---
# Rosalind Configuration - GO, Node.js, PHP Apps
# Services: alloy, gitea, lobechat, nextcloud

services:
  - alloy
  - anythingllm
  - docker
  - gitea
  - lobechat
  - memcached
  - nextcloud

# Alloy
alloy_log_level: "warn"
lobechat_syslog_port: 51461

# AnythingLLM Configuration
anythingllm_user: anythingllm
anythingllm_group: anythingllm
anythingllm_directory: /srv/anythingllm
anythingllm_port: 22084

# AnythingLLM Database (Portia PostgreSQL)
anythingllm_db_host: portia.incus
anythingllm_db_port: 5432
anythingllm_db_name: anythingllm
anythingllm_db_user: anythingllm
anythingllm_db_password: "{{ vault_anythingllm_db_password }}"

# AnythingLLM Security
anythingllm_jwt_secret: "{{ vault_anythingllm_jwt_secret }}"
anythingllm_sig_key: "{{ vault_anythingllm_sig_key }}"
anythingllm_sig_salt: "{{ vault_anythingllm_sig_salt }}"

# AnythingLLM LLM Provider (Generic OpenAI / llama-cpp)
anythingllm_llm_base_url: "http://nyx.helu.ca:25540/v1"
anythingllm_llm_model: "global.anthropic.claude-opus-4-6-v1"
anythingllm_llm_token_limit: 200000
anythingllm_llm_api_key: "ak_WX_7paeOky041GeX7MtQ51gam4lJsff3ghlClwdcbiI"

# AnythingLLM Embedding
anythingllm_embedding_engine: "generic-openai"
anythingllm_embedding_model: "Qwen3-Embedding-0.6B-Q8_0"

# AnythingLLM TTS (FastKokoro)
anythingllm_tts_provider: "openai"
anythingllm_tts_api_key: "not-needed"
anythingllm_tts_endpoint: "http://pan.helu.ca:22070/v1"
anythingllm_tts_model: "kokoro"
anythingllm_tts_voice: "am_echo"

# Gitea User and Directories
gitea_user: git
gitea_group: git
gitea_home_dir: /srv/git
gitea_work_dir: /var/lib/gitea
gitea_data_dir: /var/lib/gitea/data
gitea_lfs_dir: /var/lib/gitea/data/lfs
gitea_repo_root: /mnt/dv
gitea_config_file: /etc/gitea/app.ini
# Ports
gitea_web_port: 22082
gitea_ssh_port: 22022
gitea_metrics_port: 22092
# Network
gitea_domain: ouranos.helu.ca
gitea_root_url: https://gitea.ouranos.helu.ca/
# Database Configuration
gitea_db_type: postgres
gitea_db_host: portia.incus
gitea_db_port: 5432
gitea_db_name: gitea
gitea_db_user: gitea
gitea_db_password: "{{vault_gitea_db_password}}"
gitea_db_ssl_mode: disable
# Features
gitea_lfs_enabled: true
gitea_metrics_enabled: true
# Service Settings
gitea_disable_registration: true  # Use Casdoor SSO instead
gitea_require_signin_view: false
# Security (vault secrets)
gitea_secret_key: "{{vault_gitea_secret_key}}"
gitea_lfs_jwt_secret: "{{vault_gitea_lfs_jwt_secret}}"
gitea_metrics_token: "{{vault_gitea_metrics_token}}"
# OAuth2 (Casdoor SSO)
gitea_oauth_enabled: true
gitea_oauth_name: "casdoor"
gitea_oauth_display_name: "Sign in with Casdoor"
gitea_oauth_client_id: "{{vault_gitea_oauth_client_id}}"
gitea_oauth_client_secret: "{{vault_gitea_oauth_client_secret}}"
# Auth URL uses external HAProxy address (user's browser)
gitea_oauth_auth_url: "https://id.ouranos.helu.ca/login/oauth/authorize"
# Token and userinfo URLs use internal Casdoor address (server-to-server)
gitea_oauth_token_url: "https://id.ouranos.helu.ca/api/login/oauth/access_token"
gitea_oauth_userinfo_url: "https://id.ouranos.helu.ca/api/userinfo"
gitea_oauth_scopes: "openid profile email"

# LobeChat Configuration
lobechat_user: lobechat
lobechat_group: lobechat
lobechat_directory: /srv/lobechat
lobechat_port: 22081
# Database Configuration
lobechat_db_host: portia.incus
lobechat_db_port: 5432
lobechat_db_name: lobechat
lobechat_db_user: lobechat
lobechat_db_password: "{{vault_lobechat_db_password}}"
lobechat_key_vaults_secret: "{{vault_lobechat_key_vaults_secret}}"
# Authentication
# NEXTAUTH_URL must be the public URL users access (not internal)
lobechat_nextauth_url: https://lobechat.ouranos.helu.ca
lobechat_next_auth_secret: "{{vault_lobechat_next_auth_secret}}"
lobechat_next_auth_sso_providers: casdoor
# Issuer must match exactly what Casdoor returns in .well-known/openid-configuration
lobechat_auth_casdoor_issuer: http://titania.incus:22081
lobechat_auth_casdoor_id: "{{vault_lobechat_auth_casdoor_id}}"
lobechat_auth_casdoor_secret: "{{vault_lobechat_auth_casdoor_secret}}"
# S3 Storage
lobechat_s3_endpoint: https://pan.helu.ca:8555
lobechat_s3_public_domain: https://pan.helu.ca:8555
lobechat_s3_access_key: "{{vault_lobechat_s3_access_key}}"
lobechat_s3_secret_key: "{{vault_lobechat_s3_secret_key}}"
lobechat_s3_bucket: lobechat
# Search
lobechat_searxng_url: http://oberon.incus:25599
# AI Models
lobechat_openai_proxy_url: http://sycorax.incus:25540/v1
lobechat_openai_key: "{{vault_lobechat_openai_api_key}}"
lobechat_ollama_proxy_url: http://perseus.helu.ca:11434
lobechat_anthropic_api_key: "{{vault_lobechat_anthropic_api_key}}"
lobechat_google_api_key: "{{vault_lobechat_google_api_key}}"
lobechat_app_url: https://lobechat.ouranos.helu.ca/

# Nextcloud Configuration
nextcloud_web_port: 22083
nextcloud_data_dir: /mnt/nextcloud
# Database Configuration
nextcloud_db_type: pgsql
nextcloud_db_host: portia.incus
nextcloud_db_port: 5432
nextcloud_db_name: nextcloud
nextcloud_db_user: nextcloud
nextcloud_db_password: "{{vault_nextcloud_db_password}}"
# Admin Configuration
nextcloud_admin_user: admin
nextcloud_admin_password: "{{vault_nextcloud_admin_password}}"
# Domain Configuration
nextcloud_domain: nextcloud.ouranos.helu.ca
# Instance secrets (generated during install)
nextcloud_instance_id: ""
nextcloud_password_salt: ""
nextcloud_secret: ""