commit 21798a59621af948b5caa5921d93219394a355db Author: Tobias Reisinger Date: Wed Mar 9 12:25:40 2022 +0100 Init diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..d4495fb --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +*.secret.env diff --git a/nginx_proxy_manager/docker-compose.yml b/nginx_proxy_manager/docker-compose.yml new file mode 100644 index 0000000..26723ba --- /dev/null +++ b/nginx_proxy_manager/docker-compose.yml @@ -0,0 +1,14 @@ +version: '3' +services: + app: + image: 'jc21/nginx-proxy-manager:latest' + restart: unless-stopped + ports: + - '80:80' + - '443:443' + - '81:81' + volumes: + - data:/data + - /etc/letsencrypt:/etc/letsencrypt +volumes: + data: diff --git a/tandoor/.env b/tandoor/.env new file mode 100644 index 0000000..8576887 --- /dev/null +++ b/tandoor/.env @@ -0,0 +1,158 @@ +# only set this to true when testing/debugging +# when unset: 1 (true) - dont unset this, just for development +DEBUG=0 +SQL_DEBUG=0 + +# HTTP port to bind to +# TANDOOR_PORT=8080 + +# hosts the application can run under e.g. recipes.mydomain.com,cooking.mydomain.com,... +ALLOWED_HOSTS=recipies.serguzim.me + +# random secret key, use for example `base64 /dev/urandom | head -c50` to generate one +SECRET_KEY= + +# your default timezone See https://timezonedb.com/time-zones for a list of timezones +TIMEZONE=Europe/Berlin + +# add only a database password if you want to run with the default postgres, otherwise change settings accordingly +DB_ENGINE=django.db.backends.postgresql +# DB_OPTIONS= {} # e.g. {"sslmode":"require"} to enable ssl +POSTGRES_HOST=db.serguzim.me +POSTGRES_PORT=5432 +POSTGRES_USER=tandoor +POSTGRES_PASSWORD= +POSTGRES_DB=tandoor + +# database connection string, when used overrides other database settings. +# format might vary depending on backend +# DATABASE_URL=engine://username:password@host:port/dbname + +# the default value for the user preference 'fractions' (enable/disable fraction support) +# default: disabled=0 +FRACTION_PREF_DEFAULT=0 + +# the default value for the user preference 'comments' (enable/disable commenting system) +# default comments enabled=1 +COMMENT_PREF_DEFAULT=1 + +# Users can set a amount of time after which the shopping list is refreshed when they are in viewing mode +# This is the minimum interval users can set. Setting this to low will allow users to refresh very frequently which +# might cause high load on the server. (Technically they can obviously refresh as often as they want with their own scripts) +SHOPPING_MIN_AUTOSYNC_INTERVAL=5 + +# Default for user setting sticky navbar +# STICKY_NAV_PREF_DEFAULT=1 + +# If base URL is something other than just / (you are serving a subfolder in your proxy for instance http://recipe_app/recipes/) +# Be sure to not have a trailing slash: e.g. '/recipes' instead of '/recipes/' +# SCRIPT_NAME=/recipes + +# If staticfiles are stored at a different location uncomment and change accordingly, MUST END IN / +# this is not required if you are just using a subfolder +# This can either be a relative path from the applications base path or the url of an external host +# STATIC_URL=/static/ + +# If mediafiles are stored at a different location uncomment and change accordingly, MUST END IN / +# this is not required if you are just using a subfolder +# This can either be a relative path from the applications base path or the url of an external host +# MEDIA_URL=/media/ + +# Serve mediafiles directly using gunicorn. Basically everyone recommends not doing this. Please use any of the examples +# provided that include an additional nxginx container to handle media file serving. +# If you know what you are doing turn this back on (1) to serve media files using djangos serve() method. +# when unset: 1 (true) - this is temporary until an appropriate amount of time has passed for everyone to migrate +GUNICORN_MEDIA=0 + +# S3 Media settings: store mediafiles in s3 or any compatible storage backend (e.g. minio) +# as long as S3_ACCESS_KEY is not set S3 features are disabled +# S3_ACCESS_KEY= +# S3_SECRET_ACCESS_KEY= +# S3_BUCKET_NAME= +# S3_REGION_NAME= # default none, set your region might be required +# S3_QUERYSTRING_AUTH=1 # default true, set to 0 to serve media from a public bucket without signed urls +# S3_QUERYSTRING_EXPIRE=3600 # number of seconds querystring are valid for +# S3_ENDPOINT_URL= # when using a custom endpoint like minio + +# Email Settings, see https://docs.djangoproject.com/en/3.2/ref/settings/#email-host +# Required for email confirmation and password reset (automatically activates if host is set) +# EMAIL_HOST= +# EMAIL_PORT= +# EMAIL_HOST_USER= +# EMAIL_HOST_PASSWORD= +# EMAIL_USE_TLS=0 +# EMAIL_USE_SSL=0 +# DEFAULT_FROM_EMAIL= # email sender address (default 'webmaster@localhost') +# ACCOUNT_EMAIL_SUBJECT_PREFIX= # prefix used for account related emails (default "[Tandoor Recipes] ") + +# allow authentication via reverse proxy (e.g. authelia), leave off if you dont know what you are doing +# see docs for more information https://vabene1111.github.io/recipes/features/authentication/ +# when unset: 0 (false) +REVERSE_PROXY_AUTH=0 + +# Default settings for spaces, apply per space and can be changed in the admin view +# SPACE_DEFAULT_MAX_RECIPES=0 # 0=unlimited recipes +# SPACE_DEFAULT_MAX_USERS=0 # 0=unlimited users per space +# SPACE_DEFAULT_MAX_FILES=0 # Maximum file storage for space in MB. 0 for unlimited, -1 to disable file upload. +# SPACE_DEFAULT_ALLOW_SHARING=1 # Allow users to share recipes with public links + +# allow people to create accounts on your application instance (without an invite link) +# when unset: 0 (false) +# ENABLE_SIGNUP=0 + +# If signup is enabled you might want to add a captcha to it to prevent spam +# HCAPTCHA_SITEKEY= +# HCAPTCHA_SECRET= + +# if signup is enabled you might want to provide urls to data protection policies or terms and conditions +# TERMS_URL= +# PRIVACY_URL= +# IMPRINT_URL= + +# enable serving of prometheus metrics under the /metrics path +# ATTENTION: view is not secured (as per the prometheus default way) so make sure to secure it +# trough your web server (or leave it open of you dont care if the stats are exposed) +ENABLE_METRICS=1 + +# allows you to setup OAuth providers +# see docs for more information https://vabene1111.github.io/recipes/features/authentication/ +#SOCIAL_PROVIDERS=allauth.socialaccount.providers.openid + +#SOCIALACCOUNT_PROVIDERS="{'openid': {'SERVERS': [{'id': 'auth.serguzim.me', 'name': 'auth.serguzim.me', 'openid_url': 'https://auth.serguzim.me/application/o/recipies_serguzim_me/'},]}}" + +# Should a newly created user from a social provider get assigned to the default space and given permission by default ? +# ATTENTION: This feature might be deprecated in favor of a space join and public viewing system in the future +# default 0 (false), when 1 (true) users will be assigned space and group +SOCIAL_DEFAULT_ACCESS=1 + +# if SOCIAL_DEFAULT_ACCESS is used, which group should be added +SOCIAL_DEFAULT_GROUP=guest + +# Django session cookie settings. Can be changed to allow a single django application to authenticate several applications +# when running under the same database +# SESSION_COOKIE_DOMAIN=.serguzim.me +# SESSION_COOKIE_NAME=sessionid # use this only to not interfere with non unified django applications under the same top level domain + +# by default SORT_TREE_BY_NAME is disabled this will store all Keywords and Food in the order they are created +# enabling this setting makes saving new keywords and foods very slow, which doesn't matter in most usecases. +# however, when doing large imports of recipes that will create new objects, can increase total run time by 10-15x +# Keywords and Food can be manually sorted by name in Admin +# This value can also be temporarily changed in Admin, it will revert the next time the application is started +# This will be fixed/changed in the future by changing the implementation or finding a better workaround for sorting +# SORT_TREE_BY_NAME=0 +# LDAP authentication +# default 0 (false), when 1 (true) list of allowed users will be fetched from LDAP server +#LDAP_AUTH= +#AUTH_LDAP_SERVER_URI= +#AUTH_LDAP_BIND_DN= +#AUTH_LDAP_BIND_PASSWORD= +#AUTH_LDAP_USER_SEARCH_BASE_DN= +#AUTH_LDAP_TLS_CACERTFILE= + +# Enables exporting PDF (see export docs) +# Disabled by default, uncomment to enable +# ENABLE_PDF_EXPORT=1 + +# Recipe exports are cached for a certain time by default, adjust time if needed +# EXPORT_FILE_CACHE_DURATION=600 + diff --git a/tandoor/docker-compose.yml b/tandoor/docker-compose.yml new file mode 100644 index 0000000..d675d3a --- /dev/null +++ b/tandoor/docker-compose.yml @@ -0,0 +1,31 @@ +version: "3" +services: + web_recipes: + image: vabene1111/recipes + env_file: + - .env + - .secret.env + volumes: + - staticfiles:/opt/recipes/staticfiles + - nginx_config:/opt/recipes/nginx/conf.d + - mediafiles:/opt/recipes/mediafiles + + nginx_recipes: + image: nginx:mainline-alpine + restart: always + ports: + - 3017:80 + env_file: + - .env + - .secret.env + depends_on: + - web_recipes + volumes: + - nginx_config:/etc/nginx/conf.d:ro + - staticfiles:/static + - mediafiles:/media + +volumes: + nginx_config: + staticfiles: + mediafiles: diff --git a/wiki-js/.env b/wiki-js/.env new file mode 100644 index 0000000..a3c7bbd --- /dev/null +++ b/wiki-js/.env @@ -0,0 +1,7 @@ +DB_TYPE=postgres +DB_HOST=db.serguzim.me +DB_PORT=5432 +DB_USER=wikijs +DB_PASS= +DB_NAME=wikijsdb +DB_SSL=1 diff --git a/wiki-js/docker-compose.yml b/wiki-js/docker-compose.yml new file mode 100644 index 0000000..d7a2f4f --- /dev/null +++ b/wiki-js/docker-compose.yml @@ -0,0 +1,11 @@ +version: '3' + +services: + wiki-js: + image: requarks/wiki + restart: always + env_file: + - .env + - .secret.env + ports: + - 3003:3000/tcp