Updated Setup Reverse Proxy (markdown)

2022-01-29 21:30:39 +08:00 · 2022-01-29 21:30:39 +08:00 · 48b2903b3a
parent b9e439e75e
commit 48b2903b3a
1 changed files with 49 additions and 1 deletions
--- a/Setup-Reverse-Proxy.md
+++ b/Setup-Reverse-Proxy.md
@ -239,4 +239,52 @@ Setting up is as easy as:
      - 'traefik.http.middlewares.authelia.forwardauth.authResponseHeaders=Remote-User, Remote-Groups, Remote-Name, Remote-Email'
      - 'traefik.http.middlewares.authelia-basic.forwardauth.address=http://authelia:9091/api/verify?auth=basic'

-
+### Traefik 2.6.0 Example (Kobo Sync Fix Enabled)
+ 
+The following example presumes that you are using the linuxserver calibre-web image for your container and that you have setup traefik 2.6.0 correctly to automatically redirect http to https requests on the websecure entry point (sometimes setup as https entrypoint)
+```
+  calibre-web:
+    image: linuxserver/calibre-web
+    container_name: calibre-web
+    hostname: calibre-web
+    ports:
+      - 8083:8083
+    environment:
+      - DOCKER_MODS=linuxserver/calibre-web:calibre
+    volumes:
+      - ${CONFIG}/calibre-web:/config
+      - ${DATA}/media/books:/data/media/books
+    restart: always
+    labels:
+      # Enables Traefik for this Container
+      - "traefik.enable=true"
+      # Creates a middleware that adds in a header to tell Calibre-Web the X-Scheme is https
+      # (this is similar to the nginx examples) and required for Kobo Sync
+      - "traefik.http.middlewares.kobo-sync-headers.headers.customrequestheaders.X-Scheme=https"
+      # Sets up the router for to use websecure router (https) that:
+      # - Uses a secure https entry point
+      # - Sets the domain to books.example.com
+      # - Applies HTTPS headers, the middleware headers above required for Kobo Sync,
+      #   and sends requests through authelia for authentication
+      # - Sets TLS to true
+      # - And sets up a load balancing service to redirect to port 8083
+      - "traefik.http.routers.calibre-web-secure.entrypoints=websecure"
+      - "traefik.http.routers.calibre-web-secure.rule=Host(`books.${DOMAIN}`)"
+      - 'traefik.http.routers.calibre-web-secure.middlewares=secure-headers,kobo-sync-headers,authelia@docker'
+      - "traefik.http.routers.calibre-web-secure.tls=true"
+      - "traefik.http.routers.calibre-web-secure.service=calibre-web-secure"
+      - "traefik.http.services.calibre-web-secure.loadbalancer.server.port=8083"
+```
+Additionally if you're using Authelia as a middleware, be sure to change the following setting in your Authelia config file.
+You can read more about this [Here](https://github.com/janeczku/calibre-web/issues/2177), [Here](https://github.com/authelia/authelia/issues/518), and [Here](https://www.authelia.com/docs/configuration/server.html). You might need to set write_buffer_size to the same size as your read.
+```
+server:
+  read_buffer_size: 10485760
+```
+An example Authelia Rule of Kobo Sync bypass is here:
+```
+    - domain: books.domain.com
+      policy: bypass
+      resources:
+      - "^/kobo([/?].*)?$"
+```