Skip to content

feat(aiometadata): add optional poster reverse-proxy cache#111

Open
IbbyLabs wants to merge 1 commit into
Viren070:mainfrom
IbbyLabs:feat/aiometadata-poster-cache
Open

feat(aiometadata): add optional poster reverse-proxy cache#111
IbbyLabs wants to merge 1 commit into
Viren070:mainfrom
IbbyLabs:feat/aiometadata-poster-cache

Conversation

@IbbyLabs

@IbbyLabs IbbyLabs commented Jun 25, 2026

Copy link
Copy Markdown
Contributor

Summary

Adds the optional poster reverse-proxy cache from AIOMetadata (upstream docs) to the existing aiometadata app. An nginx:alpine sidecar caches poster images on disk so repeated requests skip upstream latency; with AIOMetadata's cache warming, posters are served straight from disk. It exposes /health, /stats (cache size + image count) and /purge.

Everything lives inside apps/aiometadata/ (part of the same service) and is fully opt-in. It is wired through Authelia with page-specific protection — the same approach the template already uses for Stremio addon hosts:

  • poster-cache service on its own poster-cache profile; its Traefik router carries the authelia@docker middleware.
  • Authelia ACL (apps/authelia/compose.yaml + config/configuration.yml): /purge and /stats require two_factor, every other path (image fetches, /health) is bypass so Stremio can load posters without a login.
  • DNS: POSTER_CACHE_HOSTNAME added to the root .env and to the cloudflare-ddns DOMAINS list.
  • Sidecars poster-cache-nginx.conf, poster-cache-stats.sh, poster-cache-purge-handler.sh (the two scripts are committed executable — the entrypoint runs them via /stats.sh & and nc -lk -p 9888 -e /purge-handler.sh).
  • The four POSTER_* addon vars are added commented-out in apps/aiometadata/.env; behaviour is unchanged unless the user opts in.

Enabling it

  1. Add poster-cache to COMPOSE_PROFILES in the root .env.
  2. Uncomment the POSTER_* vars in apps/aiometadata/.env.
  3. docker compose up -d — DDNS publishes poster-cache.${DOMAIN}; Traefik + Authelia pick up the new host automatically.

Test plan

Validated locally on a fresh first deploy (wiped data dir):

poster-cache service (docker compose --profile poster-cache up -d)

  • Starts clean (0 errors / 0 warnings); Docker healthcheck → healthy
  • GET /health200 ok
  • Caching: 1st request X-Cache-Status: MISS, 2nd HIT, identical 1.46 MB payload; cache persists to ${DOCKER_DATA_DIR}/poster-cache (levels=1:2, owned by nginx)
  • Traefik double-slash handling: collapsed /https:/host/… resolves to the same cache entry as /https://host/…
  • GET /stats → valid JSON, correct byte accounting; GET /purge → success (exercises the nc -e handler) and clears the cache

Authelia integration (full required stack up)

  • Authelia starts healthy with the new ACL — config validates, no regression for required deployments
  • forward-auth decisions for poster-cache.${DOMAIN}: /purge302 (2FA), /stats302 (2FA), /health200, /https://image…200, /purgexx200 (confirms ^/purge$ is exact-anchored, so only the real admin endpoints are protected)

Config

  • docker compose config parses under required, aiometadata, cloudflare-ddns and poster-cache profiles; poster-cache is gated to poster-cache/all only

More details can be found here

Summary by CodeRabbit

  • New Features
    • Added an optional, disk-cached poster delivery layer with persistent caching.
    • Enabled cache stats and manual purge endpoints for monitoring and maintenance.
    • Introduced POSTER_CACHE_HOSTNAME and documented poster reverse-proxy cache routing/warm-up options.
  • Security
    • Extended access control so stats and purge endpoints are protected on the cache hostname.
  • Operational Changes
    • Updated automated DNS updates to include the new poster-cache hostname.
    • Expanded the Redis service to include the additional all profile.

@IbbyLabs IbbyLabs force-pushed the feat/aiometadata-poster-cache branch from 2b59448 to 7a5e0b4 Compare June 25, 2026 23:34
Add an opt-in poster-cache nginx service to the aiometadata stack that
caches poster images on disk, so repeated requests skip upstream latency
and (with cache warming) serve posters instantly. Serves /health, /stats
and /purge; disk cache lives under ${DOCKER_DATA_DIR}/poster-cache.

It sits behind Authelia with page-specific protection: the /purge and /stats
admin endpoints require two_factor, while image fetches bypass auth so Stremio
can load posters.

- poster-cache service on its own `poster-cache` profile; router carries the
  authelia@docker middleware
- poster-cache-nginx.conf, poster-cache-stats.sh and poster-cache-purge-handler.sh
  sidecars; the two scripts are committed executable for the nc/stats entrypoint
- Authelia: TEMPLATE_POSTER_CACHE_HOSTNAME in apps/authelia/compose.yaml plus
  access_control rules in config/configuration.yml (two_factor on ^/purge$ and
  ^/stats$, bypass otherwise)
- POSTER_CACHE_HOSTNAME added to root .env and the cloudflare-ddns DOMAINS list
- commented opt-in POSTER_* vars in apps/aiometadata/.env (POSTER_PROXY_PREFIX_URL,
  POSTER_WARMUP_URL, POSTER_WARMUP_DELAY_MS, POSTER_WARMUP_CONCURRENCY)
@IbbyLabs IbbyLabs force-pushed the feat/aiometadata-poster-cache branch from 7a5e0b4 to 1fa57d8 Compare June 25, 2026 23:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant