Skip to content

Configuration And Examples

Jump to bottom
Graham Steffaniak edited this page Jun 5, 2025 · 36 revisions

Configuring your application

Note

See full config example. I recommend only configuring the settings you need.

Note

You can also use Environment Variables to specify secrets and config file path.

Server Config Examples

You will need to define a source for filebrowser to run, here's a minimal example

server
  sources:
    - path: "/path/to/source"
      name: optional-name
auth:
  methods:
    noauth: true

Two source config:

server:
  port: 80
  sources:
    - path: "/path/to/source1" # defaults with name "source1"
    - path: "/path/to/source2" # defaults with name "source2"

default source configuration

There are 3 defaults to consider when configuring a source:

  1. What users get access to the source by default? This is configured via defaultEnabled config. There is always 1 source minimum configured for a user. You can specify exactly which one if you specify this, otherwise, the first source in the list will be considered defaultEnabled: true.
  2. What is the default user scope for a source? This is configured via defaultUserScope config. This is the default scope a user gets when a new user is created and the scopes aren't specified. However, when creating a user via the UI, you must define scopes, which mostly apply to API and CLI user creation.
  3. Should a user directory be automatically created? This is configured via the createUserDir config. The default is false; it needs to be set to true to automatically happen on user creation. When true, the defaultUserScope is the base directory.
    • if you change sources, the new source will create user directories in the scope given on startup if they don't exist.
    • the user scope gets modified to be the username sub directory.

Here is an example config for defaults, where source2 is the only default a user gets with a scope in a subfolder.

server:
  sources:
    - path: "/path/to/source1"
    - path: "/path/to/source2"
      config:
        defaultUserScope: "/subfolder" # include leading slash
        defaultEnabled: true
        createUserDir: true           # "/subfolder/username" directory will be created

Example advanced source config:

with more advanced config:

server:
  port: 80
  sources:
    - name: "mysource" # optional, otherwise the source gets named the folder name
      path: "/mnt/folder"
      config: # config is totally optional, defaults applied if not configured
        exclude:
          files:
            - "/myfile.txt" # for example, corresponds to "/mnt/folder/myfile.txt"
            - "/subfolder/another.txt"
          folders:
            - "/subfolder/ignoreMe"
          fileEndsWith:
            - ".zip" # excludes any files that end with ".zip"
            - ".tar.gz"
            - "-hidden.jpg"

Auth config Examples

auth.method is no longer used. instead, you can configure multiple auth methods via auth.methods:

auth:
  methods:
    noauth: false
    password:
      enabled: true
      minLength: 7  # set min password length requirement -- defaults to 5 if unset
      signup: false
    proxy:
      enabled: true
      header: "proxy-user"  # header which should container username
      createUser: true      # automatically creates user with default user properties

By default, the only configured Auth method will be password if not configured.

Media integration

integrations:
  media:
    ffmpegPath: "/usr/local/bin" # wherever you have both ffmpeg and ffprobe installed at

OpenID Connect configuration (OIDC)

auth:
  methods:
    password:
      enabled: false # set to false if you only want to allow OIDC
    oidc:
      enabled: true
      clientId: "vyBrzOmcrU3OokiWEZoObdGBscw0eYPNJauBtOJr"
      clientSecret: "gIMKbkEcckUhlGrnE2Vxi8eZhEcfxQqfwFgM0ATzk4DciHGrW2YRtQfqcpRTsmzrxEETkKvZ8yeK3sfoXnUV1IQTzqK7wxw3lEMtmeXi5clj0h7nH1rVGFq2Q3HL8zUe"
      issuerUrl: http://localhost/application/
      scopes: "email openid profile"
      logoutRedirectUrl: #optional
      disableVerifyTLS: false #optional

Example Authelia OIDC Authentication

      - client_id: xxx
        client_name: filebrowser
        client_secret: xxx
        public: false
        authorization_policy: two_factor
        scopes:
          - openid
          - email
          - profile
        grant_types:
          - 'authorization_code' # required
        redirect_uris:
          - https://files.example.com/api/auth/oidc/callback
        userinfo_signing_algorithm: none
        token_endpoint_auth_method: client_secret_basic

Filebrowser:

    oidc:
      enabled: true
      clientId: "xxx"
      clientSecret: "xxx"
      issuerUrl: "https://auth.example.com"
      scopes: "email openid profile"

Frontend Configuration Example

An example frontend configuration in your config.yaml:

frontend:
  name: "Your custom name"
  disableDefaultLinks: true
  externalLinks:
    - text: "Your custom link text"
      url: "https://example.com"
      title: "hover over me text"

Clone this wiki locally