Merge branch 'caddyfile' into 'develop'

Draft: deploy: add Caddyfile template See merge request funkwhale/funkwhale!1384
Allow oauth token expiration time to be configured
2025-10-03 06:09:16 +02:00 · 2021-11-21 19:56:04 +00:00 · 2021-11-19 11:55:10 +01:00 · 2021-10-09 19:36:41 +02:00
2 changed files with 60 additions and 1 deletions
--- a/api/config/settings/common.py
+++ b/api/config/settings/common.py
@ -621,7 +621,9 @@ OAUTH2_PROVIDER = {
    # we keep expired tokens for 15 days, for tracability
    "REFRESH_TOKEN_EXPIRE_SECONDS": 3600 * 24 * 15,
    "AUTHORIZATION_CODE_EXPIRE_SECONDS": 5 * 60,
-    "ACCESS_TOKEN_EXPIRE_SECONDS": 60 * 60 * 10,
+    "ACCESS_TOKEN_EXPIRE_SECONDS": env.int(
+        "ACCESS_TOKEN_EXPIRE_SECONDS", default=60 * 60 * 10
+    ),
    "OAUTH2_SERVER_CLASS": "funkwhale_api.users.oauth.server.OAuth2Server",
 }
 OAUTH2_PROVIDER_APPLICATION_MODEL = "users.Application"
--- a/deploy/Caddyfile.template
+++ b/deploy/Caddyfile.template
@ -0,0 +1,57 @@
+# This template makes the funkwhale web-interface accessible
+# Music-streaming is still broken
+yourdomain.funkwhale {
+  log {
+    output file /var/log/caddy/funkwhale.json
+  }
+
+  encode gzip
+
+  # Not quite sure on this
+  rewrite /rest/* /api/subsonic/{path}
+
+  route /front/* {
+    uri strip_prefix /front
+    root * {$FUNKWHALE_FRONTEND_PATH:/srv/funkwhale/front/dist}
+    file_server
+  }
+
+  route /staticfiles/* {
+    # django static files
+    uri strip_prefix /staticfiles
+    root * {$STATIC_ROOT:/srv/funkwhale/data/static}
+    file_server
+  }
+
+  ## location /media/ {
+  ##   alias ${MEDIA_ROOT}/;
+  ## }
+
+  ## location /_protected/media {
+  ##   # this is an internal location that is used to serve
+  ##   # audio files once correct permission / authentication
+  ##   # has been checked on API side
+  ##   internal;
+  ##   alias   ${MEDIA_ROOT};
+  ## }
+
+  ## # Comment the previous location and uncomment this one if you're storing
+  ## # media files in a S3 bucket
+  ## # location ~ /_protected/media/(.+) {
+  ## #   internal;
+  ## #   # Needed to ensure DSub auth isn't forwarded to S3/Minio, see #932
+  ## #   proxy_set_header Authorization "";
+  ## #   proxy_pass $1;
+  ## # }
+
+  ## location /_protected/music {
+  ##   # this is an internal location that is used to serve
+  ##   # audio files once correct permission / authentication
+  ##   # has been checked on API side
+  ##   # Set this to the same value as your MUSIC_DIRECTORY_PATH setting
+  ##   internal;
+  ##   alias   ${MUSIC_DIRECTORY_SERVE_PATH};
+  ## }
+
+  reverse_proxy 127.0.0.1:5000
+}
Author	SHA1	Message	Date
Janek	1d20964e64	Merge branch 'caddyfile' into 'develop' Draft: deploy: add Caddyfile template See merge request funkwhale/funkwhale!1384	2021-11-21 19:56:04 +00:00
Georg Krause	60347ccd8c	Allow oauth token expiration time to be configured	2021-11-19 11:55:10 +01:00
xeruf	c44a952d0e	deploy: draft Caddyfile template	2021-10-09 19:36:41 +02:00