nik/FreedomBox
1
0
Fork 0
mirror of https://github.com/freedombox/FreedomBox.git synced 2026-04-29 10:10:19 +00:00
Code Issues Packages Projects Releases Wiki Activity
FreedomBox/plinth/modules/ttrss/data/etc/apache2/conf-available/tt-rss-plinth.conf
nbenedek 97d9174775
ttrss: Allow apps to use /tt-rss URL instead of separate one 
- When tt-rss is accessed via a smart device, authenticate the
user with basic auth, otherwise authenticate with mod_auth_pubtkt.

- I tested logging in with the official TT-RSS Android app and
Fiery Feeds for iPhone.

- Reload apache2 to apply the changes.

Signed-off-by: nbenedek <contact@nbenedek.me>
[sunil: Use Authorization header instead of user agent]
[sunil: Update description to talk about both URLs]
[sunil: Increment app version to reload apache]
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
2023-04-25 12:13:42 -07:00

40 lines
1.4 KiB
Plaintext
Raw Blame History

##
## On all sites, provide Tiny Tiny RSS on a default path: /tt-rss
## Allow all valid LDAP users.
##
Alias /tt-rss /usr/share/tt-rss/www
Alias /tt-rss-app /usr/share/tt-rss/www
<Location /tt-rss>
# If a client sends 'Authorization' HTTP Header, perform Basic authorization
# using LDAP, otherwise redirect to FreedomBox single sign-on. It is not
# mandatory for the server to return HTTP 401 with 'WWW-Authenticate'. See
# https://datatracker.ietf.org/doc/html/rfc2616#section-14.8
<If "-n %{HTTP:Authorization}">
Include includes/freedombox-auth-ldap.conf
Require ldap-group cn=admin,ou=groups,dc=thisbox
Require ldap-group cn=feed-reader,ou=groups,dc=thisbox
</If>
<Else>
Include includes/freedombox-single-sign-on.conf
<IfModule mod_auth_pubtkt.c>
TKTAuthToken "feed-reader" "admin"
</IfModule>
</Else>
</Location>
# URLs without further authentication. The URLs contain a unique key generated
# and managed by tt-rss. This includes articles marked public or even other
# categories.
<Location /tt-rss/public.php>
Require all granted
</Location>
# Legacy configuration for apps that expect a HTTP 401 response
# 'WWW-Authenticate' header.
<Location /tt-rss-app>
Include includes/freedombox-auth-ldap.conf
Require ldap-group cn=admin,ou=groups,dc=thisbox
Require ldap-group cn=feed-reader,ou=groups,dc=thisbox
</Location>
Reference in New Issue View Git Blame Copy Permalink