= TolkienSetupTrac =

This TolkienSetup sub-guide describes the steps necessary to configure per-user, SSL-secured, WebDAV directories via Apache.


== Installing Apache ==

Apache is required to host Trac.

If you selected the "LAMP server" task during OS install, this should already be installed.  To verify, run the following command:
{{{
$ tasksel --list-tasks | grep lamp
}}}

To see the packages installed for the task, run:
{{{
$ tasksel --task-packages lamp-server
}}}

To specifically check whether or not the `apache2` package is installed, run:
{{{
$ apt-cache policy apache2
}}}

If you need to install this task, run:
{{{
# tasksel install lamp-server
}}}


== Enabling WebDAV ==

Run the following commands to enable the WebDAV modules you'll need:
{{{
# a2enmod dav_fs
# a2enmod dav
}}}


== Creating an Apache WebDAV "Site" ==

Create the following site configuration as `/etc/apache2/sites-available/dav-shares`:
{{{
Alias /webdav /var/www/dav/secure
<Location /webdav-secure>
	DAV On
</Location>
<Directory /var/www/dav/secure>
	Options Indexes MultiViews
	AllowOverride None
	Order allow,deny
	allow from all
</Directory>
}}}

Then, create and secure the WebDAV storage folder:
{{{
# mkdir -p /var/www/dav/secure
# chown -R www-data /var/www/dav/
}}}

Enable the Apache site:
{{{
# a2ensite dav-shares
}}}


== Per-User WebDAV Directories ==

First, create an Apache password file with a user, e.g. "bob" (be sure to write down the username and password somewhere):
{{{
# htpasswd -cm /var/www/dav/dav-logins.passwd bob
}}}

Then, set the site to use that file for authentication by modifying the `Location` directive:
{{{
<Location /webdav-secure>
	DAV On
	AuthType Basic
	AuthName "Trac"
	AuthUserFile /var/www/dav/dav-logins.passwd
	Require valid-user
</Location>

Then, enable Apache's `UserDir` module:
{{{
# a2enmod userdir
}}}

Disable the `UserDir` module's default mapping by editing the `/etc/apache2/mods-available/userdir.conf` file as follows:
{{{
<IfModule mod_userdir.c>
        #UserDir public_html
        #UserDir disabled root

        <Directory /home/*/public_html>
                AllowOverride FileInfo AuthConfig Limit
                Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
        </Directory>
</IfModule>
}}}

Then, set the site to translate user locations by modifying the `Location` directive again:
{{{
}}}


== Securing WebDAV with SSL ==

TODO