Add file upload portal with per-customer links and WebDAV admin access

- Customer upload via token link (no login), optional password + expiry, drag & drop for files and folders with preserved structure - Admin portal with setup wizard, role-based users (admin/staff), per-customer WebDAV access rules (read/write), session auth - WebDAV container (Debian apache2) with htpasswd + access.conf auto-generated from the SQLite DB and reloaded via inotifywait - Configurable public base URL and janitor cron interval in admin UI; janitor reconciles the uploads table with the filesystem Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-16 11:00:51 +02:00
parent 16795137d5
commit 0770259d3d
16 changed files with 1733 additions and 0 deletions
@@ -0,0 +1,32 @@
+DavLockDB "/var/lib/dav/DavLock"
+
+<VirtualHost *:80>
+    DocumentRoot "/data/uploads"
+
+    # Autoindex icons (explicit, no auth)
+    Alias /icons/ "/usr/share/apache2/icons/"
+    <Directory "/usr/share/apache2/icons">
+        Options FollowSymLinks
+        AllowOverride None
+        Require all granted
+    </Directory>
+
+    <Directory "/data/uploads">
+        DAV On
+        AllowOverride None
+        Options Indexes
+        AuthType Basic
+        AuthName "WebDAV"
+        AuthBasicProvider file
+        AuthUserFile /webdav-config/htpasswd
+        Require valid-user
+    </Directory>
+
+    LimitXMLRequestBody 0
+
+    # Per-customer ACLs (regenerated by the app container)
+    Include /webdav-config/access.conf
+
+    ErrorLog /dev/stderr
+    CustomLog /dev/stdout combined
+</VirtualHost>