From e94bdba025f53d26a3fd158d4ec6f414ba442d40 Mon Sep 17 00:00:00 2001 From: Connor Kooistra <70811244+cdkooistra@users.noreply.github.com> Date: Wed, 5 Nov 2025 21:07:51 +0100 Subject: [PATCH] Added Tandoor Recipes (New Service: Tandoor Recipes Fixes #160) --- README.md | 1 + services/tandoor/.env | 30 +++++++++++ services/tandoor/README.md | 18 +++++++ services/tandoor/config/serve.json | 16 ++++++ services/tandoor/docker-compose.yml | 81 +++++++++++++++++++++++++++++ 5 files changed, 146 insertions(+) create mode 100644 services/tandoor/.env create mode 100644 services/tandoor/README.md create mode 100644 services/tandoor/config/serve.json create mode 100644 services/tandoor/docker-compose.yml diff --git a/README.md b/README.md index 1bbabd0..fd84fce 100644 --- a/README.md +++ b/README.md @@ -149,6 +149,7 @@ If you would like to add your own config, you can use the [service-template](tem | 🥘 Service | 📝 Description | 🔗 Link | | ------------ | -------------------------------------------------------------------------------------------------------- | -------------------------- | | 🥘 **Mealie** | A self-hosted recipe manager and meal planner with features like shopping lists, scaling, and importing. | [Details](services/mealie) | +| 🥘 **Tandoor Recipes** | A self-hosted recipe manager that also serves as a meal planner that has features such as nutrient tracking, shopping lists, importing and AI. | [Details](services/tandoor) | ## Tailscale Information diff --git a/services/tandoor/.env b/services/tandoor/.env new file mode 100644 index 0000000..1847393 --- /dev/null +++ b/services/tandoor/.env @@ -0,0 +1,30 @@ +#version=1.0 +#url=https://github.com/2Tiny2Scale/tailscale-docker-sidecar-configs +#COMPOSE_PROJECT_NAME= // only use in multiple deployments on the same infra +SERVICE=tandoor +IMAGE_URL=vabene1111/recipes +SERVICEPORT=9001 +TS_AUTHKEY= +DNS_SERVER=9.9.9.9 + +# Custom Tandoor Recipes - https://docs.tandoor.dev/install/docker/#docker-compose + +# Visit the docs to find more supported env variables - https://docs.tandoor.dev/system/configuration/ + +# random secret key, use for example `base64 /dev/urandom | head -c50` to generate one +SECRET_KEY= + +# allowed hosts (see documentation), should be set to your hostname(s) but might be * (default) for some proxies/providers +ALLOWED_HOSTS=tandoor.yourtailnet.ts.net + +# To set a timezone, uncomment the next line and change Etc/UTC to a TZ identifier from this list: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List +TZ=Europe/Amsterdam + +# Connection secret for postgres. You should change it to a random password +# Please use only the characters `A-Za-z0-9`, without special characters or spaces +DB_PASSWORD=postgres + +# The values below this line do not need to be changed +################################################################################### +DB_USERNAME=postgres +DB_DATABASE_NAME=tandoor diff --git a/services/tandoor/README.md b/services/tandoor/README.md new file mode 100644 index 0000000..5eb9ec9 --- /dev/null +++ b/services/tandoor/README.md @@ -0,0 +1,18 @@ +# Tandoor Recipes with Tailscale Sidecar Configuration + +This Docker Compose configuration sets up [**Tandoor Recipes**](https://github.com/TandoorRecipes/recipes) with Tailscale as a sidecar container, which enables a secure access to your personal recipe and meal planning platform from your Tailscale network. As with all other services inside this repository, your service stays fully private and accessible only to your authorized devices. + +## Tandoor Recipes + +[**Tandoor Recipes**](https://github.com/TandoorRecipes/recipes) is an application for managing recipes, planning meals, building shopping lists and much much more: + +- 🥗 **Manage your recipes** - Manage your ever growing recipe collection +- 📆 **Plan** - multiple meals for each day +- 🛒 **Shopping lists** - via the meal plan or straight from recipes +- 🪄 **use AI** to recognize images, sort recipe steps, find nutrition facts and more +- 📚 **Cookbooks** - collect recipes into books +- 👪 **Share and collaborate** on recipes with friends and family + +## Configuration Overview + +In this setup, the `tailscale-tandoor` service runs Tailscale, which manages secure networking for the service. The `tandoor` service utilizes the Tailscale network stack via Docker's `network_mode: service:tailscale-tandoor` configuration. This setup ensures that tandoor's service is only accessible through the Tailscale network (or locally, if preferred), providing an extra layer of security and privacy for your service. diff --git a/services/tandoor/config/serve.json b/services/tandoor/config/serve.json new file mode 100644 index 0000000..9d99115 --- /dev/null +++ b/services/tandoor/config/serve.json @@ -0,0 +1,16 @@ +{ + "TCP": { + "443": { + "HTTPS": true + } + }, + "Web": { + "${TS_CERT_DOMAIN}:443": { + "Handlers": { + "/": { + "Proxy": "http://127.0.0.1:9001" + } + } + } + } +} diff --git a/services/tandoor/docker-compose.yml b/services/tandoor/docker-compose.yml new file mode 100644 index 0000000..d1f4d1c --- /dev/null +++ b/services/tandoor/docker-compose.yml @@ -0,0 +1,81 @@ +services: +# Make sure you have updated/checked the .env file with the correct variables. +# All the ${ xx } need to be defined there. + # Tailscale Sidecar Configuration + tailscale: + image: tailscale/tailscale:latest # Image to be used + container_name: tailscale-${SERVICE} # Name for local container management + hostname: ${SERVICE} # Name used within your Tailscale environment + environment: + - TS_AUTHKEY=${TS_AUTHKEY} + - TS_STATE_DIR=/var/lib/tailscale + - TS_SERVE_CONFIG=/config/serve.json # Tailscale Serve configuration to expose the web interface on your local Tailnet - remove this line if not required + - TS_USERSPACE=false + - TS_ENABLE_HEALTH_CHECK=true # Enable healthcheck endpoint: "/healthz" + - TS_LOCAL_ADDR_PORT=127.0.0.1:41234 # The : for the healthz endpoint + #- TS_ACCEPT_DNS=true # Uncomment when using MagicDNS + volumes: + - ./config:/config # Config folder used to store Tailscale files - you may need to change the path + - ./ts/state:/var/lib/tailscale # Tailscale requirement - you may need to change the path + devices: + - /dev/net/tun:/dev/net/tun # Network configuration for Tailscale to work + cap_add: + - net_admin # Tailscale requirement + #ports: + # - 0.0.0.0:${SERVICEPORT}:${SERVICEPORT} # Binding port ${SERVICE}PORT to the local network - may be removed if only exposure to your Tailnet is required + # If any DNS issues arise, use your preferred DNS provider by uncommenting the config below + #dns: + # - ${DNS_SERVER} + healthcheck: + test: ["CMD", "wget", "--spider", "-q", "http://127.0.0.1:41234/healthz"] # Check Tailscale has a Tailnet IP and is operational + interval: 1m # How often to perform the check + timeout: 10s # Time to wait for the check to succeed + retries: 3 # Number of retries before marking as unhealthy + start_period: 10s # Time to wait before starting health checks + restart: always + + # ${SERVICE} + application: + image: ${IMAGE_URL} # Image to be used + network_mode: service:tailscale # Sidecar configuration to route ${SERVICE} through Tailscale + container_name: app-${SERVICE} # Name for local container management + environment: + - PUID=1000 + - PGID=1000 + - TZ=${TZ} + - TANDOOR_PORT=${SERVICEPORT} + volumes: + - ./${SERVICE}-data/staticfiles:/opt/recipes/statisfiles + - ./${SERVICE}-data/mediafiles:/opt/recipes/mediafiles + env_file: + - ./.env + depends_on: + tailscale: + condition: service_healthy + database: + condition: service_healthy + healthcheck: + test: ["CMD", "pgrep", "-f", "${SERVICE}"] # Check if ${SERVICE} process is running + interval: 1m # How often to perform the check + timeout: 10s # Time to wait for the check to succeed + retries: 3 # Number of retries before marking as unhealthy + start_period: 30s # Time to wait before starting health checks + restart: always + + database: + image: postgres:16-alpine + network_mode: service:tailscale + container_name: app-${SERVICE}-database + environment: + POSTGRES_PASSWORD: ${DB_PASSWORD} + POSTGRES_USER: ${DB_USERNAME} + POSTGRES_DB: ${DB_DATABASE_NAME} + volumes: + - ./${SERVICE}-data/database:/var/lib/postgresql/data + healthcheck: + test: ["CMD-SHELL", "pg_isready -U ${DB_USERNAME} -d ${DB_DATABASE_NAME}"] # Check if postgres is ready + interval: 1m # How often to perform the check + timeout: 10s # Time to wait for the check to succeed + retries: 3 # Number of retries before marking as unhealthy + start_period: 30s # Time to wait before starting health checks + restart: always