5 files changed, 49 insertions, 78 deletions

diff --git a/stacks/news/.gitignore b/stacks/news/.gitignore
index c581994..01b11ab 100644
--- a/stacks/news/.gitignore
+++ b/stacks/news/.gitignore
@@ -5,4 +5,4 @@ extensions/
 certs/
 compose.test.yml
 config.custom.php
-
+config-user.custom.php
diff --git a/stacks/news/compose.yml b/stacks/news/compose.yml
index e9963f5..65a7847 100644
--- a/stacks/news/compose.yml
+++ b/stacks/news/compose.yml
@@ -1,39 +1,30 @@
 ## Template compose used for each stack.
-name: ${_STACK_0} # Explicit project name (do not rely on directory name)
+name: ${STACK} # Explicit project name (do not rely on directory name)
 
 networks:
   edge-net:
-    name: ${_NET_0}
-    external: true # All networks SHOULD be external in production.
+    name: ${EDGE_NET}
+    external: true # All networks MUST be external in production.
   db-net:
-    name: ${_NET_1}
-
-volumes:
-  rss-data:
-    name: ${VOLUME_0}
+    name: ${DB_NET}
     external: true
-  rss-db:
-    name: ${_VOLUME_1}
-    external: true # All volumes SHOULD be external in production.
 
 services:
-  rss:
-    container_name: ${_CONTAINER_0} # Name the containers explicitly.
+  news-test:
+    container_name: ${NEWS_CONTAINER} # Explicitly name containers.
     image: freshrss/freshrss:latest
     restart: unless-stopped
     env_file:
       # NOTE: .compose.env WILL override .env if there are overlapping values.
-      - .run.env # Runtime ENV
-      - .env # Compose ENV
-    volumes:
-      - rss-data:/var/www/FreshRSS/data
-    extra_hosts:
-      - "${OIDC_PROVIDER_DOMAIN}:${PROXY_IP}"
+      - .run.env # Compose wiring defaults go here
+      - .env # Service env vars
     networks:
       - edge-net
       - db-net
     expose:
       - 80
+    extra_hosts:
+      - "${OIDC_PROVIDER_DOMAIN}:${PROXY_IP}" # This is required so the container can return the right uri after auth.
     healthcheck:
       test: ["CMD", "cli/health.php"]
       timeout: 10s
@@ -41,16 +32,3 @@ services:
       start_interval: 11s
       interval: 75s
       retries: 3
-  rss-db:
-    container_name: ${_CONTAINER_1} # Name the containers explicitly.
-    image: postgres:18
-    restart: unless-stopped
-    env_file:
-      - run.env # Runtime ENV
-      - .env # Compose ENV
-    volumes:
-      - rss-db:/var/lib/postgresql
-    networks:
-      - db-net
-    expose:
-      - 5432
diff --git a/stacks/news/env.example b/stacks/news/env.template
index 7781c65..79e216b 100644
--- a/stacks/news/env.example
+++ b/stacks/news/env.template
@@ -3,23 +3,18 @@
 # Stack Compose Variables
 
 # Namespaces
-_STACK_0=
+STACK=
 
 # Containers
-_CONTAINER_0=
-_CONTAINER_1=
+NEWS_CONTAINER=
 
 # Network
-_NET_0=
-_NET_1=
+EDGE_NET=
+DB_NET=
 
 # Volumes
-_VOLUME_0=
-_VOLUME_1=
-
-# UID/GID
-UID=
-GID=
+# TODO: Manage Volumes that may be necessary for FreshRSS.
 
+# OIDC
 OIDC_PROVIDER_DOMAIN=
 PROXY_IP=
diff --git a/stacks/news/run.env.example b/stacks/news/run.env.example
deleted file mode 100644
index 6ccba27..0000000
--- a/stacks/news/run.env.example
+++ /dev/null
@@ -1,34 +0,0 @@
-#
-#
-# Stack Runtime Variables
-ADMIN_EMAIL=
-
-# General Settings
-# Formatted
-BASE_URL=https://sub.main.tld/subdir(?)
-SERVER_DNS=
-TZ=
-CRON_MIN=2,32
-FRESHRSS_ENV=production
-LISTEN=0.0.0.0:80
-# Put the reverse proxy's docker ip range here--v
-TRUSTED_PROXY=
-
-# Database
-POSTGRES_USER=
-POSTGRES_PASSWORD=
-# Put the name of the docker container for the database here--v
-DB_HOST=
-
-# OIDC Provider
-OIDC_ENABLED=0
-OIDC_PROVIDER_METADATA_URL=
-OIDC_CLIENT_ID=
-OIDC_CLIENT_SECRET=
-OIDC_CLIENT_CRYPTO_KEY=
-OIDC_REMOTE_USER_CLAIM=preferred_username
-OIDC_SCOPES=openid groups email profile
-OIDC_X_FORWARDED_HEADERS=X-Forwarded-Host X-Forwarded-Port X-Forwarded-Proto
-# OIDC_SESSION_INACTIVITY_TIMEOUT=
-# OIDC_SESSION_MAX_DURATION=
-# OIDC_SESSION_TYPE=
diff --git a/stacks/news/run.env.template b/stacks/news/run.env.template
new file mode 100644
index 0000000..44bfcde
--- /dev/null
+++ b/stacks/news/run.env.template
@@ -0,0 +1,32 @@
+#
+#
+# Stack Runtime Variables
+
+# DB
+POSTGRES_USER=
+POSTGRES_PASSWORD=
+DB_BASE=
+DB_HOST=
+
+# GENERAL
+TZ=
+CRON_MIN=2,32
+FRESHRSS_ENV=production
+LISTEN=0.0.0.0:80
+TRUSTED_PROXY=
+ADMIN_EMAIL=
+BASE_URL=
+SERVER_DNS=
+
+# OIDC
+OIDC_ENABLED=1
+OIDC_PROVIDER_METADATA_URL=
+OIDC_CLIENT_ID=
+OIDC_CLIENT_SECRET=
+OIDC_CLIENT_CRYPTO_KEY=
+OIDC_REMOTE_USER_CLAIM=
+OIDC_SCOPES=
+OIDC_X_FORWARDED_HEADERS=
+# OIDC_SESSION_INACTIVITY_TIMEOUT=
+# OIDC_SESSION_MAX_DURATION=
+# OIDC_SESSION_TYPE=