Rename entrypoint script, detect NGINX_CLIENT_MAX_BODY_SIZE

Update debian Docker tag to v12

.github/renovate.json

@@ -14,5 +14,8 @@
       "automergeType": "pr",
       "platformAutomerge": true
     }
-  ]
+  ],
+  "docker-compose": {
+    "ignorePaths": ["docker-compose-dev.yml"]
+  }
 }

.github/workflows/main.yml

@@ -13,9 +13,25 @@ env:
   REPO: docker-webdav-nginx
 
 jobs:
+  lint:
+    name: Lint
+
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Check out the codebase
+      uses: actions/checkout@v3
+
+    - name: Lint Dockerfile with Hadolint
+      uses: hadolint/hadolint-action@v3.1.0
+      with:
+        failure-threshold: error
+        ignore: DL3008,DL3018
+
   ci:
     name: Build and test
 
+    needs: lint
     runs-on: ubuntu-latest
 
     steps:
@@ -56,14 +72,8 @@ jobs:
         exit-level: 'warn'
         ignore: 'CIS-DI-0001'
 
-    - name: Container scan with hadolint
-      uses: hadolint/hadolint-action@v3.1.0
-      with:
-        failure-threshold: error
-        ignore: DL3008,DL3018
-
     - name: Container scan with Trivy
-      uses: aquasecurity/trivy-action@0.9.2
+      uses: aquasecurity/trivy-action@0.11.2
       with:
         scan-type: 'image'
         image-ref: '${{ env.USER }}/${{ env.REPO }}:${{ env.VERSION }}'

Dockerfile

@@ -1,4 +1,4 @@
-FROM debian:11-slim
+FROM debian:12-slim
 
 ARG BUILD_DATE
 
@@ -13,7 +13,7 @@ ARG DEBIAN_FRONTEND=noninteractive
 
 RUN apt-get update && apt-get -y install --no-install-recommends \
     apache2-utils \
-    netcat \
+    netcat-openbsd \
     nginx-extras && \
     rm -rf /var/lib/apt/lists/* && \
     mkdir -p "/var/www/webdav/restricted" && \
@@ -25,13 +25,13 @@ EXPOSE 80
 
 VOLUME [ "/var/www/webdav" ]
 
-COPY password.sh /
+COPY entrypoint.sh /
 
 COPY VERSION /
 
 COPY webdav.conf /etc/nginx/sites-enabled/webdav
 
-ENTRYPOINT ["/password.sh"]
+ENTRYPOINT ["/entrypoint.sh"]
 
 CMD ["nginx", "-g", "daemon off;"]
 

README.md

@@ -31,9 +31,10 @@ Runs a Nginx WebDav server in Docker
 
 ### Environment variables
 | Variable                   | Required?          | Definition                                                                                                     | Example                    | Comments                                                     |
-|-------------|-----------|----------------------------------|----------------------------|--------------------------------------------------------------|
+|----------------------------|--------------------|----------------------------------------------------------------------------------------------------------------|----------------------------|--------------------------------------------------------------|
 | WEBDAV_USER                | No                 | WebDav username                                                                                                | user                       | user AND pass need to be set for authentication to work      |
 | WEBDAV_PASS                | No                 | WebDav password                                                                                                | password1                  | user AND pass need to be set for authentication to work      |
+| NGINX_CLIENT_MAX_BODY_SIZE | No (default: 250M) | Nginx's [client_max_body_size](https://nginx.org/en/docs/http/ngx_http_core_module.html#client_max_body_size)  | 500M                       | Be sure to include the units. Set to `0` to disable.         |
 
 ### Ports
 | Port on host              | Port in container | Comments            |
@@ -51,11 +52,12 @@ Below is an example docker-compose.yml file.
 version: '3'
 services:
   webdav:
-    container_name: webdav
+    container_name: docker-webdav-nginx
     restart: unless-stopped
     environment:
       - WEBDAV_USER=user
       - WEBDAV_PASS=password1
+      - NGINX_CLIENT_MAX_BODY_SIZE=500M
     networks:
       - webdav
     ports:
@@ -72,4 +74,16 @@ volumes:
     driver: local
 ```
 
+Below is an example of running locally (used to edit/test/debug).
+```
+# Build the Dockerfile
+docker compose -f docker-compose-dev.yml up -d
+
+# View logs
+docker compose -f docker-compose-dev.yml logs -f
+
+# Destroy when done
+docker compose -f docker-compose-dev.yml down
+```
+
 ## TODO

VERSION

@@ -1 +1 @@
-0.2.0
+0.3.1

docker-compose-dev.yml

@@ -0,0 +1,25 @@
+version: '3'
+services:
+  webdav:
+    container_name: docker-webdav-nginx
+    restart: unless-stopped
+    build:
+      context: .
+      dockerfile: Dockerfile
+    environment:
+      - WEBDAV_USER=user
+      - WEBDAV_PASS=password1
+      - NGINX_CLIENT_MAX_BODY_SIZE=500M
+    networks:
+      - webdav
+    ports:
+      - '8888:80'
+    volumes:
+      - 'webdav:/var/www/webdav'
+
+networks:
+  webdav:
+
+volumes:
+  webdav:
+    driver: local

entrypoint.sh

@@ -0,0 +1,27 @@
+#!/bin/sh -e
+
+printf "########################################\n"
+printf "# Container starting up!\n"
+printf "########################################\n"
+
+# Check for WebDav user/pass
+printf "# STATE: Checking for WebDav user/pass\n"
+if [ -n "$WEBDAV_USER" ] && [ -n "$WEBDAV_PASS" ]
+then
+	printf "# STATE: WebDav user/pass written to /etc/nginx/webdav_credentials\n"
+	htpasswd -b -c /etc/nginx/webdav_credentials $WEBDAV_USER $WEBDAV_PASS > /dev/null 2>&1
+else
+	printf "# WARN:  No WebDav user/pass were set, the "restricted" directory has no authentication on it!\n"
+	sed -i "s/.*auth_basic.*//g" /etc/nginx/sites-enabled/webdav
+	sed -i "s/.*auth_basic_user_file.*//g" /etc/nginx/sites-enabled/webdav
+fi
+
+# Check for client_max_body_size setting
+if [ -n "$NGINX_CLIENT_MAX_BODY_SIZE" ]
+then
+	printf "# STATE: Setting client_max_body_size to $NGINX_CLIENT_MAX_BODY_SIZE\n"
+	sed -i "s/client_max_body_size 250M;/client_max_body_size $NGINX_CLIENT_MAX_BODY_SIZE;/g" /etc/nginx/sites-enabled/webdav
+fi
+
+printf "# STATE: Nginx is starting up now, the logs you see below are error_log and access_log from Nginx\n"
+exec "$@"

password.sh

@@ -1,21 +0,0 @@
-#!/bin/sh -e
-
-printf "#####\n"
-printf "# Container starting up!\n"
-printf "#####\n"
-
-# Check for WebDav user/pass
-printf "# STATE: Checking for WebDav user/pass\n"
-if [ -n "$WEBDAV_USER" ] && [ -n "$WEBDAV_PASS" ]
-then
-	printf "# STATE: WebDav user/pass written to /etc/nginx/webdav_credentials\n"
-	htpasswd -b -c /etc/nginx/webdav_credentials $WEBDAV_USER $WEBDAV_PASS > /dev/null 2>&1
-else
-	printf "# WARN:  No WebDav user/pass were set, the 'restricted' diretory has no authentication on it!\n"
-	sed -i 's/.*auth_basic.*//g' /etc/nginx/sites-enabled/webdav
-	sed -i 's/.*auth_basic_user_file.*//g' /etc/nginx/sites-enabled/webdav
-fi
-
-
-printf "# STATE: Nginx is starting up now, the logs you see below are error_log and access_log from Nginx\n"
-exec "$@"

webdav.conf

@@ -5,6 +5,8 @@ server {
   root /var/www/webdav;
   autoindex on;
 
+  client_max_body_size 250M;
+
   location /public {
     dav_methods            PUT DELETE MKCOL COPY MOVE;
     dav_ext_methods        PROPFIND OPTIONS;