If you want to host the VCF Offline Depot on your QNAP NAS, this walkthrough gets you up and running fast. Hosting the depot locally saves space, bandwidth, and even cuts down the number of helper VMs you’d otherwise keep around.
Tested on:
- QNAP TVS-h1688X
- QuTS hero h5.2.6.3195
- VCF Installer → VCF-SDDC-Manager-Appliance-9.0.0.0.24703748.ova
Step 1) Enable the Web Server
Control Panel → Applications → Web Server → Enable Web Server.
(HTTP is fine here; I’ll show the VCF Installer tweak for HTTP a bit later.)
Step 2) Move the files to your Web Root
By default, QNAP serves from the Web share. In my case that’s:
/share/ZFS24_DATA/Web/You can use the default Web share or create a Virtual Host if you want a dedicated hostname/port. The important part is that your document root actually contains the VCF depot layout.
This is the exact folder structure that worked for me:
I had to move the vsan folder and metadata folder into the PROD folder to sit alongside the COMP folder, both of those originally downloaded into COMP automatically.
Step 3) Add basic authentication
Create your .htaccess and .htpasswd files, here’s the content of my .htaccess:
# at /share/ZFS24_DATA/Web/.htaccess (you will need to change your path so it matches what your ZFS path is
Options +Indexes
IndexOptions FancyIndexing NameWidth=*
AuthType Basic
AuthName "Restricted Area"
AuthUserFile /share/ZFS24_DATA/Web/.htpasswd
# Let Java/okhttp clients (VCF) through without a password
SetEnvIfNoCase User-Agent "Java|okhttp" vcf_ok=1
<IfModule mod_authz_core.c> # Apache 2.4
<RequireAny>
Require env vcf_ok
Require valid-user
</RequireAny>
</IfModule>
<IfModule !mod_authz_core.c> # Apache 2.2 fallback
Order allow,deny
Allow from env=vcf_ok
Satisfy any
Require valid-user
</IfModule>
# Don’t leak .ht* files
<FilesMatch "^\.ht">
Require all denied
</FilesMatch>
# Make sure JSON is sent with correct type
AddType application/json .jsonI then ran these commands to create my .htpsswd file on the QNAP NAS via PuTTy:
HASH=$(openssl passwd -apr1 'YourStrongPassword!')
echo "admin:$HASH" > /share/ZFS24_DATA/Web/.htpasswdhtpsswd is not a command that is found in bash on the QNAP NAS, instead you can leverage openssl to hash your password:
Restart the QNAP web server:
/etc/init.d/Qthttpd.sh restartStep 4) Allow HTTP for the Offline Depot on the VCF Installer Appliance
By default the VCF Installer is looking to use HTTPS when connecting to the Offline Depot. For the purposes of a lab, this is overkill. The command below will allow you to connect to an Offline Depot with HTTP.
While the VCF user is allowed to connect via SSH, it doesn’t have privileges to edit the file that we need to make the change on. The default setting for root is that it’s not allowed to login via SSH on the VCF Installer Appliance, you can change this if you want. I found it quicker to do what you need via the console where root is allowed to login:
echo "lcm.depot.adapter.httpsEnabled=false" >> /opt/vmware/vcf/lcm/lcm-app/conf/application-prod.properties
systemctl restart lcmStep 5) Add the Offline Depot in the VCF Installer UI
This is relatively simple, you just need to put in your details and hit Configure:
If you run into issues, you can leverage CURL to validate whether or not you can authenticate. Success looks like HTTP/1.1 200 OK.
While testing this out, I got a few HTTP/1.1 401 Errors:
Once I fixed my .htaccess file, those errors were resolved:
curl -I -u 'admin:y0ur$tr0ngPa$$w0rd!!' http://offlinedepot2.varchitected.com/PROD/metadata/productVersionCatalog/v1/productVersionCatalog.json
Step 6) Pre-stage the bits
Click Download to pre-stage the content you need (select all of the files first).
Step 7) Wait for the files to Load…
Outtro (the witty bit)
Congratulations, you just turned a humble QNAP into a mini-CDN for SDDC Manager. Fewer VMs, fewer downloads from the internet, and CPU cycles easing into a smooth landing, leaving more runway for your lab workloads instead. If only every homelab project was this satisfying: copy some files, charm Apache with a .htaccess, flip one tiny flag in the VCF Installer, and boom. VCF now eats from your own buffet. Bon appétit, SDDC. Now you can deploy VCF 9.0 with your own Offline Depot.🍴🚀