computer-playbook/roles/web-app-bluesky/config/main.yml

features:
  matomo:           true
  css:              true
  desktop:          true
  central_database: false
  logout:           true
server:
  config_upstream_url: "https://ip.bsky.app/config"
  domains:
    canonical:
      web:  "bskyweb.{{ PRIMARY_DOMAIN }}"
      api:  "bluesky.{{ PRIMARY_DOMAIN }}"
      view: "view.bluesky.{{ PRIMARY_DOMAIN }}"
  csp:
    whitelist:
      connect-src:
        - "{{ WEB_PROTOCOL }}://<< defaults_applications[web-app-bluesky].server.domains.canonical.api >>"
        - https://plc.directory
        - https://bsky.social
        - https://api.bsky.app
        - https://public.api.bsky.app
        - https://events.bsky.app
        - https://statsigapi.net
        - https://ip.bsky.app
        - https://video.bsky.app
        - wss://bsky.network
        - wss://*.bsky.app
      media-src:
        - "blob:"
      worker-src:
        - "blob:"
docker:
  services:
    database:
      enabled: false
    web:
      enabled: true  # @see https://github.com/bluesky-social/social-app
    view:
      enabled: false
    pds:
      image:    "ghcr.io/bluesky-social/pds"
      version:  "latest"
  volumes:
    pds_data:   "pds_data"