Add file upload portal with per-customer links and WebDAV admin access

- Customer upload via token link (no login), optional password + expiry, drag & drop for files and folders with preserved structure - Admin portal with setup wizard, role-based users (admin/staff), per-customer WebDAV access rules (read/write), session auth - WebDAV container (Debian apache2) with htpasswd + access.conf auto-generated from the SQLite DB and reloaded via inotifywait - Configurable public base URL and janitor cron interval in admin UI; janitor reconciles the uploads table with the filesystem Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-16 11:00:51 +02:00
parent 16795137d5
commit 0770259d3d
16 changed files with 1733 additions and 0 deletions
@@ -0,0 +1,28 @@
+FROM debian:bookworm-slim
+
+ENV DEBIAN_FRONTEND=noninteractive
+
+RUN apt-get update && apt-get install -y --no-install-recommends \
+      apache2 apache2-utils inotify-tools \
+  && rm -rf /var/lib/apt/lists/*
+
+RUN a2enmod dav dav_fs auth_basic authn_file authz_user authz_core \
+             setenvif mime alias autoindex dir \
+  && a2dissite 000-default
+
+# Create a user with UID 1000 so file ownership matches the app container.
+RUN groupadd -g 1000 webdav \
+ && useradd -u 1000 -g 1000 -s /usr/sbin/nologin -M webdav \
+ && sed -i \
+    -e 's|^export APACHE_RUN_USER=.*|export APACHE_RUN_USER=webdav|' \
+    -e 's|^export APACHE_RUN_GROUP=.*|export APACHE_RUN_GROUP=webdav|' \
+    /etc/apache2/envvars
+
+COPY webdav.conf /etc/apache2/conf-enabled/webdav.conf
+
+COPY entrypoint.sh /entrypoint.sh
+RUN chmod +x /entrypoint.sh
+
+EXPOSE 80
+ENTRYPOINT ["/entrypoint.sh"]
+CMD ["apachectl", "-D", "FOREGROUND"]