Fix karakeep mount

ReadMe.md

@@ -127,4 +127,11 @@ Due to an issue with the Authentik Terraform provider (#12), a manual step is re
 3.  Find the provider for your service (e.g., `prowlarr`).
 4.  Edit the provider and assign it to the correct **Proxy Outpost**.
 
-The credentials for the service can be found by navigating to the corresponding group in Authentik (e.g., `tf_prowlarr`) and viewing its attributes.
+The credentials for the service can be found by navigating to the corresponding group in Authentik (e.g., `tf_prowlarr`) and viewing its attributes.
+
+### Icons
+
+The following are good sources for icons:
+
+- https://dashboardicons.com
+- https://iconduck.com

config/stacks/arr.yaml

@@ -22,6 +22,7 @@
         auth:
           enabled: true
           proxy: true
+          group: "Arr"
         icon: "https://static-00.iconduck.com/assets.00/prowlarr-icon-512x512-v9ekdjxx.png"
         service_name: "prowlarr"
         image_name: "linuxserver/prowlarr:1.37.0"
@@ -41,6 +42,7 @@
         auth:
           enabled: true
           proxy: true
+          group: "Arr"
         icon: "https://static-00.iconduck.com/assets.00/sonarr-icon-1024x1024-wkay604k.png"
         service_name: "sonarr"
         image_name: "linuxserver/sonarr:4.0.14.2939-ls281"
@@ -60,6 +62,7 @@
         auth:
           enabled: true
           proxy: true
+          group: "Arr"
         icon: "https://static-00.iconduck.com/assets.00/radarr-icon-462x512-bydv4e4f.png"
         service_name: "radarr"
         image_name: "linuxserver/radarr:5.26.2"
@@ -79,6 +82,7 @@
         auth:
           enabled: true
           proxy: true
+          group: "Arr"
         service_name: "lidarr" 
         image_name: "linuxserver/lidarr:2.13.0-develop"
         mounts:
@@ -96,6 +100,7 @@
         auth:
           enabled: true
           proxy: true
+          group: "Arr"
         service_name: "readarr"
         image_name: "linuxserver/readarr:0.4.17-develop"
         mounts:

config/stacks/karakeep.yaml

@@ -23,9 +23,9 @@ karakeep:
             - "br1"
         auth:
           enabled: true
+          group: "Productivity"
           oauth: 
             enabled: true
-            group: "Productivity"
             keys:
               OAUTH_CLIENT_ID: "client_id"
               OAUTH_CLIENT_SECRET: "client_secret"
@@ -36,7 +36,7 @@ karakeep:
               - "openid"
               - "email"
               - "profile"
-        icon: "https://static-00.iconduck.com/assets.00/prowlarr-icon-512x512-v9ekdjxx.png"
+        icon: "https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/png/karakeep.png"
         service_name: "karakeep"
         description: "Karakeep is an open source \"Bookmark Everything\" app that uses AI for automatically tagging the content you throw at it. The app is built with self-hosting as a first class citizen."
         image_name: "ghcr.io/karakeep-app/karakeep:0.25.0"
@@ -51,7 +51,8 @@ karakeep:
           - "OAUTH_SCOPE=openid email profile"
           - "OAUTH_TIMEOUT=3500"
           - "DATA_DIR=/data"
-
+        mounts:
+          - "/mnt/user/DataStore/karakeep/data:/data"
     meillisearch:
         dns: 
           enabled: false
@@ -61,7 +62,7 @@ karakeep:
             - "karakeep"
         auth:
           enabled: false
-        icon: "https://static-00.iconduck.com/assets.00/prowlarr-icon-512x512-v9ekdjxx.png"
+        icon: "https://static-00.iconduck.com/assets.00/search-icon-512x512-dlh8ei42.png"
         service_name: "meillisearch"
         image_name: "getmeili/meilisearch:v1.13.3"
         mounts:
@@ -82,7 +83,7 @@ karakeep:
             - "karakeep"
         auth:
           enabled: false
-        icon: "https://static-00.iconduck.com/assets.00/prowlarr-icon-512x512-v9ekdjxx.png"
+        icon: "https://static-00.iconduck.com/assets.00/chrome-icon-512x512-5ln6wbyk.png"
         service_name: "chrome"
         image_name: "gcr.io/zenika-hub/alpine-chrome:123"
         networks:

docs/terraform.tfvars.json.example

@@ -0,0 +1,11 @@
+{
+  "nginx_proxy_address": "http://192.168.4.2:81",
+  "nginx_proxy_user": "myemail",
+  "nginx_proxy_pass": "nginx_proxy_pass",
+  "technitium_api_token": "api token",
+  "network_admin_email": "myemail",
+  "public_facing_ip": "0.0.0.0",
+  "cloudflare_api_token": "cloudflare api token",
+  "vpn_user":"username for vpn service",
+  "vpn_pass":"password for vpn service"
+}

terraform/modules/docker-stack/auth.tf

@@ -16,6 +16,8 @@ module "proxy_authentication" {
       for k, v in var.stack.services : k => v if lookup(lookup(v, "auth", {}), "enabled", false) == true && lookup(lookup(v, "auth", {}), "proxy", false) == true
   }
 
+  group = each.value.auth.group
+  description = each.value.description
   internal_host               = "http://${each.value.network.ip_address}:${each.value.network.service_port}"
   external_host               = each.value.dns.domain_name
   name                        = each.value.service_name
@@ -38,7 +40,7 @@ module "oauth_authentication" {
       for k, v in var.stack.services : k => v if lookup(lookup(v, "auth", {}), "enabled", false) == true && lookup(lookup(lookup(v, "auth", {}), "oauth", {}), "enabled", false) == true
   }
 
-  group = each.value.auth.oauth.group
+  group = each.value.auth.group
   description = each.value.description
   name                        = each.value.service_name
   create_access_group         = true

terraform/modules/docker-stack/variables.tf

@@ -21,9 +21,9 @@ variable "stack" {
       auth = optional(object({
         enabled = optional(bool, false),
         proxy = optional(bool, false),
+        group   = optional(string, "Uncategorized"),
         oauth = optional(object({
           enabled = optional(bool, false),
-          group   = optional(string, "Uncategorized"),
           keys    = optional(map(string), {}),
           scopes  = optional(list(string)),
           redirect_uris = optional(list(string))