问题描述
这是 Nginx 的 docker-compose
Nginx:
container_name: Nginx
image: Nginx
build:
context: ./dockerfile
dockerfile: Nginx
volumes:
- type: bind
source: ./config/Nginx/Nginx.conf
target: /etc/Nginx/Nginx.conf
- type: bind
source: ./config/Nginx/credentials.list
target: /etc/Nginx/.credentials.list
- type: bind
source: /mnt/raid
target: /webdav
docker 文件
FROM Nginx:latest
RUN apt-get update && apt-get install -y Nginx-extras libNginx-mod-http-dav-ext
Nginx.conf
worker_processes auto;
include /etc/Nginx/modules-enabled/*.conf;
error_log /var/log/Nginx/error.log warn;
pid /var/run/Nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/Nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/Nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
set_real_ip_from 10.0.0.0/8;
set_real_ip_from 172.0.0.0/8;
set_real_ip_from 192.168.0.0/16;
real_ip_header X-Real-IP;
gzip on;
server{
server_name _;
root /webdav;
dav_methods PUT DELETE MKCOL copY MOVE;
dav_ext_methods PROPFIND OPTIONS;
dav_access user:rw group:r all:r;
client_body_temp_path /tmp;
client_max_body_size 0;
create_full_put_path on;
auth_basic realm_name;
auth_basic_user_file /etc/Nginx/.credentials.list;
}
docker exec Nginx ls -la /
它显示 drwxrwxr-x 12 Nginx Nginx 20 Jan 4 03:01 webdav
docker exec Nginx id -u Nginx
显示 1000
1000
是主机系统用户 y2kbug
的 UID。 /mnt/raid
归 1000:1000
所有。
drwxrwxr-x 12 y2kbug y2kbug 20 Jan 4 11:01 raid/
进入docker容器,由于默认是root
用户,挂载的目录是可写的。但是,连接WebDav,目录可读,但不可写。 Nginx 日志显示这些
2021/01/04 03:20:32 [error] 29#29: *6 mkdir() "/webdav/test" Failed (13: Permission denied),client: 10.0.0.7,server: _,request: "MKCOL /test/ HTTP/1.1",host: "10.0.0.10"
10.0.0.7 - y2kbug [04/Jan/2021:03:20:32 +0000] "MKCOL /test/ HTTP/1.1" 403 143 "-" "gvfs/1.46.1" "-"
10.0.0.7 - y2kbug [04/Jan/2021:03:20:32 +0000] "PROPFIND /test HTTP/1.1" 404 143 "-" "gvfs/1.46.1" "-"
我可以知道我做错了什么吗? 谢谢。
解决方法
将 user nginx;
添加到 nginx.conf
解决了问题。