mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2025-08-15 08:30:46 +02:00
Replaced web_protocol by WEB_PROTOCOL
This commit is contained in:
parent
9228d51e86
commit
7f53cc3a12
@ -16,8 +16,8 @@ HOST_DECIMAL_MARK: ","
|
||||
# Deployment mode
|
||||
deployment_mode: "single" # Use single, if you deploy on one server. Use cluster if you setup in cluster mode.
|
||||
|
||||
web_protocol: "https" # Web protocol type. Use https or http. If you run local you need to change it to http
|
||||
WEB_PORT: "{{ 443 if web_protocol == 'https' else 80 }}" # Default port web applications will listen to
|
||||
WEB_PROTOCOL: "https" # Web protocol type. Use https or http. If you run local you need to change it to http
|
||||
WEB_PORT: "{{ 443 if WEB_PROTOCOL == 'https' else 80 }}" # Default port web applications will listen to
|
||||
|
||||
## Domain
|
||||
primary_domain_tld: "localhost" # Top Level Domain of the server
|
||||
|
||||
@ -12,7 +12,7 @@ _oidc_client_realm: "{{ oidc.client.realm if oidc.client is defined and
|
||||
_oidc_url: "{{
|
||||
(oidc.url
|
||||
if (oidc is defined and oidc.url is defined)
|
||||
else web_protocol ~ '://' ~ (domains | get_domain('web-app-keycloak'))
|
||||
else WEB_PROTOCOL ~ '://' ~ (domains | get_domain('web-app-keycloak'))
|
||||
)
|
||||
}}"
|
||||
_oidc_client_issuer_url: "{{ _oidc_url }}/realms/{{_oidc_client_realm}}"
|
||||
|
||||
@ -30,4 +30,4 @@ defaults_service_provider:
|
||||
legal:
|
||||
editorial_responsible: "Johannes Gutenberg"
|
||||
source_code: "https://github.com/kevinveenbirkenbach/infinito-nexus"
|
||||
imprint: "{{web_protocol}}://{{ domains | get_domain('web-svc-html') }}/imprint.html"
|
||||
imprint: "{{WEB_PROTOCOL}}://{{ domains | get_domain('web-svc-html') }}/imprint.html"
|
||||
@ -16,7 +16,7 @@
|
||||
|
||||
- name: "Check if {{ domains | get_domain(application_id) }} is reachable (only if config unchanged)"
|
||||
uri:
|
||||
url: "{{ domains | get_url(application_id, web_protocol) }}"
|
||||
url: "{{ domains | get_url(application_id, WEB_PROTOCOL) }}"
|
||||
register: site_check
|
||||
failed_when: false
|
||||
changed_when: false
|
||||
|
||||
@ -1 +1 @@
|
||||
<script src="{{ domains | get_url('web-svc-cdn', web_protocol) }}/logout.js?{{ inj_logout_js_version }}"></script>
|
||||
<script src="{{ domains | get_url('web-svc-cdn', WEB_PROTOCOL) }}/logout.js?{{ inj_logout_js_version }}"></script>
|
||||
@ -1,5 +1,5 @@
|
||||
initLogoutPatch(
|
||||
'{{ oidc.client.logout_url }}',
|
||||
'{{ web_protocol }}',
|
||||
'{{ WEB_PROTOCOL }}',
|
||||
'{{ primary_domain }}'
|
||||
);
|
||||
@ -1,4 +1,4 @@
|
||||
base_domain: "{{ domain | regex_replace('^(?:.*\\.)?(.+\\..+)$', '\\1') }}"
|
||||
matomo_index_php_url: "{{ domains | get_url('web-app-matomo', web_protocol) }}/index.php"
|
||||
matomo_index_php_url: "{{ domains | get_url('web-app-matomo', WEB_PROTOCOL) }}/index.php"
|
||||
matomo_auth_token: "{{ applications['web-app-matomo'].credentials.auth_token }}"
|
||||
matomo_verification_url: "{{ matomo_index_php_url }}?module=API&method=SitesManager.getSitesIdFromSiteUrl&url=https://{{ base_domain }}&format=json&token_auth={{ matomo_auth_token }}"
|
||||
@ -40,7 +40,7 @@ for filename in os.listdir(config_path):
|
||||
parts = domain.split('.')
|
||||
|
||||
# Prepare the URL and expected status codes
|
||||
url = f"{{ web_protocol }}://{domain}"
|
||||
url = f"{{ WEB_PROTOCOL }}://{domain}"
|
||||
|
||||
redirected_domains = [domain['source'] for domain in {{ current_play_domain_mappings_redirect}}]
|
||||
redirected_domains.append("{{domains | get_domain('web-app-mailu')}}")
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
# You should change this to match your reverse proxy DNS name and protocol
|
||||
APP_URL={{ domains | get_url(application_id, web_protocol) }}
|
||||
APP_URL={{ domains | get_url(application_id, WEB_PROTOCOL) }}
|
||||
LOCALE={{ HOST_LL }}
|
||||
|
||||
# Don't change this unless you rename your database container or use rootless podman, in case of using rootless podman you should set it to 127.0.0.1 (NOT localhost)
|
||||
|
||||
@ -290,6 +290,6 @@ DEFAULT_REGISTRATION=invite
|
||||
OPENID_CONNECT_CLIENT_ID={{oidc.client.id}}
|
||||
OPENID_CONNECT_CLIENT_SECRET={{oidc.client.secret}}
|
||||
OPENID_CONNECT_ISSUER={{oidc.client.issuer_url}}
|
||||
OPENID_CONNECT_REDIRECT={{ domains | get_url(application_id, web_protocol) }}
|
||||
OPENID_CONNECT_REDIRECT={{ domains | get_url(application_id, WEB_PROTOCOL) }}
|
||||
# OPENID_CONNECT_UID_FIELD=sub default
|
||||
{% endif %}
|
||||
@ -22,8 +22,8 @@
|
||||
dockerfile: Dockerfile
|
||||
# It doesn't compile yet with this parameters. @todo Fix it
|
||||
args:
|
||||
REACT_APP_PDS_URL: "{{ web_protocol }}://{{domains[application_id].api}}" # URL des PDS
|
||||
REACT_APP_API_URL: "{{ web_protocol }}://{{domains[application_id].api}}" # API-URL des PDS
|
||||
REACT_APP_PDS_URL: "{{ WEB_PROTOCOL }}://{{domains[application_id].api}}" # URL des PDS
|
||||
REACT_APP_API_URL: "{{ WEB_PROTOCOL }}://{{domains[application_id].api}}" # API-URL des PDS
|
||||
REACT_APP_SITE_NAME: "{{primary_domain | upper}} - Bluesky"
|
||||
REACT_APP_SITE_DESCRIPTION: "Decentral Social "
|
||||
ports:
|
||||
|
||||
@ -23,7 +23,7 @@ ESPOCRM_ADMIN_USERNAME={{ applications | get_app_conf(application_id, 'users.adm
|
||||
ESPOCRM_ADMIN_PASSWORD={{ applications | get_app_conf(application_id, 'credentials.administrator_password', True) }}
|
||||
|
||||
# Public base URL of the EspoCRM instance
|
||||
ESPOCRM_SITE_URL={{ domains | get_url(application_id, web_protocol) }}
|
||||
ESPOCRM_SITE_URL={{ domains | get_url(application_id, WEB_PROTOCOL) }}
|
||||
|
||||
# ------------------------------------------------
|
||||
# General UI & locale settings
|
||||
|
||||
@ -37,7 +37,7 @@ FUNKWHALE_WEB_WORKERS=4
|
||||
# your instance. It cannot be changed after initial deployment
|
||||
# without breaking your instance.
|
||||
FUNKWHALE_HOSTNAME={{domains | get_domain(application_id)}}
|
||||
FUNKWHALE_PROTOCOL={{ web_protocol }}
|
||||
FUNKWHALE_PROTOCOL={{ WEB_PROTOCOL }}
|
||||
|
||||
# Log level (debug, info, warning, error, critical)
|
||||
LOGLEVEL={% if enable_debug | bool %}debug{% else %}error{% endif %}
|
||||
|
||||
@ -4,7 +4,7 @@
|
||||
# General
|
||||
DOMAIN={{domains | get_domain(application_id)}}
|
||||
RUN_MODE="{{ 'dev' if (INFINITO_ENVIRONMENT | lower) == 'development' else 'prod' }}"
|
||||
ROOT_URL="{{ domains | get_url(application_id, web_protocol) }}/"
|
||||
ROOT_URL="{{ domains | get_url(application_id, WEB_PROTOCOL) }}/"
|
||||
APP_NAME="{{ applications | get_app_conf(application_id, 'title', True) }}"
|
||||
USER_UID=1000
|
||||
USER_GID=1000
|
||||
|
||||
@ -517,7 +517,7 @@
|
||||
"/realms/{{ keycloak_realm }}/account/*"
|
||||
],
|
||||
"webOrigins": [
|
||||
"{{ domains | get_url('web-app-keycloak', web_protocol) }}"
|
||||
"{{ domains | get_url('web-app-keycloak', WEB_PROTOCOL) }}"
|
||||
],
|
||||
"notBefore": 0,
|
||||
"bearerOnly": false,
|
||||
@ -825,9 +825,9 @@
|
||||
"clientId": "{{ keycloak_realm }}",
|
||||
"name": "",
|
||||
"description": "",
|
||||
"rootUrl": "{{ web_protocol }}://{{ keycloak_realm }}/",
|
||||
"adminUrl": "{{ web_protocol }}://{{ keycloak_realm }}/",
|
||||
"baseUrl": "{{ web_protocol }}://{{ keycloak_realm }}/",
|
||||
"rootUrl": "{{ WEB_PROTOCOL }}://{{ keycloak_realm }}/",
|
||||
"adminUrl": "{{ WEB_PROTOCOL }}://{{ keycloak_realm }}/",
|
||||
"baseUrl": "{{ WEB_PROTOCOL }}://{{ keycloak_realm }}/",
|
||||
"surrogateAuthRequired": false,
|
||||
"enabled": true,
|
||||
"alwaysDisplayInConsole": false,
|
||||
@ -837,10 +837,10 @@
|
||||
{%- for domain_application_id, domain in domains.items() %}
|
||||
{%- if applications | get_app_conf(domain_application_id, 'features.oauth2', False) or applications | get_app_conf(domain_application_id, 'features.oidc', False) %}
|
||||
{%- if domain is string %}
|
||||
{%- set _ = redirect_uris.append(web_protocol ~ '://' ~ domain ~ '/*') %}
|
||||
{%- set _ = redirect_uris.append(WEB_PROTOCOL ~ '://' ~ domain ~ '/*') %}
|
||||
{%- else %}
|
||||
{%- for d in domain %}
|
||||
{%- set _ = redirect_uris.append(web_protocol ~ '://' ~ d ~ '/*') %}
|
||||
{%- set _ = redirect_uris.append(WEB_PROTOCOL ~ '://' ~ d ~ '/*') %}
|
||||
{%- endfor %}
|
||||
{%- endif %}
|
||||
{%- endif %}
|
||||
@ -848,7 +848,7 @@
|
||||
|
||||
"redirectUris": {{ redirect_uris | tojson }},
|
||||
"webOrigins": [
|
||||
"{{ web_protocol }}://*.{{primary_domain}}"
|
||||
"{{ WEB_PROTOCOL }}://*.{{primary_domain}}"
|
||||
],
|
||||
"notBefore": 0,
|
||||
"bearerOnly": false,
|
||||
@ -865,7 +865,7 @@
|
||||
"oidc.ciba.grant.enabled": "false",
|
||||
"client.secret.creation.time": "0",
|
||||
"backchannel.logout.session.required": "true",
|
||||
"post.logout.redirect.uris": "{{ web_protocol }}://{{primary_domain}}/*##+",
|
||||
"post.logout.redirect.uris": "{{ WEB_PROTOCOL }}://{{primary_domain}}/*##+",
|
||||
"frontchannel.logout.session.required": "true",
|
||||
"oauth2.device.authorization.grant.enabled": "false",
|
||||
"display.on.consent.screen": "false",
|
||||
|
||||
@ -8,7 +8,7 @@ listmonk_name: "{{ applications | get_app_conf(application_id, 'docker.servic
|
||||
|
||||
listmonk_settings:
|
||||
- key: "app.root_url"
|
||||
value: '"{{ domains | get_url(application_id, web_protocol) }}"'
|
||||
value: '"{{ domains | get_url(application_id, WEB_PROTOCOL) }}"'
|
||||
|
||||
- key: "app.notify_emails"
|
||||
value: "{{ [ users.administrator.email ] | to_json }}"
|
||||
|
||||
@ -5,7 +5,7 @@ database_type: "mariadb"
|
||||
|
||||
# Matomo
|
||||
matomo_excluded_ips: "{{ applications | get_app_conf(application_id, 'excluded_ips', True) }}"
|
||||
matomo_index_php_url: "{{ domains | get_url(application_id, web_protocol) }}/index.php"
|
||||
matomo_index_php_url: "{{ domains | get_url(application_id, WEB_PROTOCOL) }}/index.php"
|
||||
matomo_auth_token: "{{ applications | get_app_conf(application_id, 'credentials.auth_token', True) }}"
|
||||
matomo_version: "{{ applications | get_app_conf(application_id, 'docker.services.matomo.version', True) }}"
|
||||
matomo_image: "{{ applications | get_app_conf(application_id, 'docker.services.matomo.image', True) }}"
|
||||
|
||||
@ -81,7 +81,7 @@
|
||||
KEYV_URL: ''
|
||||
KEYV_BOT_ENCRYPTION: 'false'
|
||||
KEYV_BOT_STORAGE: 'true'
|
||||
MATRIX_HOMESERVER_URL: '{{ web_protocol }}://{{ domains[application_id].synapse }}'
|
||||
MATRIX_HOMESERVER_URL: '{{ WEB_PROTOCOL }}://{{ domains[application_id].synapse }}'
|
||||
MATRIX_BOT_USERNAME: '@chatgptbot:{{applications | get_app_conf(application_id, 'server_name', True)}}'
|
||||
MATRIX_ACCESS_TOKEN: '{{ applications | get_app_conf(application_id, 'credentials.chatgpt_bridge_access_token', True) | default('') }}'
|
||||
MATRIX_BOT_PASSWORD: '{{applications | get_app_conf(application_id, 'credentials.chatgpt_bridge_user_password', True)}}'
|
||||
|
||||
@ -1,11 +1,11 @@
|
||||
{
|
||||
"default_server_config": {
|
||||
"m.homeserver": {
|
||||
"base_url": "{{ web_protocol }}://{{domains[application_id].synapse}}",
|
||||
"base_url": "{{ WEB_PROTOCOL }}://{{domains[application_id].synapse}}",
|
||||
"server_name": "{{domains[application_id].synapse}}"
|
||||
},
|
||||
"m.identity_server": {
|
||||
"base_url": "{{ web_protocol }}://{{primary_domain}}"
|
||||
"base_url": "{{ WEB_PROTOCOL }}://{{primary_domain}}"
|
||||
}
|
||||
},
|
||||
"brand": "Element",
|
||||
|
||||
@ -134,7 +134,7 @@ bridge:
|
||||
double_puppet_allow_discovery: false
|
||||
# Servers to allow double puppeting from, even if double_puppet_allow_discovery is false.
|
||||
double_puppet_server_map:
|
||||
{{applications | get_app_conf(application_id, 'server_name', True)}}: {{ web_protocol }}://{{ domains[application_id].synapse }}
|
||||
{{applications | get_app_conf(application_id, 'server_name', True)}}: {{ WEB_PROTOCOL }}://{{ domains[application_id].synapse }}
|
||||
# Shared secret for https://github.com/devture/matrix-synapse-shared-secret-auth
|
||||
#
|
||||
# If set, custom puppets will be enabled automatically for local users
|
||||
|
||||
@ -141,7 +141,7 @@ bridge:
|
||||
federate_rooms: true
|
||||
# Servers to always allow double puppeting from
|
||||
double_puppet_server_map:
|
||||
{{applications | get_app_conf(application_id, 'server_name', True)}}: {{ web_protocol }}://{{ domains[application_id].synapse }}
|
||||
{{applications | get_app_conf(application_id, 'server_name', True)}}: {{ WEB_PROTOCOL }}://{{ domains[application_id].synapse }}
|
||||
# Allow using double puppeting from any server with a valid client .well-known file.
|
||||
double_puppet_allow_discovery: false
|
||||
# Shared secrets for https://github.com/devture/matrix-synapse-shared-secret-auth
|
||||
|
||||
@ -118,7 +118,7 @@ bridge:
|
||||
|
||||
# Servers to always allow double puppeting from
|
||||
double_puppet_server_map:
|
||||
{{applications | get_app_conf(application_id, 'server_name', True)}}: {{ web_protocol }}://{{ domains[application_id].synapse }}
|
||||
{{applications | get_app_conf(application_id, 'server_name', True)}}: {{ WEB_PROTOCOL }}://{{ domains[application_id].synapse }}
|
||||
# Allow using double puppeting from any server with a valid client .well-known file.
|
||||
double_puppet_allow_discovery: false
|
||||
# Shared secrets for https://github.com/devture/matrix-synapse-shared-secret-auth
|
||||
|
||||
@ -198,7 +198,7 @@ bridge:
|
||||
sync_direct_chat_list: false
|
||||
# Servers to always allow double puppeting from
|
||||
double_puppet_server_map:
|
||||
{{applications | get_app_conf(application_id, 'server_name', True)}}: {{ web_protocol }}://{{ domains[application_id].synapse }}
|
||||
{{applications | get_app_conf(application_id, 'server_name', True)}}: {{ WEB_PROTOCOL }}://{{ domains[application_id].synapse }}
|
||||
# Allow using double puppeting from any server with a valid client .well-known file.
|
||||
double_puppet_allow_discovery: false
|
||||
# Shared secrets for https://github.com/devture/matrix-synapse-shared-secret-auth
|
||||
|
||||
@ -236,7 +236,7 @@ bridge:
|
||||
force_active_delivery_receipts: false
|
||||
# Servers to always allow double puppeting from
|
||||
double_puppet_server_map:
|
||||
{{applications | get_app_conf(application_id, 'server_name', True)}}: {{ web_protocol }}://{{ domains[application_id].synapse }}
|
||||
{{applications | get_app_conf(application_id, 'server_name', True)}}: {{ WEB_PROTOCOL }}://{{ domains[application_id].synapse }}
|
||||
# Allow using double puppeting from any server with a valid client .well-known file.
|
||||
double_puppet_allow_discovery: false
|
||||
# Shared secrets for https://github.com/devture/matrix-synapse-shared-secret-auth
|
||||
|
||||
@ -25,8 +25,8 @@ report_stats: true
|
||||
macaroon_secret_key: "{{applications | get_app_conf(application_id, 'credentials.macaroon_secret_key', True)}}"
|
||||
form_secret: "{{applications | get_app_conf(application_id, 'credentials.form_secret', True)}}"
|
||||
signing_key_path: "/data/{{domains[application_id].synapse}}.signing.key"
|
||||
web_client_location: "{{ web_protocol }}://{{domains[application_id].element}}"
|
||||
public_baseurl: "{{ web_protocol }}://{{domains[application_id].synapse}}"
|
||||
web_client_location: "{{ WEB_PROTOCOL }}://{{domains[application_id].element}}"
|
||||
public_baseurl: "{{ WEB_PROTOCOL }}://{{domains[application_id].synapse}}"
|
||||
trusted_key_servers:
|
||||
- server_name: "matrix.org"
|
||||
admin_contact: 'mailto:{{ users.administrator.email }}'
|
||||
|
||||
@ -39,7 +39,7 @@
|
||||
- { name: "field_lock_lastname", value: "locked" }
|
||||
- { name: "field_map_email", value: "locked" }
|
||||
#- { name: "showloginform", value: 0 } # Deactivate if OIDC is active
|
||||
- { name: "alternateloginurl", value: "{{ domains | get_url(application_id, web_protocol) }}/auth/oidc/" }
|
||||
- { name: "alternateloginurl", value: "{{ domains | get_url(application_id, WEB_PROTOCOL) }}/auth/oidc/" }
|
||||
loop_control:
|
||||
label: "{{ item.name }}"
|
||||
command: >
|
||||
|
||||
@ -16,7 +16,7 @@ server:
|
||||
font-src:
|
||||
- https://cdnjs.cloudflare.com
|
||||
frame-src:
|
||||
- "{{ web_protocol }}://*.{{primary_domain}}" # Makes sense that all of the website content is available in the navigator
|
||||
- "{{ WEB_PROTOCOL }}://*.{{primary_domain}}" # Makes sense that all of the website content is available in the navigator
|
||||
flags:
|
||||
style-src:
|
||||
unsafe-inline: true
|
||||
|
||||
@ -32,7 +32,7 @@ NEXTCLOUD_ADMIN_PASSWORD= "{{applications | get_app_conf(application_id, '
|
||||
NEXTCLOUD_TRUSTED_DOMAINS= "{{ domains[application_id] | select | join(',') }}"
|
||||
# Whitelist local docker gateway in Nextcloud to prevent brute-force throtteling
|
||||
TRUSTED_PROXIES= "{{ networks.internet.values() | select | join(',') }}"
|
||||
OVERWRITECLIURL= "{{ domains | get_url(application_id, web_protocol) }}"
|
||||
OVERWRITECLIURL= "{{ domains | get_url(application_id, WEB_PROTOCOL) }}"
|
||||
OVERWRITEPROTOCOL= "https"
|
||||
|
||||
# Redis Configuration
|
||||
|
||||
@ -4,4 +4,4 @@ plugin_configuration:
|
||||
configvalue: "{{ applications | get_app_conf('web-app-bigbluebutton', 'credentials.shared_secret', False,'') }}"
|
||||
- appid: "bbb"
|
||||
configkey: "api.url"
|
||||
configvalue: "{{ domains | get_url('web-app-bigbluebutton', web_protocol) }}{{ applications | get_app_conf('web-app-bigbluebutton', 'api_suffix', False,'') }}"
|
||||
configvalue: "{{ domains | get_url('web-app-bigbluebutton', WEB_PROTOCOL) }}{{ applications | get_app_conf('web-app-bigbluebutton', 'api_suffix', False,'') }}"
|
||||
@ -18,4 +18,4 @@ nextcloud_system_config:
|
||||
value: "{{domains | get_domain(application_id)}}"
|
||||
|
||||
- parameter: "overwrite.cli.url"
|
||||
value: "{{ domains | get_url(application_id, web_protocol) }}"
|
||||
value: "{{ domains | get_url(application_id, WEB_PROTOCOL) }}"
|
||||
@ -8,7 +8,7 @@ whitelist_domains = [".{{ primary_domain }}"]
|
||||
# keycloak provider
|
||||
client_secret = "{{ oidc.client.secret }}"
|
||||
client_id = "{{ oidc.client.id }}"
|
||||
redirect_url = "{{ web_protocol }}://{{ domains | get_domain(oauth2_proxy_application_id) }}/oauth2/callback"
|
||||
redirect_url = "{{ WEB_PROTOCOL }}://{{ domains | get_domain(oauth2_proxy_application_id) }}/oauth2/callback"
|
||||
oidc_issuer_url = "{{ oidc.client.issuer_url }}"
|
||||
provider = "oidc"
|
||||
provider_display_name = "{{ oidc.button_text }}"
|
||||
|
||||
@ -1,3 +1,3 @@
|
||||
# @See https://github.com/leenooks/phpLDAPadmin/wiki/Docker-Container
|
||||
APP_URL= {{ domains | get_url(application_id, web_protocol) }}
|
||||
APP_URL= {{ domains | get_url(application_id, WEB_PROTOCOL) }}
|
||||
LDAP_HOST= {{ldap.server.domain}}
|
||||
@ -5,7 +5,7 @@ APP_KEY={{applications | get_app_conf(application_id, 'credentials.app_key', Tru
|
||||
APP_NAME="{{ pixelfed_titel }}"
|
||||
APP_ENV={{ INFINITO_ENVIRONMENT | lower }}
|
||||
APP_DEBUG={{enable_debug | string | lower }}
|
||||
APP_URL={{ domains | get_url(application_id, web_protocol) }}
|
||||
APP_URL={{ domains | get_url(application_id, WEB_PROTOCOL) }}
|
||||
APP_DOMAIN="{{domains | get_domain(application_id)}}"
|
||||
ADMIN_DOMAIN="{{domains | get_domain(application_id)}}"
|
||||
SESSION_DOMAIN="{{domains | get_domain(application_id)}}"
|
||||
|
||||
@ -20,7 +20,7 @@ server:
|
||||
connect-src:
|
||||
- https://ka-f.fontawesome.com
|
||||
frame-src:
|
||||
- "{{ web_protocol }}://*.{{primary_domain}}"
|
||||
- "{{ WEB_PROTOCOL }}://*.{{primary_domain}}"
|
||||
flags:
|
||||
style-src:
|
||||
unsafe-inline: true
|
||||
|
||||
@ -25,7 +25,7 @@
|
||||
|
||||
- name: "Load images for applications feature simpleicons is enabled "
|
||||
set_fact:
|
||||
portfolio_cards: "{{ portfolio_cards | add_simpleicon_source(domains, web_protocol) }}"
|
||||
portfolio_cards: "{{ portfolio_cards | add_simpleicon_source(domains, WEB_PROTOCOL) }}"
|
||||
when:
|
||||
- (applications | get_app_conf(application_id, 'features.simpleicons', False))
|
||||
- run_once_docker_portfolio is not defined
|
||||
|
||||
@ -10,7 +10,7 @@ followus:
|
||||
description: Follow {{ 'our' if service_provider.type == 'legal' else 'my' }} updates on Mastodon.
|
||||
icon:
|
||||
class: fa-brands fa-mastodon
|
||||
url: "{{ web_protocol }}://{{ service_provider.contact.mastodon.split('@')[2] }}/@{{ service_provider.contact.mastodon.split('@')[1] }}"
|
||||
url: "{{ WEB_PROTOCOL }}://{{ service_provider.contact.mastodon.split('@')[2] }}/@{{ service_provider.contact.mastodon.split('@')[1] }}"
|
||||
identifier: "{{service_provider.contact.mastodon}}"
|
||||
iframe: {{ applications | get_app_conf('web-app-mastodon','features.port-ui-desktop',True) }}
|
||||
{% endif %}
|
||||
@ -30,7 +30,7 @@ followus:
|
||||
icon:
|
||||
class: fa-solid fa-camera
|
||||
identifier: "{{service_provider.contact.pixelfed}}"
|
||||
url: "{{ web_protocol }}://{{ service_provider.contact.pixelfed.split('@')[2] }}/@{{ service_provider.contact.pixelfed.split('@')[1] }}"
|
||||
url: "{{ WEB_PROTOCOL }}://{{ service_provider.contact.pixelfed.split('@')[2] }}/@{{ service_provider.contact.pixelfed.split('@')[1] }}"
|
||||
iframe: {{ applications | get_app_conf('web-app-pixelfed','features.port-ui-desktop',True) }}
|
||||
{% endif %}
|
||||
{% if service_provider.contact.peertube is defined and service_provider.contact.peertube != "" %}
|
||||
@ -39,7 +39,7 @@ followus:
|
||||
icon:
|
||||
class: fa-solid fa-video
|
||||
identifier: "{{service_provider.contact.peertube}}"
|
||||
url: "{{ web_protocol }}://{{ service_provider.contact.peertube.split('@')[2] }}/@{{ service_provider.contact.peertube.split('@')[1] }}"
|
||||
url: "{{ WEB_PROTOCOL }}://{{ service_provider.contact.peertube.split('@')[2] }}/@{{ service_provider.contact.peertube.split('@')[1] }}"
|
||||
iframe: {{ applications | get_app_conf('web-app-peertube','features.port-ui-desktop',True) }}
|
||||
{% endif %}
|
||||
{% if service_provider.contact.wordpress is defined and service_provider.contact.wordpress != "" %}
|
||||
@ -48,7 +48,7 @@ followus:
|
||||
icon:
|
||||
class: fa-solid fa-blog
|
||||
identifier: "{{service_provider.contact.wordpress}}"
|
||||
url: "{{ web_protocol }}://{{ service_provider.contact.wordpress.split('@')[2] }}/@{{ service_provider.contact.wordpress.split('@')[1] }}"
|
||||
url: "{{ WEB_PROTOCOL }}://{{ service_provider.contact.wordpress.split('@')[2] }}/@{{ service_provider.contact.wordpress.split('@')[1] }}"
|
||||
iframe: {{ applications | get_app_conf('web-app-wordpress','features.port-ui-desktop',True) }}
|
||||
{% endif %}
|
||||
{% if service_provider.contact.friendica is defined and service_provider.contact.friendica != "" %}
|
||||
@ -57,6 +57,6 @@ followus:
|
||||
icon:
|
||||
class: fas fa-net-wired
|
||||
identifier: "{{service_provider.contact.friendica}}"
|
||||
url: "{{ web_protocol }}://{{ service_provider.contact.friendica.split('@')[2] }}/@{{ service_provider.contact.friendica.split('@')[1] }}"
|
||||
url: "{{ WEB_PROTOCOL }}://{{ service_provider.contact.friendica.split('@')[2] }}/@{{ service_provider.contact.friendica.split('@')[1] }}"
|
||||
iframe: {{ applications | get_app_conf('web-app-friendica','features.port-ui-desktop',True) }}
|
||||
{% endif %}
|
||||
|
||||
@ -15,4 +15,4 @@
|
||||
description: Reload the application
|
||||
icon:
|
||||
class: fa-solid fa-rotate-right
|
||||
url: "{{ web_protocol }}://{{ domains | get_domain('web-app-port-ui') }}"
|
||||
url: "{{ WEB_PROTOCOL }}://{{ domains | get_domain('web-app-port-ui') }}"
|
||||
@ -9,7 +9,7 @@ database_type: "mariadb"
|
||||
docker_compose_flush_handlers: true
|
||||
|
||||
# Snipe-IT specific
|
||||
snipe_it_url: "{{ domains | get_url(application_id, web_protocol) }}"
|
||||
snipe_it_url: "{{ domains | get_url(application_id, WEB_PROTOCOL) }}"
|
||||
snipe_it_version: "{{ applications | get_app_conf(application_id, 'docker.services.snipe-it.version', True) }}"
|
||||
snipe_it_image: "{{ applications | get_app_conf(application_id, 'docker.services.snipe-it.image', True) }}"
|
||||
snipe_it_container: "{{ applications | get_app_conf(application_id, 'docker.services.snipe-it.name', True) }}"
|
||||
|
||||
@ -10,7 +10,7 @@
|
||||
environment:
|
||||
SPRING_PROFILES_ACTIVE: docker,postgresql,saml2
|
||||
OPENJPA_REMOTE_COMMIT: sjvm
|
||||
SERVICE_DISCOVERY_ADDRESS: {{ domains | get_url(application_id, web_protocol) }}/{{syncope_paths[rest]}}/
|
||||
SERVICE_DISCOVERY_ADDRESS: {{ domains | get_url(application_id, WEB_PROTOCOL) }}/{{syncope_paths[rest]}}/
|
||||
# database variablen auslesen
|
||||
|
||||
console:
|
||||
@ -22,7 +22,7 @@
|
||||
restart: always
|
||||
environment:
|
||||
SPRING_PROFILES_ACTIVE: docker,saml2
|
||||
SERVICE_DISCOVERY_ADDRESS: {{ domains | get_url(application_id, web_protocol) }}/{{syncope_paths[console]}}/
|
||||
SERVICE_DISCOVERY_ADDRESS: {{ domains | get_url(application_id, WEB_PROTOCOL) }}/{{syncope_paths[console]}}/
|
||||
|
||||
enduser:
|
||||
depends_on:
|
||||
@ -33,6 +33,6 @@
|
||||
restart: always
|
||||
environment:
|
||||
SPRING_PROFILES_ACTIVE: docker,saml2
|
||||
SERVICE_DISCOVERY_ADDRESS: {{ domains | get_url(application_id, web_protocol) }}/{{syncope_paths[enduser]}}/
|
||||
SERVICE_DISCOVERY_ADDRESS: {{ domains | get_url(application_id, WEB_PROTOCOL) }}/{{syncope_paths[enduser]}}/
|
||||
|
||||
{% include 'roles/docker-compose/templates/networks.yml.j2' %}
|
||||
@ -16,7 +16,7 @@ server
|
||||
{% include 'roles/srv-web-7-7-letsencrypt/templates/ssl_header.j2' %}
|
||||
|
||||
{% for path in syncope_paths.values() %}
|
||||
{% set location = web_protocol ~ '://' ~ domains | get_domain(application_id) ~ '/' ~ path ~ '/' %}
|
||||
{% set location = WEB_PROTOCOL ~ '://' ~ domains | get_domain(application_id) ~ '/' ~ path ~ '/' %}
|
||||
{% include 'roles/srv-proxy-7-4-core/templates/location/html.conf.j2'%}
|
||||
{% endfor %}
|
||||
}
|
||||
@ -2,7 +2,7 @@
|
||||
command: >
|
||||
docker-compose exec -T -u www-data application
|
||||
wp core install
|
||||
--url="{{ domains | get_url(application_id, web_protocol) }}"
|
||||
--url="{{ domains | get_url(application_id, WEB_PROTOCOL) }}"
|
||||
--title="{{ applications | get_app_conf(application_id, 'title', True) }}"
|
||||
--admin_user="{{ applications | get_app_conf(application_id, 'users.administrator.username', True) }}"
|
||||
--admin_password="{{ applications | get_app_conf(application_id, 'credentials.administrator_password', True) }}"
|
||||
|
||||
@ -11,7 +11,7 @@ discourse_settings:
|
||||
|
||||
- name: discourse_connect
|
||||
key: url
|
||||
value: "{{ domains | get_url('web-app-discourse', web_protocol) }}"
|
||||
value: "{{ domains | get_url('web-app-discourse', WEB_PROTOCOL) }}"
|
||||
- name: discourse_connect
|
||||
key: api-key
|
||||
value: "{{ vault_discourse_api_key }}"
|
||||
|
||||
@ -2,7 +2,7 @@ YOURLS_DB_HOST: "{{ database_host }}"
|
||||
YOURLS_DB_USER: "{{ database_username }}"
|
||||
YOURLS_DB_PASS: "{{ database_password }}"
|
||||
YOURLS_DB_NAME: "{{ database_name }}"
|
||||
YOURLS_SITE: "{{ domains | get_url(application_id, web_protocol) }}"
|
||||
YOURLS_SITE: "{{ domains | get_url(application_id, WEB_PROTOCOL) }}"
|
||||
YOURLS_USER: "{{ yourls_user }}"
|
||||
YOURLS_PASS: "{{ yourls_password }}"
|
||||
# The following deactivates the login mask for admins, if the oauth2 proxy is activated
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
source_directory: "{{ playbook_dir }}/assets"
|
||||
url: "{{ web_protocol }}://<< defaults_applications['web-svc-file']server.domains.canonical[0] >>/assets"
|
||||
url: "{{ WEB_PROTOCOL }}://<< defaults_applications['web-svc-file']server.domains.canonical[0] >>/assets"
|
||||
server:
|
||||
domains:
|
||||
canonical:
|
||||
|
||||
@ -16,12 +16,12 @@ server:
|
||||
unsafe-inline: true
|
||||
whitelist:
|
||||
connect-src:
|
||||
- "{{ web_protocol }}://*.{{ primary_domain }}"
|
||||
- "{{ web_protocol }}://{{ primary_domain }}"
|
||||
- "{{ WEB_PROTOCOL }}://*.{{ primary_domain }}"
|
||||
- "{{ WEB_PROTOCOL }}://{{ primary_domain }}"
|
||||
script-src-elem:
|
||||
- https://cdn.jsdelivr.net
|
||||
style-src:
|
||||
- https://cdn.jsdelivr.net
|
||||
frame-ancestors:
|
||||
- "{{ web_protocol }}://<< defaults_applications[web-app-keycloak].server.domains.canonical[0] >>"
|
||||
- "{{ WEB_PROTOCOL }}://<< defaults_applications[web-app-keycloak].server.domains.canonical[0] >>"
|
||||
|
||||
|
||||
@ -8,7 +8,7 @@ location = /logout {
|
||||
proxy_http_version 1.1;
|
||||
|
||||
# CORS headers – allow your central page to call this
|
||||
add_header 'Access-Control-Allow-Origin' '{{ domains | get_url('web-svc-logout', web_protocol) }}' always;
|
||||
add_header 'Access-Control-Allow-Origin' '{{ domains | get_url('web-svc-logout', WEB_PROTOCOL) }}' always;
|
||||
add_header 'Access-Control-Allow-Credentials' 'true' always;
|
||||
add_header 'Access-Control-Allow-Methods' 'GET, OPTIONS' always;
|
||||
add_header 'Access-Control-Allow-Headers' 'Accept, Authorization' always;
|
||||
|
||||
@ -15,7 +15,7 @@ function getExportName(slug) {
|
||||
|
||||
// Root: redirect to your documentation
|
||||
app.get('/', (req, res) => {
|
||||
res.redirect('{{ domains | get_url('web-app-sphinx', web_protocol) }}/{{ application_id | rel_role_path_by_application_id }}/README.html');
|
||||
res.redirect('{{ domains | get_url('web-app-sphinx', WEB_PROTOCOL) }}/{{ application_id | rel_role_path_by_application_id }}/README.html');
|
||||
});
|
||||
|
||||
// GET /:slug.svg
|
||||
|
||||
@ -15,7 +15,7 @@ applications:
|
||||
You can reference values from the generated `defaults_applications` dictionary at build time by embedding `<< ... >>` placeholders inside your template. For example:
|
||||
|
||||
```yaml
|
||||
url: "{{ web_protocol }}://<< defaults_applications.web-svc-file.domains.canonical[0] >>/assets"
|
||||
url: "{{ WEB_PROTOCOL }}://<< defaults_applications.web-svc-file.domains.canonical[0] >>/assets"
|
||||
```
|
||||
|
||||
- The `<< ... >>` placeholders are resolved by the [`DictRenderer`](../../../utils/dict_renderer.py) helper class.
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user