Automating web site management, NAnt, WebDav, Windows 2003 Server VPN
Looking at NAnt, VPNs, WebDav, and other tools for automating web site management. What’s really needed is an index of each file on the site indicating where it came from and an integrated set of release tools/scripts to maintain and key off the index. Sounds like a description of software that exists out there and is priced at stratospherically ridiculous “enterprise” levels.
The goal is to be able to automatically and efficiently propagate a change to one of many Visual Studio projects or even in a folder of files to the web server. A related goal is to be able to automatically publish a new release of a project.
NAnt seems like a good framework for building the scripts, but it seems to lack a way of managing remote files. With a VPN to the server, that wouldn’t be a problem except potential efficiency issues if scripts can’t be written to minimize the amount of uploading.
For future reference, Sitecopy is a cygwin based tool for synchronizing a local file tree with a remote one and supports WebDav.
WebDav is a bit of a mystery. Windows 2003 Server allows WebDav to be enabled on a web site. Windows XP can then add Network Places that provide Windows Explorer level access to the remote files. There doesn’t seem to be any programmatic support in .NET for it though.
Downloaded independentsoft.de’s .NET webdav support. It didn’t appear to work initially. Couldn’t copy a file or list folder contents. Fired off an e-mail to support which they responded to quickly. Unfortunately the library is obfuscated which makes trying to guess what the problem is hard. They’ll give you source code access but for much more money. Turns out they may only have a bug accessing the root folder of a site. My other difficulties were due to not realizing that Write and Directory browsing permissions were required by WebDav. They aren’t required for “Web Folder” access which Microsoft seems to link with WebDav but appears to march to a different drummer.
To “enable” WebDav on IIS 6.0, the first step is to enable it generally as a configured web service, and second, to enable Write and Directory browsing access via IIS for each site/vroot to be accessed. It appears as long as there is a valid default document, HTTP requests that specify only the folder do not generate folder listings. I have not confirmed, but suspect, that Windows ACLs combined with WebDAV NetworkCredentials can effectively restrict the users with WebDav access. WebDav traffic is encrypted only if the site supports SSL. Otherwise passwords “may” be encrypted, presumably only if integrated windows authentication is used and plain text credentials aren’t passed explicitly.
Getting a VPN up between my collocated Windows 2003 Server and my Windows XP workstation required adding Routing and Remote Access as a server role, configuring a range of static IP addresses (don’t configure DHCP unless its needed for other reasons) on a different subnet from my home network, and punching a hole through my firewall for PPTP, IPSec, and L2TP (UDP 500, 4500, 1701). There’s an attitude in the security space that non-hardware-SSL based VPN’s are problematic. Probably a combination of security and performance issues.
While waiting for progress on the VPN & WebDav fronts I started coding a custom file tree merge Web Service. I was in the middle of this when I happened across John Shewchuk’s MSDN TV interview about Indigo. Quite amusing to have him comment on how Indigo was going to help facilitate just the kind of plumbing work I was hacking away at.