diff --git a/README.md b/README.md
index f8497991..53be8485 100644
--- a/README.md
+++ b/README.md
@@ -1,2 +1,3 @@
# dataset
+[This dataset application services](seed/README.md)
diff --git a/seed/README.md b/seed/README.md
new file mode 100644
index 00000000..ce983c9d
--- /dev/null
+++ b/seed/README.md
@@ -0,0 +1,67 @@
+# Application services
+
+- [apache](apache/README.md): Apache as web server
+- base:
+ - [base](base/README.md): Base of all application services
+ - [base-debian](base-debian/README.md): Base information of a Debian server
+ - [base-debian-bullseye](base-debian-bullseye/README.md): Base information of a Debian Bulleye server
+ - [base-fedora](base-fedora/README.md): Base information of a Fedora
+ - [base-fedora-35](base-fedora-35/README.md): Base information of a Fedora 35
+ - [base-fedora-36](base-fedora-36/README.md): Base information of a Fedora 36
+ - [base-fedora-37](base-fedora-37/README.md): Base information of a Fedora 37
+ - [base-machine](base-machine/README.md): Base information for a machine
+- dns:
+ - [dns-external](dns-external/README.md): DNS client with resolution on all zones (especially outside)
+ - [dns-local](dns-local/README.md): DNS client with access to local zones
+- [dotclear](dotclear/README.md): Dotclear an open-source web publishing software
+- [dovecot](dovecot/README.md): Postfix and Dovecot as mail servers (Submission and IMAP)
+- [galette](galette/README.md): Galette, a membership management web application towards non profit organizations
+- [gitea](gitea/README.md): Gitea, a community managed lightweight code hosting solution
+- [host-systemd-machined](host-systemd-machined/README.md): Host with machine started in Systemd Machined environment
+- [imap-client](imap-client/README.md): Application service needs interact with an IMAP server
+- ldap:
+ - [ldap-client](ldap-client/README.md): Application service needs interact with a LDAP server
+ - [ldap-client-debian](ldap-client-debian/README.md): LDAP client for Fedora
+ - [ldap-client-fedora](ldap-client-fedora/README.md): LDAP client for Fedora
+- [lemonldap](lemonldap/README.md): LemonLDAP, a Web Single Sign On and Access Management
+- [letsencrypt](letsencrypt/README.md): Let's encrypt, a nonprofit Certificate Authority providing TLS certificates
+- [mailman](mailman/README.md): GNU Mailman, managing electronic mail discussion and e-newsletter lists
+- mariadb:
+ - [mariadb](mariadb/README.md): MariaDB, a relational database
+ - [mariadb-client](mariadb-client/README.md): Application service needs interact with a MariaDB server
+- [nextcloud](nextcloud/README.md): Nextcloud, Online collaboration platform
+- nginx:
+ - [nginx-common](nginx-common/README.md): Nginx common configuration
+ - [nginx-https](nginx-https/README.md): Nginx as HTTPS web site
+ - [nginx-reverse-proxy](nginx-reverse-proxy/README.md): Nginx as reverse proxy
+ - [nginx-static](nginx-static/README.md): Nginx as static web site
+- [nsd](nsd/README.md): NSD, an authoritative DNS name server
+- [oauth2-client](oauth2-client/README.md): Application service needs interact with a Oauth2 server
+- [odoo](odoo/README.md): Odoo, an ERP and CRM
+- [openldap](openldap/README.md): OpenLDAP, a LDAP server
+- [peertube](peertube/README.md): Peertube, a federated (ActivityPub) video streaming platform
+- php:
+ - [php](php/README.md): PHP, a popular general-purpose scripting language
+ - [php-fpm](php-fpm/README.md): PHP FPM
+- [piwigo](piwigo/README.md): Piwigo, a photo management software
+- postfix:
+ - [postfix-lmtp-relay](postfix-lmtp-relay/README.md): Postfix, the mail server, as LMTP relay
+ - [postfix-relay](postfix-relay/README.md): Postfix, the mail server, as relay
+- postgresql:
+ - [postgresql](postgresql/README.md): Postgresql, a database
+ - [postgresql-client](postgresql-client/README.md): Application service needs interact with a Postgresql server
+- [provider-systemd-machined](provider-systemd-machined/README.md): Machine started in Systemd Machined environment
+- redis:
+ - [redis](redis/README.md): Redis, an in-memory data structure store
+ - [redis-client](redis-client/README.md): Application service needs interact with a Redis server
+- relay:
+ - [relay-lmtp-client](relay-lmtp-client/README.md): Application service needs interact with a Postfix server with LMTP protocol
+ - [relay-mail-client](relay-mail-client/README.md): Client SMTP
+- [reverse-proxy-client](reverse-proxy-client/README.md): Application service needs interact with a a reverse proxy server
+- [roundcube](roundcube/README.md): Roundcube, a webmail
+- [sensmotdire](sensmotdire/README.md): Sens Mot Dire, a french conjugaison service
+- [speedtest-rs](speedtest-rs/README.md): Speedtest-rs, a very lightweight Speedtest
+- [systemd](systemd/README.md): Systemd, a system and service manager
+- [unbound](unbound/README.md): Unbound, a validating, recursive, caching DNS resolver
+- [vaultwarden](vaultwarden/README.md): Vaultwarden, a password manager
+- [znc](znc/README.md): ZNC, a bouncer IRC
diff --git a/seed/apache/README.md b/seed/apache/README.md
new file mode 100644
index 00000000..b544ce2c
--- /dev/null
+++ b/seed/apache/README.md
@@ -0,0 +1,39 @@
+---
+gitea: none
+include_toc: true
+---
+
+# apache
+
+[All applications services for this dataset.](../README.md)
+
+## Description
+
+Apache as web server.
+
+[For more informations](https://httpd.apache.org/)
+
+## Dependances
+
+- [reverse-proxy-client](../reverse-proxy-client/README.md)
+
+## Variables
+
+### Général (*general*)
+
+#### Apache (*general.apache*)
+
+Paramètrage avancé du serveur web Apache
+
+| Description | Help | Type | Values |
+|-----------------------------------------------------------------------------------------------------------------------------------|-------------------|-------------------------------------------------------------------------------------------------------------------------|----------|
+| **Temps d'attente des entrées/sorties avant de considérer qu'une requête a échoué** (*[apache_timeout](dictionaries/20_web.xml)*) | Temps en secondes | [number](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | 300 |
+| **Autoriser les connexions persistantes** (*[apache_keepalive](dictionaries/20_web.xml)*) | | [boolean](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | True |
+
+
+- [+]: variable is multiple
+- **bold**: variable is mandatory
+
+## Used by
+
+- [nextcloud](../nextcloud/README.md)
diff --git a/seed/apache/applicationservice.yml b/seed/apache/applicationservice.yml
index ca2cd422..6ba1732c 100644
--- a/seed/apache/applicationservice.yml
+++ b/seed/apache/applicationservice.yml
@@ -1,4 +1,5 @@
format: '0.1'
-description: Apache configuration
+description: Apache as web server
+website: https://httpd.apache.org/
depends:
- reverse-proxy-client
diff --git a/seed/base-debian-bullseye/README.md b/seed/base-debian-bullseye/README.md
new file mode 100644
index 00000000..b570fcbd
--- /dev/null
+++ b/seed/base-debian-bullseye/README.md
@@ -0,0 +1,28 @@
+---
+gitea: none
+include_toc: true
+---
+
+# base-debian-bullseye
+
+[All applications services for this dataset.](../README.md)
+
+## Description
+
+Base information of a Debian Bulleye server.
+
+[For more informations](https://www.debian.org/)
+
+## Dependances
+
+- [base-debian](../base-debian/README.md)
+ - [systemd](../systemd/README.md)
+ - [base-machine](../base-machine/README.md)
+ - [base](../base/README.md)
+ - [dns-local](../dns-local/README.md)
+
+## Used by
+
+- [odoo](../odoo/README.md)
+- [mailman](../mailman/README.md)
+- [lemonldap](../lemonldap/README.md)
diff --git a/seed/base-debian-bullseye/applicationservice.yml b/seed/base-debian-bullseye/applicationservice.yml
index f2a67696..04522d68 100644
--- a/seed/base-debian-bullseye/applicationservice.yml
+++ b/seed/base-debian-bullseye/applicationservice.yml
@@ -1,5 +1,6 @@
format: '0.1'
-description: Information de base d'un serveur Debian Buster
+description: Base information of a Debian Bulleye server
+website: https://www.debian.org/
depends:
- base-debian
distribution: true
diff --git a/seed/base-debian/README.md b/seed/base-debian/README.md
new file mode 100644
index 00000000..8ad84a1b
--- /dev/null
+++ b/seed/base-debian/README.md
@@ -0,0 +1,26 @@
+---
+gitea: none
+include_toc: true
+---
+
+# base-debian
+
+[All applications services for this dataset.](../README.md)
+
+## Description
+
+Base information of a Debian server.
+
+[For more informations](https://www.debian.org/)
+
+## Dependances
+
+- [systemd](../systemd/README.md)
+ - [base-machine](../base-machine/README.md)
+ - [base](../base/README.md)
+ - [dns-local](../dns-local/README.md)
+
+## Used by
+
+- [ldap-client-debian](../ldap-client-debian/README.md)
+- [base-debian-bullseye](../base-debian-bullseye/README.md)
diff --git a/seed/base-debian/applicationservice.yml b/seed/base-debian/applicationservice.yml
index afedc8c7..b0c3a56c 100644
--- a/seed/base-debian/applicationservice.yml
+++ b/seed/base-debian/applicationservice.yml
@@ -1,5 +1,5 @@
format: '0.1'
-description: Information de base d'un serveur Debian
+description: Base information of a Debian server
+website: https://www.debian.org/
depends:
- - base-machine
- systemd
diff --git a/seed/base-fedora-35/README.md b/seed/base-fedora-35/README.md
new file mode 100644
index 00000000..3479431c
--- /dev/null
+++ b/seed/base-fedora-35/README.md
@@ -0,0 +1,26 @@
+---
+gitea: none
+include_toc: true
+---
+
+# base-fedora-35
+
+[All applications services for this dataset.](../README.md)
+
+## Description
+
+Base information of a Fedora 35.
+
+[For more informations](https://getfedora.org/)
+
+## Dependances
+
+- [base-fedora](../base-fedora/README.md)
+ - [systemd](../systemd/README.md)
+ - [base-machine](../base-machine/README.md)
+ - [base](../base/README.md)
+ - [dns-local](../dns-local/README.md)
+
+## Used by
+
+- [postfix-relay](../postfix-relay/README.md)
diff --git a/seed/base-fedora-35/applicationservice.yml b/seed/base-fedora-35/applicationservice.yml
index cefd721f..f77d4354 100644
--- a/seed/base-fedora-35/applicationservice.yml
+++ b/seed/base-fedora-35/applicationservice.yml
@@ -1,5 +1,6 @@
format: '0.1'
-description: Information de base d'un serveur fedora version 35
+description: Base information of a Fedora 35
+website: https://getfedora.org/
depends:
- base-fedora
distribution: true
diff --git a/seed/base-fedora-36/README.md b/seed/base-fedora-36/README.md
new file mode 100644
index 00000000..9db9e2e4
--- /dev/null
+++ b/seed/base-fedora-36/README.md
@@ -0,0 +1,45 @@
+---
+gitea: none
+include_toc: true
+---
+
+# base-fedora-36
+
+[All applications services for this dataset.](../README.md)
+
+## Description
+
+Base information of a Fedora 36.
+
+[For more informations](https://getfedora.org/)
+
+## Dependances
+
+- [base-fedora](../base-fedora/README.md)
+ - [systemd](../systemd/README.md)
+ - [base-machine](../base-machine/README.md)
+ - [base](../base/README.md)
+ - [dns-local](../dns-local/README.md)
+
+## Used by
+
+- [galette](../galette/README.md)
+- [nginx-static](../nginx-static/README.md)
+- [postgresql](../postgresql/README.md)
+- [peertube](../peertube/README.md)
+- [piwigo](../piwigo/README.md)
+- [dovecot](../dovecot/README.md)
+- [unbound](../unbound/README.md)
+- [redis](../redis/README.md)
+- [nsd](../nsd/README.md)
+- [dotclear](../dotclear/README.md)
+- [speedtest-rs](../speedtest-rs/README.md)
+- [nginx-reverse-proxy](../nginx-reverse-proxy/README.md)
+- [sensmotdire](../sensmotdire/README.md)
+- [roundcube](../roundcube/README.md)
+- [znc](../znc/README.md)
+- [vaultwarden](../vaultwarden/README.md)
+- [mariadb](../mariadb/README.md)
+- [nextcloud](../nextcloud/README.md)
+- [openldap](../openldap/README.md)
+- [gitea](../gitea/README.md)
diff --git a/seed/base-fedora-36/applicationservice.yml b/seed/base-fedora-36/applicationservice.yml
index 634f4986..1f67b779 100644
--- a/seed/base-fedora-36/applicationservice.yml
+++ b/seed/base-fedora-36/applicationservice.yml
@@ -1,5 +1,6 @@
format: '0.1'
-description: Information de base d'un serveur fedora version 36
+description: Base information of a Fedora 36
+website: https://getfedora.org/
depends:
- base-fedora
distribution: true
diff --git a/seed/base-fedora-37/README.md b/seed/base-fedora-37/README.md
new file mode 100644
index 00000000..8d0923cb
--- /dev/null
+++ b/seed/base-fedora-37/README.md
@@ -0,0 +1,22 @@
+---
+gitea: none
+include_toc: true
+---
+
+# base-fedora-37
+
+[All applications services for this dataset.](../README.md)
+
+## Description
+
+Base information of a Fedora 37.
+
+[For more informations](https://getfedora.org/)
+
+## Dependances
+
+- [base-fedora](../base-fedora/README.md)
+ - [systemd](../systemd/README.md)
+ - [base-machine](../base-machine/README.md)
+ - [base](../base/README.md)
+ - [dns-local](../dns-local/README.md)
diff --git a/seed/base-fedora-37/applicationservice.yml b/seed/base-fedora-37/applicationservice.yml
new file mode 100644
index 00000000..27803c3d
--- /dev/null
+++ b/seed/base-fedora-37/applicationservice.yml
@@ -0,0 +1,6 @@
+format: '0.1'
+description: Base information of a Fedora 37
+website: https://getfedora.org/
+depends:
+ - base-fedora
+distribution: true
diff --git a/seed/base-fedora/README.md b/seed/base-fedora/README.md
index d7ad4235..0de60f56 100644
--- a/seed/base-fedora/README.md
+++ b/seed/base-fedora/README.md
@@ -1 +1,29 @@
-Inspired by: https://pagure.io/fedora-kickstarts/tree/main
+---
+gitea: none
+include_toc: true
+---
+
+# base-fedora
+
+[All applications services for this dataset.](../README.md)
+
+## Description
+
+Base information of a Fedora.
+
+[For more informations](https://getfedora.org/)
+
+## Dependances
+
+- [systemd](../systemd/README.md)
+ - [base-machine](../base-machine/README.md)
+ - [base](../base/README.md)
+ - [dns-local](../dns-local/README.md)
+
+## Used by
+
+- [base-fedora-36](../base-fedora-36/README.md)
+- [base-fedora-35](../base-fedora-35/README.md)
+- [letsencrypt](../letsencrypt/README.md)
+- [ldap-client-fedora](../ldap-client-fedora/README.md)
+- [base-fedora-37](../base-fedora-37/README.md)
diff --git a/seed/base-fedora/applicationservice.yml b/seed/base-fedora/applicationservice.yml
index 32ea7abe..712b7590 100644
--- a/seed/base-fedora/applicationservice.yml
+++ b/seed/base-fedora/applicationservice.yml
@@ -1,5 +1,5 @@
format: '0.1'
-description: Information de base d'un serveur Fedora
+description: Base information of a Fedora
+website: https://getfedora.org/
depends:
- - base-machine
- systemd
diff --git a/seed/base-fedora/infos.md b/seed/base-fedora/infos.md
new file mode 100644
index 00000000..d7ad4235
--- /dev/null
+++ b/seed/base-fedora/infos.md
@@ -0,0 +1 @@
+Inspired by: https://pagure.io/fedora-kickstarts/tree/main
diff --git a/seed/base-machine/README.md b/seed/base-machine/README.md
new file mode 100644
index 00000000..c08f0b08
--- /dev/null
+++ b/seed/base-machine/README.md
@@ -0,0 +1,33 @@
+---
+gitea: none
+include_toc: true
+---
+
+# base-machine
+
+[All applications services for this dataset.](../README.md)
+
+## Description
+
+Base information for a machine.
+
+## Dependances
+
+- [base](../base/README.md)
+- [dns-local](../dns-local/README.md)
+
+## Variables
+
+### Machine (*machine*)
+
+| Description | Type |
+|-----------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------|
+| Data disk size (*[data_disk_size](extras/machine/00_base.xml)*) | [number](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) |
+
+
+- [+]: variable is multiple
+- **bold**: variable is mandatory
+
+## Used by
+
+- [systemd](../systemd/README.md)
diff --git a/seed/base/README.md b/seed/base/README.md
new file mode 100644
index 00000000..66b70216
--- /dev/null
+++ b/seed/base/README.md
@@ -0,0 +1,17 @@
+---
+gitea: none
+include_toc: true
+---
+
+# base
+
+[All applications services for this dataset.](../README.md)
+
+## Description
+
+Base of all application services.
+
+## Used by
+
+- [host-systemd-machined](../host-systemd-machined/README.md)
+- [base-machine](../base-machine/README.md)
diff --git a/seed/base/applicationservice.yml b/seed/base/applicationservice.yml
index 2daf18e8..a6c3577d 100644
--- a/seed/base/applicationservice.yml
+++ b/seed/base/applicationservice.yml
@@ -1,2 +1,2 @@
format: '0.1'
-description: Base
+description: Base of all application services
diff --git a/seed/dns-external/README.md b/seed/dns-external/README.md
new file mode 100644
index 00000000..c38fae65
--- /dev/null
+++ b/seed/dns-external/README.md
@@ -0,0 +1,38 @@
+---
+gitea: none
+include_toc: true
+---
+
+# dns-external
+
+[All applications services for this dataset.](../README.md)
+
+## Description
+
+DNS client with resolution on all zones (especially outside).
+
+## Variables
+
+### Général (*general*)
+
+#### network (*general.network*)
+
+| Description | Values | Supplier |
+|-------------------------------------------------------------|----------|-------------|
+| *[**dns_is_only_local**](dictionaries/14-dns-external.xml)* | False | |
+| *[dns_client_address](dictionaries/14-dns-external.xml)* | | ExternalDNS |
+
+
+- [+]: variable is multiple
+- **bold**: variable is mandatory
+
+## Used by
+
+- [postfix-relay](../postfix-relay/README.md)
+- [peertube](../peertube/README.md)
+- [unbound](../unbound/README.md)
+- [znc](../znc/README.md)
+
+## Linked to
+
+- [unbound](../unbound/README.md)
diff --git a/seed/dns-external/applicationservice.yml b/seed/dns-external/applicationservice.yml
index 654347d1..31b118ba 100644
--- a/seed/dns-external/applicationservice.yml
+++ b/seed/dns-external/applicationservice.yml
@@ -1,2 +1,2 @@
format: '0.1'
-description: Configuration du client DNS externe
+description: DNS client with resolution on all zones (especially outside)
diff --git a/seed/dns-local/README.md b/seed/dns-local/README.md
new file mode 100644
index 00000000..0382515b
--- /dev/null
+++ b/seed/dns-local/README.md
@@ -0,0 +1,20 @@
+---
+gitea: none
+include_toc: true
+---
+
+# dns-local
+
+[All applications services for this dataset.](../README.md)
+
+## Description
+
+DNS client with access to local zones.
+
+## Used by
+
+- [base-machine](../base-machine/README.md)
+
+## Linked to
+
+- [nsd](../nsd/README.md)
diff --git a/seed/dns-local/applicationservice.yml b/seed/dns-local/applicationservice.yml
index ad16e59c..710f4c5c 100644
--- a/seed/dns-local/applicationservice.yml
+++ b/seed/dns-local/applicationservice.yml
@@ -1,2 +1,2 @@
format: '0.1'
-description: Configuration du client DNS local
+description: DNS client with access to local zones
diff --git a/seed/dotclear/README.md b/seed/dotclear/README.md
new file mode 100644
index 00000000..dccce365
--- /dev/null
+++ b/seed/dotclear/README.md
@@ -0,0 +1,43 @@
+---
+gitea: none
+include_toc: true
+---
+
+# dotclear
+
+[All applications services for this dataset.](../README.md)
+
+## Description
+
+Dotclear an open-source web publishing software.
+
+[For more informations](https://dotclear.org)
+
+## Dependances
+
+- [base-fedora-36](../base-fedora-36/README.md)
+ - [base-fedora](../base-fedora/README.md)
+ - [systemd](../systemd/README.md)
+ - [base-machine](../base-machine/README.md)
+ - [base](../base/README.md)
+ - [dns-local](../dns-local/README.md)
+- [postgresql-client](../postgresql-client/README.md)
+- [nginx-https](../nginx-https/README.md)
+ - [nginx-common](../nginx-common/README.md)
+ - [reverse-proxy-client](../reverse-proxy-client/README.md)
+- [php-fpm](../php-fpm/README.md)
+ - [php](../php/README.md)
+
+## Variables
+
+### Général (*general*)
+
+#### Dotclear (*general.dotclear*)
+
+| Description | Type |
+|----------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------|
+| **Adresse courriel de l'administrateur** (*[admin_mail_from](dictionaries/40_dotclear.xml)*) | [mail](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) |
+
+
+- [+]: variable is multiple
+- **bold**: variable is mandatory
diff --git a/seed/dotclear/applicationservice.yml b/seed/dotclear/applicationservice.yml
new file mode 100644
index 00000000..33dd1403
--- /dev/null
+++ b/seed/dotclear/applicationservice.yml
@@ -0,0 +1,8 @@
+format: '0.1'
+description: Dotclear an open-source web publishing software
+website: https://dotclear.org
+depends:
+ - base-fedora-36
+ - postgresql-client
+ - nginx-https
+ - php-fpm
diff --git a/seed/dovecot/README.md b/seed/dovecot/README.md
new file mode 100644
index 00000000..deadf799
--- /dev/null
+++ b/seed/dovecot/README.md
@@ -0,0 +1,95 @@
+---
+gitea: none
+include_toc: true
+---
+
+# dovecot
+
+[All applications services for this dataset.](../README.md)
+
+## Description
+
+Postfix and Dovecot as mail servers (Submission and IMAP).
+
+[For more informations](https://www.dovecot.org/)
+
+## Dependances
+
+- [base-fedora-36](../base-fedora-36/README.md)
+ - [base-fedora](../base-fedora/README.md)
+ - [systemd](../systemd/README.md)
+ - [base-machine](../base-machine/README.md)
+ - [base](../base/README.md)
+ - [dns-local](../dns-local/README.md)
+- [relay-lmtp-client](../relay-lmtp-client/README.md)
+ - [relay-mail-client](../relay-mail-client/README.md)
+- [ldap-client-fedora](../ldap-client-fedora/README.md)
+ - [ldap-client](../ldap-client/README.md)
+ - [base-fedora](../base-fedora/README.md)
+ - [systemd](../systemd/README.md)
+ - [base-machine](../base-machine/README.md)
+ - [base](../base/README.md)
+ - [dns-local](../dns-local/README.md)
+- [oauth2-client](../oauth2-client/README.md)
+- [nginx-https](../nginx-https/README.md)
+ - [nginx-common](../nginx-common/README.md)
+ - [reverse-proxy-client](../reverse-proxy-client/README.md)
+
+## Variables
+
+### Général (*general*)
+
+#### network (*general.network*)
+
+| Description | Values |
+|---------------------------------------------------------|--------------|
+| *[**incoming_ports**](dictionaries/26_dovecot.xml)* [+] | 587
993 |
+
+#### annuaire (*general.annuaire*)
+
+##### client (*general.annuaire.client*)
+
+| Description | Values |
+|----------------------------------------------------------|----------|
+| *[**ldapclient_family**](dictionaries/26_dovecot.xml)* | all |
+| *[**ldap_key_file_owner**](dictionaries/26_dovecot.xml)* | dovecot |
+| *[**ldap_key_file_group**](dictionaries/26_dovecot.xml)* | postfix |
+
+#### Mail domain (*general.mail*)
+
+This a family is a leadership.
+
+| Description | Type | Supplier |
+|---------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------|---------------|
+| **Domaine de courriel géré localement** (*[mail_domains](dictionaries/26_dovecot.xml)*) [+] | [domainname](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | LMTP:criteria |
+| *[**imap_domainname**](dictionaries/26_dovecot.xml)* | [domainname](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | |
+| *[**submission_domainname**](dictionaries/26_dovecot.xml)* | [domainname](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | |
+
+#### IMAP mail server (*general.dovecot*)
+
+| Description | Type | Provider |
+|----------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------|------------|
+| **Adresse interne du serveur IMAP** (*[imap_internal_address](dictionaries/26_dovecot.xml)*) | [domainname](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | IMAP |
+
+#### revprox (*general.revprox*)
+
+##### revprox_client (*general.revprox.revprox_client*)
+
+| Description |
+|----------------------------------------------------------------------|
+| *[revprox_client_external_domainnames](dictionaries/26_dovecot.xml)* |
+| *[revprox_client_web_address](dictionaries/26_dovecot.xml)* |
+
+#### nginx (*general.nginx*)
+
+| Description | Values |
+|-------------------------------------------------|---------------|
+| *[**nginx_root**](dictionaries/26_dovecot.xml)* | /var/www/html |
+
+
+- [+]: variable is multiple
+- **bold**: variable is mandatory
+
+## Linked to
+
+- [imap-client](../imap-client/README.md)
diff --git a/seed/dovecot/applicationservice.yml b/seed/dovecot/applicationservice.yml
index 8237e8e8..c632271f 100644
--- a/seed/dovecot/applicationservice.yml
+++ b/seed/dovecot/applicationservice.yml
@@ -1,5 +1,6 @@
format: '0.1'
-description: Postfix et Dovecot
+description: Postfix and Dovecot as mail servers (Submission and IMAP)
+website: https://www.dovecot.org/
depends:
- base-fedora-36
- relay-lmtp-client
diff --git a/seed/galette/README.md b/seed/galette/README.md
new file mode 100644
index 00000000..570579ff
--- /dev/null
+++ b/seed/galette/README.md
@@ -0,0 +1,44 @@
+---
+gitea: none
+include_toc: true
+---
+
+# galette
+
+[All applications services for this dataset.](../README.md)
+
+## Description
+
+Galette, a membership management web application towards non profit organizations.
+
+[For more informations](https://galette.eu/)
+
+## Dependances
+
+- [base-fedora-36](../base-fedora-36/README.md)
+ - [base-fedora](../base-fedora/README.md)
+ - [systemd](../systemd/README.md)
+ - [base-machine](../base-machine/README.md)
+ - [base](../base/README.md)
+ - [dns-local](../dns-local/README.md)
+- [mariadb-client](../mariadb-client/README.md)
+- [nginx-https](../nginx-https/README.md)
+ - [nginx-common](../nginx-common/README.md)
+ - [reverse-proxy-client](../reverse-proxy-client/README.md)
+- [php-fpm](../php-fpm/README.md)
+ - [php](../php/README.md)
+
+## Variables
+
+### Machine (*machine*)
+
+| Description | Values |
+|-----------------------------------------------------|----------|
+| *[**var_size**](extras/machine/20_sensmotdire.xml)* | 256 |
+| *[**add_tmp**](extras/machine/20_sensmotdire.xml)* | False |
+| *[**add_srv**](extras/machine/20_sensmotdire.xml)* | False |
+| *[**add_swap**](extras/machine/20_sensmotdire.xml)* | False |
+
+
+- [+]: variable is multiple
+- **bold**: variable is mandatory
diff --git a/seed/galette/applicationservice.yml b/seed/galette/applicationservice.yml
new file mode 100644
index 00000000..90d7dc38
--- /dev/null
+++ b/seed/galette/applicationservice.yml
@@ -0,0 +1,8 @@
+format: '0.1'
+description: Galette, a membership management web application towards non profit organizations
+website: https://galette.eu/
+depends:
+ - base-fedora-36
+ - mariadb-client
+ - nginx-https
+ - php-fpm
diff --git a/seed/gitea/README.md b/seed/gitea/README.md
new file mode 100644
index 00000000..5a58c72c
--- /dev/null
+++ b/seed/gitea/README.md
@@ -0,0 +1,88 @@
+---
+gitea: none
+include_toc: true
+---
+
+# gitea
+
+[All applications services for this dataset.](../README.md)
+
+## Description
+
+Gitea, a community managed lightweight code hosting solution.
+
+[For more informations](https://gitea.io/)
+
+## Dependances
+
+- [base-fedora-36](../base-fedora-36/README.md)
+ - [base-fedora](../base-fedora/README.md)
+ - [systemd](../systemd/README.md)
+ - [base-machine](../base-machine/README.md)
+ - [base](../base/README.md)
+ - [dns-local](../dns-local/README.md)
+- [postgresql-client](../postgresql-client/README.md)
+- [reverse-proxy-client](../reverse-proxy-client/README.md)
+- [relay-mail-client](../relay-mail-client/README.md)
+- [redis-client](../redis-client/README.md)
+- [oauth2-client](../oauth2-client/README.md)
+
+## Variables
+
+### Général (*general*)
+
+#### network (*general.network*)
+
+| Description | Values |
+|---------------------------------------------------|----------|
+| *[**incoming_ports**](dictionaries/31_gitea.xml)* | 2222 |
+
+#### Redis (*general.redis*)
+
+| Description | Values |
+|-----------------------------------------------------------|----------|
+| *[**redis_client_key_owner**](dictionaries/31_gitea.xml)* | gitea |
+
+#### Gitea (*general.gitea*)
+
+Git forge Gitea
+
+| Description | Values | Type |
+|-----------------------------------------------------------------------------------------------------------|----------------------------------|------------------------------------------------------------------------------------------------------------------------|
+| **Titre de la forge** (*[gitea_title](dictionaries/31_gitea.xml)*) | Gitea: Git avec une tasse de thé | [string](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) |
+| **Les courriels sont envoyés à partir de cet adresse** (*[gitea_mail_sender](dictionaries/31_gitea.xml)*) | | [mail](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) |
+
+#### revprox (*general.revprox*)
+
+| Description | Values |
+|--------------------------------------------------------------|----------|
+| *[**revprox_client_port**](dictionaries/31_gitea.xml)* | 3000 |
+| *[**revprox_client_cert_owner**](dictionaries/31_gitea.xml)* | gitea |
+| *[**revprox_client_cert_group**](dictionaries/31_gitea.xml)* | gitea |
+
+##### revprox_client (*general.revprox.revprox_client*)
+
+| Description | Values |
+|------------------------------------------------------------------|----------|
+| *[**revprox_client_local_location**](dictionaries/31_gitea.xml)* | / |
+
+#### oauth2_client (*general.oauth2_client*)
+
+| Description | Values |
+|-----------------------------------------------------------------------|----------------------|
+| *[**oauth2_is_client_application**](dictionaries/31_gitea.xml)* | True |
+| *[**oauth2_client_name**](dictionaries/31_gitea.xml)* | Forge |
+| *[**oauth2_client_description**](dictionaries/31_gitea.xml)* | Forge logiciel Gitea |
+| *[**oauth2_client_category**](dictionaries/31_gitea.xml)* | Développement |
+| *[**oauth2_client_logo**](dictionaries/31_gitea.xml)* | silique_note.png |
+| *[**oauth2_client_token_signature_algo**](dictionaries/31_gitea.xml)* | RS256 |
+
+##### external (*general.oauth2_client.external*)
+
+| Description |
+|-------------------------------------------------------|
+| *[oauth2_client_external](dictionaries/31_gitea.xml)* |
+
+
+- [+]: variable is multiple
+- **bold**: variable is mandatory
diff --git a/seed/gitea/applicationservice.yml b/seed/gitea/applicationservice.yml
index 4d15a3d5..5948eb31 100644
--- a/seed/gitea/applicationservice.yml
+++ b/seed/gitea/applicationservice.yml
@@ -1,5 +1,6 @@
format: '0.1'
-description: Gitea
+description: Gitea, a community managed lightweight code hosting solution
+website: https://gitea.io/
depends:
- base-fedora-36
- postgresql-client
diff --git a/seed/host-systemd-machined/README.md b/seed/host-systemd-machined/README.md
new file mode 100644
index 00000000..49451669
--- /dev/null
+++ b/seed/host-systemd-machined/README.md
@@ -0,0 +1,59 @@
+---
+gitea: none
+include_toc: true
+---
+
+# host-systemd-machined
+
+[All applications services for this dataset.](../README.md)
+
+## Description
+
+Host with machine started in Systemd Machined environment.
+
+[For more informations](https://www.freedesktop.org/wiki/Software/systemd/machined/)
+
+## Dependances
+
+- [base](../base/README.md)
+
+## Variables
+
+### Général (*general*)
+
+| Description | Type | Provider | Values |
+|-----------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------|-------------------------|----------|
+| **Nom du répertoire comprenant les descriptions d'installation** (*[host_install_dir](dictionaries/21-machined.xml)*) | [filename](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | global:host_install_dir | |
+| **Ajustement de la mémoire virtuelle** (*[vm_swappiness](dictionaries/21-machined.xml)*) | [number](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | | 60 |
+
+#### network (*general.network*)
+
+| Description |
+|---------------------------------------------------------------------------------------|
+| **Nom de l'interface de sortie** (*[output_interface](dictionaries/21-machined.xml)*) |
+
+##### interfaces (*general.network.interfaces*)
+
+This a family is a leadership.
+
+| Description | Type | Choices |
+|-----------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------|----------------|
+| **Nom de l'interface** (*[interface_names](dictionaries/21-machined.xml)*) [+] | [string](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | |
+| **Type de la carte** (*[interface_type](dictionaries/21-machined.xml)*) | [choice](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | dhcp
ipv4 |
+| **IP au format CIDR de l'interface** (*[interface_ip](dictionaries/21-machined.xml)*) | [cidr](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | |
+| **IP de la route par défaut** (*[interface_gateway](dictionaries/21-machined.xml)*) | [ip](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | |
+| **IP des serveurs DNS** (*[interface_domain_name_servers](dictionaries/21-machined.xml)*) [+] | [ip](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | |
+
+### Machined (*machined*)
+
+| Description | Type | Provider |
+|-----------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------|------------|
+| Machines started in this host (*[machines](extras/machined/00-machined.xml)*) [+] | [domainname](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Host |
+
+
+- [+]: variable is multiple
+- **bold**: variable is mandatory
+
+## Linked to
+
+- [provider-systemd-machined](../provider-systemd-machined/README.md)
diff --git a/seed/host-systemd-machined/applicationservice.yml b/seed/host-systemd-machined/applicationservice.yml
index 747473a7..50b2813d 100644
--- a/seed/host-systemd-machined/applicationservice.yml
+++ b/seed/host-systemd-machined/applicationservice.yml
@@ -1,4 +1,5 @@
format: '0.1'
-description: Configure Systemd Machined
+description: Host with machine started in Systemd Machined environment
+website: https://www.freedesktop.org/wiki/Software/systemd/machined/
depends:
- base
diff --git a/seed/imap-client/README.md b/seed/imap-client/README.md
new file mode 100644
index 00000000..6d518c40
--- /dev/null
+++ b/seed/imap-client/README.md
@@ -0,0 +1,34 @@
+---
+gitea: none
+include_toc: true
+---
+
+# imap-client
+
+[All applications services for this dataset.](../README.md)
+
+## Description
+
+Application service needs interact with an IMAP server.
+
+## Variables
+
+### Général (*general*)
+
+#### Client SMTP (*general.imap*)
+
+| Description | Type | Supplier |
+|----------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------|------------|
+| **Nom de domaine du serveur IMAP** (*[imap_address](dictionaries/21_imap_client.xml)*) | [domainname](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | IMAP |
+
+
+- [+]: variable is multiple
+- **bold**: variable is mandatory
+
+## Used by
+
+- [roundcube](../roundcube/README.md)
+
+## Linked to
+
+- [dovecot](../dovecot/README.md)
diff --git a/seed/imap-client/applicationservice.yml b/seed/imap-client/applicationservice.yml
index d29f98b3..6a6ec258 100644
--- a/seed/imap-client/applicationservice.yml
+++ b/seed/imap-client/applicationservice.yml
@@ -1,2 +1,2 @@
format: '0.1'
-description: Client IMAP
+description: Application service needs interact with an IMAP server
diff --git a/seed/ldap-client-debian/README.md b/seed/ldap-client-debian/README.md
new file mode 100644
index 00000000..226ce2f5
--- /dev/null
+++ b/seed/ldap-client-debian/README.md
@@ -0,0 +1,26 @@
+---
+gitea: none
+include_toc: true
+---
+
+# ldap-client-debian
+
+[All applications services for this dataset.](../README.md)
+
+## Description
+
+LDAP client for Fedora.
+
+## Dependances
+
+- [ldap-client](../ldap-client/README.md)
+- [base-debian](../base-debian/README.md)
+ - [systemd](../systemd/README.md)
+ - [base-machine](../base-machine/README.md)
+ - [base](../base/README.md)
+ - [dns-local](../dns-local/README.md)
+
+## Used by
+
+- [odoo](../odoo/README.md)
+- [lemonldap](../lemonldap/README.md)
diff --git a/seed/ldap-client-fedora/README.md b/seed/ldap-client-fedora/README.md
new file mode 100644
index 00000000..8aa8ec54
--- /dev/null
+++ b/seed/ldap-client-fedora/README.md
@@ -0,0 +1,29 @@
+---
+gitea: none
+include_toc: true
+---
+
+# ldap-client-fedora
+
+[All applications services for this dataset.](../README.md)
+
+## Description
+
+LDAP client for Fedora.
+
+## Dependances
+
+- [ldap-client](../ldap-client/README.md)
+- [base-fedora](../base-fedora/README.md)
+ - [systemd](../systemd/README.md)
+ - [base-machine](../base-machine/README.md)
+ - [base](../base/README.md)
+ - [dns-local](../dns-local/README.md)
+
+## Used by
+
+- [piwigo](../piwigo/README.md)
+- [dovecot](../dovecot/README.md)
+- [roundcube](../roundcube/README.md)
+- [nextcloud](../nextcloud/README.md)
+- [openldap](../openldap/README.md)
diff --git a/seed/ldap-client/README.md b/seed/ldap-client/README.md
new file mode 100644
index 00000000..35bcfe1a
--- /dev/null
+++ b/seed/ldap-client/README.md
@@ -0,0 +1,47 @@
+---
+gitea: none
+include_toc: true
+---
+
+# ldap-client
+
+[All applications services for this dataset.](../README.md)
+
+## Description
+
+Application service needs interact with a LDAP server.
+
+## Variables
+
+### Général (*general*)
+
+#### Annuaire OpenLDAP (*general.annuaire*)
+
+##### Serveur (*general.annuaire.server*)
+
+| Description | Type | Supplier |
+|----------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------|------------|
+| **Nom DNS du serveur LDAP** (*[ldap_server_address](dictionaries/21_ldap-client.xml)*) | [domainname](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | LDAP |
+
+##### Client (*general.annuaire.client*)
+
+| Description | Type | Supplier |
+|----------------------------------------------------------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------|--------------|
+| Nom de la famille LDAP (*[ldapclient_family](dictionaries/21_ldap-client.xml)*) | [unix_user](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | LDAP:family |
+| **Base DN de l'annuaire** (*[ldapclient_base_dn](dictionaries/21_ldap-client.xml)*) | [string](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | LDAP:base_dn |
+| **Base DN de l'annuaire des utilisateurs** (*[ldapclient_search_dn](dictionaries/21_ldap-client.xml)*) | [string](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | |
+| **Base DN de l'annuaire des groupes** (*[ldapclient_group_dn](dictionaries/21_ldap-client.xml)*) | [string](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | |
+| **Base DN de l'annuaire des utilisateurs n'appartenant à une famille** (*[ldapclient_user_dn](dictionaries/21_ldap-client.xml)*) | [string](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | |
+
+
+- [+]: variable is multiple
+- **bold**: variable is mandatory
+
+## Used by
+
+- [ldap-client-debian](../ldap-client-debian/README.md)
+- [ldap-client-fedora](../ldap-client-fedora/README.md)
+
+## Linked to
+
+- [openldap](../openldap/README.md)
diff --git a/seed/ldap-client/applicationservice.yml b/seed/ldap-client/applicationservice.yml
index df0f004d..98817f8c 100644
--- a/seed/ldap-client/applicationservice.yml
+++ b/seed/ldap-client/applicationservice.yml
@@ -1,2 +1,2 @@
format: '0.1'
-description: LDAP client
+description: Application service needs interact with a LDAP server
diff --git a/seed/lemonldap/README.md b/seed/lemonldap/README.md
new file mode 100644
index 00000000..d912383a
--- /dev/null
+++ b/seed/lemonldap/README.md
@@ -0,0 +1,87 @@
+---
+gitea: none
+include_toc: true
+---
+
+# lemonldap
+
+[All applications services for this dataset.](../README.md)
+
+## Description
+
+LemonLDAP, a Web Single Sign On and Access Management.
+
+[For more informations](https://lemonldap-ng.org/)
+
+## Dependances
+
+- [base-debian-bullseye](../base-debian-bullseye/README.md)
+ - [base-debian](../base-debian/README.md)
+ - [systemd](../systemd/README.md)
+ - [base-machine](../base-machine/README.md)
+ - [base](../base/README.md)
+ - [dns-local](../dns-local/README.md)
+- [ldap-client-debian](../ldap-client-debian/README.md)
+ - [ldap-client](../ldap-client/README.md)
+ - [base-debian](../base-debian/README.md)
+ - [systemd](../systemd/README.md)
+ - [base-machine](../base-machine/README.md)
+ - [base](../base/README.md)
+ - [dns-local](../dns-local/README.md)
+- [reverse-proxy-client](../reverse-proxy-client/README.md)
+- [relay-mail-client](../relay-mail-client/README.md)
+- [nginx-common](../nginx-common/README.md)
+
+## Variables
+
+### Général (*general*)
+
+#### nginx (*general.nginx*)
+
+| Description | Values |
+|---------------------------------------------------------------|----------|
+| *[**nginx_default_https**](dictionaries/70_lemonldap_ng.xml)* | False |
+
+#### LemonLDAP (*general.lemonldap*)
+
+Configuration de la solution d'authentification unique LemonLDAP::NG
+
+| Description | Type | Values |
+|------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------|----------|
+| **Nombre de processus dédié à LemonLdap (équivalent au nombre de processeurs)** (*[lemon_proc](dictionaries/70_lemonldap_ng.xml)*) | [number](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | 1 |
+| **Courriel de l'administrateur** (*[lemon_mail_admin](dictionaries/70_lemonldap_ng.xml)*) | [mail](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | |
+
+#### annuaire (*general.annuaire*)
+
+##### client (*general.annuaire.client*)
+
+| Description | Values |
+|-------------------------------------------------------------|----------|
+| *[**ldapclient_family**](dictionaries/70_lemonldap_ng.xml)* | all |
+
+### Oauth2 (*oauth2*)
+
+| Description | Type | Provider | Supplier |
+|------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------|------------|--------------|
+| Remote clients needing to verify OAuth2 account (*[remotes](extras/oauth2/00_oauth2.xml)*) [+] | [domainname](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | OAuth2 | |
+| Remote clients (*[clients](extras/oauth2/00_oauth2.xml)*) [+] | [domainname](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | | OAuth2Client |
+
+#### OAuth2 for (*oauth2.oauth2_*)
+
+This a dynamic family generated from the variable "oauth2.remotes".
+
+##### external_ (*oauth2.oauth2_.external_*)
+
+This a family is a leadership.
+
+| Description | Provider |
+|--------------------------------------------------------------------|-----------------|
+| Remote external for (*[hosts_](extras/oauth2/00_oauth2.xml)*) [+] | OAuth2:external |
+
+
+- [+]: variable is multiple
+- **bold**: variable is mandatory
+
+## Linked to
+
+- [oauth2-client](../oauth2-client/README.md)
diff --git a/seed/lemonldap/applicationservice.yml b/seed/lemonldap/applicationservice.yml
index 723261ea..0aebe632 100644
--- a/seed/lemonldap/applicationservice.yml
+++ b/seed/lemonldap/applicationservice.yml
@@ -1,5 +1,6 @@
format: '0.1'
-description: LemonLDAP
+description: LemonLDAP, a Web Single Sign On and Access Management
+website: https://lemonldap-ng.org/
depends:
- base-debian-bullseye
- ldap-client-debian
diff --git a/seed/letsencrypt/README.md b/seed/letsencrypt/README.md
index cc48ba57..21c64ccb 100644
--- a/seed/letsencrypt/README.md
+++ b/seed/letsencrypt/README.md
@@ -1,34 +1,41 @@
-# Gestion Let's encrypt
+---
+gitea: none
+include_toc: true
+---
-## Fonctionnement du service application
+# letsencrypt
-Ce service gère le téléchargement et la mise à disposition des certificats Let's encrypt.
+[All applications services for this dataset.](../README.md)
-Le certificat doit être disponible avant l'installation de la machine de destination.
-C'est pourquoi ce le certificat est téléchargement grâce au défi DNS-1.
+## Description
-Il faut donc installer certbot + python3-certbot-dns-xxx (sur une Fedora), par exemple pour OVH "python3-certbot-dns-ovh".
+Let's encrypt, a nonprofit Certificate Authority providing TLS certificates.
-Attention, en utilisant ce service vous acceptez les conditions d'utilisation de Let's Encrypt !
+[For more informations](https://letsencrypt.org/)
-## Utiliser Let's encrypt dans une machine
+## Dependances
-Dans applicationservice.yml ajouter la dépendance "letsencrypt".
+- [base-fedora](../base-fedora/README.md)
+ - [systemd](../systemd/README.md)
+ - [base-machine](../base-machine/README.md)
+ - [base](../base/README.md)
+ - [dns-local](../dns-local/README.md)
-Sur la machine installer Certb
+## Variables
-## Configurer Let's encrypt
+### Général (*general*)
-```
-rougail.letsencrypt.domain_names": ["nom de domaine"],
-rougail.letsencrypt.authority_cn": {"0": "nom de domaine"},
-rougail.letsencrypt.authority_name": {"0": "NomAutorité"},
-rougail.letsencrypt.plugin_name": {"0": "ovh"},
-rougail.letsencrypt.credential_filename": {"0": "/home/user/ovh.ini"},
-rougail.letsencrypt.email": {"0": "gnunux@gnunux.info"}
-```
+#### Défi DNS pour Let's encrypt (*general.letsencrypt*)
-## Exemple avec OVH
+This a family is a leadership.
-Installation du greffon Certbot : https://certbot-dns-ovh.readthedocs.io/en/stable/
-Création d'une clef d'API : https://eu.api.ovh.com/createToken/
+| Description | Type |
+|-----------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------|
+| Nom des domaines (*[domain_names](dictionaries/20-letsencrypt.xml)*) [+] | [domainname](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) |
+| **Nom du greffon de mise à jour DNS du domaine** (*[plugin_name](dictionaries/20-letsencrypt.xml)*) | [string](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) |
+| **Nom du fichier de configuration du greffin** (*[credential_filename](dictionaries/20-letsencrypt.xml)*) | [filename](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) |
+| **Courriel associé au certificat** (*[email](dictionaries/20-letsencrypt.xml)*) | [mail](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) |
+
+
+- [+]: variable is multiple
+- **bold**: variable is mandatory
diff --git a/seed/letsencrypt/applicationservice.yml b/seed/letsencrypt/applicationservice.yml
index d3cc5914..d5504c96 100644
--- a/seed/letsencrypt/applicationservice.yml
+++ b/seed/letsencrypt/applicationservice.yml
@@ -1,4 +1,5 @@
format: '0.1'
-description: Let's encrypt
+description: Let's encrypt, a nonprofit Certificate Authority providing TLS certificates
+website: https://letsencrypt.org/
depends:
- base-fedora
diff --git a/seed/letsencrypt/infos.md b/seed/letsencrypt/infos.md
new file mode 100644
index 00000000..cc48ba57
--- /dev/null
+++ b/seed/letsencrypt/infos.md
@@ -0,0 +1,34 @@
+# Gestion Let's encrypt
+
+## Fonctionnement du service application
+
+Ce service gère le téléchargement et la mise à disposition des certificats Let's encrypt.
+
+Le certificat doit être disponible avant l'installation de la machine de destination.
+C'est pourquoi ce le certificat est téléchargement grâce au défi DNS-1.
+
+Il faut donc installer certbot + python3-certbot-dns-xxx (sur une Fedora), par exemple pour OVH "python3-certbot-dns-ovh".
+
+Attention, en utilisant ce service vous acceptez les conditions d'utilisation de Let's Encrypt !
+
+## Utiliser Let's encrypt dans une machine
+
+Dans applicationservice.yml ajouter la dépendance "letsencrypt".
+
+Sur la machine installer Certb
+
+## Configurer Let's encrypt
+
+```
+rougail.letsencrypt.domain_names": ["nom de domaine"],
+rougail.letsencrypt.authority_cn": {"0": "nom de domaine"},
+rougail.letsencrypt.authority_name": {"0": "NomAutorité"},
+rougail.letsencrypt.plugin_name": {"0": "ovh"},
+rougail.letsencrypt.credential_filename": {"0": "/home/user/ovh.ini"},
+rougail.letsencrypt.email": {"0": "gnunux@gnunux.info"}
+```
+
+## Exemple avec OVH
+
+Installation du greffon Certbot : https://certbot-dns-ovh.readthedocs.io/en/stable/
+Création d'une clef d'API : https://eu.api.ovh.com/createToken/
diff --git a/seed/mailman/README.md b/seed/mailman/README.md
new file mode 100644
index 00000000..70513396
--- /dev/null
+++ b/seed/mailman/README.md
@@ -0,0 +1,93 @@
+---
+gitea: none
+include_toc: true
+---
+
+# mailman
+
+[All applications services for this dataset.](../README.md)
+
+## Description
+
+GNU Mailman, managing electronic mail discussion and e-newsletter lists.
+
+[For more informations](https://www.list.org)
+
+## Dependances
+
+- [base-debian-bullseye](../base-debian-bullseye/README.md)
+ - [base-debian](../base-debian/README.md)
+ - [systemd](../systemd/README.md)
+ - [base-machine](../base-machine/README.md)
+ - [base](../base/README.md)
+ - [dns-local](../dns-local/README.md)
+- [postgresql-client](../postgresql-client/README.md)
+- [relay-lmtp-client](../relay-lmtp-client/README.md)
+ - [relay-mail-client](../relay-mail-client/README.md)
+- [reverse-proxy-client](../reverse-proxy-client/README.md)
+- [nginx-https](../nginx-https/README.md)
+ - [nginx-common](../nginx-common/README.md)
+ - [reverse-proxy-client](../reverse-proxy-client/README.md)
+- [oauth2-client](../oauth2-client/README.md)
+
+## Variables
+
+### Général (*general*)
+
+#### Gestionnaire de liste (*general.mailman*)
+
+| Description | Type |
+|-------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------|
+| Courriel du gestionnaire de liste du site (*[mailman_mail_owner](dictionaries/31_mailman.xml)*) | [mail](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) |
+| **Nom de domaine des listes** (*[mailman_domains](dictionaries/31_mailman.xml)*) [+] | [domainname](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) |
+
+#### oauth2_client (*general.oauth2_client*)
+
+| Description | Values |
+|-------------------------------------------------------------------------|-------------------------------|
+| *[**oauth2_is_client_application**](dictionaries/31_mailman.xml)* | True |
+| *[**oauth2_client_name**](dictionaries/31_mailman.xml)* | Liste de distribution |
+| *[**oauth2_client_description**](dictionaries/31_mailman.xml)* | Liste de distribution Mailman |
+| *[**oauth2_client_category**](dictionaries/31_mailman.xml)* | Développement |
+| *[**oauth2_client_logo**](dictionaries/31_mailman.xml)* | silique_email.png |
+| *[**oauth2_client_token_signature_algo**](dictionaries/31_mailman.xml)* | RS256 |
+
+##### external (*general.oauth2_client.external*)
+
+| Description |
+|---------------------------------------------------------|
+| *[oauth2_client_external](dictionaries/31_mailman.xml)* |
+
+#### nginx (*general.nginx*)
+
+| Description | Values |
+|-------------------------------------------------|------------------------------|
+| *[**nginx_root**](dictionaries/31_mailman.xml)* | /usr/share/webapps/postorius |
+
+#### postgresql (*general.postgresql*)
+
+| Description | Values |
+|----------------------------------------------------------|----------|
+| *[**pg_client_key_owner**](dictionaries/31_mailman.xml)* | list |
+
+### Mailman (*mailman*)
+
+#### Listes du domaine (*mailman.list_*)
+
+This a dynamic family generated from the variable "general.mailman.mailman_domains".
+
+| Description | Type |
+|-------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------|
+| **Nom des listes** (*[name_](extras/mailman/20_mailman.xml)*) [+] | [unix_user](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) |
+
+### Machine (*machine*)
+
+| Description | Values |
+|-------------------------------------------------|----------|
+| *[**var_size**](extras/machine/20_mailman.xml)* | 256 |
+| *[**add_tmp**](extras/machine/20_mailman.xml)* | False |
+| *[**add_swap**](extras/machine/20_mailman.xml)* | False |
+
+
+- [+]: variable is multiple
+- **bold**: variable is mandatory
diff --git a/seed/mailman/applicationservice.yml b/seed/mailman/applicationservice.yml
index 17e1ec58..2b7ac4d8 100644
--- a/seed/mailman/applicationservice.yml
+++ b/seed/mailman/applicationservice.yml
@@ -1,7 +1,8 @@
format: '0.1'
-description: Gestionnaire de liste de diffusion Mailman
+description: GNU Mailman, managing electronic mail discussion and e-newsletter lists
+website: https://www.list.org
depends:
- - base-fedora-35
+ - base-debian-bullseye
- postgresql-client
- relay-lmtp-client
- reverse-proxy-client
diff --git a/seed/mailman/templates/postorius-settings.py b/seed/mailman/templates/mailman-web.py
similarity index 100%
rename from seed/mailman/templates/postorius-settings.py
rename to seed/mailman/templates/mailman-web.py
diff --git a/seed/mailman/templates/sysuser-mailman.conf b/seed/mailman/templates/sysuser-mailman.conf
deleted file mode 100644
index a4443333..00000000
--- a/seed/mailman/templates/sysuser-mailman.conf
+++ /dev/null
@@ -1,2 +0,0 @@
-g mailman 41 -
-u mailman 41:41 "Mailman, the mailing-list manager" /srv/mailman/lib /sbin/nologin
diff --git a/seed/mariadb-client/README.md b/seed/mariadb-client/README.md
new file mode 100644
index 00000000..154c9761
--- /dev/null
+++ b/seed/mariadb-client/README.md
@@ -0,0 +1,38 @@
+---
+gitea: none
+include_toc: true
+---
+
+# mariadb-client
+
+[All applications services for this dataset.](../README.md)
+
+## Description
+
+Application service needs interact with a MariaDB server.
+
+[For more informations](https://mariadb.org/)
+
+## Variables
+
+### Général (*general*)
+
+#### MariaDB (*general.mariadb*)
+
+| Description | Type | Supplier |
+|-----------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------|------------|
+| **Nom de domaine du serveur MariaDB** (*[mariadb_client_server_domainname](dictionaries/20_mariadb.xml)*) | [domainname](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | MariaDB |
+
+
+- [+]: variable is multiple
+- **bold**: variable is mandatory
+
+## Used by
+
+- [galette](../galette/README.md)
+- [piwigo](../piwigo/README.md)
+- [sensmotdire](../sensmotdire/README.md)
+
+## Linked to
+
+- [mariadb](../mariadb/README.md)
diff --git a/seed/mariadb-client/applicationservice.yml b/seed/mariadb-client/applicationservice.yml
index 07acd8aa..9c519da6 100644
--- a/seed/mariadb-client/applicationservice.yml
+++ b/seed/mariadb-client/applicationservice.yml
@@ -1,2 +1,3 @@
format: '0.1'
-description: Mariadb client
+description: Application service needs interact with a MariaDB server
+website: https://mariadb.org/
diff --git a/seed/mariadb/README.md b/seed/mariadb/README.md
new file mode 100644
index 00000000..e3c7df50
--- /dev/null
+++ b/seed/mariadb/README.md
@@ -0,0 +1,39 @@
+---
+gitea: none
+include_toc: true
+---
+
+# mariadb
+
+[All applications services for this dataset.](../README.md)
+
+## Description
+
+MariaDB, a relational database.
+
+[For more informations](https://mariadb.org/)
+
+## Dependances
+
+- [base-fedora-36](../base-fedora-36/README.md)
+ - [base-fedora](../base-fedora/README.md)
+ - [systemd](../systemd/README.md)
+ - [base-machine](../base-machine/README.md)
+ - [base](../base/README.md)
+ - [dns-local](../dns-local/README.md)
+
+## Variables
+
+### Accounts (*accounts*)
+
+| Description | Type | Provider |
+|--------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------|------------|
+| Remote clients needing an account (*[remotes](extras/accounts/00_accounts.xml)*) [+] | [domainname](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | MariaDB |
+
+
+- [+]: variable is multiple
+- **bold**: variable is mandatory
+
+## Linked to
+
+- [mariadb-client](../mariadb-client/README.md)
diff --git a/seed/mariadb/applicationservice.yml b/seed/mariadb/applicationservice.yml
index a0d982e3..d324f4f9 100644
--- a/seed/mariadb/applicationservice.yml
+++ b/seed/mariadb/applicationservice.yml
@@ -1,4 +1,5 @@
format: '0.1'
-description: Mariadb
+description: MariaDB, a relational database
+website: https://mariadb.org/
depends:
- base-fedora-36
diff --git a/seed/nextcloud/README.md b/seed/nextcloud/README.md
new file mode 100644
index 00000000..89a11c2c
--- /dev/null
+++ b/seed/nextcloud/README.md
@@ -0,0 +1,70 @@
+---
+gitea: none
+include_toc: true
+---
+
+# nextcloud
+
+[All applications services for this dataset.](../README.md)
+
+## Description
+
+Nextcloud, Online collaboration platform.
+
+[For more informations](https://nextcloud.com/)
+
+## Dependances
+
+- [base-fedora-36](../base-fedora-36/README.md)
+ - [base-fedora](../base-fedora/README.md)
+ - [systemd](../systemd/README.md)
+ - [base-machine](../base-machine/README.md)
+ - [base](../base/README.md)
+ - [dns-local](../dns-local/README.md)
+- [postgresql-client](../postgresql-client/README.md)
+- [ldap-client-fedora](../ldap-client-fedora/README.md)
+ - [ldap-client](../ldap-client/README.md)
+ - [base-fedora](../base-fedora/README.md)
+ - [systemd](../systemd/README.md)
+ - [base-machine](../base-machine/README.md)
+ - [base](../base/README.md)
+ - [dns-local](../dns-local/README.md)
+- [redis-client](../redis-client/README.md)
+- [oauth2-client](../oauth2-client/README.md)
+- [relay-mail-client](../relay-mail-client/README.md)
+- [apache](../apache/README.md)
+ - [reverse-proxy-client](../reverse-proxy-client/README.md)
+- [php-fpm](../php-fpm/README.md)
+ - [php](../php/README.md)
+
+## Variables
+
+### Général (*general*)
+
+#### Nextcloud (*general.nextcloud*)
+
+| Description | Type |
+|---------------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------|
+| *[**nextcloud_mail_admin**](dictionaries/31_nextcloud.xml)* | [mail](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) |
+| Nom de domaine du serveur hebergeant le répertoire .well-known (*[nextcloud_well_known_server](dictionaries/31_nextcloud.xml)*) | [domainname](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) |
+
+#### oauth2_client (*general.oauth2_client*)
+
+| Description | Values |
+|---------------------------------------------------------------------|---------------------------------------|
+| *[**oauth2_is_client_application**](dictionaries/31_nextcloud.xml)* | True |
+| *[**oauth2_client_name**](dictionaries/31_nextcloud.xml)* | Collaboration |
+| *[**oauth2_client_description**](dictionaries/31_nextcloud.xml)* | Plateforme de collaboration Nextcloud |
+| *[**oauth2_client_category**](dictionaries/31_nextcloud.xml)* | Diffusion |
+| *[**oauth2_client_logo**](dictionaries/31_nextcloud.xml)* | silique_folder.png |
+
+#### php (*general.php*)
+
+| Description | Values |
+|--------------------------------------------------------------------|----------|
+| *[**php_enable_output_buffering**](dictionaries/31_nextcloud.xml)* | False |
+| *[**php_disable_pcntl**](dictionaries/31_nextcloud.xml)* | False |
+
+
+- [+]: variable is multiple
+- **bold**: variable is mandatory
diff --git a/seed/nextcloud/applicationservice.yml b/seed/nextcloud/applicationservice.yml
index 66a288ce..9f0382fb 100644
--- a/seed/nextcloud/applicationservice.yml
+++ b/seed/nextcloud/applicationservice.yml
@@ -1,5 +1,6 @@
format: '0.1'
-description: Nextcloud
+description: Nextcloud, Online collaboration platform
+website: https://nextcloud.com/
depends:
- base-fedora-36
- postgresql-client
diff --git a/seed/nginx-common/README.md b/seed/nginx-common/README.md
new file mode 100644
index 00000000..095c9979
--- /dev/null
+++ b/seed/nginx-common/README.md
@@ -0,0 +1,38 @@
+---
+gitea: none
+include_toc: true
+---
+
+# nginx-common
+
+[All applications services for this dataset.](../README.md)
+
+## Description
+
+Nginx common configuration.
+
+[For more informations](https://nginx.org/)
+
+## Variables
+
+### Général (*general*)
+
+#### NGINX (*general.nginx*)
+
+Paramétrage global de NGINX
+
+| Description | Help | Type | Values | Choices |
+|-------------------------------------------------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------|----------|---------------------|
+| Nom de domaine du serveur mandataire inverse par défaut (*[nginx_default](dictionaries/21_nginx.xml)*) | Si un client accède au serveur avec un nom de domaine non déclaré, le flux est redirigé vers ce domaine | [domainname](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | | |
+| **Longueur maximum pour un nom de domaine** (*[nginx_hash_bucket_size](dictionaries/21_nginx.xml)*) | | [choice](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | 128 | 128
64
32 |
+| **Taille maximale des données reçues par la méthode POST (en Mo)** (*[nginx_post_max_size](dictionaries/21_nginx.xml)*) | | [number](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | 32 | |
+
+
+- [+]: variable is multiple
+- **bold**: variable is mandatory
+
+## Used by
+
+- [nginx-reverse-proxy](../nginx-reverse-proxy/README.md)
+- [nginx-https](../nginx-https/README.md)
+- [lemonldap](../lemonldap/README.md)
diff --git a/seed/nginx-common/applicationservice.yml b/seed/nginx-common/applicationservice.yml
index 02271631..09835368 100644
--- a/seed/nginx-common/applicationservice.yml
+++ b/seed/nginx-common/applicationservice.yml
@@ -1,2 +1,3 @@
format: '0.1'
description: Nginx common configuration
+website: https://nginx.org/
diff --git a/seed/nginx-https/README.md b/seed/nginx-https/README.md
new file mode 100644
index 00000000..0a5dc00b
--- /dev/null
+++ b/seed/nginx-https/README.md
@@ -0,0 +1,32 @@
+---
+gitea: none
+include_toc: true
+---
+
+# nginx-https
+
+[All applications services for this dataset.](../README.md)
+
+## Description
+
+Nginx as HTTPS web site.
+
+[For more informations](https://nginx.org/)
+
+## Dependances
+
+- [nginx-common](../nginx-common/README.md)
+- [reverse-proxy-client](../reverse-proxy-client/README.md)
+
+## Used by
+
+- [odoo](../odoo/README.md)
+- [galette](../galette/README.md)
+- [nginx-static](../nginx-static/README.md)
+- [mailman](../mailman/README.md)
+- [peertube](../peertube/README.md)
+- [piwigo](../piwigo/README.md)
+- [dovecot](../dovecot/README.md)
+- [dotclear](../dotclear/README.md)
+- [sensmotdire](../sensmotdire/README.md)
+- [roundcube](../roundcube/README.md)
diff --git a/seed/nginx-https/applicationservice.yml b/seed/nginx-https/applicationservice.yml
index e163e060..2f09cf44 100644
--- a/seed/nginx-https/applicationservice.yml
+++ b/seed/nginx-https/applicationservice.yml
@@ -1,5 +1,6 @@
format: '0.1'
description: Nginx as HTTPS web site
+website: https://nginx.org/
depends:
- nginx-common
- reverse-proxy-client
diff --git a/seed/nginx-reverse-proxy/README.md b/seed/nginx-reverse-proxy/README.md
new file mode 100644
index 00000000..ee2cc6f0
--- /dev/null
+++ b/seed/nginx-reverse-proxy/README.md
@@ -0,0 +1,67 @@
+---
+gitea: none
+include_toc: true
+---
+
+# nginx-reverse-proxy
+
+[All applications services for this dataset.](../README.md)
+
+## Description
+
+Nginx as reverse proxy.
+
+[For more informations](https://nginx.org/)
+
+## Dependances
+
+- [base-fedora-36](../base-fedora-36/README.md)
+ - [base-fedora](../base-fedora/README.md)
+ - [systemd](../systemd/README.md)
+ - [base-machine](../base-machine/README.md)
+ - [base](../base/README.md)
+ - [dns-local](../dns-local/README.md)
+- [nginx-common](../nginx-common/README.md)
+
+## Variables
+
+### Général (*general*)
+
+#### network (*general.network*)
+
+| Description | Values |
+|-------------------------------------------------------|-------------|
+| *[**incoming_ports**](dictionaries/25_nginx.xml)* [+] | 80
443 |
+
+#### NGINX (*general.nginx*)
+
+Paramétrage global de NGINX
+
+| Description | Values |
+|--------------------------------------------------------|----------|
+| *[**nginx_default**](dictionaries/25_nginx.xml)* | |
+| *[**nginx_default_http**](dictionaries/25_nginx.xml)* | True |
+| *[**nginx_default_https**](dictionaries/25_nginx.xml)* | True |
+
+### Machine (*machine*)
+
+| Description | Values |
+|-------------------------------------------------------|----------|
+| *[**var_size**](extras/machine/20_reverse_proxy.xml)* | 256 |
+| *[**add_tmp**](extras/machine/20_reverse_proxy.xml)* | False |
+| *[**add_srv**](extras/machine/20_reverse_proxy.xml)* | False |
+| *[**add_swap**](extras/machine/20_reverse_proxy.xml)* | False |
+
+### Nginx (*nginx*)
+
+| Description | Type | Provider |
+|--------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------|--------------|
+| Nom des domaines dans le serveur mandataire inverse (*[remotes](extras/nginx/00-nginx.xml)*) [+] | [domainname](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | ReverseProxy |
+
+
+- [+]: variable is multiple
+- **bold**: variable is mandatory
+
+## Linked to
+
+- [reverse-proxy-client](../reverse-proxy-client/README.md)
diff --git a/seed/nginx-reverse-proxy/applicationservice.yml b/seed/nginx-reverse-proxy/applicationservice.yml
index 486d2385..2c5a0cc0 100644
--- a/seed/nginx-reverse-proxy/applicationservice.yml
+++ b/seed/nginx-reverse-proxy/applicationservice.yml
@@ -1,5 +1,6 @@
format: '0.1'
description: Nginx as reverse proxy
+website: https://nginx.org/
depends:
- base-fedora-36
- nginx-common
diff --git a/seed/nginx-reverse-proxy/templates/ca.crt b/seed/nginx-reverse-proxy/templates/ca.crt
deleted file mode 100644
index 66947175..00000000
--- a/seed/nginx-reverse-proxy/templates/ca.crt
+++ /dev/null
@@ -1 +0,0 @@
-%%nginx_chain[%%rougail_index]
diff --git a/seed/nginx-static/README.md b/seed/nginx-static/README.md
new file mode 100644
index 00000000..da3acf7c
--- /dev/null
+++ b/seed/nginx-static/README.md
@@ -0,0 +1,40 @@
+---
+gitea: none
+include_toc: true
+---
+
+# nginx-static
+
+[All applications services for this dataset.](../README.md)
+
+## Description
+
+Nginx as static web site.
+
+[For more informations](https://nginx.org/)
+
+## Dependances
+
+- [nginx-https](../nginx-https/README.md)
+ - [nginx-common](../nginx-common/README.md)
+ - [reverse-proxy-client](../reverse-proxy-client/README.md)
+- [base-fedora-36](../base-fedora-36/README.md)
+ - [base-fedora](../base-fedora/README.md)
+ - [systemd](../systemd/README.md)
+ - [base-machine](../base-machine/README.md)
+ - [base](../base/README.md)
+ - [dns-local](../dns-local/README.md)
+
+## Variables
+
+### Général (*general*)
+
+#### nginx (*general.nginx*)
+
+| Description | Values |
+|------------------------------------------------------|-------------|
+| *[**nginx_root**](dictionaries/22_nginx_static.xml)* | /srv/static |
+
+
+- [+]: variable is multiple
+- **bold**: variable is mandatory
diff --git a/seed/nginx-static/applicationservice.yml b/seed/nginx-static/applicationservice.yml
index 4a3b18b5..9395932f 100644
--- a/seed/nginx-static/applicationservice.yml
+++ b/seed/nginx-static/applicationservice.yml
@@ -1,5 +1,6 @@
format: '0.1'
-description: Nginx with static web site
+description: Nginx as static web site
+website: https://nginx.org/
depends:
- nginx-https
- base-fedora-36
diff --git a/seed/nsd/README.md b/seed/nsd/README.md
new file mode 100644
index 00000000..ef6e77c0
--- /dev/null
+++ b/seed/nsd/README.md
@@ -0,0 +1,71 @@
+---
+gitea: none
+include_toc: true
+---
+
+# nsd
+
+[All applications services for this dataset.](../README.md)
+
+## Description
+
+NSD, an authoritative DNS name server.
+
+[For more informations](https://www.nlnetlabs.nl/projects/nsd/about/)
+
+## Dependances
+
+- [base-fedora-36](../base-fedora-36/README.md)
+ - [base-fedora](../base-fedora/README.md)
+ - [systemd](../systemd/README.md)
+ - [base-machine](../base-machine/README.md)
+ - [base](../base/README.md)
+ - [dns-local](../dns-local/README.md)
+
+## Variables
+
+### Général (*general*)
+
+#### network (*general.network*)
+
+| Description |
+|-------------------------------------|
+| *[ip_dns](dictionaries/20_nsd.xml)* |
+
+#### Serveur DNS (*general.dns_server*)
+
+| Description | Type | Supplier |
+|-------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------|-------------|
+| Nom de domaine du résolveur DNS associé (*[nsd_resolver](dictionaries/20_nsd.xml)*) | [domainname](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | ExternalDNS |
+
+#### Zone DNS (*general.dns_zone*)
+
+| Description | Type |
+|--------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------|
+| Zones DNS (*[nsd_zones](dictionaries/20_nsd.xml)*) [+] | [domainname](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) |
+
+#### Zone DNS reverse (*general.dns_reverses*)
+
+This a family is a leadership.
+
+| Description | Type |
+|------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------|
+| Réseau pour la résolution reverse (*[nsd_reverse_network](dictionaries/20_nsd.xml)*) [+] | [network_cidr](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) |
+
+### Machine (*machine*)
+
+| Description | Values |
+|---------------------------------------------|----------|
+| *[**var_size**](extras/machine/20_nsd.xml)* | 256 |
+| *[**add_tmp**](extras/machine/20_nsd.xml)* | False |
+| *[**add_srv**](extras/machine/20_nsd.xml)* | False |
+| *[**add_swap**](extras/machine/20_nsd.xml)* | False |
+
+
+- [+]: variable is multiple
+- **bold**: variable is mandatory
+
+## Linked to
+
+- [dns-local](../dns-local/README.md)
+- [unbound](../unbound/README.md)
diff --git a/seed/nsd/applicationservice.yml b/seed/nsd/applicationservice.yml
index c2b20d80..31a5bb86 100644
--- a/seed/nsd/applicationservice.yml
+++ b/seed/nsd/applicationservice.yml
@@ -1,5 +1,6 @@
format: '0.1'
-description: Configuration du serveur faisant autorité NSD
+description: NSD, an authoritative DNS name server
+website: https://www.nlnetlabs.nl/projects/nsd/about/
service: true
depends:
- base-fedora-36
diff --git a/seed/oauth2-client/README.md b/seed/oauth2-client/README.md
new file mode 100644
index 00000000..ffc7e874
--- /dev/null
+++ b/seed/oauth2-client/README.md
@@ -0,0 +1,56 @@
+---
+gitea: none
+include_toc: true
+---
+
+# oauth2-client
+
+[All applications services for this dataset.](../README.md)
+
+## Description
+
+Application service needs interact with a Oauth2 server.
+
+## Variables
+
+### Général (*general*)
+
+#### OAuth2 client (*general.oauth2_client*)
+
+| Description | Type | Supplier | Values | Provider |
+|-----------------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------|--------------------|----------|------------------------------|
+| **OAuth2 server domain name** (*[oauth2_client_server_domainname](dictionaries/30_oauth2_client.xml)*) | [domainname](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | OAuth2 | | |
+| **OAuth2 client is an application** (*[oauth2_is_client_application](dictionaries/30_oauth2_client.xml)*) | [boolean](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | | False | |
+| **OAuth2 client name** (*[oauth2_client_name](dictionaries/30_oauth2_client.xml)*) | [string](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | OAuth2:name | | |
+| **OAuth2 client description** (*[oauth2_client_description](dictionaries/30_oauth2_client.xml)*) | [string](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | OAuth2:description | | |
+| OAuth2 URL to valid login (*[oauth2_client_login](dictionaries/30_oauth2_client.xml)*) | [web_address](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | OAuth2:login | | |
+| **OAuth2 category** (*[oauth2_client_category](dictionaries/30_oauth2_client.xml)*) | [string](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | OAuth2:category | Défaut | |
+| **OAuth2 logo** (*[oauth2_client_logo](dictionaries/30_oauth2_client.xml)*) | [string](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | OAuth2:logo | demo.png | |
+| Remote clients (*[oauth2_clients](dictionaries/30_oauth2_client.xml)*) [+] | [domainname](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | | | OAuth2Client |
+| **OAuth2 server domain name** (*[oauth2_server_domainname](dictionaries/30_oauth2_client.xml)*) | [domainname](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | | | OAuth2Client:external_domain |
+
+##### external (*general.oauth2_client.external*)
+
+| Description | Type | Supplier | Values |
+|------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------|-----------------|----------|
+| **OAuth2 client external** (*[oauth2_client_external](dictionaries/30_oauth2_client.xml)*) [+] | [web_address](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | OAuth2:external | |
+| **OAuth2 family** (*[oauth2_client_family](dictionaries/30_oauth2_client.xml)*) | [string](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | OAuth2:family | users |
+
+
+- [+]: variable is multiple
+- **bold**: variable is mandatory
+
+## Used by
+
+- [odoo](../odoo/README.md)
+- [mailman](../mailman/README.md)
+- [peertube](../peertube/README.md)
+- [piwigo](../piwigo/README.md)
+- [dovecot](../dovecot/README.md)
+- [roundcube](../roundcube/README.md)
+- [nextcloud](../nextcloud/README.md)
+- [gitea](../gitea/README.md)
+
+## Linked to
+
+- [lemonldap](../lemonldap/README.md)
diff --git a/seed/oauth2-client/applicationservice.yml b/seed/oauth2-client/applicationservice.yml
index b6f735e6..ea3b43d0 100644
--- a/seed/oauth2-client/applicationservice.yml
+++ b/seed/oauth2-client/applicationservice.yml
@@ -1,2 +1,2 @@
format: '0.1'
-description: Oauth2 client
+description: Application service needs interact with a Oauth2 server
diff --git a/seed/odoo/README.md b/seed/odoo/README.md
new file mode 100644
index 00000000..ab258e1f
--- /dev/null
+++ b/seed/odoo/README.md
@@ -0,0 +1,96 @@
+---
+gitea: none
+include_toc: true
+---
+
+# odoo
+
+[All applications services for this dataset.](../README.md)
+
+## Description
+
+Odoo, an ERP and CRM.
+
+[For more informations](https://www.odoo.com/fr)
+
+## Dependances
+
+- [base-debian-bullseye](../base-debian-bullseye/README.md)
+ - [base-debian](../base-debian/README.md)
+ - [systemd](../systemd/README.md)
+ - [base-machine](../base-machine/README.md)
+ - [base](../base/README.md)
+ - [dns-local](../dns-local/README.md)
+- [postgresql-client](../postgresql-client/README.md)
+- [reverse-proxy-client](../reverse-proxy-client/README.md)
+- [relay-mail-client](../relay-mail-client/README.md)
+- [ldap-client-debian](../ldap-client-debian/README.md)
+ - [ldap-client](../ldap-client/README.md)
+ - [base-debian](../base-debian/README.md)
+ - [systemd](../systemd/README.md)
+ - [base-machine](../base-machine/README.md)
+ - [base](../base/README.md)
+ - [dns-local](../dns-local/README.md)
+- [oauth2-client](../oauth2-client/README.md)
+- [nginx-https](../nginx-https/README.md)
+ - [nginx-common](../nginx-common/README.md)
+ - [reverse-proxy-client](../reverse-proxy-client/README.md)
+
+## Variables
+
+### Général (*general*)
+
+#### Odoo (*general.odoo*)
+
+| Description | Type | Values | Choices |
+|-------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------|--------------------------------------------|
+| **Adresse courriel de l'administrateur** (*[odoo_admin_email](dictionaries/40_odoo.xml)*) | [mail](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | | |
+| **Nom** (*[odoo_company_name](dictionaries/40_odoo.xml)*) | [string](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | | |
+| **Adresse** (*[odoo_company_street](dictionaries/40_odoo.xml)*) | [string](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | | |
+| **Ville** (*[odoo_company_city](dictionaries/40_odoo.xml)*) | [string](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | | |
+| **Code postal** (*[odoo_company_zip](dictionaries/40_odoo.xml)*) | [string](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | | |
+| **Numéro TVA** (*[odoo_company_vat](dictionaries/40_odoo.xml)*) | [string](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | | |
+| **Registre de la société** (*[odoo_company_registry](dictionaries/40_odoo.xml)*) | [string](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | | |
+| Numéro de téléphone (*[odoo_company_phone](dictionaries/40_odoo.xml)*) | [string](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | | |
+| Numéro de téléphone mobile (*[odoo_company_mobile](dictionaries/40_odoo.xml)*) | [string](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | | |
+| **Adresse courriel** (*[odoo_company_email](dictionaries/40_odoo.xml)*) | [string](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | | |
+| **Site internet** (*[odoo_company_website](dictionaries/40_odoo.xml)*) | [string](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | | |
+| **Chemin du logo** (*[odoo_company_logo](dictionaries/40_odoo.xml)*) | [filename](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | | |
+| **Pied de page des documents** (*[odoo_company_footer](dictionaries/40_odoo.xml)*) | [string](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | | |
+| **Agencement des documents** (*[odoo_company_layout](dictionaries/40_odoo.xml)*) | [choice](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | standard | standard
bold
boxed
striped |
+| **Liste des applications à activer** (*[odoo_addons](dictionaries/40_odoo.xml)*) [+] | [string](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | base
l10n_fr
l10n_fr_fec
account
hr
hr_contract
sale_management | |
+
+#### postgresql (*general.postgresql*)
+
+| Description | Values |
+|-------------------------------------------------------|----------|
+| *[**pg_client_key_owner**](dictionaries/40_odoo.xml)* | odoo |
+
+#### oauth2_client (*general.oauth2_client*)
+
+| Description | Values |
+|----------------------------------------------------------------|------------------|
+| *[**oauth2_is_client_application**](dictionaries/40_odoo.xml)* | True |
+| *[**oauth2_client_name**](dictionaries/40_odoo.xml)* | ERP |
+| *[**oauth2_client_description**](dictionaries/40_odoo.xml)* | ERP Odoo |
+| *[**oauth2_client_category**](dictionaries/40_odoo.xml)* | Entreprise |
+| *[**oauth2_client_logo**](dictionaries/40_odoo.xml)* | silique_note.png |
+
+##### external (*general.oauth2_client.external*)
+
+| Description |
+|----------------------------------------------------------|
+| *[oauth2_client_external](dictionaries/40_odoo.xml)* [+] |
+| *[oauth2_client_family](dictionaries/40_odoo.xml)* [+] |
+
+#### annuaire (*general.annuaire*)
+
+##### client (*general.annuaire.client*)
+
+| Description | Values |
+|-------------------------------------------------------|----------|
+| *[**ldap_key_file_owner**](dictionaries/40_odoo.xml)* | odoo |
+
+
+- [+]: variable is multiple
+- **bold**: variable is mandatory
diff --git a/seed/odoo/applicationservice.yml b/seed/odoo/applicationservice.yml
index 4219af70..e8f41094 100644
--- a/seed/odoo/applicationservice.yml
+++ b/seed/odoo/applicationservice.yml
@@ -1,5 +1,6 @@
format: '0.1'
-description: Odoo
+description: Odoo, an ERP and CRM
+website: https://www.odoo.com/fr
depends:
- base-debian-bullseye
- postgresql-client
diff --git a/seed/openldap/README.md b/seed/openldap/README.md
index a357f06a..d88f3686 100644
--- a/seed/openldap/README.md
+++ b/seed/openldap/README.md
@@ -1,12 +1,125 @@
-slapcat -b cn=config -o ldif-wrap=no > /tmp/config.ldif
+---
+gitea: none
+include_toc: true
+---
-Supprimé dans chaque entrée les lignes suivantes :
+# openldap
-structuralObjectClass: olcMdbConfig
-entryUUID: 410ce868-f846-103b-8f45-a3349ac8bd80
-creatorsName: cn=config
-createTimestamp: 20211223141332Z
-entryCSN: 20211223141332.369257Z#000000#000#000000
-modifiersName: cn=config
-modifyTimestamp: 20211223141332Z
+[All applications services for this dataset.](../README.md)
+## Description
+
+OpenLDAP, a LDAP server.
+
+[For more informations](https://www.openldap.org/)
+
+## Dependances
+
+- [ldap-client-fedora](../ldap-client-fedora/README.md)
+ - [ldap-client](../ldap-client/README.md)
+ - [base-fedora](../base-fedora/README.md)
+ - [systemd](../systemd/README.md)
+ - [base-machine](../base-machine/README.md)
+ - [base](../base/README.md)
+ - [dns-local](../dns-local/README.md)
+- [base-fedora-36](../base-fedora-36/README.md)
+ - [base-fedora](../base-fedora/README.md)
+ - [systemd](../systemd/README.md)
+ - [base-machine](../base-machine/README.md)
+ - [base](../base/README.md)
+ - [dns-local](../dns-local/README.md)
+
+## Variables
+
+### Général (*general*)
+
+#### annuaire (*general.annuaire*)
+
+##### server (*general.annuaire.server*)
+
+| Description | Type | Values |
+|------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------|
+| **Schémas LDAP additionnel** (*[ldap_schemas](dictionaries/21_openldap-server.xml)*) [+] | [filename](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | /etc/openldap/schema/cosine.ldif
/etc/openldap/schema/inetorgperson.ldif
/etc/openldap/schema/nis.ldif
/etc/openldap/schema/misc.ldif |
+
+###### Limites (*general.annuaire.server.limits*)
+
+| Description | Type | Values |
+|-----------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------|----------|
+| **Niveau de log** (*[ldap_loglevel](dictionaries/21_openldap-server.xml)*) | [number](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | 0 |
+| **Nombre maximum d'entrées à retourner lors d'une requête** (*[ldap_sizelimit](dictionaries/21_openldap-server.xml)*) | [number](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | 5000 |
+| **Temps de réponse maximum à une requête (en secondes)** (*[ldap_timelimit](dictionaries/21_openldap-server.xml)*) | [number](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | 3600 |
+
+###### DB environment (*general.annuaire.server.db_environment*)
+
+| Description | Type | Values |
+|--------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------|-------------------|
+| **Quantité de Giga-octets à utiliser pour le cache HDB** (*[db_cache_size_g](dictionaries/21_openldap-server.xml)*) | [number](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | 0 |
+| **Quantité d'octets à utiliser pour le cache HDB** (*[db_cache_size_o](dictionaries/21_openldap-server.xml)*) | [number](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | 268435456 |
+| **Nombre de fichiers ou écrire le cache HDB** (*[db_cache_chunks](dictionaries/21_openldap-server.xml)*) | [number](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | 1 |
+| **Quantité de fichier de cache mis en cache mémoire** (*[db_log_region_max](dictionaries/21_openldap-server.xml)*) | [number](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | 262144 |
+| **Quantité d'informations de journalisation conservé jusqu'à rotation** (*[db_log_max](dictionaries/21_openldap-server.xml)*) | [number](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | 10485760 |
+| **Quantité d'informations de journalisation du cache reporté sur le disque** (*[db_log_bsize](dictionaries/21_openldap-server.xml)*) | [number](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | 2097152 |
+| **Répertoire de conservation des informations de journalisation** (*[db_log_directory](dictionaries/21_openldap-server.xml)*) | [filename](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | /srv/openldap/log |
+| **Nombre d'objet qui peuvent être verrouillés simultanément ** (*[db_lk_max_objects](dictionaries/21_openldap-server.xml)*) | [number](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | 5000 |
+| **Nombre de verrous maximal** (*[db_lk_max](dictionaries/21_openldap-server.xml)*) | [number](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | 5000 |
+| **Nombre de verroulleur maximal** (*[db_lk_max_lockers](dictionaries/21_openldap-server.xml)*) | [number](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | 5000 |
+
+##### client (*general.annuaire.client*)
+
+| Description |
+|-------------------------------------------------------------------------------------------------------|
+| *[ldapclient_user](dictionaries/21_openldap-server.xml)* |
+| **Base DN** (*[ldapclient_base_dn](dictionaries/21_openldap-server.xml)*) |
+| **Base DN de l'annuaire des utilisateurs** (*[ldap_account_dn](dictionaries/21_openldap-server.xml)*) |
+| *[ldapclient_search_dn](dictionaries/21_openldap-server.xml)* |
+
+### Machine (*machine*)
+
+| Description | Values |
+|-------------------------------------------------|----------|
+| *[**var_size**](extras/machine/20_unbound.xml)* | 256 |
+| *[**add_tmp**](extras/machine/20_unbound.xml)* | False |
+| *[**add_swap**](extras/machine/20_unbound.xml)* | False |
+
+### Accounts (*accounts*)
+
+| Description | Type | Provider |
+|------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------|------------|
+| Serveurs distant ayant un compte (*[remotes](extras/accounts/00_account.xml)*) [+] | [domainname](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | LDAP |
+| Familles (*[families](extras/accounts/00_account.xml)*) [+] | [unix_user](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | |
+
+#### Gestion des utilisateurs (*accounts.users*)
+
+This a family is a leadership.
+
+| Description | Type |
+|-------------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------|
+| Adresse courriel du compte (*[ldap_user_mail](extras/accounts/00_account.xml)*) [+] | [mail](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) |
+| Aliases du mail (*[ldap_user_aliases](extras/accounts/00_account.xml)*) [+] | [mail](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) |
+| **Nom de compte** (*[ldap_user_uid](extras/accounts/00_account.xml)*) | [unix_user](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) |
+| **Prénom** (*[ldap_user_sn](extras/accounts/00_account.xml)*) | [string](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) |
+| **Nom de famille** (*[ldap_user_gn](extras/accounts/00_account.xml)*) | [string](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) |
+
+#### Gestion de la famille (*accounts.family_*)
+
+This a dynamic family generated from the variable "accounts.families".
+
+##### Gestion des utilisateurs de la famille (*accounts.family_.users_*)
+
+This a family is a leadership.
+
+| Description | Type |
+|-----------------------------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------|
+| Adresse courriel du compte de la famille (*[ldap_user_mail_](extras/accounts/00_account.xml)*) [+] | [mail](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) |
+| Aliases du mail de la famille (*[ldap_user_aliases_](extras/accounts/00_account.xml)*) [+] | [mail](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) |
+| **Nom de compte de la famille ** (*[ldap_user_uid_](extras/accounts/00_account.xml)*) | [unix_user](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) |
+| **Prénom de la famille ** (*[ldap_user_sn_](extras/accounts/00_account.xml)*) | [string](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) |
+| **Nom de famille de la famille ** (*[ldap_user_gn_](extras/accounts/00_account.xml)*) | [string](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) |
+
+
+- [+]: variable is multiple
+- **bold**: variable is mandatory
+
+## Linked to
+
+- [ldap-client](../ldap-client/README.md)
diff --git a/seed/openldap/applicationservice.yml b/seed/openldap/applicationservice.yml
index d6ae0dd4..92a7b859 100644
--- a/seed/openldap/applicationservice.yml
+++ b/seed/openldap/applicationservice.yml
@@ -1,5 +1,6 @@
format: '0.1'
-description: OpenLDAP server
+description: OpenLDAP, a LDAP server
+website: https://www.openldap.org/
depends:
- ldap-client-fedora
- base-fedora-36
diff --git a/seed/openldap/infos.md b/seed/openldap/infos.md
new file mode 100644
index 00000000..a357f06a
--- /dev/null
+++ b/seed/openldap/infos.md
@@ -0,0 +1,12 @@
+slapcat -b cn=config -o ldif-wrap=no > /tmp/config.ldif
+
+Supprimé dans chaque entrée les lignes suivantes :
+
+structuralObjectClass: olcMdbConfig
+entryUUID: 410ce868-f846-103b-8f45-a3349ac8bd80
+creatorsName: cn=config
+createTimestamp: 20211223141332Z
+entryCSN: 20211223141332.369257Z#000000#000#000000
+modifiersName: cn=config
+modifyTimestamp: 20211223141332Z
+
diff --git a/seed/peertube/README.md b/seed/peertube/README.md
new file mode 100644
index 00000000..476f41d2
--- /dev/null
+++ b/seed/peertube/README.md
@@ -0,0 +1,85 @@
+---
+gitea: none
+include_toc: true
+---
+
+# peertube
+
+[All applications services for this dataset.](../README.md)
+
+## Description
+
+Peertube, a federated (ActivityPub) video streaming platform.
+
+[For more informations](https://www.openldap.org/)
+
+## Dependances
+
+- [base-fedora-36](../base-fedora-36/README.md)
+ - [base-fedora](../base-fedora/README.md)
+ - [systemd](../systemd/README.md)
+ - [base-machine](../base-machine/README.md)
+ - [base](../base/README.md)
+ - [dns-local](../dns-local/README.md)
+- [dns-external](../dns-external/README.md)
+- [postgresql-client](../postgresql-client/README.md)
+- [relay-mail-client](../relay-mail-client/README.md)
+- [reverse-proxy-client](../reverse-proxy-client/README.md)
+- [redis-client](../redis-client/README.md)
+- [nginx-https](../nginx-https/README.md)
+ - [nginx-common](../nginx-common/README.md)
+ - [reverse-proxy-client](../reverse-proxy-client/README.md)
+- [oauth2-client](../oauth2-client/README.md)
+
+## Variables
+
+### Général (*general*)
+
+#### network (*general.network*)
+
+| Description | Values |
+|------------------------------------------------------|----------|
+| *[**outgoing_ports**](dictionaries/30_peertube.xml)* | 443 |
+
+#### peertube (*general.peertube*)
+
+| Description | Type | Values |
+|------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------|
+| **Adresse courriel de l'administrateur Peertube** (*[peertube_admin_email](dictionaries/30_peertube.xml)*) | [mail](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | |
+| **Description courte de l'instance** (*[peertube_short_description](dictionaries/30_peertube.xml)*) | [string](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | PeerTube, an ActivityPub-federated video streaming platform using P2P directly in your web browser. |
+| **Description de l'instance** (*[peertube_description](dictionaries/30_peertube.xml)*) | [string](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Welcome to this PeerTube instance! |
+
+#### oauth2_client (*general.oauth2_client*)
+
+| Description | Values |
+|--------------------------------------------------------------------|-----------------------------------------|
+| *[**oauth2_is_client_application**](dictionaries/30_peertube.xml)* | True |
+| *[**oauth2_client_name**](dictionaries/30_peertube.xml)* | Vidéo |
+| *[**oauth2_client_description**](dictionaries/30_peertube.xml)* | Plateforme de partage de vidéo Peertube |
+| *[**oauth2_client_category**](dictionaries/30_peertube.xml)* | Réseaux sociaux |
+| *[**oauth2_client_logo**](dictionaries/30_peertube.xml)* | silique_video.png |
+
+##### external (*general.oauth2_client.external*)
+
+| Description |
+|----------------------------------------------------------|
+| *[oauth2_client_external](dictionaries/30_peertube.xml)* |
+
+#### nginx (*general.nginx*)
+
+| Description | Values |
+|--------------------------------------------------|---------------------|
+| *[**nginx_root**](dictionaries/30_peertube.xml)* | /usr/share/peertube |
+
+#### revprox (*general.revprox*)
+
+##### revprox_client (*general.revprox.revprox_client*)
+
+| Description | Values |
+|--------------------------------------------------------------------|----------|
+| *[**revprox_client_location**](dictionaries/30_peertube.xml)* | / |
+| *[**revprox_client_max_body_size**](dictionaries/30_peertube.xml)* | 12G |
+
+
+- [+]: variable is multiple
+- **bold**: variable is mandatory
diff --git a/seed/peertube/applicationservice.yml b/seed/peertube/applicationservice.yml
index 1aa97aba..e6b7e4e9 100644
--- a/seed/peertube/applicationservice.yml
+++ b/seed/peertube/applicationservice.yml
@@ -1,5 +1,6 @@
format: '0.1'
-description: Peertube
+description: Peertube, a federated (ActivityPub) video streaming platform
+website: https://www.openldap.org/
depends:
- base-fedora-36
- dns-external
diff --git a/seed/php-fpm/README.md b/seed/php-fpm/README.md
new file mode 100644
index 00000000..5a8bd2c0
--- /dev/null
+++ b/seed/php-fpm/README.md
@@ -0,0 +1,40 @@
+---
+gitea: none
+include_toc: true
+---
+
+# php-fpm
+
+[All applications services for this dataset.](../README.md)
+
+## Description
+
+PHP FPM.
+
+## Dependances
+
+- [php](../php/README.md)
+
+## Variables
+
+### Général (*general*)
+
+#### nginx (*general.nginx*)
+
+| Description | Type | Values |
+|-------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------|----------|
+| *[**php_fpm_user**](dictionaries/20_phpfpm.xml)* | [unix_user](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | root |
+| *[**php_fpm_installed**](dictionaries/20_phpfpm.xml)* | [boolean](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | True |
+
+
+- [+]: variable is multiple
+- **bold**: variable is mandatory
+
+## Used by
+
+- [galette](../galette/README.md)
+- [piwigo](../piwigo/README.md)
+- [dotclear](../dotclear/README.md)
+- [sensmotdire](../sensmotdire/README.md)
+- [roundcube](../roundcube/README.md)
+- [nextcloud](../nextcloud/README.md)
diff --git a/seed/php/README.md b/seed/php/README.md
new file mode 100644
index 00000000..72bebeb0
--- /dev/null
+++ b/seed/php/README.md
@@ -0,0 +1,44 @@
+---
+gitea: none
+include_toc: true
+---
+
+# php
+
+[All applications services for this dataset.](../README.md)
+
+## Description
+
+PHP, a popular general-purpose scripting language.
+
+[For more informations](https://secure.php.net/)
+
+## Variables
+
+### Général (*general*)
+
+#### PHP (*general.php*)
+
+Paramètrage avancé de PHP
+
+| Description | Help | Type | Values |
+|-----------------------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------------------------------------------|--------------|
+| **Taille maximale des données reçues par la méthode POST** (*[php_post_max_size](dictionaries/20_php.xml)*) | Valeur en Mo | [number](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | 32 |
+| **Taille maximale d'un fichier à charger** (*[php_upload_max_filesize](dictionaries/20_php.xml)*) | Valeur en Mo | [number](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | 16 |
+| **Temps maximal d'exécution d'un script** (*[php_max_execution_time](dictionaries/20_php.xml)*) | Valeur en secondes | [number](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | 30 |
+| **Durée maximale pour analyser les données d'entrée** (*[php_max_input_time](dictionaries/20_php.xml)*) | Valeur en secondes | [number](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | 60 |
+| **Taille mémoire maximale qu'un script est autorisé à allouer** (*[php_memory_limit](dictionaries/20_php.xml)*) | Valeur en Mo | [number](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | 512 |
+| **Affichage des erreurs à l'écran** (*[php_display_errors](dictionaries/20_php.xml)*) | | [boolean](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | False |
+| **Durée de vie des données sur le serveur** (*[php_session_gc_maxlifetime](dictionaries/20_php.xml)*) | Valeur en secondes | [number](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | 3600 |
+| **Activer la directive de configuration browscap** (*[php_browscap](dictionaries/20_php.xml)*) | La directive de configuration browscap permet d'obtenir plus d'information sur les capacités du navigateur client grâce à la fonction get_browser() | [boolean](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | False |
+| **Fuseau horaire** (*[time_zone](dictionaries/20_php.xml)*) | | [string](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Europe/Paris |
+| **Activer les tampons de sortie** (*[php_enable_output_buffering](dictionaries/20_php.xml)*) | | [boolean](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | True |
+| **Désactiver PCNTL** (*[php_disable_pcntl](dictionaries/20_php.xml)*) | | [boolean](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | True |
+
+
+- [+]: variable is multiple
+- **bold**: variable is mandatory
+
+## Used by
+
+- [php-fpm](../php-fpm/README.md)
diff --git a/seed/php/applicationservice.yml b/seed/php/applicationservice.yml
index ccaa5836..5ddef7e3 100644
--- a/seed/php/applicationservice.yml
+++ b/seed/php/applicationservice.yml
@@ -1,4 +1,3 @@
format: '0.1'
-description: PHP configuration
-depends:
- - redis-client
+description: PHP, a popular general-purpose scripting language
+website: https://secure.php.net/
diff --git a/seed/piwigo/README.md b/seed/piwigo/README.md
new file mode 100644
index 00000000..268c987c
--- /dev/null
+++ b/seed/piwigo/README.md
@@ -0,0 +1,71 @@
+---
+gitea: none
+include_toc: true
+---
+
+# piwigo
+
+[All applications services for this dataset.](../README.md)
+
+## Description
+
+Piwigo, a photo management software.
+
+[For more informations](http://piwigo.org/)
+
+## Dependances
+
+- [base-fedora-36](../base-fedora-36/README.md)
+ - [base-fedora](../base-fedora/README.md)
+ - [systemd](../systemd/README.md)
+ - [base-machine](../base-machine/README.md)
+ - [base](../base/README.md)
+ - [dns-local](../dns-local/README.md)
+- [mariadb-client](../mariadb-client/README.md)
+- [ldap-client-fedora](../ldap-client-fedora/README.md)
+ - [ldap-client](../ldap-client/README.md)
+ - [base-fedora](../base-fedora/README.md)
+ - [systemd](../systemd/README.md)
+ - [base-machine](../base-machine/README.md)
+ - [base](../base/README.md)
+ - [dns-local](../dns-local/README.md)
+- [redis-client](../redis-client/README.md)
+- [oauth2-client](../oauth2-client/README.md)
+- [relay-mail-client](../relay-mail-client/README.md)
+- [nginx-https](../nginx-https/README.md)
+ - [nginx-common](../nginx-common/README.md)
+ - [reverse-proxy-client](../reverse-proxy-client/README.md)
+- [php-fpm](../php-fpm/README.md)
+ - [php](../php/README.md)
+
+## Variables
+
+### Général (*general*)
+
+| Description | Type | Values |
+|------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------|----------------------|
+| **Adresse courriel de l'administrateur Piwigo** (*[piwigo_admin_email](dictionaries/31_piwigo.xml)*) | [mail](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | |
+| **Titre de l'album** (*[piwigo_title](dictionaries/31_piwigo.xml)*) | [string](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Album photographique |
+
+#### Piwigo users (*general.users*)
+
+This a family is a leadership.
+
+| Description | Type |
+|-----------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------|
+| **Utilisateur ayant un album** (*[piwigo_users](dictionaries/31_piwigo.xml)*) [+] | [unix_user](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) |
+| **Adresse courriel** (*[piwigo_email](dictionaries/31_piwigo.xml)*) | [mail](https://cloud.silique.fr/gitea/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) |
+
+#### oauth2_client (*general.oauth2_client*)
+
+| Description | Values |
+|------------------------------------------------------------------|-----------------------------|
+| *[**oauth2_is_client_application**](dictionaries/31_piwigo.xml)* | True |
+| *[**oauth2_client_name**](dictionaries/31_piwigo.xml)* | Album |
+| *[**oauth2_client_description**](dictionaries/31_piwigo.xml)* | Album photographique Piwigo |
+| *[**oauth2_client_category**](dictionaries/31_piwigo.xml)* | Diffusion |
+| *[**oauth2_client_logo**](dictionaries/31_piwigo.xml)* | silique_image.png |
+
+
+- [+]: variable is multiple
+- **bold**: variable is mandatory
diff --git a/seed/piwigo/applicationservice.yml b/seed/piwigo/applicationservice.yml
index b5c8ec5b..e056d118 100644
--- a/seed/piwigo/applicationservice.yml
+++ b/seed/piwigo/applicationservice.yml
@@ -1,9 +1,11 @@
format: '0.1'
-description: Nextcloud
+description: Piwigo, a photo management software
+website: http://piwigo.org/
depends:
- - base-fedora-35
+ - base-fedora-36
- mariadb-client
- ldap-client-fedora
+ - redis-client
- oauth2-client
- relay-mail-client
- nginx-https
diff --git a/seed/pleroma/applicationservice.yml b/seed/pleroma/applicationservice.yml
deleted file mode 100644
index 6e46d078..00000000
--- a/seed/pleroma/applicationservice.yml
+++ /dev/null
@@ -1,10 +0,0 @@
-format: '0.1'
-description: Pleroma
-depends:
- - base-fedora-36
- - postgresql-client
- - relay-mail-client
- - reverse-proxy-client
- - redis-client
- - nginx-common
- - oauth2-client
diff --git a/seed/pleroma/dictionaries/30_pleroma.xml b/seed/pleroma/dictionaries/30_pleroma.xml
deleted file mode 100644
index 6a6cc7ed..00000000
--- a/seed/pleroma/dictionaries/30_pleroma.xml
+++ /dev/null
@@ -1,70 +0,0 @@
-
-
-
-
-
- /sysusers.d/0peertube.conf
- /tmpfiles.d/0peertube.conf
- /etc/peertube/production.yaml
- /etc/pam.d/login
- /etc/nginx/sites-enabled/peertube.conf
-
-
-
-
-
-
- PeerTube, an ActivityPub-federated video streaming platform using P2P directly in your web browser.
-
-
- Welcome to this PeerTube instance!
-
-
-
-
- True
-
-
- Vidéo
-
-
- Plateforme de partage de vidéo Peertube
-
-
- Réseaux sociaux
-
-
- silique_video.png
-
-
-
-
-
-
-
-
- /
-
-
- 12G
-
-
-
-
-
-
- revprox_client_external_domainnames
- revprox_client_location
- plugins/auth-openid-connect/0.0.7/auth/openid-connect
- oauth2_client_external
-
-
- True
- False
- revprox_client_location
- /socket.io
- revprox_client_is_websocket
-
-
-
-
diff --git a/seed/pleroma/manual/image/postinstall/pleroma.sh b/seed/pleroma/manual/image/postinstall/pleroma.sh
deleted file mode 100644
index 8ad1beaf..00000000
--- a/seed/pleroma/manual/image/postinstall/pleroma.sh
+++ /dev/null
@@ -1,4 +0,0 @@
-#!/bin/bash
-# https://docs-develop.pleroma.social/backend/installation/otp_en/
-
-arch="$(uname -m)";if [ "$arch" = "x86_64" ];then arch="amd64";elif [ "$arch" = "armv7l" ];then arch="arm";elif [ "$arch" = "aarch64" ];then arch="arm64";else echo "Unsupported arch: $arch">&2;fi;if getconf GNU_LIBC_VERSION>/dev/null;then libc_postfix="";elif [ "$(ldd 2>&1|head -c 9)" = "musl libc" ];then libc_postfix="-musl";elif [ "$(find /lib/libc.musl*|wc -l)" ];then libc_postfix="-musl";else echo "Unsupported libc">&2;fi;echo "$arch$libc_postfix"
diff --git a/seed/pleroma/manual/image/preinstall/pleroma.sh b/seed/pleroma/manual/image/preinstall/pleroma.sh
deleted file mode 100644
index df120c9b..00000000
--- a/seed/pleroma/manual/image/preinstall/pleroma.sh
+++ /dev/null
@@ -1,2 +0,0 @@
-PKG="$PKG ffmpeg"
-FUSION=true
diff --git a/seed/pleroma/templates/login b/seed/pleroma/templates/login
deleted file mode 100644
index 46378f44..00000000
--- a/seed/pleroma/templates/login
+++ /dev/null
@@ -1,17 +0,0 @@
-# File from util-linux-*.x86_64 (not installed)
-#%PAM-1.0
-auth substack system-auth
-auth include postlogin
-account required pam_nologin.so
-account include system-auth
-password include system-auth
-# pam_selinux.so close should be the first session rule
-session required pam_selinux.so close
-session required pam_loginuid.so
-# pam_selinux.so open should only be followed by sessions to be executed in the user context
-session required pam_selinux.so open
-session required pam_namespace.so
-session optional pam_keyinit.so force revoke
-session include system-auth
-session include postlogin
--session optional pam_ck_connector.so
diff --git a/seed/pleroma/templates/nginx.peertube.conf b/seed/pleroma/templates/nginx.peertube.conf
deleted file mode 100644
index 6095fa29..00000000
--- a/seed/pleroma/templates/nginx.peertube.conf
+++ /dev/null
@@ -1,271 +0,0 @@
-# GNUNUX /usr/share/peertube/support/nginx/peertube
-# Minimum Nginx version required: 1.13.0 (released Apr 25, 2017)
-# Please check your Nginx installation features the following modules via 'nginx -V':
-# STANDARD HTTP MODULES: Core, Proxy, Rewrite, Access, Gzip, Headers, HTTP/2, Log, Real IP, SSL, Thread Pool, Upstream, AIO Multithreading.
-# THIRD PARTY MODULES: None.
-
-# GNUNUX server {
-# GNUNUX listen 80;
-# GNUNUX listen [::]:80;
-# GNUNUX server_name ${WEBSERVER_HOST};
-# GNUNUX
-# GNUNUX location /.well-known/acme-challenge/ {
-# GNUNUX default_type "text/plain";
-# GNUNUX root /var/www/certbot;
-# GNUNUX }
-# GNUNUX location / { return 301 https://$host$request_uri; }
-# GNUNUX }
-
-upstream %%domain_name_eth0 {
-# GNUNUX server ${PEERTUBE_HOST};
- server localhost:9000;
-}
-
-server {
- listen 443 ssl http2;
- listen [::]:443 ssl http2;
- server_name %%domain_name_eth0;
-
-# GNUNUX access_log /var/log/nginx/peertube.access.log; # reduce I/0 with buffer=10m flush=5m
-# GNUNUX error_log /var/log/nginx/peertube.error.log;
-
- ##
- # Certificates
- # you need a certificate to run in production. see https://letsencrypt.org/
- ##
-# GNUNUX ssl_certificate /etc/letsencrypt/live/${WEBSERVER_HOST}/fullchain.pem;
-# GNUNUX ssl_certificate_key /etc/letsencrypt/live/${WEBSERVER_HOST}/privkey.pem;
-#>GNUNUX
- ssl_client_certificate %%revprox_ca_file;
- ssl_certificate %%revprox_client_cert_file;
- ssl_certificate_key %%revprox_client_key_file;
-#= client_max_body_size)
-
- try_files /dev/null @api;
- }
-
- location ~ ^/api/v1/(videos|video-playlists|video-channels|users/me) {
- client_max_body_size 6M; # default is 1M
- add_header X-File-Maximum-Size 4M always; # inform backend of the set value in bytes before mime-encoding (x * 1.4 >= client_max_body_size)
-
- try_files /dev/null @api;
- }
-
- ##
- # Websocket
- ##
-
- location @api_websocket {
- proxy_http_version 1.1;
-# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_set_header Host %%revprox_client_external_domainname;
-# proxy_set_header X-Real-IP $remote_addr;
-# proxy_set_header Upgrade $http_upgrade;
-# proxy_set_header Connection "upgrade";
-
- proxy_pass http://%%domain_name_eth0;
- }
-
- location /socket.io {
- try_files /dev/null @api_websocket;
- }
-
- location /tracker/socket {
- # Peers send a message to the tracker every 15 minutes
- # Don't close the websocket before then
- proxy_read_timeout 15m; # default is 60s
-
- try_files /dev/null @api_websocket;
- }
-
- ##
- # Performance optimizations
- # For extra performance please refer to https://github.com/denji/nginx-tuning
- ##
-
-# GNUNUX root /var/www/peertube/storage;
- root /usr/share/peertube;
-
- # Enable compression for JS/CSS/HTML, for improved client load times.
- # It might be nice to compress JSON/XML as returned by the API, but
- # leaving that out to protect against potential BREACH attack.
- gzip on;
- gzip_vary on;
- gzip_types # text/html is always compressed by HttpGzipModule
- text/css
- application/javascript
- font/truetype
- font/opentype
- application/vnd.ms-fontobject
- image/svg+xml;
- gzip_min_length 1000; # default is 20 bytes
- gzip_buffers 16 8k;
- gzip_comp_level 2; # default is 1
-
- client_body_timeout 30s; # default is 60
- client_header_timeout 10s; # default is 60
- send_timeout 10s; # default is 60
- keepalive_timeout 10s; # default is 75
- resolver_timeout 10s; # default is 30
- reset_timedout_connection on;
- proxy_ignore_client_abort on;
-
- tcp_nopush on; # send headers in one piece
- tcp_nodelay on; # don't buffer data sent, good for small data bursts in real time
-
- # If you have a small /var/lib partition, it could be interesting to store temp nginx uploads in a different place
- # See https://nginx.org/en/docs/http/ngx_http_core_module.html#client_body_temp_path
- #client_body_temp_path /var/www/peertube/storage/nginx/;
-
- # Bypass PeerTube for performance reasons. Optional.
- # Should be consistent with client-overrides assets list in /server/controllers/client.ts
- location ~ ^/client/(assets/images/(icons/icon-36x36\.png|icons/icon-48x48\.png|icons/icon-72x72\.png|icons/icon-96x96\.png|icons/icon-144x144\.png|icons/icon-192x192\.png|icons/icon-512x512\.png|logo\.svg|favicon\.png|default-playlist\.jpg|default-avatar-account\.png|default-avatar-video-channel\.png))$ {
- add_header Cache-Control "public, max-age=31536000, immutable"; # Cache 1 year
-
-# GNUNUX root /var/www/peertube;
- root /usr/share/peertube;
-
- try_files /storage/client-overrides/$1 /peertube-latest/client/dist/$1 @api;
- }
-
- # Bypass PeerTube for performance reasons. Optional.
- location ~ ^/client/(.*\.(js|css|png|svg|woff2|otf|ttf|woff|eot))$ {
- add_header Cache-Control "public, max-age=31536000, immutable"; # Cache 1 year
-
-# GNUNUX alias /var/www/peertube/client/dist/$1;
- alias /usr/share/peertube/client/dist/$1;
- }
-
- # Bypass PeerTube for performance reasons. Optional.
- location ~ ^/static/(thumbnails|avatars)/ {
- root /srv/peertube;
- if ($request_method = 'OPTIONS') {
- add_header Access-Control-Allow-Origin '*';
- add_header Access-Control-Allow-Methods 'GET, OPTIONS';
- add_header Access-Control-Allow-Headers 'Range,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
- add_header Access-Control-Max-Age 1728000; # Preflight request can be cached 20 days
- add_header Content-Type 'text/plain charset=UTF-8';
- add_header Content-Length 0;
- return 204;
- }
-
- add_header Access-Control-Allow-Origin '*';
- add_header Access-Control-Allow-Methods 'GET, OPTIONS';
- add_header Access-Control-Allow-Headers 'Range,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
- add_header Cache-Control "public, max-age=7200"; # Cache response 2 hours
-
- rewrite ^/static/(.*)$ /$1 break;
-
- try_files $uri @api;
- }
-
- # Bypass PeerTube for performance reasons. Optional.
- location ~ ^/static/(webseed|redundancy|streaming-playlists)/ {
- root /srv/peertube;
- limit_rate_after 5M;
-
- # Clients usually have 4 simultaneous webseed connections, so the real limit is 3MB/s per client
- set $peertube_limit_rate 800k;
-
- # Increase rate limit in HLS mode, because we don't have multiple simultaneous connections
- if ($request_uri ~ -fragmented.mp4$) {
- set $peertube_limit_rate 5M;
- }
-
- # Use this line with nginx >= 1.17.0
- #limit_rate $peertube_limit_rate;
- # Or this line if your nginx < 1.17.0
- set $limit_rate $peertube_limit_rate;
-
- if ($request_method = 'OPTIONS') {
- add_header Access-Control-Allow-Origin '*';
- add_header Access-Control-Allow-Methods 'GET, OPTIONS';
- add_header Access-Control-Allow-Headers 'Range,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
- add_header Access-Control-Max-Age 1728000; # Preflight request can be cached 20 days
- add_header Content-Type 'text/plain charset=UTF-8';
- add_header Content-Length 0;
- return 204;
- }
-
- if ($request_method = 'GET') {
- add_header Access-Control-Allow-Origin '*';
- add_header Access-Control-Allow-Methods 'GET, OPTIONS';
- add_header Access-Control-Allow-Headers 'Range,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
-
- # Don't spam access log file with byte range requests
- access_log off;
- }
-
- # Enabling the sendfile directive eliminates the step of copying the data into the buffer
- # and enables direct copying data from one file descriptor to another.
- sendfile on;
- sendfile_max_chunk 1M; # prevent one fast connection from entirely occupying the worker process. should be > 800k.
- aio threads;
-
- rewrite ^/static/webseed/(.*)$ /videos/$1 break;
- rewrite ^/static/(.*)$ /$1 break;
-
- try_files $uri @api;
- }
-}
diff --git a/seed/pleroma/templates/peertube.service b/seed/pleroma/templates/peertube.service
deleted file mode 100644
index 41206015..00000000
--- a/seed/pleroma/templates/peertube.service
+++ /dev/null
@@ -1,5 +0,0 @@
-[Service]
-Environment=PGPASSFILE=/usr/local/lib/secrets/postgresql.pass
-ExecStartPost=+/usr/bin/timeout 90 sh -c 'while ! /usr/bin/psql --set=sslmode=verify-full -h %%pg_client_server_domainname -U %%pg_client_username %%pg_client_database -c "SELECT * FROM plugin;"; do sleep 1; done'
-ExecStartPost=+/usr/bin/psql --set=sslmode=verify-full -h %%pg_client_server_domainname -U %%pg_client_username %%pg_client_database -c "DELETE FROM plugin;"
-ExecStartPost=+/usr/bin/psql --set=sslmode=verify-full -h %%pg_client_server_domainname -U %%pg_client_username %%pg_client_database -c "INSERT INTO plugin (name, type, version, enabled, uninstalled, \"peertubeEngine\", description, homepage, settings, \"createdAt\", \"updatedAt\") VALUES ('auth-openid-connect', '1', '0.0.7', true, false, '>=2.2.0', 'Add OpenID connect support to login form in PeerTube.', 'https://framagit.org/framasoft/peertube/official-plugins/tree/master/peertube-plugin-auth-openid-connect', '{\"scope\": \"openid email profile\", \"client-id\": \"%%oauth2_client_id\", \"discover-url\": \"https://%%oauth2_client_server_domainname/.well-known/openid-configuration\", \"client-secret\": \"%%oauth2_client_secret\", \"mail-property\": \"email\", \"auth-display-name\": \"OpenID Connect\", \"username-property\": \"nickname\", \"signature-algorithm\": \"%%oauth2_client_token_signature_algo\", \"display-name-property\": \"email\"}', '2022-04-05 18:12:34.832+02', '2022-04-05 18:12:34.832+02')"
diff --git a/seed/pleroma/templates/production.yaml b/seed/pleroma/templates/production.yaml
deleted file mode 100644
index 32fdf84b..00000000
--- a/seed/pleroma/templates/production.yaml
+++ /dev/null
@@ -1,638 +0,0 @@
-%compiler-settings
-commentStartToken = §
-%end compiler-settings
-listen:
- hostname: 'localhost'
- port: 9000
-
-# Correspond to your reverse proxy server_name/listen configuration (i.e., your public PeerTube instance URL)
-webserver:
- https: true
- hostname: '%%revprox_client_external_domainname'
- port: 443
-
-rates_limit:
- api:
- # 50 attempts in 10 seconds
- window: 10 seconds
- max: 50
- login:
- # 15 attempts in 5 min
- window: 5 minutes
- max: 15
- signup:
- # 2 attempts in 5 min (only succeeded attempts are taken into account)
- window: 5 minutes
- max: 2
- ask_send_email:
- # 3 attempts in 5 min
- window: 5 minutes
- max: 3
-
-# Proxies to trust to get real client IP
-# If you run PeerTube just behind a local proxy (nginx), keep 'loopback'
-# If you run PeerTube behind a remote proxy, add the proxy IP address (or subnet)
-trust_proxy:
- - 'loopback'
-
-# Your database name will be database.name OR 'peertube'+database.suffix
-database:
- hostname: '%%pg_client_server_domainname'
- port: 5432
- ssl: true
- suffix: '_prod'
- name: '%%pg_client_database'
- username: '%%pg_client_username'
- password: '%%pg_client_password'
- pool:
- max: 5
-
-# Redis server for short time storage
-# You can also specify a 'socket' path to a unix socket but first need to
-# comment out hostname and port
-redis:
- hostname: '%%redis_client_server_domainname'
- port: 6379
- auth: '%%redis_client_password'
- db: 0
-
-# SMTP server to send emails
-smtp:
- # smtp or sendmail
- transport: smtp
- # Path to sendmail command. Required if you use sendmail transport
- sendmail: null
- hostname: '%%smtp_relay_address'
- port: 25 # If you use StartTLS: 587
- username: '%%smtp_relay_user'
- password: '%%smtp_relay_password'
- tls: false # If you use StartTLS: false
- disable_starttls: false
- ca_file: '%%smtp_ca_file' # Used for self signed certificates
- from_address: '%%peertube_admin_email'
-
-email:
- body:
- signature: 'PeerTube'
- subject:
- prefix: '[PeerTube]'
-
-# Update default PeerTube values
-# Set by API when the field is not provided and put as default value in client
-defaults:
- # Change default values when publishing a video (upload/import/go Live)
- publish:
- download_enabled: true
-
- comments_enabled: true
-
- # public = 1, unlisted = 2, private = 3, internal = 4
- privacy: 1
-
- # CC-BY = 1, CC-SA = 2, CC-ND = 3, CC-NC = 4, CC-NC-SA = 5, CC-NC-ND = 6, Public Domain = 7
- # You can also choose a custom licence value added by a plugin
- # No licence by default
- licence: null
-
- p2p:
- # Enable P2P by default
- # Can be enabled/disabled by anonymous users and logged in users
- webapp:
- enabled: true
-
- embed:
- enabled: true
-
-# From the project root directory
-storage:
- tmp: '/srv/peertube/tmp/' # Use to download data (imports etc), store uploaded files before and during processing...
- bin: '/srv/peertube/bin/'
- avatars: '/srv/peertube/avatars/'
- videos: '/srv/peertube/videos/'
- streaming_playlists: '/srv/peertube/streaming-playlists/'
- redundancy: '/srv/peertube/redundancy/'
- logs: '/srv/peertube/logs/'
- previews: '/srv/peertube/previews/'
- thumbnails: '/srv/peertube/thumbnails/'
- torrents: '/srv/peertube/torrents/'
- captions: '/srv/peertube/captions/'
- cache: '/srv/peertube/cache/'
- plugins: '/usr/share/peertube_plugins/'
- # Overridable client files in client/dist/assets/images:
- # - logo.svg
- # - favicon.png
- # - default-playlist.jpg
- # - default-avatar-account.png
- # - default-avatar-video-channel.png
- # - and icons/*.png (PWA)
- # Could contain for example assets/images/favicon.png
- # If the file exists, peertube will serve it
- # If not, peertube will fallback to the default file
- client_overrides: '/srv/peertube/client-overrides/'
-
-object_storage:
- enabled: false
-
- # Without protocol, will default to HTTPS
- endpoint: '' # 's3.amazonaws.com' or 's3.fr-par.scw.cloud' for example
-
- region: 'us-east-1'
-
- credentials:
- # You can also use AWS_ACCESS_KEY_ID env variable
- access_key_id: ''
- # You can also use AWS_SECRET_ACCESS_KEY env variable
- secret_access_key: ''
-
- # Maximum amount to upload in one request to object storage
- max_upload_part: 2GB
-
- streaming_playlists:
- bucket_name: 'streaming-playlists'
-
- # Allows setting all buckets to the same value but with a different prefix
- prefix: '' # Example: 'streaming-playlists:'
-
- # Base url for object URL generation, scheme and host will be replaced by this URL
- # Useful when you want to use a CDN/external proxy
- base_url: '' # Example: 'https://mirror.example.com'
-
- # Same settings but for webtorrent videos
- videos:
- bucket_name: 'videos'
- prefix: ''
- base_url: ''
-
-log:
- level: 'info' # 'debug' | 'info' | 'warn' | 'error'
- rotation:
- enabled : false # Enabled by default, if disabled make sure that 'storage.logs' is pointing to a folder handled by logrotate
- max_file_size: 12MB
- max_files: 20
- anonymize_ip: false
- log_ping_requests: true
- prettify_sql: false
-
-trending:
- videos:
- interval_days: 7 # Compute trending videos for the last x days
- algorithms:
- enabled:
- - 'best' # adaptation of Reddit's 'Best' algorithm (Hot minus History)
- - 'hot' # adaptation of Reddit's 'Hot' algorithm
- - 'most-viewed' # default, used initially by PeerTube as the trending page
- - 'most-liked'
- default: 'most-viewed'
-
-# Cache remote videos on your server, to help other instances to broadcast the video
-# You can define multiple caches using different sizes/strategies
-# Once you have defined your strategies, choose which instances you want to cache in admin -> manage follows -> following
-redundancy:
- videos:
- check_interval: '1 hour' # How often you want to check new videos to cache
- strategies: # Just uncomment strategies you want
-# -
-# size: '10GB'
-# # Minimum time the video must remain in the cache. Only accept values > 10 hours (to not overload remote instances)
-# min_lifetime: '48 hours'
-# strategy: 'most-views' # Cache videos that have the most views
-# -
-# size: '10GB'
-# # Minimum time the video must remain in the cache. Only accept values > 10 hours (to not overload remote instances)
-# min_lifetime: '48 hours'
-# strategy: 'trending' # Cache trending videos
-# -
-# size: '10GB'
-# # Minimum time the video must remain in the cache. Only accept values > 10 hours (to not overload remote instances)
-# min_lifetime: '48 hours'
-# strategy: 'recently-added' # Cache recently added videos
-# min_views: 10 # Having at least x views
-
-# Other instances that duplicate your content
-remote_redundancy:
- videos:
- # 'nobody': Do not accept remote redundancies
- # 'anybody': Accept remote redundancies from anybody
- # 'followings': Accept redundancies from instance followings
- accept_from: 'anybody'
-
-csp:
- enabled: false
- report_only: true # CSP directives are still being tested, so disable the report only mode at your own risk!
- report_uri:
-
-security:
- # Set the X-Frame-Options header to help to mitigate clickjacking attacks
- frameguard:
- enabled: true
-
-tracker:
- # If you disable the tracker, you disable the P2P aspect of PeerTube
- enabled: true
- # Only handle requests on your videos
- # If you set this to false it means you have a public tracker
- # Then, it is possible that clients overload your instance with external torrents
- private: true
- # Reject peers that do a lot of announces (could improve privacy of TCP/UDP peers)
- reject_too_many_announces: false
-
-history:
- videos:
- # If you want to limit users videos history
- # -1 means there is no limitations
- # Other values could be '6 months' or '30 days' etc (PeerTube will periodically delete old entries from database)
- max_age: -1
-
-views:
- videos:
- # PeerTube creates a database entry every hour for each video to track views over a period of time
- # This is used in particular by the Trending page
- # PeerTube could remove old remote video views if you want to reduce your database size (video view counter will not be altered)
- # -1 means no cleanup
- # Other values could be '6 months' or '30 days' etc (PeerTube will periodically delete old entries from database)
- remote:
- max_age: '30 days'
-
- # PeerTube buffers local video views before updating and federating the video
- local_buffer_update_interval: '30 minutes'
-
- ip_view_expiration: '1 hour'
-
-plugins:
- # The website PeerTube will ask for available PeerTube plugins and themes
- # This is an unmoderated plugin index, so only install plugins/themes you trust
- index:
- enabled: false
- check_latest_versions_interval: '12 hours' # How often you want to check new plugins/themes versions
- url: 'https://packages.joinpeertube.org'
-
-federation:
- videos:
- federate_unlisted: false
-
- # Add a weekly job that cleans up remote AP interactions on local videos (shares, rates and comments)
- # It removes objects that do not exist anymore, and potentially fix their URLs
- cleanup_remote_interactions: true
-
-peertube:
- check_latest_version:
- # Check and notify admins of new PeerTube versions
- enabled: false
- # You can use a custom URL if your want, that respect the format behind https://joinpeertube.org/api/v1/versions.json
- url: 'https://joinpeertube.org/api/v1/versions.json'
-
-webadmin:
- configuration:
- edition:
- # Set this to false if you don't want to allow config edition in the web interface by instance admins
- allowed: false
-
-###############################################################################
-#
-# From this point, all the following keys can be overridden by the web interface
-# (local-production.json file). If you need to change some values, prefer to
-# use the web interface because the configuration will be automatically
-# reloaded without any need to restart PeerTube
-#
-# /!\ If you already have a local-production.json file, the modification of the
-# following keys will have no effect /!\
-#
-###############################################################################
-
-cache:
- previews:
- size: 500 # Max number of previews you want to cache
- captions:
- size: 500 # Max number of video captions/subtitles you want to cache
- torrents:
- size: 500 # Max number of video torrents you want to cache
-
-admin:
- # Used to generate the root user at first startup
- # And to receive emails from the contact form
- email: '%%peertube_admin_email'
-
-contact_form:
- enabled: true
-
-signup:
- enabled: false
- limit: 10 # When the limit is reached, registrations are disabled. -1 == unlimited
- minimum_age: 16 # Used to configure the signup form
- requires_email_verification: false
- filters:
- cidr: # You can specify CIDR ranges to whitelist (empty = no filtering) or blacklist
- whitelist: []
- blacklist: []
-
-user:
- # Default value of maximum video bytes the user can upload (does not take into account transcoded files)
- # Byte format is supported ("1GB" etc)
- # -1 == unlimited
- video_quota: -1
- video_quota_daily: -1
-
-video_channels:
- max_per_user: 20 # Allows each user to create up to 20 video channels.
-
-# If enabled, the video will be transcoded to mp4 (x264) with `faststart` flag
-# In addition, if some resolutions are enabled the mp4 video file will be transcoded to these new resolutions
-# Please, do not disable transcoding since many uploaded videos will not work
-transcoding:
- enabled: true
-
- # Allow your users to upload .mkv, .mov, .avi, .wmv, .flv, .f4v, .3g2, .3gp, .mts, m2ts, .mxf, .nut videos
- allow_additional_extensions: true
-
- # If a user uploads an audio file, PeerTube will create a video by merging the preview file and the audio file
- allow_audio_files: true
-
- # Amount of threads used by ffmpeg for 1 transcoding job
- threads: 1
- # Amount of transcoding jobs to execute in parallel
- concurrency: 1
-
- # Choose the transcoding profile
- # New profiles can be added by plugins
- # Available in core PeerTube: 'default'
- profile: 'default'
-
- resolutions: # Only created if the original video has a higher resolution, uses more storage!
- 0p: false # audio-only (creates mp4 without video stream, always created when enabled)
- 144p: false
- 240p: false
- 360p: false
- 480p: false
- 720p: false
- 1080p: false
- 1440p: false
- 2160p: false
-
- # Generate videos in a WebTorrent format (what we do since the first PeerTube release)
- # If you also enabled the hls format, it will multiply videos storage by 2
- # If disabled, breaks federation with PeerTube instances < 2.1
- webtorrent:
- enabled: false
-
- # /!\ Requires ffmpeg >= 4.1
- # Generate HLS playlists and fragmented MP4 files. Better playback than with WebTorrent:
- # * Resolution change is smoother
- # * Faster playback in particular with long videos
- # * More stable playback (less bugs/infinite loading)
- # If you also enabled the webtorrent format, it will multiply videos storage by 2
- hls:
- enabled: true
-
-live:
- enabled: false
-
- # Limit lives duration
- # -1 == unlimited
- max_duration: -1 # For example: '5 hours'
-
- # Limit max number of live videos created on your instance
- # -1 == unlimited
- max_instance_lives: 20
-
- # Limit max number of live videos created by a user on your instance
- # -1 == unlimited
- max_user_lives: 3
-
- # Allow your users to save a replay of their live
- # PeerTube will transcode segments in a video file
- # If the user daily/total quota is reached, PeerTube will stop the live
- # /!\ transcoding.enabled (and not live.transcoding.enabled) has to be true to create a replay
- allow_replay: true
-
- # Your firewall should accept traffic from this port in TCP if you enable live
- rtmp:
- enabled: true
- port: 1935
-
- rtmps:
- enabled: false
- port: 1936
- # Absolute path
- key_file: ''
- # Absolute path
- cert_file: ''
-
- # Allow to transcode the live streaming in multiple live resolutions
- transcoding:
- enabled: true
- threads: 2
-
- # Choose the transcoding profile
- # New profiles can be added by plugins
- # Available in core PeerTube: 'default'
- profile: 'default'
-
- resolutions:
- 144p: false
- 240p: false
- 360p: false
- 480p: false
- 720p: false
- 1080p: false
- 1440p: false
- 2160p: false
-
-import:
- # Add ability for your users to import remote videos (from YouTube, torrent...)
- videos:
- # Amount of import jobs to execute in parallel
- concurrency: 1
-
- # Classic HTTP or all sites supported by youtube-dl https://rg3.github.io/youtube-dl/supportedsites.html
- http:
- # We recommend to use a HTTP proxy if you enable HTTP import to prevent private URL access from this server
- # See https://docs.joinpeertube.org/maintain-configuration?id=security for more information
- enabled: true
-
- youtube_dl_release:
- # Direct download URL to youtube-dl binary
- # Github releases API is also supported
- # Examples:
- # * https://api.github.com/repos/ytdl-org/youtube-dl/releases
- # * https://api.github.com/repos/yt-dlp/yt-dlp/releases
- url: 'https://yt-dl.org/downloads/latest/youtube-dl'
-
- # youtube-dl binary name
- # yt-dlp is also supported
- name: 'youtube-dl'
-
- # Path to the python binary to execute for youtube-dl or yt-dlp
- python_path: '/usr/bin/python3'
-
- # IPv6 is very strongly rate-limited on most sites supported by youtube-dl
- force_ipv4: false
-
- # Magnet URI or torrent file (use classic TCP/UDP/WebSeed to download the file)
- torrent:
- # We recommend to only enable magnet URI/torrent import if you trust your users
- # See https://docs.joinpeertube.org/maintain-configuration?id=security for more information
- enabled: false
-
-auto_blacklist:
- # New videos automatically blacklisted so moderators can review before publishing
- videos:
- of_users:
- enabled: false
-
-# Instance settings
-instance:
- name: 'PeerTube'
- short_description: '%%peertube_short_description'
- description: '%%peertube_description' # Support markdown
- terms: 'No terms for now.' # Support markdown
- code_of_conduct: '' # Supports markdown
-
- # Who moderates the instance? What is the policy regarding NSFW videos? Political videos? etc
- moderation_information: '' # Supports markdown
-
- # Why did you create this instance?
- creation_reason: '' # Supports Markdown
-
- # Who is behind the instance? A single person? A non profit?
- administrator: '' # Supports Markdown
-
- # How long do you plan to maintain this instance?
- maintenance_lifetime: '' # Supports Markdown
-
- # How will you pay the PeerTube instance server? With your own funds? With users donations? Advertising?
- business_model: '' # Supports Markdown
-
- # If you want to explain on what type of hardware your PeerTube instance runs
- # Example: '2 vCore, 2GB RAM...'
- hardware_information: '' # Supports Markdown
-
- # What are the main languages of your instance? To interact with your users for example
- # Uncomment or add the languages you want
- # List of supported languages: https://peertube.cpy.re/api/v1/videos/languages
- languages:
-# - en
-# - es
- - fr
-
- # You can specify the main categories of your instance (dedicated to music, gaming or politics etc)
- # Uncomment or add the category ids you want
- # List of supported categories: https://peertube.cpy.re/api/v1/videos/categories
- categories:
-# - 1 # Music
-# - 2 # Films
-# - 3 # Vehicles
-# - 4 # Art
-# - 5 # Sports
-# - 6 # Travels
-# - 7 # Gaming
-# - 8 # People
-# - 9 # Comedy
-# - 10 # Entertainment
-# - 11 # News & Politics
-# - 12 # How To
-# - 13 # Education
-# - 14 # Activism
-# - 15 # Science & Technology
-# - 16 # Animals
-# - 17 # Kids
-# - 18 # Food
-
- default_client_route: '/videos/trending'
-
- # Whether or not the instance is dedicated to NSFW content
- # Enabling it will allow other administrators to know that you are mainly federating sensitive content
- # Moreover, the NSFW checkbox on video upload will be automatically checked by default
- is_nsfw: false
- # By default, `do_not_list` or `blur` or `display` NSFW videos
- # Could be overridden per user with a setting
- default_nsfw_policy: 'do_not_list'
-
- customizations:
- javascript: '' # Directly your JavaScript code (without