mcardielo webdav

说明

默认情况下,bytemark/webdav 的所有用户共享同一个 /var/lib/dav 目录。如果需要为每个用户分配独立目录,可以使用 mcardielo/webdav 镜像(基于 bytemark/webdav 的改进版本,支持多用户独立目录)。

docker-compose

version: '3'
services:
  webdav:
    image: mcardielo/webdav  # 推荐使用此镜像支持多用户独立目录
    restart: always
    expose:
      - "80"  # 仅暴露 80 端口给 Nginx 代理
    environment:
      AUTH_TYPE: Basic  # HTTPS 下推荐使用 Basic 认证,http则使用Digest
      SERVER_NAMES: webdav.example.com  # 替换为你的域名
      LOCATION: /webdav  # WebDAV 访问路径
    volumes:
      - /srv/dav:/var/lib/dav  # 数据存储目录
      - ./user.passwd:/user.passwd  # 绑定挂载认证文件

用户名密码

  • htpasswd:Apache 的工具,用于创建或更新包含用户名和加密密码的认证文件。
    • -B:指定使用 bcrypt 算法加密密码(更安全,推荐)。
    • -c:表示创建新文件,第一个帐号时加这个参数,后续追加帐号不需要
    • user.passwd:为mcardielo webdav的用户密码存储文件
  • 添加帐号alice:htpasswd -B -c user.passwd alice
  • 添加帐号bob:htpasswd -B user.passwd bob

nginx配置

events {}

http {
    # HTTP server (redirect to HTTPS)
    server {
        listen 80;
        server_name webdav.atibm.com;

        # Serve ads.txt
        location /ads.txt {
            alias /usr/share/nginx/html/webdav/ads.txt;
        }

        # Redirect all HTTP requests to HTTPS
        return 301 https://$host$request_uri;
    }

    # HTTPS server
    server {
        listen 443 ssl;
        server_name webdav.atibm.com;

        # SSL certificate configuration
        ssl_certificate     /etc/letsencrypt/live/ghost.atibm.com/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/ghost.atibm.com/privkey.pem;

        # Logging
        access_log  /var/log/nginx/webdav-access.log;
        error_log   /var/log/nginx/webdav-error.log;

        # Serve ads.txt
        location /ads.txt {
            alias /usr/share/nginx/html/webdav/ads.txt;
        }

        # WebDAV location
        location /webdav {
            proxy_pass http://webdav:80/webdav;
            proxy_http_version 1.1;
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Host $host;
            dav_methods PUT DELETE MKCOL COPY MOVE;
            client_max_body_size 0;  # Allow large file uploads
            client_body_buffer_size 8m;  # Buffer for client uploads
            proxy_buffers 8 64k;  # Buffer for proxy responses
            proxy_connect_timeout 300;
            proxy_send_timeout 600;
            proxy_read_timeout 600;
        }
    }
}