soulsync/Support
BoulderBadgeDad fb8c8a71c6 Security UI: Settings toggles for reverse-proxy mode + auth-proxy header
Config is DB-backed (metadata.app_config) — there is no config.json — so the
reverse-proxy settings I added earlier had NO way to be set by a user and were
effectively dead. Added them to Settings → Security, next to the launch-PIN toggle:

- "Behind a reverse proxy" checkbox (security.trust_reverse_proxy) — help text notes
  it's for nginx/Caddy/Traefik+TLS, to leave OFF for direct/LAN http://, and that it
  needs a restart (applied at app init).
- "Auth proxy user header" field (security.auth_proxy_header) — e.g. Remote-User,
  with the must-strip-client-headers warning; blank = off.

Wired into the existing settings load + save; the save loop already persists every
key in the security object via config_manager.set, so no backend change needed.
Fixed Support/REVERSE-PROXY.md to point at Settings → Security instead of a
nonexistent config.json. Off by default → zero impact for direct users.

64 script-split integrity tests pass.
2026-06-10 21:17:26 -07:00
..
API.md Update API.md 2026-03-04 14:13:22 -08:00
AUTOMATIONS.md update readme and include automation docs 2026-03-05 18:45:00 -08:00
DOCKER-OAUTH-FIX.md Reverse proxy fix 2026-03-03 12:04:53 -08:00
DOCKER-TRANSFER-GUIDE.md organization 2026-01-27 12:23:19 -08:00
DOCKER.md organization 2026-01-27 12:23:19 -08:00
DOCKER_PERMISSIONS.md organization 2026-01-27 12:23:19 -08:00
IMPORT-STAGING-GUIDE.md Create IMPORT-STAGING-GUIDE.md 2026-03-01 16:53:40 -08:00
METADATA-FALLBACK-IMPLEMENTATION.md organization 2026-01-27 12:23:19 -08:00
README-Docker.md Document dev/nightly release channels and contributor workflow 2026-04-21 14:40:24 -07:00
REVERSE-PROXY.md Security UI: Settings toggles for reverse-proxy mode + auth-proxy header 2026-06-10 21:17:26 -07:00
UNRAID.md organization 2026-01-27 12:23:19 -08:00