HTTP File Access via Apache

From OSNEXUS Wiki
Jump to: navigation, search

For cloud and other applications it can be useful to be able to access files in QuantaStor Network Shares via the HTTP protocol as well as through the standard NFS/CIFS protocols. Apache configuration and security issues are a broad topic which is too much for us to cover in this article. As such this article focuses on how to install apache and how to provide public access to all available network shares via HTTP. From there you can use the many online guides to further tune and adjust the configuration settings to meet your specific application and security requirements for your data.

Installing the Apache Web Server

Use ssh to log into the appliance to run the commands to install, setup and configure the web server to provide HTTP access to your files. Run these commands to install Apache:

sudo apt-get update
sudo apt-get install apache2

Fixing Port Conflicts

QuantaStor uses many network interface ports (the full list of which can be found in the /etc/init.d/iptables file) including the default HTTP and HTTPS ports which are port 80 and 443 respectively. Installing Apache will block access to the QuantaStor web management interface until the Apache port configuration is corrected. We recommend choosing alternate port numbers like 8001 and 4443 for the apache web server to be used for HTTP file access.

Changing Apache's Default Ports

Edit the /etc/apache2/ports.conf file to make the default port numbers 8001 and 4443 or some other unused port numbers like so:

sudo nano /etc/apache2/ports.conf

After updating the file it should look roughly like this (comments removed for brevity):

NameVirtualHost *:8001
Listen 8001

<IfModule mod_ssl.c>
    Listen 4443
</IfModule>

<IfModule mod_gnutls.c>
    Listen 4443
</IfModule>

Enabling Access to Network Shares

Now we need to provide access to the Network Shares by editing the default access rules for the web server to allow access to the /export folder.

sudo nano /etc/apache2/sites-enabled/000-default

In there you'll want to change the VirtualHost port number to the one you put into the ports.conf file such as 8001 like so:

<VirtualHost *:8001>

You'll also need to add a section which enables access to the Network Shares. Note that there's no requirement that you provide access to all shares and you can create aliases for specific network shares by creating one or more aliases and associated Directory stanzas.

....

        Alias /export/ "/export/"
        <Directory "/export/">
                Options Indexes MultiViews FollowSymLinks
                AllowOverride None
                Order allow,deny
                Allow from all
        </Directory>
....

Restarting Apache

To apply the configuration changes you'll need to restart the apache web server like so:

sudo service apache2 restart

Accessing Files Via HTTP

Enter the following URL into your web browser with the IPADDRESS replaced with the actual IPADDRESS of your QuantaStor appliance. Note that the trailing / is required and you will not see the shares listed without it.

http://IPADDRESS:8001/export/

Securing Apache

Setting up QuantaStor so that you can access your files is quick and easy, but be sure to spend some time reviewing the Apache security configuration guide here to make sure you're not exposing the system to undue security risks. You can also configure Apache to allow/deny access to specific hosts which is outlined in this article here.