mirror of
https://github.com/blakeblackshear/frigate.git
synced 2024-12-19 19:06:16 +01:00
1133202cbd
* reload the window on 401 * backend apis for auth * add login page * re-enable web linter * fix login page routing * bypass csrf for internal auth endpoint * disable healthcheck in devcontainer target * include login page in vite build * redirect to login page on 401 * implement config for users and settings * implement JWT actual secret * add brute force protection on login * add support for redirecting from auth failures on api calls * return location for redirect * default cookie name should pass regex test * set hash iterations to current OWASP recommendation * move users to database instead of config * config option to reset admin password on startup * user management UI * check for deleted user on refresh * validate username and fixes * remove password constraint * cleanup * fix user check on refresh * web fixes * implement auth via new external port * use x-forwarded-for to rate limit login attempts by ip * implement logout and profile * fixes * lint fixes * add support for user passthru from upstream proxies * add support for specifying a logout url * add documentation * Update docs/docs/configuration/authentication.md Co-authored-by: Nicolas Mowen <nickmowen213@gmail.com> * Update docs/docs/configuration/authentication.md Co-authored-by: Nicolas Mowen <nickmowen213@gmail.com> --------- Co-authored-by: Nicolas Mowen <nickmowen213@gmail.com>
81 lines
2.8 KiB
Bash
Executable File
81 lines
2.8 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
set -euxo pipefail
|
|
|
|
NGINX_VERSION="1.25.3"
|
|
VOD_MODULE_VERSION="1.31"
|
|
SECURE_TOKEN_MODULE_VERSION="1.5"
|
|
SET_MISC_MODULE_VERSION="v0.33"
|
|
NGX_DEVEL_KIT_VERSION="v0.3.3"
|
|
|
|
cp /etc/apt/sources.list /etc/apt/sources.list.d/sources-src.list
|
|
sed -i 's|deb http|deb-src http|g' /etc/apt/sources.list.d/sources-src.list
|
|
apt-get update
|
|
|
|
apt-get -yqq build-dep nginx
|
|
|
|
apt-get -yqq install --no-install-recommends ca-certificates wget
|
|
update-ca-certificates -f
|
|
apt install -y ccache
|
|
|
|
export PATH="/usr/lib/ccache:$PATH"
|
|
|
|
mkdir /tmp/nginx
|
|
wget -nv https://nginx.org/download/nginx-${NGINX_VERSION}.tar.gz
|
|
tar -zxf nginx-${NGINX_VERSION}.tar.gz -C /tmp/nginx --strip-components=1
|
|
rm nginx-${NGINX_VERSION}.tar.gz
|
|
mkdir /tmp/nginx-vod-module
|
|
wget -nv https://github.com/kaltura/nginx-vod-module/archive/refs/tags/${VOD_MODULE_VERSION}.tar.gz
|
|
tar -zxf ${VOD_MODULE_VERSION}.tar.gz -C /tmp/nginx-vod-module --strip-components=1
|
|
rm ${VOD_MODULE_VERSION}.tar.gz
|
|
# Patch MAX_CLIPS to allow more clips to be added than the default 128
|
|
sed -i 's/MAX_CLIPS (128)/MAX_CLIPS (1080)/g' /tmp/nginx-vod-module/vod/media_set.h
|
|
patch -d /tmp/nginx-vod-module/ -p1 << 'EOF'
|
|
--- a/vod/avc_hevc_parser.c 2022-06-27 11:38:10.000000000 +0000
|
|
+++ b/vod/avc_hevc_parser.c 2023-01-16 11:25:10.900521298 +0000
|
|
@@ -3,6 +3,9 @@
|
|
bool_t
|
|
avc_hevc_parser_rbsp_trailing_bits(bit_reader_state_t* reader)
|
|
{
|
|
+ // https://github.com/blakeblackshear/frigate/issues/4572
|
|
+ return TRUE;
|
|
+
|
|
uint32_t one_bit;
|
|
|
|
if (reader->stream.eof_reached)
|
|
EOF
|
|
|
|
|
|
mkdir /tmp/nginx-secure-token-module
|
|
wget https://github.com/kaltura/nginx-secure-token-module/archive/refs/tags/${SECURE_TOKEN_MODULE_VERSION}.tar.gz
|
|
tar -zxf ${SECURE_TOKEN_MODULE_VERSION}.tar.gz -C /tmp/nginx-secure-token-module --strip-components=1
|
|
rm ${SECURE_TOKEN_MODULE_VERSION}.tar.gz
|
|
|
|
mkdir /tmp/ngx_devel_kit
|
|
wget https://github.com/vision5/ngx_devel_kit/archive/refs/tags/${NGX_DEVEL_KIT_VERSION}.tar.gz
|
|
tar -zxf ${NGX_DEVEL_KIT_VERSION}.tar.gz -C /tmp/ngx_devel_kit --strip-components=1
|
|
rm ${NGX_DEVEL_KIT_VERSION}.tar.gz
|
|
|
|
mkdir /tmp/nginx-set-misc-module
|
|
wget https://github.com/openresty/set-misc-nginx-module/archive/refs/tags/${SET_MISC_MODULE_VERSION}.tar.gz
|
|
tar -zxf ${SET_MISC_MODULE_VERSION}.tar.gz -C /tmp/nginx-set-misc-module --strip-components=1
|
|
rm ${SET_MISC_MODULE_VERSION}.tar.gz
|
|
|
|
cd /tmp/nginx
|
|
|
|
./configure --prefix=/usr/local/nginx \
|
|
--with-file-aio \
|
|
--with-http_sub_module \
|
|
--with-http_ssl_module \
|
|
--with-http_auth_request_module \
|
|
--with-http_realip_module \
|
|
--with-threads \
|
|
--add-module=../ngx_devel_kit \
|
|
--add-module=../nginx-set-misc-module \
|
|
--add-module=../nginx-vod-module \
|
|
--add-module=../nginx-secure-token-module \
|
|
--with-cc-opt="-O3 -Wno-error=implicit-fallthrough"
|
|
|
|
make CC="ccache gcc" -j$(nproc) && make install
|
|
rm -rf /usr/local/nginx/html /usr/local/nginx/conf/*.default
|