# Docker Applications ## Docker Role Specific Parameters docker_restart_policy: "unless-stopped" ############################################## ## Applications Configuration ############################################## # Keep in mind, that this configuration should in general just apply to the roles which set the applications up. # If other applications depend on this variables, propably it makes sense to define it in e.g. IMA or other variable files. # helper _applications_nextcloud_ldap_enabled: "{{ applications.nextcloud.ldap.enabled | default(true) }}" _applications_nextcloud_oidc_enabled: "{{ applications.nextcloud.oidc.enabled | default(true) }}" _applications_nextcloud_oidc_flavor: "{{ applications.nextcloud.oidc.flavor | default('oidc_login' if _applications_nextcloud_ldap_enabled else 'sociallogin') }}" defaults_applications: ## Akaunting akaunting: version: "latest" company_name: "{{primary_domain}}" company_email: "{{users.administrator.email}}" setup_admin_email: "{{users.administrator.email}}" database: central_storage: True matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe ## Assets Server assets_server: source_directory: "{{ playbook_dir }}/assets" # Directory from which the assets will be copied url: "https://{{domains.file_server}}/assets}}" # Public address of the assets directory ## Attendize attendize: version: "latest" database: central_storage: True matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe ## Baserow baserow: version: "latest" database: central_storage: True matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe ## Big Blue Button bigbluebutton: enable_greenlight: "true" setup: false # Set to true in inventory file for initial setup oidc: enabled: true # Activate OIDC database: central_storage: True ldap: enabled: False # @todo LDAP needs to get propper implemented and tested, just set values during refactoring matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe ## Bluesky bluesky: users: administrator: email: "{{users.administrator.email}}" pds: version: "latest" #jwt_secret: # Needs to be defined in inventory file - Use: openssl rand -base64 64 | tr -d '\n' #plc_rotation_key_k256_private_key_hex: # Needs to be defined in inventory file - Use: openssl rand -hex 32 #admin_password: # Needs to be defined in inventory file - Use: openssl rand -base64 16 database: central_storage: True matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe coturn: # @todo implement credentials: user: turnuser # password: # Need to be defined in invetory file # secret: # Need to be defined in invetory file ## Discourse: discourse: network: "discourse_default" # Name of the docker network container: "discourse_application" # Name of the container application repository: "discourse_repository" # Name of the repository folder # database_password: # Needs to be defined in inventory file oidc: enabled: true # Activate OIDC database: central_storage: True # Activate Central Database Storage matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe ## File Server file_server: matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style landingpage_iframe_enabled: "true" # Landingpage should be embeded in portfolio ## Friendica friendica: version: "latest" oidc: enabled: true # Activate OIDC. Plugin is not working yet database: central_storage: True # Activate Central Database Storage matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe ## Funkwhale funkwhale: version: "1.4.0" ldap: enabled: True # Enables LDAP by default @todo check implementation database: central_storage: True # Activate Central Database Storage matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe ## Gitea gitea: version: "latest" # Use latest docker image database: central_storage: True # Activate Central Database Storage configuration: repository: enable_push_create_user: True # Allow users to push local repositories to Gitea and have them automatically created for a user. default_private: last # Default private when creating a new repository: last, private, public default_push_create_private: True # Default private when creating a new repository with push-to-create. matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe ## Gitlab gitlab: version: "latest" database: central_storage: True # Activate Central Database Storage matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe ## Joomla joomla: version: "latest" matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe ## HTML Server html_server: matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style landingpage_iframe_enabled: "true" # Landingpage should be embeded in portfolio ## Keycloak keycloak: version: "latest" users: administrator: username: "{{users.administrator.username}}" # Administrator Username for Keycloak ldap: enabled: True # Enables LDAP by default import_realm: True # If True realm will be imported. If false skip. database: central_storage: True # Activate Central Database Storage # database_password: # Needs to be defined in inventory file # administrator_password: # Needs to be defined in inventory file matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style landingpage_iframe_enabled: false # Disabled by default, because it leads to authentification problems ## LDAP ldap: lam: version: "latest" administrator_password: "{{users.administrator.initial_password}}" # CHANGE for security reasons openldap: version: "latest" network: local: True # Activates local network to allow other docker containers to connect public: False # Set to true in inventory file if you want to expose the LDAP port to the internet hostname: "openldap" # Hostname of the LDAP Server in the central_ldap network phpldapadmin: version: "2.0.0-dev" # @todo Attention: Change this as fast as released to latest webinterface: "lam" # The webinterface which should be used. Possible: lam and phpldapadmin users: administrator: username: "{{users.administrator.username}}" ldap: enabled: True # Should have the same value as applications.ldap.openldap.network.local. oauth2_proxy: enabled: true # Activate the OAuth2 Proxy for the LDAP Webinterface application: lam # Needs to be the same as webinterface port: 80 # If you use phpldapadmin set it to 8080 # cookie_secret: None # Set via openssl rand -hex 16 database: central_storage: false # LDAP doesn't use an database in the current configuration. Propably a good idea to implement one later. # administrator_password: # CHANGE for security reasons in inventory file # administrator_database_password: # CHANGE for security reasons in inventory file force_import: False # Forces the import of the LDIF files matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe ## Listmonk listmonk: users: administrator: username: "{{users.administrator.username}}" # Listmonk administrator account username public_api_activated: False # Security hole. Can be used for spaming version: "latest" # Docker Image version setup: false # Set true in inventory file to execute the setup and initializing procedures database: central_storage: True # Activate Central Database Storage matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe mailu: version: "2024.06" # Docker Image Version setup: false # Set true in inventory file to execute the setup and initializing procedures oidc: enabled: true # Activate OIDC for Mailu domain: "{{primary_domain}}" # The main domain from which mails will be send \ email suffix behind @ # I don't know why the database deactivation is necessary database: central_storage: False # Deactivate central database for mailu credentials: # secret_key: # Set to a randomly generated 16 bytes string # database_password: # Needs to be set in inventory file # api_token: # Configures the authentication token. The minimum length is 3 characters. This is a mandatory setting for using the RESTful API. # initial_administrator_password: # Initial administrator password for setup matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style landingpage_iframe_enabled: true # Default enabled because working well in iframe ## MariaDB mariadb: version: "latest" ## Matomo matomo: version: "latest" oauth2_proxy: enabled: false # Deactivated atm. @todo implement # cookie_secret: None # Set via openssl rand -hex 16 # database_password: Null # Needs to be set in inventory file # auth_token: Null # Needs to be set in inventory file database: central_storage: True # Activate Central Database Storage matomo_tracking_enabled: false # Activate in inventory file if you want to have the statistics, as soon as matomo is running css_enabled: false # Not optimized yet for matomo landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe ## Mastodon mastodon: version: "latest" single_user_mode: false # Set true for initial setup setup: false # Set true in inventory file to execute the setup and initializing procedures database: central_storage: True # Activate Central Database Storage oidc: enabled: True # Activate OIDC for Mastodon credentials: # Check out the README.md of the docker-mastodon role to get detailled instructions about how to setup the credentials # database_password: # secret_key_base: # otp_secret: # vapid: # private_key: # public_key: # active_record_encryption: # deterministic_key: # key_derivation_salt: # primary_key: matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe ## Matrix matrix: users: administrator: username: "{{users.administrator.username}}" # Accountname of the matrix admin playbook_tags: "setup-all,start" # For the initial update use: install-all,ensure-matrix-users-created,start role: "compose" # Role to setup Matrix. Valid values: ansible, compose server_name: "{{primary_domain}}" # Adress for the account names etc. synapse: version: "latest" element: version: "latest" setup: false # Set true in inventory file to execute the setup and initializing procedures database: central_storage: True # Activate Central Database Storage oidc: enabled: False # Deactivated OIDC due to this issue https://github.com/matrix-org/synapse/issues/10492 matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe ## Moodle moodle: site_titel: "Global Learning Academy on {{primary_domain}}" users: administrator: username: "{{users.administrator.username}}" email: "{{users.administrator.email}}" version: "latest" database: central_storage: True # Activate Central Database Storage matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe ## MyBB mybb: version: "latest" database: central_storage: True # Activate Central Database Storage matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe ## Nextcloud nextcloud: version: "production" # @see https://nextcloud.com/blog/nextcloud-release-channels-and-how-to-track-them/ ldap: enabled: True # Enables LDAP by default oidc: enabled: "{{ _applications_nextcloud_oidc_enabled }}" # Activate OIDC for Nextcloud # floavor decides which OICD plugin should be used. # Available options: oidc_login, sociallogin # @see https://apps.nextcloud.com/apps/oidc_login # @see https://apps.nextcloud.com/apps/sociallogin flavor: "oidc_login" # Keeping on sociallogin because the other option is not implemented yet matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe database: central_storage: True # Activate Central Database Storage credentials: # database_password: Null # Needs to be set in inventory file users: administrator: username: "{{users.administrator.username}}" initial_password: "{{users.administrator.initial_password}}" # Keep in mind to change the password fast after creation and activate 2FA default_quota: '1000000000' # Quota to assign if no quota is specified in the OIDC response (bytes) legacy_login_mask: enabled: False # If true, then legacy login mask is shown. Otherwise just SSO container: application: "nextcloud-application" # Nextcloud application container name proxy: "nextcloud-web" # Nextcloud Proxy Container Name performance: php: memory_limit: "{{ ((ansible_memtotal_mb | int) / 30)|int }}M" # Dynamic set memory limit upload_limit: "5G" # Set upload limit to 5GB for big media files opcache_memory_consumption: "{{ ((ansible_memtotal_mb | int) / 30)|int }}M" # Dynamic set memory consumption plugins: # List for Nextcloud Plugin Routine # Decides if plugins should be activated or deactivated appointments: # Nextcloud appointments: handles scheduling and appointment management (https://apps.nextcloud.com/apps/appointments) enabled: true bbb: # Nextcloud BigBlueButton integration: enables video conferencing using BigBlueButton (https://apps.nextcloud.com/apps/bbb) enabled: "{{ 'bigbluebutton' in group_names | lower }}" #- bookmarks # # Nextcloud Bookmarks: manage and share your bookmarks easily (https://apps.nextcloud.com/apps/bookmarks) # enabled: false calendar: # Nextcloud calendar: manages calendar events and scheduling (https://apps.nextcloud.com/apps/calendar) enabled: true cfg_share_links: # Nextcloud share links configuration: customizes sharing settings and link options (https://apps.nextcloud.com/apps/cfg_share_links) enabled: true collectives: # Nextcloud collectives: supports collaborative group management and sharing (https://apps.nextcloud.com/apps/collectives) enabled: true contacts: # Nextcloud contacts: manages address book and contact information (https://apps.nextcloud.com/apps/contacts) enabled: true cospend: # Nextcloud cospend: manages shared expenses and spending tracking (https://apps.nextcloud.com/apps/cospend) enabled: true deck: # Nextcloud Deck: organizes tasks and projects using Kanban boards (https://apps.nextcloud.com/apps/deck) # When Taiga is activated, this plugin is deactivated, because Taiga is the prefered application. enabled: "{{ 'taiga' not in group_names | lower }}" drawio: # Nextcloud draw.io: integrates diagram creation and editing tools (https://apps.nextcloud.com/apps/drawio) enabled: true duplicatefinder: # Nextcloud duplicate finder: scans and identifies duplicate files (https://apps.nextcloud.com/apps/duplicatefinder) enabled: true emlviewer: # Nextcloud EML Viewer: previews and manages EML email files (https://apps.nextcloud.com/apps/emlviewer) enabled: true event_update_notification: # Nextcloud event update notification: sends alerts when events are updated (https://apps.nextcloud.com/apps/event_update_notification) enabled: true epubviewer: # Nextcloud EPUB Viewer: enables reading and previewing EPUB e-books (https://apps.nextcloud.com/apps/epubviewer) enabled: true external: # Nextcloud External: Adds links to external services (https://apps.nextcloud.com/apps/external) enabled: true #files_accesscontrol # # Nextcloud Files Access Control: restricts file access based on defined rules (https://apps.nextcloud.com/apps/files_accesscontrol) # enabled: false #files_archive # # Nextcloud Files Archive: compresses and archives files for efficient storage (https://apps.nextcloud.com/apps/files_archive) # enabled: false #files_automatedtagging # # Nextcloud Files Automated Tagging: automatically tags files to improve organization (https://apps.nextcloud.com/apps/files_automatedtagging) # enabled: false files_bpm: # Nextcloud Files BPM: integrates business process management for file workflows (https://apps.nextcloud.com/apps/files_bpm) enabled: true files_downloadactivity: # Nextcloud Files Download Activity: tracks and logs file download events (https://apps.nextcloud.com/apps/files_downloadactivity) enabled: true files_linkeditor: # Nextcloud files link editor: allows customization of shared file links (https://apps.nextcloud.com/apps/files_linkeditor) enabled: true files_mindmap: # Nextcloud Files Mindmap: visualizes file relationships as mind maps (https://apps.nextcloud.com/apps/files_mindmap) enabled: true files_texteditor: # Nextcloud Files Text Editor: provides an online editor for text files (https://apps.nextcloud.com/apps/files_texteditor) # Not available for Nextcloud < 27 enabled: false fileslibreofficeedit: # Nextcloud LibreOffice integration: allows online editing of documents with LibreOffice (https://apps.nextcloud.com/apps/fileslibreofficeedit) enabled: true forms: # Nextcloud forms: facilitates creation of forms and surveys (https://apps.nextcloud.com/apps/forms) enabled: true gestion: # Nextcloud Gestion: manages administrative tasks and workflows (https://apps.nextcloud.com/apps/gestion) enabled: true groupfolders: # Nextcloud Group Folders: centralizes shared folders for group collaboration (https://apps.nextcloud.com/apps/groupfolders) enabled: true gpxpod: # Nextcloud GPX pod: visualizes GPS tracks and GPX data (https://apps.nextcloud.com/apps/gpxpod) enabled: true integration_discourse: # Nextcloud Integration Discourse: connects Nextcloud with Discourse forums (https://apps.nextcloud.com/apps/integration_discourse) enabled: false integration_gitlab: # Nextcloud Integration GitLab: connects Nextcloud with GitLab repositories (https://apps.nextcloud.com/apps/integration_gitlab) enabled: "{{ 'gitlab' in group_names in group_names | lower }}" integration_github: # Nextcloud Integration GitHub: integrates GitHub repositories with Nextcloud (https://apps.nextcloud.com/apps/integration_github) enabled: false integration_google: # Nextcloud Integration Google: connects Google services with Nextcloud (https://apps.nextcloud.com/apps/integration_google) enabled: true integration_mastodon: # Nextcloud Integration Mastodon: connects Nextcloud with the Mastodon social network (https://apps.nextcloud.com/apps/integration_mastodon) enabled: "{{ 'mastodon' in group_names | lower }}" integration_openai: # Nextcloud Integration OpenAI: brings OpenAI functionalities into Nextcloud (https://apps.nextcloud.com/apps/integration_openai) enabled: false integration_openproject: # Nextcloud Integration OpenProject: integrates project management features from OpenProject (https://apps.nextcloud.com/apps/integration_openproject) enabled: "{{ 'openproject' in group_names | lower }}" integration_peertube: # Nextcloud Integration PeerTube: connects to PeerTube for video sharing (https://apps.nextcloud.com/apps/integration_peertube) enabled: "{{ 'peertube' in group_names | lower }}" #keeweb # # Nextcloud KeeWeb: integrates the KeeWeb password manager within Nextcloud (https://apps.nextcloud.com/apps/keeweb) # # This isn't maintained anymore. The alternatives don't support keepass files # enabled: false keeporsweep: # Nextcloud keep or sweep: helps manage and clean up files and data (https://apps.nextcloud.com/apps/keeporsweep) enabled: true mail: # Nextcloud mail: integrated email client for managing mail accounts (https://apps.nextcloud.com/apps/mail) enabled: true maps: # Nextcloud maps: provides mapping and location services integration (https://apps.nextcloud.com/apps/maps) enabled: true metadata: # Nextcloud Metadata: manages and displays file metadata for enhanced organization (https://apps.nextcloud.com/apps/metadata) enabled: true news: # Nextcloud News: aggregates and displays news feeds directly in Nextcloud (https://apps.nextcloud.com/apps/news) enabled: true oidc_login: # Nextcloud User OIDC: integrates OpenID Connect for user authentication (https://apps.nextcloud.com/apps/oidc_login) enabled: "{{ _applications_nextcloud_oidc_flavor=='oidc_login' | lower }}" incompatible_plugins: - user_oidc # Will be disabled - sociallogin # Will be disabled phonetrack: # Nextcloud phone track: tracks and monitors mobile device usage (https://apps.nextcloud.com/apps/phonetrack) enabled: true polls: # Nextcloud polls: facilitates creation and management of user polls (https://apps.nextcloud.com/apps/polls) enabled: true quota_warning: # Nextcloud quota warning: notifies users when storage limits are reached (https://apps.nextcloud.com/apps/quota_warning) enabled: true recognize: # Nextcloud recognize: performs image recognition tasks (https://apps.nextcloud.com/apps/recognize) enabled: false # Deactivated because it let to bugs richdocuments: # Nextcloud Rich Documents: provides collaborative document editing capabilities (https://apps.nextcloud.com/apps/richdocuments) enabled: false # @todo To set it default to true activate https://hub.docker.com/r/collabora/code before sociallogin: # Nextcloud social login: allows authentication using social networks (https://apps.nextcloud.com/apps/sociallogin) enabled: "{{ _applications_nextcloud_oidc_flavor=='sociallogin' | lower }}" incompatible_plugins: - user_oidc # Will be disabled - oidc_login # Will be disabled spreed: # Nextcloud Spreed: offers video conferencing and chat functionalities (https://apps.nextcloud.com/apps/spreed) enabled: false # @todo to activate it first implement docker-coturn and activate it tables: # Nextcloud tables: allows creation and editing of tables within the interface (https://apps.nextcloud.com/apps/tables) enabled: true tasks: # Nextcloud tasks: manages personal or group tasks and to-do lists (https://apps.nextcloud.com/apps/tasks) enabled: true #terms_of_service # # Nextcloud Terms of Service: manages user acceptance of terms and conditions (https://apps.nextcloud.com/apps/terms_of_service) # enabled: false twofactor_nextcloud_notification: # Nextcloud two-factor notification: sends notifications for two-factor authentication events (https://apps.nextcloud.com/apps/twofactor_nextcloud_notification) enabled: "{{ (not _applications_nextcloud_oidc_enabled) | lower }}" # Deactivate 2FA if oidc is active twofactor_totp: # Nextcloud two-factor TOTP: provides time-based one-time password authentication (https://apps.nextcloud.com/apps/twofactor_totp) enabled: "{{ (not _applications_nextcloud_oidc_enabled) | lower }}" # Deactivate 2FA if oidc is active user_ldap: # Nextcloud user LDAP: integrates LDAP for user management and authentication (https://apps.nextcloud.com/apps/user_ldap) enabled: "{{ _applications_nextcloud_ldap_enabled | lower }}" user_oidc: # Nextcloud User OIDC: integrates OpenID Connect for user authentication (https://apps.nextcloud.com/apps/user_oidc) enabled: "{{ _applications_nextcloud_oidc_flavor=='user_oidc' | lower }}" incompatible_plugins: - oidc_login - sociallogin whiteboard: # Nextcloud Whiteboard: provides a collaborative drawing and brainstorming tool (https://apps.nextcloud.com/apps/whiteboard) enabled: true ## OAuth2 Proxy oauth2_proxy: configuration_file: "oauth2-proxy-keycloak.cfg" # Needs to be set true in the roles which use it version: "latest" # Docker Image version redirect_url: "https://{{domains.keycloak}}/auth/realms/{{primary_domain}}/protocol/openid-connect/auth" # The redirect URL for the OAuth2 flow. It should match the redirect URL configured in Keycloak. allowed_roles: admin # Restrict it default to admin role. Use the vars/main.yml to open the specific role for other groups matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe ## Open Project openproject: version: "13" # Update when available. Sadly no rolling release implemented oauth2_proxy: enabled: true # OpenProject doesn't support OIDC, so this procy in combination with LDAP is needed application: "proxy" port: "80" # cookie_secret: None # Set via openssl rand -hex 16 ldap: enabled: True # Enables LDAP by default database: central_storage: True # Activate Central Database Storage css: enabled: false # Temporary deactivated due to bugs # @todo Solve and reactivate matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe ## Peertube peertube: version: "bookworm" database: central_storage: True # Activate Central Database Storage matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe ## PHPMyAdmin phpmyadmin: version: "latest" autologin: false # This is a high security risk. Just activate this option if you know what you're doing oauth2_proxy: enabled: true port: "80" application: "application" # cookie_secret: None # Set via openssl rand -hex 16 database: central_storage: True # Activate Central Database Storage css: enabled: False # The css needs more optimation for PHPMyAdmin matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe ## Pixelfed pixelfed: titel: "Pictures on {{primary_domain}}" version: "latest" database: central_storage: True # Activate Central Database Storage matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe ## Postgres # Please set an version in your inventory file - Rolling release for postgres isn't recommended postgres: database.version: "latest" portfolio: database: central_storage: False # Portfolio doesn't use any database matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style landingpage_iframe_enabled: false # Doesn't make sense to load landingpage in landingpage # Snipe-IT snipe_it: version: "latest" database: central_storage: True # Activate Central Database Storage matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe ## Sphinx sphinx: version: "3.9-slim" # Use latest docker image repository_sphinx_source: "https://github.com/kevinveenbirkenbach/cymais.git" # Repository address to pull the source repository from sphinx_exec_dir_relative: "docs/" # The relative path to the sphinx Makefile folder from the source dir matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style landingpage_iframe_enabled: true # Makes sense to make the documentary allways in iframe available ## Taiga taiga: version: "latest" database: central_storage: True # Activate Central Database Storage matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe ## YOURLS yourls: users: administrator: username: "{{users.administrator.username}}" version: "latest" oauth2_proxy: enabled: true application: "application" port: "80" location: "/admin/" # Protects the admin area # cookie_secret: None # Set via openssl rand -hex 16 database: central_storage: True # Activate Central Database Storage matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe wordpress: # Deactivate Global theming for wordpress role # due to the reason that wordpress has to much different themes # and one styling for all is not possible. # # May a solution could be to generate a template or css file dedicated # for wordpress based on the theming values and import it. database: central_storage: True # Activate Central Database Storage matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking css_enabled: false # CSS is hard to tweak for wordpress landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe