Tandoor Recipes

Description / name	Input element
Your domain name

Overview

Tandoor Recipes is an application for managing recipes, planning meals, building shopping lists and much, much more!.

Manual

Releases

Community

---

Migration Required for Existing Users

As of role-refactor, this role has been updated to use its own dedicated PostgreSQL database container instead of the shared postgres container. Once upgraded to role-refactor, existing users must follow the migration steps below to preserve their data.

1. Stop the containers:

   If additional apps use the postgres containerIf Tandoor alone uses the postgres container

   Be aware that this will cause the additional apps to go offline temporarily.

   docker stop tandoor postgres
   

   docker stop tandoor postgres
   docker rm postgres
   

2. Copy or rename the existing Postgres directory:

   If additional apps use the postgres containerIf Tandoor alone uses the postgres container

   cp -r /opt/postgres /opt/tandoor-postgres
   docker start postgres
   

   mv /opt/postgres /opt/tandoor-postgres
   

3. Deploy Tandoor

Deployment

sb install sandbox-tandoor

Usage

Visit https://tandoor.iYOUR_DOMAIN_NAMEi.

Basics

Adding An Admin User

1. Execute a shell in the container using docker exec -it tandoor sh,

2. activate the virtual environment source venv/bin/activate,

3. run python manage.py createsuperuser and follow the steps shown.

Password Reset

1. Execute a shell in the container using docker exec -it tandoor sh,

2. activate the virtual environment source venv/bin/activate,

3. run python manage.py changepassword <username> and follow the steps shown.

Role Defaults

Use the Inventory to customize variables. (1)

1. Example override

   tandoor_name: "custom_value"
   

   Avoid overriding variables ending in _default

   When overriding variables that end in _default (like tandoor_docker_envs_default), you replace the entire default configuration. Future updates that add new default values will not be applied to your setup, potentially breaking functionality.

   Instead, use the corresponding _custom variable (like tandoor_docker_envs_custom) to add your changes. Custom values are merged with defaults, ensuring you receive updates.

BasicsSettingsWebDNSTraefikDockerDocker+Global Override Options

tandoor_name

# Type: string
tandoor_name: tandoor

tandoor_role_postgres_deploy

# Type: bool (true/false)
tandoor_role_postgres_deploy: true

tandoor_role_postgres_name

# Type: string
tandoor_role_postgres_name: "{{ tandoor_name }}-postgres"

tandoor_role_postgres_user

# Type: string
tandoor_role_postgres_user: "{{ postgres_role_docker_env_user }}"

tandoor_role_postgres_password

# Type: string
tandoor_role_postgres_password: "{{ postgres_role_docker_env_password }}"

tandoor_role_postgres_docker_env_db

# Type: string
tandoor_role_postgres_docker_env_db: "{{ tandoor_name }}"

tandoor_role_postgres_docker_image_tag

# Type: string
tandoor_role_postgres_docker_image_tag: "17-alpine"

tandoor_role_postgres_docker_image_repo

# Type: string
tandoor_role_postgres_docker_image_repo: "postgres"

tandoor_role_postgres_docker_healthcheck

# Type: dict
tandoor_role_postgres_docker_healthcheck:
  test: ["CMD-SHELL", "pg_isready -d {{ lookup('role_var', '_postgres_docker_env_db', role='tandoor') }} -U {{ postgres_role_docker_env_user }}"]
  start_period: 20s
  interval: 30s
  retries: 5
  timeout: 5s

tandoor_role_postgres_paths_folder

# Type: string
tandoor_role_postgres_paths_folder: "{{ tandoor_name }}"

tandoor_role_postgres_paths_location

# Type: string
tandoor_role_postgres_paths_location: "{{ server_appdata_path }}/{{ tandoor_role_postgres_paths_folder }}/postgres"

tandoor_role_web_subdomain

# Type: string
tandoor_role_web_subdomain: "{{ tandoor_name }}"

tandoor_role_web_domain

# Type: string
tandoor_role_web_domain: "{{ user.domain }}"

tandoor_role_web_port

# Type: string
tandoor_role_web_port: "80"

tandoor_role_web_url

# Type: string
tandoor_role_web_url: "{{ 'https://' + (lookup('role_var', '_web_subdomain', role='tandoor') + '.' + lookup('role_var', '_web_domain', role='tandoor')
                       if (lookup('role_var', '_web_subdomain', role='tandoor') | length > 0)
                       else lookup('role_var', '_web_domain', role='tandoor')) }}"

tandoor_role_dns_record

# Type: string
tandoor_role_dns_record: "{{ lookup('role_var', '_web_subdomain', role='tandoor') }}"

tandoor_role_dns_zone

# Type: string
tandoor_role_dns_zone: "{{ lookup('role_var', '_web_domain', role='tandoor') }}"

tandoor_role_dns_proxy

# Type: bool (true/false)
tandoor_role_dns_proxy: "{{ dns_proxied }}"

tandoor_role_traefik_sso_middleware

# Type: string
tandoor_role_traefik_sso_middleware: "{{ traefik_default_sso_middleware }}"

tandoor_role_traefik_middleware_default

# Type: string
tandoor_role_traefik_middleware_default: "{{ traefik_default_middleware }}"

tandoor_role_traefik_middleware_custom

# Type: string
tandoor_role_traefik_middleware_custom: ""

tandoor_role_traefik_certresolver

# Type: string
tandoor_role_traefik_certresolver: "{{ traefik_default_certresolver }}"

tandoor_role_traefik_enabled

# Type: bool (true/false)
tandoor_role_traefik_enabled: true

tandoor_role_traefik_api_enabled

# Type: bool (true/false)
tandoor_role_traefik_api_enabled: false

tandoor_role_traefik_api_endpoint

# Type: string
tandoor_role_traefik_api_endpoint: ""

Container

tandoor_role_docker_container

# Type: string
tandoor_role_docker_container: "{{ tandoor_name }}"

Image

tandoor_role_docker_image_pull

# Type: bool (true/false)
tandoor_role_docker_image_pull: true

tandoor_role_docker_image_tag

# Type: string
tandoor_role_docker_image_tag: "latest"

tandoor_role_docker_image_repo

# Type: string
tandoor_role_docker_image_repo: "vabene1111/recipes"

tandoor_role_docker_image

# Type: string
tandoor_role_docker_image: "{{ lookup('role_var', '_docker_image_repo', role='tandoor') }}:{{ lookup('role_var', '_docker_image_tag', role='tandoor') }}"

Envs

tandoor_role_docker_envs_default

# Type: dict
tandoor_role_docker_envs_default:
  TZ: "{{ tz }}"
  SECRET_KEY: "{{ tandoor_saltbox_facts.facts.secret_key }}"
  DB_ENGINE: "django.db.backends.postgresql"
  POSTGRES_HOST: "{{ lookup('role_var', '_postgres_name', role='tandoor') }}"
  POSTGRES_PORT: "5432"
  POSTGRES_USER: "{{ lookup('role_var', '_postgres_user', role='tandoor') }}"
  POSTGRES_PASSWORD: "{{ lookup('role_var', '_postgres_password', role='tandoor') }}"
  POSTGRES_DB: "{{ lookup('role_var', '_postgres_docker_env_db', role='tandoor') }}"
  DEBUG: "0"
  GUNICORN_MEDIA: "1"
  REMOTE_USER_AUTH: "1"

tandoor_role_docker_envs_custom

# Type: dict
tandoor_role_docker_envs_custom: {}

Volumes

tandoor_role_docker_volumes_default

# Type: list
tandoor_role_docker_volumes_default:
  - "{{ lookup('role_var', '_paths_location', role='tandoor') }}/staticfiles:/opt/recipes/staticfiles"
  - "{{ lookup('role_var', '_paths_location', role='tandoor') }}/mediafiles:/opt/recipes/mediafiles"

tandoor_role_docker_volumes_custom

# Type: list
tandoor_role_docker_volumes_custom: []

Hostname

tandoor_role_docker_hostname

# Type: string
tandoor_role_docker_hostname: "{{ tandoor_name }}"

Networks

tandoor_role_docker_networks_alias

# Type: string
tandoor_role_docker_networks_alias: "{{ tandoor_name }}"

tandoor_role_docker_networks_default

# Type: list
tandoor_role_docker_networks_default: []

tandoor_role_docker_networks_custom

# Type: list
tandoor_role_docker_networks_custom: []

Restart Policy

tandoor_role_docker_restart_policy

# Type: string
tandoor_role_docker_restart_policy: unless-stopped

State

tandoor_role_docker_state

# Type: string
tandoor_role_docker_state: started

Dependencies

tandoor_role_depends_on

# Type: string
tandoor_role_depends_on: "{{ lookup('role_var', '_postgres_name', role='tandoor') }}"

tandoor_role_depends_on_delay

# Type: string (quoted number)
tandoor_role_depends_on_delay: "0"

tandoor_role_depends_on_healthchecks

# Type: string ("true"/"false")
tandoor_role_depends_on_healthchecks: "false"

The following advanced options are available via create_docker_container but are not defined in the role. See: docker_container module

Resource Limits

tandoor_role_docker_blkio_weight

# Type: int
tandoor_role_docker_blkio_weight:

tandoor_role_docker_cpu_period

# Type: int
tandoor_role_docker_cpu_period:

tandoor_role_docker_cpu_quota

# Type: int
tandoor_role_docker_cpu_quota:

tandoor_role_docker_cpu_shares

# Type: int
tandoor_role_docker_cpu_shares:

tandoor_role_docker_cpus

# Type: string
tandoor_role_docker_cpus:

tandoor_role_docker_cpuset_cpus

# Type: string
tandoor_role_docker_cpuset_cpus:

tandoor_role_docker_cpuset_mems

# Type: string
tandoor_role_docker_cpuset_mems:

tandoor_role_docker_kernel_memory

# Type: string
tandoor_role_docker_kernel_memory:

tandoor_role_docker_memory

# Type: string
tandoor_role_docker_memory:

tandoor_role_docker_memory_reservation

# Type: string
tandoor_role_docker_memory_reservation:

tandoor_role_docker_memory_swap

# Type: string
tandoor_role_docker_memory_swap:

tandoor_role_docker_memory_swappiness

# Type: int
tandoor_role_docker_memory_swappiness:

tandoor_role_docker_shm_size

# Type: string
tandoor_role_docker_shm_size:

Security & Devices

tandoor_role_docker_cap_drop

# Type: list
tandoor_role_docker_cap_drop:

tandoor_role_docker_cgroupns_mode

# Type: string
tandoor_role_docker_cgroupns_mode:

tandoor_role_docker_device_cgroup_rules

# Type: list
tandoor_role_docker_device_cgroup_rules:

tandoor_role_docker_device_read_bps

# Type: list
tandoor_role_docker_device_read_bps:

tandoor_role_docker_device_read_iops

# Type: list
tandoor_role_docker_device_read_iops:

tandoor_role_docker_device_requests

# Type: list
tandoor_role_docker_device_requests:

tandoor_role_docker_device_write_bps

# Type: list
tandoor_role_docker_device_write_bps:

tandoor_role_docker_device_write_iops

# Type: list
tandoor_role_docker_device_write_iops:

tandoor_role_docker_devices

# Type: list
tandoor_role_docker_devices:

tandoor_role_docker_devices_default

# Type: string
tandoor_role_docker_devices_default:

tandoor_role_docker_groups

# Type: list
tandoor_role_docker_groups:

tandoor_role_docker_privileged

# Type: bool (true/false)
tandoor_role_docker_privileged:

tandoor_role_docker_security_opts

# Type: list
tandoor_role_docker_security_opts:

tandoor_role_docker_user

# Type: string
tandoor_role_docker_user:

tandoor_role_docker_userns_mode

# Type: string
tandoor_role_docker_userns_mode:

Networking

tandoor_role_docker_dns_opts

# Type: list
tandoor_role_docker_dns_opts:

tandoor_role_docker_dns_search_domains

# Type: list
tandoor_role_docker_dns_search_domains:

tandoor_role_docker_dns_servers

# Type: list
tandoor_role_docker_dns_servers:

tandoor_role_docker_domainname

# Type: string
tandoor_role_docker_domainname:

tandoor_role_docker_exposed_ports

# Type: list
tandoor_role_docker_exposed_ports:

tandoor_role_docker_hosts

# Type: dict
tandoor_role_docker_hosts:

tandoor_role_docker_hosts_use_common

# Type: bool (true/false)
tandoor_role_docker_hosts_use_common:

tandoor_role_docker_ipc_mode

# Type: string
tandoor_role_docker_ipc_mode:

tandoor_role_docker_links

# Type: list
tandoor_role_docker_links:

tandoor_role_docker_network_mode

# Type: string
tandoor_role_docker_network_mode:

tandoor_role_docker_pid_mode

# Type: string
tandoor_role_docker_pid_mode:

tandoor_role_docker_ports

# Type: list
tandoor_role_docker_ports:

tandoor_role_docker_uts

# Type: string
tandoor_role_docker_uts:

Storage

tandoor_role_docker_keep_volumes

# Type: bool (true/false)
tandoor_role_docker_keep_volumes:

tandoor_role_docker_mounts

# Type: list
tandoor_role_docker_mounts:

tandoor_role_docker_storage_opts

# Type: dict
tandoor_role_docker_storage_opts:

tandoor_role_docker_tmpfs

# Type: list
tandoor_role_docker_tmpfs:

tandoor_role_docker_volume_driver

# Type: string
tandoor_role_docker_volume_driver:

tandoor_role_docker_volumes_from

# Type: list
tandoor_role_docker_volumes_from:

tandoor_role_docker_volumes_global

# Type: bool (true/false)
tandoor_role_docker_volumes_global:

tandoor_role_docker_working_dir

# Type: string
tandoor_role_docker_working_dir:

Monitoring & Lifecycle

tandoor_role_docker_auto_remove

# Type: bool (true/false)
tandoor_role_docker_auto_remove:

tandoor_role_docker_cleanup

# Type: bool (true/false)
tandoor_role_docker_cleanup:

tandoor_role_docker_force_kill

# Type: string
tandoor_role_docker_force_kill:

tandoor_role_docker_healthcheck

# Type: dict
tandoor_role_docker_healthcheck:

tandoor_role_docker_healthy_wait_timeout

# Type: int
tandoor_role_docker_healthy_wait_timeout:

tandoor_role_docker_init

# Type: bool (true/false)
tandoor_role_docker_init:

tandoor_role_docker_kill_signal

# Type: string
tandoor_role_docker_kill_signal:

tandoor_role_docker_log_driver

# Type: string
tandoor_role_docker_log_driver:

tandoor_role_docker_log_options

# Type: dict
tandoor_role_docker_log_options:

tandoor_role_docker_oom_killer

# Type: bool (true/false)
tandoor_role_docker_oom_killer:

tandoor_role_docker_oom_score_adj

# Type: int
tandoor_role_docker_oom_score_adj:

tandoor_role_docker_output_logs

# Type: bool (true/false)
tandoor_role_docker_output_logs:

tandoor_role_docker_paused

# Type: bool (true/false)
tandoor_role_docker_paused:

tandoor_role_docker_recreate

# Type: bool (true/false)
tandoor_role_docker_recreate:

tandoor_role_docker_restart_retries

# Type: int
tandoor_role_docker_restart_retries:

tandoor_role_docker_stop_timeout

# Type: int
tandoor_role_docker_stop_timeout:

Other Options

tandoor_role_docker_capabilities

# Type: list
tandoor_role_docker_capabilities:

tandoor_role_docker_cgroup_parent

# Type: string
tandoor_role_docker_cgroup_parent:

tandoor_role_docker_commands

# Type: list
tandoor_role_docker_commands:

tandoor_role_docker_create_timeout

# Type: int
tandoor_role_docker_create_timeout:

tandoor_role_docker_entrypoint

# Type: string
tandoor_role_docker_entrypoint:

tandoor_role_docker_env_file

# Type: string
tandoor_role_docker_env_file:

tandoor_role_docker_labels

# Type: dict
tandoor_role_docker_labels:

tandoor_role_docker_labels_use_common

# Type: bool (true/false)
tandoor_role_docker_labels_use_common:

tandoor_role_docker_read_only

# Type: bool (true/false)
tandoor_role_docker_read_only:

tandoor_role_docker_runtime

# Type: string
tandoor_role_docker_runtime:

tandoor_role_docker_sysctls

# Type: list
tandoor_role_docker_sysctls:

tandoor_role_docker_ulimits

# Type: list
tandoor_role_docker_ulimits:

tandoor_role_autoheal_enabled

# Enable or disable Autoheal monitoring for the container created when deploying
# Type: bool (true/false)
tandoor_role_autoheal_enabled: true

tandoor_role_depends_on

# List of container dependencies that must be running before the container start
# Type: string
tandoor_role_depends_on: ""

tandoor_role_depends_on_delay

# Delay in seconds before starting the container after dependencies are ready
# Type: string (quoted number)
tandoor_role_depends_on_delay: "0"

tandoor_role_depends_on_healthchecks

# Enable healthcheck waiting for container dependencies
# Type: string ("true"/"false")
tandoor_role_depends_on_healthchecks:

tandoor_role_diun_enabled

# Enable or disable Diun update notifications for the container created when deploying
# Type: bool (true/false)
tandoor_role_diun_enabled: true

tandoor_role_dns_enabled

# Enable or disable automatic DNS record creation for the container
# Type: bool (true/false)
tandoor_role_dns_enabled: true

tandoor_role_docker_controller

# Enable or disable Saltbox Docker Controller management for the container
# Type: bool (true/false)
tandoor_role_docker_controller: true

tandoor_role_docker_image_repo

# Type: string
tandoor_role_docker_image_repo:

tandoor_role_docker_image_tag

# Type: string
tandoor_role_docker_image_tag:

tandoor_role_docker_volumes_download

# Type: bool (true/false)
tandoor_role_docker_volumes_download:

tandoor_role_paths_location

# Type: string
tandoor_role_paths_location:

tandoor_role_postgres_docker_env_db

# Type: string
tandoor_role_postgres_docker_env_db:

tandoor_role_postgres_name

# Type: string
tandoor_role_postgres_name:

tandoor_role_postgres_password

# Type: string
tandoor_role_postgres_password:

tandoor_role_postgres_user

# Type: string
tandoor_role_postgres_user:

tandoor_role_themepark_addons

# Type: string
tandoor_role_themepark_addons:

tandoor_role_themepark_app

# Type: string
tandoor_role_themepark_app:

tandoor_role_themepark_theme

# Type: string
tandoor_role_themepark_theme:

tandoor_role_traefik_api_endpoint

# Type: dict/omit
tandoor_role_traefik_api_endpoint:

tandoor_role_traefik_api_middleware

# Type: string
tandoor_role_traefik_api_middleware:

tandoor_role_traefik_api_middleware_http

# Type: string
tandoor_role_traefik_api_middleware_http:

tandoor_role_traefik_autodetect_enabled

# Enable Traefik autodetect middleware for the container
# Type: bool (true/false)
tandoor_role_traefik_autodetect_enabled: false

tandoor_role_traefik_certresolver

# Type: string
tandoor_role_traefik_certresolver:

tandoor_role_traefik_crowdsec_enabled

# Enable CrowdSec middleware for the container
# Type: bool (true/false)
tandoor_role_traefik_crowdsec_enabled: false

tandoor_role_traefik_error_pages_enabled

# Enable custom error pages middleware for the container
# Type: bool (true/false)
tandoor_role_traefik_error_pages_enabled: false

tandoor_role_traefik_gzip_enabled

# Enable gzip compression middleware for the container
# Type: bool (true/false)
tandoor_role_traefik_gzip_enabled: false

tandoor_role_traefik_middleware_http

# Type: string
tandoor_role_traefik_middleware_http:

tandoor_role_traefik_middleware_http_api_insecure

# Type: bool (true/false)
tandoor_role_traefik_middleware_http_api_insecure:

tandoor_role_traefik_middleware_http_insecure

# Type: bool (true/false)
tandoor_role_traefik_middleware_http_insecure:

tandoor_role_traefik_priority

# Type: string
tandoor_role_traefik_priority:

tandoor_role_traefik_robot_enabled

# Enable robots.txt middleware for the container
# Type: bool (true/false)
tandoor_role_traefik_robot_enabled: true

tandoor_role_traefik_tailscale_enabled

# Enable Tailscale-specific Traefik configuration for the container
# Type: bool (true/false)
tandoor_role_traefik_tailscale_enabled: false

tandoor_role_traefik_wildcard_enabled

# Enable wildcard certificate for the container
# Type: bool (true/false)
tandoor_role_traefik_wildcard_enabled: true

tandoor_role_web_domain

# Type: string
tandoor_role_web_domain:

tandoor_role_web_fqdn_override

# Override the Traefik fully qualified domain name (FQDN) for the container
# Type: list
tandoor_role_web_fqdn_override:

Example Override

tandoor_role_web_fqdn_override:
  - "{{ traefik_host }}"
  - "tandoor2.{{ user.domain }}"
  - "tandoor.otherdomain.tld"

Note: Include {{ traefik_host }} to preserve the default FQDN alongside your custom entries

tandoor_role_web_host_override

# Override the Traefik web host configuration for the container
# Type: string
tandoor_role_web_host_override:

Example Override

tandoor_role_web_host_override: "Host(`{{ traefik_host }}`) || Host(`{{ 'tandoor2.' + user.domain }}`)"

Note: Use {{ traefik_host }} to include the default host configuration in your custom rule

tandoor_role_web_http_port

# Type: string (quoted number)
tandoor_role_web_http_port:

tandoor_role_web_http_scheme

# Type: string ("http"/"https")
tandoor_role_web_http_scheme:

tandoor_role_web_http_serverstransport

# Type: dict/omit
tandoor_role_web_http_serverstransport:

tandoor_role_web_scheme

# URL scheme to use for web access to the container
# Type: string ("http"/"https")
tandoor_role_web_scheme:

tandoor_role_web_serverstransport

# Type: dict/omit
tandoor_role_web_serverstransport:

tandoor_role_web_subdomain

# Type: string
tandoor_role_web_subdomain: