mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2025-04-28 18:30:24 +02:00
Compare commits
9 Commits
5caf9180d1
...
74683bc1fc
| Author | SHA1 | Date | |
|---|---|---|---|
| 74683bc1fc | |||
| 762c564c61 | |||
| 93542ea34f | |||
| 87b176a7b7 | |||
| 26d89a9ac2 | |||
| 90b9422f65 | |||
| 490a215dce | |||
| eb405b4b25 | |||
| 401f748509 |
@ -35,5 +35,15 @@ oauth2_proxy_active: false
|
||||
#############################################
|
||||
### LDAP ###
|
||||
#############################################
|
||||
# Activate LDAP network for insecure communitation on localhot between different container instances. Set in vars/main.yml
|
||||
|
||||
|
||||
# Activate local LDAP network for communitation on localhot between different docker containers
|
||||
#
|
||||
# Set in vars/main.yml via:
|
||||
# ldap_network_enabled: "{{ldap.enabled}}"
|
||||
#
|
||||
# This leads to that the local ldap networks get enabled, if LDAP is enabled
|
||||
ldap_network_enabled: false
|
||||
|
||||
ldap:
|
||||
enabled: true # Enable or disable LDAP
|
||||
|
||||
@ -11,7 +11,7 @@ global_theming:
|
||||
# For dark mode: a dark, blue–gray background
|
||||
background_dark: "#2E3B4E"
|
||||
# For the text – true black
|
||||
text: "#000000"
|
||||
text: "#2E3B4E"
|
||||
# Accent color (e.g., for links or buttons) – a golden tone symbolizing the sun
|
||||
accent: "#FFD700"
|
||||
# As the positive/success color – a light, slightly grayish green (forest)
|
||||
|
||||
@ -2,7 +2,7 @@ application_id: "funkwhale"
|
||||
nginx_docker_reverse_proxy_extra_configuration: "client_max_body_size 512M;"
|
||||
database_password: "{{funkwhale_database_password}}"
|
||||
database_type: "postgres"
|
||||
ldap_network_enabled: true # Activate LDAP network
|
||||
ldap_network_enabled: "{{ldap.enabled}}"
|
||||
media_root: "/srv/funkwhale/data/"
|
||||
static_root: "{{media_root}}static"
|
||||
celeryd_concurrency: 1
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
application_id: "keycloak"
|
||||
database_type: "postgres"
|
||||
database_password: "{{keycloak_database_password}}"
|
||||
ldap_network_enabled: true # Activate LDAP network
|
||||
application_id: "keycloak"
|
||||
database_type: "postgres"
|
||||
database_password: "{{keycloak_database_password}}"
|
||||
ldap_network_enabled: "{{ldap.enabled}}"
|
||||
@ -11,4 +11,4 @@ oauth2_proxy_active: true
|
||||
|
||||
enable_wildcard_certificate: false # Activate dedicated Certificate
|
||||
|
||||
ldap_network_enabled: true # Activate LDAP network
|
||||
ldap_network_enabled: "{{ldap.enabled}}"
|
||||
@ -4,7 +4,7 @@ upstream mybb {
|
||||
|
||||
server {
|
||||
listen 80;
|
||||
error_log stderr debug;
|
||||
error_log /proc/self/fd/2 {% if enable_debug | bool %}debug{% else %}warn{% endif %};
|
||||
root /var/www/html;
|
||||
index index.html index.php;
|
||||
|
||||
|
||||
@ -117,6 +117,17 @@ docker-compose exec -it nextcloud_database_1 mysql -u nextcloud -pPASSWORD123413
|
||||
docker-compose exec -it -u www-data application /var/www/html/occ maintenance:mode --off
|
||||
```
|
||||
|
||||
---
|
||||
|
||||
# Identity and Access Management (IAM)
|
||||
|
||||
## OpenID Connect (OIDC) Support 🔐
|
||||
|
||||
OIDC is supported in this role—for example, via **Keycloak**. OIDC-specific tasks are included when enabled, allowing integration of external authentication providers seamlessly.
|
||||
|
||||
## LDAP
|
||||
|
||||
|
||||
---
|
||||
|
||||
## Architecture
|
||||
@ -156,12 +167,6 @@ docker-compose logs web --tail 1000 | grep 504
|
||||
- [Nextcloud Talk Plugin and Turnserver in Docker](https://forum.openmediavault.org/index.php?thread/31782-docker-nextcloud-talk-plugin-and-turnserver/)
|
||||
- [Nextcloud Talk on Docker: Turn Server Issues](https://help.nextcloud.com/t/nextcloud-talk-im-docker/container/turn-server-auf-docker-host-kein-video/84133/10)
|
||||
|
||||
---
|
||||
|
||||
## OIDC (OpenID Connect) Support 🔐
|
||||
|
||||
OIDC is supported in this role—for example, via **Keycloak**. OIDC-specific tasks are included when enabled, allowing integration of external authentication providers seamlessly.
|
||||
|
||||
---
|
||||
## Author
|
||||
|
||||
|
||||
5
roles/docker-nextcloud/handlers/main.yml
Normal file
5
roles/docker-nextcloud/handlers/main.yml
Normal file
@ -0,0 +1,5 @@
|
||||
---
|
||||
- name: restart docker nginx service
|
||||
command:
|
||||
cmd: "docker exec {{nextcloud_nginx_container_name}} nginx -s reload"
|
||||
listen: restart docker nginx service
|
||||
3
roles/docker-nextcloud/tasks/ldap.yml
Normal file
3
roles/docker-nextcloud/tasks/ldap.yml
Normal file
@ -0,0 +1,3 @@
|
||||
# @See https://docs.nextcloud.com/server/latest/admin_manual/configuration_user/user_auth_ldap.html
|
||||
# @See https://chatgpt.com/c/67aa2d21-cb4c-800f-b1be-8629b6bd3f55
|
||||
#docker compose exec -u www-data application php occ app:enable user_ldap
|
||||
@ -6,21 +6,25 @@
|
||||
- name: "include task certbot-and-globals.yml"
|
||||
include_tasks: certbot-and-globals.yml
|
||||
|
||||
- name: configure {{domain}}.conf
|
||||
- name: create nextcloud nginx proxy configuration file
|
||||
template:
|
||||
src: "templates/nextcloud.conf.j2"
|
||||
src: "proxy-nginx.conf.j2"
|
||||
dest: "{{nginx.directories.http.servers}}{{domain}}.conf"
|
||||
notify: restart nginx
|
||||
|
||||
- name: create nginx.conf
|
||||
- name: create internal nextcloud nginx configuration
|
||||
template:
|
||||
src: "templates/nginx.conf.j2"
|
||||
src: "internal-nginx.conf.j2"
|
||||
dest: "{{docker_compose.directories.volumes}}nginx.conf"
|
||||
notify: docker compose project setup
|
||||
notify: restart docker nginx service
|
||||
|
||||
- name: "copy docker-compose.yml and env file"
|
||||
include_tasks: copy-docker-compose-and-env.yml
|
||||
|
||||
- name: Include OIDC-specific tasks if OIDC client is active
|
||||
include_tasks: oidc_tasks.yml
|
||||
- name: Include OIDC-specific tasks
|
||||
include_tasks: oidc.yml
|
||||
when: oidc.enabled | bool
|
||||
|
||||
- name: Include LDAP specific tasks
|
||||
include_tasks: ldap.yml
|
||||
when: ldap.enabled | bool
|
||||
@ -15,7 +15,7 @@ services:
|
||||
|
||||
web:
|
||||
image: nginx:alpine
|
||||
container_name: nextcloud-web
|
||||
container_name: {{nextcloud_nginx_container_name}}
|
||||
logging:
|
||||
driver: journald
|
||||
restart: {{docker_restart_policy}}
|
||||
|
||||
@ -1,4 +1,5 @@
|
||||
# See https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/config_sample_php_parameters.html
|
||||
# @See https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/config_sample_php_parameters.html
|
||||
# @See https://github.com/nextcloud/docker/blob/master/README.md
|
||||
|
||||
# Database Configuration
|
||||
MYSQL_DATABASE= "{{database_name}}"
|
||||
@ -17,5 +18,5 @@ SMTP_NAME= {{system_email.username}}
|
||||
SMTP_PASSWORD= {{system_email.password}}
|
||||
|
||||
# Email from configuration
|
||||
MAIL_FROM_ADDRESS= no-reply
|
||||
MAIL_FROM_ADDRESS=no-reply
|
||||
MAIL_DOMAIN= {{system_email.domain}}
|
||||
194
roles/docker-nextcloud/templates/internal-new.conf.j2
Normal file
194
roles/docker-nextcloud/templates/internal-new.conf.j2
Normal file
@ -0,0 +1,194 @@
|
||||
# Internal configuration file for nextcloud
|
||||
|
||||
worker_processes auto;
|
||||
|
||||
# @see https://chatgpt.com/share/67aa3ce9-eea0-800f-85e8-ac54a3810b13
|
||||
error_log /proc/self/fd/2 warn;
|
||||
pid /var/run/nginx.pid;
|
||||
|
||||
|
||||
events {
|
||||
worker_connections 1024;
|
||||
}
|
||||
|
||||
http {
|
||||
include /etc/nginx/mime.types;
|
||||
default_type application/octet-stream;
|
||||
types {
|
||||
application/javascript mjs;
|
||||
}
|
||||
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
|
||||
'$status $body_bytes_sent "$http_referer" '
|
||||
'"$http_user_agent" "$http_x_forwarded_for"';
|
||||
|
||||
access_log /proc/self/fd/1 main;
|
||||
|
||||
sendfile on;
|
||||
#tcp_nopush on;
|
||||
|
||||
keepalive_timeout 65;
|
||||
fastcgi_send_timeout 900s;
|
||||
fastcgi_read_timeout 900s;
|
||||
proxy_buffering off;
|
||||
|
||||
#gzip on;
|
||||
|
||||
upstream php-handler {
|
||||
server application:9000;
|
||||
}
|
||||
|
||||
# Set the `immutable` cache control options only for assets with a cache busting `v` argument
|
||||
map $arg_v $asset_immutable {
|
||||
"" "";
|
||||
default ", immutable";
|
||||
}
|
||||
|
||||
server {
|
||||
listen 80;
|
||||
|
||||
# HSTS settings
|
||||
# WARNING: Only add the preload option once you read about
|
||||
# the consequences in https://hstspreload.org/. This option
|
||||
# will add the domain to a hardcoded list that is shipped
|
||||
# in all major browsers and getting removed from this list
|
||||
# could take several months.
|
||||
#add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always;
|
||||
|
||||
# set max upload size
|
||||
client_max_body_size 512M;
|
||||
fastcgi_buffers 64 4K;
|
||||
|
||||
# Enable gzip but do not remove ETag headers
|
||||
gzip on;
|
||||
gzip_vary on;
|
||||
gzip_comp_level 4;
|
||||
gzip_min_length 256;
|
||||
gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
|
||||
gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;
|
||||
|
||||
# Pagespeed is not supported by Nextcloud, so if your server is built
|
||||
# with the `ngx_pagespeed` module, uncomment this line to disable it.
|
||||
#pagespeed off;
|
||||
|
||||
# HTTP response headers borrowed from Nextcloud `.htaccess`
|
||||
add_header Referrer-Policy "no-referrer" always;
|
||||
add_header X-Content-Type-Options "nosniff" always;
|
||||
add_header X-Download-Options "noopen" always;
|
||||
add_header X-Frame-Options "SAMEORIGIN" always;
|
||||
add_header X-Permitted-Cross-Domain-Policies "none" always;
|
||||
add_header X-Robots-Tag "noindex, nofollow" always;
|
||||
add_header X-XSS-Protection "1; mode=block" always;
|
||||
|
||||
# Remove X-Powered-By, which is an information leak
|
||||
fastcgi_hide_header X-Powered-By;
|
||||
|
||||
# Path to the root of your installation
|
||||
root /var/www/html;
|
||||
|
||||
# Specify how to handle directories -- specifying `/index.php$request_uri`
|
||||
# here as the fallback means that Nginx always exhibits the desired behaviour
|
||||
# when a client requests a path that corresponds to a directory that exists
|
||||
# on the server. In particular, if that directory contains an index.php file,
|
||||
# that file is correctly served; if it doesn't, then the request is passed to
|
||||
# the front-end controller. This consistent behaviour means that we don't need
|
||||
# to specify custom rules for certain paths (e.g. images and other assets,
|
||||
# `/updater`, `/ocm-provider`, `/ocs-provider`), and thus
|
||||
# `try_files $uri $uri/ /index.php$request_uri`
|
||||
# always provides the desired behaviour.
|
||||
index index.php index.html /index.php$request_uri;
|
||||
|
||||
# Rule borrowed from `.htaccess` to handle Microsoft DAV clients
|
||||
location = / {
|
||||
if ( $http_user_agent ~ ^DavClnt ) {
|
||||
return 302 /remote.php/webdav/$is_args$args;
|
||||
}
|
||||
}
|
||||
|
||||
location = /robots.txt {
|
||||
allow all;
|
||||
log_not_found off;
|
||||
access_log off;
|
||||
}
|
||||
|
||||
# Make a regex exception for `/.well-known` so that clients can still
|
||||
# access it despite the existence of the regex rule
|
||||
# `location ~ /(\.|autotest|...)` which would otherwise handle requests
|
||||
# for `/.well-known`.
|
||||
location ^~ /.well-known {
|
||||
# The rules in this block are an adaptation of the rules
|
||||
# in `.htaccess` that concern `/.well-known`.
|
||||
|
||||
location = /.well-known/carddav { return 301 /remote.php/dav/; }
|
||||
location = /.well-known/caldav { return 301 /remote.php/dav/; }
|
||||
location = /.well-known/webfinger { return 301 /index.php/.well-known/webfinger; }
|
||||
location = /.well-known/nodeinfo { return 301 /index.php/.well-known/nodeinfo; }
|
||||
|
||||
location /.well-known/acme-challenge { try_files $uri $uri/ =404; }
|
||||
location /.well-known/pki-validation { try_files $uri $uri/ =404; }
|
||||
|
||||
# Let Nextcloud's API for `/.well-known` URIs handle all other
|
||||
# requests by passing them to the front-end controller.
|
||||
return 301 /index.php$request_uri;
|
||||
}
|
||||
|
||||
# Rules borrowed from `.htaccess` to hide certain paths from clients
|
||||
location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)(?:$|/) { return 404; }
|
||||
location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) { return 404; }
|
||||
|
||||
# Ensure this block, which passes PHP files to the PHP process, is above the blocks
|
||||
# which handle static assets (as seen below). If this block is not declared first,
|
||||
# then Nginx will encounter an infinite rewriting loop when it prepends `/index.php`
|
||||
# to the URI, resulting in a HTTP 500 error response.
|
||||
location ~ \.php(?:$|/) {
|
||||
# Required for legacy support
|
||||
# Added due to this error: https://help.nextcloud.com/t/ldap-ad-authnetication-500-error-on-ajax-request/107168/3
|
||||
#rewrite ^/(?!index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|ocs-provider\/.+|.+\/richdocumentscode(_arm64)?\/proxy) /index.php$request_uri;
|
||||
|
||||
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
|
||||
set $path_info $fastcgi_path_info;
|
||||
|
||||
try_files $fastcgi_script_name =404;
|
||||
|
||||
include fastcgi_params;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_param PATH_INFO $path_info;
|
||||
#fastcgi_param HTTPS on;
|
||||
|
||||
fastcgi_param modHeadersAvailable true; # Avoid sending the security headers twice
|
||||
fastcgi_param front_controller_active true; # Enable pretty urls
|
||||
fastcgi_pass php-handler;
|
||||
|
||||
fastcgi_intercept_errors on;
|
||||
fastcgi_request_buffering off;
|
||||
}
|
||||
|
||||
# Serve static files
|
||||
location ~ \.(?:css|js|mjs|svg|gif|ico|jpg|png|webp|wasm|tflite|map|ogg|flac)$ {
|
||||
try_files $uri /index.php$request_uri;
|
||||
# HTTP response headers borrowed from Nextcloud `.htaccess`
|
||||
add_header Cache-Control "public, max-age=15778463$asset_immutable";
|
||||
add_header Referrer-Policy "no-referrer" always;
|
||||
add_header X-Content-Type-Options "nosniff" always;
|
||||
add_header X-Frame-Options "SAMEORIGIN" always;
|
||||
add_header X-Permitted-Cross-Domain-Policies "none" always;
|
||||
add_header X-Robots-Tag "noindex, nofollow" always;
|
||||
add_header X-XSS-Protection "1; mode=block" always;
|
||||
access_log off; # Optional: Don't log access to assets
|
||||
}
|
||||
|
||||
location ~ \.(otf|woff2?)$ {
|
||||
try_files $uri /index.php$request_uri;
|
||||
expires 7d; # Cache-Control policy borrowed from `.htaccess`
|
||||
access_log off; # Optional: Don't log access to assets
|
||||
}
|
||||
|
||||
# Rule borrowed from `.htaccess`
|
||||
location /remote {
|
||||
return 301 /remote.php$request_uri;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri $uri/ /index.php$request_uri;
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -1,6 +1,11 @@
|
||||
# Internal configuration file for nextcloud
|
||||
# Verify time by time, that this rules are valid:
|
||||
# https://docs.nextcloud.com/server/latest/admin_manual/installation/nginx.html
|
||||
|
||||
worker_processes auto;
|
||||
|
||||
error_log /var/log/nginx/error.log warn;
|
||||
# @see https://chatgpt.com/share/67aa3ce9-eea0-800f-85e8-ac54a3810b13
|
||||
error_log /proc/self/fd/2 {% if enable_debug | bool %}debug{% else %}warn{% endif %};
|
||||
pid /var/run/nginx.pid;
|
||||
|
||||
|
||||
@ -19,7 +24,7 @@ http {
|
||||
'$status $body_bytes_sent "$http_referer" '
|
||||
'"$http_user_agent" "$http_x_forwarded_for"';
|
||||
|
||||
access_log /var/log/nginx/access.log main;
|
||||
access_log /proc/self/fd/1 main;
|
||||
|
||||
sendfile on;
|
||||
#tcp_nopush on;
|
||||
@ -132,6 +137,10 @@ http {
|
||||
# then Nginx will encounter an infinite rewriting loop when it prepends `/index.php`
|
||||
# to the URI, resulting in a HTTP 500 error response.
|
||||
location ~ \.php(?:$|/) {
|
||||
# Required for legacy support
|
||||
# Added due to this error: https://help.nextcloud.com/t/ldap-ad-authnetication-500-error-on-ajax-request/107168/3
|
||||
rewrite ^/(?!index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|ocs-provider\/.+|.+\/richdocumentscode(_arm64)?\/proxy) /index.php$request_uri;
|
||||
|
||||
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
|
||||
set $path_info $fastcgi_path_info;
|
||||
|
||||
@ -150,13 +159,13 @@ http {
|
||||
fastcgi_request_buffering off;
|
||||
}
|
||||
|
||||
location ~ \.(?:css|js|svg|gif)$ {
|
||||
location ~ \.(?:css|js|mjs|svg|gif|ico|jpg|png|webp|wasm|tflite|map|ogg|flac)$ {
|
||||
try_files $uri /index.php$request_uri;
|
||||
expires 6M; # Cache-Control policy borrowed from `.htaccess`
|
||||
access_log off; # Optional: Don't log access to assets
|
||||
}
|
||||
|
||||
location ~ \.woff2?$ {
|
||||
location ~ \.(otf|woff2?)$ {
|
||||
try_files $uri /index.php$request_uri;
|
||||
expires 7d; # Cache-Control policy borrowed from `.htaccess`
|
||||
access_log off; # Optional: Don't log access to assets
|
||||
@ -1,3 +1,5 @@
|
||||
# This is the nginx configuration file for the proxy server
|
||||
|
||||
server
|
||||
{
|
||||
server_name {{domain}};
|
||||
@ -3,3 +3,5 @@ application_id: "nextcloud"
|
||||
database_password: "{{nextcloud_database_password}}"
|
||||
database_type: "mariadb"
|
||||
nextcloud_application_container_name: "nextcloud-application"
|
||||
nextcloud_nginx_container_name: "nextcloud-web"
|
||||
ldap_network_enabled: "{{ldap.enabled}}"
|
||||
@ -15,4 +15,4 @@ dummy_volume: "{{docker_compose.directories.volu
|
||||
oauth2_proxy_upstream_application_and_port: "proxy:80"
|
||||
oauth2_proxy_active: true
|
||||
|
||||
ldap_network_enabled: true # Activate LDAP network
|
||||
ldap_network_enabled: "{{ldap.enabled}}"
|
||||
@ -36,6 +36,24 @@
|
||||
--bs-btn-color: var(--background-dark-color);
|
||||
}
|
||||
|
||||
/** Mastodon Overrides **/
|
||||
:root{
|
||||
--surface-variant-background-color: var(--button-bg-color)
|
||||
}
|
||||
|
||||
/** Nextcloud Specific**/
|
||||
:root{
|
||||
--color-main-background: var(--background-color);
|
||||
--color-main-background-rgb: var(--background-color);
|
||||
--color-primary-element: var(--button-bg-color);
|
||||
--color-main-text: var(--background-dark-color);
|
||||
--color-background-hover: var(--secondary-color);
|
||||
|
||||
/** Calendar **/
|
||||
--color-background-dark: var(--info-color); /** Days which aren't in the current month **/
|
||||
--color-primary-element-light: var(--secondary-color);
|
||||
}
|
||||
|
||||
/* Peertube Overrides */
|
||||
:root {
|
||||
--mainColor: var(--primary-color);
|
||||
@ -60,7 +78,6 @@ button, .btn {
|
||||
background-color: var(--button-bg-color) !important;
|
||||
color: var(--primary-color) !important;
|
||||
border-color: var(--border-color) !important;
|
||||
box-shadow: var(--small-shadow) !important;
|
||||
cursor: pointer;
|
||||
}
|
||||
|
||||
@ -94,7 +111,7 @@ input, textarea, select {
|
||||
}
|
||||
input:focus, textarea:focus, select:focus {
|
||||
border-color: var(--primary-color) !important;
|
||||
box-shadow: 0 0 5px var(--shadow-color);
|
||||
/** box-shadow: 0 0 5px var(--shadow-color);**/
|
||||
}
|
||||
|
||||
/* Navigation (Background and Text Colors) */
|
||||
@ -119,25 +136,22 @@ input:focus, textarea:focus, select:focus {
|
||||
th, td {
|
||||
border-color: var(--border-color) !important;
|
||||
}
|
||||
|
||||
thead {
|
||||
background-color: var(--primary-color);
|
||||
color: var(--background-dark-color);
|
||||
background-color: var(--button-bg-color) !important;
|
||||
color: var(--background-dark-color) !important;
|
||||
}
|
||||
|
||||
/* Cards / Containers (Background, Border, and Shadow)
|
||||
Cards now use a slightly lighter background and a bold, clear shadow */
|
||||
.card {
|
||||
background-color: var(--card-bg-color) !important;
|
||||
box-shadow: var(--large-shadow) !important;
|
||||
/** box-shadow: var(--large-shadow) !important;**/
|
||||
border-color: var(--border-color) !important;
|
||||
}
|
||||
|
||||
/* Headings (Text Color) */
|
||||
h1, h2 {
|
||||
color: var(--text-color);
|
||||
}
|
||||
|
||||
div#mastodon p{
|
||||
h1, h2, h3, h4, h5, h6, p{
|
||||
color: var(--background-dark-color) !important;
|
||||
}
|
||||
|
||||
@ -146,7 +160,7 @@ div#mastodon p{
|
||||
.nav-item .dropdown-menu {
|
||||
background-color: var(--background-color) !important;
|
||||
color: var(--text-color) !important;
|
||||
box-shadow: 0 4px 20px rgba(0, 0, 0, 0.3);
|
||||
/**box-shadow: 0 4px 20px rgba(0, 0, 0, 0.3);**/
|
||||
}
|
||||
|
||||
.dropdown-item {
|
||||
@ -164,29 +178,43 @@ div#mastodon p{
|
||||
button.icon-button {
|
||||
color: var(--button-text-color) !important;
|
||||
}
|
||||
/** Mastodon Specific **/
|
||||
div#mastodon div.compose-panel div.compose-form__highlightable{
|
||||
background-color: var(--background-color) !important;
|
||||
}
|
||||
|
||||
/* Dark Mode Adjustments (Background and Text Colors) */
|
||||
@media (prefers-color-scheme: dark) {
|
||||
h1, h2 {
|
||||
color: #ffffff !important;
|
||||
text-shadow: 2px 2px 5px rgba(255, 255, 255, 0.3);
|
||||
}
|
||||
body {
|
||||
background-color: var(--background-dark-color) !important;
|
||||
color: var(--text-color) !important;
|
||||
}
|
||||
input, textarea, select {
|
||||
color: var(--button-text-color) !important;
|
||||
background-color: var(--background-dark-color) !important;
|
||||
}
|
||||
div#mastodon p{
|
||||
color: var(--button-text-color) !important;
|
||||
}
|
||||
div#mastodon strong{
|
||||
color: var(--background-dark-color) !important;
|
||||
}
|
||||
|
||||
/** Nextcloud specific **/
|
||||
button.files-list__row-name-link, button.button-vue{
|
||||
html.ng-csp header#header{
|
||||
color: var(--background-color) !important;
|
||||
background-color: var(--button-bg-color) !important;
|
||||
}
|
||||
|
||||
html.ng-csp button.files-list__row-name-link, html.ng-csp button.button-vue{
|
||||
background-color: transparent !important;
|
||||
color: background-color: var(--button-bg-color) !important;
|
||||
}
|
||||
|
||||
div#content-vue p, div#content-vue span{
|
||||
color: var(--background-dark-color) !important;
|
||||
}
|
||||
|
||||
/** OpenProject **/
|
||||
header.op-app-header{
|
||||
background-color: var(--background-dark-color) !important;
|
||||
color: var(--text-color) !important;
|
||||
}
|
||||
|
||||
/** Open Project **/
|
||||
div#wrapper button, div#wrapper input, button.top-menu-search-button, div.menu-sidebar a{
|
||||
background-color: transparent !important;
|
||||
}
|
||||
|
||||
main-menu-toggle button{
|
||||
border: 0px none !important;
|
||||
}
|
||||
|
||||
/* Peertube specific configuration */
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user