diff --git a/playbooks/vikunja.yml b/playbooks/vikunja.yml
deleted file mode 100644
index 839c6e4..0000000
--- a/playbooks/vikunja.yml
+++ /dev/null
@@ -1,24 +0,0 @@
----
-# Infrastructure
-# Ansible instructions to deploy the infrastructure
-# Copyright (C) 2021 Saibotk
-#
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, version 3 of the License.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program. If not, see .
-
-- name: Install & configure Vikunja
- hosts: vikunja
- roles:
- - docker
- - docker_cleanup
- - traefik
- - vikunja
diff --git a/roles/vikunja/README.md b/roles/vikunja/README.md
deleted file mode 100644
index eb557a9..0000000
--- a/roles/vikunja/README.md
+++ /dev/null
@@ -1,37 +0,0 @@
-Vikunja
-=========
-
-This will setup a [Vikunja](https://vikunja.io/) instance using their official docker container and traefik as a reverse proxy.
-
-Requirements
-------------
-
-You will need to have docker, docker-compose and traefik installed or declared as dependencies with their respective roles.
-
-**This role assumes that you have setup traefik with an endpoint called `websecure`.**
-
-**You will also need to manually setup the services configuration file!**
-
-Role Variables
---------------
-
-**Please look at the [defaults/main.yml](defaults/main.yml) for all available variables and their description.**
-
-**Note: Lines that are commented out via `#` are usually still valid/used variables, but they are not defined by default, so they might enable a feature, when uncommenting/defining them!**
-
-### Global variables, that are used:
-
-- `proxy_network`: Defined by the local traefik installation, this is the shared proxy network used by traefik to reach the containers. (optional)
-- `proxy_hiddenservice`: Defined by the local traefik installation, this is used to generate the alt-svc header for the alternative Tor domain. (optional)
-
-Dependencies
-------------
-
-- docker
-- docker-compose
-- traefik
-
-License
--------
-
-GPL-3.0-only
diff --git a/roles/vikunja/defaults/main.yml b/roles/vikunja/defaults/main.yml
deleted file mode 100644
index 3378e0f..0000000
--- a/roles/vikunja/defaults/main.yml
+++ /dev/null
@@ -1,294 +0,0 @@
----
-# Defaults variables for the vikunja role
-
-# Infrastructure
-# Ansible instructions to deploy the infrastructure
-# Copyright (C) 2021 Saibotk
-#
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, version 3 of the License.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program. If not, see .
-#
-
-# The install location
-vikunja_install_location: /srv/vikunja
-
-# The container data volume mount locations
-vikunja_api_files_location: "{{ vikunja_install_location }}/files"
-vikunja_redis_location: "{{ vikunja_install_location }}/redis"
-vikunja_database_location: "{{ vikunja_install_location }}/database"
-
-# The certresolver that is used by traefik for the frontend domain
-vikunja_frontend_traefik_certresolver: letsencrypt_http
-
-# The domain that traefik will server vikunja's API under
-vikunja_frontend_domain: "vikunja.example.com"
-
-# The certresolver that is used by traefik for the api domain
-vikunja_api_traefik_certresolver: letsencrypt_http
-
-# The domain that traefik will server vikunja's API under
-vikunja_api_domain: "{{ vikunja_frontend_domain }}"
-
-# The database password to use
-vikunja_database_password: "{{ lookup('passwordstore', vikunja_api_domain + '/db create=true length=42') }}"
-
-# Container versions
-# renovate: depName=docker.io/vikunja/api
-vikunja_api_version: "0.22.1"
-# renovate: depName=docker.io/vikunja/frontend
-vikunja_frontend_version: "0.22.1"
-# renovate: depName=docker.io/library/postgres
-vikunja_database_version: "13.16"
-# renovate: depName=docker.io/library/redis
-vikunja_redis_version: "7"
-
-# Container tag definitions
-vikunja_api_image_version: "{{ vikunja_api_version }}"
-vikunja_frontend_image_version: "{{ vikunja_frontend_version }}"
-vikunja_database_image_version: "{{ vikunja_database_version }}-alpine"
-vikunja_redis_image_version: "{{ vikunja_redis_version }}"
-
-# Enable or disable selinux handling
-vikunja_selinux_enabled: true
-
-# The SELinux levels for vikunja folders/container
-vikunja_selinux_level: "{{ omit }}"
-
-# Application Configuration
-
-# Service section
-
-# Set the motd message, available from the /info endpoint
-# Will be disabled if empty
-vikunja_service_motd: ""
-# This token is used to verify issued JWT tokens.
-# Default (empty string) is a random token which will be generated at each startup of vikunja.
-# (This means all already issued tokens will be invalid once you restart vikunja)
-vikunja_service_jwtsecret: ""
-# Enable the caldav endpoint, see the docs for more details
-vikunja_service_enablecaldav: true
-# Enable sharing of lists via a link
-vikunja_service_enablelinksharing: true
-# Whether to let new users registering themselves or not
-vikunja_service_enableregistration: true
-# Whether to enable task attachments or not
-vikunja_service_enabletaskattachments: true
-# The time zone all timestamps are in.
-# Please note that time zones have to use [the official tz database names](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones).
-# UTC or GMT offsets won't work.
-vikunja_service_timezone: "GMT"
-# Whether task comments should be enabled or not
-vikunja_service_enabletaskcomments: true
-# Whether totp is enabled. In most cases you want to leave that enabled.
-vikunja_service_enabletotp: true
-# If enabled, vikunja will send an email to everyone who is either assigned to a task or created it when a task reminder
-# is due.
-vikunja_service_enableemailreminders: true
-# If true, will allow users to request the complete deletion of their account. When using external authentication methods
-# it may be required to coordinate with them in order to delete the account. This setting will not affect the cli commands
-# for user deletion.
-vikunja_service_enableuserdeletion: true
-
-# Mailer section
-vikunja_mailer:
- # Whether to enable the mailer or not. If it is disabled, all users are enabled right away and password reset is not possible.
- enabled: false
- # SMTP Host
- host: ""
- # SMTP Host port
- port: 587
- # SMTP username
- username: "user"
- # SMTP password
- password: ""
- # Wether to skip verification of the tls certificate on the server
- skiptlsverify: false
- # The default from address when sending emails
- fromemail: "mail@vikunja"
- # The length of the mail queue.
- queuelength: 100
- # The timeout in seconds after which the current open connection to the mailserver will be closed.
- queuetimeout: 30
- # By default, vikunja will try to connect with starttls, use this option to force it to use ssl.
- forcessl: false
-
-# Log section
-vikunja_log:
- # Whether to show any logging at all or none
- enabled: true
- # Where the normal log should go. Possible values are stdout, stderr, file or off to disable standard logging.
- standard: "stdout"
- # Change the log level. Possible values (case-insensitive) are CRITICAL, ERROR, WARNING, NOTICE, INFO, DEBUG.
- level: "WARNING"
- # Whether or not to log database queries. Useful for debugging. Possible values are stdout, stderr, file or off to disable database logging.
- database: "off"
- # The log level for database log messages. Possible values (case-insensitive) are CRITICAL, ERROR, WARNING, NOTICE, INFO, DEBUG.
- databaselevel: "WARNING"
- # Whether to log http requests or not. Possible values are stdout, stderr, file or off to disable http logging.
- http: "off"
- # Echo has its own logging which usually is unnessecary, which is why it is disabled by default.
- # Possible values are stdout, stderr, file or off to disable standard logging.
- echo: "off"
- # Whether or not to log events. Useful for debugging. Possible values are stdout, stderr, file or off to disable events logging.
- events: "stdout"
- # The log level for event log messages. Possible values (case-insensitive) are ERROR, INFO, DEBUG.
- eventslevel: "error"
-
-# Rate limit section
-vikunja_ratelimit:
- # whether or not to enable the rate limit
- enabled: false
- # The kind on which rates are based. Can be either "user" for a rate limit per user or "ip" for an ip-based rate limit.
- kind: user
- # The time period in seconds for the limit
- period: 60
- # The max number of requests a user is allowed to do in the configured time period
- limit: 100
- # The store where the limit counter for each user is stored.
- # Possible values are "keyvalue", "memory" or "redis".
- # When choosing "keyvalue" this setting follows the one configured in the "keyvalue" section.
- store: redis
-
-# Files section
-
-# The maximum size of a file, as a human-readable string.
-# Warning: The max size is limited 2^64-1 bytes due to the underlying datatype
-vikunja_files_maxsize: "50MB"
-
-# Migration section
-vikunja_migration:
- wunderlist:
- # Wheter to enable the wunderlist migrator or not
- enable: false
- # The client id, required for making requests to the wunderlist api
- # You need to register your vikunja instance at https://developer.wunderlist.com/apps/new to get this
- clientid:
- # The client secret, also required for making requests to the wunderlist api
- clientsecret:
- # The url where clients are redirected after they authorized Vikunja to access their wunderlist stuff.
- # This needs to match the url you entered when registering your Vikunja instance at wunderlist.
- # This is usually the frontend url where the frontend then makes a request to /migration/wunderlist/migrate
- # with the code obtained from the wunderlist api.
- # Note that the vikunja frontend expects this to be /migrate/wunderlist
- redirecturl: /migrate/wunderlist
- todoist:
- # Wheter to enable the todoist migrator or not
- enable: false
- # The client id, required for making requests to the todoist api
- # You need to register your vikunja instance at https://developer.todoist.com/appconsole.html to get this
- clientid:
- # The client secret, also required for making requests to the todoist api
- clientsecret:
- # The url where clients are redirected after they authorized Vikunja to access their todoist items.
- # This needs to match the url you entered when registering your Vikunja instance at todoist.
- # This is usually the frontend url where the frontend then makes a request to /migration/todoist/migrate
- # with the code obtained from the todoist api.
- # Note that the vikunja frontend expects this to be /migrate/todoist
- redirecturl: /migrate/todoist
- trello:
- # Wheter to enable the trello migrator or not
- enable: false
- # The client id, required for making requests to the trello api
- # You need to register your vikunja instance at https://trello.com/app-key (log in before you visit that link) to get this
- key:
- # The url where clients are redirected after they authorized Vikunja to access their trello cards.
- # This needs to match the url you entered when registering your Vikunja instance at trello.
- # This is usually the frontend url where the frontend then makes a request to /migration/trello/migrate
- # with the code obtained from the trello api.
- # Note that the vikunja frontend expects this to end on /migrate/trello.
- redirecturl: /migrate/trello
- microsofttodo:
- # Wheter to enable the microsoft todo migrator or not
- enable: false
- # The client id, required for making requests to the microsoft graph api
- # See https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-register-app#register-an-application
- # for information about how to register your vikuinja instance.
- clientid:
- # The client secret, also required for making requests to the microsoft graph api
- clientsecret:
- # The url where clients are redirected after they authorized Vikunja to access their microsoft todo tasks.
- # This needs to match the url you entered when registering your Vikunja instance at microsoft.
- # This is usually the frontend url where the frontend then makes a request to /migration/microsoft-todo/migrate
- # with the code obtained from the microsoft graph api.
- # Note that the vikunja frontend expects this to be /migrate/microsoft-todo
- redirecturl: /migrate/microsoft-todo
-
-# Avatar section
-vikunja_avatar:
- # When using gravatar, this is the duration in seconds until a cached gravatar user avatar expires
- gravatarexpiration: 3600
-
-# Backgrounds section
-vikunja_backgrounds:
- # Whether to enable backgrounds for lists at all.
- enabled: true
- providers:
- upload:
- # Whethere to enable uploaded list backgrounds
- enabled: true
- unsplash:
- # Whether to enable setting backgrounds from unsplash as list backgrounds
- enabled: false
- # You need to create an application for your installation at https://unsplash.com/oauth/applications/new
- # and set the access token below.
- accesstoken:
- # The unsplash application id is only used for pingback and required as per their api guidelines.
- # You can find the Application ID in the dashboard for your API application. It should be a numeric ID.
- # It will only show in the UI if your application has been approved for Enterprise usage, therefore if
- # you’re in Demo mode, you can also find the ID in the URL at the end: https://unsplash.com/oauth/applications/:application_id
- applicationid:
-
-# Legal section
-# Used to configure the legal URLs.
-# Will be shown in the frontend if configured here
-vikunja_legal:
- imprinturl:
- privacyurl:
-
-# Auth section
-
-# Local authentication will let users log in and register (if enabled) through the db.
-# This is the default auth mechanism and does not require any additional configuration.
-# Enable or disable local authentication
-vikunja_auth_local_enabled: true
-
-# OpenID configuration will allow users to authenticate through a third-party OpenID Connect compatible provider.
-# The provider needs to support the `openid`, `profile` and `email` scopes.
-# **Note:** Some openid providers (like gitlab) only make the email of the user available through openid claims if they have set it to be publicly visible.
-# If the email is not public in those cases, authenticating will fail.
-# **Note 2:** The frontend expects to be redirected after authentication by the third party
-# to /auth/openid/. Please make sure to configure the redirect url with your third party
-# auth service accordingy if you're using the default vikunja frontend.
-# Take a look at the [default config file](https://kolaente.dev/vikunja/api/src/branch/main/config.yml.sample)
-# for more information about how to configure openid authentication.
-
-# Enable or disable OpenID Connect authentication
-vikunja_auth_openid_enabled: false
-# A list of enabled providers
-vikunja_auth_openid_providers:
- # The name of the provider as it will appear in the frontend.
- - name:
- # The auth url to send users to if they want to authenticate using OpenID Connect.
- authurl:
- # The client ID used to authenticate Vikunja at the OpenID Connect provider.
- clientid:
- # The client secret used to authenticate Vikunja at the OpenID Connect provider.
- clientsecret:
-
-# Metrics section
-vikunja_metrics:
- # If set to true, enables a /metrics endpoint for prometheus to collect metrics about Vikunja.
- enabled: false
- # If set to a non-empty value the /metrics endpoint will require this as a username via basic auth in combination with the password below.
- username:
- # If set to a non-empty value the /metrics endpoint will require this as a password via basic auth in combination with the username below.
- password:
diff --git a/roles/vikunja/handlers/main.yml b/roles/vikunja/handlers/main.yml
deleted file mode 100644
index c0a4fdb..0000000
--- a/roles/vikunja/handlers/main.yml
+++ /dev/null
@@ -1,26 +0,0 @@
----
-# handlers file for vikunja
-
-# Infrastructure
-# Ansible instructions to deploy the infrastructure
-# Copyright (C) 2021 Saibotk
-#
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, version 3 of the License.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program. If not, see .
-
-- name: Restart vikunja-api
- community.docker.docker_compose_v2:
- services:
- - api
- project_src: "{{ vikunja_install_location }}"
- state: restarted
- become: true
diff --git a/roles/vikunja/meta/main.yml b/roles/vikunja/meta/main.yml
deleted file mode 100644
index 0c47248..0000000
--- a/roles/vikunja/meta/main.yml
+++ /dev/null
@@ -1,44 +0,0 @@
-galaxy_info:
- author: saibotk
- description: "Installs vikunja via docker."
- license: GPL-3.0-only
- min_ansible_version: "2.9"
- standalone: true
-
- platforms:
- - name: EL
- versions:
- - all
- - name: GenericUNIX
- versions:
- - all
- - name: Fedora
- versions:
- - all
- - name: opensuse
- versions:
- - all
- - name: GenericBSD
- versions:
- - all
- - name: FreeBSD
- versions:
- - all
- - name: Ubuntu
- versions:
- - all
- - name: SLES
- versions:
- - all
- - name: GenericLinux
- versions:
- - all
- - name: Debian
- versions:
- - all
-
- galaxy_tags: []
-
-dependencies:
- - role: docker
- - role: traefik
diff --git a/roles/vikunja/tasks/main.yml b/roles/vikunja/tasks/main.yml
deleted file mode 100644
index e9988a7..0000000
--- a/roles/vikunja/tasks/main.yml
+++ /dev/null
@@ -1,101 +0,0 @@
----
-# Tasks file for the vikunja role
-
-# Infrastructure
-# Ansible instructions to deploy the infrastructure
-# Copyright (C) 2019-2020 Christoph (Sheogorath) Kern
-# Copyright (C) 2019-2020 Alexander (w4tsn) Wellbrock
-# Copyright (C) 2020-2021 Saibotk
-#
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, version 3 of the License.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program. If not, see .
-#
-
-- name: Update default SELinux contexts
- community.general.sefcontext:
- target: "{{ item }}(/.*)?"
- setype: "container_file_t"
- state: present
- with_items:
- - "{{ vikunja_database_location }}"
- - "{{ vikunja_api_files_location }}"
- when:
- - vikunja_selinux_enabled
- become: true
-
-- name: Create install directory
- ansible.builtin.file:
- path: "{{ item }}"
- state: directory
- mode: "0700"
- owner: "root"
- group: "root"
- with_items:
- - "{{ vikunja_install_location }}"
- become: true
-
-- name: Create database directory
- ansible.builtin.file: # noqa risky-file-permissions # Container manages permissions on its own
- path: "{{ item }}"
- state: directory
- setype: "container_file_t"
- with_items:
- - "{{ vikunja_database_location }}"
- become: true
-
-- name: Create files directory
- ansible.builtin.file:
- path: "{{ item }}"
- state: directory
- mode: "0700"
- owner: "1000"
- group: "1000"
- setype: "container_file_t"
- selevel: "{{ vikunja_selinux_level }}"
- with_items:
- - "{{ vikunja_api_files_location }}"
- become: true
-
-- name: Deploy docker-compose.yml
- ansible.builtin.template:
- src: "docker-compose.yml"
- dest: "{{ vikunja_install_location }}/docker-compose.yml"
- mode: "0600"
- owner: "root"
- group: "root"
- validate: docker compose -f %s config -q
- tags:
- - vikunja
- become: true
-
-- name: Deploy config.yml
- ansible.builtin.template:
- src: "config.yml"
- dest: "{{ vikunja_install_location }}/config.yml"
- owner: "1000"
- group: "1000"
- mode: "0600"
- setype: "container_file_t"
- selevel: "{{ vikunja_selinux_level }}"
- notify: "Restart vikunja-api"
- become: true
-
-- name: Compose vikunja
- community.docker.docker_compose_v2:
- state: present
- project_src: "{{ vikunja_install_location }}"
- pull: always
- remove_orphans: true
- tags:
- - docker
- - vikunja
- become: true
diff --git a/roles/vikunja/templates/config.yml b/roles/vikunja/templates/config.yml
deleted file mode 100644
index 868f0f8..0000000
--- a/roles/vikunja/templates/config.yml
+++ /dev/null
@@ -1,189 +0,0 @@
-{{ ansible_managed | comment }}
-
-# Vikunja application configuration
-# Infrastructure
-# Ansible instructions to deploy the infrastructure
-# Copyright (C) 2021 Saibotk
-#
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, version 3 of the License.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program. If not, see .
-#
-
-service:
-{% if vikunja_service_jwtsecret | length %}
- # This token is used to verify issued JWT tokens.
- # Default is a random token which will be generated at each startup of vikunja.
- # (This means all already issued tokens will be invalid once you restart vikunja)
- JWTSecret: "{{ vikunja_service_jwtsecret }}"
-{% endif %}
- # The interface on which to run the webserver
- interface: ":3456"
- # The URL of the frontend, used to send password reset emails.
- frontendurl: "https://{{ vikunja_frontend_domain }}/"
- # The base path on the file system where the binary and assets are.
- # Vikunja will also look in this path for a config file, so you could provide only this variable to point to a folder
- # with a config file which will then be used.
- rootpath: "/app/vikunja/"
- # The max number of items which can be returned per page
- maxitemsperpage: 50
- # Enable the caldav endpoint, see the docs for more details
- enablecaldav: {{ vikunja_service_enablecaldav | bool }}
-{% if vikunja_service_motd | length %}
- # Set the motd message, available from the /info endpoint
- motd: "{{ vikunja_service_motd }}"
-{% endif %}
- # Enable sharing of lists via a link
- enablelinksharing: {{ vikunja_service_enablelinksharing | bool }}
- # Whether to let new users registering themselves or not
- enableregistration: {{ vikunja_service_enableregistration | bool }}
- # Whether to enable task attachments or not
- enabletaskattachments: {{ vikunja_service_enabletaskattachments | bool }}
- # The time zone all timestamps are in. Please note that time zones have to use [the official tz database names](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones). UTC or GMT offsets won't work.
- timezone: {{ vikunja_service_timezone }}
- # Whether task comments should be enabled or not
- enabletaskcomments: {{ vikunja_service_enabletaskcomments | bool }}
- # Whether totp is enabled. In most cases you want to leave that enabled.
- enabletotp: {{ vikunja_service_enabletotp | bool }}
- # If not empty, enables logging of crashes and unhandled errors in sentry.
- # sentrydsn: ''
- # If not empty, this will enable `/test/{table}` endpoints which allow to put any content in the database.
- # Used to reset the db before frontend tests. Because this is quite a dangerous feature allowing for lots of harm,
- # each request made to this endpoint neefs to provide an `Authorization: ` header with the token from below.
- # **You should never use this unless you know exactly what you're doing**
- # testingtoken: ''
- # If enabled, vikunja will send an email to everyone who is either assigned to a task or created it when a task reminder
- # is due.
- enableemailreminders: {{ vikunja_service_enableemailreminders | bool }}
- # If true, will allow users to request the complete deletion of their account. When using external authentication methods
- # it may be required to coordinate with them in order to delete the account. This setting will not affect the cli commands
- # for user deletion.
- enableuserdeletion: {{ vikunja_service_enableuserdeletion | bool }}
-
-database:
- # Database type to use. Supported types are mysql, postgres and sqlite.
- type: "postgres"
- # Database user which is used to connect to the database.
- user: "vikunja"
- # Databse password
- password: "{{ vikunja_database_password }}"
- # Databse host
- host: "db"
- # Databse to use
- database: "vikunja"
- # When using sqlite, this is the path where to store the data
- # path: "./vikunja.db"
- # Sets the max open connections to the database. Only used when using mysql and postgres.
- maxopenconnections: 100
- # Sets the maximum number of idle connections to the db.
- maxidleconnections: 50
- # The maximum lifetime of a single db connection in miliseconds.
- maxconnectionlifetime: 10000
- # Secure connection mode. Only used with postgres.
- # (see https://pkg.go.dev/github.com/lib/pq?tab=doc#hdr-Connection_String_Parameters)
- sslmode: disable
- # Enable SSL/TLS for mysql connections. Options: false, true, skip-verify, preferred
- tls: false
-
-cache:
- # If cache is enabled or not
- enabled: true
- # Cache type. Possible values are "keyvalue", "memory" or "redis".
- # When choosing "keyvalue" this setting follows the one configured in the "keyvalue" section.
- # When choosing "redis" you will need to configure the redis connection seperately.
- type: redis
- # When using memory this defines the maximum size an element can take
- maxelementsize: 1000
-
-redis:
- # Whether to enable redis or not
- enabled: true
- # The host of the redis server including its port.
- host: 'redis:6379'
- # The password used to authenicate against the redis server
- password: ''
- # 0 means default database
- db: 0
-
-cors:
- # Whether to enable or disable cors headers.
- # Note: If you want to put the frontend and the api on seperate domains or ports, you will need to enable this.
- # Otherwise the frontend won't be able to make requests to the api through the browser.
- enable: true
- # A list of origins which may access the api. These need to include the protocol (`http://` or `https://`) and port, if any.
- origins:
- - "https://{{ vikunja_frontend_domain }}"
- # How long (in seconds) the results of a preflight request can be cached.
- maxage: 0
-
-mailer:
- {{ vikunja_mailer | to_nice_yaml(indent=2) | indent(2) }}
-
-log:
- {{ vikunja_log | to_nice_yaml(indent=2) | indent(2) }}
-
-ratelimit:
- {{ vikunja_ratelimit | to_nice_yaml(indent=2) | indent(2) }}
-
-files:
- # The path where files are stored
- basepath: ./files # relative to the binary
- # The maximum size of a file, as a human-readable string.
- # Warning: The max size is limited 2^64-1 bytes due to the underlying datatype
- maxsize: {{ vikunja_files_maxsize }}
-
-migration:
- {{ vikunja_migration | to_nice_yaml(indent=2) | indent(2) }}
-
-avatar:
- {{ vikunja_avatar | to_nice_yaml(indent=2) | indent(2) }}
-
-backgrounds:
- {{ vikunja_backgrounds | to_nice_yaml(indent=2) | indent(2) }}
-
-# Legal urls
-# Will be shown in the frontend if configured here
-legal:
- {{ vikunja_legal | to_nice_yaml(indent=2) | indent(2) }}
-
-# Key Value Storage settings
-# The Key Value Storage is used for different kinds of things like metrics and a few cache systems.
-keyvalue:
- # The type of the storage backend. Can be either "memory" or "redis". If "redis" is chosen it needs to be configured seperately.
- type: "memory"
-
-auth:
- # Local authentication will let users log in and register (if enabled) through the db.
- # This is the default auth mechanism and does not require any additional configuration.
- local:
- # Enable or disable local authentication
- enabled: {{ vikunja_auth_local_enabled | bool }}
- # OpenID configuration will allow users to authenticate through a third-party OpenID Connect compatible provider.
- # The provider needs to support the `openid`, `profile` and `email` scopes.
- # **Note:** Some openid providers (like gitlab) only make the email of the user available through openid claims if they have set it to be publicly visible.
- # If the email is not public in those cases, authenticating will fail.
- # **Note 2:** The frontend expects to be redirected after authentication by the third party
- # to /auth/openid/. Please make sure to configure the redirect url with your third party
- # auth service accordingy if you're using the default vikunja frontend.
- # Take a look at the [default config file](https://kolaente.dev/vikunja/api/src/branch/main/config.yml.sample) for more information about how to configure openid authentication.
- openid:
- # Enable or disable OpenID Connect authentication
- enabled: {{ vikunja_auth_openid_enabled | bool }}
- # The url to redirect clients to. Defaults to the configured frontend url. If you're using Vikunja with the official
- # frontend, you don't need to change this value.
- # redirecturl:
- # A list of enabled providers
- providers:
- {{ vikunja_auth_openid_providers | to_nice_yaml(indent=2) | indent(6) }}
-
-# Prometheus metrics endpoint
-metrics:
- {{ vikunja_metrics | to_nice_yaml(indent=2) | indent(2) }}
diff --git a/roles/vikunja/templates/docker-compose.yml b/roles/vikunja/templates/docker-compose.yml
deleted file mode 100644
index ce886ef..0000000
--- a/roles/vikunja/templates/docker-compose.yml
+++ /dev/null
@@ -1,128 +0,0 @@
-{{ ansible_managed | comment }}
-
-# Infrastructure
-# Ansible instructions to deploy the infrastructure
-# Copyright (C) 2021 Saibotk
-#
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, version 3 of the License.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program. If not, see .
-#
-
-version: '2'
-services:
- api:
- image: docker.io/vikunja/api:{{ vikunja_api_image_version }}
- mem_limit: 256mb
- memswap_limit: 300mb
- depends_on:
- - db
- - redis
- volumes:
- - "{{ vikunja_install_location }}/config.yml:/app/vikunja/config.yml"
- - "{{ vikunja_api_files_location }}:/app/vikunja/files"
- networks:
- database:
-{% if proxy_network is defined %}
- {{ proxy_network }}:
-{% endif %}
- restart: always
-{% if vikunja_selinux_level != omit %}
- security_opt:
- - label=level:{{ vikunja_selinux_level }}
-{% endif %}
- labels:
- - "traefik.enable=true"
-
- - "traefik.http.routers.vikunja-api.rule=Host(`{{ vikunja_api_domain }}`) && PathPrefix(`/api/v1`, `/dav/`, `/.well-known/`)"
- - "traefik.http.routers.vikunja-api.entrypoints=websecure"
- - "traefik.http.routers.vikunja-api.tls.certresolver={{ vikunja_api_traefik_certresolver }}"
- - "traefik.http.routers.vikunja-api.middlewares=vikunja-api,compress"
- - "traefik.http.services.vikunja-api.loadbalancer.server.port=3456"
- - "traefik.http.middlewares.vikunja-api.headers.sslredirect=true"
- - "traefik.http.middlewares.vikunja-api.headers.stsSeconds=63072000"
- - "traefik.http.middlewares.vikunja-api.headers.referrerPolicy=no-referrer"
-
-{% if proxy_network is defined %}
- - "traefik.docker.network={{ proxy_network }}"
-{% endif %}
-{% if proxy_hiddenservice is defined and proxy_hiddenservice.content is defined %}
- - "traefik.http.middlewares.vikunja-api.headers.customresponseheaders.alt-svc:h2={{ proxy_hiddenservice['content'] | b64decode | trim }}:443; ma=2592000"
-{% endif %}
-
- frontend:
- image: docker.io/vikunja/frontend:{{ vikunja_frontend_image_version }}
- restart: always
- mem_limit: 10mb
- memswap_limit: 15mb
- security_opt:
- - no-new-privileges
- labels:
- - "traefik.enable=true"
-
- - "traefik.http.routers.vikunja-frontend.rule=Host(`{{ vikunja_frontend_domain }}`) && PathPrefix(`/`)"
- - "traefik.http.routers.vikunja-frontend.entrypoints=websecure"
- - "traefik.http.routers.vikunja-frontend.tls.certresolver={{ vikunja_frontend_traefik_certresolver }}"
- - "traefik.http.routers.vikunja-frontend.middlewares=vikunja-frontend,compress"
- - "traefik.http.services.vikunja-frontend.loadbalancer.server.port=80"
- - "traefik.http.middlewares.vikunja-frontend.headers.sslredirect=true"
- - "traefik.http.middlewares.vikunja-frontend.headers.stsSeconds=63072000"
- - "traefik.http.middlewares.vikunja-frontend.headers.referrerPolicy=no-referrer"
-
-{% if proxy_network is defined %}
- - "traefik.docker.network={{ proxy_network }}"
-{% endif %}
-{% if proxy_hiddenservice is defined and proxy_hiddenservice.content is defined %}
- - "traefik.http.middlewares.vikunja-frontend.headers.customresponseheaders.alt-svc:h2={{ proxy_hiddenservice['content'] | b64decode | trim }}:443; ma=2592000"
-{% endif %}
-{% if proxy_network is defined %}
- networks:
- {{ proxy_network }}:
-{% endif %}
-
- db:
- image: docker.io/library/postgres:{{ vikunja_database_image_version }}
- restart: always
- mem_limit: 512mb
- memswap_limit: 768mb
- read_only: true
- security_opt:
- - no-new-privileges
- tmpfs:
- - /run/postgresql:size=512K
- - /tmp:size=128K
- stop_grace_period: 2m
- stop_signal: SIGINT
- environment:
- - POSTGRES_DB=vikunja
- - POSTGRES_USER=vikunja
- - POSTGRES_PASSWORD={{ vikunja_database_password }}
- volumes:
- - "{{ vikunja_database_location }}:/var/lib/postgresql/data"
- networks:
- database:
-
- redis:
- image: "docker.io/library/redis:{{ vikunja_redis_image_version }}"
- mem_limit: 512mb
- memswap_limit: 768mb
- restart: always
- volumes:
- - {{ vikunja_redis_location }}:/data
- networks:
- database:
-
-networks:
- database:
-{% if proxy_network is defined %}
- {{ proxy_network }}:
- external: true
-{% endif %}