Digitalboard/digitalboard.core
6
2
Fork 0
Code Pull requests 1 Releases Packages Activity Actions
digitalboard.core/roles/garage/defaults/main.yml
Simon Bärlocher 3236ca332f
docs(collection): document all roles and fix metadata drift 
Replace ansible-galaxy init placeholders across the collection and
correct documentation that drifted from the code, after a multi-agent
review of every role README against its defaults, tasks and templates.

Collection level:
- README: role table for all 16 roles, requirements and role-ordering
- galaxy.yml: declare community.docker and community.general deps,
  real description/tags/urls; normalize license to MIT-0
- meta/runtime.yml: requires_ansible '>=2.15.0'
- plugins/README: document the homarr_layout filter and
  garage_credentials lookup instead of scaffold boilerplate

Per-role meta/main.yml and README for the placeholder roles
(389ds, authentik, authentik_outpost_ldap, base, collabora, drawio,
garage, homarr, httpbin, keycloak, nextcloud, opencloud, traefik).

Correctness fixes found during review:
- keycloak: wrong domain default, drop invented keycloak_cert_resolver,
  document the provisioning feature
- garage: root_domain is .s3.<first-entry>, not the bare domain
- opnform: jwt/front_api secrets use `openssl rand -hex 32`; align the
  validation fail_msg in tasks/main.yml accordingly
- send: S3 example references garage_s3_domains[0] (was singular)
- opencloud: document required opencloud_wopi_domain

License normalized to MIT-0 across galaxy.yml, role meta and READMEs to
match the SPDX headers.
2026-05-27 23:12:24 +02:00

75 lines
No EOL
2.6 KiB
YAML
Raw Blame History

#SPDX-License-Identifier: MIT-0
---
# defaults file for garage
# Base directory configuration (inherited from base role or defined here)
docker_compose_base_dir: /etc/docker/compose
docker_volume_base_dir: /srv/data
# Garage-specific configuration
garage_service_name: garage
garage_docker_compose_dir: "{{ docker_compose_base_dir }}/{{ garage_service_name }}"
garage_docker_volume_dir: "{{ docker_volume_base_dir }}/{{ garage_service_name }}"
# Garage service configuration
garage_image: "dxflrs/garage:v2.1.0"
# FQDNs the garage S3 router accepts. The first entry is the canonical
# domain; garage.toml derives the virtual-hosted-style S3 root_domain
# from it as ".s3.<first-entry>"; further entries cover internal
# *.int.* names.
garage_s3_domains:
- "storage.local.test"
garage_web_domain: "web.storage.local.test"
garage_webui_domain: "console.storage.local.test"
# Garage WebUI configuration
garage_webui_enabled: true
garage_webui_image: "khairul169/garage-webui:latest"
garage_webui_port: 3909
# WebUI basic auth credentials (plaintext, will be hashed automatically).
# Ignored when garage_webui_authentik_forward_auth is true — in that case
# authentik handles authentication via the ForwardAuth middleware below.
garage_webui_username: "admin"
garage_webui_password: "admin"
# Optional Authentik ForwardAuth in front of the WebUI. When true:
# - the AUTH_USER_PASS env-var is dropped from the container so htpasswd
# isn't enforced; authentik is the only gate.
# - traefik attaches a ForwardAuth middleware pointing at the URL below.
# Leave false to keep classic htpasswd protection.
garage_webui_authentik_forward_auth: false
garage_webui_authentik_forward_auth_url: ""
# Garage ports
garage_s3_api_port: 3900
garage_s3_web_port: 3902
garage_admin_port: 3903
garage_rpc_port: 3901
# Garage configuration
garage_replication_factor: 1
garage_compression_level: 1
garage_db_engine: "lmdb"
garage_s3_region: "us-east-1"
garage_rpc_secret: "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef"
garage_admin_token: "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef"
garage_metrics_token: "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef"
# Traefik configuration
garage_traefik_network: "proxy"
garage_internal_network: "internal"
garage_use_ssl: true
# Optional: Garage cluster bootstrap configuration
garage_bootstrap_enabled: false
garage_bootstrap_zone: "dc1"
garage_bootstrap_capacity: "1G"
# Optional: S3 keys to create
# Example:
# garage_s3_keys:
# - name: "my-key"
# buckets:
# - name: "my-bucket"
# permissions: ["read", "write"]
garage_s3_keys: []
View git blame Copy permalink