feat: Seerr QC login, password-login hide, auto-URL scheme, new ENV vars | fix: Set-Cookie

Dockerfile

@@ -1,11 +1,18 @@
 FROM nginx:alpine
 
+RUN apk add --no-cache jq
+
 EXPOSE 80
 
 ENV BASE_URL=""
+ENV SEERR_URL=""
+ENV HIDE_PASSWORD_LOGIN=""
+ENV SEERR_CUSTOM_HEADERS=""
+ENV PORT=80
 
 COPY build/web /usr/share/nginx/html
+COPY docker/docker-entrypoint.sh /docker-entrypoint.sh
 
-RUN echo '{"baseUrl": "${BASE_URL}"}' > /usr/share/nginx/html/assets/config/config.json
+RUN chmod +x /docker-entrypoint.sh
 
-CMD /bin/sh -c 'sed -i "s|\${BASE_URL}|${BASE_URL}|g" /usr/share/nginx/html/assets/config/config.json && nginx -g "daemon off;"'
+CMD ["/docker-entrypoint.sh"]

Dockerfile-rootless

@@ -3,14 +3,19 @@ FROM ghcr.io/nginxinc/nginx-unprivileged:stable-alpine-slim
 EXPOSE 8080
 
 ENV BASE_URL=""
+ENV SEERR_URL=""
+ENV HIDE_PASSWORD_LOGIN=""
+ENV SEERR_CUSTOM_HEADERS=""
+ENV PORT=8080
 
 USER root
+RUN apk add --no-cache jq
 COPY build/web /usr/share/nginx/html
-RUN chown -R nginx:nginx /usr/share/nginx/html
+COPY docker/docker-entrypoint.sh /docker-entrypoint.sh
 
-USER nginx
-RUN mkdir -p /usr/share/nginx/html/assets/config && \
-    echo '{"baseUrl": "${BASE_URL}"}' > /usr/share/nginx/html/assets/config/config.json
+RUN chmod +x /docker-entrypoint.sh && \
+    chown -R nginx:nginx /usr/share/nginx/html && \
+    chown -R nginx:nginx /etc/nginx/conf.d
 
-USER root
-CMD /bin/sh -c 'sed -i "s|\${BASE_URL}|${BASE_URL}|g" /usr/share/nginx/html/assets/config/config.json && nginx -g "daemon off;"'
+USER nginx
+CMD ["/docker-entrypoint.sh"]

config/config.json

@@ -1,3 +1,6 @@
 {
-	"baseUrl": null
-}
+	"baseUrl": null,
+	"seerrUrl": null,
+	"hidePasswordLogin": null,
+	"seerrProxyPath": null
+}

docker-compose.yml

@@ -5,3 +5,6 @@ services:
       - 80:80
     environment:
       - BASE_URL=https://server-url #OPTIONAL: Locks the Fladder front-end to a certain jellyfin server
+      - SEERR_URL= #OPTIONAL: Pre-fills and locks the Seerr URL in settings
+      - HIDE_PASSWORD_LOGIN= #OPTIONAL: Set to "true" to hide password fields and only show QuickConnect
+      - SEERR_CUSTOM_HEADERS= #OPTIONAL: JSON object of headers injected server-side via nginx proxy, e.g. '{"X-Auth": "secret"}'

docker/docker-entrypoint.sh

@@ -0,0 +1,60 @@
+#!/bin/sh
+set -e
+
+CONFIG="/usr/share/nginx/html/assets/config/config.json"
+NGINX_CONF="/etc/nginx/conf.d/default.conf"
+
+# --- Build config.json ---
+
+HIDE_PW_VAL=$([ "$HIDE_PASSWORD_LOGIN" = "true" ] && echo true || echo null)
+
+# Determine seerrProxyPath: set when both SEERR_URL and SEERR_CUSTOM_HEADERS are provided
+if [ -n "$SEERR_URL" ] && [ -n "$SEERR_CUSTOM_HEADERS" ]; then
+  SEERR_PROXY_PATH="/seerr-proxy"
+else
+  SEERR_PROXY_PATH=""
+fi
+
+SEERR_PROXY_JSON=$([ -n "$SEERR_PROXY_PATH" ] && echo "\"$SEERR_PROXY_PATH\"" || echo null)
+
+cat > "$CONFIG" <<EOF
+{
+  "baseUrl": $([ -n "$BASE_URL" ] && echo "\"$BASE_URL\"" || echo null),
+  "seerrUrl": $([ -n "$SEERR_URL" ] && echo "\"$SEERR_URL\"" || echo null),
+  "hidePasswordLogin": $HIDE_PW_VAL,
+  "seerrProxyPath": $SEERR_PROXY_JSON
+}
+EOF
+
+# --- Build nginx config ---
+
+PROXY_BLOCK=""
+if [ -n "$SEERR_URL" ] && [ -n "$SEERR_CUSTOM_HEADERS" ]; then
+  # Build proxy_set_header directives from JSON object
+  HEADER_DIRECTIVES=$(echo "$SEERR_CUSTOM_HEADERS" | jq -r 'to_entries[] | "        proxy_set_header \(.key) \"\(.value)\";"')
+
+  PROXY_BLOCK="
+    location ${SEERR_PROXY_PATH}/ {
+        proxy_pass ${SEERR_URL}/;
+        proxy_set_header Host \$proxy_host;
+        proxy_ssl_server_name on;
+${HEADER_DIRECTIVES}
+    }"
+fi
+
+cat > "$NGINX_CONF" <<EOF
+server {
+    listen ${PORT};
+    root /usr/share/nginx/html;
+    index index.html;
+
+    location / {
+        try_files \$uri \$uri/ /index.html;
+    }
+${PROXY_BLOCK}
+}
+EOF
+
+# --- Start nginx ---
+
+exec nginx -g "daemon off;"

lib/l10n/app_en.arb

@@ -1525,6 +1525,8 @@
   "quickConnectPostFailed": "Failed to get quick connect code",
   "quickConnectLoginUsingCode": "Using quick connect",
   "quickConnectEnterCodeDescription": "Enter the code below to login",
+  "openJellyfinQuickConnect": "Open Jellyfin QuickConnect",
+  "@openJellyfinQuickConnect": {},
   "showMore": "Show more",
   "showLess": "Show less",
   "itemColorsTitle": "Item colors",
@@ -1563,9 +1565,9 @@
   "screensaverBlack": "Black",
   "playerSettingsScreensaverTitle": "Screensaver",
   "playerSettingsScreensaverDesc": "Select screen saver that will be shown after no player activity",
-  "settingsLocalUrlTitle": "Local Server URL",
-  "settingsLocalUrlSetTitle": "Configure Local URL",
-  "settingsLocalUrlSetDesc": "Specify the local server address. Fladder will automatically use this URL when your device is on the same network.",
+  "settingsLocalUrlTitle": "Local Jellyfin URL",
+  "settingsLocalUrlSetTitle": "Configure Local Jellyfin URL",
+  "settingsLocalUrlSetDesc": "Specify the local Jellyfin address. Fladder will automatically use this URL when your device is on the same network.",
   "regenerateTrickplayImages": "Regenerate trickplay images",
   "controlPanel": "Control Panel",
   "@controlPanel": {},
@@ -2129,6 +2131,12 @@
   "@seerrAuthLocal": {},
   "seerrAuthJellyfin": "Jellyfin",
   "@seerrAuthJellyfin": {},
+  "seerrAuthQuickConnect": "QuickConnect",
+  "@seerrAuthQuickConnect": {},
+  "hidePasswordLogin": "Hide password login",
+  "@hidePasswordLogin": {},
+  "hidePasswordLoginDescription": "Only show QuickConnect on the login screen",
+  "@hidePasswordLoginDescription": {},
   "seerrUserFetchFailed": "Failed to fetch user from Seerr",
   "@seerrUserFetchFailed": {},
   "seerrEnterServerUrlFirst": "Enter a Seerr server URL first",

lib/models/login_screen_model.dart

@@ -19,6 +19,8 @@ abstract class LoginScreenModel with _$LoginScreenModel {
     ServerLoginModel? serverLoginModel,
     String? errorMessage,
     @Default(false) bool hasBaseUrl,
+    @Default(false) bool hasSeerrUrl,
+    @Default(false) bool hidePasswordLogin,
     @Default(false) bool loading,
     String? tempSeerrUrl,
     String? tempSeerrSessionCookie,

lib/models/settings/client_settings_model.dart

@@ -89,6 +89,7 @@ abstract class ClientSettingsModel with _$ClientSettingsModel {
     @Default(false) bool usePosterForLibrary,
     @Default(false) bool useSystemIME,
     @Default(false) bool useTVExpandedLayout,
+    @Default(false) bool hidePasswordLogin,
     String? lastViewedUpdate,
     int? libraryPageSize,
     @Default({}) Map<GlobalHotKeys, KeyCombination> shortcuts,