Add Tandoor service (#169)
* add tandoor service * changed doc * Update docs/services/tandoor.md Fix alignment Co-authored-by: Slavi Pantaleev <slavi@devture.com> * Update docs/services/tandoor.md Co-authored-by: Slavi Pantaleev <slavi@devture.com> * Update docs/services/tandoor.md Co-authored-by: Slavi Pantaleev <slavi@devture.com> * Update templates/group_vars_mash_servers Co-authored-by: Slavi Pantaleev <slavi@devture.com> * Update templates/group_vars_mash_servers Co-authored-by: Slavi Pantaleev <slavi@devture.com> * resolved notes --------- Co-authored-by: Slavi Pantaleev <slavi@devture.com>
This commit is contained in:
parent
4e21c16f16
commit
36ec185ddb
5 changed files with 174 additions and 0 deletions
53
docs/services/tandoor.md
Normal file
53
docs/services/tandoor.md
Normal file
|
@ -0,0 +1,53 @@
|
|||
# Tandoor
|
||||
|
||||
[Tandoor](https://docs.tandoor.dev/) is a self-hosted recipe manager, that this playbook can install, powered by the [ansible-role-tandoor](https://github.com/IUCCA/ansible-role-tandoor) Ansible role.
|
||||
|
||||
|
||||
## Dependencies
|
||||
|
||||
This service requires the following other services:
|
||||
- a [Postgres](postgres.md) database
|
||||
- a [Traefik](traefik.md) reverse-proxy server
|
||||
|
||||
|
||||
## Configuration
|
||||
|
||||
To enable this service, add the following configuration to your `vars.yml` file and re-run the [installation](../installing.md) process:
|
||||
|
||||
```yaml
|
||||
########################################################################
|
||||
# #
|
||||
# tandoor #
|
||||
# #
|
||||
########################################################################
|
||||
|
||||
tandoor_enabled: true
|
||||
|
||||
tandoor_hostname: tandoor.example.com
|
||||
|
||||
# path prefix is not supported at the moment
|
||||
#tandoor_path_prefix: /tandoor
|
||||
|
||||
########################################################################
|
||||
# #
|
||||
# /tandoor #
|
||||
# #
|
||||
########################################################################
|
||||
```
|
||||
|
||||
### URL
|
||||
|
||||
In the example configuration above, we configure the service to be hosted at `https://tandoor.example.com/`.
|
||||
|
||||
### Authentication
|
||||
|
||||
On first use (see [Usage](#usage) below), you'll be asked to create the first administrator user.
|
||||
|
||||
You can create additional users from the web UI after that.
|
||||
|
||||
|
||||
## Usage
|
||||
|
||||
After installation, you can go to the Tandoor URL, as defined in `tandoor_hostname` and `tandoor_path_prefix`.
|
||||
|
||||
As mentioned in [Authentication](#authentication) above, you'll be asked to create the first administrator user the first time you open the web UI.
|
|
@ -70,6 +70,7 @@
|
|||
| [Ansible Semaphore](https://www.ansible-semaphore.com/) | A responsive web UI for running Ansible playbooks | [Link](services/semaphore.md) |
|
||||
| [Soft Serve](https://github.com/charmbracelet/soft-serve) | A tasty, self-hostable [Git](https://git-scm.com/) server for the command line | [Link](services/soft-serve.md) |
|
||||
| [Syncthing](https://syncthing.net/) | A continuous file synchronization program which synchronizes files between two or more computers in real time | [Link](services/syncthing.md) |
|
||||
| [Tandoor](https://docs.tandoor.dev/) | The recipe manager that allows you to manage your ever growing collection of digital recipes.| [Link](services/tandoor.md)
|
||||
| [Telegraf](https://www.influxdata.com/time-series-platform/telegraf/) | An open source server agent to help you collect metrics from your stacks, sensors, and systems. | [Link](services/telegraf.md) |
|
||||
| [Traefik](https://doc.traefik.io/traefik/) | A container-aware reverse-proxy server | [Link](services/traefik.md) |
|
||||
| [Vaultwarden](https://github.com/dani-garcia/vaultwarden) | A lightweight unofficial and compatible implementation of the [Bitwarden](https://bitwarden.com/) password manager | [Link](services/vaultwarden.md) |
|
||||
|
|
|
@ -537,6 +537,13 @@ mash_playbook_devture_systemd_service_manager_services_list_auto_itemized:
|
|||
{{ ({'name': (syncthing_identifier + '.service'), 'priority': 2000, 'groups': ['mash', 'syncthing']} if syncthing_enabled else omit) }}
|
||||
# /role-specific:syncthing
|
||||
|
||||
# role-specific:tandoor
|
||||
- |-
|
||||
{{ ({'name': (tandoor_api_identifier + '.service'), 'priority': 2000, 'groups': ['mash', 'tandoor']} if tandoor_enabled else omit) }}
|
||||
- |-
|
||||
{{ ({'name': (tandoor_frontend_identifier + '.service'), 'priority': 2000, 'groups': ['mash', 'tandoor']} if tandoor_enabled else omit) }}
|
||||
# /role-specific:tandoor
|
||||
|
||||
# role-specific:telegraf
|
||||
- |-
|
||||
{{ ({'name': (telegraf_identifier + '.service'), 'priority': 2000, 'groups': ['mash', 'telegraf']} if telegraf_enabled else omit) }}
|
||||
|
@ -896,6 +903,17 @@ mash_playbook_devture_postgres_managed_databases_auto_itemized:
|
|||
}}
|
||||
# /role-specific:semaphore
|
||||
|
||||
# role-specific:tandoor
|
||||
- |-
|
||||
{{
|
||||
({
|
||||
'name': tandoor_database_name,
|
||||
'username': tandoor_database_username,
|
||||
'password': tandoor_database_password,
|
||||
} if tandoor_enabled and tandoor_database_hostname == devture_postgres_identifier else omit)
|
||||
}}
|
||||
# /role-specific:tandoor
|
||||
|
||||
devture_postgres_managed_databases_auto: "{{ mash_playbook_devture_postgres_managed_databases_auto_itemized | reject('equalto', omit) }}"
|
||||
|
||||
########################################################################
|
||||
|
@ -2439,6 +2457,16 @@ hubsite_service_syncthing_description: "Sync your files"
|
|||
hubsite_service_syncthing_priority: 1000
|
||||
# /role-specific:syncthing
|
||||
|
||||
# role-specific:tandoor
|
||||
# tandoor
|
||||
hubsite_service_tandoor_enabled: "{{ tandoor_enabled }}"
|
||||
hubsite_service_tandoor_name: tandoor
|
||||
hubsite_service_tandoor_url: "https://{{ tandoor_hostname }}{{ tandoor_path_prefix }}"
|
||||
hubsite_service_tandoor_logo_location: "{{ role_path }}/assets/tandoor.png"
|
||||
hubsite_service_tandoor_description: "The recipe manager that allows you to manage your ever growing collection of digital recipes."
|
||||
hubsite_service_tandoor_priority: 1000
|
||||
# /role-specific:tandoor
|
||||
|
||||
# role-specific:uptime_kuma
|
||||
# Uptime Kuma
|
||||
hubsite_service_uptime_kuma_enabled: "{{ uptime_kuma_enabled }}"
|
||||
|
@ -2784,6 +2812,19 @@ mash_playbook_hubsite_service_list_auto_itemized:
|
|||
}}
|
||||
# /role-specific:syncthing
|
||||
|
||||
# role-specific:tandoor
|
||||
- |-
|
||||
{{
|
||||
({
|
||||
'name': hubsite_service_tandoor_name,
|
||||
'url': hubsite_service_tandoor_url,
|
||||
'logo_location': hubsite_service_tandoor_logo_location,
|
||||
'description': hubsite_service_tandoor_description,
|
||||
'priority': hubsite_service_tandoor_priority,
|
||||
} if hubsite_service_tandoor_enabled else omit)
|
||||
}}
|
||||
# /role-specific:tandoor
|
||||
|
||||
# role-specific:vaultwarden
|
||||
- |-
|
||||
{{
|
||||
|
@ -4490,6 +4531,77 @@ syncthing_container_labels_traefik_tls_certResolver: "{{ devture_traefik_certRes
|
|||
# /role-specific:syncthing
|
||||
|
||||
|
||||
|
||||
|
||||
########################################################################
|
||||
# #
|
||||
# tandoor #
|
||||
# #
|
||||
########################################################################
|
||||
|
||||
tandoor_enabled: false
|
||||
|
||||
tandoor_identifier: "{{ mash_playbook_service_identifier_prefix }}tandoor"
|
||||
|
||||
tandoor_base_path: "{{ mash_playbook_base_path }}/{{ mash_playbook_service_base_directory_name_prefix }}tandoor"
|
||||
|
||||
tandoor_uid: "{{ mash_playbook_uid }}"
|
||||
tandoor_gid: "{{ mash_playbook_gid }}"
|
||||
|
||||
tandoor_systemd_required_services_list_auto: |
|
||||
{{
|
||||
([devture_postgres_identifier ~ '.service'] if devture_postgres_enabled and tandoor_database_hostname == devture_postgres_identifier else [])
|
||||
}}
|
||||
|
||||
tandoor_systemd_wanted_services_list_auto: |
|
||||
{{
|
||||
([(exim_relay_identifier | default('mash-exim-relay')) ~ '.service'] if (exim_relay_enabled | default(false) and tandoor_config_parameter_mail_smtphost == exim_relay_identifier | default('mash-exim-relay')) else [])
|
||||
}}
|
||||
|
||||
tandoor_api_container_additional_networks_auto: |
|
||||
{{
|
||||
(
|
||||
([devture_postgres_container_network] if devture_postgres_enabled and tandoor_database_hostname == devture_postgres_identifier and tandoor_container_network != devture_postgres_container_network else [])
|
||||
+
|
||||
([exim_relay_container_network | default('mash-exim-relay')] if (exim_relay_enabled | default(false) and tandoor_config_parameter_mail_smtphost == exim_relay_identifier | default('mash-exim-relay') and tandoor_container_network != exim_relay_container_network) else [])
|
||||
) | unique
|
||||
}}
|
||||
|
||||
tandoor_frontend_container_additional_networks_auto: |
|
||||
{{
|
||||
([mash_playbook_reverse_proxyable_services_additional_network] if mash_playbook_reverse_proxyable_services_additional_network else [])
|
||||
}}
|
||||
|
||||
tandoor_frontend_container_labels_traefik_enabled: "{{ mash_playbook_traefik_labels_enabled }}"
|
||||
tandoor_frontend_container_labels_traefik_docker_network: "{{ mash_playbook_reverse_proxyable_services_additional_network }}"
|
||||
tandoor_frontend_container_labels_traefik_entrypoints: "{{ devture_traefik_entrypoint_primary }}"
|
||||
tandoor_frontend_container_labels_traefik_tls_certResolver: "{{ devture_traefik_certResolver_primary }}"
|
||||
|
||||
tandoor_database_hostname: "{{ devture_postgres_identifier if devture_postgres_enabled else '' }}"
|
||||
tandoor_database_port: "{{ '5432' if devture_postgres_enabled else '' }}"
|
||||
tandoor_database_username: "tandoor"
|
||||
tandoor_database_password: "{{ '%s' | format(mash_playbook_generic_secret_key) | password_hash('sha512', 'db.tandoor', rounds=655555) | to_uuid }}"
|
||||
|
||||
tandoor_environment_variable_secret: "{{ '%s' | format(mash_playbook_generic_secret_key) | password_hash('sha512', 'secret.tandoor', rounds=655555) | to_uuid }}"
|
||||
|
||||
# role-specific:exim_relay
|
||||
tandoor_config_parameter_mail_smtphost: "{{ exim_relay_identifier if exim_relay_enabled else '' }}"
|
||||
tandoor_config_parameter_mail_smtpport: "{{ 8025 if exim_relay_enabled else '' }}"
|
||||
tandoor_config_parameter_mail_smtpsecure: ''
|
||||
tandoor_config_parameter_mail_smtpauth: false
|
||||
tandoor_config_parameter_mail_from_address: "{{ (exim_relay_sender_address | split('@'))[0] if exim_relay_enabled else '' }}"
|
||||
tandoor_config_parameter_mail_domain: "{{ (exim_relay_sender_address | split('@'))[1] if exim_relay_enabled else '' }}"
|
||||
# /role-specific:exim_relay
|
||||
|
||||
########################################################################
|
||||
# #
|
||||
# /tandoor #
|
||||
# #
|
||||
########################################################################
|
||||
|
||||
|
||||
|
||||
|
||||
# role-specific:telegraf
|
||||
########################################################################
|
||||
# #
|
||||
|
|
|
@ -320,6 +320,10 @@
|
|||
version: v1.0.0-4
|
||||
name: systemd_service_manager
|
||||
activation_prefix: ""
|
||||
- src: git+https://github.com/IUCCA/ansible-role-tandoor.git
|
||||
version: v1.5.14-0
|
||||
name: tandoor
|
||||
activation_prefix: tandoor_
|
||||
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-telegraf.git
|
||||
version: v1.27.1-2
|
||||
name: telegraf
|
||||
|
|
|
@ -338,6 +338,10 @@
|
|||
- role: galaxy/syncthing
|
||||
# /role-specific:syncthing
|
||||
|
||||
# role-specific:tandoor
|
||||
- role: galaxy/tandoor
|
||||
# /role-specific:tandoor
|
||||
|
||||
# role-specific:telegraf
|
||||
- role: galaxy/telegraf
|
||||
# /role-specific:telegraf
|
||||
|
|
Loading…
Reference in a new issue