apps: add vpgen

roles/alpina/tasks/main.yml

@@ -31,4 +31,5 @@
       - nextcloud
       - jellyfin
       - arrstack
+      - vpgen
   import_tasks: deploy_collection.yml

roles/alpina/templates/apps/vpgen/.env.vpgen.j2

@@ -0,0 +1,20 @@
+DATABASE_URL=file:/data/vpgen.db
+
+AUTH_DOMAIN=auth.{{ domain }}
+AUTH_CLIENT_ID=vpgen
+AUTH_CLIENT_SECRET={{ auth_vpgen_client_secret }}
+
+OPNSENSE_API_URL={{ vpgen_opnsense_api_url }}
+OPNSENSE_API_KEY={{ vpgen_opnsense_api_key }}
+OPNSENSE_API_SECRET={{ vpgen_opnsense_api_secret }}
+OPNSENSE_WG_IFNAME={{ vpgen_opnsense_wg_ifname }}
+
+IPV4_STARTING_ADDR={{ vpgen_ipv4_starting_addr }}
+IPV6_STARTING_ADDR={{ vpgen_ipv6_starting_addr }}
+IPV6_CLIENT_PREFIX_SIZE={{ vpgen_ipv6_client_prefix_size }}
+IP_MAX_INDEX={{ vpgen_ip_max_index }}
+VPN_ENDPOINT={{ vpgen_vpn_endpoint }}
+VPN_DNS={{ vpgen_vpn_dns }}
+MAX_CLIENTS_PER_USER={{ vpgen_max_clients_per_user }}
+
+ORIGIN=https://vpgen.{{ domain }}

roles/alpina/templates/apps/vpgen/docker-compose.yml.j2

@@ -0,0 +1,16 @@
+{% import 'contrib/compose_helpers.j2' as helpers with context %}
+
+networks:
+  {{ helpers.default_network(196) | indent(2) }}
+
+services:
+  vpgen:
+    image: gitea.cazzzer.com/cazzzer/vpgen:develop
+    container_name: vpgen
+    labels:
+      - {{ helpers.traefik_labels('vpgen', port='3000') | indent(6) }}
+    restart: unless-stopped
+    env_file:
+      - .env.vpgen
+    volumes:
+      - {{ base_volume_path }}/vpgen:/data

roles/alpina/templates/services/authentik/blueprints/apps-oauth2.yaml.j2

@@ -33,6 +33,13 @@ entries:
       "ui_group": "Apps",
       "allowed_for_groups": ["admins", "users"],
     },
+    "VPGen": {
+      "redirect_uri": "https://vpgen."~ domain ~"/auth/authentik/callback",
+      "icon": "https://vpgen."~ domain ~"/favicon.png",
+      "client_secret": auth_vpgen_client_secret,
+      "ui_group": "Apps",
+      "allowed_for_groups": ["admins", "users"],
+    },
   } -%}
   {% for app in apps.keys() -%}
   - identifiers: