selfhostyourtech/reflector
2
0
Fork 0
mirror of https://github.com/Monadical-SAS/reflector.git synced 2025-12-21 12:49:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

caddyfile.example

Browse Source
This commit is contained in:
Igor Loskutov
2025-12-05 12:38:10 -05:00
parent 3ef51ad1c8
commit 28d2168209
5 changed files with 28 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
docs/docs/installation/auth-setup.md
View File

@@ -62,25 +62,22 @@ sudo docker network connect reflector_default authentik-server-1
### Step 3: Add Authentik to Caddy
Edit your `Caddyfile` to add the Authentik domain:
Uncomment the Authentik section in your `Caddyfile` and set your domain:
```bash
nano Caddyfile
```
app.example.com {
reverse_proxy web:3000
}
api.example.com {
reverse_proxy server:1250
}
authentik.example.com {
Uncomment and edit:
```
{$AUTHENTIK_DOMAIN:authentik.example.com} {
reverse_proxy authentik-server-1:9000
}
```
Reload Caddy:
```bash
sudo docker exec reflector-caddy-1 caddy reload --config /etc/caddy/Caddyfile
docker compose -f docker-compose.prod.yml exec caddy caddy reload --config /etc/caddy/Caddyfile
```
### Step 4: Create OAuth2 Provider in Authentik

24
docs/docs/installation/overview.md
View File

@@ -192,19 +192,18 @@ FEATURE_REQUIRE_LOGIN=false
**Location: YOUR SERVER (via SSH)**
Edit Caddyfile with your domains:
```bash
cp Caddyfile.example Caddyfile
nano Caddyfile
```
Replace example.com:
Replace `example.com` with your domains:
```
app.example.com {
{$FRONTEND_DOMAIN:app.example.com} {
reverse_proxy web:3000
}
api.example.com {
{$API_DOMAIN:api.example.com} {
reverse_proxy server:1250
}
```
@@ -254,22 +253,25 @@ curl https://api.example.com/health
---
## Step 8: Optional - Enable Authentication
## Step 8: Enable Authentication (Required for Live Rooms)
By default, Reflector is open (no login required). To add authentication:
By default, Reflector is open (no login required). **Authentication is required if you want to use Live Meeting Rooms (Step 9).**
See [Authentication Setup](./auth-setup) for full Authentik OAuth configuration.
Quick summary:
1. Deploy Authentik on your server
2. Create OAuth provider in Authentik
3. Update `server/.env`: `AUTH_BACKEND=jwt`
4. Update `www/.env`: `FEATURE_REQUIRE_LOGIN=true` + Authentik credentials
5. Restart services
3. Extract public key for JWT verification
4. Update `server/.env`: `AUTH_BACKEND=jwt` + `AUTH_JWT_AUDIENCE`
5. Update `www/.env`: `FEATURE_REQUIRE_LOGIN=true` + Authentik credentials
6. Mount JWT keys volume and restart services
---
## Step 9: Optional - Enable Live Meeting Rooms
## Step 9: Enable Live Meeting Rooms
**Requires: Step 8 (Authentication)**
Live rooms require Daily.co and AWS S3. Add to `server/.env`: