From b89c369824468118c7897b62cfba20351531643b Mon Sep 17 00:00:00 2001 From: Laur Ivan Date: Thu, 8 Dec 2022 01:51:55 +0100 Subject: [PATCH] fix(config): Update defaults and missing variables --- README.md | 188 ++++++++++---------------------- TODO.md | 4 +- defaults/main.yml | 19 +++- meta/main.yml | 11 +- tasks/main.yml | 22 ++-- templates/docker-compose.yml.j2 | 7 +- templates/env.db.conf.j2 | 1 + templates/env.oidc.conf.j2 | 2 +- templates/env.outline.conf.j2 | 29 +++-- templates/env.redis.conf.j2 | 1 + templates/env.s3.conf.j2 | 1 + 11 files changed, 114 insertions(+), 171 deletions(-) diff --git a/README.md b/README.md index 1ccd631..1556583 100644 --- a/README.md +++ b/README.md @@ -10,151 +10,75 @@ None All variables are listed below (see also `defaults/main.yml`). -### Common variables - -You need to specify: - -- The `timezone` -- The location where torrents will be downloaded -- The location where different configuration files are stored -- The place where `docker-compose.yml` and the environment files are stored - ```yml -timezone: 'Europe/Brussels' -torrent_downloads_volume: '/mnt/download' -outline_configuration_volume: '/mnt/config' +# defaults file for outline + +outline_secret_key: 'changeme' +outline_utils_secret: 'changeme' + + outline_setup_path: '~/outline' -``` +outline_deployment: '' -If you need to install the containers with a specific user/group ID, then define: +outline_port: 3000 +outline_url: "http://localhost:{{ outline_port }}" +outline_force_https: "false" +outline_enable_updates: "false" +outline_cdn_url: -```yml -outline_uid: -outline_gid: -``` -The role allows oyu to specify which components will be installed: +outline_debug: "cache,presenters,events,emails,mailer,utils,multiplayer,server,services" -```yml -deluge_enabled: true -sonarr_enabled: true -lidarr_enabled: true -jackett_enabled: true -``` +outline_volume_base: "/mnt/outline" +outline_volume_redis: "{{ outline_volume_base }}/redis" +outline_volume_db: "{{ outline_volume_base }}/db" +outline_volume_s3: "{{ outline_volume_base }}/s3" -### Deluge torrent +oidc_client_id: +oidc_client_secret: +oidc_auth_uri: +oidc_token_uri: +oidc_userinfo_uri: -You can specify the image version and the log level: +outline_google_client_id: +outline_google_client_secret: +outline_slack_client_id: +outline_slack_client_secret: -```yml -deluge_image_version: 'latest' -deluge_loglevel: 'warning' -``` +# If the db_host is not "postgres", then we assume the +# db is external and not spin up the docker container +outline_db_schema: "postgres" +outline_db_host: "postgres" +outline_db_port: "5432" +outline_db_user: "postgres" +outline_db_password: "changeme" +outline_db: "outline" -Deluge works on ports 6881 and 8112. You can change these ports: +# By default, PostgreSQL is not secured. If you have a secure +# database instance, replace the content below with "enable". +outline_db_ssl: "disable" -```yml -deluge_host_port: 6881 -deluge_admin_port: 8112 -``` +# Spin up the fake S3 only if "fake_s3" is true +outline_fake_s3: true +outline_fake_s3_port: 4569 +outline_aws_access_key_id: +outline_aws_secret_access_key: +outline_aws_region: +outline_aws_s3_upload_bucket_url: "http://s3:4569" +outline_aws_s3_upload_bucket_name: outline-bucket +outline_aws_s3_upload_max_size: "26214400" +outline_aws_s3_force_path_style: "true" +outline_aws_s3_acl: "private" -You can also overwrite the location where deluge's configuration is stored (e.g. if you already have deluge installed and you want to use the Ansible role): +outline_smtp_host: +outline_smtp_port: +outline_smtp_username: +outline_smtp_password: +outline_smtp_from_email: +outline_smtp_reply_email: -```yml -deluge_config_volume: '{{ outline_configuration_volume }}/deluge' -``` +outline_team_logo_url: -### Radarr - -You can specify the image version and the port exposed: - -```yml -radarr_image_version: 'latest' -radarr_host_port: 7878 -``` -You can also overwrite the location where radarr's configuration is stored (e.g. if you already have it installed and you want to use the Ansible role): - -```yml -radarr_config_volume: '{{ outline_configuration_volume }}/radarr' -``` - -Radarr needs a place to copy the downloaded series: - -```yml -radarr_series_volume: '/mnt/videos/Movies' -``` - -**Notes**: - -- Depending on your settings, it will also rename your current series -- You need write access to that directory, so Sonarr can actually copy the files - -### Sonarr - -You can specify the image version and the port exposed: - -```yml -sonarr_image_version: 'latest' -sonarr_host_port: 8989 -``` -You can also overwrite the location where sonarr's configuration is stored (e.g. if you already have it installed and you want to use the Ansible role): - -```yml -sonarr_config_volume: '{{ outline_configuration_volume }}/sonarr' -``` - -Sonarr needs a place to copy the downloaded series: - -```yml -sonarr_series_volume: '/mnt/videos/Series' -``` - -**Notes**: - -- Depending on your settings, it will also rename your current series -- You need write access to that directory, so Sonarr can actually copy the files - -# Lidarr - -You can specify the image version and the port exposed: - -```yml -lidarr_image_version: 'latest' -lidarr_host_port: 8686 -``` -You can also overwrite the location where lidarr's configuration is stored (e.g. if you already have it installed and you want to use the Ansible role): - -```yml -lidarr_config_volume: '{{ outline_configuration_volume }}/lidarr' -``` -Lidarr needs a place to copy the downloaded music: - -```yml -lidarr_music_upload_volume: '/mnt/music/Reference' -``` - -You will need to add a reference to your music collection (so you don't download what you already have). The layout below allows for multiple collections: - -```yml -lidarr_music_volumes: - - {path: '/mnt/music/Sonos', alias: 'sonos' } - - {path: '/mnt/music/Audiophile', alias: 'audiophile' } - - {path: '/mnt/music/Raw', alias: 'raw' } -``` - -The `path` is the actual directory where the collection is located and the `alias` is the internal mapping name in Docker. - -# Jakett -You can specify the image version, the port exposed and to autoupdate: - -```yml -jackett_image_version: 'latest' -jackett_auto_update: true -jackett_host_port: 9117 -``` -You can also overwrite the location where jackett's configuration is stored (e.g. if you already have it installed and you want to use the Ansible role): - -```yml -jackett_config_volume: '{{ outline_configuration_volume }}/jackett' +outline_language: 'en_US' ``` ## Dependencies diff --git a/TODO.md b/TODO.md index d36014b..c2c7153 100644 --- a/TODO.md +++ b/TODO.md @@ -1,5 +1,3 @@ # TODOs - -- [ ] Add logo -- [ ] Optional S3 (allow for e.g. external minio install) \ No newline at end of file +- [ ] Write a proper README. diff --git a/defaults/main.yml b/defaults/main.yml index 9778eae..495f77c 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -6,11 +6,16 @@ outline_utils_secret: 'changeme' outline_setup_path: '~/outline' +outline_deployment: '' outline_port: 3000 outline_url: "http://localhost:{{ outline_port }}" +outline_force_https: "false" +outline_enable_updates: "false" outline_cdn_url: +outline_debug: "cache,presenters,events,emails,mailer,utils,multiplayer,server,services" + outline_volume_base: "/mnt/outline" outline_volume_redis: "{{ outline_volume_base }}/redis" outline_volume_db: "{{ outline_volume_base }}/db" @@ -22,18 +27,27 @@ oidc_auth_uri: oidc_token_uri: oidc_userinfo_uri: +outline_google_client_id: +outline_google_client_secret: +outline_slack_client_id: +outline_slack_client_secret: + # If the db_host is not "postgres", then we assume the # db is external and not spin up the docker container outline_db_schema: "postgres" outline_db_host: "postgres" -outlinr_db_port: "5432" +outline_db_port: "5432" outline_db_user: "postgres" outline_db_password: "changeme" outline_db: "outline" +# By default, PostgreSQL is not secured. If you have a secure +# database instance, replace the content below with "enable". +outline_db_ssl: "disable" + # Spin up the fake S3 only if "fake_s3" is true outline_fake_s3: true -outline_fake_s3_port: +outline_fake_s3_port: 4569 outline_aws_access_key_id: outline_aws_secret_access_key: outline_aws_region: @@ -53,4 +67,3 @@ outline_smtp_reply_email: outline_team_logo_url: outline_language: 'en_US' - diff --git a/meta/main.yml b/meta/main.yml index e79247b..60cf601 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -2,7 +2,7 @@ galaxy_info: author: Laur Ivan namespace: laurivan role_name: outline - description: Sonarr, Lidarr, Deluge and Jackett via Docker + description: Outline Docker license: MIT min_ansible_version: "2.4" @@ -26,12 +26,9 @@ galaxy_info: - all galaxy_tags: - - sonarr - - lidarr - - deluge - - jackett - - media - - grabber + - outline + - document + - wiki - docker dependencies: [] diff --git a/tasks/main.yml b/tasks/main.yml index e88d2b5..7f12f0b 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -21,11 +21,8 @@ group: "{% if outline_gid %}{{ outline_gid }}{% else %}{{ ansible_effective_group_id }}{% endif %}" mode: "0750" with_items: - - "{{ deluge_config_volume }}" - - "{{ radarr_config_volume }}" - - "{{ sonarr_config_volume }}" - - "{{ lidarr_config_volume }}" - - "{{ jackett_config_volume }}" + - "{{ outline_config_volume }}" + tags: - configuration become: true @@ -38,9 +35,8 @@ group: "{% if outline_gid %}{{ outline_gid }}{% else %}{{ ansible_effective_group_id }}{% endif %}" mode: "0750" with_items: - - "{{ radarr_upload_volume }}" - - "{{ sonarr_upload_volume }}" - - "{{ lidarr_upload_volume }}" + - "{{ outline_config_volume }}" + - "{{ outline_setup_path }}" tags: - configuration become: true @@ -52,11 +48,11 @@ mode: '0640' loop: - "docker-compose.yml" - - "env.deluge.conf" - - "env.radarr.conf" - - "env.sonarr.conf" - - "env.lidarr.conf" - - "env.jackett.conf" + - "env.outline.conf" + - "env.db.conf" + - "env.oidc.conf" + - "env.redis.conf" + - "env.s3.conf" tags: - configuration diff --git a/templates/docker-compose.yml.j2 b/templates/docker-compose.yml.j2 index e4bc061..2be5955 100644 --- a/templates/docker-compose.yml.j2 +++ b/templates/docker-compose.yml.j2 @@ -46,7 +46,7 @@ services: image: lphoward/fake-s3 env_file: - "{{ outline_setup_path }}/env.s3.conf" -{% if outline_s3_port %} +{% if outline_fake_s3_port %} ports: - {{ outline_fake_s3_port }}:4569 {% endif %} @@ -58,11 +58,12 @@ services: outline: image: outlinewiki/outline:latest - command: sh -c "yarn sequelize:migrate --env production-ssl-disabled && yarn start" + command: sh -c "yarn start" + # command: sh -c "yarn sequelize:migrate --env production-ssl-disabled && yarn start" env_file: - ./env.outline.conf - ./env.oidc.conf - restart: always + #restart: never ports: - {{ outline_port }}:3000 depends_on: diff --git a/templates/env.db.conf.j2 b/templates/env.db.conf.j2 index d03754f..9a7f526 100644 --- a/templates/env.db.conf.j2 +++ b/templates/env.db.conf.j2 @@ -2,3 +2,4 @@ POSTGRES_USER={{ outline_db_user }} POSTGRES_PASSWORD={{ outline_db_password }} POSTGRES_DB={{ outline_db }} +PGSSLMODE={{ outline_db_ssl }} \ No newline at end of file diff --git a/templates/env.oidc.conf.j2 b/templates/env.oidc.conf.j2 index 97c9c32..faced3f 100644 --- a/templates/env.oidc.conf.j2 +++ b/templates/env.oidc.conf.j2 @@ -9,7 +9,7 @@ OIDC_USERINFO_URI={{ oidc_userinfo_uri }} # Specify which claims to derive user information from # Supports any valid JSON path with the JWT payload -OIDC_USERNAME_CLAIM=preferred_username +OIDC_USERNAME_CLAIM={{ oidc_username_claim }} # Display name for OIDC authentication OIDC_DISPLAY_NAME=OpenID diff --git a/templates/env.outline.conf.j2 b/templates/env.outline.conf.j2 index 1c93aae..b983d0f 100644 --- a/templates/env.outline.conf.j2 +++ b/templates/env.outline.conf.j2 @@ -6,6 +6,8 @@ SECRET_KEY={{ outline_secret_key }} UTILS_SECRET={{ outline_utils_secret }} +DEPLOYMENT={{ outline_deployment }} + DATABASE_URL={{ outline_db_schema }}://{{ outline_db_user }}:{{ outline_db_password }}@{{outline_db_host}}:{{ outline_db_port }}/{{ outline_db }} DATABASE_URL_TEST={{ outline_db_schema }}://{{ outline_db_user }}:{{ outline_db_password }}@{{outline_db_host}}:{{ outline_db_port }}/{{ outline_db }}_test REDIS_URL=redis://redis:6379 @@ -20,31 +22,36 @@ CDN_URL={{ outline_cdn_url }} # enforce (auto redirect to) https in production, (optional) default is true. # set to false if your SSL is terminated at a loadbalancer, for example -FORCE_HTTPS=true +FORCE_HTTPS={{ outline_force_https }} -ENABLE_UPDATES=true -DEBUG=cache,presenters,events,emails,mailer,utils,multiplayer,server,services +ENABLE_UPDATES={{ outline_enable_updates }} +DEBUG={{ outline_debug }} +{% if outline_slack_client_id %} # Third party signin credentials (at least one is required) -SLACK_KEY=get_a_key_from_slack -SLACK_SECRET=get_the_secret_of_above_key +SLACK_CLIENT_ID={{ outline_slack_client_id }} +SLACK_CLIENT_SECRET={{ outline_slack_client_secret }} +{% endif %} # To configure Google auth, you'll need to create an OAuth Client ID at # => https://console.cloud.google.com/apis/credentials # # When configuring the Client ID, add an Authorized redirect URI: # https:///auth/google.callback -GOOGLE_CLIENT_ID= -GOOGLE_CLIENT_SECRET= +{% if outline_google_client_id %} +GOOGLE_CLIENT_ID={{ outline_google_client_id }} +GOOGLE_CLIENT_SECRET={{ outline_google_client_secret }} + # Comma separated list of domains to be allowed (optional) # If not set, all Google apps domains are allowed by default GOOGLE_ALLOWED_DOMAINS= +{% endif %} # Third party credentials (optional) SLACK_VERIFICATION_TOKEN= -SLACK_APP_ID=A0XXXXXXX -SLACK_MESSAGE_ACTIONS=true +SLACK_APP_ID= +SLACK_MESSAGE_ACTIONS= GOOGLE_ANALYTICS_ID= SENTRY_DSN= @@ -79,5 +86,9 @@ TEAM_LOGO={{ outline_team_logo_url }} # percentage translated. DEFAULT_LANGUAGE={{ outline_language }} +{% if outline_db_ssl %} +PGSSLMODE={{ outline_db_ssl }} +{% endif %} + diff --git a/templates/env.redis.conf.j2 b/templates/env.redis.conf.j2 index e69de29..cef04b7 100644 --- a/templates/env.redis.conf.j2 +++ b/templates/env.redis.conf.j2 @@ -0,0 +1 @@ +# Empty right now \ No newline at end of file diff --git a/templates/env.s3.conf.j2 b/templates/env.s3.conf.j2 index e69de29..cef04b7 100644 --- a/templates/env.s3.conf.j2 +++ b/templates/env.s3.conf.j2 @@ -0,0 +1 @@ +# Empty right now \ No newline at end of file