Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revision | |
| computing:filebrowser [2025/12/11 03:43] – oemb1905 | computing:filebrowser [2025/12/11 16:15] (current) – oemb1905 |
|---|
| sudo setfacl -R -m u:filebrowser:rwx /opt/navidrome/music | sudo setfacl -R -m u:filebrowser:rwx /opt/navidrome/music |
| sudo setfacl -R -m d:u:filebrowser:rwx /opt/navidrome/music | sudo setfacl -R -m d:u:filebrowser:rwx /opt/navidrome/music |
| | |
| | UPDATE: This is actually overkill. You can simply: |
| | sudo chown -R filebrowser:navidrome /opt/navidrome |
| | |
| | Nothing else is required. Filebrowser owns the directory and is behind SQL-lite and the authorized user and navidrome can read via the group privs. |
| |
| This assumes ''/opt/navidrome/music'' is already established and running. If not, then consult the [[https://wiki.haacksnetworking.org/doku.php?id=computing:navidrome|Navidrome]] tutorial first. The ACL above gives every current file read and write access (first stanza) and all future users read and write access (second stanza). At this time, filebrowser is already running, but behind port 8080. Now, one could simply access it with ''http://domain:com:8080'' but that won't be TLS secured and is just kind of janky. So, for these cases, we create a reverse proxy that sits facing the public and receiving requests, and then pushes incoming requests upstream to the filebrowser service running locally on port 8080. To do that, let's first edit ''/etc/apache2/000-default.conf'' and edit the ServerName to ''domain.com'', change the web root to ''/var/www/domain.com/public_html'' and leave everything else as is. Restart the service with ''systemctl restart apache2'' and then let's create a Let's Encrypt cert on the thusly adjusted default virtual host: | This assumes ''/opt/navidrome/music'' is already established and running. If not, then consult the [[https://wiki.haacksnetworking.org/doku.php?id=computing:navidrome|Navidrome]] tutorial first. The ACL above gives every current file read and write access (first stanza) and all future users read and write access (second stanza). At this time, filebrowser is already running, but behind port 8080. Now, one could simply access it with ''http://domain:com:8080'' but that won't be TLS secured and is just kind of janky. So, for these cases, we create a reverse proxy that sits facing the public and receiving requests, and then pushes incoming requests upstream to the filebrowser service running locally on port 8080. To do that, let's first edit ''/etc/apache2/000-default.conf'' and edit the ServerName to ''domain.com'', change the web root to ''/var/www/domain.com/public_html'' and leave everything else as is. Restart the service with ''systemctl restart apache2'' and then let's create a Let's Encrypt cert on the thusly adjusted default virtual host: |
| Happy Hacking !!! | Happy Hacking !!! |
| |
| --- //[[alerts@haacksnetworking.org|oemb1905]] 2025/12/09 05:10// | --- //[[alerts@haacksnetworking.org|oemb1905]] 2025/12/11 16:14// |
