zoriya/Kyoo
1
0
Fork 0
mirror of https://github.com/zoriya/Kyoo.git synced 2025-12-06 06:36:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Introduce security mode option

Browse Source
This commit is contained in:
Zoe Roux
2024-03-09 13:40:42 +01:00
parent 9ee07794a8
commit 041abb732d
5 changed files with 84 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
.env.example
View File

@@ -1,35 +1,59 @@
# vi: ft=sh
# shellcheck disable=SC2034
# Useful config options
# Library root can either be an absolute path or a relative path to your docker-compose.yml file.
LIBRARY_ROOT=./video
CACHE_ROOT=/tmp/kyoo_cache
LIBRARY_LANGUAGES=en
# A pattern (regex) to ignore video files.
LIBRARY_IGNORE_PATTERN=".*/[dD]ownloads?/.*"
# Available modes: open, logged, verif, invite
# open means anyone can use your instance, even without an account (guest mode is enabled). To specify guest permissions, see UNLOGGED_PERMISSIONS.
# verif means anyone can create an account but their account needs to be manually verified by an admin before they can use kyoo
# invite means only created and verified accounts can access your instance. to allow someone else to use your instance, you need to invite them.
SECURITY_MODE=verif
# Specify permissions of guest accounts. By default, if security mode is not open, this is empty.
# You can specify this even if security mode is not open to allow guests users to see your
# collection without behing able to play videos for example.
# Default if SECURITY_MODE is open:
# UNLOGGED_PERMISSIONS=overall.read,overall.play
# Default if SECURITY_MODE is not open:
# UNLOGGED_PERMISSIONS=
# To allow anyone to browse your collection but prevent them from playing a video:
# UNLOGGED_PERMISSIONS=overall.read
# Specify permissions of new accounts.
# DEFAULT_PERMISSIONS=overall.read,overall.play
# Hardware transcoding (equivalent of --profile docker compose option).
COMPOSE_PROFILES= # vaapi or qsv or nvidia
# the preset used during transcode. faster means worst quality, you can probably use a slower preset with hwaccels
# warning: using vaapi hwaccel disable presets (they are not supported).
GOCODER_PRESET=fast
# A pattern (regex) to ignore video files.
LIBRARY_IGNORE_PATTERN=.*/[dD]ownloads?/.*
# The following two values should be set to a random sequence of characters.
# You MUST change thoses when installing kyoo (for security)
AUTHENTICATION_SECRET=4c@mraGB!KRfF@kpS8739y9FcHemKxBsqqxLbdR?
AUTHENTICATION_SECRET="4c@mraGB!KRfF@kpS8739y9FcHemKxBsqqxLbdR?"
# You can input multiple api keys separated by a ,
KYOO_APIKEYS=t7H5!@4iMNsAaSJQ49pat4jprJgTcF656if#J3
DEFAULT_PERMISSIONS=overall.read,overall.play
UNLOGGED_PERMISSIONS=overall.read,overall.play
THEMOVIEDB_APIKEY=
# The url you can use to reach your kyoo instance. This is used during oidc to redirect users to your instance.
PUBLIC_URL=http://localhost:5000
# Use a builtin oidc service (google or discord):
# When you create a client_id, secret combo you may be asked for a redirect url. You need to specify https://YOUR-PUBLIC-URL/api/auth/logged/YOUR-SERVICE-NAME
# OIDC_DISCORD_CLIENTID=
# OIDC_DISCORD_SECRET=
# Or add your custom one:
OIDC_SERVICE_NAME=YourPrettyName
OIDC_SERVICE_LOGO=https://url-of-your-logo.com
@@ -58,5 +82,3 @@ POSTGRES_PORT=5432
MEILI_HOST="http://meilisearch:7700"
MEILI_MASTER_KEY="ghvjkgisbgkbgskegblfqbgjkebbhgwkjfb"
# vi: ft=sh