COPS : Calibre OPDS PHP Server

[mariosipad]

The setting of cops you set in config_local.php and all the config_local.user[1-n].php files cannot be changed by the users.
Some settings can be changed by the individual users by clicking on the bottom left icon and changing the setting in the pop-up screen.
These settings are saved in their browser together with the username/password they type when authenticating themselves for login. When they clear their browser cache those settings are gone. Also if they use another browser (on a different PC) the setting from the other browser are not available (unless syncing between PC and or browsers is available to them).

But all this is normal web browser behaviour. It's not really a concern I have with using cops.

[MontyJ]

Quote:

Originally Posted by mariosipad

The setting of cops you set in config_local.php and all the config_local.user[1-n].php files cannot be changed by the users.
Some settings can be changed by the individual users by clicking on the bottom left icon and changing the setting in the pop-up screen.
These settings are saved in their browser together with the username/password they type when authenticating themselves for login. When they clear their browser cache those settings are gone. Also if they use another browser (on a different PC) the setting from the other browser are not available (unless syncing between PC and or browsers is available to them).

But all this is normal web browser behaviour. It's not really a concern I have with using cops.

I told you to tell me it wasn't so!...

I agree that is not really a big whoop to have to reset those settings, mainly the "Send book to Email" setting. The users want it bad enough that they will grind teeth and do it. But most of the users are very security/tracking minded and out of habit set their browsers to clear all history and cookies when they shutdown/restart their browsers.

Anyway, another feature request would be to put at least that "Send book to Email" setting ability into the users individual config.local.user.php files. I would not mind collecting that data and neither would the users mind, as that email address cannot be used for anything except documents and ebooks.

Had to divert attention to other things...will bet back to the issue at hand with COPS shortly!

[mariosipad]

Quote:

Anyway, another feature request would be to put at least that "Send book to Email" setting ability into the users individual config.local.user.php files. I would not mind collecting that data and neither would the users mind, as that email address cannot be used for anything except documents and ebooks.

Either I do not understand what you want, or perhaps you do not fully understand how mailing from cops works. If you do I humbly apologise.
The easyest solution is: the settings regarding mail in the config_local.... files need to be filled out with YOUR mail server data. The users can then specify their e-mail in a pop-up when they want to mail a document to themself.

Another, hard to maintain,solution is that you gather mail server data (server name, passwords) from all your security consious users and put that data in a lot of different config_local.user[1-n].php files. A lot of work, and some/most ISP don't let you mail from outside of their network. So most e-mail would be gmail or comparable anyway. It's probably better to use just one dedicated e-mail server (gmail or comparable).

Just my 2 cents on this topic.

[MontyJ]

Quote:

Originally Posted by mariosipad

Either I do not understand what you want, or perhaps you do not fully understand how mailing from cops works. If you do I humbly apologise.
The easyest solution is: the settings regarding mail in the config_local.... files need to be filled out with YOUR mail server data. The users can then specify their e-mail in a pop-up when they want to mail a document to themself.

Another, hard to maintain,solution is that you gather mail server data (server name, passwords) from all your security consious users and put that data in a lot of different config_local.user[1-n].php files. A lot of work, and some/most ISP don't let you mail from outside of their network. So most e-mail would be gmail or comparable anyway. It's probably better to use just one dedicated e-mail server (gmail or comparable).

Just my 2 cents on this topic.

I had to go off and slowly count to about 10 million, LoL.

In a previous life with cops, I had it working using .htaccess. But that was with QApache, not the default Apache. Given 'eccentricities' with qapache, I decided to eliminate that and the additional variables it threw into the qnap web server system and stay with the basic apache, which everyone but me knows and loves...

A little off topic, but applicable to my struggle, the competitor to cops I also am using (until/if I can get cops working right) is Ubooquity. It has a .qpkg install package, takes care of the port assignment, has built-in and easy to setup user login/password control, and detailed user and access logging. In short it can be up and going with minimal techie chops. So why am I bothering with cops? Simple. Uboo is not aimed at ebooks. While it does work with the exact same calibre database files that cops does, it is aimed at comics so does not handle the ebooks nearly as well as cops, and it is slow in comparison. Hint: If Uboo, with far fewer users, can do a .qpkg, so can Cops. Hopefully that will be considered in the future.

Ok, back on topic! Back to basics!!

I have cops111 working locally (192.168.x.xxx/cops111) pulls up the proper libraries as setup in config_local.php. I stripped out all the comment lines to keep it simple:

Code:

<?php
    if (!isset($config))
        $config = array();

    $config['calibre_directory'] = array (
    "01 - Repository Information" => "/share/CACHEDEV1_DATA/Backups/Calibre_Libraries/01-Repository Information/",
    "02 - Fiction eBooks" => "/share/CACHEDEV1_DATA/Backups/Calibre_Libraries/02-Fiction/",
    "03 - NonFiction eBooks" => "/share/CACHEDEV1_DATA/Backups/Calibre_Libraries/03-NonFiction/",
    "04 - Science Fiction eBooks" => "/share/CACHEDEV1_DATA/Backups/Calibre_Libraries/04-Science Fiction/");
    
    $config['cops_title_default'] = "COPS 1.1.1";
   
    $config['cops_use_url_rewriting'] = "0";

    $config['default_timezone'] = "America/Phoenix";

In the /share/Web/cops111/.htaccess file, everything is default except these last lines in the file:

Code:

#<FilesMatch "\.php$">
#AuthUserFile /share/Web/cops111/.htpasswd
#AuthGroupFile /dev/null
#AuthName "COPS Security"
#AuthType Basic
#Require valid-user
#</FilesMatch>

As is, cops111 works. But when I uncomment those lines, I get "Internal Server Error Port:80.

Ok, some kind of port issue? I do have a simple vhost setup in apache. Here is the httpd-vhosts-user.conf file that the qnap apache control panel sets up when I add a virtual host:

Code:

NameVirtualHost *:8162

Listen 8162

<VirtualHost _default_:80>
	DocumentRoot "/share/Web"
</VirtualHost>
<VirtualHost *:8162>
<Directory "/share/Web/cops111">
	Options FollowSymLinks MultiViews
	AllowOverride All
	Require all granted
</Directory>
	ServerName Cops111
	DocumentRoot "/share/Web/cops111"
</VirtualHost>

That code is all the default code; no changes by me. The main apache.conf file also has: "AccessFileName .htaccess", and I have not modified it.

My folder/file structure is:

/share/Web = Contains the default apache index.php and several of my simple bash scripts to restart apache, start cops, etc.
/share/Web/cops111 = Contains all cops111 files including .htaccess and .htpasswd

So when I uncomment those lines in .htaccess, I get the "Internal Server Error".

Bad/missing apache setting? Bad/missing cops111 setting?

[mariosipad]

It's probably a problem with .htaccess (worked and after uncommenting it does not work).
I do not see anything obviously wrong.

If I make a deliberate error in the path to .htpasswd I get an "Internal Server Error".

The path to .htaccess must probably be an absolute path.
Any chance of a typo?

If you try to connect to cops with http://192.168.x.x:8162/cops111/ what happens?

[Calibius]

Have you tried setting up basic auth within the virtual host, or do you always use the .htaccess to do so?

Just out of curiosity, I set mine up with multiple users and with multiple databases to see if it worked. I was able to get it functioning with multiple users, differing configs, and everything seems to be working. Granted I'm using a Linode vps with Debian 8, so I have a lot more freedom than a QNAP, but it is working, which means it's something about the setup you have.


Here's what I have:
config_local.php with my basic preferences that I want to apply to everyone. (Such as SMTP server, all databases, user auth if using COPS instead of htaccess. [I'm using htpasswd so I don't have a cops_auth setting])

config_local.user1.php with only things for user1 (don't set everything that is also in config_local.php-- so just add things like title, databases that differ for this user, etc.)

config_local.user2.php etc. (Clarification: users who are in your .htpasswd that do not have their own config file will default to using config_local.php)

I apologize if I'm repeating things you know, but if using .htpasswd with apache2, make sure your .htpasswd is configured for each of your users. On my Debian setup, this was "sudo htpasswd /etc/apache2/.htpasswd user1", it then prompts for password. Then for each additional user do the same thing without the -c option. I'm assuming with QNAP it's similar (you may have to use full path for htpasswd bin? I'm unfamiliar with using QNAPs so I apologize for not having more info.)

Afterwards, I believe you have two options, you can enable http auth with either the virtualhost.conf file or with the .htaccess file. Leaving the .htaccess file standard, I used the virtualhost method by adding the following bit in red:

Code:

<VirtualHost *:80>
  ServerAdmin xxxxx@yyyyy.zzz
  ServerName  example.com
  ServerAlias example.com
  
  DirectoryIndex index.html index.php
  DocumentRoot /var/www/public_html
  
     <Directory "/var/www/public_html">
        AuthType Basic
        AuthName "Restricted Content"
        AuthUserFile /etc/apache2/.htpasswd
        Require valid-user
    </Directory>

</VirtualHost>

I hope this helps...

[MontyJ]

Quote:

Originally Posted by mariosipad

It's probably a problem with .htaccess (worked and after uncommenting it does not work).
I do not see anything obviously wrong.

If I make a deliberate error in the path to .htpasswd I get an "Internal Server Error".

The path to .htaccess must probably be an absolute path.
Any chance of a typo?

If you try to connect to cops with http://192.168.x.x:8162/cops111/ what happens?

If I put in: 192.168.x.xxx/cops111, I get error "Apache Server at 192.168.x.xxx Port 80

If I put in: 192.168.x.xxx/8162/cops111, I get error "Apache Server at 192.168.x.xxx Port 8162

As to typo, there is always a chance of that, LoL, but I sure can't spot it. You see copies of the config files above, and if I type in a url wrong, I get an error and then double check the url.

How about the vhost file. I notice it points to /share/Web as port 80 and points to /share/Web/cops111 as port 8186. Does that /share/Web entry need to be in there??

[MontyJ]

Quote:

Originally Posted by Calibius

Have you tried setting up basic auth within the virtual host, or do you always use the .htaccess to do so?

Just out of curiosity, I set mine up with multiple users and with multiple databases to see if it worked. I was able to get it functioning with multiple users, differing configs, and everything seems to be working. Granted I'm using a Linode vps with Debian 8, so I have a lot more freedom than a QNAP, but it is working, which means it's something about the setup you have.


Here's what I have:
config_local.php with my basic preferences that I want to apply to everyone. (Such as SMTP server, all databases, user auth if using COPS instead of htaccess. [I'm using htpasswd so I don't have a cops_auth setting])

config_local.user1.php with only things for user1 (don't set everything that is also in config_local.php-- so just add things like title, databases that differ for this user, etc.)

config_local.user2.php etc. (Clarification: users who are in your .htpasswd that do not have their own config file will default to using config_local.php)

I apologize if I'm repeating things you know, but if using .htpasswd with apache2, make sure your .htpasswd is configured for each of your users. On my Debian setup, this was "sudo htpasswd /etc/apache2/.htpasswd user1", it then prompts for password. Then for each additional user do the same thing without the -c option. I'm assuming with QNAP it's similar (you may have to use full path for htpasswd bin? I'm unfamiliar with using QNAPs so I apologize for not having more info.)

Afterwards, I believe you have two options, you can enable http auth with either the virtualhost.conf file or with the .htaccess file. Leaving the .htaccess file standard, I used the virtualhost method by adding the following bit in red:

Code:

<VirtualHost *:80>
  ServerAdmin xxxxx@yyyyy.zzz
  ServerName  example.com
  ServerAlias example.com
  
  DirectoryIndex index.html index.php
  DocumentRoot /var/www/public_html
  
     <Directory "/var/www/public_html">
        AuthType Basic
        AuthName "Restricted Content"
        AuthUserFile /etc/apache2/.htpasswd
        Require valid-user
    </Directory>

</VirtualHost>

I hope this helps...

Thanks for the ideas! As to using htaccess/htpasswd, I had assumed that was the only thing available IF I wanted apache authorization. I do have 40 or so users/passwords in my .htpassword file, tho I often 'test' with just one newly created one to make sure that copying the encrypted passwords from a previous apache install isn't causing problems.

I am going to go ahead and put the Require valid-user statement in the vhosts file and see what happens. I have tried it before, but started with default this time before I started mucking things up again...

[mariosipad]

@MontyJ
Reread your post: try
http://192.168.x.xxx:8162/index.php

@Calibius
My cops setup is Rather similar to yours. I do not use a vps but apache on debian 8 should be rather similar.
My synology is more difficult to set-up.

[MontyJ]

Quote:

Originally Posted by mariosipad

@MontyJ
Reread your post: try
http://192.168.x.xxx:8162/index.php

@Calibius
My cops setup is Rather similar to yours. I do not use a vps but apache on debian 8 should be rather similar.
My synology is more difficult to set-up.

@Mariosipad,

Still get: Internal Server Error / Apache Server at 192.168.x.xxx Port 8162

Can't find any error log for apache, but in the apache_test.log, I spotted these entries matching the last try. I don't think they affect any of my issues, but here they are:

AH00548: NameVirtualHost has no effect and will be removed in the next release /etc/config/apache/extra/httpd-vhosts-user.conf:1
AH00558: apache: Could not reliably determine the server's fully qualified domain name, using 192.168.x.xxx. Set the 'ServerName' directive globally to suppress this message
Syntax OK

[Calibius]

What version of QNAP are you using? QNAP 4.3.3 does not have the module authz_groupfile_module loaded, so that's may be what is causing your Internal Server Error message. (AuthGroupFile /dev/null in .htaccess).

I think you can fix this by adding
LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
to file: /mnt/HDA_ROOT/.config/apache/extra/apache-default-modules.conf

Or possibly just by leaving the AuthGroupFile /dev/null commented out.
I found this quote "Remove the line authgroupfile in your .htaccess if it's set to null as they have bodged the mod_authz_groupfile not loading by default in the 4.3.3 firmware"

Guide for enabling apache logs on QNAP: https://technedigitale.com/archives/407

[MontyJ]

Well, just to confirm the seeming issue, I commented out the last lines in /share/Web/cops111/.htaccess:

Code:

#<FilesMatch "\.php$">
#AuthUserFile /share/Web/cops111/.htpasswd
#AuthGroupFile /dev/null
#AuthName "COPS Security"
#AuthType Basic
#Require valid-user
#</FilesMatch>

With these lines commented out, I tried:

http://192.168.x.xxx:8162 = Works
http://192.168.x.xxx/cops111 = Works
http://192.168.x.xxx:8162/index.php = Works

So one or more of those lines is/are the problem. Dunno!

[Calibius]

Monty, comment out only the authgroupfile line in .htaccess and see if that works.

[mariosipad]

Or comment out (remove #) all but AuthGroupFile.

That's essentially the same test that @Calibius proposed.

[MontyJ]

Quote:

Originally Posted by mariosipad

Or comment out (remove #) all but AuthGroupFile.

That's essentially the same test that @Calibius proposed.

@Calibius
@Mariosipad

No, that did not work...BUT, this did!

Code:

#<FilesMatch "\.php$">
<FilesMatch "(index|feed)\.php">
AuthUserFile /share/Web/cops111/.htpasswd
#AuthGroupFile /dev/null
AuthName "COPS Security"
AuthType Basic
Require valid-user
</FilesMatch>

I had tried that alternate FilesMatch statement before, but not with the AuthGroupFile commented out. Combine the two and, gofigure, it works!

Now on to getting the per/user setups to work.

With both of you having it working, hopefully you can pound it into me on how to get mine to work!