Skip to content

Tandoor

Overview

Official documentation can be found here

As the official docs say Tandoor Recipes is "The recipe manager that allows you to manage your ever growing collection of digital recipes." Tandoor docs.
It has many features including managing your recipes, creating recipe plans for each day, making shopping lists while being easily shareable to friends and family.

Structure

Reverse Proxy

The reverse proxy (Caddy) handles TLS and domain management.
The Tandoor web UI container listens on port 80 which is written into the Caddyfile as there's not really a way to change it.
The domain it uses must be changed in vars.yml. See Caddy documentation.

Quadlets

Tandoor needs two containers, one postgresql and one that is the web interface.

Postgresql

The database .container template is the following:

[Unit]
Description=Tandoor Recipes Database
Wants=network-online.target
After=network-online.target

[Container]
Image={{ tandoor_db_image }}
ContainerName=db_recipes
EnvironmentFile=/{{ parent_dir }}/{{ tandoor_dir }}/.env
Network={{ podman_network }}

Volume=/{{ parent_dir }}/{{ tandoor_dir }}/{{ tandoor_db_dir }}:/var/lib/postgresql/data:Z

AutoUpdate=registry

[Service]
Restart=always
RestartSec=5

[Install]
WantedBy=default.target

Web UI

The web UI .container template is as follows: 

[Unit]
Description=Tandoor Recipes Web
Wants=db_recipes.service
After=db_recipes.service

[Container]
Image={{ tandoor_web_image }}
ContainerName=web_recipes
EnvironmentFile=/{{ parent_dir }}/{{ tandoor_dir }}/.env
Network=my-network

Volume=staticfiles:/opt/recipes/staticfiles
Volume=/{{ parent_dir }}/{{ tandoor_dir }}/{{ tandoor_media_dir }}:/opt/recipes/mediafiles:Z

AutoUpdate=registry

[Service]
Restart=always
RestartSec=5

[Install]
WantedBy=default.target

Required variables

  1. Having the tandoor_domain variable filled in global vars.yml file.
  2. podman-network variable filled in global vars.yml file.
  3. You can and should change the passwords and keys associated with Tandoor.
    They are located in the vault (secrets.yml):
    • tandoor_secret_key
    • tandoor_db_password

    Use strong keys

    You should use the method Tandoor docs suggests, which is running base64 /dev/urandom | head -c50 (twice) and using those as the two keys.

    Tip

    Maybe I'll automate this too as you don't use these anyways

Directory layout

If you leave the defaults, the directory layout will look like this: 

/stack/
  tandoor/
    .env
    postgresql/
    mediafiles/
Variable mapping:
/stack is parent_dir
tandoor/ is tandoor_dir
postgresql/ is tandoor_db_dir
mediafiles/ is tandoor_media_dir

Customizations

Only change the roles/tandoor/defaults/main.yml, secrets.yml and vars.yml. Do NOT mess around in the .j2 files unless you know exactly what you are doing.

There are postgresql variables in the .env.j2 files you could theoretically changed but I didn't and I'd probably break the whole thing. There are things in the .container.j2 files I could have made a variable but didn't, because I saw no purpose to it.

It doesn't have a ton of options but here's what you change:

Make sure your directory vars do NOT start or end with a /

  1. You can change where they store the data by editing roles/tandoor/defaults/main.yml and/or by changing the parent directory in vars.yml.
  2. To lock in a certain Docker image version, change the tandoor_db_image or the tandoor_web_image variable in roles/tandoor/defaults/main.yml.
  3. You can change the database timezone by changing the tandoor_tz variable in roles/tandoor/defaults/main.yml.

Container name

You can change the container names, but be sure to make the other .container files reflect this change and be careful as container names aren't dynamic so other containers might break.

Dependencies

It really does not have many dependencies, as Ansible handles them anyways. The only thing you have to do is following the Required variables section.

Usage

The first login is recommended (or maybe must) to be made from the web as that's when you create your account.
For a mobile app, I personally use Kitshn which is available on F-Droid.
To see how to use the features, please refer to the original docs.

Bugs

I've encountered the playbook failing on the first deploy as a result of postgres exiting the container after it's initialization. This is intended behaviour I think, but it throws Ansible off so it exits. I'll try to find a fix for it.