Create your own Mozilla Weave server
updated: Fri Jul 18 : Added SSL VirtualHost configuration for a secure environment.
updated: Fri Oct 17 : Just increased version numbers to Weave 0.2.7.
Mozilla Weave is a pretty neat extension to the pretty neat Firefox 3 browser. This extension can synchronize your bookmarks, cookie data, saved passwords, history and form data to a WebDAV server maintained and hosted by Mozilla.
Since Weave is only at version 0.2.7 (at the time of writing), the project is heavily in development and the WebDAV server is dead slow and offline from time to time. The nice thing about free mozilla stuff is that almost everything is possible, even building your own WebDAV server.
We don’t just want a WebDAV server, but we want the exact same setup as Weave uses, including tight user authentication and security on the storage. The only thing that really bothers me, is that there’s still no satisfying solution for quota support in WebDAV, except for using patched mod_dav and Apache versions.
As a base system, i’m using CentOS 5.2
Apache
First, we’re going to install Apache, and configure the stuff
# yum install httpd
# vi /etc/httpd/conf/httpd.conf
Make sure the mod_dav and mod_dav_fs modules are loaded in the configuration file
LoadModule dav_module modules/mod_dav.so
LoadModule dav_fs_module modules/mod_dav_fs.so
<IfModule mod_dav_fs.c>
DAVLockDB /var/lib/dav/lockdb
</IfModule>
The last section is there by default, but i’ll just post what’s really needed to get things working.
Now, we’re going to build the VirtualHost
<VirtualHost *:80>
ServerName weave.yourdomain.com
DocumentRoot /home/www/weave.yourdomain.com/www
ErrorLog /var/log/httpd/weave_yourdomain_com-error.log
CustomLog /var/log/httpd/weave_yourdomain_com-access.log combined
<Directory "/home/www/weave.yourdomain.com/www">
Options Indexes FollowSymLinks
AllowOverride AuthConfig Limit
Order allow,deny
Allow from all
AuthType Basic
AuthName "WebDAV Restricted"
AuthUserFile /home/www/weave.yourdomain.com/passwords
require valid-user
</Directory>
<Location />
DAV On
</Location>
</VirtualHost>
As you can see, we’re using the directory /home/www/weave.yourdomain.com/www as our DocumentRoot. Valid users from the file /home/www/weave.yourdomain.com/passwords can browse to the DocumentRoot. We will restrict further user-access by using .htaccess files in the “users” directory lateron.
The <Location /> statement enables DAV on the DocumentRoot.
Now, let’s save the thing and create the necessary directories:
cd /home/www
mkdir -p weave.yourdomain.com/www/user/remco
chown -R apache:apache weave.yourdomain.com
For each user, we’ll create a .htaccess file in their directory:
cd /home/www/weave.yourdomain.com/www/user/remco
vi .htaccess
require user remco
chown apache:apache .htaccess
Finally, we’ll make the passwords file:
htpasswd -c /home/www/weave.yourdomain.com/passwords remco
New password:
Re-type new password:
That’s it for the installation. Next up: Weave!
Weave
I’m using Weave 0.2.7, downloaded from http://people.mozilla.com/~cbeard/weave/dist/
If you never used Weave before. It’s necessary to first make a profile at Mozilla. After Weave is succesfully configured and syncing to a Mozilla server, you can change properties.
If you have configured Weave, click on the Weave logo in the bottom right of your screen and select ‘Preferences’. After that, sign out on your current Weave login at Mozilla. Click on the Advanced tab and change your Server Location to http://weave.yourdomain.com and start a Sign In.
Et Voila! You are connected to your own Weave WebDAV server. Start syncing at real speeds 
If you encounter problems, you can always look at the activity log. If you STILL encounter problems, try to flush server data.
Weave over HTTPS / SSL
If you want to have a secure connection, you will need SSL for that. Installation is already done when you have installed Apache on CentOS 5. If you have doubt, check to see if you have mod_ssl and openssl installed with Yum or whatever tool you’re using.
To use SSL, you have to create the next VirtualHost next to the VirtualHost you already created on port 80. Ofcourse you can also completely disable the VirtualHost on port 80 if you really really don’t want a plain connection.
The configuration you have to add is the following :
<VirtualHost *:443>
ServerName weave.yourcomain.com
DocumentRoot /home/www/weave.yourdomain.com/www
ErrorLog /var/log/httpd/weave_yourdomain_com-error.log
CustomLog /var/log/httpd/weave_yourdomain_com-access.log combined
<Directory "/home/www/weave.yourdomain.com/www">
SSLRequireSSL
Options Indexes FollowSymLinks
AllowOverride AuthConfig Limit
Order allow,deny
Allow from all
AuthType Basic
AuthName "WebDAV Restricted"
AuthUserFile /home/www/weave.yourdomain.com/passwords
require valid-user
</Directory>
<Location />
DAV On
</Location>
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
SSLCertificateFile /etc/pki/tls/certs/localhost.crt
SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Directory "/var/www/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
</VirtualHost>
Note
Note that when you are using a self-signed certificate (like i do), you need to browse to https://weave.yourdomain.com/ and accept the certificate, before it will work in Weave. If you don’t do this, Weave will give you the error “Username / password incorrect”.
Note #2
If you happen to be running Weave 0.2.5 and notice a huge memory and CPU increase, disable the TAB synchronization. There’s a known bug in 0.2.5 that eats your memory. 0.2.6 solves this issue.
Download Weave now at:
http://people.mozilla.com/~cbeard/weave/dist/latest-weave.xpi
Thunderbird?
I also started a blog about using Weave in Thunderbird. You can see it here.
Hi and thx for the instructions
Can this be used on a regular server? like any hosting provider
Is it possible to use an other webdav server without first making a profile at Mozilla? Currently Mozilla has a stop on new profiles.
It is possible! Just install Weave 0.2.2 and continue the install wizard until the server error occurs. Then change the server in preferences and sign in.
“Can this be used on a regular server? like any hosting provider”
Well, maybe. If the hosting provider accepts “DAV On” in .htaccess and configuration, it should be a possibility but i’m not so sure.
thanks, I’ll ask my provider
i get this error when launching the server directory “|x93/home/www/weave.mydomain.net/www|x94″ path is invalid. i’m running apache on windows server 2003. not sure what the deal is, i double checked everything, and yes, using a real domain, correct folders and so on
“i get this error when launching the server directory “|x93/home/www/weave.mydomain.net/www|x94″ path is invalid.”
Well, you must change paths to a real path usable by Windows ofcourse. The path in my documentation is just for explanation purposes. In Windows it should be D:\whatever\www orso.
If you just click “Cancel” on the wizard, you can very easily access the preferences to change servers.
the only thing i’m not sure how to do, is to change permissions on the folders, i’m using windows so the same commands don’t work obviously, unless i’m missing something.
“Well, you must change paths to a real path usable by Windows ofcourse. The path in my documentation is just for explanation purposes. In Windows it should be D:\whatever\www orso.”
i did do that, but it’s still putting the x93 x94 stuff in there, even though i’m using the absolute path
ok, i figure out the x93 stuff, basically, when i c/p your code, the quotes pasted as a different ascii, so i just deleted them and retyped them
Alright, that explains a lot. Does it work now?
yes, i had to change a couple more things, but it’s working, thanks
Thanks for the instructions, worked like a charm. Nice to have syncing somewhere until Mozilla gets everything stabilized and happy.
Ok, updated the post with SSL enabled. Have fun
Instead of using a self-signed certificate, you might want to get a valid SSL cert from cacert.org. It’s free, and mostly hassle free to setup. All you have to do is ensure you’ve imported their root CA cert in Firefox.
You’re the man. I got it working in no time, and it is indeed much faster than the Mozilla server. Thanks!
Excellent how-to! I’d been having all kinds of problems getting Weave to work on my own WebDAV server and these instructions made it a piece of cake. It’s a heck of a lot faster than it used to be (and I kind of like the idea of storing everything on MY server instead of some stranger’s). Good work!
possible that weave 0.2.5 doesnt create the directory structure which is needed?
I’m currently trying to get everything working with weave 0.2.5 on my own linux machine (gentoo box).
WebDAV works fine with http authentification to restrict public access.
It seems like weave 0.2.5 doesnt create the necessary directory structure, or can’t login into http auth.
2008-07-22 17:00:06 Chrome.Wizard INFO Checking registration status: https://domain.org/weave/api/register/regopen/
2008-07-22 17:00:09 Chrome.Wizard INFO Registration closed
2008-07-22 17:00:15 Chrome.Wizard INFO Verifying username/password…
2008-07-22 17:00:15 Service.Util ERROR Login verification failed Error code: 404
2008-07-22 17:00:15 Chrome.Wizard INFO Login verify failed
2008-07-22 17:00:15 Async.Generator ERROR Exception: checkStatus failed
“If you never used Weave before. It’s necessary to first make a profile at Mozilla. After Weave is succesfully configured and syncing to a Mozilla server, you can change properties.”
Try this instead: about:config in Firefox’s address bar
Find and Change the value in “extensions.weave.username” from “nobody” to the username of your WebDAV.
Relaunch FF and enter your password and passphrase.
Hi all,
I’m having similar problems as Mike describes.
2008-07-23 09:34:33 Chrome.Window INFO User string: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1
2008-07-23 09:34:33 Chrome.Window INFO Weave version: 0.2.5
2008-07-23 09:34:33 Service.Main INFO Making sure server is initialized…
2008-07-23 09:34:34 Service.DAV ERROR Could not create directory on server
2008-07-23 09:34:34 Service.DAV ERROR Exception caught: request failed: 500 –
2008-07-23 09:34:34 Chrome.Wizard INFO Initial login failed
2008-07-23 09:34:35 Async.Generator ERROR Exception: Could not create private key directory
2008-07-23 09:34:35 Chrome.Wizard INFO Shutting down setup wizard
Also I noticed that it really doesn’t matter which password I enter when setting up the account. It always says: “Username and password verified”
The whole thing is, I think, correctly setup as I am required to enter a username and password when browsing to the weave server and I only see my own directory.
I really don’t want to abuse this comments system but does anyone have an idea ?
Thank you Cote, works fine now!
Just changed the extensions.weave.username.
Thanks for the post, very useful. Havent been able to get it working after 2 tries but I’ll keep tinkering. Cent OS 5 on a box that uses Plesk, so some of the config is a bit awkward and out of place.
@MadMike2K:
Check where your “DAVLockDB” directive points to. Mine was pointing to a directory that apache did not have access to. Once I fixed that it worked like a charm!
very good point I had not thought of – but I still think the original poster was closer to the answer..
Perfect guide!
One problem left:
I cannot login into Weave on my Debian system unless I connect first manually to the webdav server in another browser window/tab.
After that it works like a charm!
Any ideas how to solve this?
Anyone have any pointers? I can browse to my WebDav service via Firefox and login with no problem and can mount the WedDav folder in windows without issue, but I keep getting this error:
2008-08-02 13:49:06 Chrome.Window INFO User string: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1
2008-08-02 13:49:06 Chrome.Window INFO Weave version: 0.2.5
2008-08-02 13:49:06 Chrome.Window INFO Logging in…
2008-08-02 13:49:06 Chrome.Window INFO User string: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1
2008-08-02 13:49:06 Chrome.Window INFO Weave version: 0.2.5
2008-08-02 13:49:07 Service.Main INFO Making sure server is initialized…
2008-08-02 13:49:07 Service.Main INFO Server version too low. Wiping server data.
2008-08-02 13:49:08 Service.DAV ERROR Could not create directory on server
2008-08-02 13:49:08 Service.DAV ERROR Exception caught: request failed: 200 –
2008-08-02 13:49:08 Async.Generator ERROR Exception: Could not create meta information directory
2008-08-02 13:49:44 Chrome.Window INFO Sync window closed
What’s strange is it says it can’t create the “meta information directory”, but if i remove it, and try to login with Weave, it recreates it.
I found your site on faves.com bookmarking site.. I like it ..gave it a fave for you..ill be checking back later
Just finished setting this up. Thanks for the instructions – it works a charm!
i’m having an issue with authentication not initially working but if i brows to the webdav with the browser and login then i can sign into weave any ideas?
ServerName webdav.
ServerAdmin Admin@
DocumentRoot k:\wwwroot\webdav
ErrorLog logs/webdav.-error_log
CustomLog logs/webdav.-access_log common
SSLRequireSSL
Options Indexes FollowSymLinks
AllowOverride AuthConfig Limit
Order allow,deny
allow from all
DAV On
SSPIAuth On
AuthType SSPI
# SSPIAuthoritative On
# SSPIOfferBasic Off
SSPIOfferBasic On
require valid-user
AuthName “Fuxored Weave Server”
DAVLockDB k:/wwwroot/webdav/devlock
# DAVMinTimeout 600
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile conf//cert.pub
SSLCertificateKeyFile conf//cert.priv
BrowserMatch “.*MSIE.*” \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
my ssl config same happens for non ssl
ive replaced my domainname with
Very interesting blog, i have added it to my fovourites, greetings
It may be a bit heavy handed, but you can always confine the WebDAV in it’s own partition. You could even encrypt the partition too. Think of it as a hard quota limit – very hard.
Thanks! Works like a charm.
I’m having some trouble setting this up under windows XP Home.
Apache starts fine with the lines I’ve added/uncommented to httpd.conf
But when I try to login with weave it just says “Invalid username and/or password”
This all stopped working since version 0.6, it looks like they try hard to not have anyone use his own server so they can get all the data. too bad :/