dsf

swarm/mealie.yaml

@@ -1,67 +1,62 @@
 services:
   recipe:
     image: ghcr.io/mealie-recipes/mealie:latest
-    container_name: mealie
-    restart: always
     ports:
       - "9925:9000"
-    # things that dont matter 
     environment:
       PUID: "1001"
       PGID: "998"
-      TZ: "America/Chicago"
-
+      TZ: America/Chicago
       MAX_WORKERS: "1"
       WEB_CONCURRENCY: "1"
-      BASE_URL: "https://recipe.netgrimoire.com"
-
-      # Disable local auth / signup (SSO-only)
+      BASE_URL: https://recipe.netgrimoire.com
       ALLOW_PASSWORD_LOGIN: "false"
       ALLOW_SIGNUP: "false"
-
-      # OIDC (authentik)
       OIDC_AUTH_ENABLED: "true"
-      OIDC_PROVIDER_NAME: "authentik"
-      OIDC_CONFIGURATION_URL: "https://auth.netgrimoire.com/application/o/mealie/.well-known/openid-configuration"
-      OIDC_CLIENT_ID: "tidMeWe3Ak30zRzcmC5vwoCqAIHXQsaVwJEp44Mz"
-      OIDC_CLIENT_SECRET: "OD0CLgELUEWGoZ8IUnduGbxhyhh4vgjMBxBAjyopNOkATWIEWSYeWRDdfY6ulX2Fj7zuUp9dpgzjoFatNviLD8E5Cv2815eDrZxH9gNb52Taur0LzqBPk25yLCvsnjXK"
+      OIDC_PROVIDER_NAME: authentik
+      OIDC_CONFIGURATION_URL: https://auth.netgrimoire.com/application/o/mealie/.well-known/openid-configuration
+      OIDC_CLIENT_ID: tidMeWe3Ak30zRzcmC5vwoCqAIHXQsaVwJEp44Mz
+      OIDC_CLIENT_SECRET: OD0CLgELUEWGoZ8IUnduGbxhyhh4vgjMBxBAjyopNOkATWIEWSYeWRDdfY6ulX2Fj7zuUp9dpgzjoFatNviLD8E5Cv2815eDrZxH9gNb52Taur0LzqBPk25yLCvsnjXK
       OIDC_AUTO_REDIRECT: "true"
       OIDC_REMEMBER_ME: "true"
-
-      # User provisioning and claim mapping
       OIDC_SIGNUP_ENABLED: "true"
-      OIDC_USER_CLAIM: "sub"
-      OIDC_NAME_CLAIM: "preferred_username"
-      OIDC_GROUPS_CLAIM: "groups"
-      OIDC_SCOPES_OVERRIDE: "openid profile email"
-
-      # Group-based role mapping
-      OIDC_USER_GROUP: "mealie-users"
-      OIDC_ADMIN_GROUP: "mealie-admins"
-
+      OIDC_USER_CLAIM: sub
+      OIDC_NAME_CLAIM: preferred_username
+      OIDC_GROUPS_CLAIM: groups
+      OIDC_SCOPES_OVERRIDE: openid profile email
+      OIDC_USER_GROUP: mealie-users
+      OIDC_ADMIN_GROUP: mealie-admins
     volumes:
       - /DockerVol/mealie:/app/data
-
     networks:
       - netgrimoire
-
     deploy:
+      restart_policy:
+        condition: any
+        delay: 5s
+        max_attempts: 3
+        window: 120s
       placement:
         constraints:
+          - node.platform.arch != aarch64
+          - node.platform.arch != arm
           - node.hostname == docker4
       labels:
+        caddy: recipe.netgrimoire.com
+        caddy.reverse_proxy: recipe:9000
+        caddy.import_1: crowdsec
+        caddy.import_2: authentik
+
+        kuma.recipe.http.name: Mealie
+        kuma.recipe.http.url: https://recipe.netgrimoire.com
+
         homepage.group: PNCHarris Apps
         homepage.name: Mealie
         homepage.icon: mealie.png
         homepage.href: https://recipe.netgrimoire.com
         homepage.description: Recipe Manager
 
-        kuma.recipe.http.name=: Mealie"
-        kuma.recipe.http.url: https://recipe:9000
-
-        caddy: recipe.netgrimoire.com
-        caddy.import_1: authentik
-        caddy.reverse_proxy: recipe:9000
+        diun.enable: "true"
 
 networks:
   netgrimoire: