From 91b27fb97be9b1addf4dc21903000d0f2186ab9d Mon Sep 17 00:00:00 2001 From: Renken Date: Mon, 29 Jul 2024 22:12:34 +0200 Subject: shione: nginx: share files publicly This is my first attempt at having a basic setup using NGINX only for file sharing. Each directory holds a group of files to be shared together, generally only one file. If a `.htpasswd` is present in said directory then authentication is required to access it. Unfortunately it is not as flexible as whatever NextCloud offers such as link expiry, allowing others to edit directories and files... etc. However, this fits my needs for now. I don't intend on allowing file uploads to the public *for now*. --- .../files/etc/nginx/sites-available/shione.net | 45 ++++++++++++++++++++-- 1 file changed, 41 insertions(+), 4 deletions(-) diff --git a/config/shione/nginx/files/etc/nginx/sites-available/shione.net b/config/shione/nginx/files/etc/nginx/sites-available/shione.net index d35f0f8..361089f 100644 --- a/config/shione/nginx/files/etc/nginx/sites-available/shione.net +++ b/config/shione/nginx/files/etc/nginx/sites-available/shione.net @@ -18,6 +18,7 @@ # Default server configuration # +# `fancyindex` is from `nginx-extras`. server { listen 80 default_server; listen [::]:80 default_server; @@ -43,15 +44,51 @@ server { ssl_certificate_key /etc/letsencrypt/live/shione.net/privkey.pem; include /etc/letsencrypt/options-ssl-nginx.conf; - root /var/www/html/www.shione.net; - - index index.html; - server_name shione.net www.shione.net; + location ~* \.(htaccess|htpasswd) { + deny all; + } + location / { + root /var/www/html/shione.net; + + index index.html; + + auth_basic off; # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } + + location /share { + root /var/www; + + # Enable fancy indexes. + fancyindex on; + + # Output human-readable file sizes. + fancyindex_exact_size off; + } + + location ~ ^/share/(?[^/]+) { + root /var/www; + + # Require authentication if available. + set $auth_basic off; + set $auth_basic_user_file ""; + if (-f /var/www/share/$dir/.htpasswd) { + set $auth_basic Required; + set $auth_basic_user_file /var/www/share/$dir/.htpasswd; + } + + auth_basic $auth_basic; + auth_basic_user_file $auth_basic_user_file; + + # Enable fancy indexes. + fancyindex on; + + # Output human-readable file sizes. + fancyindex_exact_size off; + } } -- cgit v1.2.3