diff options
Diffstat (limited to 'playbooks/roles/bin/templates/volumes/conf/copyparty.conf')
| -rw-r--r-- | playbooks/roles/bin/templates/volumes/conf/copyparty.conf | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/playbooks/roles/bin/templates/volumes/conf/copyparty.conf b/playbooks/roles/bin/templates/volumes/conf/copyparty.conf new file mode 100644 index 0000000..eaea0a6 --- /dev/null +++ b/playbooks/roles/bin/templates/volumes/conf/copyparty.conf @@ -0,0 +1,34 @@ +[global] + e2dsa # enable file indexing and filesystem scanning + e2ts # enable multimedia indexing + ansi # enable colors in log messages + #q # disable logging for more performance + + # if we are confident that we got the docker-network config correct + # (meaning copyparty is only accessible through traefik, and + # traefik makes sure that all requests go through authelia), + # then accept X-Forwarded-For and IdP headers from any private IP: + xff-src: lan + + idp-h-usr: x-auth-request-user + idp-h-grp: x-auth-request-groups + idp-h-key: x-auth-request-{{ oauth_proxy_super_secret_header }} + +[/] # create a volume at "/" (the webroot), which will + /w + accs: + rw: * # everyone gets read-access, but + rwmda: @{{ admins }} # the group "su" gets read-write-move-delete-admin + + +[/u/${u}] # each user gets their own home-folder at /u/username + /w/u/${u} # which will be "u/username" in the docker data volume + accs: + r: * # read-access for anyone, and + rwmda: ${u}, @{{ admins }} # read-write-move-delete-admin for that username + the "su" group + + +[/u/${u}/priv] # each user also gets a private area at /u/username/priv + /w/u/${u}/priv # stored at DATAVOLUME/u/username/priv + accs: + rwmda: ${u}, @{{ admins }} # read-write-move-delete-admin for that username + the "su" group |