kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-08-29 15:06:26 +02:00
Code Issues Packages Projects Releases Wiki Activity

Refactored CyMaIS basic features and optimized wordpress implementation

Browse Source
This commit is contained in:
Kevin Veen-Birkenbach
2025-04-18 23:17:29 +02:00
parent ec5beff22f
commit f8c984d6c2
56 changed files with 1262 additions and 325 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
group_vars/all/.gitignore vendored Normal file
View File

@@ -0,0 +1 @@
*_applications.yml

19
group_vars/all/00_general.yml
View File

@@ -51,21 +51,4 @@ enable_wildcard_certificate: false
# This enables debugging in ansible and in the apps
# You SHOULD NOT enable this on production servers
enable_debug: false
#########################
## ENABLED DEFAULTS ##
#########################
# The following defaults are used for the default_applications
# It can be that in a default_applications the value for one application is overwritten.
# You can overwritte it in this case in the applications in your inventory
## Matomo Tracking
matomo_tracking_enabled_default: true # Enables\Disables Matomo tracking on all html pages by default.
## CSS
css_enabled_default: true # Enables\Disables Global CSS on all html pages by default.
## iframe for primary domain
landingpage_iframe_enabled_default: true # Enables\Disables the possibility to be embedded via iframe by default.
enable_debug: false

452
group_vars/all/07_applications.yml
View File

@@ -1,3 +1,4 @@
# Docker Applications
## Docker Role Specific Parameters
@@ -11,9 +12,7 @@ docker_restart_policy: "unless-stopped"
# If other applications depend on this variables, propably it makes sense to define it in e.g. IMA or other variable files.
# helper
_applications_nextcloud_ldap_enabled: "{{ applications.nextcloud.ldap.enabled | default(true) }}"
_applications_nextcloud_oidc_enabled: "{{ applications.nextcloud.oidc.enabled | default(true) }}"
_applications_nextcloud_oidc_flavor: "{{ applications.nextcloud.oidc.flavor | default('oidc_login' if _applications_nextcloud_ldap_enabled else 'sociallogin') }}"
_applications_nextcloud_oidc_flavor: "{{ applications.nextcloud.oidc.flavor | default('oidc_login' if applications.nextcloud.features.ldap | default(true) else 'sociallogin') }}"
# applications
@@ -25,48 +24,46 @@ defaults_applications:
company_name: "{{primary_domain}}"
company_email: "{{users.administrator.email}}"
setup_admin_email: "{{users.administrator.email}}"
database:
central_storage: True
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
features:
matomo: True # Enables Matomo tracking
css: True # Enables custom CSS styling
iframe: False # Allows embedding via iframe on landing page
database: True # Enables use of central database
## Assets Server
assets_server:
source_directory: "{{ playbook_dir }}/assets" # Directory from which the assets will be copied
url: "https://{{domains.file_server}}/assets" # Public address of the assets directory
## Attendize
attendize:
version: "latest"
database:
central_storage: True
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
features:
matomo: True # Enables Matomo tracking
css: True # Enables custom CSS styling
iframe: False # Allows embedding via iframe on landing page
database: True # Enables use of central database
## Baserow
baserow:
version: "latest"
database:
central_storage: True
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
features:
matomo: True # Enables Matomo tracking
css: True # Enables custom CSS styling
iframe: True # Allows embedding via iframe on landing page
database: True # Enables use of central database
## Big Blue Button
bigbluebutton:
enable_greenlight: "true"
setup: false # Set to true in inventory file for initial setup
oidc:
enabled: true # Activate OIDC
database:
central_storage: True
ldap:
enabled: False # @todo LDAP needs to get propper implemented and tested, just set values during refactoring
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
# @todo LDAP needs to get propper implemented and tested, just set values during refactoring
features:
matomo: True # Enables Matomo tracking
css: True # Enables custom CSS styling
iframe: True # Allows embedding via iframe on landing page
ldap: False # Enables LDAP integration and networking
oidc: True # Enables OpenID Connect (OIDC) authentication
database: True # Enables use of central database
credentials:
# shared_secret: # Needs to be defined in inventory file
# etherpad_api_key: # Needs to be defined in inventory file
@@ -87,11 +84,11 @@ defaults_applications:
#jwt_secret: # Needs to be defined in inventory file - Use: openssl rand -base64 64 | tr -d '\n'
#plc_rotation_key_k256_private_key_hex: # Needs to be defined in inventory file - Use: openssl rand -hex 32
#admin_password: # Needs to be defined in inventory file - Use: openssl rand -base64 16
database:
central_storage: True
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
features:
matomo: True # Enables Matomo tracking
css: True # Enables custom CSS styling
iframe: True # Allows embedding via iframe on landing page
database: True # Enables use of central database
# Chromium Browser
chromium:
@@ -110,20 +107,25 @@ defaults_applications:
network: "discourse_default" # Name of the docker network
container: "discourse_application" # Name of the container application
repository: "discourse_repository" # Name of the repository folder
# database_password: # Needs to be defined in inventory file
oidc:
enabled: true # Activate OIDC
database:
central_storage: True # Activate Central Database Storage
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
credentials:
database:
# password: # Needs to be defined in inventory file
master_api:
# key: # Needs to be defined in inventory file
username: "{{ users.administrator.username }}" # Username for the Master API
features:
matomo: True # Enables Matomo tracking
css: True # Enables custom CSS styling
iframe: True # Allows embedding via iframe on landing page
oidc: True # Enables OpenID Connect (OIDC) authentication
database: True # Enables use of central database
## File Server
file_server:
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: "true" # Landingpage should be embeded in portfolio
features:
matomo: True # Enables Matomo tracking
css: True # Enables custom CSS styling
iframe: True # Allows embedding via iframe on landing page
# Firefox Browser
firefox:
@@ -134,47 +136,45 @@ defaults_applications:
## Friendica
friendica:
version: "latest"
oidc:
enabled: true # Activate OIDC. Plugin is not working yet
database:
central_storage: True # Activate Central Database Storage
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
features:
matomo: True # Enables Matomo tracking
css: True # Enables custom CSS styling
iframe: True # Allows embedding via iframe on landing page
oidc: True # Enables OpenID Connect (OIDC) authentication
database: True # Enables use of central database
## Funkwhale
funkwhale:
version: "1.4.0"
ldap:
enabled: True # Enables LDAP by default @todo check implementation
database:
central_storage: True # Activate Central Database Storage
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
features:
matomo: True # Enables Matomo tracking
css: True # Enables custom CSS styling
iframe: True # Allows embedding via iframe on landing page
ldap: True # Enables LDAP integration and networking
database: True # Enables use of central database
## Gitea
gitea:
version: "latest" # Use latest docker image
database:
central_storage: True # Activate Central Database Storage
configuration:
repository:
enable_push_create_user: True # Allow users to push local repositories to Gitea and have them automatically created for a user.
default_private: last # Default private when creating a new repository: last, private, public
default_push_create_private: True # Default private when creating a new repository with push-to-create.
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
features:
matomo: True # Enables Matomo tracking
css: True # Enables custom CSS styling
iframe: True # Allows embedding via iframe on landing page
database: True # Enables use of central database
## Gitlab
gitlab:
version: "latest"
database:
central_storage: True # Activate Central Database Storage
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
features:
matomo: True # Enables Matomo tracking
css: True # Enables custom CSS styling
iframe: True # Allows embedding via iframe on landing page
database: True # Enables use of central database
## Gnome
gnome:
@@ -186,15 +186,17 @@ defaults_applications:
## Joomla
joomla:
version: "latest"
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
features:
matomo: True # Enables Matomo tracking
css: True # Enables custom CSS styling
iframe: True # Allows embedding via iframe on landing page
## HTML Server
html_server:
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: "true" # Landingpage should be embeded in portfolio
features:
matomo: True # Enables Matomo tracking
css: True # Enables custom CSS styling
iframe: False # Allows embedding via iframe on landing page
## Keycloak
keycloak:
@@ -202,31 +204,31 @@ defaults_applications:
users:
administrator:
username: "{{users.administrator.username}}" # Administrator Username for Keycloak
ldap:
enabled: True # Enables LDAP by default
import_realm: True # If True realm will be imported. If false skip.
database:
central_storage: True # Activate Central Database Storage
# database_password: # Needs to be defined in inventory file
# administrator_password: # Needs to be defined in inventory file
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: false # Disabled by default, because it leads to authentification problems
features:
matomo: True # Enables Matomo tracking
css: True # Enables custom CSS styling
iframe: True # Allows embedding via iframe on landing page
ldap: True # Enables LDAP integration and networking
database: True # Enables use of central database
# LDAP Account Manager
lam:
version: "latest"
# administrator_password: "{{users.administrator.initial_password}}" # CHANGE for security reasons
ldap:
enabled: True # Should have the same value as applications.ldap.network.local.
oauth2_proxy:
enabled: true # Activate the OAuth2 Proxy for the LDAP Webinterface
application: application # Needs to be the same as webinterface
port: 80 # application port
# cookie_secret: None # Set via openssl rand -hex 16
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
features:
matomo: True # Enables Matomo tracking
css: True # Enables custom CSS styling
iframe: True # Allows embedding via iframe on landing page
ldap: True # Enables LDAP integration and networking
oauth2: False # Enables OAuth2 proxy integration
database: False # Enables use of central database
## LDAP
ldap:
@@ -242,8 +244,8 @@ defaults_applications:
# administrator_password: # CHANGE for security reasons in inventory file
# administrator_database_password: # CHANGE for security reasons in inventory file
force_import: False # Forces the import of the LDIF files
ldap:
enabled: True # Enables LDAP network by default
features:
ldap: True # Enables LDAP integration and networking
## Libre Office
libreoffice:
@@ -257,31 +259,31 @@ defaults_applications:
public_api_activated: False # Security hole. Can be used for spaming
version: "latest" # Docker Image version
setup: false # Set true in inventory file to execute the setup and initializing procedures
database:
central_storage: True # Activate Central Database Storage
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
features:
matomo: True # Enables Matomo tracking
css: True # Enables custom CSS styling
iframe: True # Allows embedding via iframe on landing page
database: True # Enables use of central database
mailu:
version: "2024.06" # Docker Image Version
setup: false # Set true in inventory file to execute the setup and initializing procedures
oidc:
enabled: true # Activate OIDC for Mailu
email_by_username: true # If true, then the mail is set by the username. If wrong then the OIDC user email is used
enable_user_creation: true # Users will be created if not existing
domain: "{{primary_domain}}" # The main domain from which mails will be send \ email suffix behind @
# I don't know why the database deactivation is necessary
database:
central_storage: False # Deactivate central database for mailu
credentials:
# secret_key: # Set to a randomly generated 16 bytes string
# database_password: # Needs to be set in inventory file
# api_token: # Configures the authentication token. The minimum length is 3 characters. This is a mandatory setting for using the RESTful API.
# initial_administrator_password: # Initial administrator password for setup
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: true # Default enabled because working well in iframe
features:
matomo: True # Enables Matomo tracking
css: True # Enables custom CSS styling
iframe: True # Allows embedding via iframe on landing page
oidc: True # Enables OpenID Connect (OIDC) authentication
database: False # Enables use of central database
# Deactivate central database for mailu, I don't know why the database deactivation is necessary
## MariaDB
mariadb:
@@ -291,25 +293,21 @@ defaults_applications:
matomo:
version: "latest"
oauth2_proxy:
enabled: false # Deactivated atm. @todo implement
# cookie_secret: None # Set via openssl rand -hex 16
# cookie_secret: None # Set via openssl rand -hex 16
# database_password: Null # Needs to be set in inventory file
# auth_token: Null # Needs to be set in inventory file
database:
central_storage: True # Activate Central Database Storage
matomo_tracking_enabled: false # Activate in inventory file if you want to have the statistics, as soon as matomo is running
css_enabled: false # Not optimized yet for matomo
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
features:
matomo: False # Enables Matomo tracking
css: False # Enables custom CSS styling
iframe: False # Allows embedding via iframe on landing page
oauth2: False # Enables OAuth2 proxy integration
database: True # Enables use of central database
## Mastodon
mastodon:
version: "latest"
single_user_mode: false # Set true for initial setup
setup: false # Set true in inventory file to execute the setup and initializing procedures
database:
central_storage: True # Activate Central Database Storage
oidc:
enabled: True # Activate OIDC for Mastodon
credentials:
# Check out the README.md of the docker-mastodon role to get detailled instructions about how to setup the credentials
# database_password:
@@ -322,9 +320,12 @@ defaults_applications:
# deterministic_key:
# key_derivation_salt:
# primary_key:
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
features:
matomo: True # Enables Matomo tracking
css: True # Enables custom CSS styling
iframe: False # Allows embedding via iframe on landing page
oidc: True # Enables OpenID Connect (OIDC) authentication
database: True # Enables use of central database
## Matrix
matrix:
@@ -339,13 +340,13 @@ defaults_applications:
element:
version: "latest"
setup: false # Set true in inventory file to execute the setup and initializing procedures
database:
central_storage: True # Activate Central Database Storage
oidc:
enabled: False # Deactivated OIDC due to this issue https://github.com/matrix-org/synapse/issues/10492
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
features:
matomo: True # Enables Matomo tracking
css: True # Enables custom CSS styling
iframe: False # Allows embedding via iframe on landing page
oidc: False # Enables OpenID Connect (OIDC) authentication
database: True # Enables use of central database
# Deactivated OIDC due to this issue https://github.com/matrix-org/synapse/issues/10492
## Moodle
moodle:
@@ -355,20 +356,20 @@ defaults_applications:
username: "{{users.administrator.username}}"
email: "{{users.administrator.email}}"
version: "latest"
database:
central_storage: True # Activate Central Database Storage
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
features:
matomo: True # Enables Matomo tracking
css: True # Enables custom CSS styling
iframe: False # Allows embedding via iframe on landing page
database: True # Enables use of central database
## MyBB
mybb:
version: "latest"
database:
central_storage: True # Activate Central Database Storage
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
features:
matomo: True # Enables Matomo tracking
css: True # Enables custom CSS styling
iframe: False # Allows embedding via iframe on landing page
database: True # Enables use of central database
## Nextcloud
nextcloud:
@@ -376,17 +377,19 @@ defaults_applications:
ldap:
enabled: True # Enables LDAP by default
oidc:
enabled: "{{ _applications_nextcloud_oidc_enabled }}" # Activate OIDC for Nextcloud
enabled: "{{ applications.nextcloud.features.oidc | default(true) }}" # Activate OIDC for Nextcloud
# floavor decides which OICD plugin should be used.
# Available options: oidc_login, sociallogin
# @see https://apps.nextcloud.com/apps/oidc_login
# @see https://apps.nextcloud.com/apps/sociallogin
flavor: "oidc_login" # Keeping on sociallogin because the other option is not implemented yet
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
database:
central_storage: True # Activate Central Database Storage
features:
matomo: True # Enables Matomo tracking
css: True # Enables custom CSS styling
iframe: False # Allows embedding via iframe on landing page
ldap: True # Enables LDAP integration and networking
oidc: True # Enables OpenID Connect (OIDC) authentication
database: True # Enables use of central database
credentials:
# database_password: Null # Needs to be set in inventory file
users:
@@ -577,13 +580,13 @@ defaults_applications:
# enabled: false
twofactor_nextcloud_notification:
# Nextcloud two-factor notification: sends notifications for two-factor authentication events (https://apps.nextcloud.com/apps/twofactor_nextcloud_notification)
enabled: "{{ (not _applications_nextcloud_oidc_enabled) | lower }}" # Deactivate 2FA if oidc is active
enabled: "{{ not applications.nextcloud.features.oidc | default(true) }}" # Deactivate 2FA if oidc is active
twofactor_totp:
# Nextcloud two-factor TOTP: provides time-based one-time password authentication (https://apps.nextcloud.com/apps/twofactor_totp)
enabled: "{{ (not _applications_nextcloud_oidc_enabled) | lower }}" # Deactivate 2FA if oidc is active
enabled: "{{ not applications.nextcloud.features.oidc | default(true) }}" # Deactivate 2FA if oidc is active
user_ldap:
# Nextcloud user LDAP: integrates LDAP for user management and authentication (https://apps.nextcloud.com/apps/user_ldap)
enabled: "{{ _applications_nextcloud_ldap_enabled | lower }}"
enabled: "{{ applications.nextcloud.features.ldap | default(true) }}"
user_oidc:
# Nextcloud User OIDC: integrates OpenID Connect for user authentication (https://apps.nextcloud.com/apps/user_oidc)
enabled: "{{ _applications_nextcloud_oidc_flavor=='user_oidc' | lower }}"
@@ -600,37 +603,38 @@ defaults_applications:
version: "latest" # Docker Image version
redirect_url: "https://{{domains.keycloak}}/auth/realms/{{primary_domain}}/protocol/openid-connect/auth" # The redirect URL for the OAuth2 flow. It should match the redirect URL configured in Keycloak.
allowed_roles: admin # Restrict it default to admin role. Use the vars/main.yml to open the specific role for other groups
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
features:
matomo: True # Enables Matomo tracking
css: True # Enables custom CSS styling
iframe: False # Allows embedding via iframe on landing page
## Open Project
openproject:
version: "13" # Update when available. Sadly no rolling release implemented
oauth2_proxy:
enabled: true # OpenProject doesn't support OIDC, so this procy in combination with LDAP is needed
application: "proxy"
port: "80"
# cookie_secret: None # Set via openssl rand -hex 16
ldap:
enabled: True # Enables LDAP by default
filters:
administrators: True # Set true to filter administrators
users: False # Set true to filter users
database:
central_storage: True # Activate Central Database Storage
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
features:
matomo: True # Enables Matomo tracking
css: True # Enables custom CSS styling
iframe: False # Allows embedding via iframe on landing page
ldap: True # Enables LDAP integration and networking
oauth2: True # Enables OAuth2 proxy integration
database: True # Enables use of central database
## Peertube
peertube:
version: "bookworm"
database:
central_storage: True # Activate Central Database Storage
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
features:
matomo: True # Enables Matomo tracking
css: True # Enables custom CSS styling
iframe: False # Allows embedding via iframe on landing page
database: True # Enables use of central database
## PgAdmin
pgadmin:
@@ -642,56 +646,54 @@ defaults_applications:
email: "{{ users.administrator.email }}" # Initial login email address
password: "{{ users.administrator.initial_password }}" # Initial login password should be overridden in inventory for security
oauth2_proxy:
enabled: true # Enable OAuth2 proxy for authentication
application: "application"
port: "80"
# cookie_secret: None # Set via: openssl rand -hex 16
database:
central_storage: True # Uses central PostgreSQL database
matomo_tracking_enabled: "{{ matomo_tracking_enabled_default }}" # Enables/Disables Matomo Tracking
css_enabled: "{{ css_enabled_default }}" # Enables/Disables global CSS styling
landingpage_iframe_enabled: "{{ landingpage_iframe_enabled_default }}" # Enables/Disables embedding via iframe
features:
matomo: True # Enables Matomo tracking
css: True # Enables custom CSS styling
iframe: False # Allows embedding via iframe on landing page
oauth2: True # Enables OAuth2 proxy integration
database: True # Enables use of central database
## phpLDAPadmin
phpldapadmin:
version: "2.0.0-dev" # @todo Attention: Change this as fast as released to latest
ldap:
enabled: True # Should have the same value as applications.ldap.network.local.
oauth2_proxy:
enabled: true # Activate the OAuth2 Proxy for the LDAP Webinterface
application: application # Needs to be the same as webinterface
port: 8080 # application port
# cookie_secret: None # Set via openssl rand -hex 16
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
features:
matomo: True # Enables Matomo tracking
css: True # Enables custom CSS styling
iframe: False # Allows embedding via iframe on landing page
ldap: True # Enables LDAP integration and networking
oauth2: True # Enables OAuth2 proxy integration
## PHPMyAdmin
phpmyadmin:
version: "latest" # Use the latest phpmyadmin version
autologin: false # This is a high security risk. Just activate this option if you know what you're doing
oauth2_proxy:
enabled: true
port: "80"
application: "application"
# cookie_secret: None # Set via openssl rand -hex 16
database:
central_storage: True # Activate Central Database Storage
css:
enabled: False # The css needs more optimation for PHPMyAdmin
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
features:
matomo: True # Enables Matomo tracking
css: False # Enables custom CSS styling
iframe: False # Allows embedding via iframe on landing page
oauth2: True # Enables OAuth2 proxy integration
database: True # Enables use of central database
## Pixelfed
pixelfed:
titel: "Pictures on {{primary_domain}}"
version: "latest"
database:
central_storage: True # Activate Central Database Storage
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
features:
matomo: True # Enables Matomo tracking
css: True # Enables custom CSS styling
iframe: False # Allows embedding via iframe on landing page
database: True # Enables use of central database
## Postgres
# Please set an version in your inventory file - Rolling release for postgres isn't recommended
@@ -699,50 +701,50 @@ defaults_applications:
version: "latest"
portfolio:
database:
central_storage: False # Portfolio doesn't use any database
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: false # Doesn't make sense to load landingpage in landingpage
features:
matomo: True # Enables Matomo tracking
css: True # Enables custom CSS styling
iframe: False # Allows embedding via iframe on landing page
## Presentation
presentation:
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: False # Would mess with the presentation layout
landingpage_iframe_enabled: True # Makes sense to make the documentary allways in iframe available
features:
matomo: True # Enables Matomo tracking
css: True # Enables custom CSS styling
iframe: True # Allows embedding via iframe on landing page
# Snipe-IT
snipe_it:
version: "latest"
database:
central_storage: True # Activate Central Database Storage
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
features:
matomo: True # Enables Matomo tracking
css: True # Enables custom CSS styling
iframe: False # Allows embedding via iframe on landing page
database: True # Enables use of central database
## Sphinx
sphinx:
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: true # Makes sense to make the documentary allways in iframe available
features:
matomo: True # Enables Matomo tracking
css: True # Enables custom CSS styling
iframe: False # Allows embedding via iframe on landing page
## Taiga
taiga:
version: "latest"
database:
central_storage: True # Activate Central Database Storage
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
oidc:
# Taiga doesn't have a functioning oidc support at the moment
# See
# - https://community.taiga.io/t/taiga-and-oidc-plugin/4866
#
# Due to this reason this plutin is deactivated atm
enabled: False # De\Activate OIDC for Taiga
flavor: 'taigaio' # Potential flavors: robrotheram, taigaio
features:
matomo: True # Enables Matomo tracking
css: True # Enables custom CSS styling
iframe: False # Allows embedding via iframe on landing page
oidc: False # Enables OpenID Connect (OIDC) authentication
database: True # Enables use of central database
## YOURLS
yourls:
@@ -751,16 +753,16 @@ defaults_applications:
username: "{{users.administrator.username}}"
version: "latest"
oauth2_proxy:
enabled: true
application: "application"
port: "80"
location: "/admin/" # Protects the admin area
# cookie_secret: None # Set via openssl rand -hex 16
database:
central_storage: True # Activate Central Database Storage
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
features:
matomo: True # Enables Matomo tracking
css: True # Enables custom CSS styling
iframe: False # Allows embedding via iframe on landing page
oauth2: True # Enables OAuth2 proxy integration
database: True # Enables use of central database
wordpress:
# Deactivate Global theming for wordpress role
@@ -769,16 +771,18 @@ defaults_applications:
#
# May a solution could be to generate a template or css file dedicated
# for wordpress based on the theming values and import it.
database:
central_storage: True # Activate Central Database Storage
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: false # CSS is hard to tweak for wordpress
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
oidc:
enabled: true # Activate OIDC
title: "Blog"
credentials:
administrator:
username: "{{users.administrator.username}}" # Username of the wordpress administrator
# password: # Password of the wordpress administrator
email: "{{users.administrator.email}}" # Email of the wordpress adminsitrator
title: "Blog" # Wordpress titel
credentials: # Credentials
administrator: # Wordpress administrator
username: "{{users.administrator.username}}" # Username of the wordpress administrator
# password: # Password of the wordpress administrator
email: "{{users.administrator.email}}" # Email of the wordpress adminsitrator
plugins:
discourse: false
oidc: true
features:
matomo: True # Enables Matomo tracking
css: False # Enables custom CSS styling
iframe: False # Allows embedding via iframe on landing page
oidc: True # Enables OpenID Connect (OIDC) authentication
database: True # Enables use of central database