mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2025-09-06 02:11:42 +02:00
Optimized LDAP implementation for Snipe-IT and implemented Mobilizon draft
This commit is contained in:
27
roles/docker-mobilizon/templates/docker-compose.yml.j2
Normal file
27
roles/docker-mobilizon/templates/docker-compose.yml.j2
Normal file
@@ -0,0 +1,27 @@
|
||||
version: "3"
|
||||
|
||||
services:
|
||||
|
||||
{% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %}
|
||||
|
||||
mobilizon:
|
||||
image: "{{ applications[application_id].images[application_id] }}"
|
||||
volumes:
|
||||
- uploads:/var/lib/mobilizon/uploads
|
||||
# - ./config.exs:/etc/mobilizon/config.exs:ro
|
||||
ports:
|
||||
- "127.0.0.1:{{ ports.localhost.http[application_id] }}:{{ mobilizon_exposed_docker_port }}"
|
||||
healthcheck:
|
||||
test: ["CMD", "curl", "-f", "http://127.0.0.1:{{ mobilizon_exposed_docker_port }}"]
|
||||
interval: 30s
|
||||
timeout: 10s
|
||||
retries: 3
|
||||
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
|
||||
{% include 'templates/docker/container/depends-on-just-database.yml.j2' %}
|
||||
{% include 'templates/docker/container/networks.yml.j2' %}
|
||||
|
||||
{% include 'templates/docker/compose/volumes.yml.j2' %}
|
||||
uploads:
|
||||
|
||||
{% include 'templates/docker/compose/networks.yml.j2' %}
|
||||
|
||||
129
roles/docker-mobilizon/templates/env.j2
Normal file
129
roles/docker-mobilizon/templates/env.j2
Normal file
@@ -0,0 +1,129 @@
|
||||
# Copy this file to .env, then update it with your own settings
|
||||
|
||||
|
||||
######################################################
|
||||
# Instance configuration #
|
||||
######################################################
|
||||
|
||||
# The name for your instance
|
||||
MOBILIZON_INSTANCE_NAME={{ applications[application_id].titel }}
|
||||
|
||||
# Your domain
|
||||
MOBILIZON_INSTANCE_HOST={{ domains | get_domain(application_id) }}
|
||||
|
||||
# The IP to listen on (defaults to 0.0.0.0)
|
||||
# MOBILIZON_INSTANCE_LISTEN_IP
|
||||
|
||||
# The port to listen on (defaults to 4000). Point your reverse proxy on this port.
|
||||
MOBILIZON_INSTANCE_PORT={{ mobilizon_exposed_docker_port }}
|
||||
|
||||
# Whether registrations are opened or closed. Can be changed in the admin settings UI as well.
|
||||
# Make sure to moderate actively your instance if registrations are opened.
|
||||
MOBILIZON_INSTANCE_REGISTRATIONS_OPEN=false
|
||||
|
||||
# From which email will the emails be sent
|
||||
MOBILIZON_INSTANCE_EMAIL={{ users["no-reply"].email }}
|
||||
|
||||
# To which email with the replies be sent
|
||||
MOBILIZON_REPLY_EMAIL={{ users["administrator"].email }}
|
||||
|
||||
# The loglevel setting.
|
||||
# You can find accepted values here: https://hexdocs.pm/logger/Logger.html#module-levels
|
||||
# Defaults to error
|
||||
MOBILIZON_LOGLEVEL={% if enable_debug | bool %}debug{% else %}error{% endif %}
|
||||
|
||||
######################################################
|
||||
# Database settings #
|
||||
######################################################
|
||||
|
||||
# The values below will be given to both the PostGIS (PostgreSQL) and Mobilizon containers
|
||||
# Use the next settings if you plan to use an existing external database
|
||||
|
||||
# The Mobilizon Database username. Defaults to $POSTGRES_USER.
|
||||
# Change if using an external database.
|
||||
MOBILIZON_DATABASE_USERNAME={{ database_username }}
|
||||
|
||||
# The Mobilizon Database password. Defaults to $POSTGRES_PASSWORD.
|
||||
# Change if using an external database.
|
||||
MOBILIZON_DATABASE_PASSWORD={{ database_password }}
|
||||
|
||||
# The Mobilizon Database name. Defaults to $POSTGRES_DB.
|
||||
# Change if using an external database.
|
||||
MOBILIZON_DATABASE_DBNAME={{ database_name }}
|
||||
|
||||
# The Mobilizon database host. Useful if using an external database.
|
||||
MOBILIZON_DATABASE_HOST={{ database_host }}
|
||||
|
||||
# The Mobilizon database port. Useful if using an external database.
|
||||
MOBILIZON_DATABASE_PORT={{ database_port }}
|
||||
|
||||
# Whether to use SSL to connect to the Mobilizon database. Useful if using an external database.
|
||||
# MOBILIZON_DATABASE_SSL=false
|
||||
|
||||
######################################################
|
||||
# Secrets #
|
||||
######################################################
|
||||
|
||||
# A secret key used as a base to generate secrets for encrypting and signing data.
|
||||
# Make sure it's long enough (~64 characters should be fine)
|
||||
# You can run `openssl rand -base64 48` to generate such a secret
|
||||
MOBILIZON_INSTANCE_SECRET_KEY_BASE={{ applications[application_id].secret_key_base }}
|
||||
|
||||
# A secret key used as a base to generate JWT tokens
|
||||
# Make sure it's long enough (~64 characters should be fine)
|
||||
# You can run `openssl rand -base64 48` to generate such a secret
|
||||
MOBILIZON_INSTANCE_SECRET_KEY={{ applications[application_id].secret_key }}
|
||||
|
||||
|
||||
######################################################
|
||||
# Email settings #
|
||||
######################################################
|
||||
|
||||
# The SMTP server
|
||||
# Defaults to localhost
|
||||
MOBILIZON_SMTP_SERVER={{system_email.host}}
|
||||
MOBILIZON_SMTP_PORT={{system_email.port}}
|
||||
MOBILIZON_SMTP_USERNAME={{ users['no-reply'].email }}
|
||||
MOBILIZON_SMTP_PASSWORD={{ users['no-reply'].mailu_token }}
|
||||
|
||||
# Whether to use SSL for SMTP.
|
||||
# Boolean
|
||||
# Defaults to false
|
||||
MOBILIZON_SMTP_SSL=false
|
||||
|
||||
# Whether to use TLS for SMTP.
|
||||
# Allowed values: always (TLS), never (Clear) and if_available (STARTTLS)
|
||||
# Make sure to match the port value as well
|
||||
# Defaults to "if_available"
|
||||
MOBILIZON_SMTP_TLS={% if system_email.tls %}TLS{% elif system_email.start_tls %}STARTTLS{% else %}Clear{% endif %}
|
||||
|
||||
{% if applications | is_feature_enabled('oidc',application_id) %}
|
||||
####################################
|
||||
# ▶️ Mobilizon OIDC Configuration
|
||||
####################################
|
||||
|
||||
AUTHENTICATION_STRATEGIES=open_id_connect
|
||||
|
||||
# Display name of the OIDC login button
|
||||
UEBERAUTH_OPENID_CONNECT_DISPLAY_NAME="{{ oidc.button_text }}"
|
||||
|
||||
# Use discovery to automatically fetch OIDC provider settings
|
||||
UEBERAUTH_OPENID_CONNECT_DISCOVERY_DOCUMENT={{ oidc.client.discovery_document }}
|
||||
|
||||
# OIDC OAuth2 client credentials
|
||||
UEBERAUTH_OPENID_CONNECT_CLIENT_ID={{ oidc.client.id }}
|
||||
UEBERAUTH_OPENID_CONNECT_CLIENT_SECRET={{ oidc.client.secret }}
|
||||
|
||||
# Redirect URI for the OIDC callback
|
||||
UEBERAUTH_OPENID_CONNECT_REDIRECT_URI={{ mobilizon_oidc_callback_url }}
|
||||
|
||||
# Scope and response type for OIDC
|
||||
UEBERAUTH_OPENID_CONNECT_SCOPE=openid email profile
|
||||
UEBERAUTH_OPENID_CONNECT_RESPONSE_TYPE=code
|
||||
|
||||
# Claim/field used to uniquely identify the user
|
||||
UEBERAUTH_OPENID_CONNECT_UID_FIELD={{ oidc.attributes.username }}
|
||||
|
||||
# Optional email verification behavior
|
||||
UEBERAUTH_OPENID_CONNECT_ASSUME_EMAIL_IS_VERIFIED=true
|
||||
{% endif %}
|
||||
Reference in New Issue
Block a user