mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2025-10-31 10:19:09 +00:00
Kevin Veen-Birkenbach
1a5ce4a7fa
- Fix BookWyrm email SSL/TLS handling (use ternary without 'not' for clarity) - Add truststore_enabled flag in Confluence config and vars - Wire JVM_SUPPORT_RECOMMENDED_ARGS to disable UPM signature check if truststore is disabled - Add placeholder style.css.j2 for Confluence See conversation: https://chatgpt.com/share/68b80024-7100-800f-a2fe-ba8b9f5cec05
64 lines
3.3 KiB
YAML
64 lines
3.3 KiB
YAML
# General
|
|
application_id: "web-app-bookwyrm"
|
|
database_type: "postgres"
|
|
|
|
# Container
|
|
container_port: 8000
|
|
container_hostname: "{{ domains | get_domain(application_id) }}"
|
|
|
|
# BookWyrm
|
|
|
|
BOOKWYRM_REGISTRATION_OPEN: "{{ applications | get_app_conf(application_id, 'registration_open') | string | lower }}"
|
|
BOOKWYRM_ALLOW_INVITE_REQUESTS: "{{ applications | get_app_conf(application_id, 'allow_invite_request') | string | lower }}"
|
|
|
|
## Credentrials
|
|
BOOKWYRM_SECRET_KEY: "{{ applications | get_app_conf(application_id, 'credentials.secret_key') }}"
|
|
|
|
## URLs
|
|
BOOKWYRM_URL: "{{ domains | get_url(application_id, WEB_PROTOCOL) }}"
|
|
BOOKWYRM_HOSTNAME: "{{ container_hostname }}"
|
|
|
|
## OIDC (optional; can be fronted by oauth2-proxy or native if you wire it)
|
|
BOOKWYRM_OIDC_ENABLED: "{{ applications | get_app_conf(application_id, 'features.oidc') }}"
|
|
BOOKWYRM_OIDC_LABEL: "{{ OIDC.BUTTON_TEXT }}"
|
|
BOOKWYRM_OIDC_CLIENT_ID: "{{ OIDC.CLIENT.ID }}"
|
|
BOOKWYRM_OIDC_CLIENT_SECRET: "{{ OIDC.CLIENT.SECRET }}"
|
|
BOOKWYRM_OIDC_ISSUER: "{{ OIDC.CLIENT.ISSUER_URL }}"
|
|
BOOKWYRM_OIDC_AUTH_URL: "{{ OIDC.CLIENT.AUTHORIZE_URL }}"
|
|
BOOKWYRM_OIDC_TOKEN_URL: "{{ OIDC.CLIENT.TOKEN_URL }}"
|
|
BOOKWYRM_OIDC_USERINFO_URL: "{{ OIDC.CLIENT.USER_INFO_URL }}"
|
|
BOOKWYRM_OIDC_LOGOUT_URL: "{{ OIDC.CLIENT.LOGOUT_URL }}"
|
|
BOOKWYRM_OIDC_JWKS_URL: "{{ OIDC.CLIENT.CERTS }}"
|
|
BOOKWYRM_OIDC_SCOPES: "openid,email,profile"
|
|
BOOKWYRM_OIDC_UNIQUE_ATTRIBUTE: "{{ OIDC.ATTRIBUTES.USERNAME }}"
|
|
|
|
## Docker
|
|
BOOKWYRM_CONTAINER: "{{ applications | get_app_conf(application_id, 'docker.services.application.name') }}"
|
|
BOOKWYRM_DATA_VOLUME: "{{ applications | get_app_conf(application_id, 'docker.volumes.data') }}"
|
|
BOOKWYRM_MEDIA_VOLUME: "{{ applications | get_app_conf(application_id, 'docker.volumes.media') }}"
|
|
BOOKWYRM_VERSION: "{{ applications | get_app_conf(application_id, 'docker.services.application.version') }}"
|
|
BOOKWYRM_CUSTOM_IMAGE: "bookwyrm_custom"
|
|
BOOKWYRM_WORKER_CONTAINER: "{{ BOOKWYRM_CONTAINER }}-worker"
|
|
|
|
## Redis
|
|
BOOKWYRM_REDIS_HOST: "redis"
|
|
BOOKWYRM_REDIS_PORT: 6379
|
|
BOOKWYRM_REDIS_BASE_URL: "redis://{{ BOOKWYRM_REDIS_HOST }}:{{ BOOKWYRM_REDIS_PORT }}"
|
|
BOOKWYRM_REDIS_BROKER_URL: "{{ BOOKWYRM_REDIS_BASE_URL }}/0"
|
|
BOOKWYRM_REDIS_CACHE_URL: "{{ BOOKWYRM_REDIS_BASE_URL }}/1"
|
|
BOOKWYRM_REDIS_BROKER_DB: 0
|
|
BOOKWYRM_REDIS_ACTIVITY_DB: 1
|
|
BOOKWYRM_BROKER_URL: "{{ BOOKWYRM_REDIS_BROKER_URL }}"
|
|
BOOKWYRM_REDIS_ACTIVITY_URL: "{{ BOOKWYRM_REDIS_CACHE_URL }}"
|
|
#BOOKWYRM_CACHE_URL: "{{ BOOKWYRM_REDIS_CACHE_URL }}"
|
|
|
|
# Email
|
|
EMAIL_HOST: "{{ SYSTEM_EMAIL.HOST }}"
|
|
EMAIL_PORT: "{{ SYSTEM_EMAIL.PORT }}"
|
|
EMAIL_HOST_USER: "{{ users['no-reply'].email }}"
|
|
EMAIL_HOST_PASSWORD: "{{ users['no-reply'].mailu_token }}"
|
|
# TLS/SSL: If TLS is true → TLS; else → SSL
|
|
EMAIL_USE_TLS: "{{ SYSTEM_EMAIL.TLS | ternary('true','false') }}"
|
|
EMAIL_USE_SSL: "{{ SYSTEM_EMAIL.TLS | ternary('false','true') }}"
|
|
EMAIL_DEFAULT_FROM: "BookWyrm <{{ users['no-reply'].email }}>"
|