forked from moritz/alakazam
update README
This commit is contained in:
212
README.md
212
README.md
@ -1,123 +1,88 @@
|
||||
# Alakazam
|
||||
|
||||
Proof-of-concept meta-configuration app-connector abra wrapper.
|
||||
Alakazam is a meta-configuration app-connector and an abra wrapper, designed as a proof-of-concept to simplify the management of environment configuration files across multiple instances.
|
||||
|
||||
## Problem Statement
|
||||
|
||||
- managing a lot of env files can be error prone
|
||||
- copy pasting env files
|
||||
- loosing the overview of configuration differences between instances
|
||||
- env files can be long, how to see what are defaults and what are customizations
|
||||
- updating env files is a manual process of comparing the env files
|
||||
- env files of recipes can change, how to keep up to date with them?
|
||||
- no way to define default configurations that should always be applied
|
||||
- if you have global configs for all your apps you have to copy paste them
|
||||
- connecting two apps requires manual effort of specific env file changes and sharing secrets
|
||||
- i.E. the effort of configuring SSO for multiple apps
|
||||
|
||||
## Alakazam Advantages
|
||||
Managing numerous environment (env) files can be prone to errors such as:
|
||||
|
||||
- Have a global configuration that applies on every instance:
|
||||
- avoid copy pasta errors
|
||||
- avoid forgetting important configurations
|
||||
- Reduce manual configuration overhead for connecting multiple apps
|
||||
- exchange domains
|
||||
- share secrets
|
||||
- set specific env vars
|
||||
- Have a minimal configuration file for each instance
|
||||
- it should only contain parameters that differ from the defaults and the global configuration
|
||||
- Set a global subdomain convention
|
||||
- each app will always have the same subdomain
|
||||
- Set up an instance with multiple connected apps in one run
|
||||
- Automatic updates of the env configurations
|
||||
- avoid manual env configuration at all
|
||||
- Automatic mass updates
|
||||
- Specify the versions for all your apps
|
||||
- Hierarchical configuration structure with inheritance
|
||||
- don't lose track of large scales of configurations
|
||||
- Frequent copy-pasting mistakes.
|
||||
- Difficulty maintaining an overview of configuration differences across instances.
|
||||
- Laborious manual processes required for updating env files, particularly when underlying recipe env configurations change.
|
||||
- Challenges in defining default configurations that should consistently apply across all apps and all instances.
|
||||
- Manual effort required for app integration (e.g., SSO), including configuring environment files and exchanging secrets.
|
||||
|
||||
## Advantages of Alakazam
|
||||
|
||||
- **Global Configuration**: Prevents errors related to manual copying and pasting and ensures no critical configurations are overlooked.
|
||||
- **Reduced Manual Configuration**: Facilitates the connection between multiple applications (i.E. SSO) through domain exchanges, secret sharing, and specific environmental variables.
|
||||
- **Minimal Configuration Files**: Each instance configuration only contains parameters that deviate from the defaults or global configurations, simplifying management.
|
||||
- **Standardized Subdomain Conventions**: Ensures consistent subdomain use across apps.
|
||||
- **Simplified Setup**: Allows for the setup of an instance with multiple connected apps in one run.
|
||||
- **Automatic Env Configuration Updates**: Eliminates manual env configuration.
|
||||
- **Automatic Batch Updates**: update all apps of a group of instances at once.
|
||||
- **Hierarchical Configuration Structure**: Supports configuration inheritance for ease of managing large-scale configurations.
|
||||
|
||||
## How does it work
|
||||
|
||||
`alakazam` is a wrapper around `abra` with the purpose of automating the whole deployment process of multiple apps. It takes `yaml` configuration files and generates the .env files used by `abra`. Based on the `yaml` configuration it's also able to generate, insert and exchange secretes between apps. It can deploy/update multiple apps at once and run post deploy hooks on all these apps. All configurations are structured hierarchically in `yaml` files, that can inherit properties from the layers above.
|
||||
`alakazam` serves as a wrapper for `abra`, automating the deployment process for multiple apps.
|
||||
It utilizes YAML configuration files to generate the necessary .env files and manage secret exchanges between applications.
|
||||
It supports the deployment or updating of multiple apps simultaneously and can execute post-deploy hooks.
|
||||
All configurations are hierarchically structured in YAML files, which can inherit properties from the layers above.
|
||||
|
||||
## Configuration
|
||||
|
||||
### Concept
|
||||
|
||||
Each configuration can be templated with jinja2 and global variables.
|
||||
There are the following three general types of configuration files:
|
||||
Configuration files support templating with Jinja2 and global variables, facilitating dynamic adjustments. The primary types of configuration files include:
|
||||
|
||||
1. `alaka.yml`
|
||||
- It contains global configurations for a specific hierarchical layer
|
||||
- all the apps under this layer will inherit the properties defined here.
|
||||
- i.e. smtp config, language, app versions
|
||||
- It can contain specify the subdomains for specific recipes
|
||||
- i.e. `cloud.example.com` for each nextcloud app
|
||||
- This configuration is for the operator to avoid copy pasta errors, reduce manual and duplicate configurations and keep the same naming convention
|
||||
2. `./example.com.yml` (`<your-domain>.yml`)
|
||||
- a minimalist configuration per instance
|
||||
- an **instance** means a collection of apps that are integrated with each other
|
||||
- one server / vm can contain multiple instances
|
||||
- contains at least:
|
||||
- the apps to be installed
|
||||
- the filename contains the *instance domain*, which is used to create all the app subdomains
|
||||
- if the server is not extra specified it is also used as server on which the apps should be deployed (see [Templating Configurations](#templating-configurations) )
|
||||
- can optionally contain instance specific configurations for each app, overwriting the inherited `alaka.yml` configurations
|
||||
3. `combine.yml`
|
||||
- contains the configuration steps that are required to combine apps with each other
|
||||
- This configuration should not be touched by the operator
|
||||
- at the moment it's part of the `alakazam` repository
|
||||
- In future it should be split into the recipes repositories and maintained by the recipe maintainer
|
||||
1. **`alaka.yml`**: Contains global configurations for a hierarchical layer, affecting all subordinate apps.
|
||||
2. **`example.com.yml`** (`<your-domain>.yml`): A minimalist configuration for each instance, specifying the apps to be installed, the instance domain and optionally instance specific configurations.
|
||||
- an **instance** means a collection of apps that are integrated with each other (one server / vm can contain multiple instances)
|
||||
3. **`combine.yml`**: Manages configurations required to integrate multiple apps with each other.
|
||||
- This configuration should not be touched by the operator.
|
||||
- At the moment it's part of the `alakazam` repository.
|
||||
- In future it should be split into the recipes repositories and maintained by the recipe maintainer.
|
||||
|
||||
### App Configuration
|
||||
|
||||
`alaka.yml`, `example.com.yml` and `combine.yml` contain a similar structure to configure the individual apps.
|
||||
For each app the following `<app_configurations>` steps can be used:
|
||||
`alaka.yml`, `example.com.yml` and `combine.yml` contain a similar configuration structure.
|
||||
For each app/recipe the following `<app_configurations>` can be used:
|
||||
|
||||
- `uncomment:`
|
||||
- uncomment each matching line (i.E. `compose.smtp.yml`)
|
||||
- **`uncomment`/`comment`**: Manages the active status of lines in configuration files, such as uncommenting needed variables .
|
||||
- it matches against parts of the line (i.E. `compose.smtp.yml`)
|
||||
- this is useful for env variables that are used multiple times like `COMPOSE_FILE`
|
||||
- `comment:`
|
||||
- the opposite of `uncomment`, comment unwanted env variables
|
||||
- `env:`
|
||||
- set the value for env variables (implicit uncommenting variables)
|
||||
- `execute:`
|
||||
- `abra.sh` commands that should be executed after deployment
|
||||
- `secrets:`
|
||||
- insert a specific value into a secret
|
||||
- for secrets that can not be generated, i.e. smtp passwords
|
||||
- TODO: use secrets from encrypted files to avoid plain text secrets
|
||||
- `subdomain`:
|
||||
- contains the subdomain that should be used for a specific app
|
||||
- **`env`**: Sets values for environment variables.
|
||||
- **`execute`**: Specifies `abra.sh` commands to run post-deployment.
|
||||
- **`secrets`**: Inserts specific values (i.E. smtp passwords) into secrets; future updates will support encrypted file usage.
|
||||
- **`subdomain`**: Specifies the subdomain scheme for individual recipes and apps. (not available in `combine.yml`)
|
||||
- i.e. `cloud.example.com` for nextcloud
|
||||
- (not available in `combine.yml`)
|
||||
- `version`
|
||||
- contains the recipe version, that should be deployed
|
||||
- if not specified, the newest version will be used
|
||||
- (not available in `combine.yml`)
|
||||
- **`version`**: Controls the recipe version to deploy; if unspecified, the latest version is used. (not available in `combine.yml`)
|
||||
|
||||
The `combine.yml` configuration additionally contains
|
||||
The `combine.yml` configuration additionally contains:
|
||||
|
||||
- `shared_secrets:`
|
||||
- **`shared_secrets`**: Specifies secret sharing between apps.
|
||||
- `<source_secret_name>:<target_secret_name>`
|
||||
- a mapping to define which secrets should be shared between two apps
|
||||
|
||||
### Configuration Structure
|
||||
|
||||
1. `alaka.yml` and `example.com.yml`
|
||||
- the `<app_recipe>` entries in `alaka.yml` define global app configurations that should be inherited by all underlaying configurations
|
||||
- in `example.com.yml` the entries `<app_recipe>` define which apps should be installed
|
||||
- the `<app_configuration>` is configured according to [App Configuration](#app-configuration) above
|
||||
Configuration can be simplified into a single `example.com.yml` or expanded into multiple layered `alaka.yml` files for complex deployments. This allows for easy maintenance of multiple instances or groups.
|
||||
These configurations are designed to modularize and simplify the management of app settings and integrations, making it easier to maintain and scale your deployments.
|
||||
|
||||
**1. `alaka.yml` and `example.com.yml`**
|
||||
- **`alaka.yml`**: Contains global app configurations (`<app_recipe>`) which are inherited by all configurations within its hierarchical layer. This ensures consistent settings across multiple applications.
|
||||
- **`example.com.yml`**: Specifies which apps should be deployed (`<app_recipe>` entries), focusing on the individual needs of each instance.
|
||||
- Configurations within these files are structured as follows, with specific `<app_configuration>` settings detailed in the [App Configuration](#app-configuration) section:
|
||||
|
||||
```
|
||||
<app_recipe>:
|
||||
<app_configurations>
|
||||
```
|
||||
|
||||
|
||||
3. `combine.yml`
|
||||
- it contains the `<target_app_configurations>` that should be applied to the target app if both the `<target_app_recipe>` and the `<source_app_recipe>` is part of the same instance (`example.com.yml`)
|
||||
- the `<target_app_configurations>` is configured according to [App Configuration](#app-configuration) above
|
||||
**3. `combine.yml`**
|
||||
- This file orchestrates the integration between multiple apps within the same instance (`example.com.yml`), applying `<target_app_configurations>` to ensure seamless functionality between connected applications.
|
||||
- The configuration for each app combination is structured as follows, again `<target_app_configurations>` is following the guidelines set in the [App Configuration](#app-configuration) section:
|
||||
|
||||
```
|
||||
<target_app_recipe>:
|
||||
@ -125,9 +90,10 @@ The `combine.yml` configuration additionally contains
|
||||
<target_app_configurations>
|
||||
```
|
||||
|
||||
|
||||
### Templating Configurations
|
||||
|
||||
Each configuration file can have a `GLOBALS` section, that cat be used to template the configuration with global variables.
|
||||
Each configuration file can include a `GLOBALS` section that allows for templating with global variables, making it easier to manage repetitive values across different configurations. Here is how you can define and use these global variables:
|
||||
|
||||
```
|
||||
GLOBALS:
|
||||
@ -142,14 +108,18 @@ nextcloud:
|
||||
MAIL_FROM_ADDRESS: "{{smtp_user}}"
|
||||
```
|
||||
|
||||
The `server` variable is used to specify on which server the instance should be deployed. If it's not specified the instance domain from the filename `example.com.yml` is taken.
|
||||
- **`server`**: Specifies the server where the instance will be deployed. If not provided, the instance domain is automatically taken from the `example.com.yml` file name.
|
||||
|
||||
## Inheriting Configuration Structure
|
||||
|
||||
In the simplest case it's possible to have only one `example.com.yml` and place all the necessary configuration in there. If you want to maintain multiple similar instances you can merge the common app configurations inside a global `alaka.yml`. If the deployment gets more complex it is possible to group instances inside folder and have an `alaka.yml` for each group.
|
||||
For even more complexity each group can inherit the app configurations from the upper groups.
|
||||
Alakazam supports a flexible inheritance model for configuration management, allowing for both simplicity and complexity depending on your deployment needs:
|
||||
|
||||
The following example shows how this configuration structure can be used to deploy complex systems:
|
||||
- **Simple Configuration**: For straightforward setups, you can manage everything within a single `example.com.yml` file, placing all necessary configurations directly in this document.
|
||||
- **Multiple Similar Instances**: To manage multiple similar instances efficiently, common application configurations can be centralized in a global `alaka.yml`. This method reduces duplication by allowing shared settings across multiple instances.
|
||||
- **Grouped Instances**: For more complex setups, instances can be organized into folders, each with its own `alaka.yml`. This structure allows for group-specific configurations, making it easier to manage settings at different levels of your infrastructure hierarchy.
|
||||
- **Inherited Configurations**: In even more complex scenarios, each group can inherit configurations from the levels above it. This cascading setup ensures that changes at a higher level can be automatically applied to all subordinate groups and instances, maintaining consistency and ease of updates across your entire environment.
|
||||
|
||||
This hierarchical approach to configuration is designed to scale with your system’s complexity and can be visualized through the following example diagram:
|
||||
|
||||
[File Structure](./config_file_structure.png)
|
||||
|
||||
@ -160,14 +130,19 @@ The following example shows how this configuration structure can be used to depl
|
||||
|
||||
### Install alakazam
|
||||
|
||||
TODO
|
||||
To install Alakazam, follow these steps to clone the repository and set up the executable:
|
||||
|
||||
```bash
|
||||
git clone https://git.coopcloud.tech/moritz/alakazam.git
|
||||
cd alakazam
|
||||
ln -s $PWD/alakazam.sh ~/.local/bin/alakazam
|
||||
# Ensure `~/.local/bin` is in your `$PATH`
|
||||
```
|
||||
|
||||
## Create a new instance:
|
||||
|
||||
|
||||
|
||||
1. The `example.com.yml` is created by the operator to define the domain and required apps
|
||||
- a simple example could look like this:
|
||||
To set up a new instance with Alakazam, begin by specifying the required applications in `example.com.yml`. The name of this file determines the domain for the instance.
|
||||
Here's an example configuration:
|
||||
|
||||
```
|
||||
traefik:
|
||||
@ -182,43 +157,20 @@ element-web:
|
||||
rallly:
|
||||
```
|
||||
|
||||
2. `./alakazam.py -p example.com.yml config`
|
||||
for each app the env files are generated:
|
||||
Ensure that DNS records are set up for all your applications. The simplest approach is to create a `CNAME` record for the wildcard domain `*.example.com` to cover all subdomains used by the apps.
|
||||
|
||||
- The app configurations from `combine.yml` are taken if the source app and the target app are part of the instace
|
||||
- the app configuration of all the upper `alaka.yml` files are merged
|
||||
- the inherited configuration is overwritten by the instance configuration `example.com.yml` and applied to the env file
|
||||
2. `./alakazam.py -p example.com.yml secrets`
|
||||
for each app the secrets are inserted:
|
||||
For a more comprehensive configuration, refer to the example in [./examples/alaka.yml](./examples/alaka.yml), which can also serve as a template for single-instance configurations (`example.com.yml`).
|
||||
|
||||
4. for each app the `combine.yml` configs are applied on the env files and secrets are inserted
|
||||
- the shared_secrets are generated
|
||||
- `<source_app_recipe>.example.com` is replaced in the `<target_app_recipe>` env file according to `subdomain` configuration
|
||||
5. all the remaining secrets are generated
|
||||
4. `./alakazam.py deploy-apps`
|
||||
- each app is deployed
|
||||
- the `execute` commands from `defaults.yml`, `configs.yml` and `combine.yml` are executed
|
||||
Steps to initialize the instance:
|
||||
|
||||
Step 3. (`./alakazam.py setup-apps`) should be executed every time the config is changed or the recipe env file is updated. It regenerates the env files and creates all the necessary secrets.
|
||||
The env files itself shouldn't be edited manually anymore.
|
||||
1. **Generate .env Files**: `./alakazam -p example.com.yml config`
|
||||
2. **Insert Secrets**: `./alakazam -p example.com.yml secrets`
|
||||
3. **Deploy Applications**: `./alakazam -p example.com.yml deploy -r`
|
||||
- the `-r` flag executes post-deployment hooks after each deployment
|
||||
|
||||
## Conceptual Questions
|
||||
### Updating All Instances
|
||||
|
||||
- Possible abra integration
|
||||
- An independent wrapper for abra, that uses abras `--machine` output
|
||||
- A go binary that is build on top of the abra library
|
||||
- An abra command like `abra compose`
|
||||
To update all instances:
|
||||
|
||||
- Put `config.yml` into `~/.abra/servers/<server>/` or let the user decide?
|
||||
|
||||
- Should we move completely away from .env files?
|
||||
- This would skip the translation step into env files
|
||||
- It reduces the complexity!
|
||||
- Recipes couldn't be run with `docker compose` only anymore
|
||||
- Is this still possible?
|
||||
|
||||
- Where should the `combine.yml` be maintained?
|
||||
- Separated config for each recipe?
|
||||
- better configuration versioning for different recipe versions
|
||||
- harder to maintain the recipes: requires knowledge about the connectable apps
|
||||
- Global config?
|
||||
1. **Update Environment Files**: `alakazam -p example.com.yml config` to refresh .env files. It's a good practice to keep these files under version control (e.g., in a Git repository at `~/.abra/example.com`) and review changes with `git diff` before proceeding.
|
||||
2. **Upgrade Applications**: `./alakazam -p example.com.yml upgrade` to update all applications.
|
||||
|
||||
197
examples/alaka.yml
Normal file
197
examples/alaka.yml
Normal file
@ -0,0 +1,197 @@
|
||||
GLOBALS:
|
||||
smtp_password: your_super_secret_password
|
||||
smtp_password_urlencoded: your_super_secret_password
|
||||
bbb_secret: your_super_secret_password
|
||||
turn_secret: your_super_secret_password
|
||||
basic_auth_password: your_super_secret_password
|
||||
loki_url: https://loki.monitoring.example.com/loki/api/v1/push
|
||||
basic_auth_hash: your_super_secret_password
|
||||
smtp_user: noreply
|
||||
smtp_domain: example.com
|
||||
smtp_host: mail.example.com
|
||||
authentik:
|
||||
subdomain: login.example.com
|
||||
env:
|
||||
EXTRA_DOMAINS: ', `example.com`'
|
||||
AUTHENTIK_EMAIL__HOST: "{{smtp_host}}"
|
||||
AUTHENTIK_EMAIL__USERNAME: "{{smtp_user}}@{{smtp_domain}}"
|
||||
AUTHENTIK_EMAIL__FROM: "{{smtp_user}}@{{smtp_domain}}"
|
||||
DEFAULT_LANGUAGE: de
|
||||
APPLICATIONS: '{"Calendar": "https://nextcloud.example.com/apps/calendar/", "BBB": "https://nextcloud.example.com/apps/bbb"}'
|
||||
uncomment:
|
||||
- calendar.svg
|
||||
- bbb.jpg
|
||||
execute:
|
||||
- worker set_admin_pass
|
||||
- worker apply_blueprints
|
||||
- worker add_applications
|
||||
- local set_icons
|
||||
secrets:
|
||||
email_pass: "{{smtp_password}}"
|
||||
nextcloud:
|
||||
subdomain: files.example.com
|
||||
env:
|
||||
SMTP_AUTHTYPE: LOGIN
|
||||
SMTP_HOST: "{{smtp_host}}"
|
||||
SMTP_SECURE: tls
|
||||
SMTP_NAME: "{{smtp_user}}@{{smtp_domain}}"
|
||||
SMTP_PORT: 587
|
||||
DEFAULT_QUOTA: "100 MB"
|
||||
MAIL_FROM_ADDRESS: "{{smtp_user}}"
|
||||
MAIL_DOMAIN: "{{smtp_domain}}"
|
||||
APPS: "calendar"
|
||||
BBB_URL: "https://talk.example.com/bigbluebutton/"
|
||||
uncomment:
|
||||
- compose.smtp.yml
|
||||
- SECRET_SMTP_PASSWORD_VERSION
|
||||
- compose.apps.yml
|
||||
- SECRET_BBB_SECRET_VERSION
|
||||
secrets:
|
||||
bbb_secret: "{{bbb_secret}}"
|
||||
smtp_password: "{{smtp_password}}"
|
||||
execute:
|
||||
- app install_bbb
|
||||
- app set_default_quota
|
||||
- app install_apps
|
||||
- app run_occ 'app:disable dashboard'
|
||||
wordpress:
|
||||
subdomain: blog.example.com
|
||||
env:
|
||||
LOCALE: 'de_DE'
|
||||
DEFAULT_USER_ROLE: administrator
|
||||
SMTP_HOST: "{{smtp_host}}"
|
||||
MAIL_FROM: "{{smtp_user}}@{{smtp_domain}}"
|
||||
SMTP_USER: "{{smtp_user}}@{{smtp_domain}}"
|
||||
ADMIN_EMAIL: "{{smtp_user}}@{{smtp_domain}}"
|
||||
uncomment:
|
||||
- SMTP_PORT
|
||||
- SMTP_AUTH
|
||||
- SMTP_OVERRIDE_FROM
|
||||
- SMTP_TLS
|
||||
- SECRET_SMTP_PASSWORD_VERSION
|
||||
- compose.smtp.yml
|
||||
- compose.mailrelay.yml
|
||||
- EXTRA_DOMAINS
|
||||
secrets:
|
||||
smtp_password: "{{smtp_password}}"
|
||||
execute:
|
||||
- app core_install
|
||||
vikunja:
|
||||
subdomain: todo.example.com
|
||||
env:
|
||||
SMTP_HOST: "{{smtp_host}}"
|
||||
SMTP_AUTHTYPE: login
|
||||
SMTP_USER: "{{smtp_user}}"
|
||||
SMTP_FROM_EMAIL: "{{smtp_user}}@{{smtp_domain}}"
|
||||
uncomment:
|
||||
- compose.smtp.yml
|
||||
- SMTP_ENABLED
|
||||
- SECRET_SMTP_PASSWORD_VERSION
|
||||
secrets:
|
||||
smtp_password: "{{smtp_password}}"
|
||||
matrix-synapse:
|
||||
subdomain: matrix.example.com
|
||||
env:
|
||||
ADMIN_EMAIL: "{{smtp_user}}@{{smtp_domain}}"
|
||||
SMTP_APP_NAME: mail
|
||||
SMTP_FROM: "{{smtp_user}}@{{smtp_domain}}"
|
||||
SMTP_HOST: "{{smtp_host}}"
|
||||
SMTP_PORT: 587
|
||||
SMTP_USER: "{{smtp_user}}@{{smtp_domain}}"
|
||||
ENCRYPTED_BY_DEFAULT: off
|
||||
TURN_URIS: '["turns:talk.example.com:5349?transport=tcp"]'
|
||||
RETENTION_MAX_LIFETIME: 2y
|
||||
ALLOWED_LIFETIME_MAX: 2y
|
||||
uncomment:
|
||||
- POST_DEPLOY_CMDS
|
||||
- compose.smtp.yml
|
||||
- SMTP_ENABLED
|
||||
- SECRET_SMTP_PASSWORD_VERSION
|
||||
- compose.turn.yml
|
||||
- TURN_ENABLED
|
||||
- TURN_ALLOW_GUESTS
|
||||
- SECRET_TURN_SHARED_SECRET_VERSION
|
||||
secrets:
|
||||
smtp_password: "{{smtp_password}}"
|
||||
turn_shared_secret: "{{turn_secret}}"
|
||||
element-web:
|
||||
subdomain: chat.example.com
|
||||
wekan:
|
||||
subdomain: board.example.com
|
||||
env:
|
||||
MAIL_URL: "smtp://{{smtp_user}}%40{{smtp_domain}}:{{smtp_password_urlencoded}}@{{smtp_host}}:587"
|
||||
MAIL_FROM: "Wekan Notifications <{{smtp_user}}@{{smtp_domain}}>"
|
||||
uncomment:
|
||||
- PASSWORD_LOGIN_ENABLED
|
||||
backup-bot-two:
|
||||
subdomain: backup.example.com
|
||||
uncomment:
|
||||
- SECRET_AWS_SECRET_ACCESS_KEY_VERSION
|
||||
- compose.s3.yml
|
||||
onlyoffice:
|
||||
subdomain: office.example.com
|
||||
env:
|
||||
AUTO_ASSEMBLY_ENABLED: "true"
|
||||
outline:
|
||||
subdomain: outline.example.com
|
||||
env:
|
||||
DEFAULT_LANGUAGE: de_DE
|
||||
SMTP_HOST: "{{smtp_host}}"
|
||||
SMTP_PORT: 465
|
||||
SMTP_USERNAME: "{{smtp_user}}@{{smtp_domain}}"
|
||||
SMTP_FROM_EMAIL: "{{smtp_user}}@{{smtp_domain}}"
|
||||
uncomment:
|
||||
- compose.smtp.yml
|
||||
- SMTP_ENABLED
|
||||
- SMTP_SECURE
|
||||
- SECRET_SMTP_PASSWORD_VERSION
|
||||
secrets:
|
||||
smtp_password: "{{smtp_password}}"
|
||||
rallly:
|
||||
subdomain: poll.example.com
|
||||
env:
|
||||
SUPPORT_EMAIL: "{{smtp_user}}@{{smtp_domain}}"
|
||||
SMTP_HOST: "{{smtp_host}}"
|
||||
SMTP_USER: "{{smtp_user}}@{{smtp_domain}}"
|
||||
secrets:
|
||||
smtp_pwd: "{{smtp_password}}"
|
||||
hedgedoc:
|
||||
subdomain: pad.example.com
|
||||
env:
|
||||
CMD_ALLOW_ANONYMOUS: true
|
||||
CMD_ALLOW_ANONYMOUS_EDITS: true
|
||||
CMD_ALLOW_FREEURL: true
|
||||
CMD_COOKIE_POLICY: none
|
||||
pretix:
|
||||
subdomain: tickets.example.com
|
||||
env:
|
||||
SMTP_FROM: "{{smtp_user}}@{{smtp_domain}}"
|
||||
SMTP_HOST: "{{smtp_host}}"
|
||||
SMTP_USER: "{{smtp_user}}@{{smtp_domain}}"
|
||||
SMTP_PORT: 587
|
||||
SMTP_TLS: on
|
||||
SMTP_SSL: off
|
||||
secrets:
|
||||
smtp_password: "{{smtp_password}}"
|
||||
traefik:
|
||||
env:
|
||||
DASHBOARD_ENABLED: false
|
||||
LETS_ENCRYPT_EMAIL: "{{smtp_user}}@{{smtp_domain}}"
|
||||
METRICS_ENABLED: 1
|
||||
BASIC_AUTH: 1
|
||||
secrets:
|
||||
usersfile: "{{basic_auth_hash}}"
|
||||
uncomment:
|
||||
- compose.host.yml
|
||||
- compose.metrics.yml
|
||||
- compose.basicauth.yml
|
||||
- SECRET_USERSFILE_VERSION
|
||||
monitoring-ng:
|
||||
subdomain: monitoring.example.com
|
||||
env:
|
||||
LOKI_PUSH_URL: "{{loki_url}}"
|
||||
uncomment:
|
||||
- compose.promtail.yml
|
||||
- SECRET_BASIC_AUTH_VERSION
|
||||
secrets:
|
||||
basic_auth: "{{basic_auth_password}}"
|
||||
@ -1,18 +0,0 @@
|
||||
domain: example-domain.com
|
||||
server: example-server.com
|
||||
apps:
|
||||
authentik:
|
||||
env:
|
||||
WELCOME_MESSAGE: "Welcome to CoopCloud"
|
||||
wekan:
|
||||
nextcloud:
|
||||
onlyoffice:
|
||||
wordpress:
|
||||
subdomain: "blog.special-domain.com"
|
||||
vikunja:
|
||||
subdomain: "todo.example.com"
|
||||
matrix-synapse:
|
||||
element-web:
|
||||
env:
|
||||
SERVER_NAME: testmatrix
|
||||
BRAND: testmatrix
|
||||
@ -1,99 +0,0 @@
|
||||
GLOBALS:
|
||||
smtp_password: top-secret
|
||||
smtp_user: noreply
|
||||
smtp_domain: example.com
|
||||
smtp_host: mail.example.com
|
||||
authentik:
|
||||
subdomain: example.com
|
||||
env:
|
||||
AUTHENTIK_EMAIL__HOST: "{{smtp_host}}"
|
||||
AUTHENTIK_EMAIL__USERNAME: "{{smtp_user}}@{{smtp_domain}}"
|
||||
AUTHENTIK_EMAIL__FROM: "{{smtp_user}}@{{smtp_domain}}"
|
||||
DEFAULT_LANGUAGE: de
|
||||
execute:
|
||||
- worker set_admin_pass
|
||||
- worker apply_blueprints
|
||||
- worker apply_blueprints
|
||||
- worker add_applications # Todo: fix this command
|
||||
- local set_icons
|
||||
secrets:
|
||||
email_pass: "{{smtp_password}}"
|
||||
nextcloud:
|
||||
subdomain: cloud.example.com
|
||||
env:
|
||||
SMTP_AUTHTYPE: LOGIN
|
||||
SMTP_HOST: "{{smtp_host}}"
|
||||
SMTP_SECURE: tls
|
||||
SMTP_NAME: "{{smtp_user}}@{{smtp_domain}}"
|
||||
SMTP_PORT: 587
|
||||
MAIL_FROM_ADDRESS: "{{smtp_user}}"
|
||||
MAIL_DOMAIN: "{{smtp_domain}}"
|
||||
APPS: "calendar"
|
||||
BBB_URL: "https://talk.example.com/bigbluebutton/"
|
||||
uncomment:
|
||||
- compose.smtp.yml
|
||||
- SECRET_SMTP_PASSWORD_VERSION
|
||||
- compose.apps.yml
|
||||
- SECRET_BBB_SECRET_VERSION
|
||||
secrets:
|
||||
smtp_password: "{{smtp_password}}"
|
||||
execute:
|
||||
- app install_bbb
|
||||
- app set_default_quota
|
||||
- app install_apps
|
||||
# - app run_occ 'app:disable dashboard' # Todo: fix this command
|
||||
wordpress:
|
||||
env:
|
||||
LOCALE: 'de_DE'
|
||||
DEFAULT_USER_ROLE: administrator
|
||||
SMTP_HOST: "{{smtp_host}}"
|
||||
MAIL_FROM: "{{smtp_user}}@{{smtp_domain}}"
|
||||
uncomment:
|
||||
- SMTP_PORT
|
||||
- SMTP_AUTH
|
||||
- SMTP_TLS
|
||||
- SECRET_SMTP_PASSWORD_VERSION
|
||||
secrets:
|
||||
smtp_password: "{{smtp_password}}"
|
||||
execute:
|
||||
- app core_install
|
||||
vikunja:
|
||||
env:
|
||||
SMTP_HOST: "{{smtp_host}}"
|
||||
SMTP_AUTHTYPE: login
|
||||
SMTP_USER: "{{smtp_user}}"
|
||||
SMTP_FROM_EMAIL: "{{smtp_user}}@{{smtp_domain}}"
|
||||
uncomment:
|
||||
- compose.smtp.yml
|
||||
- SMTP_ENABLED
|
||||
- SECRET_SMTP_PASSWORD_VERSION
|
||||
secrets:
|
||||
smtp_password: "{{smtp_password}}"
|
||||
matrix-synapse:
|
||||
subdomain: matrix.example.com
|
||||
env:
|
||||
SMTP_APP_NAME: mail
|
||||
SMTP_FROM: "{{smtp_user}}@{{smtp_domain}}"
|
||||
SMTP_HOST: "{{smtp_host}}"
|
||||
SMTP_PORT: 587
|
||||
SMTP_USER: "{{smtp_user}}@{{smtp_domain}}"
|
||||
ENCRYPTED_BY_DEFAULT: "off"
|
||||
uncomment:
|
||||
- POST_DEPLOY_CMDS
|
||||
- compose.smtp.yml
|
||||
- SMTP_ENABLED
|
||||
- SECRET_SMTP_PASSWORD_VERSION
|
||||
secrets:
|
||||
smtp_password: "{{smtp_password}}"
|
||||
element-web:
|
||||
subdomain: chat.example.com
|
||||
wekan:
|
||||
subdomain: board.example.com
|
||||
env:
|
||||
# TODO fix format for smtp_password
|
||||
MAIL_URL: "smtp://{{smtp_user}}%40{{smtp_domain}}%3A{{smtp_password}}@{{smtp_host}}:587/"
|
||||
MAIL_FROM: "Wekan Notifications <{{smtp_user}}@{{smtp_domain}}>"
|
||||
uncomment:
|
||||
- PASSWORD_LOGIN_ENABLED
|
||||
backup-bot-two:
|
||||
subdomain: backup.example.com
|
||||
15
examples/example.com.yml
Normal file
15
examples/example.com.yml
Normal file
@ -0,0 +1,15 @@
|
||||
traefik:
|
||||
backup-bot-two:
|
||||
monitoring-ng:
|
||||
authentik:
|
||||
nextcloud:
|
||||
onlyoffice:
|
||||
wordpress:
|
||||
vikunja:
|
||||
wekan:
|
||||
matrix-synapse:
|
||||
element-web:
|
||||
rallly:
|
||||
outline:
|
||||
hedgedoc:
|
||||
pretix:
|
||||
Reference in New Issue
Block a user