From 167cb0c7ecb9700780c61b114b4bed54c1e1d668 Mon Sep 17 00:00:00 2001 From: jackspiering <46534141+jackspiering@users.noreply.github.com> Date: Sat, 9 May 2026 17:04:48 +0200 Subject: [PATCH] Refactor Tandoor environment and compose configuration for clarity and consistency --- services/tandoor/.env | 41 +++++++++++++++++------------------ services/tandoor/compose.yaml | 12 +++++----- 2 files changed, 25 insertions(+), 28 deletions(-) diff --git a/services/tandoor/.env b/services/tandoor/.env index 8f3c11d5..f6f4e0b0 100644 --- a/services/tandoor/.env +++ b/services/tandoor/.env @@ -11,30 +11,29 @@ SERVICEPORT=9001 DNS_SERVER=9.9.9.9 # Tailscale Configuration +# Generate a reusable or ephemeral auth key in the Tailscale admin console. +# Do not commit a real auth key to Git. TS_AUTHKEY= -# Time Zone setting for containers -TZ=Europe/Amsterdam # See: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones - -# Optional Service variables -# PUID=1000 - -# random secret key, use for example `base64 /dev/urandom | head -c50` to generate one -SECRET_KEY= - -# allowed hosts (see documentation), should be set to your hostname(s) but might be * (default) for some proxies/providers -ALLOWED_HOSTS=tandoor.yourtailnet.ts.net - -# To set a timezone, uncomment the next line and change Etc/UTC to a TZ identifier from this list: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List +# Time Zone setting for containers TZ=Europe/Amsterdam -# Connection secret for postgres. You should change it to a random password -# Please use only the characters `A-Za-z0-9`, without special characters or spaces -DB_PASSWORD=postgres +# Tandoor Configuration +# Generate with: base64 /dev/urandom | head -c50 +# Do not commit a real production secret to Git. +SECRET_KEY=REPLACE_WITH_RANDOM_SECRET + +# Allowed hosts should match your Tailscale Serve hostname. +ALLOWED_HOSTS=tandoor.example.ts.net -# The values below this line do not need to be changed -################################################################################### -DB_USERNAME=postgres -DB_DATABASE_NAME=tandoor +# PostgreSQL Configuration +DB_ENGINE=django.db.backends.postgresql +POSTGRES_HOST=127.0.0.1 +POSTGRES_PORT=5432 +POSTGRES_USER=postgres +POSTGRES_PASSWORD=REPLACE_WITH_RANDOM_ALPHANUMERIC_PASSWORD +POSTGRES_DB=tandoor -#EXAMPLE_VAR="Environment varibale" +# Optional Service variables +# PUID=1000 +# PGID=1000 diff --git a/services/tandoor/compose.yaml b/services/tandoor/compose.yaml index 8b9880db..56f76204 100644 --- a/services/tandoor/compose.yaml +++ b/services/tandoor/compose.yaml @@ -53,12 +53,10 @@ services: network_mode: service:tailscale # Sidecar configuration to route ${SERVICE} through Tailscale container_name: app-${SERVICE} # Name for local container management environment: - - PUID=1000 - - PGID=1000 - TZ=${TZ} - TANDOOR_PORT=${SERVICEPORT} volumes: - - ./${SERVICE}-data/staticfiles:/opt/recipes/statisfiles + - ./${SERVICE}-data/staticfiles:/opt/recipes/staticfiles - ./${SERVICE}-data/mediafiles:/opt/recipes/mediafiles env_file: - ./.env @@ -80,13 +78,13 @@ services: network_mode: service:tailscale container_name: app-${SERVICE}-database environment: - POSTGRES_PASSWORD: ${DB_PASSWORD} - POSTGRES_USER: ${DB_USERNAME} - POSTGRES_DB: ${DB_DATABASE_NAME} + POSTGRES_PASSWORD: ${POSTGRES_PASSWORD} + POSTGRES_USER: ${POSTGRES_USER} + POSTGRES_DB: ${POSTGRES_DB} volumes: - ./${SERVICE}-data/database:/var/lib/postgresql/data healthcheck: - test: ["CMD-SHELL", "pg_isready -U ${DB_USERNAME} -d ${DB_DATABASE_NAME}"] # Check if postgres is ready + test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER} -d ${POSTGRES_DB}"] # Check if postgres is ready interval: 1m # How often to perform the check timeout: 10s # Time to wait for the check to succeed retries: 3 # Number of retries before marking as unhealthy