---
linkwarden_secret: "{{ vault_linkwarden.secret }}"

linkwarden_db_host_port: "{{ postgres.host }}:{{ postgres.port }}"
linkwarden_db_user: "{{ opentofu.postgresql_data.linkwarden.user }}"
linkwarden_db_pass: "{{ opentofu.postgresql_data.linkwarden.pass }}"
linkwarden_db_database: "{{ opentofu.postgresql_data.linkwarden.database }}"

linkwarden_s3_accesskey: "{{ opentofu.scaleway_data.linkwarden.access_key }}"
linkwarden_s3_secretkey: "{{ opentofu.scaleway_data.linkwarden.secret_key }}"

linkwarden_svc:
  domain: "{{ all_services | service_get_domain(role_name) }}"
  port: 3000

linkwarden_env:
  NEXTAUTH_SECRET: "{{ linkwarden_secret }}"
  NEXTAUTH_URL: https://bookmarks.serguzim.me/api/v1/auth
  DATABASE_URL: postgres://{{ linkwarden_db_user }}:{{ linkwarden_db_pass }}@{{ linkwarden_db_host_port }}/{{ linkwarden_db_database }}

  SPACES_KEY: "{{ linkwarden_s3_accesskey }}"
  SPACES_SECRET: "{{ linkwarden_s3_secretkey }}"
  SPACES_ENDPOINT: "{{ opentofu.scaleway_data.linkwarden.api_endpoint }}"
  SPACES_BUCKET_NAME: "{{ opentofu.scaleway_data.linkwarden.name }}"
  SPACES_REGION: "{{ opentofu.scaleway_data.linkwarden.region }}"
  SPACES_FORCE_PATH_STYLE: false

  NEXT_PUBLIC_DISABLE_REGISTRATION: true
  NEXT_PUBLIC_CREDENTIALS_ENABLED: false
  NEXT_PUBLIC_AUTHENTIK_ENABLED: true
  AUTHENTIK_CUSTOM_NAME: auth.serguzim.me
  AUTHENTIK_ISSUER: "{{ opentofu.authentik_data.linkwarden.base_url }}"
  AUTHENTIK_CLIENT_ID: "{{ opentofu.authentik_data.linkwarden.client_id }}"
  AUTHENTIK_CLIENT_SECRET: "{{ opentofu.authentik_data.linkwarden.client_secret }}"

linkwarden_compose:
  watchtower: update
  image: ghcr.io/linkwarden/linkwarden:latest