search

oxtyped / gpodder2go

gpodder2go is a simple self-hosted, golang, drop-in replacement for gpodder/mygpo server to handle podcast subscriptions management for gpodder clients
GNU Affero General Public License v3.0
102 stars 13 forks source link

Safest way to serve to gpodder desktop? #22

Open angelacastaneda opened 8 months ago

angelacastaneda commented 8 months ago

I'm deploying gpodder2go on a raspberry pi, and I was wondering the safest way to deploy without auth that doesn't make all my subscriptions _too_ public.

I tested it today and failed to coax gpodder desktop to using the password I gave it, but --no-auth works just fine (still can't believe that's a real bug.)

micro-gpodder deals with this with a password slug attached to the username, and I'm wondering if doing that manually is the best way to deploy with gpodder2go as well.

Something like:

SLUG=$(cat /dev/urandom | tr -cd '[:graph:]'  | head -c 10)
gpodder accounts create "username_$SLUG" -p 'unused'

Then just serving without auth and keeping the actual username username_gT]Ks(EPR7 or whatever in your password manager.

Thanks for making this cool project! golang is a dream to deploy.

oxtyped commented 7 months ago

Hi @angelacastaneda!

Thanks for sharing that and for the kind words!

I think its a good idea! We could put it up on the README as a suggestion.