如何允许 docker nginx webdav 写入已安装的目录?

编程问答 2022-05-31

问题描述

这是 Nginx 的 docker-compose

Nginx:
container_name: Nginx
image: Nginx
build:
  context: ./dockerfile
  dockerfile: Nginx
volumes:
  - type: bind
    source: ./config/Nginx/Nginx.conf
    target: /etc/Nginx/Nginx.conf
  - type: bind
    source: ./config/Nginx/credentials.list
    target: /etc/Nginx/.credentials.list
  - type: bind
    source: /mnt/raid
    target: /webdav

docker 文件

FROM Nginx:latest
RUN apt-get update && apt-get install -y Nginx-extras libNginx-mod-http-dav-ext

Nginx.conf

worker_processes auto;

include /etc/Nginx/modules-enabled/*.conf;

error_log  /var/log/Nginx/error.log warn;
pid        /var/run/Nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       /etc/Nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/Nginx/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout  65;

    set_real_ip_from  10.0.0.0/8;
    set_real_ip_from  172.0.0.0/8;
    set_real_ip_from  192.168.0.0/16;
    real_ip_header    X-Real-IP;

    gzip  on;

    server{
        server_name _;
        root /webdav;
        dav_methods PUT DELETE MKCOL copY MOVE;
        dav_ext_methods PROPFIND OPTIONS;
        dav_access user:rw group:r all:r;
        client_body_temp_path /tmp;
        client_max_body_size 0;
        create_full_put_path on;
        auth_basic realm_name;
        auth_basic_user_file /etc/Nginx/.credentials.list;
    }

docker exec Nginx ls -la /显示 drwxrwxr-x 12 Nginx Nginx 20 Jan 4 03:01 webdav

docker exec Nginx id -u Nginx 显示 1000

1000 是主机系统用户 y2kbug 的 UID。 /mnt/raid1000:1000 所有。

drwxrwxr-x 12 y2kbug y2kbug   20 Jan  4 11:01 raid/

进入docker容器,由于认是root用户,挂载的目录是可写的。但是,连接WebDav,目录可读,但不可写。 Nginx 日志显示这些

2021/01/04 03:20:32 [error] 29#29: *6 mkdir() "/webdav/test" Failed (13: Permission denied),client: 10.0.0.7,server: _,request: "MKCOL /test/ HTTP/1.1",host: "10.0.0.10"
10.0.0.7 - y2kbug [04/Jan/2021:03:20:32 +0000] "MKCOL /test/ HTTP/1.1" 403 143 "-" "gvfs/1.46.1" "-"
10.0.0.7 - y2kbug [04/Jan/2021:03:20:32 +0000] "PROPFIND /test HTTP/1.1" 404 143 "-" "gvfs/1.46.1" "-"

我可以知道我做错了什么吗? 谢谢。

解决方法

user nginx; 添加到 nginx.conf 解决了问题。

dockerdockernginxwebdav