137 lines
4.1 KiB
Plaintext
Raw Normal View History

Initial commit.
2025-10-03 02:09:53 +02:00
# ============================================================================
# Nginx Configuration for WebDAV Server
# Place this in: /etc/nginx/conf.d/webdav.conf
# ============================================================================
# Upstream backend
Update.
2025-10-03 06:46:11 +02:00
upstream webdav_backend {
server webdav:8080 max_fails=3 fail_timeout=30s;
keepalive 32;
}
Working tests.
2025-10-03 02:33:26 +02:00
Initial commit.
2025-10-03 02:09:53 +02:00
# HTTP Server - Redirect to HTTPS
server {
listen 80;
listen [::]:80;
server_name webdav.example.com; # Change to your domain
# Let's Encrypt ACME challenge
location /.well-known/acme-challenge/ {
root /var/www/certbot;
}
# Redirect all other traffic to HTTPS
location / {
return 301 https://$server_name$request_uri;
}
}
# HTTPS Server - Main WebDAV
server {
# Security Headers
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-XSS-Protection "1; mode=block" always;
# WebDAV Specific Settings
client_max_body_size 1G; # Maximum file size
client_body_buffer_size 128k;
client_body_timeout 300s; # Timeout for client body
client_header_timeout 60s;
send_timeout 300s; # Timeout for sending response
# Proxy buffering (disable for large files)
proxy_buffering off;
proxy_request_buffering off;
# Timeouts
proxy_connect_timeout 60s;
proxy_send_timeout 300s;
proxy_read_timeout 300s;
# Logging
access_log /var/log/nginx/webdav_access.log combined;
error_log /var/log/nginx/webdav_error.log warn;
# Root location - WebDAV
location / {
# Proxy to backend
proxy_pass http://webdav_backend;
# Standard proxy headers
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Port $server_port;
# WebDAV specific headers
proxy_set_header Destination $http_destination;
proxy_set_header Depth $http_depth;
proxy_set_header Overwrite $http_overwrite;
proxy_set_header Lock-Token $http_lock_token;
proxy_set_header Timeout $http_timeout;
proxy_set_header If $http_if;
# HTTP 1.1 support
proxy_http_version 1.1;
proxy_set_header Connection "";
# Disable redirects
proxy_redirect off;
# Handle errors
proxy_intercept_errors off;
}
# Health check endpoint
location /health {
proxy_pass http://webdav_backend/health;
access_log off;
}
# Deny access to hidden files
location ~ /\. {
deny all;
access_log off;
log_not_found off;
}
# ============================================================================
# HTTP Configuration without SSL (for development only)
# ============================================================================
# Uncomment this section for development without SSL
# server {
# listen 80;
# listen [::]:80;
# server_name webdav.example.com;
#
# client_max_body_size 1G;
# client_body_buffer_size 128k;
# client_body_timeout 300s;
# send_timeout 300s;
#
# location / {
# proxy_pass http://webdav_backend;
# proxy_set_header Host $host;
# proxy_set_header X-Real-IP $remote_addr;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# proxy_set_header X-Forwarded-Proto $scheme;
#
# # WebDAV headers
# proxy_set_header Destination $http_destination;
# proxy_set_header Depth $http_depth;
# proxy_set_header Overwrite $http_overwrite;
# proxy_set_header Lock-Token $http_lock_token;
#
# proxy_http_version 1.1;
# proxy_set_header Connection "";
# proxy_redirect off;
# proxy_buffering off;
# }
# }
Update.
2025-10-03 06:46:11 +02:00
}
Reference in New Issue Copy Permalink