Added service kitchenowl

[kommandantredundant]

Servicename: Kitchenowl: new service

Personal disclaimer: this is my first PR ever. I hope I got everything right. Please look over it accordingly! Thanks :)

Description

Kitchenowl is a grocery list and recipe manager.
Github: https://github.com/TomBursch/kitchenowl
Website: https://kitchenowl.org/
Docs: https://docs.kitchenowl.org/latest/

added compose, env and service readme, added line to frontpage readme

Related Issues

• None.

Verification

docker compose config                                                                                                   
>>
name: kitchenowl
services:
  kitchenowl:
    container_name: app-kitchenowl
    depends_on:
      tailscale:
        condition: service_healthy
        required: true
    environment:
      DNS_SERVER: 9.9.9.9
      FRONT_URL: '# the exact URL of your kitchenowl instance, requred when using OIDC authentication, e.g https://kitchenowl.example.com'
      IMAGE_URL: tombursch/kitchenowl:latest
      JWT_SECRET_KEY: '# Generate a random string for JWT secret key, e.g., using: openssl rand -base64 32'
      OIDC_CLIENT_ID: '# to be generated by your OIDC provider'
      OIDC_CLIENT_SECRET: '# to be generated by your OIDC provider'
      OIDC_ISSUER: '# your OIDC issuer, e.g https://accounts.google.com'
      SERVICE: kitchenowl
      SERVICEPORT: "8080"
      TS_AUTHKEY: '# Auth key from https://tailscale.com/admin/authkeys. See: https://tailscale.com/kb/1085/auth-keys#generate-an-auth-key for instructions.'
      TZ: Europe/Amsterdam
    image: tombursch/kitchenowl:latest
    network_mode: service:tailscale
    restart: unless-stopped
    volumes:
      - type: bind
        source: /home/janis/code/scaletail/ScaleTail/services/kitchenowl/data
        target: /data
        bind: {}
  tailscale:
    cap_add:
      - net_admin
    configs:
      - source: ts-serve
        target: /config/serve.json
    container_name: tailscale-kitchenowl
    devices:
      - source: /dev/net/tun
        target: /dev/net/tun
        permissions: rwm
    environment:
      TS_AUTH_ONCE: "true"
      TS_AUTHKEY: '# Auth key from https://tailscale.com/admin/authkeys. See: https://tailscale.com/kb/1085/auth-keys#generate-an-auth-key for instructions.'
      TS_ENABLE_HEALTH_CHECK: "true"
      TS_LOCAL_ADDR_PORT: 127.0.0.1:41234
      TS_SERVE_CONFIG: /config/serve.json
      TS_STATE_DIR: /var/lib/tailscale
      TS_USERSPACE: "false"
    hostname: kitchenowl
    healthcheck:
      test:
        - CMD
        - wget
        - --spider
        - -q
        - http://127.0.0.1:41234/healthz
      timeout: 10s
      interval: 1m0s
      retries: 3
      start_period: 10s
    image: tailscale/tailscale:latest
    networks:
      default: null
    ports:
      - mode: ingress
        host_ip: 0.0.0.0
        target: 8080
        published: "8080"
        protocol: tcp
    restart: always
    volumes:
      - type: bind
        source: /home/janis/code/scaletail/ScaleTail/services/kitchenowl/config
        target: /config
        bind: {}
      - type: bind
        source: /home/janis/code/scaletail/ScaleTail/services/kitchenowl/ts/state
        target: /var/lib/tailscale
        bind: {}
networks:
  default:
    name: kitchenowl_default
configs:
  ts-serve:
    name: kitchenowl_ts-serve
    content: |
      {"TCP":{"443":{"HTTPS":true}},
      "Web":{"$${TS_CERT_DOMAIN}:443":
          {"Handlers":{"/":
          {"Proxy":"http://127.0.0.1:8080"}}}},
      "AllowFunnel":{"$${TS_CERT_DOMAIN}:443":false}}

Checklist

• I have performed a self-review of my code and followed the templates structure.
• I have added verification that the stack works as expected.
• I have updated necessary documentation (e.g. frontpage README.md ).
• I have selected the correct label(s) for this PR.

Additional Context

• None.