The slightly longer story
I 'm attempting to get funkwhale to work behind caddy. I’ve figured a few things from searching around (like alias)
I found a whole 1 post about it on the internet trying to do the same thing. They caved and used nginx. Plus that was using docker too.
I had some success with caddy serving the static files and then nginx serving the api and proxying to it through caddy. Problem is I get a few mixed content errors and not to mention how messy it is to sort out.
# Transcoding logic and caching
location = /transcode-auth {
#!!! include /etc/nginx/funkwhale_proxy.conf;
# needed so we can authenticate transcode requests, but still
# cache the result
internal;
set $query '';
# ensure we actually pass the jwt to the underlytin auth url
if ($request_uri ~* "[^\?]+\?(.*)$") {
set $query $1;
}
proxy_pass http://api:5678/api/v1/trackfiles/viewable/?$query;
proxy_pass_request_body off;
proxy_set_header Content-Length "";
}
location /api/v1/trackfiles/transcode/ {
#!!! include /etc/nginx/funkwhale_proxy.conf;
# this block deals with authenticating and caching transcoding
# requests. Caching is heavily recommended as transcoding
# is a CPU intensive process.
auth_request /transcode-auth;
if ($args ~ (.*)jwt=[^&]*(.*)) {
set $cleaned_args $1$2;
}
proxy_cache_key "$scheme$request_method$host$uri$is_args$cleaned_args";
proxy_cache transcode;
proxy_cache_valid 200 7d;
proxy_ignore_headers "Set-Cookie";
proxy_hide_header "Set-Cookie";
add_header X-Cache-Status $upstream_cache_status;
proxy_pass http://127.0.0.1:5678;
}
Thanks I appreciate the help. This one really had me stumped, I was on the verge of going full nginx. If I get it working I’ll post my config here and on the GitHub examples
Had a few issues with your (@Whitestrake) suggestions. There is no such thing as a cache_key and reauth needs a path. I’m still trying, just figured I’d keep this updated.
I’ve added a more complete idea of what my config looks like. So almost everything is working.
WORKING
Logging in and out
Adding music to a playlist
Playlist functionality
All requests in the dev concsole on chrome succeed, so I can’t see where it is failing.
Funkwhale are showing everything is okay.
Basically everything apart from…
NOT WORKING
Actually playing music
One js error (probably linked to above
Uncaught TypeError: Cannot read property 'state' of undefined
at s.onunlock (Track.vue:41)
at s.<anonymous> (howler.js:1730)
onunlock @ Track.vue:41
(anonymous) @ howler.js:1730
setTimeout (async)
_emit @ howler.js:1729
r.onended @ howler.js:342
Just found that instance settings are not working either (bunch of vuejs errors in console, just undefined properties)
CONFIG
music.domain.com{
import ../config/logs
import ../config/tls
root /srv/funkwhale/front/dist/
## NGINX config /api ##
# location /api/ {
# include /etc/nginx/funkwhale_proxy.conf;
# # this is needed if you have file import via upload enabled
# client_max_body_size 30M;
# proxy_pass http://api:5000/api/;
# }
#######################
proxy /api :5678 {
transparent
websocket
}
## NGINX config /federation ##
# location /federation/ {
# include /etc/nginx/funkwhale_proxy.conf;
# proxy_pass http://api:5000/federation/;
# }
##############################
proxy /federation :5678
}
## NGINX config /media ##
# location /media/ {
# alias /srv/funkwhale/data/media/;
# }
#########################
music.domain.com/media {
root /srv/funkwhale/data/media
}
## NGINX config /_protected/media ##
# location /_protected/media {
# # this is an internal location that is used to serve
# # audio files once correct permission / authentication
# # has been checked on API side
# internal;
# alias /srv/funkwhale/data/media;
# }
####################################
music.domain.com/_protected/media/ {
internal
root /srv/funkwhale/data/media
}
## NGINX config /_protected/music ##
# location /_protected/music {
# # this is an internal location that is used to serve
# # audio files once correct permission / authentication
# # has been checked on API side
# internal;
# alias /srv/funkwhale/data/music;
# }
####################################
music.domain.com/_protected/music {
internal
root /srv/funkwhale/data/music
}
## NGINX config /staticfiles ##
# location /staticfiles/ {
# # django static files
# alias /srv/funkwhale/data/static/;
# }
###############################
music.domain.com/staticfiles/ {
root /srv/funkwhale/data/static/
}
## NGINX config /transcode-auth ##
# location = /transcode-auth {
# include /etc/nginx/funkwhale_proxy.conf;
# # needed so we can authenticate transcode requests, but still
# # cache the result
# internal;
# set $query '';
# # ensure we actually pass the jwt to the underlytin auth url
# if ($request_uri ~* "[^\?]+\?(.*)$") {
# set $query $1;
# }
# proxy_pass http://api:5000/api/v1/trackfiles/viewable/?$query;
# proxy_pass_request_body off;
# proxy_set_header Content-Length "";
# }
##################################
music.domain.com/transcode-auth {
internal
rewrite {
if {uri} match "[^\?]+\?(.*)$"
to {1}
}
proxy / :5678/api/v1/trackfiles/viewable/ {
header_upstream Content-Length ""
}
}
## NGINX config /api/v1/trackfiles/transcode/ ##
# location /api/v1/trackfiles/transcode/ {
# include /etc/nginx/funkwhale_proxy.conf;
# # this block deals with authenticating and caching transcoding
# # requests. Caching is heavily recommended as transcoding
# # is a CPU intensive process.
# auth_request /transcode-auth;
# if ($args ~ (.*)jwt=[^&]*(.*)) {
# set $cleaned_args $1$2;
# }
# proxy_cache_key "$scheme$request_method$host$uri$is_args$cleaned_args";
# proxy_cache transcode;
# proxy_cache_valid 200 7d;
# proxy_ignore_headers "Set-Cookie";
# proxy_hide_header "Set-Cookie";
# add_header X-Cache-Status $upstream_cache_status;
# proxy_pass http://api:5000;
# }
################################################
music.domain.com/api/v1/trackfiles/transcode/ {
reauth {
upstream url=/transcode-auth
path /transcode-auth
}
cache {
default_max_age 10080m
match_path {scheme}{method}{host}{uri}{query}
path /tmp/caddy-cache
}
proxy / :5678 {
header_downstream Set-Cookie ""
}
}