services:
  webdav:
    image: ghcr.io/vaggeliskls/webdav-server:latest
    restart: unless-stopped
    container_name: WebDAV
    volumes:
      - /srv/docker/Webdav:/var/lib/dav
      - /srv/docker/Webdav/user.passwd:/user.passwd
    environment:
      # WebDAV Server Configuration
      WEBDAV_OPERATIONS="GET OPTIONS PROPFIND"
      # LDAP Configuration
      LDAP_ENABLED=false
      LDAP_URL=ldaps://ldap.example.com
      LDAP_ATTRIBUTE=uid
      LDAP_BASE_DN=ou=users,dc=example,dc=com
      LDAP_BIND_DN=uid=searchuser,ou=users,dc=example,dc=com
      LDAP_BIND_PASSWORD=securepassword

      # OAUTH Configuration
      # Keycloak OIDC configuration
      # more options: https://github.com/OpenIDC/mod_auth_openidc
      OAUTH_ENABLED=false
      OIDCProviderMetadataURL="http://keycloak/keycloak-auth/realms/master/.well-known/openid-configuration"
      OIDCRedirectURI="http://my-domain.local/redirect_uri"
      OIDCCryptoPassphrase="randomly_generated_secure_passphrase"
      OIDCClientID="webdav-client"
      OIDCClientSecret="ABC123def456GHI789jkl0mnopqrs"
      OIDCProviderTokenEndpointAuth="client_secret_basic"
      OIDCRemoteUserClaim="preferred_username"
      OIDCScope="openid email profile"
      OIDCXForwardedHeaders="X-Forwarded-Host"

      # Basic Digest Authentication with users space separated
      BASIC_AUTH_ENABLED=true
      BASIC_AUTH_REALM=Webdev
      BASIC_USERS=Webdav

networks:
  default:
    external: true
    name: nginx