OpenWrt Forum Archive

Topic: Mount Cloud Drive on OpenWrt TL-WR703N Router

The content of this topic has been archived on 20 Apr 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.

Hi Folks,

I managed to mount a "Cloud drive" (WebDAV partition) onto my OpenWrt-powered TP-Link TL-WR703N router.

What it means is that now I have virtually unlimited storage space on my cheap $22 small (57 x 57 x 18 mm or 1.25 x 1.25 x 0.7 "), 4MB Flash, 32MB RAM, Wifi/+Ethernet-enabled pocket router!

Of course, this opens up a whole bunch of new possibilities...

The first thing I am thinking of is to mount this webshare partition as "/overlay", so all the packages are installed on it rather than on the limited-size Flash. I may need to use an intermediate loopback file (i.e. a file containing a file system), because the WebDAV protocol doesn't support symbolic links, so I am not sure if I will be able to install packages on it as is.

Then, the flashed firmware becomes a "bootstrap" for the device, fetching all its packages from the Cloud. Moreover, you can imagine all your routers  sharing the same Cloud drive, so you actually provision the same up-to-date firmware to all of them tongue

But I a m sure you already have your own idea of what to do with it!

The "Cloud drive" can be any provider supporting the WebDAV protocol, like "4Shared.com", "Box.com" or "Google Drive" (I used "4Shared.com"), but it can also be your own private Cloud if you install ownCloud either on your machine or on a hosted server.

Although it requires to build your own firmware, the steps involved are not very difficult. They are not platform dependent, so they should work on all OpenWrt-supported devices. They are also not version dependent, as I tested the modification both using the "Barrier Breaker" trunk (r34243) and the Attitude Adjustment Beta 2 branch (rr34185).

As it may certainly be useful to others, I wanted to share it here!

Install

I suppose that you start from a (fresh) SVN checkout of OpenWrt, or maybe an existing one that you already have.
You only need to download the openwrt_webdav.tar.gz archive and uncompress it anywhere you like. It will create  a directory "openwrt_webdav" containing:

openwrt_webdav
├── 001-secrets-permissions.patch
├── 002-write-chain.patch
└── davfs2
    ├── Makefile
    └── patches
        ├── 010-bootstrap_configure.patch
        ├── 020-fstab-argz.patch
        ├── 025-install-hook.patch
        ├── 030-syslog-uclibc.patch
        ├── 040-cache-fix.patch
        ├── 070-change-type-to-off64.patch
        ├── 090-rpmatch-fix.patch
        ├── 095-include-add.patch
        ├── 096-write-certs.patch
        └── 100-gnulib-big.patch

All these files are provided under the GPL v2 license, unless otherwise specified.

The "davfs2" directory is an OpenWrt package providing the WebDaV filesystem: it is a modified version of the package provided by the Entware Team in their "rtndev" feed.

I just added the "025-install-hook.patch" patch to correct a small automake bug, the "096-write-certs.patch" to provide an SSL certificate dump capability, and adjusted the path to match the ones used by OpenWrt.

You have first to declare a new local "feed" by adding a line in the "feeds.conf.default" or "feeds.conf" file at the OpenWrt root:

echo "src-link openwrt_webdav your_unpack_dir/openwrt_webdav" >> feeds.conf.default

As this package also depends on the "libneon" from the OpenWrt additional "packages" feed, I suggest that you update and install all the feeds by typing:

./script/feeds update -a
./script/feeds install -a

We now need to apply the "001-secrets-permissions.patch" patch that adds the image "/etc/davfs2/secrets" files to the list of files to keep with unmodified access rights (it needs to be owner-rw only), by typing in the main OpenWrt directory:

patch -p 0 < your_unpack_dir/openwrt_webdav/001-secrets-permissions.patch

Then, we need to copy the file "002-write-chain.patch" that gives the libneon the capability to dump the whole SSL certificate chain rather than the server certificate only. Still in the same OpwenWrt root directory:

cp your_unpack_dir/openwrt_webdav/002-write-chain.patch feeds/packages/libs/neon/patches/
Configuration / Compilation

You just use the standard configuration command:

make menuconfig

If not already done, you need first to select your target device, then navigate to the "Network > Filesystem" sub-menu to select the "davfs2" entry by typing "Y". Save and exit, then launch the compilation using:

make -j n

Where "n" is your number of host CPU + 1.

After a variable amount of time (that may be hours if it is the initial compilation that also builds the whole toolchain), you should obtain the firmware files in the "bin/architecture" directory.

Usage

Install the appropriate firmware file onto your device, then proceed to the usual configuration of the root password to get SSH access, then configure the network to have access to your WebDAV server. I cannot go into too much details here, as this is very specific to each individual device/installation.

Once the network configuration set up, we will perform the WebDAV-specific setup. We have to:

  1. add your WebDAV authentication information to the "/etc/davfs2/secrets" file

  2. (optional) say we don't use locks, as this is the case, at least with the 4Shared.com provider

  3. specify where to get the server certificate file

root@OpenWrt:/etc/davfs2# echo "/mnt your_login your_password" >> secrets
root@OpenWrt:/etc/davfs2# echo "use_locks 0" >> davfs2.conf
root@OpenWrt:/etc/davfs2# echo "servercert /etc/davfs2/certs/server.cert" >> davfs2.conf

We need to create a cache directory:

root@OpenWrt:/etc/davfs2# mkdir -p /var/cache

Now, unless you already got the server certificate key chain by some other means, we have to get it and save it for all of our future connections to the server:

root@OpenWrt:/etc/davfs2# mount.davfs https://webdav.4shared.com/ /mnt
mount.davfs: the server certificate is not trusted
  issuer:      07969287, http://certificates.godaddy.com/repository, GoDaddy.com, Inc., Scottsdale, Arizona, US
  subject:     Domain Control Validated, *.4shared.com
  identity:    *.4shared.com
  fingerprint: 71:66:87:80:27:c4:5e:12:e7:c2:b5:5f:96:5e:17:92:93:a6:82:d4
You only should accept this certificate, if you can
verify the fingerprint! The server might be faked
or there might be a man-in-the-middle-attack.
Accept certificate for this session? [y,N,w]

This is where I added the "w" option that allows to save the server certificate key chain into a file smile
Enter "w" and specify the file as follows:

...
Accept certificate for this session? [y,N,w] w
Server certificate file name: /tmp/server.cert
mount.davfs: Mounting failed.
Server certificate verification failed: issuer is not trusted

As a precaution, the mount failed, but you have the server certificate! We must copy it to its final destination (this can't be done from the "mount.davfs" command, as it drops its privileges once launched):

root@OpenWrt:/etc/davfs2# cp /tmp/server.cert /etc/davfs2/certs/

Now, you should be able to mount your Cloud drive:

root@OpenWrt:/etc/davfs2# mount.davfs https://webdav.4shared.com/ /mnt

Let's verify:

root@OpenWrt:/etc/davfs2# mount
rootfs on / type rootfs (rw)
/dev/root on /rom type squashfs (ro,relatime)
proc on /proc type proc (rw,noatime)
sysfs on /sys type sysfs (rw,noatime)
tmpfs on /tmp type tmpfs (rw,nosuid,nodev,noatime,size=14684k)
tmpfs on /dev type tmpfs (rw,noatime,size=512k,mode=755)
devpts on /dev/pts type devpts (rw,noatime,mode=600)
root on /tmp/root type tmpfs (rw,noatime,mode=755)
overlayfs:/tmp/root on /tmp/root type overlayfs (ro,noatime,lowerdir=/,upperdir=/tmp/root)
debugfs on /sys/kernel/debug type debugfs (rw,relatime)
none on /proc/bus/usb type usbfs (rw,relatime)
/dev/mtdblock3 on /overlay type jffs2 (rw,noatime)
overlayfs:/overlay on / type overlayfs (rw,noatime,lowerdir=/,upperdir=/overlay)
https://webdav.4shared.com/ on /mnt type fuse (rw,nosuid,nodev,relatime,user_id=0,group_id=0,allow_other,max_read=16384)
root@OpenWrt:/etc/davfs2# df
Filesystem           1K-blocks      Used Available Use% Mounted on
rootfs                     832       220       612  26% /
/dev/root                 2304      2304         0 100% /rom
tmpfs                    14684       100     14584   1% /tmp
tmpfs                      512         0       512   0% /dev
root                     14680        28     14652   0% /tmp/root
overlayfs:/tmp/root      14680        28     14652   0% /tmp/root
/dev/mtdblock3             832       220       612  26% /overlay
overlayfs:/overlay         832       220       612  26% /
root@OpenWrt:/etc/davfs2# cd /mnt/
root@OpenWrt:/mnt# ls
TL-WR703N.txt        hello.txt            lost+found           webdav_commands.txt

You may see that "df" doesn't report the Cloud drive capacity for a (yet) unknown reason, but everything else is working!

Now, each time you want to mount your Cloud drive, all you have to do is:

mkdir -p /var/cache
mount.davfs https://webdav.4shared.com/ /mnt

This can be automated in many ways, but placing these commands into the "/etc/rc.local" file is probably the most convenient one.

Enjoy big_smile

One quiet bad thing about davfs2 is that fact, that it always uses local cache. And when I say always, I really mean this.

I have davfs2 up and running on my DIR-825 with USB flash drive attached. Cache of davfs2 should be set to USB mount, and I'll explain why. For example, when you try to copy an 1GB file from USB flash to davfs2 mounted directory, what do you think is going to happen? Will it just send the file to the remote server?
No!
1. It copies file from original directory on USB drive to cache directory on USB drive.
2. It puts file from cache directory to the remote server.
3. It deletes file from cache.
And there's no known way to stop it from using cache this way.

Similarly when you try to open a file stored on the remote server, it downloads it to the cache directory first and only then opens it from the cache.

Also you can imagine what would happen if you try to send or get large enough file when cache directory is set to /var/cache. If your router has only 32MB of RAM, you'll find that you can't do anything with files larger than 16MB. And if you try to do that, you will find your /var (and /tmp which is the same) partition with no free space left, and that's definitely not good for running linux system.

It would work well enough with smaller files, though.

(Last edited by eximido on 19 Nov 2012, 14:42)

Copying a 1GB file onto a router with only 4MB Flash / 32 MB RAM is quite extreme smile

I agree, but thisis a limitation of the protocol itself, not of the davfs2 implementation, OpenWrt or the hardware itself.

Compared to the basic 4MB Flash, a 16MB persistent storage is still nice, and it doesn't have the Flash wear-leveling problem wink

This may be useful for collecting data from several routers, or exchanging information between them, too.

Squonk wrote:

Copying a 1GB file onto a router with only 4MB Flash / 32 MB RAM is quite extreme smile

I agree, but thisis a limitation of the protocol itself, not of the davfs2 implementation, OpenWrt or the hardware itself.

Compared to the basic 4MB Flash, a 16MB persistent storage is still nice, and it doesn't have the Flash wear-leveling problem wink

This may be useful for collecting data from several routers, or exchanging information between them, too.

Hi, ive sent you an email. Please check it. thanks

Squonk wrote:

The "davfs2" directory is an OpenWrt package providing the WebDaV filesystem: it is a modified version of the package provided by the Entware Team in their "rtndev" feed.

Glad that our work is needed to someone! Feel free to use any Entware sources you want.

The discussion might have continued from here.