- New MEDIARIP__ADMIN__PASSWORD env var accepts plaintext password
- Hashed via bcrypt on startup, plaintext cleared from memory immediately
- PASSWORD_HASH still works for backward compatibility (takes precedence)
- Removes the 'docker run python bcrypt' ceremony from setup flow
- Updated README, docker-compose, .env.example to use plaintext
The 403 was a VPN IP issue, not a client selection issue. yt-dlp already
picks the right player clients (android_vr + web_safari). Moved
YTDLP__EXTRACTOR_ARGS out of 'Most Useful Settings' into a
'Troubleshooting: YouTube 403 Errors' section that explains the actual
common causes (VPN IPs, private content) before the escape hatch.
- Quickstart emphasizes zero-config: defaults are production-ready
- 'Most Useful Settings' table with 5 knobs operators actually touch,
each with 'when to change' context instead of just descriptions
- Full settings reference in collapsible <details> block
- Consolidated duplicate Admin Panel / Session Modes sections
- docker-compose.yml: environment section fully commented out,
organized with inline explanations for each setting
README Configuration section:
- Organized into logical groups (Core, Admin, Purge, UI, yt-dlp)
- Fixed wrong defaults: admin.enabled (true not false), purge.enabled
(true not false), purge field is max_age_minutes not max_age_hours,
purge.cron is '* * * * *' not '0 3 * * *'
- Removed redundant internal-path vars (DB_PATH, DATA_DIR, OUTPUT_DIR)
that are pre-set in the Dockerfile and shouldn't be changed
- Added missing vars: LOG_LEVEL, UI settings, PRIVACY_MODE, YTDLP
- Added extractor_args usage examples (YAML and env var)
docker-compose files:
- Switched healthcheck from python urllib to curl (already in image)
- Removed stale PURGE__MAX_AGE_HOURS references
- Added commented yt-dlp extractor_args example
- Simplified comments to reflect actual defaults
