refactor(slskd): Log in w/ Authelia
- Currently, Firefox reports some errors about failure to connect to a websocket somewhere at slsk.deertopia.net. Further fixes may be required if that's a serious issue.
This commit is contained in:
Madeleine Sydney
@@ -99,10 +99,7 @@ in {
|
|||||||
default_policy = "deny";
|
default_policy = "deny";
|
||||||
rules = [
|
rules = [
|
||||||
{
|
{
|
||||||
# TODO: Remove this. It's only used for a quick demo for myself.
|
domain = "*.deertopia.net";
|
||||||
# The domain choice is arbitrary. It's just one I happen to have
|
|
||||||
# set up.
|
|
||||||
domain = "ldap.deertopia.net";
|
|
||||||
policy = "one_factor";
|
policy = "one_factor";
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
@@ -117,10 +114,7 @@ in {
|
|||||||
{
|
{
|
||||||
domain = "deertopia.net";
|
domain = "deertopia.net";
|
||||||
authelia_url = "https://auth.deertopia.net";
|
authelia_url = "https://auth.deertopia.net";
|
||||||
# TODO: Remove this. It's only used for a quick demo for myself.
|
default_redirection_url = "https://deertopia.net";
|
||||||
# The domain choice is arbitrary. It's just one I happen to have
|
|
||||||
# set up.
|
|
||||||
default_redirection_url = "https://ldap.deertopia.net";
|
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|||||||
@@ -19,9 +19,14 @@ in {
|
|||||||
environmentFile = "/run/secrets/slskd-credentials";
|
environmentFile = "/run/secrets/slskd-credentials";
|
||||||
|
|
||||||
settings = {
|
settings = {
|
||||||
|
# Disable slskd's authentication in favour of Authelia.
|
||||||
|
web.authentication.disabled = true;
|
||||||
shares.directories = [
|
shares.directories = [
|
||||||
"/persist/vault/jellyfin/Music"
|
"/persist/vault/jellyfin/Music"
|
||||||
"/persist/vault/jellyfin/Shows"
|
"/persist/vault/jellyfin/Shows"
|
||||||
|
"/persist/vault/jellyfin/Documents"
|
||||||
|
"/persist/vault/jellyfin/Music Videos"
|
||||||
|
"/persist/vault/jellyfin/Movies"
|
||||||
];
|
];
|
||||||
# directories.downloads = "/persist/vault/jellyfin/Music";
|
# directories.downloads = "/persist/vault/jellyfin/Music";
|
||||||
};
|
};
|
||||||
@@ -34,14 +39,22 @@ in {
|
|||||||
# HACK: Consult with Molly on idiomatic Unix permissions.
|
# HACK: Consult with Molly on idiomatic Unix permissions.
|
||||||
users.users.${config.services.slskd.user}.extraGroups = [ "jellyfin" ];
|
users.users.${config.services.slskd.user}.extraGroups = [ "jellyfin" ];
|
||||||
|
|
||||||
sydnix.deertopia.nginx.vhosts."slsk".vhost = {
|
sydnix.deertopia.nginx.vhosts."slsk" = {
|
||||||
|
directory = null;
|
||||||
|
vhost = {
|
||||||
forceSSL = true;
|
forceSSL = true;
|
||||||
enableACME = true;
|
enableACME = true;
|
||||||
locations."/" = {
|
extraConfig =
|
||||||
proxyWebsockets = true;
|
|
||||||
proxyPass =
|
|
||||||
let port = builtins.toString config.services.slskd.settings.web.port;
|
let port = builtins.toString config.services.slskd.settings.web.port;
|
||||||
in "http://localhost:${port}";
|
in ''
|
||||||
|
include ${./authelia/authelia-location.conf};
|
||||||
|
set $upstream http://127.0.0.1:${port};
|
||||||
|
'';
|
||||||
|
locations."/".extraConfig = ''
|
||||||
|
include ${./authelia/authelia-authrequest.conf};
|
||||||
|
include ${./authelia/proxy.conf};
|
||||||
|
proxy_pass $upstream;
|
||||||
|
'';
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|||||||
Reference in New Issue
Block a user