Login rule

2026-05-15 16:06:25 +02:00
parent cbef43ae83
commit 39b12966f1
2 changed files with 8 additions and 0 deletions
--- a/modules/server/containers/apps/invidious.nix
+++ b/modules/server/containers/apps/invidious.nix
@@ -31,6 +31,13 @@ in {
      imageStream = image;
      port = 3000;
      secret = name;
+      extraLabels = {
+        "traefik.http.routers.${containerCfg.subdomain}-login.rule" = "Host(`${containerCfg.subdomain}.${serverCfg.domain}`) && Path(`/login`) ";
+        "traefik.http.routers.${containerCfg.subdomain}-login.middlewares" = if serverCfg.containers?authentik then "authentik" else "";
+        "traefik.http.routers.${containerCfg.subdomain}-login.priority" = "100";
+        "traefik.http.routers.${containerCfg.subdomain}-login.entrypoints" = "web-secure";
+        "traefik.http.routers.${containerCfg.subdomain}-login.tls" = "true";
+      };
      overrides = {
        cmd = [ "--config" "/data/config.yml" ];
        volumes = [
--- a/modules/server/containers/data/invidious/login.cr
+++ b/modules/server/containers/data/invidious/login.cr
@@ -65,6 +65,7 @@ module Invidious::Routes::Login
    end

    def self.login(env)
+        referer = get_referer(env, "/feed/subscriptions")
        env.redirect referer
        return error_template(403, "Login post is not supported.")
    end