ad3laid3/TheOrb
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Document NPM-protected deploy mode

Browse source
This commit is contained in:
MiTHRAL 2026-05-13 22:33:37 -04:00
parent 86ea28cceb
commit 77464b8030
2 changed files with 6 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
.env.deploy.example
View file

@ -6,9 +6,7 @@ CHECK_INTERVAL_SECONDS=60
HTTP_USER_AGENT=ArchiveStatusBot/1.0 HTTP_USER_AGENT=ArchiveStatusBot/1.0
DISCORD_DRY_RUN=false DISCORD_DRY_RUN=false
DASHBOARD_ENABLED=true DASHBOARD_ENABLED=true
DASHBOARD_AUTH_DISABLED=true
DASHBOARD_HOST=0.0.0.0 DASHBOARD_HOST=0.0.0.0
DASHBOARD_PORT=8787 DASHBOARD_PORT=8787
DASHBOARD_USERNAME=admin
DASHBOARD_PASSWORD_HASH=replace-with-generated-pbkdf2-hash
DASHBOARD_SESSION_TTL_SECONDS=28800
DASHBOARD_COOKIE_SECURE=true DASHBOARD_COOKIE_SECURE=true

7
README.md
View file

@ -148,13 +148,16 @@ Use this target from your proxy:
http://archive-status-bot:8787 http://archive-status-bot:8787
``` ```
For HTTPS behind a reverse proxy, set: For Nginx Proxy Manager, put the dashboard behind an Access List or basic auth on the proxy host and disable the app's own login:
```env ```env
DASHBOARD_AUTH_DISABLED=true
DASHBOARD_COOKIE_SECURE=true DASHBOARD_COOKIE_SECURE=true
``` ```
Leave it `false` only for direct localhost HTTP testing. NPMs Access Lists use browser `Authorization` headers, so the app never needs to receive your username/password directly. Leave `DASHBOARD_AUTH_DISABLED=false` only for direct localhost testing.
NPMs own docs call out that Access List basic auth and app-side auth both use `Authorization`, so the app-side login is the one to disable in production.
For direct local Docker testing without a proxy: For direct local Docker testing without a proxy: