diff -r 8f90dcfd0439 -r dd5c0ebdf54f docs/html/configuration.html --- a/docs/html/configuration.html Tue Sep 05 11:42:08 2017 +0200 +++ b/docs/html/configuration.html Tue Sep 05 12:00:49 2017 +0200 @@ -71,75 +71,104 @@

The config.xml file is an XML file with <configuration> as root element. The <configuration> element can have the following child elements: <repository>, <http-proxy>, <https-proxy>, <key>

repository

This element is used to configure a repository. A repository must have a unique name to identify the repository and a url pointing to the root collection for this repository.

-

Required child elements: <name>, <url>
Optional elements: <user>, <password>, <default-key>, <full-encryption>, <content-encryption>, <decrypt-content>, <decrypt-name>, <cert>, <verification>, <ssl-version>, <authmethods>

+

Required child elements: <name>, <url>
+Optional elements: <user>, <password>, <default-key>, <full-encryption>, <content-encryption>, <decrypt-content>, <decrypt-name>, <cert>, <verification>, <ssl-version>, <authmethods>

name

Unique repository identifer.

-

Type: string
Example: <name>myrepo</name>

+

Type: string
+Example: <name>myrepo</name>

url

The url must point to a valid WebDAV compilant collection.

-

Type: url
Example: <url>https://example.com/webdav/repo1/</url>

+

Type: url
+Example: <url>https://example.com/webdav/repo1/</url>

user

User used for authentication

-

Type: string
Example: <user>alice</user>

+

Type: string
+Example: <user>alice</user>

password

A base64 encoded password used for authentication.

-

Type: base64 string
Example: <password>MTIzNDU2Nzg=</password>

+

Type: base64 string
+Example: <password>MTIzNDU2Nzg=</password>

default-key

Identifer of the key used by default for encryption. There must be a configured key with this name.

-

Type: string
Example: <key>mykey</key>

+

Type: string
+Example: <key>mykey</key>

full-encryption

-

If this element has the value of true, content and resource name encryption/decryption is enabled. Because encryption and decryption is disabled by default, false has no effect for this element.

-

Type: boolean
Default: false
Example: `true

+

If this element has the value of true, content and resource name encryption/decryption is enabled. Resources are only encrypted if the repository has a default-key or a key is specified via command line option. Because encryption and decryption is disabled by default, false has no effect for this element.

+

Type: boolean
+Default: false
+Example: `true

content-encryption

This element enables only content encryption and decryption. A value of false disables content encryption, but it does not disables content decryption, if this is enabled with <decrypt-content>.

-

Type: boolean
Default: false
Example: <content-encryption>true</content-encryption>

+

Type: boolean
+Default: false
+Example: <content-encryption>true</content-encryption>

decrypt-content

Controls only the decryption of content. If true content is decrypted.

-

Type: boolean
Default false
Example: <decrypt-content>true</decrypt-content>

+

Type: boolean
+Default false
+Example: <decrypt-content>true</decrypt-content>

decrypt-name

Controls only the decryption of resource names. If true resource names are decrypted. This effects path to url resolution.

-

Type: boolean
Default: false
Example: <decrypt-name>true</decrypt-name>

+

Type: boolean
+Default: false
+Example: <decrypt-name>true</decrypt-name>

cert

Path to a file containing certificates to verify the TLS connection to the server.

-

Type: string
Example: <cert>/etc/certs/cabundle.pem</cert>

+

Type: string
+Example: <cert>/etc/certs/cabundle.pem</cert>

Note: This element does the same as curl's --cacert option.

verification

This element can disable TLS certificate verification.

-

Type: boolean
Default: true
Example: <verification>false</verification>

+

Type: boolean
+Default: true
+Example: <verification>false</verification>

ssl-version

Specifies the SSL version to attempt to use. The value must be one of this strings: TLSv1, TLSv1.0, TLSv1.1, TLSv1.2, SSLv2, SSLv3

-

Type: ssl version enum
Example: <ssl-version>TLSv1.2</ssl-version>

+

Type: ssl version enum
+Example: <ssl-version>TLSv1.2</ssl-version>

authmethods

Controls which http authentication methods are used. Multiple methods can be used. The value must be one or more authentication methods separated by space. Valid authentication methods are: basic, digest, negotiate, ntlm, any, none

Type: list of authmethod

-

Default: basic
Example: <authmethods>basic digest</authmethods>

+

Default: basic
+Example: <authmethods>basic digest</authmethods>

key

The <key> element configures a key used for encryption. A key must have a unique name, which is stored in the properties of encrypted resources. To decrypt resources, dav looks for configured keys with this name, therefore the name of the key should never changed and must be the same on all hosts accessing the same repository.

-

Required child elements: <name>, <file>
Optional elements: <type>

+

Required child elements: <name>, <file>
+Optional elements: <type>

name

Unique key identifer.

-

Type: string
Example: <name>key1</name>

+

Type: string
+Example: <name>key1</name>

file

Path to the content of the key. The file should contain 32 (aes256) or 16 (aes128) bytes. If value is not an absolut path, it must be relative to the dav config directory $HOME/.dav/.

-

Type: string
Example: <path>keys/key1.bin</path>

+

Type: string
+Example: <path>keys/key1.bin</path>

type

Specifies the key type. Valid values are aes128 or aes256.

-

Type: aes type enum
Default: aes256
Example: <type>aes128</type>

+

Type: aes type enum
+Default: aes256
+Example: <type>aes128</type>

http-proxy / https-proxy

Configuration for http and https proxies is the same. Both use the same elements, but https-proxy expects an https url.

-

Required child elements: <url>
Optional elements: <user>, <password>, <no>

+

Required child elements: <url>
+Optional elements: <user>, <password>, <no>

url

Specifies the proxy url.

-

Type: url
Example: <url>http://myproxy/</url>

+

Type: url
+Example: <url>http://myproxy/</url>

user

User used for authentication with the proxy.

-

Type: string
Example: <user>alice</user>

+

Type: string
+Example: <user>alice</user>

password

A base64 encoded password used for authentication.

-

Type: base64 string
Example: <password>MTIzNDU2Nzg=</password>

+

Type: base64 string
+Example: <password>MTIzNDU2Nzg=</password>

no

A comma separated list of all hosts that should not be accessed through the proxy.

-

Type: string
Example: <no>host1, host2, host3</no>

+

Type: string
+Example: <no>host1, host2, host3</no>

Example 1: minimal repository configuration

A minimal configuration for a repository. If no user and/or password are configured, dav prompts for authentication informations if required.

<configuration>
@@ -167,6 +196,7 @@
         <user>alice</user>
         <password>MTIzNDU2Nzg=</password>
         <full-encryption>true</full-encryption>
+        <default-key>mykey1</default-key>
     </repository>
     
     <key>