diff --git a/homelab/jafner-net/config/freshrss/.env b/homelab/jafner-net/config/freshrss/.env new file mode 100644 index 00000000..07faebde --- /dev/null +++ b/homelab/jafner-net/config/freshrss/.env @@ -0,0 +1 @@ +DOCKER_DATA=/mnt/nas/AppData/freshrss \ No newline at end of file diff --git a/homelab/jafner-net/config/freshrss/docker-compose.yml b/homelab/jafner-net/config/freshrss/docker-compose.yml new file mode 100644 index 00000000..99cf923e --- /dev/null +++ b/homelab/jafner-net/config/freshrss/docker-compose.yml @@ -0,0 +1,50 @@ +version: '3' +services: + freshrss: + image: freshrss/freshrss:edge + container_name: freshrss_freshrss + logging: + driver: loki + options: + loki-url: http://localhost:3100/loki/api/v1/push + loki-batch-size: "50" + loki-retries: "1" + loki-timeout: "2s" + keep-file: "true" + restart: "no" + depends_on: + - postgres + networks: + - freshrss + - web + volumes: + - ${DOCKER_DATA}/freshrss/data:/var/www/FreshRSS/data + - ${DOCKER_DATA}/freshrss/extensions:/var/www/FreshRSS/extensions + - ./config.custom.php:/var/www/FreshRSS/data/config.custom.php + - ./config-user.custom.php:/var/www/FreshRSS/config-user.custom.php + env_file: + - freshrss.env + - freshrss_secrets.env + labels: + - traefik.http.routers.freshrss.rule=Host(`freshrss.jafner.net`) + - traefik.http.routers.freshrss.tls.certresolver=lets-encrypt + - traefik.http.routers.freshrss.tls.options=tls12@file + - traefik.http.routers.freshrss.middlewares=securityheaders@file + - traefik.http.services.freshrss.loadbalancer.server.port=8080 + + postgres: + image: postgres:15 + container_name: freshrss_postgres + networks: + - freshrss + restart: "no" + volumes: + - ${DOCKER_DATA}/postgres:/var/lib/postgresql/data + env_file: + - postgres.env + - postgres_secrets.env + +networks: + web: + external: true + freshrss: \ No newline at end of file diff --git a/homelab/jafner-net/config/freshrss/freshrss.env b/homelab/jafner-net/config/freshrss/freshrss.env new file mode 100644 index 00000000..ba464d2d --- /dev/null +++ b/homelab/jafner-net/config/freshrss/freshrss.env @@ -0,0 +1,11 @@ +TZ=America/Los_Angeles +CRON_MIN='2,32' +FRESHRSS_ENV=development +LISTEN=0.0.0.0:80 +ADMIN_EMAIL=jafner425@gmail.com + +OIDC_ENABLED=1 +OIDC_PROVIDER_METADATA_URL=https://keycloak.jafner.net/realms/Jafner.net/.well-known/openid-configuration +OIDC_CLIENT_ID=freshrss.jafner.net +OIDC_REMOTE_USER_CLAIM=preferred_username +OIDC_SCOPES=openid \ No newline at end of file diff --git a/homelab/jafner-net/config/freshrss/postgres.env b/homelab/jafner-net/config/freshrss/postgres.env new file mode 100644 index 00000000..8651afad --- /dev/null +++ b/homelab/jafner-net/config/freshrss/postgres.env @@ -0,0 +1,2 @@ +POSTGRES_USER=freshrss +POSTGRES_DB=freshrss \ No newline at end of file diff --git a/homelab/jafner-net/config/keycloak/README.md b/homelab/jafner-net/config/keycloak/README.md index cde882f1..fb5af029 100644 --- a/homelab/jafner-net/config/keycloak/README.md +++ b/homelab/jafner-net/config/keycloak/README.md @@ -3,7 +3,8 @@ |:-----------------------:|:---:| | Client ID | In Keycloak, under the Jafner.net realm, click Clients -> Create Client. Set your own Client ID | | Client Secret | After creating the client in Keycloak, go to Clients -> -> Credentials. Then click the copy icon to the right of "Client secret". -| Client Scopes | `email openid profile` +| Client Scopes | `email openid profile` | +| Metadata URL | https://keycloak.jafner.net/realms/Jafner.net/.well-known/openid-configuration | | Authorization URL | https://keycloak.jafner.net/realms/Jafner.net/protocol/openid-connect/auth | | Access token URL | https://keycloak.jafner.net/realms/Jafner.net/protocol/openid-connect/token | | Resource URL, Userinfo URL, API URL | https://keycloak.jafner.net/realms/Jafner.net/protocol/openid-connect/userinfo |