mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2025-08-27 05:55:15 +02:00
Kevin Veen-Birkenbach
c182ecf516
- Improved OIDC variable definitions (12_oidc.yml) - Added account/security/profile URLs - Restructured web-app-desktop tasks and JS handling - Introduced oidc.js and iframe.js with runtime loader - Fixed nginx.conf, LDAP, and healthcheck templates spacing - Improved Lua injection for CSP and snippets - Fixed typos (WordPress, receive, etc.) - Added silent-check-sso nginx location Conversation: https://chatgpt.com/share/68ae0060-4fac-800f-9f02-22592a4087d3
68 lines
1.9 KiB
YAML
68 lines
1.9 KiB
YAML
title: "Blog" # WordPress titel
|
|
max_upload_size: "15M" # Low default upload size, because you should use Peertube for Videos and Funkwhale for Audio files
|
|
plugins:
|
|
wp-discourse:
|
|
enabled: "{{ 'web-app-discourse' in group_names | lower }}"
|
|
daggerhart-openid-connect-generic:
|
|
enabled: true
|
|
activitypub:
|
|
enabled: true
|
|
features:
|
|
matomo: true
|
|
css: false
|
|
desktop: true
|
|
oidc: true
|
|
central_database: true
|
|
logout: true
|
|
server:
|
|
csp:
|
|
flags:
|
|
style-src:
|
|
unsafe-inline: true
|
|
script-src-elem:
|
|
unsafe-inline: true
|
|
script-src:
|
|
unsafe-eval: true
|
|
whitelist:
|
|
worker-src:
|
|
- "blob:"
|
|
font-src:
|
|
- "data:"
|
|
- "https://fonts.bunny.net"
|
|
script-src-elem:
|
|
- "https://cdn.gtranslate.net" # Necessary for translation plugins
|
|
- "https://translate.google.com" # Necessary for translation plugins
|
|
- "blog.{{ PRIMARY_DOMAIN }}"
|
|
style-src:
|
|
- "https://fonts.bunny.net"
|
|
frame-src:
|
|
- "blob:"
|
|
- "*"
|
|
domains:
|
|
canonical:
|
|
- "blog.{{ PRIMARY_DOMAIN }}"
|
|
docker:
|
|
services:
|
|
database:
|
|
enabled: true
|
|
wordpress:
|
|
version: latest
|
|
image: wordpress
|
|
name: wordpress
|
|
backup:
|
|
no_stop_required: true
|
|
volumes:
|
|
data: wordpress_data
|
|
rbac:
|
|
roles:
|
|
subscriber:
|
|
description: "Can read posts and leave comments but cannot write or manage content"
|
|
author:
|
|
description: "Can write and manage own posts"
|
|
contributor:
|
|
description: "Can write and submit posts for review but cannot publish"
|
|
editor:
|
|
description: "Can publish and manage all posts, including those by other users"
|
|
administrator:
|
|
description: "Has full administrative access: manage themes, plugins, settings, and users"
|