mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2025-09-20 09:16:03 +02:00
Kevin Veen-Birkenbach
5e616d3962
- Normalize domain blocks across apps:
- Add explicit 'aliases: []' everywhere (no implicit aliases)
- Standardize canonical subdomains for consistency:
* Bluesky: web/api under *.bluesky.<PRIMARY_DOMAIN>
* EspoCRM: espo.crm.<PRIMARY_DOMAIN>
* Gitea: tea.git.<PRIMARY_DOMAIN>
* GitLab: lab.git.<PRIMARY_DOMAIN>
* Joomla: joomla.cms.<PRIMARY_DOMAIN>
* Magento: magento.shop.<PRIMARY_DOMAIN>
* OpenProject: open.project.<PRIMARY_DOMAIN>
* Pretix: ticket.shop.<PRIMARY_DOMAIN>
* Taiga: kanban.project.<PRIMARY_DOMAIN>
- Remove legacy/duplicate aliases and use empty list instead
- Fix 'alias' -> 'aliases' where applicable
Context: preparing for AUTO_BUILD_ALIASES=False and deterministic redirect mapping.
Ref: conversation https://chatgpt.com/share/68cd512c-c878-800f-bdf2-81737adf7e0e
69 lines
2.0 KiB
YAML
69 lines
2.0 KiB
YAML
title: "Blog" # WordPress titel
|
|
max_upload_size: "256M" # Low default upload size, because you should use Peertube for Videos and Funkwhale for Audio files
|
|
plugins:
|
|
wp-discourse:
|
|
enabled: "{{ 'web-app-discourse' in group_names | lower }}"
|
|
daggerhart-openid-connect-generic:
|
|
enabled: true
|
|
activitypub:
|
|
enabled: true
|
|
features:
|
|
matomo: true
|
|
css: false
|
|
desktop: true
|
|
oidc: true
|
|
central_database: true
|
|
logout: true
|
|
server:
|
|
csp:
|
|
flags:
|
|
style-src:
|
|
unsafe-inline: true
|
|
script-src-elem:
|
|
unsafe-inline: true
|
|
script-src:
|
|
unsafe-eval: true
|
|
whitelist:
|
|
worker-src:
|
|
- "blob:"
|
|
font-src:
|
|
- "data:"
|
|
- "https://fonts.bunny.net"
|
|
script-src-elem:
|
|
- "https://cdn.gtranslate.net" # Necessary for translation plugins
|
|
- "https://translate.google.com" # Necessary for translation plugins
|
|
- "blog.{{ PRIMARY_DOMAIN }}"
|
|
style-src-elem:
|
|
- "https://fonts.bunny.net"
|
|
frame-src:
|
|
- "blob:"
|
|
- "*"
|
|
domains:
|
|
canonical:
|
|
- "blog.{{ PRIMARY_DOMAIN }}"
|
|
aliases: []
|
|
docker:
|
|
services:
|
|
database:
|
|
enabled: true
|
|
wordpress:
|
|
version: latest
|
|
image: wordpress
|
|
name: wordpress
|
|
backup:
|
|
no_stop_required: true
|
|
volumes:
|
|
data: wordpress_data
|
|
rbac:
|
|
roles:
|
|
subscriber:
|
|
description: "Can read posts and leave comments but cannot write or manage content"
|
|
author:
|
|
description: "Can write and manage own posts"
|
|
contributor:
|
|
description: "Can write and submit posts for review but cannot publish"
|
|
editor:
|
|
description: "Can publish and manage all posts, including those by other users"
|
|
administrator:
|
|
description: "Has full administrative access: manage themes, plugins, settings, and users"
|