Init

.gitignore

@@ -0,0 +1 @@
+*.secret.env

nginx_proxy_manager/docker-compose.yml

@@ -0,0 +1,14 @@
+version: '3'
+services:
+  app:
+    image: 'jc21/nginx-proxy-manager:latest'
+    restart: unless-stopped
+    ports:
+      - '80:80'
+      - '443:443'
+      - '81:81'
+    volumes:
+      - data:/data
+      - /etc/letsencrypt:/etc/letsencrypt
+volumes:
+  data:

tandoor/.env

@@ -0,0 +1,158 @@
+# only set this to true when testing/debugging
+# when unset: 1 (true) - dont unset this, just for development
+DEBUG=0
+SQL_DEBUG=0
+
+# HTTP port to bind to
+# TANDOOR_PORT=8080
+
+# hosts the application can run under e.g. recipes.mydomain.com,cooking.mydomain.com,...
+ALLOWED_HOSTS=recipies.serguzim.me
+
+# random secret key, use for example `base64 /dev/urandom | head -c50` to generate one
+SECRET_KEY=
+
+# your default timezone See https://timezonedb.com/time-zones for a list of timezones
+TIMEZONE=Europe/Berlin
+
+# add only a database password if you want to run with the default postgres, otherwise change settings accordingly
+DB_ENGINE=django.db.backends.postgresql
+# DB_OPTIONS= {} # e.g. {"sslmode":"require"} to enable ssl
+POSTGRES_HOST=db.serguzim.me
+POSTGRES_PORT=5432
+POSTGRES_USER=tandoor
+POSTGRES_PASSWORD=
+POSTGRES_DB=tandoor
+
+# database connection string, when used overrides other database settings.
+# format might vary depending on backend
+# DATABASE_URL=engine://username:password@host:port/dbname
+
+# the default value for the user preference 'fractions' (enable/disable fraction support)
+# default: disabled=0
+FRACTION_PREF_DEFAULT=0
+
+# the default value for the user preference 'comments' (enable/disable commenting system)
+# default comments enabled=1
+COMMENT_PREF_DEFAULT=1
+
+# Users can set a amount of time after which the shopping list is refreshed when they are in viewing mode
+# This is the minimum interval users can set. Setting this to low will allow users to refresh very frequently which
+# might cause high load on the server. (Technically they can obviously refresh as often as they want with their own scripts)
+SHOPPING_MIN_AUTOSYNC_INTERVAL=5
+
+# Default for user setting sticky navbar
+# STICKY_NAV_PREF_DEFAULT=1
+
+# If base URL is something other than just / (you are serving a subfolder in your proxy for instance http://recipe_app/recipes/)
+# Be sure to not have a trailing slash: e.g. '/recipes' instead of '/recipes/'
+# SCRIPT_NAME=/recipes
+
+# If staticfiles are stored at a different location uncomment and change accordingly, MUST END IN /
+# this is not required if you are just using a subfolder
+# This can either be a relative path from the applications base path or the url of an external host
+# STATIC_URL=/static/
+
+# If mediafiles are stored at a different location uncomment and change accordingly, MUST END IN /
+# this is not required if you are just using a subfolder
+# This can either be a relative path from the applications base path or the url of an external host
+# MEDIA_URL=/media/
+
+# Serve mediafiles directly using gunicorn. Basically everyone recommends not doing this. Please use any of the examples
+# provided that include an additional nxginx container to handle media file serving.
+# If you know what you are doing turn this back on (1) to serve media files using djangos serve() method.
+# when unset: 1 (true) - this is temporary until an appropriate amount of time has passed for everyone to migrate
+GUNICORN_MEDIA=0
+
+# S3 Media settings: store mediafiles in s3 or any compatible storage backend (e.g. minio)
+# as long as S3_ACCESS_KEY is not set S3 features are disabled
+# S3_ACCESS_KEY=
+# S3_SECRET_ACCESS_KEY=
+# S3_BUCKET_NAME=
+# S3_REGION_NAME= # default none, set your region might be required
+# S3_QUERYSTRING_AUTH=1 # default true, set to 0 to serve media from a public bucket without signed urls
+# S3_QUERYSTRING_EXPIRE=3600 # number of seconds querystring are valid for
+# S3_ENDPOINT_URL= # when using a custom endpoint like minio
+
+# Email Settings, see https://docs.djangoproject.com/en/3.2/ref/settings/#email-host
+# Required for email confirmation and password reset (automatically activates if host is set)
+# EMAIL_HOST=
+# EMAIL_PORT=
+# EMAIL_HOST_USER=
+# EMAIL_HOST_PASSWORD=
+# EMAIL_USE_TLS=0
+# EMAIL_USE_SSL=0
+# DEFAULT_FROM_EMAIL= # email sender address (default 'webmaster@localhost')
+# ACCOUNT_EMAIL_SUBJECT_PREFIX= # prefix used for account related emails (default "[Tandoor Recipes] ")
+
+# allow authentication via reverse proxy (e.g. authelia), leave off if you dont know what you are doing
+# see docs for more information https://vabene1111.github.io/recipes/features/authentication/
+# when unset: 0 (false)
+REVERSE_PROXY_AUTH=0
+
+# Default settings for spaces, apply per space and can be changed in the admin view
+# SPACE_DEFAULT_MAX_RECIPES=0 # 0=unlimited recipes
+# SPACE_DEFAULT_MAX_USERS=0 # 0=unlimited users per space
+# SPACE_DEFAULT_MAX_FILES=0 # Maximum file storage for space in MB. 0 for unlimited, -1 to disable file upload.
+# SPACE_DEFAULT_ALLOW_SHARING=1 # Allow users to share recipes with public links
+
+# allow people to create accounts on your application instance (without an invite link)
+# when unset: 0 (false)
+# ENABLE_SIGNUP=0
+
+# If signup is enabled you might want to add a captcha to it to prevent spam
+# HCAPTCHA_SITEKEY=
+# HCAPTCHA_SECRET=
+
+# if signup is enabled you might want to provide urls to data protection policies or terms and conditions
+# TERMS_URL=
+# PRIVACY_URL=
+# IMPRINT_URL=
+
+# enable serving of prometheus metrics under the /metrics path
+# ATTENTION: view is not secured (as per the prometheus default way) so make sure to secure it
+# trough your web server (or leave it open of you dont care if the stats are exposed)
+ENABLE_METRICS=1
+
+# allows you to setup OAuth providers
+# see docs for more information https://vabene1111.github.io/recipes/features/authentication/
+#SOCIAL_PROVIDERS=allauth.socialaccount.providers.openid
+
+#SOCIALACCOUNT_PROVIDERS="{'openid': {'SERVERS': [{'id': 'auth.serguzim.me', 'name': 'auth.serguzim.me', 'openid_url': 'https://auth.serguzim.me/application/o/recipies_serguzim_me/'},]}}"
+
+# Should a newly created user from a social provider get assigned to the default space and given permission by default ?
+# ATTENTION: This feature might be deprecated in favor of a space join and public viewing system in the future
+# default 0 (false), when 1 (true) users will be assigned space and group
+SOCIAL_DEFAULT_ACCESS=1
+
+# if SOCIAL_DEFAULT_ACCESS is used, which group should be added
+SOCIAL_DEFAULT_GROUP=guest
+
+# Django session cookie settings. Can be changed to allow a single django application to authenticate several applications
+# when running under the same database
+# SESSION_COOKIE_DOMAIN=.serguzim.me
+# SESSION_COOKIE_NAME=sessionid # use this only to not interfere with non unified django applications under the same top level domain
+
+# by default SORT_TREE_BY_NAME is disabled this will store all Keywords and Food in the order they are created
+# enabling this setting makes saving new keywords and foods very slow, which doesn't matter in most usecases.
+# however, when doing large imports of recipes that will create new objects, can increase total run time by 10-15x
+# Keywords and Food can be manually sorted by name in Admin
+# This value can also be temporarily changed in Admin, it will revert the next time the application is started
+# This will be fixed/changed in the future by changing the implementation or finding a better workaround for sorting
+# SORT_TREE_BY_NAME=0
+# LDAP authentication
+# default 0 (false), when 1 (true) list of allowed users will be fetched from LDAP server
+#LDAP_AUTH=
+#AUTH_LDAP_SERVER_URI=
+#AUTH_LDAP_BIND_DN=
+#AUTH_LDAP_BIND_PASSWORD=
+#AUTH_LDAP_USER_SEARCH_BASE_DN=
+#AUTH_LDAP_TLS_CACERTFILE=
+
+# Enables exporting PDF (see export docs)
+# Disabled by default, uncomment to enable
+# ENABLE_PDF_EXPORT=1
+
+# Recipe exports are cached for a certain time by default, adjust time if needed
+# EXPORT_FILE_CACHE_DURATION=600
+

tandoor/docker-compose.yml

@@ -0,0 +1,31 @@
+version: "3"
+services:
+  web_recipes:
+    image: vabene1111/recipes
+    env_file:
+      - .env
+      - .secret.env
+    volumes:
+      - staticfiles:/opt/recipes/staticfiles
+      - nginx_config:/opt/recipes/nginx/conf.d
+      - mediafiles:/opt/recipes/mediafiles
+
+  nginx_recipes:
+    image: nginx:mainline-alpine
+    restart: always
+    ports:
+      - 3017:80
+    env_file:
+      - .env
+      - .secret.env
+    depends_on:
+      - web_recipes
+    volumes:
+      - nginx_config:/etc/nginx/conf.d:ro
+      - staticfiles:/static
+      - mediafiles:/media
+
+volumes:
+  nginx_config:
+  staticfiles:
+  mediafiles:

wiki-js/.env

@@ -0,0 +1,7 @@
+DB_TYPE=postgres
+DB_HOST=db.serguzim.me
+DB_PORT=5432
+DB_USER=wikijs
+DB_PASS=
+DB_NAME=wikijsdb
+DB_SSL=1

wiki-js/docker-compose.yml

@@ -0,0 +1,11 @@
+version: '3'
+
+services:
+  wiki-js:
+    image: requarks/wiki
+    restart: always
+    env_file:
+      - .env
+      - .secret.env
+    ports:
+      - 3003:3000/tcp