diff --git a/public/v4/apps/corteza.yml b/public/v4/apps/corteza.yml new file mode 100644 index 0000000..1d20a3a --- /dev/null +++ b/public/v4/apps/corteza.yml @@ -0,0 +1,72 @@ +captainVersion: 4 + +services: + $$cap_appname: + image: cortezaproject/corteza:$$corteza_version + restart: always + depends_on: + - $$cap_appname-db + volumes: + - $$cap_appname-data:/data + environment: + VIRTUAL_HOST: $$cap_appname.$$cap_root_domain + DB_DSN: postgres://$$cap_postgre_username:$$cap_postgre_password@srv-captain--$$cap_appname-db:5432/$$cap_postgre_db_name?sslmode=disable + HTTP_WEBAPP_ENABLED: true + DOMAIN: $$cap_appname.$$cap_root_domain + VERSION: $$corteza_version + LETSENCRYPT_HOST: $$cap_lets_encrypt + $$cap_appname-db: + image: postgres:13 + restart: always + caproverExtra: + notExposeAsWebApp: 'true' + volumes: + - $$cap_appname-postgres-data:/var/lib/postgresql/data + environment: + POSTGRES_USER: $$cap_postgre_username + POSTGRES_PASSWORD: $$cap_postgre_password + POSTGRES_DB: $$cap_postgre_db_name + +caproverOneClickApp: + variables: + - id: '$$corteza_version' + label: Corteza Version + defaultValue: '2021.9.5' + description: Check out their Docker page for the valid tags https://hub.docker.com/r/cortezaproject/corteza/tags + validRegex: /^([^\s^\/])+$/ + - id: $$cap_postgre_db_name + label: PostgreSQL Database name + description: '' + defaultValue: 'corteza' + validRegex: /.{1,}/ + - id: $$cap_postgre_username + label: PostgreSQL username + defaultValue: 'cortezaUser' + description: '' + validRegex: /.{1,}/ + - id: $$cap_postgre_password + label: PostgreSQL Password + description: '' + defaultValue: $$cap_gen_random_hex(16) + validRegex: /.{1,}/ + - id: $$cap_lets_encrypt + defaultValue: $$cap_appname.$$cap_root_domain + label: Lets Encrypt Host for SSL. + description: 'Set your root domain if you are going to use SSL (https://). Leave empty otherwise.' + + instructions: + start: |- + Corteza is an open-source, self-hosted cloud-based platform for your work. It provides a wide ecosystem of a Unified Workspace (like Google G Suite), Enterprise Messaging (like Slack), a Low-Code environment for rapidly and securely delivering records-based management solutions, and CRM and Service Solution (like Salesforce). + For more info visit https://cortezaproject.org/ + + end: |- + Corteza has been successfully deployed! + -------------------------------------------- + Before you proceed, please enable Websocket Support + https://captain.$$cap_root_domain/#/apps/details/$$cap_appname + -------------------------------------------- + App is available as http://$$cap_appname.$$cap_root_domain + displayName: Corteza + isOfficial: true + description: Corteza is a free, open-source, Low Code platform for building your organisation key applications, growing its productivity and protecting its data and the privacy of all those concerned. + documentation: This docker-compose is taken https://github.com/cortezaproject diff --git a/public/v4/apps/healthchecks.yml b/public/v4/apps/healthchecks.yml new file mode 100644 index 0000000..3b8187a --- /dev/null +++ b/public/v4/apps/healthchecks.yml @@ -0,0 +1,56 @@ +captainVersion: 4 +services: + # HealthChecks + $$cap_appname: + image: healthchecks/healthchecks:$$cap_hc_version + restart: always + environment: + DB: postgres + DB_HOST: srv-captain--$$cap_appname-db + DB_NAME: hc + DB_PASSWORD: $$cap_postgres_password + DB_PORT: 5432 + DB_SSLMODE: prefer + DB_TARGET_SESSION_ATTRS: read-write + DB_USER: postgres + DEBUG: False + SECRET_KEY: $$cap_gen_random_hex(64) + SITE_ROOT: http://0.0.0.0:8000 + caproverExtra: + containerHttpPort: '8000' + # Postgres + $$cap_appname-db: + image: postgres:12 + volumes: + - $$cap_appname-db-data:/var/lib/postgresql/data + restart: always + environment: + POSTGRES_USER: postgres + POSTGRES_PASSWORD: $$cap_postgres_password + POSTGRES_DB: hc + caproverExtra: + notExposeAsWebApp: 'true' +caproverOneClickApp: + variables: + - id: $$cap_hc_version + label: hc Manifest digest + defaultValue: 'v1.25.0' + description: Find on https://hub.docker.com/r/healthchecks/healthchecks/tags + - id: $$cap__postgres_password + label: Postgres Password + description: Password must be at least 12 characters. Please use a random string. + defaultValue: $$cap_gen_random_hex(16) + validRegex: /^[^\@]{12,}$/ + instructions: + start: |- + Healthchecks is a cron job monitoring service. It listens for HTTP requests and email messages ("pings") from your cron jobs and scheduled tasks ("checks"). When a ping does not arrive on time, Healthchecks sends out alerts. + Github: https://github.com/healthchecks/healthchecks + + end: |- + Aaaand you're done! 😄 + Your service is available at http://$$cap_appname.$$cap_root_domain + More environment variables can be found at https://github.com/healthchecks/healthchecks/blob/master/docker/.env + displayName: 'HealthChecks' + isOfficial: true + description: Healthchecks is a cron job monitoring service. + documentation: https://github.com/healthchecks/healthchecks diff --git a/public/v4/apps/mautic-only.yml b/public/v4/apps/mautic-only.yml index 18d207e..742ee5b 100644 --- a/public/v4/apps/mautic-only.yml +++ b/public/v4/apps/mautic-only.yml @@ -16,7 +16,6 @@ caproverOneClickApp: - id: $$cap_db_host label: Database Host description: 'Database host ex. srv-captain--mydbsrv:3306' - validRegex: /^([a-zA-Z0-9])+$/ - id: $$cap_db_user label: Database user description: 'Inform the database user' diff --git a/public/v4/apps/postgres.yml b/public/v4/apps/postgres.yml index 8ec46ee..c7fa869 100644 --- a/public/v4/apps/postgres.yml +++ b/public/v4/apps/postgres.yml @@ -16,7 +16,7 @@ caproverOneClickApp: variables: - id: $$cap_postgres_version label: Postgres Version - defaultValue: '9.6' + defaultValue: '14.1' description: Check out their Docker page for the valid tags https://hub.docker.com/r/library/postgres/tags/ validRegex: /^([^\s^\/])+$/ - id: $$cap_pg_user diff --git a/public/v4/apps/remark42.yml b/public/v4/apps/remark42.yml new file mode 100644 index 0000000..cfc25d8 --- /dev/null +++ b/public/v4/apps/remark42.yml @@ -0,0 +1,571 @@ +captainVersion: 4 +services: + $$cap_appname: + image: umputun/remark42:$$cap_tag_version + hostname: $$cap_appname.$$cap_root_domain + restart: always + environment: + REMARK_URL: 'https://$$cap_appname.$$cap_root_domain' + SECRET: '$$cap_secret' + SITE: '$$cap_site' + STORE_TYPE: '$$cap_store_type' + STORE_BOLT_PATH: '$$cap_store_bolt_path' + STORE_BOLT_TIMEOUT: '$$cap_store_bolt_timeout' + ADMIN_SHARED_ID: '$$cap_admin_shared_id' + ADMIN_SHARED_EMAIL: '$$cap_admin_shared_email' + BACKUP_PATH: '$$cap_backup' + MAX_BACKUP_FILES: '$$cap_max_back' + CACHE_TYPE: '$$cap_cache_type' + CACHE_REDIS_ADDR: '$$cap_cache_redis_addr' + CACHE_MAX_ITEMS: '$$cap_cache_max_items' + CACHE_MAX_VALUE: '$$cap_cache_max_value' + CACHE_MAX_SIZE: '$$cap_cache_max_size' + AVATAR_TYPE: '$$cap_avatar_type' + AVATAR_FS_PATH: '$$cap_avatar_fs_path' + AVATAR_BOLT_FILE: '$$cap_avatar_bolt_file' + AVATAR_URI: '$$cap_avatar_uri' + AVATAR_RSZ_LMT: '$$cap_avatar_rsz_lmt' + IMAGE_TYPE: '$$cap_image_type' + IMAGE_MAX_SIZE: '$$cap_image_max_size' + IMAGE_FS_PATH: '$$cap_image_fs_path' + IMAGE_FS_STAGING: '$$cap_image_fs_staging' + IMAGE_FS_PARTITIONS: '$$cap_image_fs_partitions' + IMAGE_BOLT_FILE: '$$cap_image_bolt_file' + IMAGE_RESIZE_WIDTH: '$$cap_image_resize_width' + IMAGE_RESIZE_HEIGHT: '$$cap_image_resize_height' + AUTH_TTL_JWT: '$$cap_auth_ttl_jwt' + AUTH_TTL_COOKIE: '$$cap_auth_ttl_cookie' + AUTH_SEND_JWT_HEADER: '$$cap_auth_send-jwt_header' + AUTH_SAME_SITE: '$$cap_auth_same_site' + AUTH_GOOGLE_CID: '$$cap_auth_google_cid' + AUTH_GOOGLE_CSEC: '$$cap_auth_google_csec' + AUTH_FACEBOOK_CID: '$$cap_auth_facebook_cid' + AUTH_FACEBOOK_CSEC: '$$cap_auth_facebook_csec' + AUTH_MICROSOFT_CID: '$$cap_auth_microsoft_cid' + AUTH_MICROSOFT_CSEC: '$$cap_auth_microsoft_csec' + AUTH_GITHUB_CID: '$$cap_auth_github_cid' + AUTH_GITHUB_CSEC: '$$cap_auth_github_csec' + AUTH_TWITTER_CID: '$$cap_auth_twitter_cid' + AUTH_TWITTER_CSEC: '$$cap_auth_twitter_csec' + AUTH_PATREON_CID: '$$cap_auth_patreon_cid' + AUTH_PATREON_CSEC: '$$cap_auth_patreon_csec' + AUTH_TELEGRAM: '$$cap_auth_telegram' + AUTH_YANDEX_CID: '$$cap_auth_yandex_cid' + AUTH_YANDEX_CSEC: '$$cap_auth_yandex_csec' + AUTH_DEV: '$$cap_auth_dev' + AUTH_ANON: '$$cap_auth_anon' + AUTH_EMAIL_ENABLE: '$$cap_auth_email_enable' + AUTH_EMAIL_FROM: '$$cap_auth_email_from' + AUTH_EMAIL_SUBJ: '$$cap_auth_email_subj' + AUTH_EMAIL_CONTENT_TYPE: '$$cap_auth_email_content_type' + NOTIFY_USERS: '$$cap_notify_users' + NOTIFY_ADMINS: '$$cap_notify_admins' + NOTIFY_QUEUE: '$$cap_notify_queue' + NOTIFY_TELEGRAM_CHAN: '$$cap_notify_telegram_chan' + NOTIFY_SLACK_TOKEN: '$$cap_notify_slack_token' + NOTIFY_SLACK_CHAN: '$$cap_notify_slack_chan' + NOTIFY_WEBHOOK_URL: '$$cap_notify_webhook_url' + NOTIFY_WEBHOOK_HEADERS: '$$cap_notify_webhook_headers' + NOTIFY_WEBHOOK_TIMEOUT: '$$cap_notify_webhook_timeout' + NOTIFY_EMAIL_FROM: '$$cap_notify_email_fromAddress' + NOTIFY_EMAIL_VERIFICATION_SUBJ: '$$cap_notify_email_verification_subj' + TELEGRAM_TOKEN: '$$cap_telegram_token' + TELEGRAM_TIMEOUT: '$$cap_telegram_timeout' + SMTP_HOST: '$$cap_smtp_host' + SMTP_PORT: '$$cap_smtp_port' + SMTP_USERNAME: '$$cap_smtp_username' + SMTP_PASSWORD: '$$cap_smtp_password' + SMTP_TLS: '$$cap_smtp_tls' + SMTP_TIMEOUT: '$$cap_smtp_timeout' + SSL_TYPE: '$$cap_ssl_type' + SSL_PORT: '$$cap_ssl_port' + SSL_CERT: '$$cap_ssl_cert' + SSL_KEY: '$$cap_ssl_key' + SSL_ACME_LOCATION: '$$cap_ssl_acme_location' + SSL_ACME_EMAIL: '$$cap_ssl_acme_email' + MAX_COMMENT_SIZE: '$$cap_max_comment' + MAX_VOTES: '$$cap_max_votes' + VOTES_IP: '$$cap_votes_ip' + ANON_VOTE: '$$cap_anon_vote' + VOTES_IP_TIME: '$$cap_votes-ip_time' + LOW_SCORE: '$$cap_low_score' + CRITICAL_SCORE: '$$cap_critical_score' + POSITIVE_SCORE: '$$cap_positive_score' + RESTRICTED_WORDS: '$$cap_restricted_words' + RESTRICTED_NAMES: '$$cap_restricted_names' + EDIT_TIME: '$$cap_edit_time' + ADMIN_EDIT: '$$cap_admin_edit' + READONLY_AGE: '$$cap_read_age' + IMAGE_PROXY_HTTP2HTTPS: '$$cap_image_proxy_http2https' + IMAGE_PROXY_CACHE_EXTERNAL: '$$cap_image-proxy_cache_external' + EMOJI: '$$cap_emoji' + SIMPLE_VIEW: '$$cap_simple_view' + PROXY_CORS: '$$cap_proxy_cors' + ALLOWED_HOSTS: '$$cap_appname.$$cap_root_domain,$$cap_allowed_hosts' + REMARK_ADDRESS: '$$cap_address' + REMARK_PORT: '$$cap_port' + REMARK_WEB_ROOT: '$$cap_web_root' + UPDATE_LIMIT: '$$cap_update_limit' + SUBSCRIBERS_ONLY: '$$cap_subscribers_only' + ADMIN_PASSWD: '$$cap_admin_passwd' + DEBUG: '$$cap_dbg' + volumes: + - $$cap_appname-data:/srv/var + caproverExtra: + containerHttpPort: '8080' +caproverOneClickApp: + variables: + - id: $$cap_tag_version + label: Remark42 docker image tag + defaultValue: 'v1.9.0' + description: Valid tag from https://hub.docker.com/r/umputun/remark42/tags + validRegex: /.+/ + - id: $$cap_secret + label: SECRET + defaultValue: '$$cap_gen_random_hex(10)' + description: the shared secret key used to sign JWT, should be a random, long, hard-to-guess string + validRegex: /.+/ + - id: $$cap_site + label: SITE + defaultValue: 'remark' + description: site name(s), _multi_ + - id: $$cap_store_type + label: STORE_TYPE + defaultValue: 'bolt' + description: type of storage, `bolt` or `rpc` + - id: $$cap_store_bolt_path + label: STORE_BOLT_PATH + defaultValue: './var' + description: parent directory for the bolt files + - id: $$cap_store_bolt_timeout + label: STORE_BOLT_TIMEOUT + defaultValue: '30s' + description: boltdb access timeout + - id: $$cap_admin_shared_id + label: ADMIN_SHARED_ID + defaultValue: '' + description: admin IDs (list of user IDs), _multi_ + - id: $$cap_admin_shared_email + label: ADMIN_SHARED_EMAIL + defaultValue: '' + description: admin emails, _multi_ + - id: $$cap_backup + label: BACKUP_PATH + defaultValue: './var/backup' + description: backups location + - id: $$cap_max_back + label: MAX_BACKUP_FILES + defaultValue: '10' + description: max backup files to keep + - id: $$cap_cache_type + label: CACHE_TYPE + defaultValue: 'mem' + description: type of cache, `redis_pub_sub` or `mem` or `none` + - id: $$cap_cache_redis_addr + label: CACHE_REDIS_ADDR + defaultValue: '127.0.0.1:6379' + description: address of Redis PubSub instance, turn `redis_pub_sub` cache on for distributed cache + - id: $$cap_cache_max_items + label: CACHE_MAX_ITEMS + defaultValue: '1000' + description: max number of cached items, `0` - unlimited + - id: $$cap_cache_max_value + label: CACHE_MAX_VALUE + defaultValue: '65536' + description: max size of the cached value, `0` - unlimited + - id: $$cap_cache_max_size + label: CACHE_MAX_SIZE + defaultValue: '50000000' + description: max size of all cached values, `0` - unlimited + - id: $$cap_avatar_type + label: AVATAR_TYPE + defaultValue: 'fs' + description: type of avatar storage, `fs`, `bolt`, or `uri` + - id: $$cap_avatar_fs_path + label: AVATAR_FS_PATH + defaultValue: './var/avatars' + description: avatars location for `fs` store + - id: $$cap_avatar_bolt_file + label: AVATAR_BOLT_FILE + defaultValue: './var/avatars.db' + description: avatars bolt file location + - id: $$cap_avatar_uri + label: AVATAR_URI + defaultValue: './var/avatars' + description: avatars store URI + - id: $$cap_avatar_rsz_lmt + label: AVATAR_RSZ_LMT + defaultValue: '0 (disabled)' + description: max image size for resizing avatars on save + - id: $$cap_image_type + label: IMAGE_TYPE + defaultValue: 'fs' + description: type of image storage, `fs`, `bolt` + - id: $$cap_image_max_size + label: IMAGE_MAX_SIZE + defaultValue: '5000000' + description: max size of image file + - id: $$cap_image_fs_path + label: IMAGE_FS_PATH + defaultValue: './var/pictures' + description: permanent location of images + - id: $$cap_image_fs_staging + label: IMAGE_FS_STAGING + defaultValue: './var/pictures.staging' + description: staging location of images + - id: $$cap_image_fs_partitions + label: IMAGE_FS_PARTITIONS + defaultValue: '100' + description: number of image partitions + - id: $$cap_image_bolt_file + label: IMAGE_BOLT_FILE + defaultValue: '/var/pictures.db' + description: images bolt file location + - id: $$cap_image_resize_width + label: IMAGE_RESIZE_WIDTH + defaultValue: '2400' + description: width of a resized image + - id: $$cap_image_resize_height + label: IMAGE_RESIZE_HEIGHT + defaultValue: '900' + description: height of a resized image + - id: $$cap_auth_ttl_jwt + label: AUTH_TTL_JWT + defaultValue: '5m' + description: JWT TTL + - id: $$cap_auth_ttl_cookie + label: AUTH_TTL_COOKIE + defaultValue: '200h' + description: cookie TTL + - id: $$cap_auth_send_jwt_header + label: AUTH_SEND_JWT_HEADER + defaultValue: 'false' + description: send JWT as a header instead of a cookie + validRegex: /^(false|true)$/ + - id: $$cap_auth_same_site + label: AUTH_SAME_SITE + defaultValue: 'default' + description: set same site policy for cookies (`default`, `none`, `lax` or `strict`) + - id: $$cap_auth_google_cid + label: AUTH_GOOGLE_CID + defaultValue: '' + description: Google OAuth client ID + - id: $$cap_auth_google_csec + label: AUTH_GOOGLE_CSEC + defaultValue: '' + description: Google OAuth client secret + - id: $$cap_auth_facebook_cid + label: AUTH_FACEBOOK_CID + defaultValue: '' + description: Facebook OAuth client ID + - id: $$cap_auth_facebook_csec + label: AUTH_FACEBOOK_CSEC + defaultValue: '' + description: Facebook OAuth client secret + - id: $$cap_auth_microsoft_cid + label: AUTH_MICROSOFT_CID + defaultValue: '' + description: Microsoft OAuth client ID + - id: $$cap_auth_microsoft_csec + label: AUTH_MICROSOFT_CSEC + defaultValue: '' + description: Microsoft OAuth client secret + - id: $$cap_auth_github_cid + label: AUTH_GITHUB_CID + defaultValue: '' + description: GitHub OAuth client ID + - id: $$cap_auth_github_csec + label: AUTH_GITHUB_CSEC + defaultValue: '' + description: GitHub OAuth client secret + - id: $$cap_auth_twitter_cid + label: AUTH_TWITTER_CID + defaultValue: '' + description: Twitter Consumer API Key + - id: $$cap_auth_twitter_csec + label: AUTH_TWITTER_CSEC + defaultValue: '' + description: Twitter Consumer API Secret key + - id: $$cap_auth_patreon_cid + label: AUTH_PATREON_CID + defaultValue: '' + description: Patreon OAuth Client ID + - id: $$cap_auth_patreon_csec + label: AUTH_PATREON_CSEC + defaultValue: '' + description: Patreon OAuth Client Secret + - id: $$cap_auth_telegram + label: AUTH_TELEGRAM + defaultValue: 'false' + description: Enable Telegram auth (telegram.token must be present) + validRegex: /^(false|true)$/ + - id: $$cap_auth_yandex_cid + label: AUTH_YANDEX_CID + defaultValue: '' + description: Yandex OAuth client ID + - id: $$cap_auth_yandex_csec + label: AUTH_YANDEX_CSEC + defaultValue: '' + description: Yandex OAuth client secret + - id: $$cap_auth_dev + label: AUTH_DEV + defaultValue: 'false' + description: local OAuth2 server, development mode only + validRegex: /^(false|true)$/ + - id: $$cap_auth_anon + label: AUTH_ANON + defaultValue: 'false' + description: enable anonymous login + validRegex: /^(false|true)$/ + - id: $$cap_auth_email_enable + label: AUTH_EMAIL_ENABLE + defaultValue: 'false' + description: enable auth via email + validRegex: /^(false|true)$/ + - id: $$cap_auth_email_from + label: AUTH_EMAIL_FROM + defaultValue: '' + description: email from + - id: $$cap_auth_email_subj + label: AUTH_EMAIL_SUBJ + defaultValue: 'remark42 confirmation' + description: email subject + - id: $$cap_auth_email_content_type + label: AUTH_EMAIL_CONTENT_TYPE + defaultValue: 'text/html' + description: email content type + - id: $$cap_notify_users + label: NOTIFY_USERS + defaultValue: 'none' + description: type of user notifications (Telegram, email) + - id: $$cap_notify_admins + label: NOTIFY_ADMINS + defaultValue: 'none' + description: type of admin notifications (Telegram, Slack, webhook and/or email) + - id: $$cap_notify_queue + label: NOTIFY_QUEUE + defaultValue: '100' + description: size of notification queue + - id: $$cap_notify_telegram_chan + label: NOTIFY_TELEGRAM_CHAN + defaultValue: '' + description: the ID of telegram channel for admin notifications + - id: $$cap_notify_slack_token + label: NOTIFY_SLACK_TOKEN + defaultValue: '' + description: Slack token + - id: $$cap_notify_slack_chan + label: NOTIFY_SLACK_CHAN + defaultValue: 'general' + description: Slack channel for admin notifications + - id: $$cap_notify_webhook_url + label: NOTIFY_WEBHOOK_URL + defaultValue: '' + description: Webhook notification URL for admin notifications + - id: $$cap_notify_webhook_template + label: NOTIFY_WEBHOOK_TEMPLATE + defaultValue: '{\"text\": \"{{.Text}}\"}' + description: Webhook payload template + - id: $$cap_notify_webhook_headers + label: NOTIFY_WEBHOOK_HEADERS + defaultValue: '' + description: HTTP header in format Header1:Value1,Header2:Value2,... + - id: $$cap_notify_webhook_timeout + label: NOTIFY_WEBHOOK_TIMEOUT + defaultValue: '5s' + description: Webhook connection timeout + - id: $$cap_notify_email_fromAddress + label: NOTIFY_EMAIL_FROM + defaultValue: '' + description: from email address + - id: $$cap_notify_email_verification_subj + label: NOTIFY_EMAIL_VERIFICATION_SUBJ + defaultValue: 'Email verification' + description: verification message subject + - id: $$cap_telegram_token + label: TELEGRAM_TOKEN + defaultValue: '' + description: Telegram token (used for auth and Telegram notifications) + - id: $$cap_telegram_timeout + label: TELEGRAM_TIMEOUT + defaultValue: '5s' + description: Telegram connection timeout + - id: $$cap_smtp_host + label: SMTP_HOST + defaultValue: '' + description: SMTP host + - id: $$cap_smtp_port + label: SMTP_PORT + defaultValue: '' + description: SMTP port + - id: $$cap_smtp_username + label: SMTP_USERNAME + defaultValue: '' + description: SMTP user name + - id: $$cap_smtp_password + label: SMTP_PASSWORD + defaultValue: '' + description: SMTP password + - id: $$cap_smtp_tls + label: SMTP_TLS + defaultValue: 'false' + description: enable TLS for SMTP + validRegex: /^(false|true)$/ + - id: $$cap_smtp_timeout + label: SMTP_TIMEOUT + defaultValue: '10s' + description: SMTP TCP connection timeout + - id: $$cap_ssl_type + label: SSL_TYPE + defaultValue: 'none' + description: '`none`-HTTP, `static`-HTTPS, `auto`-HTTPS + le' + - id: $$cap_ssl_port + label: SSL_PORT + defaultValue: '8443' + description: port for HTTPS server + - id: $$cap_ssl_cert + label: SSL_CERT + defaultValue: '' + description: path to the cert.pem file + - id: $$cap_ssl_key + label: SSL_KEY + defaultValue: '' + description: path to the key.pem file + - id: $$cap_ssl_acme_location + label: SSL_ACME_LOCATION + defaultValue: './var/acme' + description: dir where obtained le-certs will be stored + - id: $$cap_ssl_acme_email + label: SSL_ACME_EMAIL + defaultValue: '' + description: admin email for receiving notifications from LE + - id: $$cap_max_comment + label: MAX_COMMENT_SIZE + defaultValue: '2048' + description: comment's size limit + - id: $$cap_max_votes + label: MAX_VOTES + defaultValue: '-1' + description: votes limit per comment, `-1` - unlimited + - id: $$cap_votes_ip + label: VOTES_IP + defaultValue: 'false' + description: restrict votes from the same IP + validRegex: /^(false|true)$/ + - id: $$cap_anon_vote + label: ANON_VOTE + defaultValue: 'false' + description: allow voting for anonymous users, require VOTES_IP to be enabled as well + validRegex: /^(false|true)$/ + - id: $$cap_votes_ip_time + label: VOTES_IP_TIME + defaultValue: '5m' + description: same IP vote restriction time, `0s` - unlimited + - id: $$cap_low_score + label: LOW_SCORE + defaultValue: '-5' + description: low score threshold + - id: $$cap_critical_score + label: CRITICAL_SCORE + defaultValue: '-10' + description: critical score threshold + - id: $$cap_positive_score + label: POSITIVE_SCORE + defaultValue: 'false' + description: restricts comment's score to be only positive + validRegex: /^(false|true)$/ + - id: $$cap_restricted_words + label: RESTRICTED_WORDS + defaultValue: '' + description: words banned in comments (can use `*`), _multi_ + - id: $$cap_restricted_names + label: RESTRICTED_NAMES + defaultValue: '' + description: names prohibited to use by the user, _multi_ + - id: $$cap_edit_time + label: EDIT_TIME + defaultValue: '5m' + description: edit window + - id: $$cap_admin_edit + label: ADMIN_EDIT + defaultValue: 'false' + description: unlimited edit for admins + validRegex: /^(false|true)$/ + - id: $$cap_read_age + label: READONLY_AGE + defaultValue: '' + description: read-only age of comments, days + - id: $$cap_image_proxy_http2https + label: IMAGE_PROXY_HTTP2HTTPS + defaultValue: 'false' + description: enable HTTP->HTTPS proxy for images + validRegex: /^(false|true)$/ + - id: $$cap_image_proxy_cache_external + label: IMAGE_PROXY_CACHE_EXTERNAL + defaultValue: 'false' + description: enable caching external images to current image storage + validRegex: /^(false|true)$/ + - id: $$cap_emoji + label: EMOJI + defaultValue: 'false' + description: enable emoji support + validRegex: /^(false|true)$/ + - id: $$cap_simple_view + label: SIMPLE_VIEW + defaultValue: 'false' + description: minimized UI with basic info only + validRegex: /^(false|true)$/ + - id: $$cap_proxy_cors + label: PROXY_CORS + defaultValue: 'false' + description: disable internal CORS and delegate it to proxy + validRegex: /^(false|true)$/ + - id: $$cap_allowed_hosts + label: ALLOWED_HOSTS + defaultValue: '' + description: limit hosts/sources allowed to embed comments, enable all by default + - id: $$cap_address + label: REMARK_ADDRESS + defaultValue: '' + description: web server listening address, all interfaces by default + - id: $$cap_port + label: REMARK_PORT + defaultValue: '8080' + description: web server port + - id: $$cap_web_root + label: REMARK_WEB_ROOT + defaultValue: './web' + description: web server root directory + - id: $$cap_update_limit + label: UPDATE_LIMIT + defaultValue: '0.5' + description: updates/sec limit + - id: $$cap_subscribers_only + label: SUBSCRIBERS_ONLY + defaultValue: 'false' + description: enable commenting only for Patreon subscribers + validRegex: /^(false|true)$/ + - id: $$cap_admin_passwd + label: ADMIN_PASSWD + defaultValue: '' + description: password for `admin` basic auth + - id: $$cap_dbg + label: DEBUG + defaultValue: 'false' + description: debug mode + validRegex: /^(false|true)$/ + instructions: + start: |- + See description of the parameters below [in the documentation](https://remark42.com/docs/configuration/parameters/). + + _multi_ parameters separated by `,` in the environment, like `ADMIN_SHARED_EMAIL=admin@example.org,admin2@example.org` + end: |- + Done, Remark42 will be accessible at in a minute. + + You must **enable HTTPS** for this application as otherwise, it won't work. Then verify that it works by the URL above and then follow [documentation on installation](https://remark42.com/docs/getting-started/installation/) to add comments to your site. + + While following the installation guide, set `YOUR_SITE_ID` to `$$cap_site` and `REMARK_URL` to `https://$$cap_appname.$$cap_root_domain`, and then add your site domain name to `ALLOWED_HOSTS`. + displayName: Remark42 + isOfficial: true + description: Self-hosted, lightweight, and simple (yet functional) comment engine, which doesn't spy on users. It can be embedded into blogs, articles or any other place where readers add comments. + documentation: Taken from https://github.com/umputun/remark42 diff --git a/public/v4/apps/steam-openid-provider.yml b/public/v4/apps/steam-openid-provider.yml new file mode 100644 index 0000000..5cb3568 --- /dev/null +++ b/public/v4/apps/steam-openid-provider.yml @@ -0,0 +1,56 @@ +captainVersion: 4 +services: + $$cap_appname: + image: ghcr.io/byo-software/steam-openid-connect-provider:sha-c8305ce + restart: always + environment: + OpenID__RedirectUri: $$cap_redirect_uri + OpenID__ClientID: $$cap_client_id + OpenID__ClientSecret: $$cap_client_secret + Hosting__PublicOrigin: $$cap_origin + Authentication__Steam__ApplicationKey: $$cap_api_key + caproverExtra: + containerHttpPort: '80' +caproverOneClickApp: + variables: + - id: $$cap_client_id + label: OAuth Client ID + defaultValue: 'steamidp' + validRegex: /^[a-zA-Z]{1,20}$/ + description: OpenID ClientID used to initiate authorization. + + - id: $$cap_client_secret + label: OpenID Client Secret + defaultValue: $$cap_gen_random_hex(16) + description: OpenID Client Secret used to initiate authorization. + + - id: $$cap_origin + label: OpenID Origin URL + defaultValue: 'http://openid.example.com' + description: 'The base URL of where this app is hosted. Eg: https://openid.example.com or https://example.org. If left blank, it will be inferred.' + + - id: $$cap_api_key + label: Steam API Key + description: A working Steam API Key for this app. (https://steamcommunity.com/dev/apikey) + + - id: $$cap_redirect_uri + label: Post login redirect URL + description: URL the user will be redirected after login is authorized through Steam. + defaultValue: 'http://example.com/callback' + + instructions: + start: >- + Steam OpenID 2.0 -> OpenID Connect Provider Proxy + This server allows you to use Steam as an OpenID Connect Identity + provider (OIDC IDP). This way you can use Steam logins in KeyCloak or + any other OpenID Connect based authentication client. + end: >- + Your service is available at http://$$cap_appname.$$cap_root_domain + + Check its health with: + + curl -X GET 'http://$$cap_appname.$$cap_root_domain/health' + displayName: 'Steam OpenID Connect Provider' + isOfficial: true + description: This server allows you to use Steam as an OpenID Connect Identity provider (OIDC IDP). This way you can use Steam logins in KeyCloak or any other OpenID Connect based authentication client. + documentation: https://github.com/byo-software/steam-openid-connect-provider diff --git a/public/v4/logos/corteza.png b/public/v4/logos/corteza.png new file mode 100644 index 0000000..3a08296 Binary files /dev/null and b/public/v4/logos/corteza.png differ diff --git a/public/v4/logos/healthchecks.png b/public/v4/logos/healthchecks.png new file mode 100644 index 0000000..0441eff Binary files /dev/null and b/public/v4/logos/healthchecks.png differ diff --git a/public/v4/logos/remark42.png b/public/v4/logos/remark42.png new file mode 100644 index 0000000..2824d5d Binary files /dev/null and b/public/v4/logos/remark42.png differ diff --git a/public/v4/logos/steam-openid-provider.png b/public/v4/logos/steam-openid-provider.png new file mode 100644 index 0000000..df788b0 Binary files /dev/null and b/public/v4/logos/steam-openid-provider.png differ