their newsletter and marketing materials, but as this is a demo I have chosen "N" for this tutorials.

30. Next, you will prompted to select which domain you want to have the SSL certificate installed, in this case I will just select "demo.com.my" domain, but you can also do the same steps for "www.demo.com.my" too.

31. Once everything is completed, we need to restart apache2 services again.

sudo systemctl restart apache2

32. Now we can test the new SSL certificate, open your preferred browser and type-in the following URL. Take note now we are using "HTTPS" instead. Replaced the text in "Red" accordingly

https://demo.com.my/samba_share

And as expected, you should be prompted for a username and password to access the content.

!!! HAPPY COMPUTING !!!

VMWare : SATA Controller Passthrough for TrueNAS Scale

How to passthrough an onboard SATA Controller in VMWare ESXi v.6.7 Update 3 for TrueNAS Scale installation.

As the HP Z800 WorkStation comes with onboard 6-ports SATA Controller and 8-ports LSI SAS/SATA Controller, the existing LSI Controller was dedicated to VMWare ESXi v.6.7 thus leaving the SATA Controller unused.

For experiment purposes, I wanted to passthrough this SATA Controller to a VM for TrueNAS Scale use as Storage Pool and thus able to directly manage all the HDDs connected on this controller.

1. Firstly is to create a VM and install TrueNAS Scale and configure the network settings.

2. Next is to shutdown the TrueNAS VM.

3. In the ESXi Server Host, under --> Manage --> Hardware.

4. Look for --> Intel ICH10R 4-ports Controller --> Passthrough = Enable.

5. Put the ESXi Server Host into --> Maintenance Mode, and reboot the server.

6. After reboot, Exit Maintenance Mode.

7. Under the TrueNAS VM, right-click --> Edit Settings.

8. Click --> Add Other Device --> PCI Device.

9. A new hardware will be listed, ensure the new PCI Device = Intel ICH10R 4-ports Controller.

10. Boot-up the TrueNAS VM.

11. Login to TrueNAS, goto --> Storage --> Disks.

12. Now you should be able to see all the HDDs connected on that SATA Controller and proceed to create Storage Pool.

!!! HAPPY COMPUTING !!!

TrueNAS : Create a Virtual Machine (VM)

Did you know that TrueNAS can function like a Hypervisor ? TrueNAS itself can have containerization of Virtual Machine (VM).

Although its not a full scale Hypervisor (Tier-1), sometimes we just need to temporarily test an application or operating system. So it is very useful to be able to run a VM inside TrueNAS.

!!! HAPPY COMPUTING !!!

TrueNAS : Create User, Group and Samba (SMB) Share

How to create Users then add them into Group and create a Samba Share. Samba share is very useful for folder(s) and file(s) sharing between computers.

But not all folders you want to share to everyone, maybe some confidential data that only you have the access.

Users account created in TrueNAS can be assigned or added into a Group, by grouping all your users together in group will make it very easy for an administrator to manage the permissions and access of file and folder sharing.

 

!!! HAPPY COMPUTING !!!

VMWare : Enable Hard Drive's Serial Number

There are times where some Operating System (OS) needs to have the Hard Drive's Serial Number or UUID enabled for it to work correctly.

This is especially true when it comes to TrueNAS installation in VMWare ESXi server. Although it is NOT RECOMMENDED to install TrueNAS (Scale/Core) in a virtualized environment, but for some Home Lab or for testing purposes, it is OK to do so.

1. The said Virtual Machine (VM) must be shutdown first.

2. Next, edit the VM's settings.

3. Goto --> VM Options.

4. Under --> Advanced.

5. Click --> Edit Configuration.

6. Click --> Add parameter.

7. Under Key, type --> disk.EnableUUID

8. Under Value, type --> TRUE

9. Save and exit.

10. Then only power-on the VM.

The Hard Drive's Serial Number will now be automatically created by ESXi server and TrueNAS will be able to detect those Virtual Hard Drive.

!!! HAPPY COMPUTING !!!

TrueNAS : Build Your Own NAS (Network Attached Storage)

Building your own NAS (Network Attached Storage) is very easy and simple with TrueNAS. It supports a wide variety of hardware thus making it simple and easy to install.

You can make use of any old computer with at least 4GB or more and a minimum of 4 Hard Drives with any make or model, preferably with the same capacity (eg. 1TB). The performance of system will solely depends on your choice of hardware but for Home use it is more than sufficient.

There are 2 Community Edition available :-

1. TrueNAS Core
2. TrueNAS Scale

TrueNAS Core is based on BSD (Berkeley Software Distribution), it's very robust and stable.

TrueNAS Scale on the other hand is based on Debian Linux, it's also very stable and more suitable for Home use because it's using Debian Package.

While TrueNAS Enterprise is more designed towards Enterprise companies with demands on High Availability, High Performance and Professional Supports. iX System also developed and sell pre-build TrueNAS System to cater for anyone that doesn't want to build their own.

For more information about TrueNAS, please visit their website at https://www.truenas.com/

Why TrueNAS ?

Well first of all, TrueNAS is using OpenZFS. It's an Open Source Storage Platform that have functionality of both traditional file system and volume manager.

Unlike other Array Controller that required all hard drives to be in the same Make and Model, OpenZFS make use of mixed Make and Model to create a Storage "Pool" thus making it very suitable for Home use because not everyone have the same hard drive specifications laying around.

More information about OpenZFS can be found here at https://openzfs.org/wiki/Main_Page

Step-by-Step Guide :

1. Download the latest ISO file from TrueNAS website (https://www.truenas.com/).

2. Use any preferred ISO Maker/Writer to an external USB Flash Drive, a minimum of 8GB will be sufficient.

3. Once the USB Flash Drive is ready, you can plug into the computer.

4. But before installation, we need to ensure that all the hard drive is correctly detected and remove any RAID array configuration. ZFS works best without any RAID configured.

5. You will need to choose the install drive, any capacity drive will do. Preferably the first drive that is connected.

6. After that, you will be prompted to specify an Administrator's password, this password will be used to login to TrueNAS Web GUI on the later stage.

7. Once the installation completed and computer rebooted, on another computer and open your prefer browser (eg. Google Chrome) and type-in the IP Address of the server displayed at console screen.

8. Some basic configurations is required, we need to specify a Static IP Address for the server. This will ensure that everytime the server rebooted, it will use the same IP Address and also it is more easy to configure port forwarding in your router (if needed) for some applications to work.

9. Next is to create the first storage pool, you can configure as many pool(s) you want but all depends on the available hard drives. For example, ZFS-z required a minimum of 2 drives (similarly to RAID-1), if you have more than 2 hard drives (eg. 3 drives) then the additional hard drive will be used as Parity Drive which are similarly to RAID-5.

10. Now you TrueNAS will work correctly, further configuration is required such as creating SMB (Samaba) Shares, NFS Share or whichever you required.

Video below :-

!!! HAPPY COMPUTING !!!