From e8e9e8719e6c8441ab54ce6967f332ee763fc4c2 Mon Sep 17 00:00:00 2001 From: Emmanuel Garette Date: Wed, 2 Aug 2023 09:26:54 +0200 Subject: [PATCH] update doc --- seed/README.md | 68 +++--- seed/apache/README.md | 46 ++-- seed/apache/applicationservice.yml | 1 - seed/apache/dictionaries/20_web.xml | 4 +- seed/base-debian-bullseye/README.md | 4 +- seed/base-debian/README.md | 4 +- seed/base-fedora-35/README.md | 4 +- seed/base-fedora-36/README.md | 4 +- seed/base-fedora-37/README.md | 4 +- seed/base-fedora-38/README.md | 4 +- seed/base-fedora/README.md | 4 +- seed/base-machine/README.md | 24 +- seed/base/README.md | 2 +- seed/base/funcs/base.py | 9 + seed/dns-external/README.md | 17 +- seed/dns-local/README.md | 2 +- seed/dovecot/README.md | 151 ++++++------ .../{26_dovecot.xml => 31_dovecot.xml} | 18 +- seed/forgejo/README.md | 180 ++++++++------- seed/forgejo/dictionaries/31_forgejo.xml | 4 +- seed/gitea/README.md | 141 +++++++++-- seed/gitea/applicationservice.yml | 1 + seed/grafana/README.md | 142 +++++++----- seed/grafana/dictionaries/31_grafana.xml | 2 +- seed/host-systemd-machined/README.md | 82 +++---- .../templates/tls-script | 2 +- seed/imap-client/README.md | 16 +- seed/journald/README.md | 19 +- seed/journald/dictionaries/20_journald.xml | 2 +- seed/journald_remote/README.md | 27 +-- seed/ldap-client/README.md | 40 ++-- .../dictionaries/21_ldap-client.xml | 8 +- seed/lemonldap/README.md | 152 ++++++------ .../dictionaries/70_lemonldap_ng.xml | 4 +- seed/loki/README.md | 40 +--- seed/mailman/README.md | 190 ++++++++------- seed/mailman/dictionaries/31_mailman.xml | 4 +- seed/mariadb-client/README.md | 18 +- seed/mariadb/README.md | 38 +-- seed/nextcloud/README.md | 185 ++++++++++----- seed/nextcloud/dictionaries/31_nextcloud.xml | 19 +- seed/nginx-common/README.md | 33 ++- seed/nginx-common/dictionaries/21_nginx.xml | 2 +- seed/nginx-https/README.md | 4 +- seed/nginx-reverse-proxy/README.md | 93 +++----- .../dictionaries/25_nginx.xml | 6 +- seed/nginx-static/README.md | 93 ++++++-- seed/nginx-static/applicationservice.yml | 1 + .../dictionaries/22_nginx_static.xml | 2 +- seed/nsd-local/README.md | 42 +--- seed/nsd-local/dictionaries/21_nsd-local.xml | 7 + seed/nsd/README.md | 141 +++++------ seed/nsd/dictionaries/20_nsd.xml | 8 +- seed/nsd/extras/nsd/00_nsd.xml | 2 +- seed/oauth2-client/README.md | 50 ++-- .../dictionaries/30_oauth2_client.xml | 6 +- seed/odoo/README.md | 218 +++++++++++------- seed/odoo/dictionaries/40_odoo.xml | 30 +-- seed/openldap/README.md | 191 ++++++++------- seed/openldap/applicationservice.yml | 12 +- .../dictionaries/21_openldap-server.xml | 2 +- seed/openldap/extras/accounts/00_account.xml | 8 +- seed/peertube/README.md | 185 +++++++++------ seed/peertube/dictionaries/30_peertube.xml | 2 +- seed/php-fpm/README.md | 17 +- seed/php-fpm/dictionaries/20_phpfpm.xml | 5 +- seed/php/README.md | 50 ++-- seed/piwigo/README.md | 203 +++++++++++----- seed/piwigo/dictionaries/31_piwigo.xml | 6 +- seed/pki-tls/README.md | 2 +- seed/pki-tls/templates/0certificate.conf | 2 +- seed/postfix-lmtp-relay/README.md | 16 +- seed/postfix-relay/README.md | 71 ++---- .../postfix-relay/dictionaries/30_postfix.xml | 4 +- seed/postgresql-client/README.md | 31 ++- seed/postgresql/README.md | 110 ++++----- seed/prometheus/README.md | 40 +--- seed/provider-systemd-machined/README.md | 52 +++-- .../dictionaries/16_machined.xml | 8 +- seed/redis-client/README.md | 34 ++- seed/redis-common/README.md | 4 +- seed/redis/README.md | 86 ++++--- seed/relay-lmtp-client/README.md | 14 +- seed/relay-mail-client/README.md | 16 +- seed/resolved/README.md | 4 +- seed/reverse-proxy-client/README.md | 34 ++- .../dictionaries/21_revprox_client.xml | 4 +- .../funcs/revprox_client.py | 9 - seed/roundcube/README.md | 216 ++++++++++------- seed/roundcube/dictionaries/31_roundcube.xml | 4 +- seed/speedtest-rs/README.md | 83 +++---- seed/systemd/README.md | 4 +- seed/tls/manual/image/postinstall/x509.py | 2 +- seed/unbound/README.md | 81 ++----- seed/unbound/dictionaries/20_unbound.xml | 2 +- seed/vaultwarden/README.md | 101 ++++---- .../dictionaries/40_vaultwarden.xml | 4 +- seed/vector/README.md | 48 +--- seed/znc/README.md | 115 +++++---- seed/znc/dictionaries/40_znc.xml | 18 +- 100 files changed, 2248 insertions(+), 2076 deletions(-) rename seed/dovecot/dictionaries/{26_dovecot.xml => 31_dovecot.xml} (91%) diff --git a/seed/README.md b/seed/README.md index 913bc7c3..e13feb25 100644 --- a/seed/README.md +++ b/seed/README.md @@ -1,5 +1,36 @@ # Application services +- [dovecot](dovecot/README.md): Postfix and Dovecot as mail servers (Submission and IMAP) +- [forgejo](forgejo/README.md): Forgejo, a community managed lightweight code hosting solution +- [gitea](gitea/README.md): Transitional package for Gitea to Forgejo +- [grafana](grafana/README.md): Grafana is an analytics and interactive visualization web application +- [lemonldap](lemonldap/README.md): LemonLDAP, a Web Single Sign On and Access Management +- [loki](loki/README.md): Loki, a log aggregation platform +- [mailman](mailman/README.md): GNU Mailman, managing electronic mail discussion and e-newsletter lists +- [mariadb](mariadb/README.md): MariaDB, a relational database +- [nextcloud](nextcloud/README.md): Nextcloud, Online collaboration platform +- nginx: + - [nginx-reverse-proxy](nginx-reverse-proxy/README.md): Nginx as reverse proxy + - [nginx-static](nginx-static/README.md): Nginx as static web site +- nsd: + - [nsd](nsd/README.md): NSD, an authoritative DNS name server + - [nsd-local](nsd-local/README.md): NSD, an authoritative DNS name server for local resolution +- [odoo](odoo/README.md): Odoo, an ERP and CRM +- [openldap](openldap/README.md): OpenLDAP, the LDAP server +- [peertube](peertube/README.md): Peertube, a federated (ActivityPub) video streaming platform +- [piwigo](piwigo/README.md): Piwigo, a photo management software +- [postfix-relay](postfix-relay/README.md): Postfix, the mail server, as relay +- [postgresql](postgresql/README.md): Postgresql, a database +- [prometheus](prometheus/README.md): Prometheus, an event monitoring +- [redis](redis/README.md): Redis, an in-memory data structure store +- [roundcube](roundcube/README.md): Roundcube, a webmail +- [speedtest-rs](speedtest-rs/README.md): Speedtest-rs, a very lightweight Speedtest +- [unbound](unbound/README.md): Unbound, a validating, recursive, caching DNS resolver +- [vaultwarden](vaultwarden/README.md): Vaultwarden, a password manager +- [vector](vector/README.md): Vector, a lightweight, ultra-fast tool for building observability pipelines +- [znc](znc/README.md): ZNC, a bouncer IRC +# Application dependencies + - [apache](apache/README.md): Apache as web server - base: - [base](base/README.md): Base of all application services @@ -14,49 +45,24 @@ - dns: - [dns-external](dns-external/README.md): DNS client with resolution on all zones (especially outside) - [dns-local](dns-local/README.md): DNS client with access to local zones -- [dovecot](dovecot/README.md): Postfix and Dovecot as mail servers (Submission and IMAP) -- [forgejo](forgejo/README.md): Forgejo, a community managed lightweight code hosting solution -- [gitea](gitea/README.md): Transitional package for Gitea to Forgejo -- [grafana](grafana/README.md): Grafana is an analytics and interactive visualization web application - [host-systemd-machined](host-systemd-machined/README.md): Host with machine started in Systemd Machined environment - [imap-client](imap-client/README.md): Application service needs interact with an IMAP server - [journald](journald/README.md): Journald - [journald_remote](journald_remote/README.md): Journald remote - [ldap-client](ldap-client/README.md): Application service needs interact with a LDAP server -- [lemonldap](lemonldap/README.md): LemonLDAP, a Web Single Sign On and Access Management -- [loki](loki/README.md): Loki, a log aggregation platform -- [mailman](mailman/README.md): GNU Mailman, managing electronic mail discussion and e-newsletter lists -- mariadb: - - [mariadb](mariadb/README.md): MariaDB, a relational database - - [mariadb-client](mariadb-client/README.md): Application service needs interact with a MariaDB server -- [nextcloud](nextcloud/README.md): Nextcloud, Online collaboration platform +- [mariadb-client](mariadb-client/README.md): Application service needs interact with a MariaDB server - nginx: - [nginx-common](nginx-common/README.md): Nginx common configuration - [nginx-https](nginx-https/README.md): Nginx as HTTPS web site - - [nginx-reverse-proxy](nginx-reverse-proxy/README.md): Nginx as reverse proxy - - [nginx-static](nginx-static/README.md): Nginx as static web site -- nsd: - - [nsd](nsd/README.md): NSD, an authoritative DNS name server - - [nsd-local](nsd-local/README.md): NSD, an authoritative DNS name server for local resolution - [oauth2-client](oauth2-client/README.md): Application service needs interact with a Oauth2 server -- [odoo](odoo/README.md): Odoo, an ERP and CRM -- [openldap](openldap/README.md): OpenLDAP, a LDAP server -- [peertube](peertube/README.md): Peertube, a federated (ActivityPub) video streaming platform - php: - [php](php/README.md): PHP, a popular general-purpose scripting language - [php-fpm](php-fpm/README.md): PHP FPM -- [piwigo](piwigo/README.md): Piwigo, a photo management software - [pki-tls](pki-tls/README.md): Autosign PKI or Let's encrypt support for TLS certificates -- postfix: - - [postfix-lmtp-relay](postfix-lmtp-relay/README.md): Postfix, the mail server, as LMTP relay - - [postfix-relay](postfix-relay/README.md): Postfix, the mail server, as relay -- postgresql: - - [postgresql](postgresql/README.md): Postgresql, a database - - [postgresql-client](postgresql-client/README.md): Application service needs interact with a Postgresql server -- [prometheus](prometheus/README.md): Prometheus, an event monitoring +- [postfix-lmtp-relay](postfix-lmtp-relay/README.md): Postfix, the mail server, as LMTP relay +- [postgresql-client](postgresql-client/README.md): Application service needs interact with a Postgresql server - [provider-systemd-machined](provider-systemd-machined/README.md): Machine started in Systemd Machined environment - redis: - - [redis](redis/README.md): Redis, an in-memory data structure store - [redis-client](redis-client/README.md): Application service needs interact with a Redis server - [redis-common](redis-common/README.md): Redis, an in-memory data structure store - relay: @@ -64,13 +70,7 @@ - [relay-mail-client](relay-mail-client/README.md): Client SMTP - [resolved](resolved/README.md): Resolved - [reverse-proxy-client](reverse-proxy-client/README.md): Application service needs interact with a a reverse proxy server -- [roundcube](roundcube/README.md): Roundcube, a webmail -- [speedtest-rs](speedtest-rs/README.md): Speedtest-rs, a very lightweight Speedtest - [systemd](systemd/README.md): Systemd, a system and service manager -- [unbound](unbound/README.md): Unbound, a validating, recursive, caching DNS resolver -- [vaultwarden](vaultwarden/README.md): Vaultwarden, a password manager -- [vector](vector/README.md): Vector, a lightweight, ultra-fast tool for building observability pipelines -- [znc](znc/README.md): ZNC, a bouncer IRC # Providers and suppliers diff --git a/seed/apache/README.md b/seed/apache/README.md index 9d734927..75224c1b 100644 --- a/seed/apache/README.md +++ b/seed/apache/README.md @@ -5,51 +5,31 @@ include_toc: true # apache -## Description +## Synopsis Apache as web server. -[For more informations](https://httpd.apache.org/) +[More informations about this software.](https://httpd.apache.org/) -## Examples -Zone names are provided as examples. Think about adapting with the value of provider_zone in configuration file. -``` -apache: - applicationservice: apache - zones_name: - - reverseproxy -``` +## Variables for expert -``` -apache: - applicationservice: apache - zones_name: - - reverseproxy -``` +### Général + +#### Apache + +Paramètrage avancé du serveur web Apache. + +| Parameter | Comments | +|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------| +| **[general.apache.apache_timeout](dictionaries/20_web.xml)**
mandatory
**Type:** [`number`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Temps d'attente des entrées/sorties avant de considérer qu'une requête a échoué.
Temps en secondes.
**Default:** 300 | +| **[general.apache.apache_keepalive](dictionaries/20_web.xml)**
mandatory
**Type:** [`boolean`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Autoriser les connexions persistantes.
**Default:** True | ## Dependances - [reverse-proxy-client](../reverse-proxy-client/README.md) -## Variables - -### Général (*general*) - -#### Apache (*general.apache*) - -Paramètrage avancé du serveur web Apache - -| Description | Help | Type | Values | -|-----------------------------------------------------------------------------------------------------------------------------------|-------------------|-------------------------------------------------------------------------------------------------------------------------|----------| -| **Temps d'attente des entrées/sorties avant de considérer qu'une requête a échoué** (*[apache_timeout](dictionaries/20_web.xml)*) | Temps en secondes | [number](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | 300 | -| **Autoriser les connexions persistantes** (*[apache_keepalive](dictionaries/20_web.xml)*) | | [boolean](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | True | - - -- [+]: variable is multiple -- **bold**: variable is mandatory - ## Used by [nextcloud](../nextcloud/README.md) diff --git a/seed/apache/applicationservice.yml b/seed/apache/applicationservice.yml index 11682e47..6ba1732c 100644 --- a/seed/apache/applicationservice.yml +++ b/seed/apache/applicationservice.yml @@ -3,4 +3,3 @@ description: Apache as web server website: https://httpd.apache.org/ depends: - reverse-proxy-client -service: true diff --git a/seed/apache/dictionaries/20_web.xml b/seed/apache/dictionaries/20_web.xml index f995d8be..7a2aaf02 100644 --- a/seed/apache/dictionaries/20_web.xml +++ b/seed/apache/dictionaries/20_web.xml @@ -16,10 +16,10 @@ - + 300 - + diff --git a/seed/base-debian-bullseye/README.md b/seed/base-debian-bullseye/README.md index 88b74434..eaf05c64 100644 --- a/seed/base-debian-bullseye/README.md +++ b/seed/base-debian-bullseye/README.md @@ -5,11 +5,11 @@ include_toc: true # base-debian-bullseye -## Description +## Synopsis Base information of a Debian Bulleye server. -[For more informations](https://www.debian.org/) +[More informations about this software.](https://www.debian.org/) ## Dependances diff --git a/seed/base-debian/README.md b/seed/base-debian/README.md index dbc7fe76..50a79752 100644 --- a/seed/base-debian/README.md +++ b/seed/base-debian/README.md @@ -5,11 +5,11 @@ include_toc: true # base-debian -## Description +## Synopsis Base information of a Debian server. -[For more informations](https://www.debian.org/) +[More informations about this software.](https://www.debian.org/) ## Dependances diff --git a/seed/base-fedora-35/README.md b/seed/base-fedora-35/README.md index ae84cc8a..41ef45e3 100644 --- a/seed/base-fedora-35/README.md +++ b/seed/base-fedora-35/README.md @@ -5,11 +5,11 @@ include_toc: true # base-fedora-35 -## Description +## Synopsis Base information of a Fedora 35. -[For more informations](https://getfedora.org/) +[More informations about this software.](https://getfedora.org/) ## Dependances diff --git a/seed/base-fedora-36/README.md b/seed/base-fedora-36/README.md index 52691035..222fa2d5 100644 --- a/seed/base-fedora-36/README.md +++ b/seed/base-fedora-36/README.md @@ -5,11 +5,11 @@ include_toc: true # base-fedora-36 -## Description +## Synopsis Base information of a Fedora 36. -[For more informations](https://getfedora.org/) +[More informations about this software.](https://getfedora.org/) ## Dependances diff --git a/seed/base-fedora-37/README.md b/seed/base-fedora-37/README.md index c6e0d141..fe06c8d6 100644 --- a/seed/base-fedora-37/README.md +++ b/seed/base-fedora-37/README.md @@ -5,11 +5,11 @@ include_toc: true # base-fedora-37 -## Description +## Synopsis Base information of a Fedora 37. -[For more informations](https://getfedora.org/) +[More informations about this software.](https://getfedora.org/) ## Dependances diff --git a/seed/base-fedora-38/README.md b/seed/base-fedora-38/README.md index eb1a2e42..581e5551 100644 --- a/seed/base-fedora-38/README.md +++ b/seed/base-fedora-38/README.md @@ -5,11 +5,11 @@ include_toc: true # base-fedora-38 -## Description +## Synopsis Base information of a Fedora 38. -[For more informations](https://getfedora.org/) +[More informations about this software.](https://getfedora.org/) ## Dependances diff --git a/seed/base-fedora/README.md b/seed/base-fedora/README.md index be44494c..3f8da42b 100644 --- a/seed/base-fedora/README.md +++ b/seed/base-fedora/README.md @@ -5,11 +5,11 @@ include_toc: true # base-fedora -## Description +## Synopsis Base information of a Fedora. -[For more informations](https://getfedora.org/) +[More informations about this software.](https://getfedora.org/) ## Dependances diff --git a/seed/base-machine/README.md b/seed/base-machine/README.md index d32ffb39..1852ce7e 100644 --- a/seed/base-machine/README.md +++ b/seed/base-machine/README.md @@ -5,28 +5,26 @@ include_toc: true # base-machine -## Description +## Synopsis Base information for a machine. + +## Variables + +### Machine + +| Parameter | Comments | +|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-----------------| +| **[machine.data_disk_size](extras/machine/00_base.xml)**
**Type:** [`number`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Data disk size. | + + ## Dependances - [base](../base/README.md) - [dns-local](../dns-local/README.md) - [pki-tls](../pki-tls/README.md) -## Variables - -### Machine (*machine*) - -| Description | Type | -|-----------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------| -| Data disk size (*[data_disk_size](extras/machine/00_base.xml)*) | [number](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | - - -- [+]: variable is multiple -- **bold**: variable is mandatory - ## Used by [systemd](../systemd/README.md) diff --git a/seed/base/README.md b/seed/base/README.md index cf694db8..b8308440 100644 --- a/seed/base/README.md +++ b/seed/base/README.md @@ -5,7 +5,7 @@ include_toc: true # base -## Description +## Synopsis Base of all application services. diff --git a/seed/base/funcs/base.py b/seed/base/funcs/base.py index acbeed06..95f02e44 100644 --- a/seed/base/funcs/base.py +++ b/seed/base/funcs/base.py @@ -60,3 +60,12 @@ def get_zones_info(zones: dict, continue ret.append(val) return ret + + +def get_first_value(lst: list): + if lst: + if isinstance(lst[0], list): + if lst[0] and lst[0][0]: + return lst[0][0] + else: + return lst[0] diff --git a/seed/dns-external/README.md b/seed/dns-external/README.md index 2707d752..56cb8084 100644 --- a/seed/dns-external/README.md +++ b/seed/dns-external/README.md @@ -5,25 +5,22 @@ include_toc: true # dns-external -## Description +## Synopsis DNS client with resolution on all zones (especially outside). + ## Variables -### Général (*general*) +### Général -#### network (*general.network*) +#### network -| Description | Values | Supplier | -|-------------------------------------------------------------|----------|-------------| -| *[**dns_is_only_local**](dictionaries/14_dns-external.xml)* | False | | -| *[dns_client_address](dictionaries/14_dns-external.xml)* | | ExternalDNS | +| Parameter | Comments | +|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------| +| **[general.network.dns_is_only_local](dictionaries/14_dns-external.xml)**
mandatory
**Type:** [`string`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | **Default:** False | -- [+]: variable is multiple -- **bold**: variable is mandatory - ## Used by - [postfix-relay](../postfix-relay/README.md) diff --git a/seed/dns-local/README.md b/seed/dns-local/README.md index c039e27f..78203c7b 100644 --- a/seed/dns-local/README.md +++ b/seed/dns-local/README.md @@ -5,7 +5,7 @@ include_toc: true # dns-local -## Description +## Synopsis DNS client with access to local zones. diff --git a/seed/dovecot/README.md b/seed/dovecot/README.md index 2a464a07..22598659 100644 --- a/seed/dovecot/README.md +++ b/seed/dovecot/README.md @@ -5,18 +5,76 @@ include_toc: true # dovecot -## Description +## Synopsis Postfix and Dovecot as mail servers (Submission and IMAP). -[For more informations](https://www.dovecot.org/) +[More informations about this software.](https://www.dovecot.org/) -## Examples +## Basic variables + +### Général + +#### Mail configuration + +##### Mail domain + +This a family is a leadership. + +| Parameter | Comments | +|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------| +| **[general.mail.domain.mail_domains](dictionaries/31_dovecot.xml)**
mandatory, multiple
**Type:** [`domainname`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Domaine de courriel géré localement.
**Example:** example.net | +| **[general.mail.domain.imap_domainname](dictionaries/31_dovecot.xml)**
mandatory
**Type:** [`domainname`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Domaine exterieur d'accès au serveur IMAP.
**Example:** imap.example.net | +| **[general.mail.domain.submission_domainname](dictionaries/31_dovecot.xml)**
mandatory
**Type:** [`domainname`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Domaine exterieur d'accès au serveur submission.
**Example:** submission.example.net | + +## Variables + +### Général + +#### Mail configuration + +##### Mail domain + +This a family is a leadership. + +| Parameter | Comments | +|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------| +| **[general.mail.mail_crt_provider](dictionaries/31_dovecot.xml)**
mandatory
**Type:** [`choice`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Autorité de certification signant les certificats des domaines extérieurs.
**Choices:**
- `self-signed` ← (default)
- `letsencrypt` | + +## Variables for expert + +### Général + +#### Annuaire OpenLDAP + +##### Client + +| Parameter | Comments | +|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------| +| **[general.ldap.client.ldapclient_family](dictionaries/31_dovecot.xml)**
mandatory
**Type:** [`unix_user`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Nom de la famille LDAP.
**Default:** all | +| **[general.ldap.client.ldapclient_base_dn](dictionaries/21_ldap-client.xml)**
mandatory
**Type:** [`string`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Base DN de l'annuaire.
**Default:** *calculated* | +| **[general.ldap.client.ldapclient_search_dn](dictionaries/21_ldap-client.xml)**
mandatory
**Type:** [`string`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Base DN de l'annuaire des utilisateurs.
**Default:** *calculated* | +| **[general.ldap.client.ldapclient_group_dn](dictionaries/21_ldap-client.xml)**
mandatory
**Type:** [`string`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Base DN de l'annuaire des groupes.
**Default:** *calculated* | +| **[general.ldap.client.ldapclient_user_dn](dictionaries/21_ldap-client.xml)**
mandatory
**Type:** [`string`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Base DN de l'annuaire des utilisateurs n'appartenant à une famille.
**Default:** *calculated* | + + + +## Requirements services + +- **LocalDNS** +- Journald +- **SMTP** +- **LDAP** +- **ReverseProxy** +- **LMTP** +- **OAuth2** + +**bold**: provider is mandatory + +## Example Zone names are provided as examples. Think about adapting with the value of provider_zone in configuration file. -With minimum providers: - ``` dovecot: applicationservice: dovecot @@ -28,22 +86,13 @@ dovecot: - smtp - lmtp - oauth2 -``` - -With all providers: - -``` -dovecot: - applicationservice: dovecot - provider_zone: imap - zones_name: - - journald - - ldap - - localdns - - reverseproxy - - smtp - - lmtp - - oauth2 + values: + general.mail.domain.mail_domains: + - example.net + general.mail.domain.imap_domainname: + '0': imap.example.net + general.mail.domain.submission_domainname: + '0': submission.example.net ``` ## Dependances @@ -65,66 +114,6 @@ dovecot: - [nginx-common](../nginx-common/README.md) - [reverse-proxy-client](../reverse-proxy-client/README.md) -## Variables - -### Général (*general*) - -#### network (*general.network*) - -| Description | Values | -|---------------------------------------------------------|--------------| -| *[**incoming_ports**](dictionaries/26_dovecot.xml)* [+] | 587
993 | - -#### ldap (*general.ldap*) - -##### client (*general.ldap.client*) - -| Description | Values | -|----------------------------------------------------------|----------| -| *[**ldapclient_family**](dictionaries/26_dovecot.xml)* | all | -| *[**ldap_key_file_owner**](dictionaries/26_dovecot.xml)* | dovecot | - -#### Mail configuration (*general.mail*) - -| Description | Type | Values | Choices | -|------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------|-----------|----------------------------| -| **Autorité de certification signant les certificats des domaines extérieurs** (*[mail_crt_provider](dictionaries/26_dovecot.xml)*) | [choice](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | autosigne | autosigne
letsencrypt | - -##### Mail domain (*general.mail.domain*) - -This a family is a leadership. - -| Description | Type | Supplier | -|---------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------|---------------| -| **Domaine de courriel géré localement** (*[mail_domains](dictionaries/26_dovecot.xml)*) [+] | [domainname](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | LMTP:criteria | -| *[**imap_domainname**](dictionaries/26_dovecot.xml)* | [domainname](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | | -| *[**submission_domainname**](dictionaries/26_dovecot.xml)* | [domainname](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | | - -#### IMAP mail server (*general.dovecot*) - -| Description | Type | Provider | -|----------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------|------------| -| **IMAP client address** (*[imap_internal_addresses](dictionaries/26_dovecot.xml)*) [+] | [domainname](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | IMAP | - -#### revprox (*general.revprox*) - -##### revprox_client (*general.revprox.revprox_client*) - -| Description | Values | -|----------------------------------------------------------------------|--------------| -| *[revprox_client_external_domainnames](dictionaries/26_dovecot.xml)* | | -| *[revprox_client_web_address](dictionaries/26_dovecot.xml)* | | - -#### nginx (*general.nginx*) - -| Description | Values | -|-------------------------------------------------|---------------| -| *[**nginx_root**](dictionaries/26_dovecot.xml)* | /var/www/html | - - -- [+]: variable is multiple -- **bold**: variable is mandatory - ## Supplier [imap-client](../imap-client/README.md) diff --git a/seed/dovecot/dictionaries/26_dovecot.xml b/seed/dovecot/dictionaries/31_dovecot.xml similarity index 91% rename from seed/dovecot/dictionaries/26_dovecot.xml rename to seed/dovecot/dictionaries/31_dovecot.xml index 28971b21..6aab8278 100644 --- a/seed/dovecot/dictionaries/26_dovecot.xml +++ b/seed/dovecot/dictionaries/31_dovecot.xml @@ -65,14 +65,14 @@ - + - autosigne - autosigne + self-signed + self-signed letsencrypt @@ -82,15 +82,17 @@ - - + - + + + - + - - - + + + diff --git a/seed/peertube/README.md b/seed/peertube/README.md index c6da0cdf..e7e6364b 100644 --- a/seed/peertube/README.md +++ b/seed/peertube/README.md @@ -5,18 +5,120 @@ include_toc: true # peertube -## Description +## Synopsis Peertube, a federated (ActivityPub) video streaming platform. -[For more informations](https://www.openldap.org/) +[More informations about this software.](https://www.openldap.org/) -## Examples +## Basic variables + +### Général + +#### Reverse proxy + +##### Point d'entrée des clients + +This a family is a leadership. + +| Parameter | Comments | +|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|---------------------------------------------------------------------------| +| **[general.revprox.revprox_client.revprox_client_external_domainnames](dictionaries/21_revprox_client.xml)**
mandatory, multiple
**Type:** [`domainname`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Nom de domaine exterieur du serveur.
**Example:** service.example.net | +| **[general.revprox.revprox_client.revprox_client_location](dictionaries/30_peertube.xml)**
mandatory
**Type:** [`filename`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Nom de l'arborescence racine du site. | + +#### peertube + +| Parameter | Comments | +|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------| +| **[general.peertube.peertube_admin_email](dictionaries/30_peertube.xml)**
mandatory
**Type:** [`mail`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Adresse courriel de l'administrateur Peertube.
**Example:** john.doe@example.net | + +## Variables + +### Général + +#### peertube + +| Parameter | Comments | +|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------| +| **[general.peertube.peertube_short_description](dictionaries/30_peertube.xml)**
mandatory
**Type:** [`string`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Description courte de l'instance.
**Default:** PeerTube, an ActivityPub-federated video streaming platform using P2P directly in your web browser. | +| **[general.peertube.peertube_description](dictionaries/30_peertube.xml)**
mandatory
**Type:** [`string`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Description de l'instance.
**Default:** Welcome to this PeerTube instance! | + +## Variables for expert + +### Général + +#### NGINX + +Paramétrage global de NGINX. + +| Parameter | Comments | +|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------| +| **[general.nginx.nginx_hash_bucket_size](dictionaries/21_nginx.xml)**
mandatory
**Type:** [`choice`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Longueur maximum pour un nom de domaine.
**Choices:**
- `128` ← (default)
- `64`
- `32` | +| **[general.nginx.nginx_post_max_size](dictionaries/21_nginx.xml)**
mandatory
**Type:** [`number`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Taille maximale des données reçues par la méthode POST (en Mo).
**Default:** 32 | + +#### Reverse proxy + +##### Point d'entrée des clients + +This a family is a leadership. + +| Parameter | Comments | +|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------| +| **[general.revprox.revprox_client.revprox_client_max_body_size](dictionaries/30_peertube.xml)**
mandatory
**Type:** [`string`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Taille maximum du corps. | + +#### PostgreSQL + +| Parameter | Comments | +|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------| +| **[general.postgresql.pg_client_username](dictionaries/23_postgresql.xml)**
mandatory
**Type:** [`string`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Client username.
**Default:** *calculated* | +| **[general.postgresql.pg_client_password](dictionaries/23_postgresql.xml)**
mandatory
**Type:** [`password`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Client password.
**Default:** *calculated* | +| **[general.postgresql.pg_client_database](dictionaries/23_postgresql.xml)**
mandatory
**Type:** [`string`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Client database.
**Default:** *calculated* | + +#### Redis + +| Parameter | Comments | +|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------| +| **[general.redis.redis_client_username](dictionaries/23_redis.xml)**
mandatory
**Type:** [`string`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Nom d'utilisateur.
**Default:** *calculated* | +| **[general.redis.redis_client_password](dictionaries/23_redis.xml)**
mandatory
**Type:** [`password`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Mot de passe de connexion.
**Default:** *calculated* | + +#### OAuth2 client + +| Parameter | Comments | +|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------| +| **[general.oauth2_client.oauth2_client_name](dictionaries/30_peertube.xml)**
mandatory
**Type:** [`string`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | OAuth2 client name.
**Default:** Vidéo
**Example:** example | +| **[general.oauth2_client.oauth2_client_description](dictionaries/30_peertube.xml)**
mandatory
**Type:** [`string`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | OAuth2 client description.
**Default:** Plateforme de partage de vidéo Peertube
**Example:** Example description | +| **[general.oauth2_client.oauth2_client_login](dictionaries/30_oauth2_client.xml)**
**Type:** [`web_address`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | OAuth2 URL to valid login. | + +##### external + +| Parameter | Comments | +|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------------------------------| +| **[general.oauth2_client.external.oauth2_client_external](dictionaries/30_peertube.xml)**
mandatory, multiple
**Type:** [`web_address`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | OAuth2 client external.
**Default:** *calculated* | +| **[general.oauth2_client.external.oauth2_client_family](dictionaries/30_oauth2_client.xml)**
mandatory
**Type:** [`string`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | OAuth2 family.
**Default:** users | + +| Parameter | Comments | +|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|---------------------------------------------------| +| **[general.oauth2_client.oauth2_client_category](dictionaries/30_peertube.xml)**
mandatory
**Type:** [`string`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | OAuth2 category.
**Default:** Réseaux sociaux | +| **[general.oauth2_client.oauth2_client_logo](dictionaries/30_peertube.xml)**
mandatory
**Type:** [`string`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | OAuth2 logo.
**Default:** silique_video.png | + + + +## Requirements services + +- **ExternalDNS** +- Journald +- **SMTP** +- **ReverseProxy** +- **Postgresql** +- **Redis** +- **OAuth2** + +**bold**: provider is mandatory + +## Example Zone names are provided as examples. Think about adapting with the value of provider_zone in configuration file. -With minimum providers: - ``` peertube: applicationservice: peertube @@ -27,22 +129,10 @@ peertube: - redis - oauth2 - postgresql -``` - -With all providers: - -``` -peertube: - applicationservice: peertube - zones_name: - - journald - - externaldns - - localdns - - reverseproxy - - smtp - - redis - - oauth2 - - postgresql + values: + general.revprox.revprox_client.revprox_client_external_domainnames: + - service.example.net + general.peertube.peertube_admin_email: john.doe@example.net ``` ## Dependances @@ -67,57 +157,4 @@ peertube: - [reverse-proxy-client](../reverse-proxy-client/README.md) - [oauth2-client](../oauth2-client/README.md) -## Variables - -### Général (*general*) - -#### network (*general.network*) - -| Description | Values | -|------------------------------------------------------|----------| -| *[**outgoing_ports**](dictionaries/30_peertube.xml)* | 443 | - -#### peertube (*general.peertube*) - -| Description | Type | Values | -|------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------| -| **Adresse courriel de l'administrateur Peertube** (*[peertube_admin_email](dictionaries/30_peertube.xml)*) | [mail](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | | -| **Description courte de l'instance** (*[peertube_short_description](dictionaries/30_peertube.xml)*) | [string](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | PeerTube, an ActivityPub-federated video streaming platform using P2P directly in your web browser. | -| **Description de l'instance** (*[peertube_description](dictionaries/30_peertube.xml)*) | [string](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Welcome to this PeerTube instance! | - -#### oauth2_client (*general.oauth2_client*) - -| Description | Values | -|--------------------------------------------------------------------|-----------------------------------------| -| *[**oauth2_is_client_application**](dictionaries/30_peertube.xml)* | True | -| *[**oauth2_client_name**](dictionaries/30_peertube.xml)* | Vidéo | -| *[**oauth2_client_description**](dictionaries/30_peertube.xml)* | Plateforme de partage de vidéo Peertube | -| *[**oauth2_client_category**](dictionaries/30_peertube.xml)* | Réseaux sociaux | -| *[**oauth2_client_logo**](dictionaries/30_peertube.xml)* | silique_video.png | - -##### external (*general.oauth2_client.external*) - -| Description | Values | -|----------------------------------------------------------|--------------| -| *[oauth2_client_external](dictionaries/30_peertube.xml)* | | - -#### nginx (*general.nginx*) - -| Description | Values | -|--------------------------------------------------|---------------------| -| *[**nginx_root**](dictionaries/30_peertube.xml)* | /usr/share/peertube | - -#### revprox (*general.revprox*) - -##### revprox_client (*general.revprox.revprox_client*) - -| Description | Values | -|--------------------------------------------------------------------|----------| -| *[**revprox_client_location**](dictionaries/30_peertube.xml)* | / | -| *[**revprox_client_max_body_size**](dictionaries/30_peertube.xml)* | 12G | - - -- [+]: variable is multiple -- **bold**: variable is mandatory - [All applications services for this dataset.](../README.md) diff --git a/seed/peertube/dictionaries/30_peertube.xml b/seed/peertube/dictionaries/30_peertube.xml index 13e70001..716950ab 100644 --- a/seed/peertube/dictionaries/30_peertube.xml +++ b/seed/peertube/dictionaries/30_peertube.xml @@ -17,7 +17,7 @@ - + PeerTube, an ActivityPub-federated video streaming platform using P2P directly in your web browser. diff --git a/seed/php-fpm/README.md b/seed/php-fpm/README.md index 0eec8d75..1670268f 100644 --- a/seed/php-fpm/README.md +++ b/seed/php-fpm/README.md @@ -5,7 +5,7 @@ include_toc: true # php-fpm -## Description +## Synopsis PHP FPM. @@ -13,21 +13,6 @@ PHP FPM. - [php](../php/README.md) -## Variables - -### Général (*general*) - -#### nginx (*general.nginx*) - -| Description | Type | Values | -|-------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------|----------| -| *[**php_fpm_user**](dictionaries/20_phpfpm.xml)* | [unix_user](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | root | -| *[**php_fpm_installed**](dictionaries/20_phpfpm.xml)* | [boolean](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | True | - - -- [+]: variable is multiple -- **bold**: variable is mandatory - ## Used by - [piwigo](../piwigo/README.md) diff --git a/seed/php-fpm/dictionaries/20_phpfpm.xml b/seed/php-fpm/dictionaries/20_phpfpm.xml index 7856d6bf..d1cdfe5f 100644 --- a/seed/php-fpm/dictionaries/20_phpfpm.xml +++ b/seed/php-fpm/dictionaries/20_phpfpm.xml @@ -10,12 +10,9 @@ - + - - True - diff --git a/seed/php/README.md b/seed/php/README.md index 8dbe3e05..e8605ff5 100644 --- a/seed/php/README.md +++ b/seed/php/README.md @@ -5,37 +5,35 @@ include_toc: true # php -## Description +## Synopsis PHP, a popular general-purpose scripting language. -[For more informations](https://secure.php.net/) - -## Variables - -### Général (*general*) - -#### PHP (*general.php*) - -Paramètrage avancé de PHP - -| Description | Help | Type | Values | -|-----------------------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------------------------------------------|--------------| -| **Taille maximale des données reçues par la méthode POST** (*[php_post_max_size](dictionaries/20_php.xml)*) | Valeur en Mo | [number](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | 32 | -| **Taille maximale d'un fichier à charger** (*[php_upload_max_filesize](dictionaries/20_php.xml)*) | Valeur en Mo | [number](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | 16 | -| **Temps maximal d'exécution d'un script** (*[php_max_execution_time](dictionaries/20_php.xml)*) | Valeur en secondes | [number](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | 30 | -| **Durée maximale pour analyser les données d'entrée** (*[php_max_input_time](dictionaries/20_php.xml)*) | Valeur en secondes | [number](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | 60 | -| **Taille mémoire maximale qu'un script est autorisé à allouer** (*[php_memory_limit](dictionaries/20_php.xml)*) | Valeur en Mo | [number](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | 512 | -| **Affichage des erreurs à l'écran** (*[php_display_errors](dictionaries/20_php.xml)*) | | [boolean](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | False | -| **Durée de vie des données sur le serveur** (*[php_session_gc_maxlifetime](dictionaries/20_php.xml)*) | Valeur en secondes | [number](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | 3600 | -| **Activer la directive de configuration browscap** (*[php_browscap](dictionaries/20_php.xml)*) | La directive de configuration browscap permet d'obtenir plus d'information sur les capacités du navigateur client grâce à la fonction get_browser() | [boolean](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | False | -| **Fuseau horaire** (*[time_zone](dictionaries/20_php.xml)*) | | [string](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Europe/Paris | -| **Activer les tampons de sortie** (*[php_enable_output_buffering](dictionaries/20_php.xml)*) | | [boolean](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | True | -| **Désactiver PCNTL** (*[php_disable_pcntl](dictionaries/20_php.xml)*) | | [boolean](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | True | +[More informations about this software.](https://secure.php.net/) -- [+]: variable is multiple -- **bold**: variable is mandatory + +## Variables for expert + +### Général + +#### PHP + +Paramètrage avancé de PHP. + +| Parameter | Comments | +|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| **[general.php.php_post_max_size](dictionaries/20_php.xml)**
mandatory
**Type:** [`number`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Taille maximale des données reçues par la méthode POST.
Valeur en Mo.
**Default:** 32 | +| **[general.php.php_upload_max_filesize](dictionaries/20_php.xml)**
mandatory
**Type:** [`number`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Taille maximale d'un fichier à charger.
Valeur en Mo.
**Default:** 16 | +| **[general.php.php_max_execution_time](dictionaries/20_php.xml)**
mandatory
**Type:** [`number`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Temps maximal d'exécution d'un script.
Valeur en secondes.
**Default:** 30 | +| **[general.php.php_max_input_time](dictionaries/20_php.xml)**
mandatory
**Type:** [`number`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Durée maximale pour analyser les données d'entrée.
Valeur en secondes.
**Default:** 60 | +| **[general.php.php_memory_limit](dictionaries/20_php.xml)**
mandatory
**Type:** [`number`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Taille mémoire maximale qu'un script est autorisé à allouer.
Valeur en Mo.
**Default:** 512 | +| **[general.php.php_display_errors](dictionaries/20_php.xml)**
mandatory
**Type:** [`boolean`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Affichage des erreurs à l'écran.
**Default:** False | +| **[general.php.php_session_gc_maxlifetime](dictionaries/20_php.xml)**
mandatory
**Type:** [`number`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Durée de vie des données sur le serveur.
Valeur en secondes.
**Default:** 3600 | +| **[general.php.php_browscap](dictionaries/20_php.xml)**
mandatory
**Type:** [`boolean`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Activer la directive de configuration browscap.
La directive de configuration browscap permet d'obtenir plus d'information sur les capacités du navigateur client grâce à la fonction get_browser().
**Default:** False | +| **[general.php.time_zone](dictionaries/20_php.xml)**
mandatory
**Type:** [`string`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Fuseau horaire.
**Default:** Europe/Paris | +| **[general.php.php_enable_output_buffering](dictionaries/20_php.xml)**
mandatory
**Type:** [`boolean`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Activer les tampons de sortie.
**Default:** True | +| **[general.php.php_disable_pcntl](dictionaries/20_php.xml)**
mandatory
**Type:** [`boolean`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Désactiver PCNTL.
**Default:** True | ## Used by diff --git a/seed/piwigo/README.md b/seed/piwigo/README.md index 999abdda..fe5cde25 100644 --- a/seed/piwigo/README.md +++ b/seed/piwigo/README.md @@ -5,18 +5,153 @@ include_toc: true # piwigo -## Description +## Synopsis Piwigo, a photo management software. -[For more informations](http://piwigo.org/) +[More informations about this software.](http://piwigo.org/) -## Examples +## Basic variables + +### Général + +#### Reverse proxy + +##### Point d'entrée des clients + +This a family is a leadership. + +| Parameter | Comments | +|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|---------------------------------------------------------------------------| +| **[general.revprox.revprox_client.revprox_client_external_domainnames](dictionaries/21_revprox_client.xml)**
mandatory, multiple
**Type:** [`domainname`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Nom de domaine exterieur du serveur.
**Example:** service.example.net | +| **[general.revprox.revprox_client.revprox_client_location](dictionaries/21_revprox_client.xml)**
mandatory
**Type:** [`filename`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Nom de l'arborescence racine du site. | + +#### Piwigo + +| Parameter | Comments | +|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|---------------------------------------------------------------------------------| +| **[general.piwigo.piwigo_admin_email](dictionaries/31_piwigo.xml)**
mandatory
**Type:** [`mail`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Adresse courriel de l'administrateur Piwigo.
**Example:** admin@example.net | + +##### Piwigo users + +This a family is a leadership. + +| Parameter | Comments | +|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------| +| **[general.piwigo.users.piwigo_users](dictionaries/31_piwigo.xml)**
mandatory, multiple
**Type:** [`unix_user`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Utilisateur ayant un album.
**Example:** jdoe | +| **[general.piwigo.users.piwigo_email](dictionaries/31_piwigo.xml)**
mandatory
**Type:** [`mail`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Adresse courriel.
**Example:** johndoe@example.net | + +## Variables + +### Général + +#### Piwigo + +| Parameter | Comments | +|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|---------------------------------------------------------| +| **[general.piwigo.piwigo_title](dictionaries/31_piwigo.xml)**
mandatory
**Type:** [`string`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Titre de l'album.
**Default:** Album photographique | + + + +## Variables for expert + +### Général + +#### PHP + +Paramètrage avancé de PHP. + +| Parameter | Comments | +|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| **[general.php.php_post_max_size](dictionaries/20_php.xml)**
mandatory
**Type:** [`number`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Taille maximale des données reçues par la méthode POST.
Valeur en Mo.
**Default:** 32 | +| **[general.php.php_upload_max_filesize](dictionaries/20_php.xml)**
mandatory
**Type:** [`number`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Taille maximale d'un fichier à charger.
Valeur en Mo.
**Default:** 16 | +| **[general.php.php_max_execution_time](dictionaries/20_php.xml)**
mandatory
**Type:** [`number`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Temps maximal d'exécution d'un script.
Valeur en secondes.
**Default:** 30 | +| **[general.php.php_max_input_time](dictionaries/20_php.xml)**
mandatory
**Type:** [`number`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Durée maximale pour analyser les données d'entrée.
Valeur en secondes.
**Default:** 60 | +| **[general.php.php_memory_limit](dictionaries/20_php.xml)**
mandatory
**Type:** [`number`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Taille mémoire maximale qu'un script est autorisé à allouer.
Valeur en Mo.
**Default:** 512 | +| **[general.php.php_display_errors](dictionaries/20_php.xml)**
mandatory
**Type:** [`boolean`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Affichage des erreurs à l'écran.
**Default:** False | +| **[general.php.php_session_gc_maxlifetime](dictionaries/20_php.xml)**
mandatory
**Type:** [`number`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Durée de vie des données sur le serveur.
Valeur en secondes.
**Default:** 3600 | +| **[general.php.php_browscap](dictionaries/20_php.xml)**
mandatory
**Type:** [`boolean`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Activer la directive de configuration browscap.
La directive de configuration browscap permet d'obtenir plus d'information sur les capacités du navigateur client grâce à la fonction get_browser().
**Default:** False | +| **[general.php.time_zone](dictionaries/20_php.xml)**
mandatory
**Type:** [`string`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Fuseau horaire.
**Default:** Europe/Paris | +| **[general.php.php_enable_output_buffering](dictionaries/20_php.xml)**
mandatory
**Type:** [`boolean`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Activer les tampons de sortie.
**Default:** True | +| **[general.php.php_disable_pcntl](dictionaries/20_php.xml)**
mandatory
**Type:** [`boolean`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Désactiver PCNTL.
**Default:** True | + +#### NGINX + +Paramétrage global de NGINX. + +| Parameter | Comments | +|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------| +| **[general.nginx.nginx_hash_bucket_size](dictionaries/21_nginx.xml)**
mandatory
**Type:** [`choice`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Longueur maximum pour un nom de domaine.
**Choices:**
- `128` ← (default)
- `64`
- `32` | +| **[general.nginx.nginx_post_max_size](dictionaries/21_nginx.xml)**
mandatory
**Type:** [`number`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Taille maximale des données reçues par la méthode POST (en Mo).
**Default:** 32 | + +#### Annuaire OpenLDAP + +##### Client + +| Parameter | Comments | +|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------| +| **[general.ldap.client.ldapclient_family](dictionaries/21_ldap-client.xml)**
**Type:** [`unix_user`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Nom de la famille LDAP. | +| **[general.ldap.client.ldapclient_base_dn](dictionaries/21_ldap-client.xml)**
mandatory
**Type:** [`string`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Base DN de l'annuaire.
**Default:** *calculated* | +| **[general.ldap.client.ldapclient_search_dn](dictionaries/21_ldap-client.xml)**
mandatory
**Type:** [`string`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Base DN de l'annuaire des utilisateurs.
**Default:** *calculated* | +| **[general.ldap.client.ldapclient_group_dn](dictionaries/21_ldap-client.xml)**
mandatory
**Type:** [`string`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Base DN de l'annuaire des groupes.
**Default:** *calculated* | +| **[general.ldap.client.ldapclient_user_dn](dictionaries/21_ldap-client.xml)**
mandatory
**Type:** [`string`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Base DN de l'annuaire des utilisateurs n'appartenant à une famille.
**Default:** *calculated* | + +#### Reverse proxy + +##### Point d'entrée des clients + +This a family is a leadership. + +| Parameter | Comments | +|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------| +| **[general.revprox.revprox_client.revprox_client_max_body_size](dictionaries/21_revprox_client.xml)**
**Type:** [`string`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Taille maximum du corps. | + +#### Redis + +| Parameter | Comments | +|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------| +| **[general.redis.redis_client_username](dictionaries/23_redis.xml)**
mandatory
**Type:** [`string`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Nom d'utilisateur.
**Default:** *calculated* | +| **[general.redis.redis_client_password](dictionaries/23_redis.xml)**
mandatory
**Type:** [`password`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Mot de passe de connexion.
**Default:** *calculated* | + +#### OAuth2 client + +| Parameter | Comments | +|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------| +| **[general.oauth2_client.oauth2_client_name](dictionaries/31_piwigo.xml)**
mandatory
**Type:** [`string`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | OAuth2 client name.
**Default:** Album
**Example:** example | +| **[general.oauth2_client.oauth2_client_description](dictionaries/31_piwigo.xml)**
mandatory
**Type:** [`string`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | OAuth2 client description.
**Default:** Album photographique Piwigo
**Example:** Example description | +| **[general.oauth2_client.oauth2_client_login](dictionaries/30_oauth2_client.xml)**
**Type:** [`web_address`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | OAuth2 URL to valid login. | + +##### external + +| Parameter | Comments | +|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------------------------------| +| **[general.oauth2_client.external.oauth2_client_external](dictionaries/30_oauth2_client.xml)**
mandatory, multiple
**Type:** [`web_address`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | OAuth2 client external.
**Default:** *calculated* | +| **[general.oauth2_client.external.oauth2_client_family](dictionaries/30_oauth2_client.xml)**
mandatory
**Type:** [`string`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | OAuth2 family.
**Default:** users | + +| Parameter | Comments | +|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------------------------| +| **[general.oauth2_client.oauth2_client_category](dictionaries/31_piwigo.xml)**
mandatory
**Type:** [`string`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | OAuth2 category.
**Default:** Diffusion | +| **[general.oauth2_client.oauth2_client_logo](dictionaries/31_piwigo.xml)**
mandatory
**Type:** [`string`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | OAuth2 logo.
**Default:** silique_image.png | + + + +## Requirements services + +- **LocalDNS** +- Journald +- **MariaDB** +- **SMTP** +- **LDAP** +- **ReverseProxy** +- **Redis** +- **OAuth2** + +**bold**: provider is mandatory + +## Example Zone names are provided as examples. Think about adapting with the value of provider_zone in configuration file. -With minimum providers: - ``` piwigo: applicationservice: piwigo @@ -28,22 +163,14 @@ piwigo: - smtp - redis - oauth2 -``` - -With all providers: - -``` -piwigo: - applicationservice: piwigo - zones_name: - - journald - - ldap - - localdns - - mariadb - - reverseproxy - - smtp - - redis - - oauth2 + values: + general.revprox.revprox_client.revprox_client_external_domainnames: + - service.example.net + general.piwigo.piwigo_admin_email: admin@example.net + general.piwigo.users.piwigo_users: + - jdoe + general.piwigo.users.piwigo_email: + '0': johndoe@example.net ``` ## Dependances @@ -69,38 +196,4 @@ piwigo: - [php-fpm](../php-fpm/README.md) - [php](../php/README.md) -## Variables - -### Général (*general*) - -#### Piwigo (*general.piwigo*) - -| Description | Type | Values | -|------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------|----------------------| -| **Adresse courriel de l'administrateur Piwigo** (*[piwigo_admin_email](dictionaries/31_piwigo.xml)*) | [mail](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | | -| **Titre de l'album** (*[piwigo_title](dictionaries/31_piwigo.xml)*) | [string](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Album photographique | - -##### Piwigo users (*general.piwigo.users*) - -This a family is a leadership. - -| Description | Type | -|-----------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------| -| **Utilisateur ayant un album** (*[piwigo_users](dictionaries/31_piwigo.xml)*) [+] | [unix_user](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | -| **Adresse courriel** (*[piwigo_email](dictionaries/31_piwigo.xml)*) | [mail](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | - -#### oauth2_client (*general.oauth2_client*) - -| Description | Values | -|------------------------------------------------------------------|-----------------------------| -| *[**oauth2_is_client_application**](dictionaries/31_piwigo.xml)* | True | -| *[**oauth2_client_name**](dictionaries/31_piwigo.xml)* | Album | -| *[**oauth2_client_description**](dictionaries/31_piwigo.xml)* | Album photographique Piwigo | -| *[**oauth2_client_category**](dictionaries/31_piwigo.xml)* | Diffusion | -| *[**oauth2_client_logo**](dictionaries/31_piwigo.xml)* | silique_image.png | - - -- [+]: variable is multiple -- **bold**: variable is mandatory - [All applications services for this dataset.](../README.md) diff --git a/seed/piwigo/dictionaries/31_piwigo.xml b/seed/piwigo/dictionaries/31_piwigo.xml index af8a7ae9..a8758b56 100644 --- a/seed/piwigo/dictionaries/31_piwigo.xml +++ b/seed/piwigo/dictionaries/31_piwigo.xml @@ -12,15 +12,15 @@ - + diff --git a/seed/pki-tls/README.md b/seed/pki-tls/README.md index 0f28df42..291e3777 100644 --- a/seed/pki-tls/README.md +++ b/seed/pki-tls/README.md @@ -5,7 +5,7 @@ include_toc: true # pki-tls -## Description +## Synopsis Autosign PKI or Let's encrypt support for TLS certificates. diff --git a/seed/pki-tls/templates/0certificate.conf b/seed/pki-tls/templates/0certificate.conf index 09867449..964e1ccd 100644 --- a/seed/pki-tls/templates/0certificate.conf +++ b/seed/pki-tls/templates/0certificate.conf @@ -33,7 +33,7 @@ C {{ tls_key_directory }}/{{ cert }}.pem {{ mode }} {{ owner }} {{ group }} - /u {% endfor %} {% endif %} {% endif %} -{% if certificate['authority'] not in cas and ('provider' not in certificate or certificate['provider'] == 'autosigne') %} +{% if certificate['authority'] not in cas and ('provider' not in certificate or certificate['provider'] == 'self-signed') %} {{ cas.append(certificate['authority']) }} C {{ tls_ca_directory }}/{{ certificate['authority'] }}.crt 444 root root - /usr/local/lib{{ tls_ca_directory }}/{{ certificate['authority'] }}.crt {% endif %} diff --git a/seed/postfix-lmtp-relay/README.md b/seed/postfix-lmtp-relay/README.md index f1d23bfe..69da7aef 100644 --- a/seed/postfix-lmtp-relay/README.md +++ b/seed/postfix-lmtp-relay/README.md @@ -5,23 +5,11 @@ include_toc: true # postfix-lmtp-relay -## Description +## Synopsis Postfix, the mail server, as LMTP relay. -[For more informations](http://www.postfix.org/) - -## Variables - -### Lmtp (*lmtp*) - -| Description | Type | Provider | -|-------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------|------------| -| LMTP remote server (*[server_lmtp](extras/lmtp/00_lmtp.xml)*) [+] | [domainname](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | LMTP | - - -- [+]: variable is multiple -- **bold**: variable is mandatory +[More informations about this software.](http://www.postfix.org/) ## Used by diff --git a/seed/postfix-relay/README.md b/seed/postfix-relay/README.md index 91ac4a58..57a7601b 100644 --- a/seed/postfix-relay/README.md +++ b/seed/postfix-relay/README.md @@ -5,18 +5,36 @@ include_toc: true # postfix-relay -## Description +## Synopsis Postfix, the mail server, as relay. -[For more informations](http://www.postfix.org/) +[More informations about this software.](http://www.postfix.org/) -## Examples + +## Variables + +### Général + +#### Postfix mail server + +| Parameter | Comments | +|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------| +| **[general.postfix.postfix_mail_hostname](dictionaries/30_postfix.xml)**
**Type:** [`domainname`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Nom de domaine extérieur du serveur de courriel.
Cette variable est obligatoire pour recevoir des courriels depuis l'extérieur. | +| **[general.postfix.postfix_crt_provider](dictionaries/30_postfix.xml)**
mandatory
**Type:** [`choice`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Autorité de certification signant le certificat du domaine extérieur.
**Choices:**
- `self-signed` ← (default)
- `letsencrypt` | + + +## Requirements services + +- **ExternalDNS** +- Journald + +**bold**: provider is mandatory + +## Example Zone names are provided as examples. Think about adapting with the value of provider_zone in configuration file. -With minimum providers: - ``` postfix-relay: applicationservice: postfix-relay @@ -25,18 +43,6 @@ postfix-relay: - localdns ``` -With all providers: - -``` -postfix-relay: - applicationservice: postfix-relay - provider_zone: smtp - zones_name: - - journald - - externaldns - - localdns -``` - ## Dependances - [base-fedora-35](../base-fedora-35/README.md) @@ -51,37 +57,6 @@ postfix-relay: - [dns-external](../dns-external/README.md) - [postfix-lmtp-relay](../postfix-lmtp-relay/README.md) -## Variables - -### Général (*general*) - -#### network (*general.network*) - -| Description | Values | -|-----------------------------------------------------|--------------| -| *[**outgoing_ports**](dictionaries/30_postfix.xml)* | 25 | -| *[incoming_ports](dictionaries/30_postfix.xml)* | | - -#### Postfix mail server (*general.postfix*) - -| Description | Help | Type | Values | Choices | Provider | -|----------------------------------------------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------|-----------|----------------------------|------------| -| Nom de domaine extérieur du serveur de courriel (*[postfix_mail_hostname](dictionaries/30_postfix.xml)*) | Cette variable est obligatoire pour recevoir des courriels depuis l'extérieur | [domainname](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | | | | -| **Autorité de certification signant le certificat du domaine extérieur** (*[postfix_crt_provider](dictionaries/30_postfix.xml)*) | | [choice](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | autosigne | autosigne
letsencrypt | | -| Authentification sur le relai SMTP (*[postfix_relay_authentifications](dictionaries/30_postfix.xml)*) [+] | | [string](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | | | SMTP | - -##### Local server authentification (*general.postfix.local_authentification_*) - -This a dynamic family generated from the variable "general.postfix.postfix_relay_authentifications". - -| Description | Type | Provider | -|-------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------|---------------| -| *[local_authentification_password_](dictionaries/30_postfix.xml)* | [secret](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | SMTP:password | - - -- [+]: variable is multiple -- **bold**: variable is mandatory - ## Supplier [relay-mail-client](../relay-mail-client/README.md) diff --git a/seed/postfix-relay/dictionaries/30_postfix.xml b/seed/postfix-relay/dictionaries/30_postfix.xml index cdf05b2e..e6367151 100644 --- a/seed/postfix-relay/dictionaries/30_postfix.xml +++ b/seed/postfix-relay/dictionaries/30_postfix.xml @@ -39,8 +39,8 @@ - autosigne - autosigne + self-signed + self-signed letsencrypt - + - + diff --git a/seed/vaultwarden/README.md b/seed/vaultwarden/README.md index 1a592c4d..e3215f4f 100644 --- a/seed/vaultwarden/README.md +++ b/seed/vaultwarden/README.md @@ -5,18 +5,63 @@ include_toc: true # vaultwarden -## Description +## Synopsis Vaultwarden, a password manager. -[For more informations](https://github.com/dani-garcia/vaultwarden) +[More informations about this software.](https://github.com/dani-garcia/vaultwarden) -## Examples +## Basic variables + +### Général + +#### Vaultwarden + +| Parameter | Comments | +|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------| +| **[general.vaultwarden.vaultwarden_domainname](dictionaries/40_vaultwarden.xml)**
mandatory
**Type:** [`domainname`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Nom de domaine d'accès à Vaultwarden.
**Example:** vault.example.net | +| **[general.vaultwarden.vaultwarden_admin_email](dictionaries/40_vaultwarden.xml)**
mandatory
**Type:** [`mail`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Adresse courriel de l'utilisateur Risotto.
**Example:** admin@example.net | + +## Variables + +### Général + +#### Vaultwarden + +| Parameter | Comments | +|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------| +| **[general.vaultwarden.password_admin_username](dictionaries/40_vaultwarden.xml)**
mandatory
**Type:** [`string`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Nom de l'utilisateur Risotto de Vaultwarden.
**Default:** risotto | +| **[general.vaultwarden.vaultwarden_length](dictionaries/40_vaultwarden.xml)**
mandatory
**Type:** [`number`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Taille par défaut du mot de passe.
**Default:** 20 | +| **[general.vaultwarden.vaultwarden_org_name](dictionaries/40_vaultwarden.xml)**
mandatory
**Type:** [`string`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Nom de l'organisation lors de l'envoi des invitations.
**Default:** Vaultwarden | + +## Variables for expert + +### Général + +#### PostgreSQL + +| Parameter | Comments | +|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------| +| **[general.postgresql.pg_client_username](dictionaries/23_postgresql.xml)**
mandatory
**Type:** [`string`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Client username.
**Default:** *calculated* | +| **[general.postgresql.pg_client_password](dictionaries/23_postgresql.xml)**
mandatory
**Type:** [`password`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Client password.
**Default:** *calculated* | +| **[general.postgresql.pg_client_database](dictionaries/23_postgresql.xml)**
mandatory
**Type:** [`string`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Client database.
**Default:** *calculated* | + + + +## Requirements services + +- **LocalDNS** +- Journald +- **SMTP** +- **ReverseProxy** +- **Postgresql** + +**bold**: provider is mandatory + +## Example Zone names are provided as examples. Think about adapting with the value of provider_zone in configuration file. -With minimum providers: - ``` vaultwarden: applicationservice: vaultwarden @@ -25,19 +70,9 @@ vaultwarden: - reverseproxy - smtp - postgresql -``` - -With all providers: - -``` -vaultwarden: - applicationservice: vaultwarden - zones_name: - - journald - - localdns - - reverseproxy - - smtp - - postgresql + values: + general.vaultwarden.vaultwarden_domainname: vault.example.net + general.vaultwarden.vaultwarden_admin_email: admin@example.net ``` ## Dependances @@ -55,34 +90,4 @@ vaultwarden: - [relay-mail-client](../relay-mail-client/README.md) - [reverse-proxy-client](../reverse-proxy-client/README.md) -## Variables - -### Général (*general*) - -#### revprox (*general.revprox*) - -| Description | Values | -|--------------------------------------------------------------------|-------------| -| *[**revprox_client_cert_owner**](dictionaries/40_vaultwarden.xml)* | vaultwarden | - -#### Vaultwarden (*general.vaultwarden*) - -| Description | Type | Values | -|-----------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------|-------------| -| **Nom de domaine d'accès à Vaultwarden** (*[vaultwarden_domainname](dictionaries/40_vaultwarden.xml)*) | [domainname](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | | -| **Nom de l'utilisateur Risotto de Vaultwarden** (*[password_admin_username](dictionaries/40_vaultwarden.xml)*) | [string](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | risotto | -| **Adresse courriel de l'utilisateur Risotto** (*[vaultwarden_admin_email](dictionaries/40_vaultwarden.xml)*) | [mail](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | | -| **Taille par défaut du mot de passe** (*[vaultwarden_length](dictionaries/40_vaultwarden.xml)*) | [number](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | 20 | -| **Nom de l'organisation lors de l'envoi des invitations** (*[vaultwarden_org_name](dictionaries/40_vaultwarden.xml)*) | [string](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Vaultwarden | - -#### PostgreSQL (*general.postgresql*) - -| Description | Values | -|--------------------------------------------------------------|-------------| -| *[**pg_client_key_owner**](dictionaries/40_vaultwarden.xml)* | vaultwarden | - - -- [+]: variable is multiple -- **bold**: variable is mandatory - [All applications services for this dataset.](../README.md) diff --git a/seed/vaultwarden/dictionaries/40_vaultwarden.xml b/seed/vaultwarden/dictionaries/40_vaultwarden.xml index 811502da..7daa77c1 100644 --- a/seed/vaultwarden/dictionaries/40_vaultwarden.xml +++ b/seed/vaultwarden/dictionaries/40_vaultwarden.xml @@ -18,11 +18,11 @@ - + risotto - + - + - autosigne - autosigne + self-signed + self-signed letsencrypt - - - + + + - - + + - +