sivert
b98703cd70
Added options to make LAN access possible
...
The immich app has a feature to switch to another URL when on a specific
wifi network (e.g. home network). This change adds an option for listen
address so that the server can listen on LAN traffic. For this to work
with authelia, we need to add the appropriate redirect URL as well.
This is very handy for those of us who are using a proxy which blocks
large file uploads -- large files will then get synced automatically
when connecting to the home network.
2025-11-21 20:42:27 +01:00
ibizaman
403fb20c1b
tests: remove more implicit imports
2025-11-21 09:52:13 +01:00
ibizaman
1cf6f6a2fe
monitoring: add sso integration
2025-11-21 09:52:13 +01:00
ibizaman
9677691b2d
docs: use better names for secrets
2025-11-21 09:52:13 +01:00
ibizaman
583b562ec2
monitoring: fix app name
2025-11-21 09:52:13 +01:00
ibizaman
061c194b1b
docs: remove misleading comment
2025-11-21 09:52:13 +01:00
ibizaman
0071c8120d
docs: add monitoring dashboard
2025-11-17 21:58:38 +01:00
ibizaman
29f2248681
forgejo: update deprecated options
2025-11-17 21:58:38 +01:00
ibizaman
bd286e6423
karakeep: update deprecated options
2025-11-17 21:58:38 +01:00
ibizaman
aa2622847e
monitoring: add late backups alert
2025-11-17 21:58:38 +01:00
ibizaman
f93de0420f
monitoring: add backup dashboard
2025-11-17 21:58:38 +01:00
ibizaman
693541e78f
monitoring: add backup scheduling
2025-11-17 21:58:38 +01:00
ibizaman
42a8b2eebc
monitoring: add logs to scraping job dashboard
2025-11-17 21:58:38 +01:00
ibizaman
e04ea6cb24
monitoring: surround with mkMerge
2025-11-17 21:58:38 +01:00
sivert
6e2cf2d035
#585 Immich: allow large uploads from mobile app
2025-11-15 20:48:52 +01:00
sivert
5287f42316
#583 Immich: add authelia bypass for mobile app
...
Adds bypasses for /api and /.well-known/immich so that the mobile app
authentication works.
2025-11-12 12:36:07 +01:00
ibizaman
a875835638
fmt: run formatter
2025-11-01 15:37:58 +01:00
ibizaman
e74e71ccef
borgbackup: use backup and databasebackup contracts
2025-11-01 15:19:54 +01:00
ibizaman
08b0b52cfe
restic: fix doc section level
2025-11-01 15:19:54 +01:00
ibizaman
f37a9fbb9c
monitoring: enable erroneously disabled scrapers
2025-10-29 23:49:07 +01:00
ibizaman
48802553de
chore: format all files
2025-10-28 22:17:00 +01:00
ibizaman
f62d2889c1
mod: only import hardcodedsecret from tests
2025-10-25 10:18:12 +02:00
ibizaman
5022bb5886
karakeep: fix meilisearch secret
2025-10-24 02:15:22 +02:00
ibizaman
6b7a6c6748
karakeep: configure meilisearch with master key and auto update
2025-10-24 01:54:26 +02:00
ibizaman
7ebe421fa0
nextcloud: bump default version from 30 to 31
2025-10-23 03:05:12 +02:00
ibizaman
63b7b09a0f
karakeep: init
2025-10-22 03:33:17 +02:00
ibizaman
139ceca768
authelia: add extraOidcAuthorizationPolicies option
...
This is needed for example to only authorize users of a given group to access a service.
Usually, the application itself enforces this but some don't.
2025-10-22 03:33:17 +02:00
ibizaman
2cc2ab5195
mod: use more callPackage now that is passes shb lib too
2025-10-15 01:38:35 +02:00
ibizaman
6e64c7f8cf
mod: merge shb functions into lib
2025-10-15 01:20:00 +02:00
ibizaman
283e12d87d
test: merge functions into lib and set backdoor everywhere
2025-10-15 01:20:00 +02:00
ibizaman
9892f55ae2
mod: make imports explicit and remove system
2025-10-12 00:24:52 +02:00
ibizaman
6d0ee7494f
nextcloud: allow to set sso integration without ldap
2025-10-09 02:04:20 +02:00
ibizaman
a536ee141e
open-webui: do not login when not belonging to user or admin group
2025-10-09 02:04:20 +02:00
ibizaman
969630c22b
revert added tests
...
This reverts commit ffa918aec6 .
It was merged incorrectly because I tricked the tests to succeed by accident.
2025-10-05 00:08:32 +02:00
ibizaman
ffa918aec6
tests: assert user with unknown group cannot login with sso or ldap
2025-10-04 23:52:14 +02:00
ibizaman
01d8f735ae
open-webui: show how to clone a secret in the docs
2025-10-04 23:24:23 +02:00
ibizaman
b840c404ab
open-webui: fix giving environment to the upstream service
2025-10-04 23:24:23 +02:00
ibizaman
f938528ba6
open-webui: add missing authorization_policy
2025-09-27 22:44:15 +02:00
ibizaman
32d643d13f
open-webui: fix documentation
2025-09-27 22:06:43 +02:00
ibizaman
02b73d2dce
open-webui: init
2025-09-27 21:25:40 +02:00
ibizaman
b46a227b5b
monitoring: add doc on retention time
2025-09-27 21:25:40 +02:00
ibizaman
1c2ff3e381
monitoring: update docs to use secrets contract
2025-09-27 21:25:40 +02:00
ibizaman
771e9758b0
lldap: update deprecated option
2025-09-27 21:25:40 +02:00
ibizaman
c0ab22eebd
pinchflat: update docs
2025-09-27 21:25:40 +02:00
ibizaman
c6ad91fb35
pinchflat: use temp dir to store secret
2025-09-27 21:25:40 +02:00
sivert
2f785919d9
#100 Immich service
...
- Declarative SSO setup via json config file
- roleClaim via LDAP groups to automatically set admin privileges
- SSO tested manually, but not yet in playwright test
- Storage quota claim not yet implemented
- Authelia rule prevents access by non-members of
userGroup/adminUserGroup
2025-09-20 14:43:38 +02:00
ibizaman
6f74d4c56c
docs: fix typos in forgejo documentation
2025-09-17 10:59:12 +02:00
ibizaman
98b4cc32b6
pinchflat: init
2025-09-17 10:59:12 +02:00
ibizaman
b24eed9a86
lib: add toEnvVar function
2025-09-17 10:59:12 +02:00
ibizaman
6f27de81d2
forgejo: clean backup dumps
...
This assumes the dumps are moved elsewhere.
2025-09-09 17:03:30 +02:00