dave - The simple webdav server
dave is a simple webdav server that provides the following features:
- Single binary that runs under Windows, Linux and OSX.
- Authentication via HTTP-Basic.
- TLS support - if needed.
- A simple user management which allows user-directory-jails as well as full admin access to all subdirectories.
- Live config reload to allow editing of users without downtime.
- A cli tool to generate BCrypt password hashes.
It perfectly fits if you would like to give some people the possibility to upload, download or share files with common tools like the OSX Finder, Windows Explorer or Nautilus under Linux (or many other tools).
The project name dave is an abbreviation for: Distributed Authoring and Versioning made easy.
Table of Contents
The configuration is done in form of a yaml file. dave will scan the
following locations for the presence of a
config.yaml in the following
- The directory
- The directory
$HOME/.swd(swd was the initial project name of dave)
- The directory
- The current working directory
Here an example of a very simple but functional configuration:
address: "127.0.0.1" # the bind address port: "8000" # the listening port dir: "/home/webdav" # the provided base dir prefix: "/webdav" # the url-prefix of the original url users: user: # with password 'foo' and jailed access to '/home/webdav/user' password: "$2a$10$yITzSSNJZAdDZs8iVBQzkuZCzZ49PyjTiPIrmBUKUpB0pwX7eySvW" subdir: "/user" admin: # with password 'foo' and access to '/home/webdav' password: "$2a$10$DaWhagZaxWnWAOXY0a55.eaYccgtMOL3lGlqI3spqIBGyM0MD.EN6"
With this configuration you'll grant access for two users and the webdav
server is available under
At first, use your favorite toolchain to obtain a SSL certificate and keyfile (if you don't already have some).
Here an example with
# Generate a keypair openssl req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -days 365 # Remove the passphrase from the key file openssl rsa -in key.pem -out clean_key.pem
Now you can reference your keypair in the configuration via:
address: "127.0.0.1" # the bind address port: "8000" # the listening port dir: "/home/webdav" # the provided base directory tls: keyFile: clean_key.pem certFile: cert.pem users: ...
The presence of the
tls section is completely enough to let the server
start with a TLS secured https connection.
In the current release version you must take care, that the private key doesn't need a passphrase. Otherwise starting the server will fail.
Cross Origin Resource Sharing (CORS)
In case you intend to operate this server from a web browser based application, you might need to allow CORS access. To achieve that, you can configure the hosts you want to grant access to:
cors: origin: "*"
Note however that this has security implications, so be careful in production environments.
Behind a proxy
dave will also work behind a reverse proxy. Here is an example
<Location /webdav> ProxyPass https://webdav-host:8000/ ProxyPassReverse https://webdav-host:8000/ </Location>
User management in dave is very simple, but optional. You don't have to add users if it's not necessary for your use case. But if you do, each user in the
config.yaml must have a password and can have a subdirectory.
The password must be in form of a BCrypt hash. You can generate one calling the shipped cli tool
If a subdirectory is configured for a user, the user is jailed within it and can't see anything that exists outside of this directory. If no subdirectory is configured for an user, the user can see and modify all files within the base directory.
You can enable / disable logging for the following operations:
- Creation of files or directories
- Reading of files or directories
- Updating of files or directories
- Deletion of files or directories
You can also enable or disable the error log.
All file-operation logs are disabled per default until you will turn it on via the following config entries:
address: "127.0.0.1" # the bind address port: "8000" # the listening port dir: "/home/webdav" # the provided base directory log: error: true create: true read: true update: true delete: true ...
Be aware, that the log pattern of an attached tty differs from the log pattern of a detached tty.
Example of an attached tty:
INFO Server is starting and listening address=0.0.0.0 port=8000 security=none
Example of a detached tty:
time="2018-04-14T20:46:00+02:00" level=info msg="Server is starting and listening" address=0.0.0.0 port=8000 security=none
There is no need to restart the server itself, if you're editing the user or log section of the configuration. The config file will be re-read and the application will update it's own configuration silently in background.
You can check out the releases page for the latest precompiled binaries.
Otherwise you can use the binary installation via go get:
go get github.com/micromata/dave/cmd/...
Build from sources
- Ensure you've setup go Take a look at the installation guide and how you setup your path
- Create a source directory and change your working directory
mkdir -p $GOPATH/src/github.com/micromata/ && cd $GOPATH/src/github.com/micromata
- Clone the repository (or your fork)
git clone email@example.com:micromata/dave.git
To build and install from sources you have two major possibilites:
You can use the plain go toolchain and install the project to your
cd $GOPATH/src/github.com/micromata/dave && go install ./...
You can also use mage to build the project.
Please ensure you've got mage installed. This can be done with the following steps:
go get -u -d github.com/magefile/mage cd $GOPATH/src/github.com/magefile/mage go run bootstrap.go
Now you can call
mage install to build and install the binaries. If you just call
mage, you'll get a list of possible targets:
Targets: build Builds dave and davecli and moves it to the dist directory buildReleases Builds dave and davecli for different OS and package them to a zip file for each os check Runs golint and go tool vet on each .go file. clean Removes the dist directory fmt Formats the code via gofmt install Installs dave and davecli to your $GOPATH/bin folder installDeps Runs dep ensure and installs additional dependencies.
Build and run with Docker
Building dave with Docker is simple
git clone firstname.lastname@example.org:micromata/dave.git cd dave docker build -t dave .
Let dave run
# create webdav home mkdir webdav-home docker run -d \ -p 8000:8000 \ -v $(pwd)/examples/config-sample.yaml:/config.yaml:ro \ -v $(pwd)/webdav-home:/tmp:rw \ dave
To export the static binary simply run
docker run --rm --entrypoint="" dave cat /usr/local/bin/dave > dave chmod u+x dave
You could simply connect to the webdav server with a http(s) connection and a tool that allows the webdav protocol.
For example: Under OSX you can use the default file management tool Finder. Press CMD+K, enter the server address (e.g.
http://localhost:8000) and choose connect.
Everyone is welcome to create pull requests for this project. If you're new to github, take a look here to get an idea of it.
If you'd like to contribute, please make sure to use the magefile and execute and check the following commands before starting a PR:
mage fmt mage check
If you've got an idea of a function that should find it's way into this project, but you won't implement it by yourself, please create a new issue.
Please be aware of the licenses of the components we use in this project. Everything else that has been developed by the contributions to this project is under Apache 2 License.