Using Docker
SecureDAV publishes a Docker image to simplify the deployment of the SecureDAV application. The image is available on Docker Hub at https://hub.docker.com/repository/docker/mthalmann/securedav.
WARNING
There is a known issue on Windows (WSL issue, MariaDB issue), where binding the volume for the MariaDB database does not work correctly. In case this happens to you, you have to use a "normal" volume for it by removing the ./ prefix from the database volume path.
Usage
First you have to create a .env file by copying the docker/.env.example file and adjust the values to your needs. See the Configuration page for more information.
With docker-compose
The docker-compose.yml file inside of the docker directory provides an easy way to start the SecureDAV application with a MariaDB database and a Redis instance for caching.
Simply copy the file to the directory where your .env file is located, update the port mapping, update the TZ environment variable to your timezone and run the following command:
docker-compose up -d
NOTE
This will bind the volumes for files, logs and the database to locally created directories. You can adjust the paths in the docker-compose.yml file to your needs.
With the image
NOTE
The image does not include a database or Redis container. It requires dedicated containers to handle these services.
Create a network:
docker network create --attachable securedav-net
Create a database container:
NOTE
SecureDAV was currently tested using SQLite and MariaDB. Other database systems may work, but support is not guaranteed.
docker run -d --name database \
-e MYSQL_RANDOM_ROOT_PASSWORD=true \
-e MYSQL_DATABASE=securedav \
-e MYSQL_USER=usersecuredav \
-e MYSQL_PASSWORD=secret \
--network=securedav-net \
-v ./database:/var/lib/mysql:Z \
mariadb:11
Create a Redis container (optional):
docker run -d --name redis \
--network=securedav-net \
redis:alpine \
redis-server --appendonly yes --requirepass redissecret
Create the SecureDAV container:
docker run -d --name securedav \
-p 80:80 \
-e DB_CONNECTION=mysql \
-e DB_HOST=database \
-e DB_DATABASE=securedav \
-e DB_USERNAME=usersecuredav \
-e DB_PASSWORD=secret \
-e REDIS_HOST=redis \
-e REDIS_PASSWORD=redissecret \
-e CACHE_DRIVER=redis \
-e QUEUE_CONNECTION=redis \
--network=securedav-net \
-v ./files:/var/www/html/storage/app/files \
-v ./logs:/var/www/html/storage/logs \
-v ./.env:/var/www/html/.env \
mthalmann/securedav
NOTE
If you don't want a Redis container, you can remove the environment variables and the -e CACHE_DRIVER=redis -e QUEUE_CONNECTION=redis part from the docker run command.
Using a proxy
You can use a reverse proxy in front of the SecureDAV application to handle SSL termination, load balancing, etc. The following example shows how to use a reverse proxy through Apache2:
<VirtualHost *:443>
ServerName securedav.example.com
SSLEngine on
SSLCertificateFile /path/to/cert.pem
SSLCertificateKeyFile /path/to/key.pem
ProxyPreserveHost On
ProxyRequests off
AllowEncodedSlashes NoDecode
ProxyPass / http://localhost:8080/ nocanon
ProxyPassReverse / http://localhost:8080/
RequestHeader set "X-Forwarded-Proto" expr=%{REQUEST_SCHEME}
</VirtualHost>
IMPORTANT
When using a proxy with SSL in front of the SecureDAV application, make sure to set the APP_TRUSTED_PROXIES environment variable in the .env file accordingly (comma separated)! It must include the host or ip address of the proxied server (see ProxyPass and ProxyPassReverse)!
Example for the virtual host configuration above: APP_TRUSTED_PROXIES=localhost
First run
Check the Quick start after installation section to get started with the SecureDAV application.