kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-12-15 21:33:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Implement initial BookWyrm role

Browse Source 
- Removed obsolete TODO.md
- Added config/main.yml with service, feature, CSP, and registration settings
- Added schema/main.yml defining vaulted SECRET_KEY (alphanumeric)
- Added tasks/main.yml to load stateful stack
- Added Dockerfile.j2 ensuring data/media dirs
- Added docker-compose.yml.j2 with application, worker, redis, volumes
- Added env.j2 with registration, secrets, DB, Redis, OIDC support
- Extended vars/main.yml with BookWyrm variables and OIDC, Docker, Redis settings
- Updated meta/main.yml with logo and run_after dependencies

Ref: https://chatgpt.com/share/68b6c060-3a0c-800f-89f8-e114a16a4a80
This commit is contained in:
Kevin Veen-Birkenbach
2025-09-02 12:03:11 +02:00
parent 5dfc2efb5a
commit bc56940e55
9 changed files with 189 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
roles/web-app-bookwyrm/templates/env.j2 Normal file
View File

@@ -0,0 +1,40 @@
# Core
BOOKWYRM_URL="{{ BOOKWYRM_URL }}"
DOMAIN="{{ BOOKWYRM_HOSTNAME }}"
PORT="{{ WEB_PORT }}"
WEB_PROTOCOL="{{ WEB_PROTOCOL }}"
MEDIA_ROOT="/app/media"
DATA_ROOT="/app/data"
REGISTRATION_OPEN={{ BOOKWYRM_REGISTRATION_OPEN }}
ALLOW_INVITE_REQUESTS={{ BOOKWYRM_ALLOW_INVITE_REQUESTS }}
# Django/Secrets (provide via vault/env in production)
SECRET_KEY="{{ BOOKWYRM_SECRET_KEY }}"
EMAIL="{{ users['no-reply'].email }}"
# Database
DATABASE_URL="postgres://{{ database_username }}:{{ database_password }}@{{ database_host }}:{{ database_port }}/{{ database_name }}"
# Redis / Celery
REDIS_BROKER_URL="redis://{{ BOOKWYRM_REDIS_HOST }}:{{ BOOKWYRM_REDIS_PORT }}/0"
REDIS_CACHE_URL="redis://{{ BOOKWYRM_REDIS_HOST }}:{{ BOOKWYRM_REDIS_PORT }}/1"
# Proxy (if BookWyrm sits behind reverse proxy)
FORWARDED_ALLOW_IPS="*"
USE_X_FORWARDED_HOST="true"
SECURE_PROXY_SSL_HEADER="HTTP_X_FORWARDED_PROTO,{{ WEB_PROTOCOL }}"
# OIDC (optional only if BOOKWYRM_OIDC_ENABLED)
{% if BOOKWYRM_OIDC_ENABLED %}
OIDC_TITLE="{{ BOOKWYRM_OIDC_LABEL | replace('\"','\\\"') }}"
OIDC_ISSUER="{{ BOOKWYRM_OIDC_ISSUER }}"
OIDC_AUTHORIZATION_ENDPOINT="{{ BOOKWYRM_OIDC_AUTH_URL }}"
OIDC_TOKEN_ENDPOINT="{{ BOOKWYRM_OIDC_TOKEN_URL }}"
OIDC_USERINFO_ENDPOINT="{{ BOOKWYRM_OIDC_USERINFO_URL }}"
OIDC_END_SESSION_ENDPOINT="{{ BOOKWYRM_OIDC_LOGOUT_URL }}"
OIDC_JWKS_URI="{{ BOOKWYRM_OIDC_JWKS_URL }}"
OIDC_CLIENT_ID="{{ BOOKWYRM_OIDC_CLIENT_ID }}"
OIDC_CLIENT_SECRET="{{ BOOKWYRM_OIDC_CLIENT_SECRET }}"
OIDC_SCOPES="{{ BOOKWYRM_OIDC_SCOPES }}"
OIDC_UNIQUE_ATTRIBUTE="{{ BOOKWYRM_OIDC_UNIQUE_ATTRIBUTE }}"
{% endif %}