---
vikunja_svc:
  domain: "{{ all_services | service_get_domain(role_name) }}"
  port: 3456
  db:
    host: "{{ postgres.host }}"
    port: "{{ postgres.port }}"
    user: "{{ opentofu.postgresql_data.vikunja.user }}"
    pass: "{{ opentofu.postgresql_data.vikunja.pass }}"
    database: "{{ opentofu.postgresql_data.vikunja.database }}"

vikunja_yml:
  service:
    JWTSecret: "{{ vault_vikunja.jwt_secret }}"
    frontendurl: https://{{ svc.domain }}
    enableregistration: false
    timezone: "{{ timezone }}"

  database:
    type: postgres
    sslmode: verify-full
    host: "{{ svc.db.host }}"
    database: "{{ svc.db.database }}"
    user: "{{ svc.db.user }}"
    password: "{{ svc.db.pass }}"

  mailer:
    enabled: true
    host: "{{ mailer.host }}"
    port: "{{ mailer.port }}"
    username: "{{ opentofu.mailcow_data.vikunja.address }}"
    password: "{{ opentofu.mailcow_data.vikunja.password }}"
    fromemail: "{{ opentofu.mailcow_data.vikunja.address }}"

  auth:
    local:
      enabled: false
    openid:
      enabled: true
      providers:
        - name: auth.serguzim.me
          authurl: "{{ opentofu.authentik_data.vikunja.base_url }}/"
          logouturl: "{{ (opentofu.authentik_data.vikunja.base_url, 'end-session') | path_join }}"
          clientid: "{{ opentofu.authentik_data.vikunja.client_id }}"
          clientsecret: "{{ opentofu.authentik_data.vikunja.client_secret }}"

  metrics:
    enabled: true

vikunja_compose:
  watchtower: update
  image: vikunja/vikunja
  volumes:
    - data:/app/vikunja/files
    - ./config.yml:/app/vikunja/config.yml
  file:
    volumes:
      data: