From 4b91fa6f3f6f69d1a03442ee69a8a856feeda11f Mon Sep 17 00:00:00 2001 From: gyurix Date: Fri, 29 Aug 2025 08:14:08 +0200 Subject: [PATCH] Add .gitignore, update Redis URL and domain placeholders, and expand outline secret configuration --- .gitignore | 1 + matrix/service-matrix.json | 141 ----------------------------- outline/outline-secret.json | 27 +++++- outline/service-outline.json | 4 +- outline/template.json | 168 +++++++++++++++++++++++++++++++++++ 5 files changed, 197 insertions(+), 144 deletions(-) create mode 100644 .gitignore delete mode 100644 matrix/service-matrix.json diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..7d0e73f --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +*tmp* \ No newline at end of file diff --git a/matrix/service-matrix.json b/matrix/service-matrix.json deleted file mode 100644 index 47eecd6..0000000 --- a/matrix/service-matrix.json +++ /dev/null @@ -1,141 +0,0 @@ -{ - "main": { - "SERVICE_NAME": "matrix-server", - "DOMAIN": "DOMAIN" - }, - "containers": [ - { - "IMAGE": "alpine:latest", - "UPDATE": "true", - "NAME": "matrix-init", - "NETWORK": "host", - "MEMORY": "64M", - "VOLUMES": [ - { - "SOURCE": "USER_DATA", - "DEST": "/etc/user/data", - "TYPE": "rw" - }, - { - "SOURCE": "SYSTEM_DATA", - "DEST": "/etc/system/data", - "TYPE": "rw" - }, - { - "SOURCE": "SYSTEM_LOG", - "DEST": "/etc/system/log", - "TYPE": "rw" - } - ], - "ENV_FILES": [ - "/etc/user/secret/matrix/matrix.json" - ], - "EXTRA": "--rm", - "DEPEND": "null", - "START_ON_BOOT": "false", - "ENTRYPOINT": "sh -c", - "CMD": "mkdir -p /etc/user/data/matrix/db && mkdir -p /etc/user/data/matrix/synapse", - "PRE_START": "null", - "POST_START": "null" - }, - { - "IMAGE": "postgres:alpine", - "UPDATE": "true", - "NAME": "matrixpostgres-db", - "ROLES": "postgres-db", - "MEMORY": "256M", - "NETWORK": "matrix-net", - "SELECTOR": "matrixpostgres-db", - "VOLUMES": [ - { - "SOURCE": "/etc/user/data/matrix/postgresql", - "DEST": "/var/lib/postgresql/data", - "TYPE": "rw" - } - ], - "PORTS": [ - { - "SOURCE": "null", - "DEST": "5432", - "TYPE": "tcp" - } - ], - "ENV_FILES": [ - "/etc/user/secret/matrix/matrix.json" - ], - "ENVS": [ - { - "POSTGRES_INITDB_ARGS": "--encoding=UTF8 --locale=C" - } - ], - "EXTRA": "--restart unless-stopped", - "DEPEND": "null", - "START_ON_BOOT": "false", - "CMD": "null", - "PRE_START": [], - "POST_START": [] - }, - { - "IMAGE": "matrixdotorg/synapse", - "UPDATE": "true", - "NAME": "matrixserver", - "ROLES": "backend-www", - "MEMORY": "2048M", - "NETWORK": "matrix-net", - "SELECTOR": "matrixserver", - "VOLUMES": [ - { - "SOURCE": "/etc/user/data/matrix/synapse", - "DEST": "/data", - "TYPE": "rw" - } - ], - "PORTS": [ - { - "SOURCE": "null", - "DEST": "8008", - "TYPE": "tcp" - } - ], - "ENV_FILES": [ - "/etc/user/secret/matrix/matrix.json" - ], - "EXTRA": "--restart unless-stopped", - "DEPEND": "null", - "START_ON_BOOT": "false", - "CMD": "null", - "PRE_START": [], - "POST_START": [ - "firewall-matrix", - "domain-matrix" - ] - }, - { - "IMAGE": "awesometechnologies/synapse-admin", - "UPDATE": "true", - "NAME": "matrixadmin", - "ROLES": "backend-www", - "MEMORY": "128M", - "NETWORK": "matrix-net", - "SELECTOR": "matrixadmin", - "VOLUMES": [], - "PORTS": [ - { - "SOURCE": "null", - "DEST": "80", - "TYPE": "tcp" - } - ], - "EXTRA": "--restart unless-stopped", - "DEPEND": "null", - "START_ON_BOOT": "false", - "CMD": "null", - "PRE_START": [], - "POST_START": [ - "firewall-matrix-admin", - "domain-matrix-admin", - "domain-matrix-adminweb" - ] - } - ] -} \ No newline at end of file diff --git a/outline/outline-secret.json b/outline/outline-secret.json index 36f523a..17842d0 100644 --- a/outline/outline-secret.json +++ b/outline/outline-secret.json @@ -7,6 +7,31 @@ "outlineapp": { "SECRET_KEY": "#SECRET_KEY", "UTILS_SECRET": "#UTILS_SECRET", - "DATABASE_URL": "postgres://#DB_USER:#DB_PASSWORD@outlinepostgres-db:5432/#DB_NAME" + "DATABASE_URL": "postgres://#DB_USER:#DB_PASSWORD@outlinepostgres-db:5432/#DB_NAME", + "SLACK_CLIENT_ID": "#SLACK_CLIENT_ID", + "SLACK_CLIENT_SECRET": "#SLACK_CLIENT_SECRET", + "GOOGLE_CLIENT_ID": "#GOOGLE_CLIENT_ID", + "GOOGLE_CLIENT_SECRET": "#GOOGLE_CLIENT_SECRET", + "AZURE_CLIENT_ID": "#AZURE_CLIENT_ID", + "AZURE_CLIENT_SECRET": "#AZURE_CLIENT_SECRET", + "AZURE_RESOURCE_APP_ID": "#AZURE_RESOURCE_APP_ID", + "DISCORD_CLIENT_ID": "#DISCORD_CLIENT_ID", + "DISCORD_CLIENT_SECRET": "#DISCORD_CLIENT_SECRET", + "DISCORD_SERVER_ID": "#DISCORD_SERVER_ID", + "OIDC_CLIENT_ID": "#OIDC_CLIENT_ID", + "OIDC_CLIENT_SECRET": "#OIDC_CLIENT_SECRET", + "OIDC_AUTH_URI": "#OIDC_AUTH_URI", + "OIDC_TOKEN_URI": "#OIDC_TOKEN_URI", + "OIDC_USERINFO_URI": "#OIDC_USERINFO_URI", + "OIDC_LOGOUT_URI": "#OIDC_LOGOUT_URI", + "OIDC_USERNAME_CLAIM": "#OIDC_USERNAME_CLAIM", + "OIDC_DISPLAY_NAME": "#OIDC_DISPLAY_NAME", + "OIDC_SCOPES": "#OIDC_SCOPES", + "SMTP_HOST": "#SMTP_HOST", + "SMTP_PORT": "#SMTP_PORT", + "SMTP_SERVICE": "#SMTP_SERVICE", + "SMTP_USERNAME": "#SMTP_USERNAME", + "SMTP_PASSWORD": "#SMTP_PASSWORD", + "SMTP_FROM_EMAIL": "#SMTP_FROM_EMAIL" } } \ No newline at end of file diff --git a/outline/service-outline.json b/outline/service-outline.json index 6701e20..1d39ed8 100644 --- a/outline/service-outline.json +++ b/outline/service-outline.json @@ -108,10 +108,10 @@ "DATABASE_CONNECTION_POOL_MAX": "" }, { - "REDIS_URL": "redis://outlineredis-app:6379" + "REDIS_URL": "redis://outlineredis-server:6379" }, { - "URL": "https://#OUTLINE_DOMAIN" + "URL": "https://#DOMAIN" }, { "PORT": 3000 diff --git a/outline/template.json b/outline/template.json index 32f7d99..23440b6 100644 --- a/outline/template.json +++ b/outline/template.json @@ -52,6 +52,174 @@ "key": "DOMAIN", "value": "", "required": "true" + }, + { + "description": "Slack client ID", + "key": "SLACK_CLIENT_ID", + "value": "", + "info": "Create a new app in your Slack workspace at https://api.slack.com/apps?new_app=1 and add 'Sign in with Slack' under 'Add features and functionality'. Set the Redirect URL to 'https:///auth/slack.callback'.", + "advanced": "true" + }, + { + "description": "Slack client secret", + "key": "SLACK_CLIENT_SECRET", + "value": "", + "advanced": "true" + }, + { + "description": "Google client ID", + "key": "GOOGLE_CLIENT_ID", + "value": "", + "info": "Create OAuth 2.0 credentials in Google Cloud Console at https://console.cloud.google.com/apis/credentials and set the Redirect URL to 'https:///auth/google.callback'.", + "advanced": "true" + }, + { + "description": "Google client secret", + "key": "GOOGLE_CLIENT_SECRET", + "value": "", + "advanced": "true" + }, + { + "description": "Azure client ID", + "key": "AZURE_CLIENT_ID", + "value": "", + "info": "Register an application in Azure AD at https://portal.azure.com/#blade/Microsoft_AAD_RegisteredApps/ApplicationsListBlade and set the Redirect URL to 'https:///auth/azuread.callback'.", + "advanced": "true" + }, + { + "description": "Azure client secret", + "key": "AZURE_CLIENT_SECRET", + "value": "", + "advanced": "true" + }, + { + "description": "Azure resource app ID", + "key": "AZURE_RESOURCE_APP_ID", + "value": "", + "info": "This is usually the same as the client ID, but can vary based on your Azure AD setup.", + "advanced": "true" + }, + { + "description": "Discord client ID", + "key": "DISCORD_CLIENT_ID", + "value": "", + "info": "Create an application in Discord Developer Portal at https://discord.com/developers/applications and set the Redirect URL to 'https:///auth/discord.callback'.", + "advanced": "true" + }, + { + "description": "Discord client secret", + "key": "DISCORD_CLIENT_SECRET", + "value": "", + "advanced": "true" + }, + { + "description": "Discord server ID (optional)", + "key": "DISCORD_SERVER_ID", + "value": "", + "info": "(Optional) If you want to restrict login to members of a specific Discord server, provide the server ID here.", + "advanced": "true" + }, + { + "description": "OpenID Connect client ID", + "key": "OIDC_CLIENT_ID", + "value": "", + "info": "Set up an OpenID Connect application with your provider and set the Redirect URL to 'https:///auth/oidc.callback'.", + "advanced": "true" + }, + { + "description": "OpenID Connect client secret", + "key": "OIDC_CLIENT_SECRET", + "value": "", + "advanced": "true" + }, + { + "description": "OpenID Connect provider auth URI", + "key": "OIDC_AUTH_URI", + "value": "", + "info": "The authorization endpoint URL of your OpenID Connect provider.", + "advanced": "true" + }, + { + "description": "OpenID Connect provider token URI", + "key": "OIDC_TOKEN_URI", + "value": "", + "info": "The token endpoint URL of your OpenID Connect provider.", + "advanced": "true" + }, + { + "description": "OpenID Connect provider userinfo URI", + "key": "OIDC_USERINFO_URI", + "value": "", + "info": "The userinfo endpoint URL of your OpenID Connect provider.", + "advanced": "true" + }, + { + "description": "OpenID Connect provider logout URI (optional)", + "key": "OIDC_LOGOUT_URI", + "value": "", + "info": "(Optional) The logout endpoint URL of your OpenID Connect provider, if supported.", + "advanced": "true" + }, + { + "description": "OpenID Connect username claim", + "key": "OIDC_USERNAME_CLAIM", + "value": "preferred_username", + "info": "The claim in the ID token or userinfo response to use as the username. Defaults to 'preferred_username'.", + "advanced": "true" + }, + { + "description": "OpenID Connect display name", + "key": "OIDC_DISPLAY_NAME", + "value": "OpenID Connect", + "info": "The display name for the OpenID Connect authentication option. Defaults to 'OpenID Connect'.", + "advanced": "true" + }, + { + "description": "OpenID Connect scopes", + "key": "OIDC_SCOPES", + "value": "openid profile email", + "info": "Space-separated list of scopes to request during authentication. Defaults to 'openid profile email'.", + "advanced": "true" + }, + { + "description": "SMTP host", + "key": "SMTP_HOST", + "value": "", + "info": "Used for sending invitation and password reset emails. Leave blank to disable email functionality.", + "advanced": "true" + }, + { + "description": "SMTP port", + "key": "SMTP_PORT", + "value": "587", + "info": "(Optional) The port to connect to on the SMTP server. Defaults to 587.", + "advanced": "true" + }, + { + "description": "SMTP service (e.g., gmail)", + "key": "SMTP_SERVICE", + "value": "", + "info": "Used for sending invitation and password reset emails. Leave blank to disable email functionality.", + "advanced": "true" + }, + { + "description": "SMTP username (email address)", + "key": "SMTP_USERNAME", + "value": "", + "advanced": "true" + }, + { + "description": "SMTP password", + "key": "SMTP_PASSWORD", + "value": "", + "advanced": "true" + }, + { + "description": "From email address", + "key": "SMTP_FROM_EMAIL", + "value": "", + "info": "(Optional) The email address that emails will be sent from. Defaults to the SMTP username if not set.", + "advanced": "true" } ] } \ No newline at end of file