Open
Description
Hello,
I successed to manage to host lms on non root path according to https://github.com/epoupon/lms/blob/master/INSTALL.md#deploy-on-non-root-path, alas, I cannot join rest/OpenSubsonic API. It doesn't work, I'm redirected to login.
I don't know how to properly debug this, but here's my stack:
compose.yaml :
services:
lms-public:
build: .
container_name: lms-public
volumes:
- ${IGLOU_USERDATA_PATH}/cerenu/public/rayonnage/audio/music:/public:ro
- ${DOCKER_VOLUME_STORAGE_PATH}/lms/public/var/lms:/var/lms:rw
command: [
"/var/lms/lms-public.conf"
]
user: "5000:5000"
restart: unless-stopped
labels:
traefik.enable: "true"
traefik.docker.network: "proxy"
traefik.http.services.lms-public.loadbalancer.server.port: 5082
traefik.http.routers.lms-public.rule: Host(`lms.${IGLOU_FQDN}`) && PathPrefix(`/public`)
traefik.http.routers.lms-public.entrypoints: web,websecure
traefik.http.routers.lms-public.tls: true
networks:
- proxy
lms-secret:
build: .
container_name: lms-secret
volumes:
# secret instance can access to public, because why not?
- ${IGLOU_USERDATA_PATH}/cerenu/public/rayonnage/audio/music:/public:ro
- ${IGLOU_USERDATA_PATH}/cerenu/secret/rayonnage/audio/music:/secret:ro
- ${DOCKER_VOLUME_STORAGE_PATH}/lms/secret/var/lms:/var/lms:rw
command: [
"/var/lms/lms-secret.conf"
]
user: "5000:5000"
restart: unless-stopped
labels:
traefik.enable: "true"
traefik.docker.network: "proxy"
traefik.http.services.lms-secret.loadbalancer.server.port: 5082
traefik.http.routers.lms-secret.rule: Host(`lms.${IGLOU_FQDN}`) && PathPrefix(`/secret`)
traefik.http.routers.lms-secret.entrypoints: web,websecure
traefik.http.routers.lms-secret.tls: true
networks:
- proxy
networks:
proxy:
external: trueDockerfile
FROM epoupon/lms:3.63.0
USER root
# Apply https://github.com/epoupon/lms/blob/master/INSTALL.md#deploy-on-non-root-path
RUN mkdir /tmp/docroot && \
mv /usr/share/lms/docroot/* /tmp/docroot && \
mkdir /usr/share/lms/docroot/public && \
mv /tmp/docroot/* /usr/share/lms/docroot/public && \
ln -s /usr/share/Wt/resources /usr/share/lms/docroot/public/resources && \
ln -s /usr/share/lms/docroot/public /usr/share/lms/docroot/secret
USER lmslms-public.conf
# LMS Sample configuration file
# Path to the working directory where the database and other cached files will be written to.
# Ensure this directory exists and has write permissions for the application
working-dir = "/var/lms";
# ffmpeg location
ffmpeg-file = "/usr/bin/ffmpeg";
# Log files, empty means stdout
log-file = "";
access-log-file = "";
# Minimum severity, can be "debug", "info", "warning", "error" or "fatal"
log-min-severity = "info";
# Output db queries on stdout
db-show-queries = false;
# Listen port/addr of the web server
listen-port = 5082;
listen-addr = "0.0.0.0";
behind-reverse-proxy = false;
# original-ip-header and trusted-proxies are used only if behind-reverse-proxy is set to true
original-ip-header = "X-Forwarded-For";
trusted-proxies =
(
"172.30.0.2"
);
# If enabled, these files have to exist and have correct permissions
tls-enable = false;
tls-cert = "/var/lms/cert.pem";
tls-key = "/var/lms/privkey.pem";
tls-dh = "/var/lms/dh2048.pem";
# Path to the resources used by the web interface.
# Apply https://github.com/epoupon/lms/blob/master/INSTALL.md#deploy-on-non-root-path
wt-resources = ""; # do not comment the whole line
docroot = "/usr/share/lms/docroot/;/public/resources,/public/css,/public/images,/public/js,/public/favicon.ico";
approot = "/usr/share/lms/approot";
# Location for deployment (See README if you want to deploy on a non root path)
deploy-path = "/public/";
# Number of threads to be used to dispatch http requests (0 means number of logical CPUs)
http-server-thread-count = 0;
# ListenBrainz root API
listenbrainz-api-base-url = "https://api.listenbrainz.org";
# How many listens to retrieve when syncing (0 to disable sync)
listenbrainz-max-sync-listen-count = 1000;
# How often to resync listens (0 to disable sync)
listenbrainz-sync-listens-period-hours = 1;
# How many feedbacks to retrieve when syncing (0 to disables sync)
listenbrainz-max-sync-feedback-count = 1000;
# How often to resync feedbacks (0 to disable sync)
listenbrainz-sync-feedbacks-period-hours = 1;
# Acousticbrainz root API
acousticbrainz-api-base-url = "https://acousticbrainz.org";
# Authentication
# Available backends: "internal", "PAM", "http-headers"
authentication-backend = "internal";
# The number of bcrypt rounds to be used when backend is set to "internal". The higher the more secure
internal-password-bcrypt-round = 12;
# The header to be used to read the authentication user when backend is set to "http-headers"
http-headers-login-field = "X-Forwarded-User";
# Max entries in the login throttler (1 entry per IP address. For IPv6, the whole /64 block is used)
login-throttler-max-entries = 10000;
# API
api-subsonic = true;
# Enable or disable user/password authentication for the Subsonic API.
# Note: Since token/salt authentication is always disabled, setting this to 'false' means only API keys can be used to access the Subsonic API.
api-subsonic-support-user-password-auth = true;
# Use this list to make the reported server version to 1.12.0 depending on the client's name
# Main usage is to make auto detections for the 'p' (password) parameter work
api-subsonic-old-server-protocol-clients = ("DSub");
# List of clients for whom open subsonic extensions and extra fields are disabled
api-open-subsonic-disabled-clients = ("DSub");
# Turn on this option to allow the demo account creation/use
demo = true;
# Max cover cache size in MBytes
cover-max-cache-size = 30;
# JPEG quality for covers (range is 1-100)
cover-jpeg-quality = 75;
# Preferred file names for covers (order is important)
cover-preferred-file-names = ("cover", "front", "folder", "default");
# File names for artist images (order is important)
# Note: files whose name is the artist's MBID are always searched before the names in this list. You can place the MBID files anywhere in your libraries.
artist-image-file-names = ("artist");
# Playqueue max entry count
playqueue-max-entry-count = 1000;
# Internal tracing for profiling purposes. Enable only if necessary, as it incurs some runtime overhead!
# Possible values are "disabled", "overview" or "detailed".
# If enabled, data has to be dumped in the tracing view located in the admin menu
tracing-level = "disabled";
# The tracing buffer size, in MBytes (min is 16)
tracing-buffer-size = 16;
# Set to true if you want to hide duplicate tracks
scanner-skip-duplicate-mbid = false;
# Scanner read style for metadata, may be 'fast', 'average' or 'accurate'
scanner-parser-read-style = "average";
# Number of threads to use for scanning file metadata (0 means number of logical CPUs / 2)
scanner-metadata-thread-count = 0;
lms-private.conf
# LMS Sample configuration file
# Path to the working directory where the database and other cached files will be written to.
# Ensure this directory exists and has write permissions for the application
working-dir = "/var/lms";
# ffmpeg location
ffmpeg-file = "/usr/bin/ffmpeg";
# Log files, empty means stdout
log-file = "";
access-log-file = "";
# Minimum severity, can be "debug", "info", "warning", "error" or "fatal"
log-min-severity = "debug";
# Output db queries on stdout
db-show-queries = false;
# Listen port/addr of the web server
listen-port = 5082;
listen-addr = "0.0.0.0";
behind-reverse-proxy = true;
# original-ip-header and trusted-proxies are used only if behind-reverse-proxy is set to true
original-ip-header = "X-Forwarded-For";
trusted-proxies =
(
"172.30.0.2"
);
# If enabled, these files have to exist and have correct permissions
tls-enable = false;
tls-cert = "/var/lms/cert.pem";
tls-key = "/var/lms/privkey.pem";
tls-dh = "/var/lms/dh2048.pem";
# Path to the resources used by the web interface.
# Apply https://github.com/epoupon/lms/blob/master/INSTALL.md#deploy-on-non-root-path
wt-resources = ""; # do not comment the whole line
docroot = "/usr/share/lms/docroot/;/secret/resources,/secret/css,/secret/images,/secret/js,/secret/favicon.ico";
approot = "/usr/share/lms/approot";
# Location for deployment (See README if you want to deploy on a non root path)
deploy-path = "/secret/";
# Number of threads to be used to dispatch http requests (0 means number of logical CPUs)
http-server-thread-count = 0;
# ListenBrainz root API
listenbrainz-api-base-url = "https://api.listenbrainz.org";
# How many listens to retrieve when syncing (0 to disable sync)
listenbrainz-max-sync-listen-count = 1000;
# How often to resync listens (0 to disable sync)
listenbrainz-sync-listens-period-hours = 1;
# How many feedbacks to retrieve when syncing (0 to disables sync)
listenbrainz-max-sync-feedback-count = 1000;
# How often to resync feedbacks (0 to disable sync)
listenbrainz-sync-feedbacks-period-hours = 1;
# Acousticbrainz root API
acousticbrainz-api-base-url = "https://acousticbrainz.org";
# Authentication
# Available backends: "internal", "PAM", "http-headers"
authentication-backend = "internal";
# The number of bcrypt rounds to be used when backend is set to "internal". The higher the more secure
internal-password-bcrypt-round = 12;
# The header to be used to read the authentication user when backend is set to "http-headers"
http-headers-login-field = "X-Forwarded-User";
# Max entries in the login throttler (1 entry per IP address. For IPv6, the whole /64 block is used)
login-throttler-max-entries = 10000;
# API
api-subsonic = true;
# Enable or disable user/password authentication for the Subsonic API.
# Note: Since token/salt authentication is always disabled, setting this to 'false' means only API keys can be used to access the Subsonic API.
api-subsonic-support-user-password-auth = true;
# Use this list to make the reported server version to 1.12.0 depending on the client's name
# Main usage is to make auto detections for the 'p' (password) parameter work
api-subsonic-old-server-protocol-clients = ("DSub");
# List of clients for whom open subsonic extensions and extra fields are disabled
api-open-subsonic-disabled-clients = ("DSub");
# Turn on this option to allow the demo account creation/use
demo = false;
# Max cover cache size in MBytes
cover-max-cache-size = 30;
# JPEG quality for covers (range is 1-100)
cover-jpeg-quality = 75;
# Preferred file names for covers (order is important)
cover-preferred-file-names = ("cover", "front", "folder", "default");
# File names for artist images (order is important)
# Note: files whose name is the artist's MBID are always searched before the names in this list. You can place the MBID files anywhere in your libraries.
artist-image-file-names = ("artist");
# Playqueue max entry count
playqueue-max-entry-count = 1000;
# Internal tracing for profiling purposes. Enable only if necessary, as it incurs some runtime overhead!
# Possible values are "disabled", "overview" or "detailed".
# If enabled, data has to be dumped in the tracing view located in the admin menu
tracing-level = "disabled";
# The tracing buffer size, in MBytes (min is 16)
tracing-buffer-size = 16;
# Set to true if you want to hide duplicate tracks
scanner-skip-duplicate-mbid = false;
# Scanner read style for metadata, may be 'fast', 'average' or 'accurate'
scanner-parser-read-style = "average";
# Number of threads to use for scanning file metadata (0 means number of logical CPUs / 2)
scanner-metadata-thread-count = 0;
Thank you!
Metadata
Metadata
Assignees
Labels
No labels