58 Commits
0.0.2 ... 0.3.1

Author SHA1 Message Date
0179b787b1 Rename entrypoint script, detect NGINX_CLIENT_MAX_BODY_SIZE 2023-06-19 15:14:22 -04:00
5f1906feb8 Add default client_max_body_size 2023-06-19 15:14:01 -04:00
f708d1f194 Add NGINX_CLIENT_MAX_BODY_SIZE to example 2023-06-19 15:13:42 -04:00
ef8106adcd Bump version 2023-06-19 15:13:10 -04:00
cc14a5e76a Rename entrypoint script 2023-06-19 15:13:01 -04:00
43ee8da6ef Bump VERSION 2023-06-19 14:50:19 -04:00
836c86e165 Change netcat package name for Debian 12 2023-06-19 14:49:20 -04:00
0a84b8e997 Merge pull request #15 from loganmarchione/renovate/debian-12.x
Update debian Docker tag to v12
2023-06-19 18:44:19 +00:00
4666fae569 Update debian Docker tag to v12 2023-06-13 01:32:21 +00:00
12fa7c5ef6 Merge pull request #14 from loganmarchione/renovate/aquasecurity-trivy-action-0.x
Update aquasecurity/trivy-action action to v0.11.2
2023-06-12 17:12:53 +00:00
ca5461743d Update aquasecurity/trivy-action action to v0.11.2 2023-06-09 22:52:35 +00:00
5fbc7e8112 Merge pull request #13 from loganmarchione/renovate/aquasecurity-trivy-action-0.x
Update aquasecurity/trivy-action action to v0.11.0
2023-06-06 00:48:45 +00:00
c7d1c72737 Update aquasecurity/trivy-action action to v0.11.0 2023-06-05 19:47:39 +00:00
dc25bd9e65 Merge pull request #12 from loganmarchione/renovate/aquasecurity-trivy-action-0.x
Update aquasecurity/trivy-action action to v0.10.0
2023-04-19 17:05:54 +00:00
eed796c375 Update aquasecurity/trivy-action action to v0.10.0 2023-04-19 02:06:05 +00:00
78fdcfd36b Update renovate.json 2023-03-31 09:44:47 -04:00
b7c9c4166c Update network name 2023-03-30 21:33:21 -04:00
d86126bf70 Add Docker Compose for debugging 2023-03-30 21:13:18 -04:00
aa88052b5a Update main.yml 2023-03-28 01:39:22 +00:00
f86a6d83f0 Update README 2023-03-27 21:29:04 -04:00
58df557883 Update Dockerfile 2023-03-28 01:28:35 +00:00
fb7d5f5b1e Switch base from Ubuntu to Debian 2023-03-27 21:10:30 -04:00
a47abc2d9f Update Dockerfile 2023-03-28 00:58:11 +00:00
04063c496a Update main.yml 2023-03-27 20:40:41 +00:00
7f25c4943a Merge pull request #11 from loganmarchione/renovate/aquasecurity-trivy-action-0.x
Update aquasecurity/trivy-action action to v0.9.2
2023-03-09 15:22:57 +00:00
b7bb809d68 Update aquasecurity/trivy-action action to v0.9.2 2023-03-07 16:10:26 +00:00
79d5310d5d Update renovate.json 2023-03-07 11:10:13 -05:00
72a8d74e35 Merge pull request #10 from loganmarchione/renovate/aquasecurity-trivy-action-0.x
Update aquasecurity/trivy-action action to v0.9.1
2023-02-10 18:54:28 +00:00
7006125b0b Update aquasecurity/trivy-action action to v0.9.1 2023-02-10 10:41:27 +00:00
aa9f917d4a Merge pull request #9 from loganmarchione/renovate/aquasecurity-trivy-action-0.x
Update aquasecurity/trivy-action action to v0.9.0
2023-02-02 16:21:42 +00:00
c17c2c3b73 Update aquasecurity/trivy-action action to v0.9.0 2023-02-02 00:58:16 +00:00
540117be56 Merge pull request #8 from loganmarchione/renovate/docker-build-push-action-4.x
Update docker/build-push-action action to v4
2023-02-01 21:01:16 +00:00
f3e0b7561d Update docker/build-push-action action to v4 2023-01-30 19:47:12 +00:00
dce7230498 Update main.yml 2023-01-03 15:32:34 +00:00
2d1ee0afa0 Merge pull request #7 from loganmarchione/renovate/goodwithtech-dockle-0.x
Update goodwithtech/dockle Docker tag to v0.4.10
2023-01-02 16:42:37 +00:00
6c910626f8 Update goodwithtech/dockle Docker tag to v0.4.10 2023-01-02 16:42:04 +00:00
5b7aaf23d6 Update main.yml 2022-12-28 22:16:50 +00:00
8cc044ab01 Create trivy.yaml 2022-12-28 21:59:32 +00:00
cbb67c7319 Update main.yml 2022-12-28 21:59:08 +00:00
407b794043 Bump VERSION 2022-10-17 14:53:39 -04:00
35c13a48d3 Merge pull request #6 from loganmarchione/renovate/ubuntu-22.x
Update ubuntu Docker tag to v22
2022-10-17 18:53:07 +00:00
e3612164e3 Merge pull request #5 from loganmarchione/renovate/docker-setup-qemu-action-2.x
Update docker/setup-qemu-action action to v2
2022-10-17 16:07:13 +00:00
e997ba39b8 Merge pull request #4 from loganmarchione/renovate/docker-setup-buildx-action-2.x
Update docker/setup-buildx-action action to v2
2022-10-17 16:04:01 +00:00
be67b46f83 Merge pull request #2 from loganmarchione/renovate/docker-login-action-2.x
Update docker/login-action action to v2
2022-10-17 16:00:35 +00:00
031296c727 Update ubuntu Docker tag to v22 2022-10-17 15:57:40 +00:00
ea6aa6f7fd Update docker/setup-qemu-action action to v2 2022-10-17 15:57:34 +00:00
c012d1f8d8 Update docker/setup-buildx-action action to v2 2022-10-17 15:57:28 +00:00
a75fd490ce Update docker/login-action action to v2 2022-10-17 15:57:24 +00:00
dadfcfa306 Merge pull request #1 from loganmarchione/renovate/docker-build-push-action-3.x
Update docker/build-push-action action to v3
2022-10-17 15:52:56 +00:00
ff4d33d36d Update docker/build-push-action action to v3 2022-10-17 15:46:12 +00:00
688fcb4951 Create renovate.json 2022-10-17 15:45:37 +00:00
f8c6bb98ac Useless change to keep GitHub Actions running 2022-09-05 15:05:36 +00:00
14421c6a7e Update main.yml 2022-07-12 21:51:45 -04:00
b48180621c Delete container_scan.yml 2022-07-12 21:45:20 -04:00
0abfb59001 Update GitHub Actions Checkout to v3 2022-05-24 14:05:03 -04:00
aa91ecf18b Update GitHub Actions Checkout to v3 2022-05-24 14:04:41 -04:00
2f6693f42f Merge branch 'master' of https://github.com/loganmarchione/docker-webdav-nginx 2022-04-16 21:42:58 -04:00
7a2fd629c4 Update README.md 2022-04-16 21:41:36 -04:00
11 changed files with 152 additions and 96 deletions

21
.github/renovate.json vendored Normal file
View File

@ -0,0 +1,21 @@
{
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
"extends": [
"config:base"
],
"dependencyDashboard": true,
"dependencyDashboardTitle": "Renovate Dashboard",
"labels": ["renovatebot"],
"packageRules": [
{
"managers": ["github-actions"],
"matchUpdateTypes": ["patch"],
"automerge": true,
"automergeType": "pr",
"platformAutomerge": true
}
],
"docker-compose": {
"ignorePaths": ["docker-compose-dev.yml"]
}
}

5
.github/trivy.yaml vendored Normal file
View File

@ -0,0 +1,5 @@
format: table
severity:
- CRITICAL
vulnerability:
ignore-unfixed: true

View File

@ -1,46 +0,0 @@
name: Container scan on commit to master
on:
push:
branches:
- master
env:
USER: loganmarchione
REPO: docker-webdav-nginx
jobs:
ubuntu_ci:
name: Build and scan
runs-on: ubuntu-latest
steps:
- name: Check out the codebase
uses: actions/checkout@v2
- name: Set variables
run: |
VER=$(cat VERSION)
echo "VERSION=$VER" >> $GITHUB_ENV
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- name: Build Docker Image
uses: docker/build-push-action@v2
with:
push: false
context: .
file: Dockerfile
load: true
tags: |
${{ env.USER }}/${{ env.REPO }}:${{ env.VERSION }}
${{ env.USER }}/${{ env.REPO }}:latest
- name: Container scan
uses: azure/container-scan@v0
with:
image-name: ${{ env.USER }}/${{ env.REPO }}:${{ env.VERSION }}
severity-threshold: CRITICAL
run-quality-checks: true

View File

@ -6,20 +6,37 @@ on:
- "[0-9]+.[0-9]+.[0-9]+"
schedule:
- cron: "0 5 * * 0"
workflow_dispatch:
env:
USER: loganmarchione
REPO: docker-webdav-nginx
jobs:
ubuntu_ci:
name: Build and test
lint:
name: Lint
runs-on: ubuntu-latest
steps:
- name: Check out the codebase
uses: actions/checkout@v2
uses: actions/checkout@v3
- name: Lint Dockerfile with Hadolint
uses: hadolint/hadolint-action@v3.1.0
with:
failure-threshold: error
ignore: DL3008,DL3018
ci:
name: Build and test
needs: lint
runs-on: ubuntu-latest
steps:
- name: Check out the codebase
uses: actions/checkout@v3
- name: Set variables
run: |
@ -27,10 +44,10 @@ jobs:
echo "VERSION=$VER" >> $GITHUB_ENV
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
uses: docker/setup-buildx-action@v2
- name: Build Docker Image
uses: docker/build-push-action@v2
uses: docker/build-push-action@v4
with:
push: false
context: .
@ -46,22 +63,31 @@ jobs:
docker run --name test-container --detach --env WEBDAV_USER=user --env WEBDAV_PASS=password1 --volume 'webdav:/var/www/webdav' ${USER}/${REPO}:${VERSION}
docker ps -a
- name: Container scan
uses: azure/container-scan@v0
- name: Container scan with Dockle
uses: goodwithtech/dockle-action@0.1.0
with:
image-name: ${{ env.USER }}/${{ env.REPO }}:${{ env.VERSION }}
severity-threshold: CRITICAL
run-quality-checks: true
image: '${{ env.USER }}/${{ env.REPO }}:${{ env.VERSION }}'
format: 'list'
exit-code: '1'
exit-level: 'warn'
ignore: 'CIS-DI-0001'
ubuntu_cd:
- name: Container scan with Trivy
uses: aquasecurity/trivy-action@0.11.2
with:
scan-type: 'image'
image-ref: '${{ env.USER }}/${{ env.REPO }}:${{ env.VERSION }}'
trivy-config: ./github/trivy.yaml
cd:
name: Deploy
needs: ubuntu_ci
needs: ci
runs-on: ubuntu-latest
steps:
- name: Check out the codebase
uses: actions/checkout@v2
uses: actions/checkout@v3
- name: Set variables
run: |
@ -69,20 +95,20 @@ jobs:
echo "VERSION=$VER" >> $GITHUB_ENV
- name: Set up QEMU
uses: docker/setup-qemu-action@v1
uses: docker/setup-qemu-action@v2
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
uses: docker/setup-buildx-action@v2
- name: Login to DockerHub
uses: docker/login-action@v1
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKER_HUB_USER }}
password: ${{ secrets.DOCKER_HUB_PASS }}
logout: true
- name: Build Docker Image
uses: docker/build-push-action@v2
uses: docker/build-push-action@v4
with:
push: true
context: .

View File

@ -1,4 +1,4 @@
FROM ubuntu:focal
FROM debian:12-slim
ARG BUILD_DATE
@ -11,9 +11,9 @@ LABEL \
ARG DEBIAN_FRONTEND=noninteractive
RUN apt-get update && apt-get install -y --no-install-recommends \
RUN apt-get update && apt-get -y install --no-install-recommends \
apache2-utils \
netcat \
netcat-openbsd \
nginx-extras && \
rm -rf /var/lib/apt/lists/* && \
mkdir -p "/var/www/webdav/restricted" && \
@ -25,11 +25,13 @@ EXPOSE 80
VOLUME [ "/var/www/webdav" ]
COPY password.sh password.sh
COPY entrypoint.sh /
COPY VERSION /
COPY webdav.conf /etc/nginx/sites-enabled/webdav
ENTRYPOINT ["/password.sh"]
ENTRYPOINT ["/entrypoint.sh"]
CMD ["nginx", "-g", "daemon off;"]

View File

@ -6,9 +6,10 @@
Runs a Nginx WebDav server in Docker
- Source code: [GitHub](https://github.com/loganmarchione/docker-webdav-nginx)
- Docker container: [Docker Hub](https://hub.docker.com/r/loganmarchione/docker-webdav-nginx)
- Image base: [Ubuntu](https://hub.docker.com/_/ubuntu)
- Image base: [Debian](https://hub.docker.com/_/debian)
- Init system: N/A
- Application: [Nginx](https://nginx.org/)
- Architecture: `linux/amd64,linux/arm64,linux/arm/v7`
## Explanation
@ -30,9 +31,10 @@ Runs a Nginx WebDav server in Docker
### Environment variables
| Variable | Required? | Definition | Example | Comments |
|-------------|-----------|----------------------------------|----------------------------|--------------------------------------------------------------|
|----------------------------|--------------------|----------------------------------------------------------------------------------------------------------------|----------------------------|--------------------------------------------------------------|
| WEBDAV_USER | No | WebDav username | user | user AND pass need to be set for authentication to work |
| WEBDAV_PASS | No | WebDav password | password1 | user AND pass need to be set for authentication to work |
| NGINX_CLIENT_MAX_BODY_SIZE | No (default: 250M) | Nginx's [client_max_body_size](https://nginx.org/en/docs/http/ngx_http_core_module.html#client_max_body_size) | 500M | Be sure to include the units. Set to `0` to disable. |
### Ports
| Port on host | Port in container | Comments |
@ -50,11 +52,12 @@ Below is an example docker-compose.yml file.
version: '3'
services:
webdav:
container_name: webdav
container_name: docker-webdav-nginx
restart: unless-stopped
environment:
- WEBDAV_USER=user
- WEBDAV_PASS=password1
- NGINX_CLIENT_MAX_BODY_SIZE=500M
networks:
- webdav
ports:
@ -71,4 +74,16 @@ volumes:
driver: local
```
Below is an example of running locally (used to edit/test/debug).
```
# Build the Dockerfile
docker compose -f docker-compose-dev.yml up -d
# View logs
docker compose -f docker-compose-dev.yml logs -f
# Destroy when done
docker compose -f docker-compose-dev.yml down
```
## TODO

View File

@ -1 +1 @@
0.0.2
0.3.1

25
docker-compose-dev.yml Normal file
View File

@ -0,0 +1,25 @@
version: '3'
services:
webdav:
container_name: docker-webdav-nginx
restart: unless-stopped
build:
context: .
dockerfile: Dockerfile
environment:
- WEBDAV_USER=user
- WEBDAV_PASS=password1
- NGINX_CLIENT_MAX_BODY_SIZE=500M
networks:
- webdav
ports:
- '8888:80'
volumes:
- 'webdav:/var/www/webdav'
networks:
webdav:
volumes:
webdav:
driver: local

27
entrypoint.sh Executable file
View File

@ -0,0 +1,27 @@
#!/bin/sh -e
printf "########################################\n"
printf "# Container starting up!\n"
printf "########################################\n"
# Check for WebDav user/pass
printf "# STATE: Checking for WebDav user/pass\n"
if [ -n "$WEBDAV_USER" ] && [ -n "$WEBDAV_PASS" ]
then
printf "# STATE: WebDav user/pass written to /etc/nginx/webdav_credentials\n"
htpasswd -b -c /etc/nginx/webdav_credentials $WEBDAV_USER $WEBDAV_PASS > /dev/null 2>&1
else
printf "# WARN: No WebDav user/pass were set, the "restricted" directory has no authentication on it!\n"
sed -i "s/.*auth_basic.*//g" /etc/nginx/sites-enabled/webdav
sed -i "s/.*auth_basic_user_file.*//g" /etc/nginx/sites-enabled/webdav
fi
# Check for client_max_body_size setting
if [ -n "$NGINX_CLIENT_MAX_BODY_SIZE" ]
then
printf "# STATE: Setting client_max_body_size to $NGINX_CLIENT_MAX_BODY_SIZE\n"
sed -i "s/client_max_body_size 250M;/client_max_body_size $NGINX_CLIENT_MAX_BODY_SIZE;/g" /etc/nginx/sites-enabled/webdav
fi
printf "# STATE: Nginx is starting up now, the logs you see below are error_log and access_log from Nginx\n"
exec "$@"

View File

@ -1,21 +0,0 @@
#!/bin/sh -e
printf "#####\n"
printf "# Container starting up!\n"
printf "#####\n"
# Check for WebDav user/pass
printf "# STATE: Checking for WebDav user/pass\n"
if [ -n "$WEBDAV_USER" ] && [ -n "$WEBDAV_PASS" ]
then
printf "# STATE: WebDav user/pass written to /etc/nginx/webdav_credentials\n"
htpasswd -b -c /etc/nginx/webdav_credentials $WEBDAV_USER $WEBDAV_PASS > /dev/null 2>&1
else
printf "# WARN: No WebDav user/pass were set, the 'restricted' diretory has no authentication on it!\n"
sed -i 's/.*auth_basic.*//g' /etc/nginx/sites-enabled/webdav
sed -i 's/.*auth_basic_user_file.*//g' /etc/nginx/sites-enabled/webdav
fi
printf "# STATE: Nginx is starting up now, the logs you see below are error_log and access_log from Nginx\n"
exec "$@"

View File

@ -5,6 +5,8 @@ server {
root /var/www/webdav;
autoindex on;
client_max_body_size 250M;
location /public {
dav_methods PUT DELETE MKCOL COPY MOVE;
dav_ext_methods PROPFIND OPTIONS;