qbit: fix CSRF-loop behind Authelia + self-heal data-dir ownership
- nginx: strip Referer on torrent.nordhammer.it so qBit's origin check doesn't reject the post-Authelia redirect (Referer was auth.nordhammer.it, Host was torrent.nordhammer.it → 401 loop). - tmpfiles: collapse the nested qbittorrent `d` rules into a single `d` + recursive `Z` so systemd re-enforces ownership/perms on every boot. Caught Docker-migration UID drift that silently broke state persistence and file logging. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
parent
0c7b6f1b58
commit
f83fd72a98
2 changed files with 8 additions and 8 deletions
|
|
@ -20,13 +20,10 @@
|
|||
};
|
||||
|
||||
systemd.tmpfiles.rules = [
|
||||
# qbittorrent app data
|
||||
# qbittorrent app data — Z recursively enforces ownership/perms on boot
|
||||
# (self-heals UID/GID drift from migrations etc.)
|
||||
"d /var/lib/qbittorrent 0755 qbittorrent media -"
|
||||
"d /var/lib/qbittorrent/.config 0755 qbittorrent media -"
|
||||
"d /var/lib/qbittorrent/.config/qBittorrent 0755 qbittorrent media -"
|
||||
"d /var/lib/qbittorrent/.local 0755 qbittorrent media -"
|
||||
"d /var/lib/qbittorrent/.local/share 0755 qbittorrent media -"
|
||||
"d /var/lib/qbittorrent/.local/share/qBittorrent 0755 qbittorrent media -"
|
||||
"Z /var/lib/qbittorrent 0755 qbittorrent media -"
|
||||
|
||||
# Storage - qbittorrent downloads here
|
||||
"d /mnt/storage/torrents/downloads 2775 qbittorrent media -"
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue