initial push

2025-03-12 13:55:27 +01:00
commit 9f90c494ea
88 changed files with 2343 additions and 0 deletions
--- a/roles/deploy-docker/templates/planka.yml
+++ b/roles/deploy-docker/templates/planka.yml
@@ -0,0 +1,94 @@
+version: '3'
+
+services:
+  planka:
+    image: ghcr.io/plankanban/planka:latest
+    restart: on-failure
+    volumes:
+      - ./user-avatars:/app/public/user-avatars
+      - ./project-background-images:/app/public/project-background-images
+      - ./attachments:/app/private/attachments
+    ports:
+      - 20145:1337
+    environment:
+      - BASE_URL=https://planka.{{ domaine_ext }}
+      - DATABASE_URL=postgresql://postgres@postgres/planka
+      - SECRET_KEY=2ZNQf7B0072PS4
+
+      # - TRUST_PROXY=1
+      # - TOKEN_EXPIRES_IN=365 # In days
+
+      # related: https://github.com/knex/knex/issues/2354
+      # As knex does not pass query parameters from the connection string we
+      # have to use environment variables in order to pass the desired values, e.g.
+      # - PGSSLMODE=<value>
+
+      # Configure knex to accept SSL certificates
+      # - KNEX_REJECT_UNAUTHORIZED_SSL_CERTIFICATE=false
+
+      - DEFAULT_ADMIN_EMAIL=info@bruxelleslife.com # Do not remove if you want to prevent this user from being edited/deleted
+      - DEFAULT_ADMIN_PASSWORD=FHOHozginO95jx
+      - DEFAULT_ADMIN_NAME=bxlife
+      - DEFAULT_ADMIN_USERNAME=bxlife
+
+      # - SHOW_DETAILED_AUTH_ERRORS=false # Set to true to show more detailed authentication error messages. It should not be enabled without a rate limiter for security reasons.
+
+      # - ALLOW_ALL_TO_CREATE_PROJECTS=true
+
+      # - OIDC_ISSUER=
+      # - OIDC_CLIENT_ID=
+      # - OIDC_CLIENT_SECRET=
+      # - OIDC_ID_TOKEN_SIGNED_RESPONSE_ALG=
+      # - OIDC_USERINFO_SIGNED_RESPONSE_ALG=
+      # - OIDC_SCOPES=openid email profile
+      # - OIDC_RESPONSE_MODE=fragment
+      # - OIDC_USE_DEFAULT_RESPONSE_MODE=true
+      # - OIDC_ADMIN_ROLES=admin
+      # - OIDC_CLAIMS_SOURCE=userinfo
+      # - OIDC_EMAIL_ATTRIBUTE=email
+      # - OIDC_NAME_ATTRIBUTE=name
+      # - OIDC_USERNAME_ATTRIBUTE=preferred_username
+      # - OIDC_ROLES_ATTRIBUTE=groups
+      # - OIDC_IGNORE_USERNAME=true
+      # - OIDC_IGNORE_ROLES=true
+      # - OIDC_ENFORCED=true
+
+      # Email Notifications (https://nodemailer.com/smtp/)
+      - SMTP_HOST=mail.bruxelleslife.com
+      - SMTP_PORT=465
+      - SMTP_NAME=Bruxelles Life Mail
+      - SMTP_SECURE=true
+      - SMTP_USER=info@bruxelleslife.com
+      - SMTP_PASSWORD=vX6@kTScdN94MTJ
+      - SMTP_FROM="Bruxelles Life" <info@bruxelleslife.com>
+      - SMTP_TLS_REJECT_UNAUTHORIZED=false
+
+      # Optional fields: accessToken, events, excludedEvents
+      # - |
+      #   WEBHOOKS=[{
+      #     "url": "http://localhost:3001",
+      #     "accessToken": "notaccesstoken",
+      #     "events": ["cardCreate", "cardUpdate", "cardDelete"],
+      #     "excludedEvents": ["notificationCreate", "notificationUpdate"]
+      #   }]
+
+      # - SLACK_BOT_TOKEN=
+      # - SLACK_CHANNEL_ID=
+      # - GOOGLE_CHAT_WEBHOOK_URL=
+    depends_on:
+      postgres:
+        condition: service_healthy
+
+  postgres:
+    image: postgres:14-alpine
+    restart: on-failure
+    volumes:
+      - ./db-data:/var/lib/postgresql/data
+    environment:
+      - POSTGRES_DB=planka
+      - POSTGRES_HOST_AUTH_METHOD=trust
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -U postgres -d planka"]
+      interval: 10s
+      timeout: 5s
+      retries: 5