chris/docker
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Move Stash to Authentik

Browse Source 
Add bypass for bedroom ShieldTV
Remove Stash port forwarding
Set STASH_EXTERNAL_HOST to URL
Add customized DupFileManager plugin to Stash
Enable custom_served_folders in Stash
Disable built-in Stash auth in favor of Authentik
Add additional Stash plugins and plugin sources
Add FansDB stash box configuration
This commit is contained in:
Chris King
2025-02-16 01:20:53 -08:00
parent 79aa347f6a
commit 8de9b57365
3 changed files with 89 additions and 631 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
caddy/config/Caddyfile
View File

@@ -160,7 +160,7 @@ import ttt-app requestrr 4545
import ttt-app-alt budget actual-server-app-1 5006
import ttt-app-alt trilium triliumnext-notes-app-1 8080
import ttt-app-alt notes triliumnext-notes-app-1 8080
import ttt-app-alt stash stashapp-app-1 9999
#import ttt-app-alt stash stashapp-app-1 9999
import ttt-app-alt pihole1 192.168.1.116 80
# Authentik Configs
@@ -172,3 +172,29 @@ import authentik code
import authentik gitea
import authentik dozzle
import authentik tautulli
#import authentik-test stash
stash.tremendousturtle.tools {
import ttt-log stash
import tls
@not_cf header !CF-Connecting-IP
@cf header CF-Connecting-IP *
# Match the bedroom Nvidia Shield IP to skip Authentik
@shield client_ip 192.168.1.142
reverse_proxy @shield stashapp-app-1:9999 {
header_up X-Real-IP {remote_host}
header_up X-Forwarded-Port {server_port}
}
# When not from cloudflare just use the remote host as the real IP
reverse_proxy @not_cf authentik-app-1:9000 {
header_up X-Real-IP {remote_host}
header_up X-Forwarded-Port {server_port}
}
# When from cloudflare tunnel use the CF-Connecting-IP as the real IP
reverse_proxy @cf authentik-app-1:9000 {
header_up X-Real-IP {http.request.header.CF-Connecting-IP}
header_up X-Forwarded-Port {server_port}
}