Gate searxng, notes, and hasura behind admin auth via nginx auth_request
Some checks failed
Deploy with Docker Compose / deploy (push) Has been cancelled
Some checks failed
Deploy with Docker Compose / deploy (push) Has been cancelled
Add ValidateAdmin endpoint that checks JWT admin claim for use as an nginx auth_request subrequest. Widen cookie path from backend endpoint to "/" so the access_token is sent on all paths. Extend access token lifetime from 24h to 7 days. Disable hasura service by default via Docker profile. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
@@ -35,7 +35,6 @@ services:
|
||||
- backend
|
||||
- icecast2
|
||||
- gitea
|
||||
- hasura
|
||||
- quartz
|
||||
- searxng
|
||||
networks:
|
||||
@@ -96,6 +95,8 @@ services:
|
||||
image: hasura/graphql-engine:v2.44.0
|
||||
container_name: "${HASURA_HOST}"
|
||||
restart: always
|
||||
profiles:
|
||||
- disabled
|
||||
depends_on:
|
||||
- db
|
||||
networks:
|
||||
@@ -135,7 +136,6 @@ services:
|
||||
volumes:
|
||||
- ${OBSIDIAN_DIR}:/quartz/content:ro
|
||||
|
||||
|
||||
searxng:
|
||||
build:
|
||||
context: ./searxng
|
||||
@@ -151,7 +151,6 @@ services:
|
||||
volumes:
|
||||
- searxng_data:/etc/searxng
|
||||
|
||||
|
||||
gitea:
|
||||
image: docker.gitea.com/gitea:1.25.4-rootless
|
||||
container_name: "${GITEA_HOST}"
|
||||
|
||||
Reference in New Issue
Block a user