salt/pillar/id/themis_lysergic_dev.sls
Georg Pfuetzenreuter a249b83d37
id.themis: add BookStack configuration
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-26 11:10:05 +01:00

78 lines
2.8 KiB
Django/Jinja

apache:
sites:
BookStack:
interface: '[fd29:8e45:f292:ff80::1]'
port: 443
ServerName: bookstack.themis.backend.syscid.com
DocumentRoot: /srv/www/BookStack/
DirectoryIndex: index.php
Directory:
/srv/www/BookStack/:
Options: 'Indexes FollowSymLinks -MultiViews'
AllowOverride: None
Require: all granted
Formula_Append: |
RewriteEngine On
RewriteCond '%{HTTP:Authorization} .'
RewriteCond '.* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]'
RewriteCond '%{REQUEST_FILENAME} !-d'
RewriteCond '%{REQUEST_URI} (.+)/$'
RewriteCond '^ %1 [L,R=301]'
RewriteCond '%{REQUEST_FILENAME} !-d'
RewriteCond '%{REQUEST_FILENAME} !-f'
RewriteCond '^ index.php [L]'
LogLevel: False
ErrorLog: False
LogFormat: False
CustomLog: False
ServerAdmin: False
ServerAlias: False
Formula_Append: |
Include /etc/apache2/snippets.d/ssl_themis.conf
AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/javascript
SetOutputFilter DEFLATE
<FilesMatch '\.php$'>
SetHandler 'proxy:unix:/run/php-fpm/BookStack.sock|fcgi://BookStack'
</FilesMatch>
profile:
bookstack:
app_url: https://libertacasa.info
db_host: ${'secret_bookstack:db_host'}
db_database: ${'secret_bookstack:db_database'}
db_username: ${'secret_bookstack:db_username'}
db_password: ${'secret_bookstack:db_password'}
mail_driver: smtp
mail_from_name: LibertaCasa Documentation
mail_from: mail@libertacasa.info
mail_host: zz0.email
mail_port: 465
mail_username: mail@libertacasa.info
mail_password: ${'secret_bookstack:mail_password'}
mail_encryption: ssl
app_theme: lysergic
cache_driver: memcached
session_driver: memcached
memcached_servers: /run/memcached/memcached.sock
session_secure_cookie: true
session_cookie_name: libertacasa_megayummycookie
app_debug: false
session_lifetime: 240
auth_method: saml2
auth_auto_initiate: true
saml2_name: LibertaCasa SSO
saml2_email_attribute: email
saml2_external_id_attribute: uid
saml2_display_name_attributes: fullname
saml2_idp_entityid: https://libsso.net/realms/libertacasa
saml2_idp_sso: https://libsso.net/realms/libertacasa/protocol/saml
saml2_idp_slo: https://libsso.net/realms/libertacasa/protocol/saml
saml2_idp_x509: ${'secret_bookstack:saml2_idp_x509'}
saml2_autoload_metadata: false
saml2_sp_x509: ${'secret_bookstack:saml2_sp_x509'}
saml2_sp_x509_key: ${'secret_bookstack:saml2_sp_x509_key'}
saml2_user_to_groups: true
saml2_group_attribute: groups
saml2_remove_from_groups: true
queue_connection: database