36e3a4b688
- Refactor: collapse `*_domain` + `*_extra_domains` into a single `*_domains` list across authentik, collabora, garage and nextcloud roles. First entry is the canonical FQDN (used for OVERWRITEHOST, BASE_URL, notify_push setup and garage root_domain). - Authentik blueprint: guard the OAuth sources block so an empty `authentik_login_sources` no longer renders an invalid YAML key. - Nextcloud: introduce `nextcloud_collabora_public_domain` and set Collabora's `public_wopi_url` separately from the server-to-server `wopi_url` so browsers can reach Collabora via the public name while Nextcloud still talks to it on the internal one. - Nextcloud: URL-encode the postgres user/password in DATABASE_URL.
64 lines
No EOL
2 KiB
YAML
64 lines
No EOL
2 KiB
YAML
#SPDX-License-Identifier: MIT-0
|
|
---
|
|
# defaults file for garage
|
|
|
|
# Base directory configuration (inherited from base role or defined here)
|
|
docker_compose_base_dir: /etc/docker/compose
|
|
docker_volume_base_dir: /srv/data
|
|
|
|
# Garage-specific configuration
|
|
garage_service_name: garage
|
|
garage_docker_compose_dir: "{{ docker_compose_base_dir }}/{{ garage_service_name }}"
|
|
garage_docker_volume_dir: "{{ docker_volume_base_dir }}/{{ garage_service_name }}"
|
|
|
|
# Garage service configuration
|
|
garage_image: "dxflrs/garage:v2.1.0"
|
|
# FQDNs the garage S3 router accepts. The first entry is the canonical
|
|
# domain and is also used as the virtual-hosted-style root_domain in
|
|
# garage.toml; further entries cover internal *.int.* names.
|
|
garage_s3_domains:
|
|
- "storage.local.test"
|
|
garage_web_domain: "web.storage.local.test"
|
|
garage_webui_domain: "console.storage.local.test"
|
|
|
|
# Garage WebUI configuration
|
|
garage_webui_enabled: true
|
|
garage_webui_image: "khairul169/garage-webui:latest"
|
|
garage_webui_port: 3909
|
|
# WebUI basic auth credentials (plaintext, will be hashed automatically)
|
|
garage_webui_username: "admin"
|
|
garage_webui_password: "admin"
|
|
|
|
# Garage ports
|
|
garage_s3_api_port: 3900
|
|
garage_s3_web_port: 3902
|
|
garage_admin_port: 3903
|
|
garage_rpc_port: 3901
|
|
|
|
# Garage configuration
|
|
garage_replication_factor: 1
|
|
garage_compression_level: 1
|
|
garage_db_engine: "lmdb"
|
|
garage_s3_region: "us-east-1"
|
|
garage_rpc_secret: "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef"
|
|
garage_admin_token: "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef"
|
|
garage_metrics_token: "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef"
|
|
|
|
# Traefik configuration
|
|
garage_traefik_network: "proxy"
|
|
garage_internal_network: "internal"
|
|
garage_use_ssl: true
|
|
|
|
# Optional: Garage cluster bootstrap configuration
|
|
garage_bootstrap_enabled: false
|
|
garage_bootstrap_zone: "dc1"
|
|
garage_bootstrap_capacity: "1G"
|
|
|
|
# Optional: S3 keys to create
|
|
# Example:
|
|
# garage_s3_keys:
|
|
# - name: "my-key"
|
|
# buckets:
|
|
# - name: "my-bucket"
|
|
# permissions: ["read", "write"]
|
|
garage_s3_keys: [] |