19 Commits
0.2.0 ... 0.3.1

Author SHA1 Message Date
0179b787b1 Rename entrypoint script, detect NGINX_CLIENT_MAX_BODY_SIZE 2023-06-19 15:14:22 -04:00
5f1906feb8 Add default client_max_body_size 2023-06-19 15:14:01 -04:00
f708d1f194 Add NGINX_CLIENT_MAX_BODY_SIZE to example 2023-06-19 15:13:42 -04:00
ef8106adcd Bump version 2023-06-19 15:13:10 -04:00
cc14a5e76a Rename entrypoint script 2023-06-19 15:13:01 -04:00
43ee8da6ef Bump VERSION 2023-06-19 14:50:19 -04:00
836c86e165 Change netcat package name for Debian 12 2023-06-19 14:49:20 -04:00
0a84b8e997 Merge pull request #15 from loganmarchione/renovate/debian-12.x
Update debian Docker tag to v12
2023-06-19 18:44:19 +00:00
4666fae569 Update debian Docker tag to v12 2023-06-13 01:32:21 +00:00
12fa7c5ef6 Merge pull request #14 from loganmarchione/renovate/aquasecurity-trivy-action-0.x
Update aquasecurity/trivy-action action to v0.11.2
2023-06-12 17:12:53 +00:00
ca5461743d Update aquasecurity/trivy-action action to v0.11.2 2023-06-09 22:52:35 +00:00
5fbc7e8112 Merge pull request #13 from loganmarchione/renovate/aquasecurity-trivy-action-0.x
Update aquasecurity/trivy-action action to v0.11.0
2023-06-06 00:48:45 +00:00
c7d1c72737 Update aquasecurity/trivy-action action to v0.11.0 2023-06-05 19:47:39 +00:00
dc25bd9e65 Merge pull request #12 from loganmarchione/renovate/aquasecurity-trivy-action-0.x
Update aquasecurity/trivy-action action to v0.10.0
2023-04-19 17:05:54 +00:00
eed796c375 Update aquasecurity/trivy-action action to v0.10.0 2023-04-19 02:06:05 +00:00
78fdcfd36b Update renovate.json 2023-03-31 09:44:47 -04:00
b7c9c4166c Update network name 2023-03-30 21:33:21 -04:00
d86126bf70 Add Docker Compose for debugging 2023-03-30 21:13:18 -04:00
aa88052b5a Update main.yml 2023-03-28 01:39:22 +00:00
9 changed files with 99 additions and 39 deletions

View File

@ -14,5 +14,8 @@
"automergeType": "pr", "automergeType": "pr",
"platformAutomerge": true "platformAutomerge": true
} }
] ],
"docker-compose": {
"ignorePaths": ["docker-compose-dev.yml"]
}
} }

View File

@ -13,9 +13,25 @@ env:
REPO: docker-webdav-nginx REPO: docker-webdav-nginx
jobs: jobs:
lint:
name: Lint
runs-on: ubuntu-latest
steps:
- name: Check out the codebase
uses: actions/checkout@v3
- name: Lint Dockerfile with Hadolint
uses: hadolint/hadolint-action@v3.1.0
with:
failure-threshold: error
ignore: DL3008,DL3018
ci: ci:
name: Build and test name: Build and test
needs: lint
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
@ -56,14 +72,8 @@ jobs:
exit-level: 'warn' exit-level: 'warn'
ignore: 'CIS-DI-0001' ignore: 'CIS-DI-0001'
- name: Container scan with hadolint
uses: hadolint/hadolint-action@v3.1.0
with:
failure-threshold: error
ignore: DL3008,DL3018
- name: Container scan with Trivy - name: Container scan with Trivy
uses: aquasecurity/trivy-action@0.9.2 uses: aquasecurity/trivy-action@0.11.2
with: with:
scan-type: 'image' scan-type: 'image'
image-ref: '${{ env.USER }}/${{ env.REPO }}:${{ env.VERSION }}' image-ref: '${{ env.USER }}/${{ env.REPO }}:${{ env.VERSION }}'

View File

@ -1,4 +1,4 @@
FROM debian:11-slim FROM debian:12-slim
ARG BUILD_DATE ARG BUILD_DATE
@ -13,7 +13,7 @@ ARG DEBIAN_FRONTEND=noninteractive
RUN apt-get update && apt-get -y install --no-install-recommends \ RUN apt-get update && apt-get -y install --no-install-recommends \
apache2-utils \ apache2-utils \
netcat \ netcat-openbsd \
nginx-extras && \ nginx-extras && \
rm -rf /var/lib/apt/lists/* && \ rm -rf /var/lib/apt/lists/* && \
mkdir -p "/var/www/webdav/restricted" && \ mkdir -p "/var/www/webdav/restricted" && \
@ -25,13 +25,13 @@ EXPOSE 80
VOLUME [ "/var/www/webdav" ] VOLUME [ "/var/www/webdav" ]
COPY password.sh / COPY entrypoint.sh /
COPY VERSION / COPY VERSION /
COPY webdav.conf /etc/nginx/sites-enabled/webdav COPY webdav.conf /etc/nginx/sites-enabled/webdav
ENTRYPOINT ["/password.sh"] ENTRYPOINT ["/entrypoint.sh"]
CMD ["nginx", "-g", "daemon off;"] CMD ["nginx", "-g", "daemon off;"]

View File

@ -31,9 +31,10 @@ Runs a Nginx WebDav server in Docker
### Environment variables ### Environment variables
| Variable | Required? | Definition | Example | Comments | | Variable | Required? | Definition | Example | Comments |
|-------------|-----------|----------------------------------|----------------------------|--------------------------------------------------------------| |----------------------------|--------------------|----------------------------------------------------------------------------------------------------------------|----------------------------|--------------------------------------------------------------|
| WEBDAV_USER | No | WebDav username | user | user AND pass need to be set for authentication to work | | WEBDAV_USER | No | WebDav username | user | user AND pass need to be set for authentication to work |
| WEBDAV_PASS | No | WebDav password | password1 | user AND pass need to be set for authentication to work | | WEBDAV_PASS | No | WebDav password | password1 | user AND pass need to be set for authentication to work |
| NGINX_CLIENT_MAX_BODY_SIZE | No (default: 250M) | Nginx's [client_max_body_size](https://nginx.org/en/docs/http/ngx_http_core_module.html#client_max_body_size) | 500M | Be sure to include the units. Set to `0` to disable. |
### Ports ### Ports
| Port on host | Port in container | Comments | | Port on host | Port in container | Comments |
@ -51,11 +52,12 @@ Below is an example docker-compose.yml file.
version: '3' version: '3'
services: services:
webdav: webdav:
container_name: webdav container_name: docker-webdav-nginx
restart: unless-stopped restart: unless-stopped
environment: environment:
- WEBDAV_USER=user - WEBDAV_USER=user
- WEBDAV_PASS=password1 - WEBDAV_PASS=password1
- NGINX_CLIENT_MAX_BODY_SIZE=500M
networks: networks:
- webdav - webdav
ports: ports:
@ -72,4 +74,16 @@ volumes:
driver: local driver: local
``` ```
Below is an example of running locally (used to edit/test/debug).
```
# Build the Dockerfile
docker compose -f docker-compose-dev.yml up -d
# View logs
docker compose -f docker-compose-dev.yml logs -f
# Destroy when done
docker compose -f docker-compose-dev.yml down
```
## TODO ## TODO

View File

@ -1 +1 @@
0.2.0 0.3.1

25
docker-compose-dev.yml Normal file
View File

@ -0,0 +1,25 @@
version: '3'
services:
webdav:
container_name: docker-webdav-nginx
restart: unless-stopped
build:
context: .
dockerfile: Dockerfile
environment:
- WEBDAV_USER=user
- WEBDAV_PASS=password1
- NGINX_CLIENT_MAX_BODY_SIZE=500M
networks:
- webdav
ports:
- '8888:80'
volumes:
- 'webdav:/var/www/webdav'
networks:
webdav:
volumes:
webdav:
driver: local

27
entrypoint.sh Executable file
View File

@ -0,0 +1,27 @@
#!/bin/sh -e
printf "########################################\n"
printf "# Container starting up!\n"
printf "########################################\n"
# Check for WebDav user/pass
printf "# STATE: Checking for WebDav user/pass\n"
if [ -n "$WEBDAV_USER" ] && [ -n "$WEBDAV_PASS" ]
then
printf "# STATE: WebDav user/pass written to /etc/nginx/webdav_credentials\n"
htpasswd -b -c /etc/nginx/webdav_credentials $WEBDAV_USER $WEBDAV_PASS > /dev/null 2>&1
else
printf "# WARN: No WebDav user/pass were set, the "restricted" directory has no authentication on it!\n"
sed -i "s/.*auth_basic.*//g" /etc/nginx/sites-enabled/webdav
sed -i "s/.*auth_basic_user_file.*//g" /etc/nginx/sites-enabled/webdav
fi
# Check for client_max_body_size setting
if [ -n "$NGINX_CLIENT_MAX_BODY_SIZE" ]
then
printf "# STATE: Setting client_max_body_size to $NGINX_CLIENT_MAX_BODY_SIZE\n"
sed -i "s/client_max_body_size 250M;/client_max_body_size $NGINX_CLIENT_MAX_BODY_SIZE;/g" /etc/nginx/sites-enabled/webdav
fi
printf "# STATE: Nginx is starting up now, the logs you see below are error_log and access_log from Nginx\n"
exec "$@"

View File

@ -1,21 +0,0 @@
#!/bin/sh -e
printf "#####\n"
printf "# Container starting up!\n"
printf "#####\n"
# Check for WebDav user/pass
printf "# STATE: Checking for WebDav user/pass\n"
if [ -n "$WEBDAV_USER" ] && [ -n "$WEBDAV_PASS" ]
then
printf "# STATE: WebDav user/pass written to /etc/nginx/webdav_credentials\n"
htpasswd -b -c /etc/nginx/webdav_credentials $WEBDAV_USER $WEBDAV_PASS > /dev/null 2>&1
else
printf "# WARN: No WebDav user/pass were set, the 'restricted' diretory has no authentication on it!\n"
sed -i 's/.*auth_basic.*//g' /etc/nginx/sites-enabled/webdav
sed -i 's/.*auth_basic_user_file.*//g' /etc/nginx/sites-enabled/webdav
fi
printf "# STATE: Nginx is starting up now, the logs you see below are error_log and access_log from Nginx\n"
exec "$@"

View File

@ -5,6 +5,8 @@ server {
root /var/www/webdav; root /var/www/webdav;
autoindex on; autoindex on;
client_max_body_size 250M;
location /public { location /public {
dav_methods PUT DELETE MKCOL COPY MOVE; dav_methods PUT DELETE MKCOL COPY MOVE;
dav_ext_methods PROPFIND OPTIONS; dav_ext_methods PROPFIND OPTIONS;