Label Studio _really_ prefers using a direct object storage model. Can't
say I blame them, it makes sense given they are running Python.
I had to bump Authentik to not use its default port so that minio could
use its own default port. That seemed safest given that Authentik is
always proxied but minio/S3 may _not_ be. I'm just not sure.
To make this work I have to map to the user 1001 inside the container.
I can't figure out how to do that intelligently after a bunch of
experimenting. Instead I'm just creating a new user "label-studio" with
uid 1001 and chowning the data directory to that user.
This is very brittle.
However, it's working, so I'm moving forward.
The previous version only cleaned up previous backups because it was
missing a path or a set of dynamic files which is a feature for doing
cleanup. Instead I backported the unstable version so I could use
stdin-from-commend. Tested now and the upload completed.
This includes a new paradigm for using a pgpass file, which is great, as
well as sorting out how to properly do a bash script shebang in a
service file.
With these changes I have librechat running and being properly
reverse-proxied and I can login via SSO. I was not able to get a
reasonable response yet from Claude.
I'm probably not going to use it, and prefer librechat instead.
I mostly gave up on it because I couldn't make heads-nor-tails of their
SSO settings. It just says "authelia=true" - that's not enough to
configure any SSO, even Authelia.
I probably misunderstand what Sillytavern fundamentally is.
Most things work on this commit, except the integration between
collabora and seafile. I think it might be related to the timezone
change I made and a lack of access_token being passed in the URL.
I'm going to test that with a reboot. But first, checkpoint!
