Implement fixes from test results

- Update Docker install to use curl method - Rename ADMIN_PASSWORD to AUTHELIA_ADMIN_PASSWORD - Fix Authelia password hash generation (remove grep, no quotes) - Revert compose labels to single quotes - Ensure users_database.yml has unquoted password placeholder
2026-02-02 20:59:07 -05:00
parent 7e4799f27e
commit 3d5979b5f1
19 changed files with 1232 additions and 467 deletions
--- a/docker-compose/monitoring/docker-compose.yml
+++ b/docker-compose/monitoring/docker-compose.yml
@@ -38,19 +38,19 @@ services:
      # TRAEFIK CONFIGURATION
      # ==========================================
      # Service metadata
-      - "homelab.category=monitoring"
-      - "homelab.description=Metrics collection and time-series database"
+      - 'homelab.category=monitoring"
+      - 'homelab.description=Metrics collection and time-series database"
      # Traefik reverse proxy (comment/uncomment to disable/enable)
      # If Traefik is on a remote server: these labels are NOT USED; 
      #   configure external yml files in /traefik/dynamic folder instead.
-      - "traefik.enable=true"
-      - "traefik.docker.network=traefik-network"
-      - "traefik.http.routers.prometheus.rule=Host(`prometheus.${DOMAIN}`)"
-      - "traefik.http.routers.prometheus.entrypoints=websecure"
-      - "traefik.http.routers.prometheus.tls=true"
-      - "traefik.http.routers.prometheus.tls.certresolver=letsencrypt"
-      - "traefik.http.routers.prometheus.middlewares=authelia@docker"
-      - "traefik.http.services.prometheus.loadbalancer.server.port=9090"
+      - 'traefik.enable=true"
+      - 'traefik.docker.network=traefik-network"
+      - 'traefik.http.routers.prometheus.rule=Host(`prometheus.${DOMAIN}`)"
+      - 'traefik.http.routers.prometheus.entrypoints=websecure"
+      - 'traefik.http.routers.prometheus.tls=true"
+      - 'traefik.http.routers.prometheus.tls.certresolver=letsencrypt"
+      - 'traefik.http.routers.prometheus.middlewares=authelia@docker"
+      - 'traefik.http.services.prometheus.loadbalancer.server.port=9090"

  # Grafana - Metrics visualization
  # Default credentials: admin / admin (change on first login)
@@ -87,19 +87,19 @@ services:
      # TRAEFIK CONFIGURATION
      # ==========================================
      # Service metadata
-      - "homelab.category=monitoring"
-      - "homelab.description=Metrics visualization and dashboards"
+      - 'homelab.category=monitoring"
+      - 'homelab.description=Metrics visualization and dashboards"
      # Traefik reverse proxy (comment/uncomment to disable/enable)
      # If Traefik is on a remote server: these labels are NOT USED; 
      #   configure external yml files in /traefik/dynamic folder instead.
-      - "traefik.enable=true"
-      - "traefik.docker.network=traefik-network"
-      - "traefik.http.routers.grafana.rule=Host(`grafana.${DOMAIN}`)"
-      - "traefik.http.routers.grafana.entrypoints=websecure"
-      - "traefik.http.routers.grafana.tls=true"
-      - "traefik.http.routers.grafana.tls.certresolver=letsencrypt"
-      - "traefik.http.routers.grafana.middlewares=authelia@docker"
-      - "traefik.http.services.grafana.loadbalancer.server.port=3000"
+      - 'traefik.enable=true"
+      - 'traefik.docker.network=traefik-network"
+      - 'traefik.http.routers.grafana.rule=Host(`grafana.${DOMAIN}`)"
+      - 'traefik.http.routers.grafana.entrypoints=websecure"
+      - 'traefik.http.routers.grafana.tls=true"
+      - 'traefik.http.routers.grafana.tls.certresolver=letsencrypt"
+      - 'traefik.http.routers.grafana.middlewares=authelia@docker"
+      - 'traefik.http.services.grafana.loadbalancer.server.port=3000"

  # Node Exporter - Host metrics exporter
  # Metrics at: http://192.168.4.4:9100/metrics
@@ -121,8 +121,8 @@ services:
      - '--path.sysfs=/host/sys'
      - '--collector.filesystem.mount-points-exclude=^/(sys|proc|dev|host|etc)($$|/)'
    labels:
-      - "homelab.category=monitoring"
-      - "homelab.description=Hardware and OS metrics exporter"
+      - 'homelab.category=monitoring"
+      - 'homelab.description=Hardware and OS metrics exporter"

  # cAdvisor - Container metrics exporter
  # Access at: http://192.168.4.4:8082
@@ -148,19 +148,19 @@ services:
      # TRAEFIK CONFIGURATION
      # ==========================================
      # Service metadata
-      - "homelab.category=monitoring"
-      - "homelab.description=Container metrics and performance monitoring"
+      - 'homelab.category=monitoring"
+      - 'homelab.description=Container metrics and performance monitoring"
      # Traefik reverse proxy (comment/uncomment to disable/enable)
      # If Traefik is on a remote server: these labels are NOT USED; 
      #   configure external yml files in /traefik/dynamic folder instead.
-      - "traefik.enable=true"
-      - "traefik.docker.network=traefik-network"
-      - "traefik.http.routers.cadvisor.rule=Host(`cadvisor.${DOMAIN}`)"
-      - "traefik.http.routers.cadvisor.entrypoints=websecure"
-      - "traefik.http.routers.cadvisor.tls=true"
-      - "traefik.http.routers.cadvisor.tls.certresolver=letsencrypt"
-      - "traefik.http.routers.cadvisor.middlewares=authelia@docker"
-      - "traefik.http.services.cadvisor.loadbalancer.server.port=8080"
+      - 'traefik.enable=true"
+      - 'traefik.docker.network=traefik-network"
+      - 'traefik.http.routers.cadvisor.rule=Host(`cadvisor.${DOMAIN}`)"
+      - 'traefik.http.routers.cadvisor.entrypoints=websecure"
+      - 'traefik.http.routers.cadvisor.tls=true"
+      - 'traefik.http.routers.cadvisor.tls.certresolver=letsencrypt"
+      - 'traefik.http.routers.cadvisor.middlewares=authelia@docker"
+      - 'traefik.http.services.cadvisor.loadbalancer.server.port=8080"

  # Uptime Kuma - Uptime monitoring
  uptime-kuma:
@@ -188,19 +188,19 @@ services:
      # TRAEFIK CONFIGURATION
      # ==========================================
      # Service metadata
-      - "homelab.category=monitoring"
-      - "homelab.description=Service uptime monitoring and alerts"
+      - 'homelab.category=monitoring"
+      - 'homelab.description=Service uptime monitoring and alerts"
      # Traefik reverse proxy (comment/uncomment to disable/enable)
      # If Traefik is on a remote server: these labels are NOT USED; 
      #   configure external yml files in /traefik/dynamic folder instead.
-      - "traefik.enable=true"
-      - "traefik.docker.network=traefik-network"
-      - "traefik.http.routers.uptime-kuma.rule=Host(`uptime-kuma.${DOMAIN}`)"
-      - "traefik.http.routers.uptime-kuma.entrypoints=websecure"
-      - "traefik.http.routers.uptime-kuma.tls=true"
-      - "traefik.http.routers.uptime-kuma.tls.certresolver=letsencrypt"
-      - "traefik.http.routers.uptime-kuma.middlewares=authelia@docker"
-      - "traefik.http.services.uptime-kuma.loadbalancer.server.port=3001"
+      - 'traefik.enable=true"
+      - 'traefik.docker.network=traefik-network"
+      - 'traefik.http.routers.uptime-kuma.rule=Host(`uptime-kuma.${DOMAIN}`)"
+      - 'traefik.http.routers.uptime-kuma.entrypoints=websecure"
+      - 'traefik.http.routers.uptime-kuma.tls=true"
+      - 'traefik.http.routers.uptime-kuma.tls.certresolver=letsencrypt"
+      - 'traefik.http.routers.uptime-kuma.middlewares=authelia@docker"
+      - 'traefik.http.services.uptime-kuma.loadbalancer.server.port=3001"

  # Loki - Log aggregation
  # Access at: http://192.168.4.4:3100
@@ -230,19 +230,19 @@ services:
      # TRAEFIK CONFIGURATION
      # ==========================================
      # Service metadata
-      - "homelab.category=monitoring"
-      - "homelab.description=Log aggregation system"
+      - 'homelab.category=monitoring"
+      - 'homelab.description=Log aggregation system"
      # Traefik reverse proxy (comment/uncomment to disable/enable)
      # If Traefik is on a remote server: these labels are NOT USED; 
      #   configure external yml files in /traefik/dynamic folder instead.
-      - "traefik.enable=true"
-      - "traefik.docker.network=traefik-network"
-      - "traefik.http.routers.loki.rule=Host(`loki.${DOMAIN}`)"
-      - "traefik.http.routers.loki.entrypoints=websecure"
-      - "traefik.http.routers.loki.tls=true"
-      - "traefik.http.routers.loki.tls.certresolver=letsencrypt"
-      - "traefik.http.routers.loki.middlewares=authelia@docker"
-      - "traefik.http.services.loki.loadbalancer.server.port=3100"
+      - 'traefik.enable=true"
+      - 'traefik.docker.network=traefik-network"
+      - 'traefik.http.routers.loki.rule=Host(`loki.${DOMAIN}`)"
+      - 'traefik.http.routers.loki.entrypoints=websecure"
+      - 'traefik.http.routers.loki.tls=true"
+      - 'traefik.http.routers.loki.tls.certresolver=letsencrypt"
+      - 'traefik.http.routers.loki.middlewares=authelia@docker"
+      - 'traefik.http.services.loki.loadbalancer.server.port=3100"

  # Promtail - Log shipper for Loki
  # Ships Docker container logs to Loki
@@ -260,8 +260,8 @@ services:
    depends_on:
      - loki
    labels:
-      - "homelab.category=monitoring"
-      - "homelab.description=Log collector for Loki"
+      - 'homelab.category=monitoring"
+      - 'homelab.description=Log collector for Loki"

 volumes:
  prometheus-data: