/docker-nginx-webdav-nononsense-ro

Aims to enable a no-nonsense WebDAV docker system on the latest available nginx mainline. Magic included?

Primary LanguageDockerfileMIT LicenseMIT

README

docker-nginx-webdav-nononsense aims to be a Docker image that enables a no-nonsense WebDAV system on the latest available nginx, stable and mainline.

The image, and resulting container, is designed to run behind a reverse proxy (e.g., the great jc21/nginx-proxy-manager) to handle SSL. So, it runs on port 80 internally.

Why no-nonsense?

I'm taking it lightly: my own project is no-nonsense to me ;-) there is nothing wrong with other projects.

Here is what I think sets it apart from other nginx Docker images.

Settings

Mount any of these two volumes:

  • ./path/to/dir:/data is the root folder that nginx will serve for WebDAV content (/data).
  • ./htpasswd:/etc/nginx/htpasswd is the Apache HTTP compatible flat file to register usernames and passwords. If you provide one, you can tell the container who your username and passwords are. If you provide one, WEBDAV_USERNAME and WEBDAV_PASSWORD env vars (see below) are ignored. Please note that all users have the same access levels.

These are environment variables you can set, and what they do.

  • PUID=1000 user id with read/write access to ./path/to/dir:/data volume. Nginx will use the same to be able to read/write to the folder.
  • PGID=1000 group id with read/write access to ./path/to/dir:/data volume. Nginx will use the same to be able to read/write to the folder.
  • TZ=Europe/Berlin specifies timezone for the underlying GNU/Linux system.
  • WEBDAV_USERNAME=user to set a single username to access WebDAV. Ignored if WEBDAV_PASSWORDis not set, ignored if ./htpasswd:/etc/nginx/htpasswd is mounted.
  • WEBDAV_PASSWORD=password to set the password to the single username to access WebDAV. Ignored if WEBDAV_USERNAMEis not set, ignored if ./htpasswd:/etc/nginx/htpasswd is mounted.
  • SERVER_NAMES=localhost,ineed.coffee comma separated hostnames for the server.
  • TIMEOUTS_S=1200 expressed as seconds, sets at the same time various nginx timeouts: send_timeout, client_body_timeout, keepalive_timeout, lingering_timeout.
  • CLIENT_MAX_BODY_SIZE=120M limits file upload size to the expressed value, which must end wither with M(egabytes) or G(igabytes).

Usage

  • Clone this repository, edit the included docker-compose.yml, and run docker-compose build && docker-compose up to build and run the container. Access it from http://localhost:32080; or
  • Build the Dockerfile and run the container with docker; or
  • Pull and run my docker image dgraziotin/nginx-webdav-nononsense and use it with docker-compose or docker.

If you are using a reverse proxy (you should!), and the reverse proxy is containerized, do not forget to connect the container to the reverse proxy with a network. Follow the instructions of your reverse proxy.

With jc21/nginx-proxy-manager, I add the following to the docker-compose.yml:

networks:
    default:
       external:
         name: reverseproxy

Consider also un-exposing the port if you use a reverse proxy.

Kindly note that this project is proxy-independent and requires you to be knowledgeable about reverse proxy to be used properly. 

A reverse proxy, if misconfigured, could become the weaker link that prevents proper functioning of the WebDAV functionalities. 

Examples include having the reverse configured with values for timeouts or max body size that are less than the one nginx-webdav-nononsense uses.

Some proxies might not forward important headers from-and-to nginx-webdav-nononsense, and you may need to whitelist these headers manually. Finally, a reminder that Cloudfare is a reverse proxy with its settings and limitations (example), some of which cannot be changed.

Feature requests

I will add features if I happen to need them. To name one, I do not need native SSL support, because I use a reverse proxy. However, I welcome pull requests.

Credits

Many thanks to dotWee for adding awesome CI features to the repo!