catalin/fukuops
1
0
Fork 1
Code Issues Pull requests 2 Releases Packages 1 Activity

feat: add ganymede
Some checks failed
checks / pre-commit (push) Has been cancelled
Details
checks / k8s (push) Has been cancelled
Details
checks / tflint (push) Has been cancelled
Details

Browse source
This commit is contained in:
cătălin 2026-01-28 10:17:13 +01:00
commit 1ce70d911f
No known key found for this signature in database
5 changed files with 110 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

48
docker/ganymede/docker-compose.yml Normal file
View file

@ -0,0 +1,48 @@
---
services:
ganymede:
container_name: ganymede
image: ghcr.io/zibbp/ganymede:4.11.3
restart: unless-stopped
environment:
DEBUG: ${GANYMEDE_DEBUG:-false}
TZ: ${GANYMEDE_TZ:-Europe/Madrid}
VIDEOS_DIR: ${GANYMEDE_VIDEOS_DIR:-/data/videos}
TEMP_DIR: ${GANYMEDE_TEMP_DIR:-/data/temp}
LOGS_DIR: ${GANYMEDE_LOGS_DIR:-/data/logs}
CONFIG_DIR: ${GANYMEDE_CONFIG_DIR:-/data/config}
DB_HOST: ${GANYMEDE_DB_HOST:-192.168.1.3}
DB_PORT: ${GANYMEDE_DB_PORT:-5432}
DB_USER: ${GANYMEDE_DB_USER:-ganymede}
DB_PASS: ${GANYMEDE_DB_PASS}
DB_NAME: ${GANYMEDE_DB_NAME:-ganymede}
DB_SSL: ${GANYMEDE_DB_SSL:-disable}
TWITCH_CLIENT_ID: ${GANYMEDE_TWITCH_CLIENT_ID}
TWITCH_CLIENT_SECRET: ${GANYMEDE_TWITCH_CLIENT_SECRET}
MAX_CHAT_DOWNLOAD_EXECUTIONS: ${GANYMEDE_MAX_CHAT_DOWNLOAD_EXECUTIONS:-3}
MAX_CHAT_RENDER_EXECUTIONS: ${GANYMEDE_MAX_CHAT_RENDER_EXECUTIONS:-2}
MAX_VIDEO_DOWNLOAD_EXECUTIONS: ${GANYMEDE_MAX_VIDEO_DOWNLOAD_EXECUTIONS:-2}
MAX_VIDEO_CONVERT_EXECUTIONS: ${GANYMEDE_MAX_VIDEO_CONVERT_EXECUTIONS:-3}
MAX_VIDEO_SPRITE_THUMBNAIL_EXECUTIONS: ${GANYMEDE_MAX_VIDEO_SPRITE_THUMBNAIL_EXECUTIONS:-2}
OAUTH_ENABLED: ${GANYMEDE_OAUTH_ENABLED:-true}
OAUTH_PROVIDER_URL: ${GANYMEDE_OAUTH_PROVIDER_URL:-https://auth.fukurokuju.dev/application/o/ganymede/}
OAUTH_CLIENT_ID: ${GANYMEDE_OAUTH_CLIENT_ID}
OAUTH_CLIENT_SECRET: ${GANYMEDE_OAUTH_CLIENT_SECRET}
OAUTH_REDIRECT_URL: ${GANYMEDE_OAUTH_REDIRECT_URL:-https://vods.roboces.dev/api/v1/auth/oauth/callback}
SHOW_SSO_LOGIN_BUTTON: ${GANYMEDE_SHOW_SSO_LOGIN_BUTTON:-true}
FORCE_SSO_AUTH: ${GANYMEDE_FORCE_SSO_AUTH:-true}
REQUIRE_LOGIN: ${GANYMEDE_REQUIRE_LOGIN:-true}
volumes:
- ${GANYMEDE_VIDEOS:-/mnt/vods/ganymede/videos}:/data/videos
- ${GANYMEDE_TEMP:-/mnt/vods/ganymede/temp}:/data/temp
- ${GANYMEDE_CACHE:-/mnt/vods/ganymede/cache}:/data/.cache
- ${GANYMEDE_LOGS:-/mnt/vods/ganymede/logs}:/data/logs
- ${GANYMEDE_CONFIG:-/mnt/vods/ganymede/config}:/data/config
ports:
- "4800:4000"
healthcheck:
test: curl --fail http://localhost:4000/health || exit 1
interval: 60s
retries: 5
start_period: 60s
timeout: 10s

27
docker/ganymede/sample.env Normal file
View file

@ -0,0 +1,27 @@
GANYMEDE_DEBUG=false
GANYMEDE_TZ=Europe/Madrid
GANYMEDE_VIDEOS_DIR=/data/videos
GANYMEDE_TEMP_DIR=/data/temp
GANYMEDE_LOGS_DIR=/data/logs
GANYMEDE_CONFIG_DIR=/data/config
GANYMEDE_DB_HOST=192.168.1.3
GANYMEDE_DB_PORT=5432
GANYMEDE_DB_USER=ganymede
GANYMEDE_DB_PASS=
GANYMEDE_DB_NAME=ganymede
GANYMEDE_DB_SSL=disable
GANYMEDE_TWITCH_CLIENT_ID=
GANYMEDE_TWITCH_CLIENT_SECRET=
GANYMEDE_MAX_CHAT_DOWNLOAD_EXECUTIONS=3
GANYMEDE_MAX_CHAT_RENDER_EXECUTIONS=2
GANYMEDE_MAX_VIDEO_DOWNLOAD_EXECUTIONS=2
GANYMEDE_MAX_VIDEO_CONVERT_EXECUTIONS=3
GANYMEDE_MAX_VIDEO_SPRITE_THUMBNAIL_EXECUTIONS=2
GANYMEDE_OAUTH_ENABLED=true
GANYMEDE_OAUTH_PROVIDER_URL=https://auth.fukurokuju.dev/application/o/ganymede/
GANYMEDE_OAUTH_CLIENT_ID=
GANYMEDE_OAUTH_CLIENT_SECRET=
GANYMEDE_OAUTH_REDIRECT_URL=https://vods.roboces.dev/api/v1/auth/oauth/callback
GANYMEDE_SHOW_SSO_LOGIN_BUTTON=true
GANYMEDE_FORCE_SSO_AUTH=false
GANYMEDE_REQUIRE_LOGIN=false

23
tofu/authentik/main.tf
View file

@ -22,6 +22,11 @@ resource "authentik_group" "ci" {
users = [data.authentik_user.catalin.id] users = [data.authentik_user.catalin.id]
} }
resource "authentik_group" "vods" {
name = "vods"
users = [data.authentik_user.catalin.id]
}
resource "authentik_group" "admins" { resource "authentik_group" "admins" {
name = "authentik Admins" name = "authentik Admins"
is_superuser = true is_superuser = true
@ -204,6 +209,8 @@ module "rustical" {
source = "../modules/authentik-oidc" source = "../modules/authentik-oidc"
app_name = "rustical" app_name = "rustical"
app_slug = "rustical" app_slug = "rustical"
app_url = "https://cal.roboces.dev"
app_icon = "https://cal.roboces.dev/favicon.ico"
client_id = var.rustical_client_id client_id = var.rustical_client_id
client_secret = var.rustical_client_secret client_secret = var.rustical_client_secret
redirect_uris = [{ matching_mode = "strict", url = "https://cal.roboces.dev/frontend/login/oidc/callback" }] redirect_uris = [{ matching_mode = "strict", url = "https://cal.roboces.dev/frontend/login/oidc/callback" }]
@ -216,6 +223,8 @@ module "jellyfin" {
app_slug = "jellyfin" app_slug = "jellyfin"
base_dn = "DC=ldap,DC=fukurokuju,DC=dev" base_dn = "DC=ldap,DC=fukurokuju,DC=dev"
name = "jellyfin" name = "jellyfin"
app_url = "https://jelly.roboces.dev"
app_icon = "https://jelly.roboces.dev/favicon.ico"
app_access_group_id = authentik_group.arrs.id app_access_group_id = authentik_group.arrs.id
} }
@ -224,7 +233,21 @@ module "tandoor" {
app_name = "Tandoor" app_name = "Tandoor"
app_slug = "tandoor" app_slug = "tandoor"
app_access_group_id = "" app_access_group_id = ""
app_url = "https://recipes.roboces.dev"
redirect_uris = [{ matching_mode = "strict", url = "https://recipes.roboces.dev/accounts/oidc/authentik/login/callback/" }] redirect_uris = [{ matching_mode = "strict", url = "https://recipes.roboces.dev/accounts/oidc/authentik/login/callback/" }]
app_icon = "https://recipes.roboces.dev/favicon.icon"
client_id = var.tandoor_client_id client_id = var.tandoor_client_id
client_secret = var.tandoor_client_secret client_secret = var.tandoor_client_secret
} }
module "ganymede" {
source = "../modules/authentik-oidc"
app_name = "Ganymede"
app_slug = "ganymede"
redirect_uris = [{ matching_mode = "strict", url = "https://vods.roboces.dev/api/v1/auth/oauth/callback" }]
client_id = var.ganymede_client_id
client_secret = var.ganymede_client_secret
app_url = "https://vods.roboces.dev"
app_icon = "https://vods.roboces.dev/favicon.ico"
app_access_group_id = authentik_group.vods.id
}

2
tofu/authentik/sample.env
View file

@ -14,3 +14,5 @@ TF_VAR_rustical_client_id=
TF_VAR_rustical_client_secret= TF_VAR_rustical_client_secret=
TF_VAR_tandoor_client_id= TF_VAR_tandoor_client_id=
TF_VAR_tandoor_client_secret= TF_VAR_tandoor_client_secret=
TF_VAR_ganymede_client_id=
TF_VAR_ganymede_client_secret=

10
tofu/authentik/vars.tf
View file

@ -68,3 +68,13 @@ variable "tandoor_client_secret" {
description = "Tandoor client secret" description = "Tandoor client secret"
type = string type = string
} }
variable "ganymede_client_id" {
description = "Ganymede client ID"
type = string
}
variable "ganymede_client_secret" {
description = "Ganymede client secret"
type = string
}