docker-compose.yaml

services:
  webdav:
    image: bytemark/webdav
    restart: always
    environment:
      - AUTH_TYPE=${WEBDAV_AUTH_TYPE:-Digest}
      - USERNAME=${WEBDAV_USERNAME:-yourusername}
      - PASSWORD=${WEBDAV_PASSWORD:-yourpassword}
    volumes:
      - ./volumes/webdav:/var/lib/dav
    expose:
      - 80
    security_opt:
      - no-new-privileges:true
  
  filebrowser:
    image: hurlenko/filebrowser
    user: "82:82"
    # ports:
    #   - 8080:8080
    volumes:
      - ./volumes/webdav/data:/data
      # - ./filebrowser:/config
    environment:
      - FB_BASEURL=/fb
    restart: always
    security_opt:
      - no-new-privileges:true

  nginx:
    image: nginx:latest
    user: "0:0"
    restart: always
    volumes:
      - ./nginx/nginx.conf.template:/etc/nginx/nginx.conf.template
      - ./nginx/https.conf.template:/etc/nginx/https.conf.template
      - ./nginx/proxy.conf.template:/etc/nginx/proxy.conf.template
      - ./nginx/fb.proxy.conf.template:/etc/nginx/fb.proxy.conf.template
      - ./nginx/conf.d:/etc/nginx/conf.d
      - ./nginx/ssl:/etc/ssl
      - ./nginx/docker-entrypoint.sh:/docker-entrypoint-mount.sh
      - ./volumes/certbot/conf/live:/etc/letsencrypt/live # cert dir (with certbot container)
      - ./volumes/certbot/conf:/etc/letsencrypt
      - ./volumes/certbot/www:/var/www/html
    ports:
      - '${EXPOSE_NGINX_PORT:-80}:80'
      - '${EXPOSE_NGINX_SSL_PORT:-443}:443'  
    environment:
      NGINX_SERVER_NAME: ${NGINX_SERVER_NAME:-_}
      NGINX_HTTPS_ENABLED: ${NGINX_HTTPS_ENABLED:-false}
      NGINX_SSL_PORT: ${NGINX_SSL_PORT:-443}
      NGINX_PORT: ${NGINX_PORT:-80}
      # You're required to add your own SSL certificates/keys to the `./nginx/ssl` directory
      # and modify the env vars below in .env if HTTPS_ENABLED is true.
      NGINX_SSL_CERT_FILENAME: ${NGINX_SSL_CERT_FILENAME:-fullchain.pem}
      NGINX_SSL_CERT_KEY_FILENAME: ${NGINX_SSL_CERT_KEY_FILENAME:-privkey.pem}
      NGINX_SSL_PROTOCOLS: ${NGINX_SSL_PROTOCOLS:-TLSv1.1 TLSv1.2 TLSv1.3}
      NGINX_WORKER_PROCESSES: ${NGINX_WORKER_PROCESSES:-auto}
      NGINX_ENABLE_CERTBOT_CHALLENGE: ${NGINX_ENABLE_CERTBOT_CHALLENGE:-false}
      NGINX_KEEPALIVE_TIMEOUT: ${NGINX_KEEPALIVE_TIMEOUT:-0}
      NGINX_WEDAV_TIMEOUT: ${NGINX_WEDAV_TIMEOUT:-86400s}
      CERTBOT_DOMAIN: ${CERTBOT_DOMAIN:-}
    entrypoint: [
      'sh',
      '-c',
      "cp /docker-entrypoint-mount.sh /docker-entrypoint.sh && sed -i 's/\r$$//' /docker-entrypoint.sh && chmod +x /docker-entrypoint.sh && /docker-entrypoint.sh",
    ]
    security_opt:
      - no-new-privileges:true

  certbot:
    image: certbot/certbot
    user: "0:0"
    profiles:
      - certbot
    volumes:
      - ./volumes/certbot/conf:/etc/letsencrypt
      - ./volumes/certbot/www:/var/www/html
      - ./volumes/certbot/logs:/var/log/letsencrypt
      - ./volumes/certbot/conf/live:/etc/letsencrypt/live
      - ./certbot/update-cert.template.txt:/update-cert.template.txt
      - ./certbot/docker-entrypoint.sh:/docker-entrypoint.sh
    environment:
      - CERTBOT_EMAIL=${CERTBOT_EMAIL}
      - CERTBOT_DOMAIN=${CERTBOT_DOMAIN}
      - CERTBOT_OPTIONS=${CERTBOT_OPTIONS:-}
    entrypoint: ['/docker-entrypoint.sh']
    command: ['tail', '-f', '/dev/null']