lotus-land-story/gotosocial.yml

@@ -5,7 +5,7 @@
   vars_files:
     - vars.yml
   vars:
-    version: 0.17.2
+    version: 0.17.1
   tasks:
 
     - name: Create working directory

lotus-land-story/linkding.yml

@@ -1,40 +0,0 @@
-- name: Set up linkding
-  hosts: lotus-land-story
-  vars_files:
-    - vars.yml
-  vars:
-    version: 1.36.0-plus
-  tasks:
-
-    - name: Make /mnt/lotus-land-story/linkding
-      ansible.builtin.file:
-        path: /mnt/lotus-land-story/{{ item }}
-        state: directory
-        mode: "0755"
-      loop:
-        - linkding
-
-    - name: Run linkding
-      community.docker.docker_container:
-        name: linkding
-        image: sissbruecker/linkding:{{ version }}
-        restart: true
-        env:
-          LD_ENABLE_OIDC: "True"
-          OIDC_OP_AUTHORIZATION_ENDPOINT: https://auth.kejadlen.dev/api/oidc/authorization
-          OIDC_OP_TOKEN_ENDPOINT: https://auth.kejadlen.dev/api/oidc/token
-          OIDC_OP_USER_ENDPOINT: https://auth.kejadlen.dev/api/oidc/userinfo
-          OIDC_OP_JWKS_ENDPOINT: https://auth.kejadlen.dev/jwks.json
-          OIDC_RP_CLIENT_ID: linkding
-          OIDC_RP_CLIENT_SECRET: "{{ linkding.oidc_rp_client_secret }}"
-        volumes:
-          - /mnt/lotus-land-story/linkding:/etc/linkding/data
-        restart_policy: unless-stopped
-        networks:
-          - name: lotus_land_story
-
-  handlers:
-    - name: Import restarts
-      ansible.builtin.import_tasks: restarts.yml
-
-# vim: ft=yaml.ansible

lotus-land-story/miniflux.yml

@@ -45,7 +45,7 @@
   vars_files:
     - vars.yml
   vars:
-    version: 2.2.3
+    version: 2.2.2
   tasks:
 
     - name: Get docker network

lotus-land-story/paperless-ngx.yml

@@ -3,7 +3,7 @@
   vars_files:
     - vars.yml
   vars:
-    version: 2.13.5
+    version: 2.13.4
   tasks:
 
     - name: Create directories for volume mounting

lotus-land-story/templates/Caddyfile

@@ -55,20 +55,6 @@ search.kejadlen.dev {
 # 	}
 # }
 
-books.chislan.family {
-	forward_auth authelia:9091 {
-		uri /api/verify?rd=https://auth.chislan.family
-		copy_headers Remote-User
-
-		## This import needs to be included if you're relying on a trusted proxies configuration.
-		import trusted_proxy_list
-	}
-
-	reverse_proxy calibre-web:8083 {
-		import trusted_proxy_list
-	}
-}
-
 books.kejadlen.dev {
 	forward_auth authelia:9091 {
 		uri /api/verify?rd=https://auth.{{ domain }}
@@ -143,8 +129,4 @@ cadvisor.kejadlen.dev {
 	}
 }
 
-links.kejadlen.dev {
-	reverse_proxy linkding:9090
-}
-
 # vim: ts=4

lotus-land-story/templates/authelia_configuration.yml

@@ -17,6 +17,10 @@ authentication_backend:
 access_control:
   default_policy: deny
   rules:
+    - domain: docs.kejadlen.dev
+      policy: two_factor
+      subject:
+        - group:family
     - domain: "*.chislan.family"
       policy: two_factor
       subject:
@@ -115,16 +119,3 @@ identity_providers:
           - email
           - profile
           - groups
-
-      # https://linkding.link/options/#ld_enable_oidc
-      - client_id: linkding
-        client_name: linkding
-        client_secret: $argon2id$v=19$m=65536,t=3,p=4$dEQme8tnUUYArRvqSMEoUQ$nNygQmREKhzqf0OBLz0AY1th7mV0PZ1DS6M2GBdU+cE
-        public: false
-        token_endpoint_auth_method: client_secret_post
-        redirect_uris:
-          - https://links.kejadlen.dev/oidc/callback/
-        scopes:
-          - openid
-          - email
-          - profile

main.tf

@@ -19,11 +19,6 @@ variable "soa_email" {
   nullable = false
 }
 
-variable "subdomains" {
-  type = map(list(string))
-  nullable = false
-}
-
 data "linode_instances" "ramble_hard" {
   filter {
     name = "label"