steven/docker-webdav-nginx
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: steven:master
Branches Tags
steven:master
steven:0.3.1
steven:0.3.0
steven:0.2.0
steven:0.1.0
steven:0.0.2
steven:0.0.1
..
compare: steven:0.3.0
Branches Tags
steven:master
steven:0.3.1
steven:0.3.0
steven:0.2.0
steven:0.1.0
steven:0.0.2
steven:0.0.1

No commits in common. "master" and "0.3.0" have entirely different histories.
master ... 0.3.0

11 changed files with 185 additions and 58 deletions
Show Stats Expand all files Collapse all files

13
.drone.yml
View File

@ -1,13 +0,0 @@
kind: pipeline
name: default
workspace:
base: /go
path: src/deadbeef.codes/steven/docker-webdav-nginx
steps:
- name: docker build
image: plugins/docker
settings:
repo: registry.deadbeef.codes/docker-webdav-nginx

21
.github/renovate.json vendored Normal file
View File

@ -0,0 +1,21 @@
{
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
"extends": [
"config:base"
],
"dependencyDashboard": true,
"dependencyDashboardTitle": "Renovate Dashboard",
"labels": ["renovatebot"],
"packageRules": [
{
"managers": ["github-actions"],
"matchUpdateTypes": ["patch"],
"automerge": true,
"automergeType": "pr",
"platformAutomerge": true
}
],
"docker-compose": {
"ignorePaths": ["docker-compose-dev.yml"]
}
}

5
.github/trivy.yaml vendored Normal file
View File

@ -0,0 +1,5 @@
format: table
severity:
- CRITICAL
vulnerability:
ignore-unfixed: true

119
.github/workflows/main.yml vendored Normal file
View File

@ -0,0 +1,119 @@
name: CI/CD
on:
push:
tags:
- "[0-9]+.[0-9]+.[0-9]+"
schedule:
- cron: "0 5 * * 0"
workflow_dispatch:
env:
USER: loganmarchione
REPO: docker-webdav-nginx
jobs:
lint:
name: Lint
runs-on: ubuntu-latest
steps:
- name: Check out the codebase
uses: actions/checkout@v3
- name: Lint Dockerfile with Hadolint
uses: hadolint/hadolint-action@v3.1.0
with:
failure-threshold: error
ignore: DL3008,DL3018
ci:
name: Build and test
needs: lint
runs-on: ubuntu-latest
steps:
- name: Check out the codebase
uses: actions/checkout@v3
- name: Set variables
run: |
VER=$(cat VERSION)
echo "VERSION=$VER" >> $GITHUB_ENV
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Build Docker Image
uses: docker/build-push-action@v4
with:
push: false
context: .
file: Dockerfile
load: true
tags: |
${{ env.USER }}/${{ env.REPO }}:${{ env.VERSION }}
${{ env.USER }}/${{ env.REPO }}:latest
- name: Test image
run: |
docker images
docker run --name test-container --detach --env WEBDAV_USER=user --env WEBDAV_PASS=password1 --volume 'webdav:/var/www/webdav' ${USER}/${REPO}:${VERSION}
docker ps -a
- name: Container scan with Dockle
uses: goodwithtech/dockle-action@0.1.0
with:
image: '${{ env.USER }}/${{ env.REPO }}:${{ env.VERSION }}'
format: 'list'
exit-code: '1'
exit-level: 'warn'
ignore: 'CIS-DI-0001'
- name: Container scan with Trivy
uses: aquasecurity/trivy-action@0.11.2
with:
scan-type: 'image'
image-ref: '${{ env.USER }}/${{ env.REPO }}:${{ env.VERSION }}'
trivy-config: ./github/trivy.yaml
cd:
name: Deploy
needs: ci
runs-on: ubuntu-latest
steps:
- name: Check out the codebase
uses: actions/checkout@v3
- name: Set variables
run: |
VER=$(cat VERSION)
echo "VERSION=$VER" >> $GITHUB_ENV
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Login to DockerHub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKER_HUB_USER }}
password: ${{ secrets.DOCKER_HUB_PASS }}
logout: true
- name: Build Docker Image
uses: docker/build-push-action@v4
with:
push: true
context: .
file: Dockerfile
platforms: linux/amd64,linux/arm64,linux/arm/v7
tags: |
${{ env.USER }}/${{ env.REPO }}:${{ env.VERSION }}
${{ env.USER }}/${{ env.REPO }}:latest

17
Dockerfile
View File

@ -1,14 +1,19 @@
FROM debian:12-slim
# Originally
# LABEL maintainer="Logan Marchione <logan@loganmarchione.com>" \
LABEL maintainer="himself@stevenpolley.net"
ARG BUILD_DATE
LABEL \
maintainer="Logan Marchione <logan@loganmarchione.com>" \
org.opencontainers.image.authors="Logan Marchione <logan@loganmarchione.com>" \
org.opencontainers.image.title="docker-webdav-nginx" \
org.opencontainers.image.description="Runs a Nginx WebDav server in Docker" \
org.opencontainers.image.created=$BUILD_DATE
ARG DEBIAN_FRONTEND=noninteractive
RUN apt-get update && apt-get -y install --no-install-recommends \
apache2-utils \
netcat-openbsd \
netcat-openbsd \
nginx-extras && \
rm -rf /var/lib/apt/lists/* && \
mkdir -p "/var/www/webdav/restricted" && \
@ -20,13 +25,13 @@ EXPOSE 80
VOLUME [ "/var/www/webdav" ]
COPY entrypoint.sh /
COPY password.sh /
COPY VERSION /
COPY webdav.conf /etc/nginx/sites-enabled/webdav
ENTRYPOINT ["/entrypoint.sh"]
ENTRYPOINT ["/password.sh"]
CMD ["nginx", "-g", "daemon off;"]

15
README.md
View File

@ -1,7 +1,8 @@
[![Build Status](https://drone.deadbeef.codes/api/badges/steven/docker-webdav-nginx/status.svg)](https://drone.deadbeef.codes/steven/docker-webdav-nginx)
# docker-webdav-nginx
[![CI/CD](https://github.com/loganmarchione/docker-webdav-nginx/actions/workflows/main.yml/badge.svg)](https://github.com/loganmarchione/docker-webdav-nginx/actions/workflows/main.yml)
[![Docker Image Size (latest semver)](https://img.shields.io/docker/image-size/loganmarchione/docker-webdav-nginx)](https://hub.docker.com/r/loganmarchione/docker-webdav-nginx)
Runs a Nginx WebDav server in Docker
- Source code: [GitHub](https://github.com/loganmarchione/docker-webdav-nginx)
- Docker container: [Docker Hub](https://hub.docker.com/r/loganmarchione/docker-webdav-nginx)
@ -29,11 +30,10 @@ Runs a Nginx WebDav server in Docker
- `X.X.X`: [Semantic version](https://semver.org/) (use if you want to stick on a specific version)
### Environment variables
| Variable | Required? | Definition | Example | Comments |
|----------------------------|--------------------|----------------------------------------------------------------------------------------------------------------|----------------------------|--------------------------------------------------------------|
| WEBDAV_USER | No | WebDav username | user | user AND pass need to be set for authentication to work |
| WEBDAV_PASS | No | WebDav password | password1 | user AND pass need to be set for authentication to work |
| NGINX_CLIENT_MAX_BODY_SIZE | No (default: 250M) | Nginx's [client_max_body_size](https://nginx.org/en/docs/http/ngx_http_core_module.html#client_max_body_size) | 500M | Be sure to include the units. Set to `0` to disable. |
| Variable | Required? | Definition | Example | Comments |
|-------------|-----------|----------------------------------|----------------------------|--------------------------------------------------------------|
| WEBDAV_USER | No | WebDav username | user | user AND pass need to be set for authentication to work |
| WEBDAV_PASS | No | WebDav password | password1 | user AND pass need to be set for authentication to work |
### Ports
| Port on host | Port in container | Comments |
@ -56,7 +56,6 @@ services:
environment:
- WEBDAV_USER=user
- WEBDAV_PASS=password1
- NGINX_CLIENT_MAX_BODY_SIZE=500M
networks:
- webdav
ports:

2
VERSION
View File

@ -1 +1 @@
0.3.1
0.3.0

1
docker-compose-dev.yml
View File

@ -9,7 +9,6 @@ services:
environment:
- WEBDAV_USER=user
- WEBDAV_PASS=password1
- NGINX_CLIENT_MAX_BODY_SIZE=500M
networks:
- webdav
ports:

27
entrypoint.sh
View File

@ -1,27 +0,0 @@
#!/bin/sh -e
printf "########################################\n"
printf "# Container starting up!\n"
printf "########################################\n"
# Check for WebDav user/pass
printf "# STATE: Checking for WebDav user/pass\n"
if [ -n "$WEBDAV_USER" ] && [ -n "$WEBDAV_PASS" ]
then
printf "# STATE: WebDav user/pass written to /etc/nginx/webdav_credentials\n"
htpasswd -b -c /etc/nginx/webdav_credentials $WEBDAV_USER $WEBDAV_PASS > /dev/null 2>&1
else
printf "# WARN: No WebDav user/pass were set, the "restricted" directory has no authentication on it!\n"
sed -i "s/.*auth_basic.*//g" /etc/nginx/sites-enabled/webdav
sed -i "s/.*auth_basic_user_file.*//g" /etc/nginx/sites-enabled/webdav
fi
# Check for client_max_body_size setting
if [ -n "$NGINX_CLIENT_MAX_BODY_SIZE" ]
then
printf "# STATE: Setting client_max_body_size to $NGINX_CLIENT_MAX_BODY_SIZE\n"
sed -i "s/client_max_body_size 250M;/client_max_body_size $NGINX_CLIENT_MAX_BODY_SIZE;/g" /etc/nginx/sites-enabled/webdav
fi
printf "# STATE: Nginx is starting up now, the logs you see below are error_log and access_log from Nginx\n"
exec "$@"

21
password.sh Executable file
View File

@ -0,0 +1,21 @@
#!/bin/sh -e
printf "#####\n"
printf "# Container starting up!\n"
printf "#####\n"
# Check for WebDav user/pass
printf "# STATE: Checking for WebDav user/pass\n"
if [ -n "$WEBDAV_USER" ] && [ -n "$WEBDAV_PASS" ]
then
printf "# STATE: WebDav user/pass written to /etc/nginx/webdav_credentials\n"
htpasswd -b -c /etc/nginx/webdav_credentials $WEBDAV_USER $WEBDAV_PASS > /dev/null 2>&1
else
printf "# WARN: No WebDav user/pass were set, the 'restricted' diretory has no authentication on it!\n"
sed -i 's/.*auth_basic.*//g' /etc/nginx/sites-enabled/webdav
sed -i 's/.*auth_basic_user_file.*//g' /etc/nginx/sites-enabled/webdav
fi
printf "# STATE: Nginx is starting up now, the logs you see below are error_log and access_log from Nginx\n"
exec "$@"

2
webdav.conf
View File

@ -5,8 +5,6 @@ server {
root /var/www/webdav;
autoindex on;
client_max_body_size 250M;
location /public {
dav_methods PUT DELETE MKCOL COPY MOVE;
dav_ext_methods PROPFIND OPTIONS;