kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-04-21 23:42:24 +02:00
Code Issues Packages Projects Releases Wiki Activity
computer-playbook/templates/vars/applications.yml.j2

826 lines
38 KiB
Django/Jinja
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{% import "features.yml.j2" as features %}{% raw %}
# Docker Applications
## Docker Role Specific Parameters
docker_restart_policy: "unless-stopped"
##############################################
## Applications Configuration
##############################################
# Keep in mind, that this configuration should in general just apply to the roles which set the applications up.
# If other applications depend on this variables, propably it makes sense to define it in e.g. IMA or other variable files.
# helper
_applications_nextcloud_oidc_flavor: "{{ applications.nextcloud.oidc.flavor | default('oidc_login' if applications.nextcloud.features.ldap | default(true) else 'sociallogin') }}"
# applications
defaults_applications:
## Akaunting
akaunting:
version: "latest"
company_name: "{{primary_domain}}"
company_email: "{{users.administrator.email}}"
setup_admin_email: "{{users.administrator.email}}"
{% endraw %}{{ features.render_features({
'matomo': true,
'css': true,
'iframe': false,
'database': true,
}) }}{% raw %}
## Assets Server
assets_server:
source_directory: "{{ playbook_dir }}/assets" # Directory from which the assets will be copied
url: "https://{{domains.file_server}}/assets" # Public address of the assets directory
## Attendize
attendize:
version: "latest"
{% endraw %}{{ features.render_features({
'matomo': true,
'css': true,
'iframe': false,
'database': true,
}) }}{% raw %}
## Baserow
baserow:
version: "latest"
{% endraw %}{{ features.render_features({
'matomo': true,
'css': true,
'iframe': true,
'database': true,
}) }}{% raw %}
## Big Blue Button
bigbluebutton:
enable_greenlight: "true"
setup: false # Set to true in inventory file for initial setup
# @todo LDAP needs to get propper implemented and tested, just set values during refactoring
{% endraw %}{{ features.render_features({
'matomo': true,
'css': true,
'iframe': true,
'ldap': false,
'oidc': true,
'database': true,
}) }}{% raw %}
credentials:
# shared_secret: # Needs to be defined in inventory file
# etherpad_api_key: # Needs to be defined in inventory file
# rails_secret: # Needs to be defined in inventory file
# postgresql_secret: # Needs to be defined in inventory file
# fsesl_password: # Needs to be defined in inventory file
# turn_secret: # Needs to be defined in inventory file
urls:
api: "https://{{domains.bigbluebutton}}/bigbluebutton/" # API Address used by Nextcloud Integration
## Bluesky
bluesky:
users:
administrator:
email: "{{users.administrator.email}}"
pds:
version: "latest"
#jwt_secret: # Needs to be defined in inventory file - Use: openssl rand -base64 64 | tr -d '\n'
#plc_rotation_key_k256_private_key_hex: # Needs to be defined in inventory file - Use: openssl rand -hex 32
#admin_password: # Needs to be defined in inventory file - Use: openssl rand -base64 16
{% endraw %}{{ features.render_features({
'matomo': true,
'css': true,
'iframe': true,
'database': true,
}) }}{% raw %}
# Chromium Browser
chromium:
plugins: # Plugins to be installed in Chromium
- "cjpalhdlnbpafiamejdnhcphjbkeiagm;https://clients2.google.com/service/update2/crx" # U-Block Origine Plugin
- "oboonakemofpalcgghocfoadofidjkkk;https://clients2.google.com/service/update2/crx" # KeepassXC Plugin
coturn: # @todo implement
credentials:
user: turnuser
# password: # Need to be defined in invetory file
# secret: # Need to be defined in invetory file
## Discourse:
discourse:
network: "discourse_default" # Name of the docker network
container: "discourse_application" # Name of the container application
repository: "discourse_repository" # Name of the repository folder
credentials:
database:
# password: # Needs to be defined in inventory file
master_api:
# key: # Needs to be defined in inventory file
username: "{{ users.administrator.username }}" # Username for the Master API
{% endraw %}{{ features.render_features({
'matomo': true,
'css': true,
'iframe': true,
'oidc': true,
'database': true,
}) }}{% raw %}
## File Server
file_server:
{% endraw %}{{ features.render_features({
'matomo': true,
'css': true,
'iframe': true,
}) }}{% raw %}
# Firefox Browser
firefox:
plugins: # Plugins to be installed in Firefox
- "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi" # U-Block Origine Plugin
- "https://addons.mozilla.org/firefox/downloads/latest/keepassxc-browser/latest.xpi" # KeepassXC Plugin
## Friendica
friendica:
version: "latest"
{% endraw %}{{ features.render_features({
'matomo': true,
'css': true,
'iframe': true,
'oidc': true,
'database': true,
}) }}{% raw %}
## Funkwhale
funkwhale:
version: "1.4.0"
{% endraw %}{{ features.render_features({
'matomo': true,
'css': true,
'iframe': true,
'ldap': true,
'database': true,
}) }}{% raw %}
## Gitea
gitea:
version: "latest" # Use latest docker image
configuration:
repository:
enable_push_create_user: True # Allow users to push local repositories to Gitea and have them automatically created for a user.
default_private: last # Default private when creating a new repository: last, private, public
default_push_create_private: True # Default private when creating a new repository with push-to-create.
{% endraw %}{{ features.render_features({
'matomo': true,
'css': true,
'iframe': true,
'database': true,
}) }}{% raw %}
## Gitlab
gitlab:
version: "latest"
{% endraw %}{{ features.render_features({
'matomo': true,
'css': true,
'iframe': true,
'database': true,
}) }}{% raw %}
## Gnome
gnome:
plugins:
- [enable,nasa_apod@elinvention.ovh,https://github.com/Elinvention/gnome-shell-extension-nasa-apod.git]
- [disable,dash-to-dock@micxgx.gmail.com,'']
- [enable, dash-to-panel@jderose9.github.com,'']
## Joomla
joomla:
version: "latest"
{% endraw %}{{ features.render_features({
'matomo': true,
'css': true,
'iframe': true,
}) }}{% raw %}
## HTML Server
html_server:
{% endraw %}{{ features.render_features({
'matomo': true,
'css': true,
'iframe': false,
}) }}{% raw %}
## Keycloak
keycloak:
version: "latest"
users:
administrator:
username: "{{users.administrator.username}}" # Administrator Username for Keycloak
import_realm: True # If True realm will be imported. If false skip.
# database_password: # Needs to be defined in inventory file
# administrator_password: # Needs to be defined in inventory file
{% endraw %}{{ features.render_features({
'matomo': true,
'css': true,
'iframe': true,
'ldap': true,
'database': true,
}) }}{% raw %}
# LDAP Account Manager
lam:
version: "latest"
# administrator_password: "{{users.administrator.initial_password}}" # CHANGE for security reasons
oauth2_proxy:
application: application # Needs to be the same as webinterface
port: 80 # application port
# cookie_secret: None # Set via openssl rand -hex 16
{% endraw %}{{ features.render_features({
'matomo': true,
'css': true,
'iframe': true,
'ldap': true,
'database': false,
'oauth2': false,
}) }}{% raw %}
## LDAP
ldap:
version: "latest"
network:
local: True # Activates local network to allow other docker containers to connect
public: False # Set to true in inventory file if you want to expose the LDAP port to the internet
hostname: "ldap" # Hostname of the LDAP Server in the central_ldap network
webinterface: "lam" # The webinterface which should be used. Possible: lam and phpldapadmin
users:
administrator:
username: "{{users.administrator.username}}" # Administrator username
# administrator_password: # CHANGE for security reasons in inventory file
# administrator_database_password: # CHANGE for security reasons in inventory file
force_import: False # Forces the import of the LDIF files
{% endraw %}{{ features.render_features({
'ldap': true,
}) }}{% raw %}
## Libre Office
libreoffice:
flavor: "fresh" # Libre Office flavor, fresh for new, still for stable
## Listmonk
listmonk:
users:
administrator:
username: "{{users.administrator.username}}" # Listmonk administrator account username
public_api_activated: False # Security hole. Can be used for spaming
version: "latest" # Docker Image version
setup: false # Set true in inventory file to execute the setup and initializing procedures
{% endraw %}{{ features.render_features({
'matomo': true,
'css': true,
'iframe': true,
'database': true,
}) }}{% raw %}
mailu:
version: "2024.06" # Docker Image Version
setup: false # Set true in inventory file to execute the setup and initializing procedures
oidc:
email_by_username: true # If true, then the mail is set by the username. If wrong then the OIDC user email is used
enable_user_creation: true # Users will be created if not existing
domain: "{{primary_domain}}" # The main domain from which mails will be send \ email suffix behind @
credentials:
# secret_key: # Set to a randomly generated 16 bytes string
# database_password: # Needs to be set in inventory file
# api_token: # Configures the authentication token. The minimum length is 3 characters. This is a mandatory setting for using the RESTful API.
# initial_administrator_password: # Initial administrator password for setup
{% endraw %}{{ features.render_features({
'matomo': true,
'css': true,
'iframe': true,
'oidc': true,
'database': false
}) }}{% raw %}
# Deactivate central database for mailu, I don't know why the database deactivation is necessary
## MariaDB
mariadb:
version: "latest"
## Matomo
matomo:
version: "latest"
oauth2_proxy:
# cookie_secret: None # Set via openssl rand -hex 16
# database_password: Null # Needs to be set in inventory file
# auth_token: Null # Needs to be set in inventory file
{% endraw %}{{ features.render_features({
'matomo': false,
'css': false,
'iframe': false,
'database': true,
'oauth2': false,
}) }}{% raw %}
## Mastodon
mastodon:
version: "latest"
single_user_mode: false # Set true for initial setup
setup: false # Set true in inventory file to execute the setup and initializing procedures
credentials:
# Check out the README.md of the docker-mastodon role to get detailled instructions about how to setup the credentials
# database_password:
# secret_key_base:
# otp_secret:
# vapid:
# private_key:
# public_key:
# active_record_encryption:
# deterministic_key:
# key_derivation_salt:
# primary_key:
{% endraw %}{{ features.render_features({
'matomo': true,
'css': true,
'iframe': false,
'oidc': true,
'database': true,
}) }}{% raw %}
## Matrix
matrix:
users:
administrator:
username: "{{users.administrator.username}}" # Accountname of the matrix admin
playbook_tags: "setup-all,start" # For the initial update use: install-all,ensure-matrix-users-created,start
role: "compose" # Role to setup Matrix. Valid values: ansible, compose
server_name: "{{primary_domain}}" # Adress for the account names etc.
synapse:
version: "latest"
element:
version: "latest"
setup: false # Set true in inventory file to execute the setup and initializing procedures
{% endraw %}{{ features.render_features({
'matomo': true,
'css': true,
'iframe': false,
'oidc': false,
'database': true,
}) }}{% raw %}
# Deactivated OIDC due to this issue https://github.com/matrix-org/synapse/issues/10492
## Moodle
moodle:
site_titel: "Global Learning Academy on {{primary_domain}}"
users:
administrator:
username: "{{users.administrator.username}}"
email: "{{users.administrator.email}}"
version: "latest"
{% endraw %}{{ features.render_features({
'matomo': true,
'css': true,
'iframe': false,
'database': true,
}) }}{% raw %}
## MyBB
mybb:
version: "latest"
{% endraw %}{{ features.render_features({
'matomo': true,
'css': true,
'iframe': false,
'database': true,
}) }}{% raw %}
## Nextcloud
nextcloud:
version: "production" # @see https://nextcloud.com/blog/nextcloud-release-channels-and-how-to-track-them/
ldap:
enabled: True # Enables LDAP by default
oidc:
enabled: "{{ applications.nextcloud.features.oidc | default(true) }}" # Activate OIDC for Nextcloud
# floavor decides which OICD plugin should be used.
# Available options: oidc_login, sociallogin
# @see https://apps.nextcloud.com/apps/oidc_login
# @see https://apps.nextcloud.com/apps/sociallogin
flavor: "oidc_login" # Keeping on sociallogin because the other option is not implemented yet
{% endraw %}{{ features.render_features({
'matomo': true,
'css': true,
'iframe': false,
'ldap': true,
'oidc': true,
'database': true,
}) }}{% raw %}
credentials:
# database_password: Null # Needs to be set in inventory file
users:
administrator:
username: "{{users.administrator.username}}"
initial_password: "{{users.administrator.initial_password}}" # Keep in mind to change the password fast after creation and activate 2FA
default_quota: '1000000000' # Quota to assign if no quota is specified in the OIDC response (bytes)
legacy_login_mask:
enabled: False # If true, then legacy login mask is shown. Otherwise just SSO
container:
application: "nextcloud-application" # Nextcloud application container name
proxy: "nextcloud-web" # Nextcloud Proxy Container Name
performance:
php:
memory_limit: "{{ ((ansible_memtotal_mb | int) / 30)|int }}M" # Dynamic set memory limit
upload_limit: "5G" # Set upload limit to 5GB for big media files
opcache_memory_consumption: "{{ ((ansible_memtotal_mb | int) / 30)|int }}M" # Dynamic set memory consumption
plugins:
# List for Nextcloud Plugin Routine
# Decides if plugins should be activated or deactivated
appointments:
# Nextcloud appointments: handles scheduling and appointment management (https://apps.nextcloud.com/apps/appointments)
enabled: true
bbb:
# Nextcloud BigBlueButton integration: enables video conferencing using BigBlueButton (https://apps.nextcloud.com/apps/bbb)
enabled: "{{ 'bigbluebutton' in group_names | lower }}"
#- bookmarks
# # Nextcloud Bookmarks: manage and share your bookmarks easily (https://apps.nextcloud.com/apps/bookmarks)
# enabled: false
calendar:
# Nextcloud calendar: manages calendar events and scheduling (https://apps.nextcloud.com/apps/calendar)
enabled: true
cfg_share_links:
# Nextcloud share links configuration: customizes sharing settings and link options (https://apps.nextcloud.com/apps/cfg_share_links)
enabled: true
collectives:
# Nextcloud collectives: supports collaborative group management and sharing (https://apps.nextcloud.com/apps/collectives)
enabled: true
contacts:
# Nextcloud contacts: manages address book and contact information (https://apps.nextcloud.com/apps/contacts)
enabled: true
cospend:
# Nextcloud cospend: manages shared expenses and spending tracking (https://apps.nextcloud.com/apps/cospend)
enabled: true
deck:
# Nextcloud Deck: organizes tasks and projects using Kanban boards (https://apps.nextcloud.com/apps/deck)
# When Taiga is activated, this plugin is deactivated, because Taiga is the prefered application.
enabled: "{{ 'taiga' not in group_names | lower }}"
drawio:
# Nextcloud draw.io: integrates diagram creation and editing tools (https://apps.nextcloud.com/apps/drawio)
enabled: true
duplicatefinder:
# Nextcloud duplicate finder: scans and identifies duplicate files (https://apps.nextcloud.com/apps/duplicatefinder)
enabled: true
emlviewer:
# Nextcloud EML Viewer: previews and manages EML email files (https://apps.nextcloud.com/apps/emlviewer)
enabled: true
event_update_notification:
# Nextcloud event update notification: sends alerts when events are updated (https://apps.nextcloud.com/apps/event_update_notification)
enabled: true
epubviewer:
# Nextcloud EPUB Viewer: enables reading and previewing EPUB e-books (https://apps.nextcloud.com/apps/epubviewer)
enabled: true
external:
# Nextcloud External: Adds links to external services (https://apps.nextcloud.com/apps/external)
enabled: true
#files_accesscontrol
# # Nextcloud Files Access Control: restricts file access based on defined rules (https://apps.nextcloud.com/apps/files_accesscontrol)
# enabled: false
#files_archive
# # Nextcloud Files Archive: compresses and archives files for efficient storage (https://apps.nextcloud.com/apps/files_archive)
# enabled: false
#files_automatedtagging
# # Nextcloud Files Automated Tagging: automatically tags files to improve organization (https://apps.nextcloud.com/apps/files_automatedtagging)
# enabled: false
files_bpm:
# Nextcloud Files BPM: integrates business process management for file workflows (https://apps.nextcloud.com/apps/files_bpm)
enabled: true
files_downloadactivity:
# Nextcloud Files Download Activity: tracks and logs file download events (https://apps.nextcloud.com/apps/files_downloadactivity)
enabled: true
files_linkeditor:
# Nextcloud files link editor: allows customization of shared file links (https://apps.nextcloud.com/apps/files_linkeditor)
enabled: true
files_mindmap:
# Nextcloud Files Mindmap: visualizes file relationships as mind maps (https://apps.nextcloud.com/apps/files_mindmap)
enabled: true
files_texteditor:
# Nextcloud Files Text Editor: provides an online editor for text files (https://apps.nextcloud.com/apps/files_texteditor)
# Not available for Nextcloud < 27
enabled: false
fileslibreofficeedit:
# Nextcloud LibreOffice integration: allows online editing of documents with LibreOffice (https://apps.nextcloud.com/apps/fileslibreofficeedit)
enabled: true
forms:
# Nextcloud forms: facilitates creation of forms and surveys (https://apps.nextcloud.com/apps/forms)
enabled: true
gestion:
# Nextcloud Gestion: manages administrative tasks and workflows (https://apps.nextcloud.com/apps/gestion)
enabled: true
groupfolders:
# Nextcloud Group Folders: centralizes shared folders for group collaboration (https://apps.nextcloud.com/apps/groupfolders)
enabled: true
gpxpod:
# Nextcloud GPX pod: visualizes GPS tracks and GPX data (https://apps.nextcloud.com/apps/gpxpod)
enabled: true
integration_discourse:
# Nextcloud Integration Discourse: connects Nextcloud with Discourse forums (https://apps.nextcloud.com/apps/integration_discourse)
enabled: false
integration_gitlab:
# Nextcloud Integration GitLab: connects Nextcloud with GitLab repositories (https://apps.nextcloud.com/apps/integration_gitlab)
enabled: "{{ 'gitlab' in group_names | lower }}"
integration_github:
# Nextcloud Integration GitHub: integrates GitHub repositories with Nextcloud (https://apps.nextcloud.com/apps/integration_github)
enabled: false
integration_google:
# Nextcloud Integration Google: connects Google services with Nextcloud (https://apps.nextcloud.com/apps/integration_google)
enabled: true
integration_mastodon:
# Nextcloud Integration Mastodon: connects Nextcloud with the Mastodon social network (https://apps.nextcloud.com/apps/integration_mastodon)
enabled: "{{ 'mastodon' in group_names | lower }}"
integration_openai:
# Nextcloud Integration OpenAI: brings OpenAI functionalities into Nextcloud (https://apps.nextcloud.com/apps/integration_openai)
enabled: false
integration_openproject:
# Nextcloud Integration OpenProject: integrates project management features from OpenProject (https://apps.nextcloud.com/apps/integration_openproject)
enabled: "{{ 'openproject' in group_names | lower }}"
integration_peertube:
# Nextcloud Integration PeerTube: connects to PeerTube for video sharing (https://apps.nextcloud.com/apps/integration_peertube)
enabled: "{{ 'peertube' in group_names | lower }}"
#keeweb
# # Nextcloud KeeWeb: integrates the KeeWeb password manager within Nextcloud (https://apps.nextcloud.com/apps/keeweb)
# # This isn't maintained anymore. The alternatives don't support keepass files
# enabled: false
keeporsweep:
# Nextcloud keep or sweep: helps manage and clean up files and data (https://apps.nextcloud.com/apps/keeporsweep)
enabled: true
mail:
# Nextcloud mail: integrated email client for managing mail accounts (https://apps.nextcloud.com/apps/mail)
enabled: true
maps:
# Nextcloud maps: provides mapping and location services integration (https://apps.nextcloud.com/apps/maps)
enabled: true
metadata:
# Nextcloud Metadata: manages and displays file metadata for enhanced organization (https://apps.nextcloud.com/apps/metadata)
enabled: true
news:
# Nextcloud News: aggregates and displays news feeds directly in Nextcloud (https://apps.nextcloud.com/apps/news)
enabled: true
oidc_login:
# Nextcloud User OIDC: integrates OpenID Connect for user authentication (https://apps.nextcloud.com/apps/oidc_login)
enabled: "{{ _applications_nextcloud_oidc_flavor=='oidc_login' | lower }}"
incompatible_plugins:
- user_oidc # Will be disabled
- sociallogin # Will be disabled
phonetrack:
# Nextcloud phone track: tracks and monitors mobile device usage (https://apps.nextcloud.com/apps/phonetrack)
enabled: true
polls:
# Nextcloud polls: facilitates creation and management of user polls (https://apps.nextcloud.com/apps/polls)
enabled: true
quota_warning:
# Nextcloud quota warning: notifies users when storage limits are reached (https://apps.nextcloud.com/apps/quota_warning)
enabled: true
recognize:
# Nextcloud recognize: performs image recognition tasks (https://apps.nextcloud.com/apps/recognize)
enabled: false # Deactivated because it let to bugs
richdocuments:
# Nextcloud Rich Documents: provides collaborative document editing capabilities (https://apps.nextcloud.com/apps/richdocuments)
enabled: false # @todo To set it default to true activate https://hub.docker.com/r/collabora/code before
sociallogin:
# Nextcloud social login: allows authentication using social networks (https://apps.nextcloud.com/apps/sociallogin)
enabled: "{{ _applications_nextcloud_oidc_flavor=='sociallogin' | lower }}"
incompatible_plugins:
- user_oidc # Will be disabled
- oidc_login # Will be disabled
spreed:
# Nextcloud Spreed: offers video conferencing and chat functionalities (https://apps.nextcloud.com/apps/spreed)
enabled: false # @todo to activate it first implement docker-coturn and activate it
tables:
# Nextcloud tables: allows creation and editing of tables within the interface (https://apps.nextcloud.com/apps/tables)
enabled: true
tasks:
# Nextcloud tasks: manages personal or group tasks and to-do lists (https://apps.nextcloud.com/apps/tasks)
enabled: true
#terms_of_service
# # Nextcloud Terms of Service: manages user acceptance of terms and conditions (https://apps.nextcloud.com/apps/terms_of_service)
# enabled: false
twofactor_nextcloud_notification:
# Nextcloud two-factor notification: sends notifications for two-factor authentication events (https://apps.nextcloud.com/apps/twofactor_nextcloud_notification)
enabled: "{{ not applications.nextcloud.features.oidc | default(true) }}" # Deactivate 2FA if oidc is active
twofactor_totp:
# Nextcloud two-factor TOTP: provides time-based one-time password authentication (https://apps.nextcloud.com/apps/twofactor_totp)
enabled: "{{ not applications.nextcloud.features.oidc | default(true) }}" # Deactivate 2FA if oidc is active
user_ldap:
# Nextcloud user LDAP: integrates LDAP for user management and authentication (https://apps.nextcloud.com/apps/user_ldap)
enabled: "{{ applications.nextcloud.features.ldap | default(true) }}"
user_oidc:
# Nextcloud User OIDC: integrates OpenID Connect for user authentication (https://apps.nextcloud.com/apps/user_oidc)
enabled: "{{ _applications_nextcloud_oidc_flavor=='user_oidc' | lower }}"
incompatible_plugins:
- oidc_login
- sociallogin
whiteboard:
# Nextcloud Whiteboard: provides a collaborative drawing and brainstorming tool (https://apps.nextcloud.com/apps/whiteboard)
enabled: true
## OAuth2 Proxy
oauth2_proxy:
configuration_file: "oauth2-proxy-keycloak.cfg" # Needs to be set true in the roles which use it
version: "latest" # Docker Image version
redirect_url: "https://{{domains.keycloak}}/auth/realms/{{primary_domain}}/protocol/openid-connect/auth" # The redirect URL for the OAuth2 flow. It should match the redirect URL configured in Keycloak.
allowed_roles: admin # Restrict it default to admin role. Use the vars/main.yml to open the specific role for other groups
{% endraw %}{{ features.render_features({
'matomo': true,
'css': true,
'iframe': false,
}) }}{% raw %}
## Open Project
openproject:
version: "13" # Update when available. Sadly no rolling release implemented
oauth2_proxy:
application: "proxy"
port: "80"
# cookie_secret: None # Set via openssl rand -hex 16
ldap:
filters:
administrators: True # Set true to filter administrators
users: False # Set true to filter users
{% endraw %}{{ features.render_features({
'matomo': true,
'css': true,
'iframe': false,
'ldap': true,
'database': true,
'oauth2': true,
}) }}{% raw %}
## Peertube
peertube:
version: "bookworm"
{% endraw %}{{ features.render_features({
'matomo': true,
'css': true,
'iframe': false,
'database': true,
}) }}{% raw %}
## PgAdmin
pgadmin:
version: "latest"
server_mode: False # If true then the preconfigured database file is loaded. Recommended False. True is a security risk.
master_password_required: True # Master password is required. Recommended True. False is a security risk.
users:
administrator:
email: "{{ users.administrator.email }}" # Initial login email address
password: "{{ users.administrator.initial_password }}" # Initial login password should be overridden in inventory for security
oauth2_proxy:
application: "application"
port: "80"
# cookie_secret: None # Set via: openssl rand -hex 16
{% endraw %}{{ features.render_features({
'matomo': true,
'css': true,
'iframe': false,
'database': true,
'oauth2': true,
}) }}{% raw %}
## phpLDAPadmin
phpldapadmin:
version: "2.0.0-dev" # @todo Attention: Change this as fast as released to latest
oauth2_proxy:
application: application # Needs to be the same as webinterface
port: 8080 # application port
# cookie_secret: None # Set via openssl rand -hex 16
{% endraw %}{{ features.render_features({
'matomo': true,
'css': true,
'iframe': false,
'ldap': true,
'oauth2': true,
}) }}{% raw %}
## PHPMyAdmin
phpmyadmin:
version: "latest" # Use the latest phpmyadmin version
autologin: false # This is a high security risk. Just activate this option if you know what you're doing
oauth2_proxy:
port: "80"
application: "application"
# cookie_secret: None # Set via openssl rand -hex 16
{% endraw %}{{ features.render_features({
'matomo': true,
'css': false,
'iframe': false,
'database': true,
'oauth2': true,
}) }}{% raw %}
## Pixelfed
pixelfed:
titel: "Pictures on {{primary_domain}}"
version: "latest"
{% endraw %}{{ features.render_features({
'matomo': true,
'css': true,
'iframe': false,
'database': true,
}) }}{% raw %}
## Postgres
# Please set an version in your inventory file - Rolling release for postgres isn't recommended
postgres:
version: "latest"
portfolio:
{% endraw %}{{ features.render_features({
'matomo': true,
'css': true,
'iframe': false,
}) }}{% raw %}
## Presentation
presentation:
{% endraw %}{{ features.render_features({
'matomo': true,
'css': true,
'iframe': true,
}) }}{% raw %}
# Snipe-IT
snipe_it:
version: "latest"
{% endraw %}{{ features.render_features({
'matomo': true,
'css': true,
'iframe': false,
'database': true,
}) }}{% raw %}
## Sphinx
sphinx:
{% endraw %}{{ features.render_features({
'matomo': true,
'css': true,
'iframe': false,
}) }}{% raw %}
## Taiga
taiga:
version: "latest"
oidc:
# Taiga doesn't have a functioning oidc support at the moment
# See
# - https://community.taiga.io/t/taiga-and-oidc-plugin/4866
#
# Due to this reason this plutin is deactivated atm
flavor: 'taigaio' # Potential flavors: robrotheram, taigaio
{% endraw %}{{ features.render_features({
'matomo': true,
'css': true,
'iframe': false,
'oidc': false,
'database': true,
}) }}{% raw %}
## YOURLS
yourls:
users:
administrator:
username: "{{users.administrator.username}}"
version: "latest"
oauth2_proxy:
application: "application"
port: "80"
location: "/admin/" # Protects the admin area
# cookie_secret: None # Set via openssl rand -hex 16
{% endraw %}{{ features.render_features({
'matomo': true,
'css': true,
'iframe': false,
'database': true,
'oauth2': true,
}) }}{% raw %}
wordpress:
# Deactivate Global theming for wordpress role
# due to the reason that wordpress has to much different themes
# and one styling for all is not possible.
#
# May a solution could be to generate a template or css file dedicated
# for wordpress based on the theming values and import it.
title: "Blog" # Wordpress titel
credentials: # Credentials
administrator: # Wordpress administrator
username: "{{users.administrator.username}}" # Username of the wordpress administrator
# password: # Password of the wordpress administrator
email: "{{users.administrator.email}}" # Email of the wordpress adminsitrator
plugins:
discourse: false
oidc: true
{% endraw %}{{ features.render_features({
'matomo': true,
'css': false,
'iframe': false,
'oidc': true,
'database': true,
}) }}{% raw %}
Reference in New Issue View Git Blame Copy Permalink