Merge pull request #47 from AdrienPoupa/ft/tandoor
feat(tandoor): Add Tandoor
This commit is contained in:
commit
527a2ff27e
@ -1,5 +1,5 @@
|
||||
COMPOSE_PROFILES=
|
||||
COMPOSE_FILE=docker-compose.yml:adguardhome/docker-compose.yml:flaresolverr/docker-compose.yml:sabnzbd/docker-compose.yml
|
||||
COMPOSE_FILE=docker-compose.yml:adguardhome/docker-compose.yml:flaresolverr/docker-compose.yml:sabnzbd/docker-compose.yml:tandoor/docker-compose.yml
|
||||
USER_ID=1000
|
||||
GROUP_ID=1000
|
||||
TIMEZONE="America/New_York"
|
||||
|
50
README.md
50
README.md
@ -36,6 +36,7 @@ I am running it in Ubuntu Server 22.04; I also tested this setup on a [Synology
|
||||
* [Encryption](#encryption)
|
||||
* [DHCP](#dhcp)
|
||||
* [Expose DNS Server with Tailscale](#expose-dns-server-with-tailscale)
|
||||
* [Tandoor](#tandoor)
|
||||
* [Customization](#customization)
|
||||
* [Optional: Using the VPN for *arr apps](#optional-using-the-vpn-for-arr-apps)
|
||||
* [Synology Quirks](#synology-quirks)
|
||||
@ -52,28 +53,27 @@ I am running it in Ubuntu Server 22.04; I also tested this setup on a [Synology
|
||||
|
||||
## Applications
|
||||
|
||||
| **Application** | **Description** | **Image** | **URL** |
|
||||
|----------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------|--------------|
|
||||
| [Sonarr](https://sonarr.tv) | PVR for newsgroup and bittorrent users | [linuxserver/sonarr](https://hub.docker.com/r/linuxserver/sonarr) | /sonarr |
|
||||
| [Radarr](https://radarr.video) | Movie collection manager for Usenet and BitTorrent users | [linuxserver/radarr](https://hub.docker.com/r/linuxserver/radarr) | /radarr |
|
||||
| [Lidarr](https://lidarr.audio) | Music collection manager for Usenet and BitTorrent users | [linuxserver/lidarr](https://hub.docker.com/r/linuxserver/lidarr) | /lidarr |
|
||||
| [Prowlarr](https://github.com/Prowlarr/Prowlarr) | Indexer aggregator for Sonarr and Radarr | [linuxserver/prowlarr:latest](https://hub.docker.com/r/linuxserver/prowlarr) | /prowlarr |
|
||||
| [PIA WireGuard VPN](https://github.com/thrnz/docker-wireguard-pia) | Encapsulate qBittorrent traffic in [PIA](https://www.privateinternetaccess.com/) using [WireGuard](https://www.wireguard.com/) with port forwarding. | [thrnz/docker-wireguard-pia](https://hub.docker.com/r/thrnz/docker-wireguard-pia) | |
|
||||
| [qBittorrent](https://www.qbittorrent.org) | Bittorrent client with a complete web UI<br/>Uses VPN network<br/>Using Libtorrent 1.x | [linuxserver/qbittorrent:libtorrentv1](https://hub.docker.com/r/linuxserver/qbittorrent) | /qbittorrent |
|
||||
| [Unpackerr](https://unpackerr.zip) | Automated Archive Extractions | [golift/unpackerr](https://hub.docker.com/r/golift/unpackerr) | |
|
||||
| [Jellyfin](https://jellyfin.org) | Media server designed to organize, manage, and share digital media files to networked devices | [linuxserver/jellyfin](https://hub.docker.com/r/linuxserver/jellyfin) | /jellyfin |
|
||||
| [Jellyseer](https://jellyfin.org) | Manages requests for your media library | [fallenbagel/jellyseerr](https://hub.docker.com/r/fallenbagel/jellyseerr) | /jellyseer |
|
||||
| [Homepage](https://gethomepage.dev) | Application dashboard | [gethomepage/homepage](https://github.com/gethomepage/homepage/pkgs/container/homepage) | / |
|
||||
| [Traefik](https://traefik.io) | Reverse proxy | [traefik](https://hub.docker.com/_/traefik) | |
|
||||
| [Watchtower](https://containrrr.dev/watchtower/) | Automated Docker images update | [containrrr/watchtower](https://hub.docker.com/r/containrrr/watchtower) | |
|
||||
| [Autoheal](https://github.com/willfarrell/docker-autoheal/) | Monitor and restart unhealthy Docker containers | [willfarrell/autoheal](https://hub.docker.com/r/willfarrell/autoheal) | |
|
||||
| [SABnzbd](https://sabnzbd.org/) | Optional - Free and easy binary newsreader<br/>Enable with `COMPOSE_PROFILES=sabnzbd` | [linuxserver/sabnzbd](https://hub.docker.com/r/linuxserver/sabnzbd) | /sabnzbd |
|
||||
| [FlareSolverr](https://github.com/FlareSolverr/FlareSolverr) | Optional - Proxy server to bypass Cloudflare protection in Prowlarr<br/>Enable with `COMPOSE_PROFILES=flaresolverr` | [flaresolverr/flaresolverr](https://hub.docker.com/r/flaresolverr/flaresolverr) | |
|
||||
| [AdGuard Home](https://adguard.com/en/adguard-home/overview.html) | Optional - Network-wide software for blocking ads & tracking<br/>Enable with `COMPOSE_PROFILES=adguardhome` | [adguard/adguardhome](https://hub.docker.com/r/adguard/adguardhome) | |
|
||||
| [DHCP Relay](https://github.com/modem7/DHCP-Relay) | Optional - Docker DHCP Relay | [modem7/dhcprelay](https://hub.docker.com/r/modem7/dhcprelay) | |
|
||||
| [Traefik Certs Dumper](https://github.com/ldez/traefik-certs-dumper) | Optional - Dump ACME data from Traefik to certificates | [ldez/traefik-certs-dumper](https://hub.docker.com/r/ldez/traefik-certs-dumper) | |
|
||||
|
||||
Optional containers are not run by default, they need to be enabled,
|
||||
| **Application** | **Description** | **Image** | **URL** |
|
||||
|--------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------|--------------|
|
||||
| [Sonarr](https://sonarr.tv) | PVR for newsgroup and bittorrent users | [linuxserver/sonarr](https://hub.docker.com/r/linuxserver/sonarr) | /sonarr |
|
||||
| [Radarr](https://radarr.video) | Movie collection manager for Usenet and BitTorrent users | [linuxserver/radarr](https://hub.docker.com/r/linuxserver/radarr) | /radarr |
|
||||
| [Prowlarr](https://github.com/Prowlarr/Prowlarr) | Indexer aggregator for Sonarr and Radarr | [linuxserver/prowlarr:latest](https://hub.docker.com/r/linuxserver/prowlarr) | /prowlarr |
|
||||
| [PIA WireGuard VPN](https://github.com/thrnz/docker-wireguard-pia) | Encapsulate qBittorrent traffic in [PIA](https://www.privateinternetaccess.com/) using [WireGuard](https://www.wireguard.com/) with port forwarding. | [thrnz/docker-wireguard-pia](https://hub.docker.com/r/thrnz/docker-wireguard-pia) | |
|
||||
| [qBittorrent](https://www.qbittorrent.org) | Bittorrent client with a complete web UI<br/>Uses VPN network<br/>Using Libtorrent 1.x | [linuxserver/qbittorrent:libtorrentv1](https://hub.docker.com/r/linuxserver/qbittorrent) | /qbittorrent |
|
||||
| [Unpackerr](https://unpackerr.zip) | Automated Archive Extractions | [golift/unpackerr](https://hub.docker.com/r/golift/unpackerr) | |
|
||||
| [Jellyfin](https://jellyfin.org) | Media server designed to organize, manage, and share digital media files to networked devices | [linuxserver/jellyfin](https://hub.docker.com/r/linuxserver/jellyfin) | /jellyfin |
|
||||
| [Jellyseer](https://jellyfin.org) | Manages requests for your media library | [fallenbagel/jellyseerr](https://hub.docker.com/r/fallenbagel/jellyseerr) | /jellyseer |
|
||||
| [Homepage](https://gethomepage.dev) | Application dashboard | [gethomepage/homepage](https://github.com/gethomepage/homepage/pkgs/container/homepage) | / |
|
||||
| [Traefik](https://traefik.io) | Reverse proxy | [traefik](https://hub.docker.com/_/traefik) | |
|
||||
| [Watchtower](https://containrrr.dev/watchtower/) | Automated Docker images update | [containrrr/watchtower](https://hub.docker.com/r/containrrr/watchtower) | |
|
||||
| [Autoheal](https://github.com/willfarrell/docker-autoheal/) | Monitor and restart unhealthy Docker containers | [willfarrell/autoheal](https://hub.docker.com/r/willfarrell/autoheal) | |
|
||||
| [Lidarr](https://lidarr.audio) | Optional - Music collection manager for Usenet and BitTorrent users<br/>Enable with `COMPOSE_PROFILES=lidarr` | [linuxserver/lidarr](https://hub.docker.com/r/linuxserver/lidarr) | /lidarr |
|
||||
| [SABnzbd](https://sabnzbd.org/) | Optional - Free and easy binary newsreader<br/>Enable with `COMPOSE_PROFILES=sabnzbd` | [linuxserver/sabnzbd](https://hub.docker.com/r/linuxserver/sabnzbd) | /sabnzbd |
|
||||
| [FlareSolverr](https://github.com/FlareSolverr/FlareSolverr) | Optional - Proxy server to bypass Cloudflare protection in Prowlarr<br/>Enable with `COMPOSE_PROFILES=flaresolverr` | [flaresolverr/flaresolverr](https://hub.docker.com/r/flaresolverr/flaresolverr) | |
|
||||
| [AdGuard Home](https://adguard.com/en/adguard-home/overview.html) | Optional - Network-wide software for blocking ads & tracking<br/>Enable with `COMPOSE_PROFILES=adguardhome` | [adguard/adguardhome](https://hub.docker.com/r/adguard/adguardhome) | |
|
||||
| [Tandoor](https://tandoor.dev) | Optional - Smart recipe management<br/>Enable with `COMPOSE_PROFILES=tandoor` | [vabene1111/recipes](https://hub.docker.com/r/vabene1111/recipes) | /recipes |
|
||||
[README.md](README.md)
|
||||
Optional containers are not enabled by default, they need to be enabled,
|
||||
see [Optional Services](#optional-services) for more information.
|
||||
|
||||
## Quick Start
|
||||
@ -183,7 +183,7 @@ place in the VPN container, the hostname for qBittorrent is the hostname of the
|
||||
The indexers are configured through Prowlarr. They synchronize automatically to Radarr and Sonarr.
|
||||
|
||||
Radarr and Sonarr may then be added via Settings > Apps. The Prowlarr server is `http://prowlarr:9696/prowlarr`, the Radarr server
|
||||
is `http://radarr:7878/radarr` Sonarr `http://sonarr:8989/sonarr`, and Lidarr `http://lidarr:8686/lidarr`:
|
||||
is `http://radarr:7878/radarr` Sonarr `http://sonarr:8989/sonarr`, and Lidarr `http://lidarr:8686/lidarr`.
|
||||
|
||||
Their API keys can be found in Settings > Security > API Key.
|
||||
|
||||
@ -365,6 +365,10 @@ dhcp:
|
||||
Based on [Tailscale's documentation](https://tailscale.com/kb/1114/pi-hole), it is easy to use your AdGuard server everywhere.
|
||||
Just make sure that AdGuard Home listens to all interfaces.
|
||||
|
||||
### Tandoor
|
||||
|
||||
See [here](./tandoor/README.md).
|
||||
|
||||
## Customization
|
||||
|
||||
You can override the configuration of a service or add new services by creating a new `docker-compose.override.yml` file,
|
||||
|
@ -1,4 +1,5 @@
|
||||
version: "3.9"
|
||||
version: '3.9'
|
||||
|
||||
services:
|
||||
traefik:
|
||||
image: traefik:v2.10
|
||||
@ -128,6 +129,8 @@ services:
|
||||
- homepage.widget.type=lidarr
|
||||
- homepage.widget.url=http://lidarr:8686/lidarr
|
||||
- homepage.widget.key=${LIDARR_API_KEY}
|
||||
profiles:
|
||||
- lidarr
|
||||
jellyseerr:
|
||||
image: fallenbagel/jellyseerr:latest
|
||||
container_name: jellyseerr
|
||||
@ -316,8 +319,6 @@ services:
|
||||
- UN_SONARR_0_API_KEY=${SONARR_API_KEY}
|
||||
- UN_RADARR_0_URL=http://radarr:7878/radarr
|
||||
- UN_RADARR_0_API_KEY=${RADARR_API_KEY}
|
||||
- UN_LIDARR_0_URL=http://lidarr:8686/lidarr
|
||||
- UN_LIDARR_0_API_KEY=${LIDARR_API_KEY}
|
||||
security_opt:
|
||||
- no-new-privileges:true
|
||||
jellyfin:
|
||||
|
191
tandoor/.env.example
Normal file
191
tandoor/.env.example
Normal file
@ -0,0 +1,191 @@
|
||||
# only set this to true when testing/debugging
|
||||
# when unset: 1 (true) - dont unset this, just for development
|
||||
DEBUG=0
|
||||
SQL_DEBUG=0
|
||||
DEBUG_TOOLBAR=0
|
||||
# Gunicorn log level for debugging (default value is "info" when unset)
|
||||
# (see https://docs.gunicorn.org/en/stable/settings.html#loglevel for available settings)
|
||||
# GUNICORN_LOG_LEVEL="debug"
|
||||
|
||||
# HTTP port to bind to
|
||||
# TANDOOR_PORT=8080
|
||||
|
||||
# hosts the application can run under e.g. recipes.mydomain.com,cooking.mydomain.com,...
|
||||
ALLOWED_HOSTS=*
|
||||
|
||||
# Cross Site Request Forgery protection
|
||||
# (https://docs.djangoproject.com/en/4.2/ref/settings/#std-setting-CSRF_TRUSTED_ORIGINS)
|
||||
# CSRF_TRUSTED_ORIGINS = []
|
||||
|
||||
# Cross Origin Resource Sharing
|
||||
# (https://github.com/adamchainz/django-cors-header)
|
||||
# CORS_ALLOW_ALL_ORIGINS = True
|
||||
|
||||
# random secret key, use for example `base64 /dev/urandom | head -c50` to generate one
|
||||
# ---------------------------- AT LEAST ONE REQUIRED -------------------------
|
||||
SECRET_KEY=
|
||||
SECRET_KEY_FILE=
|
||||
# ---------------------------------------------------------------
|
||||
|
||||
# your default timezone See https://timezonedb.com/time-zones for a list of timezones
|
||||
TZ=America/New_York
|
||||
|
||||
# add only a database password if you want to run with the default postgres, otherwise change settings accordingly
|
||||
DB_ENGINE=django.db.backends.sqlite3
|
||||
# DB_OPTIONS= {} # e.g. {"sslmode":"require"} to enable ssl
|
||||
#POSTGRES_HOST=db_recipes
|
||||
#POSTGRES_PORT=5432
|
||||
#POSTGRES_USER=djangouser
|
||||
# ---------------------------- AT LEAST ONE REQUIRED -------------------------
|
||||
#POSTGRES_PASSWORD=
|
||||
#POSTGRES_PASSWORD_FILE=
|
||||
# ---------------------------------------------------------------
|
||||
POSTGRES_DB=/opt/recipes/database/recipes.db
|
||||
|
||||
# database connection string, when used overrides other database settings.
|
||||
# format might vary depending on backend
|
||||
# DATABASE_URL = engine://username:password@host:port/dbname
|
||||
|
||||
# the default value for the user preference 'fractions' (enable/disable fraction support)
|
||||
# default: disabled=0
|
||||
FRACTION_PREF_DEFAULT=0
|
||||
|
||||
# the default value for the user preference 'comments' (enable/disable commenting system)
|
||||
# default comments enabled=1
|
||||
COMMENT_PREF_DEFAULT=1
|
||||
|
||||
# Users can set a amount of time after which the shopping list is refreshed when they are in viewing mode
|
||||
# This is the minimum interval users can set. Setting this to low will allow users to refresh very frequently which
|
||||
# might cause high load on the server. (Technically they can obviously refresh as often as they want with their own scripts)
|
||||
SHOPPING_MIN_AUTOSYNC_INTERVAL=5
|
||||
|
||||
# Default for user setting sticky navbar
|
||||
# STICKY_NAV_PREF_DEFAULT=1
|
||||
|
||||
# If base URL is something other than just / (you are serving a subfolder in your proxy for instance http://recipe_app/recipes/)
|
||||
# Be sure to not have a trailing slash: e.g. '/recipes' instead of '/recipes/'
|
||||
SCRIPT_NAME=/recipes
|
||||
|
||||
# If staticfiles are stored at a different location uncomment and change accordingly, MUST END IN /
|
||||
# this is not required if you are just using a subfolder
|
||||
# This can either be a relative path from the applications base path or the url of an external host
|
||||
STATIC_URL=/recipes/static/
|
||||
|
||||
# If mediafiles are stored at a different location uncomment and change accordingly, MUST END IN /
|
||||
# this is not required if you are just using a subfolder
|
||||
# This can either be a relative path from the applications base path or the url of an external host
|
||||
MEDIA_URL=/recipes/media/
|
||||
|
||||
# Serve mediafiles directly using gunicorn. Basically everyone recommends not doing this. Please use any of the examples
|
||||
# provided that include an additional nxginx container to handle media file serving.
|
||||
# If you know what you are doing turn this back on (1) to serve media files using djangos serve() method.
|
||||
# when unset: 1 (true) - this is temporary until an appropriate amount of time has passed for everyone to migrate
|
||||
GUNICORN_MEDIA=0
|
||||
|
||||
# GUNICORN SERVER RELATED SETTINGS (see https://docs.gunicorn.org/en/stable/design.html#how-many-workers for recommended settings)
|
||||
# GUNICORN_WORKERS=1
|
||||
# GUNICORN_THREADS=1
|
||||
|
||||
# S3 Media settings: store mediafiles in s3 or any compatible storage backend (e.g. minio)
|
||||
# as long as S3_ACCESS_KEY is not set S3 features are disabled
|
||||
# S3_ACCESS_KEY=
|
||||
# S3_SECRET_ACCESS_KEY=
|
||||
# S3_BUCKET_NAME=
|
||||
# S3_REGION_NAME= # default none, set your region might be required
|
||||
# S3_QUERYSTRING_AUTH=1 # default true, set to 0 to serve media from a public bucket without signed urls
|
||||
# S3_QUERYSTRING_EXPIRE=3600 # number of seconds querystring are valid for
|
||||
# S3_ENDPOINT_URL= # when using a custom endpoint like minio
|
||||
# S3_CUSTOM_DOMAIN= # when using a CDN/proxy to S3 (see https://github.com/TandoorRecipes/recipes/issues/1943)
|
||||
|
||||
# Email Settings, see https://docs.djangoproject.com/en/3.2/ref/settings/#email-host
|
||||
# Required for email confirmation and password reset (automatically activates if host is set)
|
||||
# EMAIL_HOST=
|
||||
# EMAIL_PORT=
|
||||
# EMAIL_HOST_USER=
|
||||
# EMAIL_HOST_PASSWORD=
|
||||
# EMAIL_USE_TLS=0
|
||||
# EMAIL_USE_SSL=0
|
||||
# email sender address (default 'webmaster@localhost')
|
||||
# DEFAULT_FROM_EMAIL=
|
||||
# prefix used for account related emails (default "[Tandoor Recipes] ")
|
||||
# ACCOUNT_EMAIL_SUBJECT_PREFIX=
|
||||
|
||||
# allow authentication via the REMOTE-USER header (can be used for e.g. authelia).
|
||||
# ATTENTION: Leave off if you don't know what you are doing! Enabling this without proper configuration will enable anybody
|
||||
# to login with any username!
|
||||
# See docs for additional information: https://docs.tandoor.dev/features/authentication/#reverse-proxy-authentication
|
||||
# when unset: 0 (false)
|
||||
REMOTE_USER_AUTH=0
|
||||
|
||||
# Default settings for spaces, apply per space and can be changed in the admin view
|
||||
# SPACE_DEFAULT_MAX_RECIPES=0 # 0=unlimited recipes
|
||||
# SPACE_DEFAULT_MAX_USERS=0 # 0=unlimited users per space
|
||||
# SPACE_DEFAULT_MAX_FILES=0 # Maximum file storage for space in MB. 0 for unlimited, -1 to disable file upload.
|
||||
# SPACE_DEFAULT_ALLOW_SHARING=1 # Allow users to share recipes with public links
|
||||
|
||||
# allow people to create local accounts on your application instance (without an invite link)
|
||||
# social accounts will always be able to sign up
|
||||
# when unset: 0 (false)
|
||||
# ENABLE_SIGNUP=0
|
||||
|
||||
# If signup is enabled you might want to add a captcha to it to prevent spam
|
||||
# HCAPTCHA_SITEKEY=
|
||||
# HCAPTCHA_SECRET=
|
||||
|
||||
# if signup is enabled you might want to provide urls to data protection policies or terms and conditions
|
||||
# TERMS_URL=
|
||||
# PRIVACY_URL=
|
||||
# IMPRINT_URL=
|
||||
|
||||
# enable serving of prometheus metrics under the /metrics path
|
||||
# ATTENTION: view is not secured (as per the prometheus default way) so make sure to secure it
|
||||
# trough your web server (or leave it open of you dont care if the stats are exposed)
|
||||
# ENABLE_METRICS=0
|
||||
|
||||
# allows you to setup OAuth providers
|
||||
# see docs for more information https://docs.tandoor.dev/features/authentication/
|
||||
# SOCIAL_PROVIDERS = allauth.socialaccount.providers.github, allauth.socialaccount.providers.nextcloud,
|
||||
|
||||
# Should a newly created user from a social provider get assigned to the default space and given permission by default ?
|
||||
# ATTENTION: This feature might be deprecated in favor of a space join and public viewing system in the future
|
||||
# default 0 (false), when 1 (true) users will be assigned space and group
|
||||
# SOCIAL_DEFAULT_ACCESS = 1
|
||||
|
||||
# if SOCIAL_DEFAULT_ACCESS is used, which group should be added
|
||||
# SOCIAL_DEFAULT_GROUP=guest
|
||||
|
||||
# Django session cookie settings. Can be changed to allow a single django application to authenticate several applications
|
||||
# when running under the same database
|
||||
# SESSION_COOKIE_DOMAIN=.example.com
|
||||
# SESSION_COOKIE_NAME=sessionid # use this only to not interfere with non unified django applications under the same top level domain
|
||||
|
||||
# by default SORT_TREE_BY_NAME is disabled this will store all Keywords and Food in the order they are created
|
||||
# enabling this setting makes saving new keywords and foods very slow, which doesn't matter in most usecases.
|
||||
# however, when doing large imports of recipes that will create new objects, can increase total run time by 10-15x
|
||||
# Keywords and Food can be manually sorted by name in Admin
|
||||
# This value can also be temporarily changed in Admin, it will revert the next time the application is started
|
||||
# This will be fixed/changed in the future by changing the implementation or finding a better workaround for sorting
|
||||
# SORT_TREE_BY_NAME=0
|
||||
# LDAP authentication
|
||||
# default 0 (false), when 1 (true) list of allowed users will be fetched from LDAP server
|
||||
#LDAP_AUTH=
|
||||
#AUTH_LDAP_SERVER_URI=
|
||||
#AUTH_LDAP_BIND_DN=
|
||||
#AUTH_LDAP_BIND_PASSWORD=
|
||||
#AUTH_LDAP_USER_SEARCH_BASE_DN=
|
||||
#AUTH_LDAP_TLS_CACERTFILE=
|
||||
#AUTH_LDAP_START_TLS=
|
||||
|
||||
# Enables exporting PDF (see export docs)
|
||||
# Disabled by default, uncomment to enable
|
||||
# ENABLE_PDF_EXPORT=1
|
||||
|
||||
# Recipe exports are cached for a certain time by default, adjust time if needed
|
||||
# EXPORT_FILE_CACHE_DURATION=600
|
||||
|
||||
# if you want to do many requests to the FDC API you need to get a (free) API key. Demo key is limited to 30 requests / hour or 50 requests / day
|
||||
#FDC_API_KEY=DEMO_KEY
|
||||
|
||||
# API throttle limits
|
||||
# you may use X per second, minute, hour or day
|
||||
# DRF_THROTTLE_RECIPE_URL_IMPORT=60/hour
|
8
tandoor/.gitignore
vendored
Normal file
8
tandoor/.gitignore
vendored
Normal file
@ -0,0 +1,8 @@
|
||||
.env
|
||||
backup.env
|
||||
/backup
|
||||
!/backup/.gitkeep
|
||||
/database
|
||||
!/database/.gitkeep
|
||||
/mediafiles
|
||||
!/mediafiles/.gitkeep
|
39
tandoor/README.md
Normal file
39
tandoor/README.md
Normal file
@ -0,0 +1,39 @@
|
||||
# Tandoor
|
||||
|
||||
Tandoor is a recipe manager that allows you to manage your ever growing collection of digital recipes.
|
||||
|
||||
## Installation
|
||||
|
||||
Enable Tandoor by setting `COMPOSE_PROFILES=tandoor`. It will be accessible at `/recipes`.
|
||||
|
||||
Copy the example environment file and edit as needed before running Tandoor: `cp tandoor/env.example tandoor/.env`.
|
||||
|
||||
## Backup
|
||||
|
||||
Tandoor's database and media files can be backed up in the cloud storage product of your choice with [Rclone](https://rclone.org/).
|
||||
|
||||
Before a backup can be made, `rclone config` must be run to generate the configuration file:
|
||||
|
||||
```shell
|
||||
docker compose run --rm -it tandoor-backup rclone config
|
||||
```
|
||||
|
||||
It will generate a `rclone.conf` configuration file in ./tandoor/rclone/rclone.conf.
|
||||
|
||||
Copy the backup environment file to `backup.env` and fill it as needed:
|
||||
`cp backup.env.exmple backup.env`
|
||||
|
||||
| Variable | Description | Default |
|
||||
|----------------------|---------------------------------------------------------------------|---------------------------|
|
||||
| `RCLONE_REMOTE_NAME` | Name of the remote you chose during rclone config | |
|
||||
| `RCLONE_REMOTE_DIR` | Name of the rclone remote dir, eg: S3 bucket name, folder name, etc | |
|
||||
| `CRON` | How often to run the backup | `@daily` backup every day |
|
||||
| `TIMEZONE` | Timezone, used for cron times | `America/New_York` |
|
||||
| `ZIP_PASSWORD` | Password to protect the backup archive with | `123456` |
|
||||
| `BACKUP_KEEP_DAYS` | How long to keep the backup in the destination | `31` days |
|
||||
|
||||
You can test your backup manually with:
|
||||
|
||||
```shell
|
||||
docker compose run --rm -it tandoor-backup backup
|
||||
```
|
6
tandoor/backup.env.example
Normal file
6
tandoor/backup.env.example
Normal file
@ -0,0 +1,6 @@
|
||||
RCLONE_REMOTE_NAME=
|
||||
RCLONE_REMOTE_DIR=
|
||||
CRON=@daily
|
||||
TIMEZONE=America/New_York
|
||||
ZIP_PASSWORD=123456
|
||||
BACKUP_KEEP_DAYS=31
|
0
tandoor/backup/.gitkeep
Normal file
0
tandoor/backup/.gitkeep
Normal file
0
tandoor/database/.gitkeep
Normal file
0
tandoor/database/.gitkeep
Normal file
71
tandoor/docker-compose.yml
Normal file
71
tandoor/docker-compose.yml
Normal file
@ -0,0 +1,71 @@
|
||||
version: '3.9'
|
||||
|
||||
services:
|
||||
tandoor:
|
||||
image: vabene1111/recipes:latest
|
||||
container_name: tandoor
|
||||
restart: always
|
||||
env_file:
|
||||
- ./tandoor/.env
|
||||
volumes:
|
||||
- ./tandoor/database:/opt/recipes/database
|
||||
- ./tandoor/mediafiles:/opt/recipes/mediafiles
|
||||
- tandoor-staticfiles:/opt/recipes/staticfiles
|
||||
healthcheck:
|
||||
test: ["CMD", "wget", "http://127.0.0.1:8080/recipes", "-qO", "/dev/null"]
|
||||
interval: 5s
|
||||
retries: 10
|
||||
profiles:
|
||||
- tandoor
|
||||
|
||||
tandoor-nginx:
|
||||
image: nginx:mainline-alpine
|
||||
container_name: tandoor-nginx
|
||||
restart: always
|
||||
env_file:
|
||||
- ./tandoor/.env
|
||||
volumes:
|
||||
- ./tandoor/nginx:/etc/nginx/conf.d:ro
|
||||
- ./tandoor/mediafiles:/media:ro
|
||||
- tandoor-staticfiles:/static:ro
|
||||
healthcheck:
|
||||
test: ["CMD", "wget", "http://127.0.0.1/recipes", "-qO", "/dev/null"]
|
||||
interval: 5s
|
||||
retries: 10
|
||||
depends_on:
|
||||
- tandoor
|
||||
labels:
|
||||
- traefik.enable=true
|
||||
- traefik.http.routers.tandoor.rule=(Host(`${HOSTNAME}`) && PathPrefix(`/recipes`))
|
||||
- traefik.http.routers.tandoor.tls=true
|
||||
- traefik.http.routers.tandoor.tls.certresolver=myresolver
|
||||
- traefik.http.services.tandoor.loadbalancer.server.port=80
|
||||
- homepage.group=Apps
|
||||
- homepage.name=Tandoor
|
||||
- homepage.icon=tandoor.png
|
||||
- homepage.href=/recipes
|
||||
- homepage.description=Smart recipe management
|
||||
- homepage.weight=1
|
||||
profiles:
|
||||
- tandoor
|
||||
|
||||
tandoor-backup:
|
||||
image: adrienpoupa/rclone-backup:latest
|
||||
container_name: tandoor-backup
|
||||
restart: always
|
||||
env_file:
|
||||
- ./tandoor/backup.env
|
||||
environment:
|
||||
- BACKUP_FOLDER_NAME=mediafiles
|
||||
- BACKUP_FOLDER_PATH=/data/mediafiles
|
||||
- DB_TYPE=sqlite
|
||||
- SQLITE_DATABASE=/database/recipes.db
|
||||
volumes:
|
||||
- ./tandoor/database:/database
|
||||
- ./tandoor/mediafiles:/data/mediafiles
|
||||
- ./tandoor/backup:/config
|
||||
profiles:
|
||||
- tandoor
|
||||
|
||||
volumes:
|
||||
tandoor-staticfiles:
|
0
tandoor/mediafiles/.gitkeep
Executable file
0
tandoor/mediafiles/.gitkeep
Executable file
20
tandoor/nginx/errorpages/http502.html
Normal file
20
tandoor/nginx/errorpages/http502.html
Normal file
@ -0,0 +1,20 @@
|
||||
<!DOCTYPE html>
|
||||
<html lang="en">
|
||||
<head>
|
||||
<!-- Simple HttpErrorPages | MIT License | https://github.com/HttpErrorPages -->
|
||||
<meta charset="utf-8" /><meta http-equiv="X-UA-Compatible" content="IE=edge" /><meta name="viewport" content="width=device-width, initial-scale=1" />
|
||||
<title>502 - Webservice currently unavailable</title>
|
||||
<style type="text/css">/*! normalize.css v5.0.0 | MIT License | github.com/necolas/normalize.css */html{font-family:sans-serif;line-height:1.15;-ms-text-size-adjust:100%;-webkit-text-size-adjust:100%}body{margin:0}article,aside,footer,header,nav,section{display:block}h1{font-size:2em;margin:.67em 0}figcaption,figure,main{display:block}figure{margin:1em 40px}hr{box-sizing:content-box;height:0;overflow:visible}pre{font-family:monospace,monospace;font-size:1em}a{background-color:transparent;-webkit-text-decoration-skip:objects}a:active,a:hover{outline-width:0}abbr[title]{border-bottom:none;text-decoration:underline;text-decoration:underline dotted}b,strong{font-weight:inherit}b,strong{font-weight:bolder}code,kbd,samp{font-family:monospace,monospace;font-size:1em}dfn{font-style:italic}mark{background-color:#ff0;color:#000}small{font-size:80%}sub,sup{font-size:75%;line-height:0;position:relative;vertical-align:baseline}sub{bottom:-.25em}sup{top:-.5em}audio,video{display:inline-block}audio:not([controls]){display:none;height:0}img{border-style:none}svg:not(:root){overflow:hidden}button,input,optgroup,select,textarea{font-family:sans-serif;font-size:100%;line-height:1.15;margin:0}button,input{overflow:visible}button,select{text-transform:none}[type=reset],[type=submit],button,html [type=button]{-webkit-appearance:button}[type=button]::-moz-focus-inner,[type=reset]::-moz-focus-inner,[type=submit]::-moz-focus-inner,button::-moz-focus-inner{border-style:none;padding:0}[type=button]:-moz-focusring,[type=reset]:-moz-focusring,[type=submit]:-moz-focusring,button:-moz-focusring{outline:1px dotted ButtonText}fieldset{border:1px solid silver;margin:0 2px;padding:.35em .625em .75em}legend{box-sizing:border-box;color:inherit;display:table;max-width:100%;padding:0;white-space:normal}progress{display:inline-block;vertical-align:baseline}textarea{overflow:auto}[type=checkbox],[type=radio]{box-sizing:border-box;padding:0}[type=number]::-webkit-inner-spin-button,[type=number]::-webkit-outer-spin-button{height:auto}[type=search]{-webkit-appearance:textfield;outline-offset:-2px}[type=search]::-webkit-search-cancel-button,[type=search]::-webkit-search-decoration{-webkit-appearance:none}::-webkit-file-upload-button{-webkit-appearance:button;font:inherit}details,menu{display:block}summary{display:list-item}canvas{display:inline-block}template{display:none}[hidden]{display:none}/*! Simple HttpErrorPages | MIT X11 License | https://github.com/AndiDittrich/HttpErrorPages */body,html{width:100%;height:100%;background-color:#21232a}body{color:#fff;text-align:center;text-shadow:0 2px 4px rgba(0,0,0,.5);padding:0;min-height:100%;-webkit-box-shadow:inset 0 0 100px rgba(0,0,0,.8);box-shadow:inset 0 0 100px rgba(0,0,0,.8);display:table;font-family:"Open Sans",Arial,sans-serif}h1{font-family:inherit;font-weight:500;line-height:1.1;color:inherit;font-size:36px}h1 small{font-size:68%;font-weight:400;line-height:1;color:#777}a{text-decoration:none;color:#fff;font-size:inherit;border-bottom:dotted 1px #707070}.lead{color:silver;font-size:21px;line-height:1.4}.cover{display:table-cell;vertical-align:middle;padding:0 20px}footer{position:fixed;width:100%;height:40px;left:0;bottom:0;color:#a0a0a0;font-size:14px}</style>
|
||||
</head>
|
||||
<body>
|
||||
<div class="cover"><h1>Tandoor Recipes is not yet available <small>502</small></h1>
|
||||
<p class="lead">
|
||||
Services are still trying to start.<br>
|
||||
Please allow up to 3 minutes after you started the application on your server.<br><br>
|
||||
If this status persists, check the application or docker logs for further information.<br>
|
||||
After checking and trying everything mentioned in the <a href="https://docs.tandoor.dev/" target="_blank">docs</a>, you can request help on the project's <a href="https://github.com/TandoorRecipes/recipes/issues/new?assignees=&labels=setup+issue&template=help_request.yml" target="_blank">GitHub</a> page.
|
||||
</p>
|
||||
</div>
|
||||
|
||||
</body>
|
||||
</html>
|
29
tandoor/nginx/recipes.conf
Normal file
29
tandoor/nginx/recipes.conf
Normal file
@ -0,0 +1,29 @@
|
||||
server {
|
||||
listen 80;
|
||||
server_name localhost;
|
||||
|
||||
client_max_body_size 128M;
|
||||
|
||||
# serve media files
|
||||
location /recipes/media/ {
|
||||
alias /media/;
|
||||
}
|
||||
location /recipes/static/ {
|
||||
alias /static/;
|
||||
}
|
||||
# pass requests for dynamic content to gunicorn
|
||||
location / {
|
||||
proxy_set_header Host $http_host;
|
||||
proxy_pass http://tandoor:8080;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Script-Name /recipes;
|
||||
proxy_cookie_path / /recipes;
|
||||
|
||||
error_page 502 /errors/http502.html;
|
||||
}
|
||||
|
||||
location /recipes/errors/ {
|
||||
alias /etc/nginx/conf.d/errorpages/;
|
||||
internal;
|
||||
}
|
||||
}
|
Loading…
Reference in New Issue
Block a user