blob: eaea0a68ae45284cd946a6b164a3ed9786f801bc (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
|
[global]
e2dsa # enable file indexing and filesystem scanning
e2ts # enable multimedia indexing
ansi # enable colors in log messages
#q # disable logging for more performance
# if we are confident that we got the docker-network config correct
# (meaning copyparty is only accessible through traefik, and
# traefik makes sure that all requests go through authelia),
# then accept X-Forwarded-For and IdP headers from any private IP:
xff-src: lan
idp-h-usr: x-auth-request-user
idp-h-grp: x-auth-request-groups
idp-h-key: x-auth-request-{{ oauth_proxy_super_secret_header }}
[/] # create a volume at "/" (the webroot), which will
/w
accs:
rw: * # everyone gets read-access, but
rwmda: @{{ admins }} # the group "su" gets read-write-move-delete-admin
[/u/${u}] # each user gets their own home-folder at /u/username
/w/u/${u} # which will be "u/username" in the docker data volume
accs:
r: * # read-access for anyone, and
rwmda: ${u}, @{{ admins }} # read-write-move-delete-admin for that username + the "su" group
[/u/${u}/priv] # each user also gets a private area at /u/username/priv
/w/u/${u}/priv # stored at DATAVOLUME/u/username/priv
accs:
rwmda: ${u}, @{{ admins }} # read-write-move-delete-admin for that username + the "su" group
|
