kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-08-29 15:06:26 +02:00
Code Issues Packages Projects Releases Wiki Activity

Huge role refactoring/cleanup. Other commits will propably follow. Because some bugs will exist. Still important for longrun and also for auto docs/help/slideshow generation

Browse Source
This commit is contained in:
Kevin Veen-Birkenbach
2025-07-08 23:43:13 +02:00
parent 6b87a049d4
commit 563d5fd528
1242 changed files with 2301 additions and 1355 deletions
Download Patch File Download Diff File Expand all files Collapse all files

90
roles/web-app-taiga/templates/env.j2 Normal file
View File

@@ -0,0 +1,90 @@
# Taiga's URLs - Variables to define where Taiga should be served
TAIGA_SITES_SCHEME = https # serve Taiga using "http" or "https" (secured) connection
TAIGA_SITES_DOMAIN = "{{domains | get_domain(application_id)}}" # Taiga's base URL
TAIGA_SUBPATH = "" # it'll be appended to the TAIGA_DOMAIN (use either "" or a "/subpath")
WEBSOCKETS_SCHEME = wss # events connection protocol (use either "ws" or "wss")
# Taiga's Secret Key - Variable to provide cryptographic signing
TAIGA_SECRET_KEY = "{{applications[application_id].credentials.secret_key}}"
SECRET_KEY = "{{applications[application_id].credentials.secret_key}}"
# Taiga's Database settings - Variables to create the Taiga database and connect to it
POSTGRES_USER = "{{database_username}}" # user to connect to PostgreSQL
POSTGRES_PASSWORD = "{{database_password}}" # database user's password
POSTGRES_DB = "{{database_name}}"
POSTGRES_HOST = "{{database_host}}"
# Taiga's SMTP settings - Variables to send Taiga's emails to the users
EMAIL_BACKEND = "{{email_backend}}" # use an SMTP server or display the emails in the console (either "smtp" or "console")
EMAIL_HOST = "{{system_email.host}}" # SMTP server address
EMAIL_PORT = "{{system_email.port}}" # default SMTP port
EMAIL_HOST_USER = "{{ users['no-reply'].email }}" # user to connect the SMTP server
EMAIL_HOST_PASSWORD = "{{ users['no-reply'].mailu_token }}" # SMTP user's password
EMAIL_DEFAULT_FROM = "{{ users['no-reply'].email }}" # default email address for the automated emails
EMAIL_BACKEND: = "django.core.mail.backends.{{email_backend}}.EmailBackend"
DEFAULT_FROM_EMAIL = "{{ users['no-reply'].email }}"
# EMAIL_USE_TLS/EMAIL_USE_SSL are mutually exclusive (only set one of those to True)
EMAIL_USE_TLS = "{{ system_email.tls | capitalize }}" # use TLS (secure) connection with the SMTP server
EMAIL_USE_SSL = "{{ 'False' if system_email.start_tls else 'True' }}" # use implicit TLS (secure) connection with the SMTP server
RABBITMQ_USER=taiga
RABBITMQ_PASS=taiga
RABBITMQ_VHOST=taiga
# Taiga's RabbitMQ settings - Variables to leave messages for the realtime and asynchronous events
RABBITMQ_DEFAULT_RABBITMQ_USER = taiga # user to connect to RabbitMQ
RABBITMQ_DEFAULT_RABBITMQ_PASS = taiga # RabbitMQ user's password
RABBITMQ_DEFAULT_RABBITMQ_VHOST = taiga # RabbitMQ container name
RABBITMQ_ERLANG_COOKIE = secret-erlang-cookie # unique value shared by any connected instance of RabbitMQ
# Taiga's Attachments - Variable to define how long the attachments will be accesible
ATTACHMENTS_MAX_AG = 360 # token expiration date (in seconds)
MAX_AGE = 360
# Taiga's Telemetry - Variable to enable or disable the anonymous telemetry
ENABLE_TELEMETRY = True
{% if applications | is_feature_enabled('oidc',application_id) %}
{% if applications[application_id].oidc.flavor == 'taigaio' %}
# OIDC via taigaio official contrib
# @See https://github.com/taigaio/taiga-contrib-oidc-auth
OIDC_RP_CLIENT_ID="{{ oidc.client.id }}"
OIDC_RP_CLIENT_SECRET="{{ oidc.client.secret }}"
OIDC_OP_AUTHORIZATION_ENDPOINT="{{ oidc.client.authorize_url }}"
OIDC_OP_TOKEN_ENDPOINT="{{ oidc.client.token_url }}"
OIDC_OP_USER_ENDPOINT="{{ oidc.client.user_info_url }}"
OIDC_RP_SIGN_ALGO="RS256"
OIDC_RP_SCOPES="openid profile email"
OIDC_OP_JWKS_ENDPOINT="{{ oidc.client.certs }}"
{% endif %}
{% if applications[application_id].oidc.flavor == 'robrotheram' %}
# OIDC via robrotheram
# @see https://github.com/robrotheram/taiga-contrib-openid-auth
ENABLE_OPENID=True
OPENID_URL="{{oidc.client.authorize_url}}"
OPENID_USER_URL="{{oidc.client.user_info_url}}"
OPENID_TOKEN_URL="{{oidc.client.token_url}}"
OPENID_CLIENT_ID="{{oidc.client.id}}"
OPENID_CLIENT_SECRET="{{oidc.client.secret}}"
OPENID_NAME="{{oidc.button_text}}"
OPENID_USERNAME_FIELD="{{oidc.attributes.username}}"
# Optional:
# OPENID_ID_FIELD="sub"
# OPENID_FULLNAME_FIELD="name"
# OPENID_EMAIL_FIELD="email"
# OPENID_SCOPE="openid email"
# OPENID_FILTER = "taiga_users,taiga_admins"
# OPENID_FILTER_FIELD = "groups"
{% endif %}
{% endif %}