From 94b4906a6a7e93e0d841062c5a84bda62b9e7163 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Thu, 5 Feb 2026 18:35:18 +0000 Subject: [PATCH 1/3] Initial plan From 300d870a2bf8b0ca4f3a2e99374d98ca70be7cbd Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Thu, 5 Feb 2026 18:40:44 +0000 Subject: [PATCH 2/3] Replace personal data with variables and placeholders - Replace hardcoded password in code-server config with ${CODE_SERVER_PASSWORD} - Replace domain kelin-hass.duckdns.org with yourdomain.duckdns.org in docs - Replace domain kelinreij.duckdns.org with yourdomain.duckdns.org in homepage config - Replace personal emails with example addresses - Replace DuckDNS token and credentials in markup.yml with placeholders - Replace Let's Encrypt account numbers with placeholders Co-authored-by: kelinfoxy <67766943+kelinfoxy@users.noreply.github.com> --- .../dashboards/homepage/services.yaml | 96 +++++++++---------- .../config/.config/code-server/config.yaml | 2 +- ...26-01-12-ssl-wildcard-certificate-setup.md | 48 +++++----- docs/docker-guidelines.md | 6 +- .../SSL-CERTIFICATES-DUCKDNS.md | 22 ++--- markup.yml | 12 +-- 6 files changed, 93 insertions(+), 93 deletions(-) diff --git a/docker-compose/dashboards/homepage/services.yaml b/docker-compose/dashboards/homepage/services.yaml index f9d9f4e..b7188f1 100644 --- a/docker-compose/dashboards/homepage/services.yaml +++ b/docker-compose/dashboards/homepage/services.yaml @@ -4,253 +4,253 @@ - Dashboards: - Homepage: icon: homepage.png - href: https://homepage.kelinreij.duckdns.org + href: https://homepage.yourdomain.duckdns.org description: Hosted on Raspberry Pi - Homarr: icon: homarr.png - href: https://homarr.kelinreij.duckdns.org + href: https://homarr.yourdomain.duckdns.org description: Alternative Dashboard - Dockge - jasper: icon: dockge.png - href: https://jasper.kelinreij.duckdns.org + href: https://jasper.yourdomain.duckdns.org description: Main Server - Dockge - your-remote-server : icon: dockge.png - href: https://your-remote-server .kelinreij.duckdns.org + href: https://your-remote-server .yourdomain.duckdns.org description: Raspberry Pi Authentication Server - Core: - Traefik: icon: traefik.png - href: https://traefik.kelinreij.duckdns.org + href: https://traefik.yourdomain.duckdns.org description: Reverse Proxy & SSL - Authelia: icon: authelia.png - href: https://auth.kelinreij.duckdns.org + href: https://auth.yourdomain.duckdns.org description: Authentication SSO Portal - Pi-hole: icon: pi-hole.png - href: https://pihole.kelinreij.duckdns.org + href: https://pihole.yourdomain.duckdns.org description: Network-wide Ad Blocking - Monitoring Stack: - Dozzle: icon: dozzle.png - href: https://dozzle.jasper.kelinreij.duckdns.org + href: https://dozzle.jasper.yourdomain.duckdns.org description: jasper - Real-time Log Viewer - Dozzle: icon: dozzle.png - href: https://dozzle.your-remote-server .kelinreij.duckdns.org + href: https://dozzle.your-remote-server .yourdomain.duckdns.org description: your-remote-server - Real-time Log Viewer - Glances - jasper: icon: glances.png - href: https://glances.jasper.kelinreij.duckdns.org + href: https://glances.jasper.yourdomain.duckdns.org description: jasper - System Monitoring - Glances - your-remote-server : icon: glances.png - href: https://glances.your-remote-server .kelinreij.duckdns.org + href: https://glances.your-remote-server .yourdomain.duckdns.org description: your-remote-server - System Monitoring - Uptime Kuma: icon: uptime-kuma.png - href: https://uptime-kuma.kelinreij.duckdns.org + href: https://uptime-kuma.yourdomain.duckdns.org description: Uptime Monitoring - Media: - Jellyfin: icon: jellyfin.png - href: https://jellyfin.kelinreij.duckdns.org + href: https://jellyfin.yourdomain.duckdns.org description: Open Source Media Server - Jellyseerr: icon: jellyseerr.png - href: https://jellyseerr.kelinreij.duckdns.org + href: https://jellyseerr.yourdomain.duckdns.org description: Media Request Manager - Calibre-Web: icon: calibre-web.png - href: https://calibre.kelinreij.duckdns.org + href: https://calibre.yourdomain.duckdns.org description: Ebook Library - Media Management: - Sonarr: icon: sonarr.png - href: https://sonarr.kelinreij.duckdns.org + href: https://sonarr.yourdomain.duckdns.org description: TV Shows Automation - Radarr: icon: radarr.png - href: https://radarr.kelinreij.duckdns.org + href: https://radarr.yourdomain.duckdns.org description: Movies Automation - Prowlarr: icon: prowlarr.png - href: https://prowlarr.kelinreij.duckdns.org + href: https://prowlarr.yourdomain.duckdns.org description: Indexer Manager - Readarr: icon: readarr.png - href: https://readarr.kelinreij.duckdns.org + href: https://readarr.yourdomain.duckdns.org description: Books Automation - Lidarr: icon: lidarr.png - href: https://lidarr.kelinreij.duckdns.org + href: https://lidarr.yourdomain.duckdns.org description: Music Automation - Mylar3: icon: mylar.png - href: https://mylar.kelinreij.duckdns.org + href: https://mylar.yourdomain.duckdns.org description: Comics Manager - Home Automation: - Home Assistant: icon: home-assistant.png - href: https://hass.kelinreij.duckdns.org + href: https://hass.yourdomain.duckdns.org description: Home Automation Platform - ESPHome: icon: esphome.png - href: https://esphome.kelinreij.duckdns.org + href: https://esphome.yourdomain.duckdns.org description: ESP Device Manager - Node-RED: icon: node-red.png - href: https://nodered.kelinreij.duckdns.org + href: https://nodered.yourdomain.duckdns.org description: Flow-based Automation - Zigbee2MQTT: icon: zigbee2mqtt.png - href: https://zigbee.kelinreij.duckdns.org + href: https://zigbee.yourdomain.duckdns.org description: Zigbee Bridge - Mosquitto: icon: mosquitto.png - href: https://mqtt.kelinreij.duckdns.org + href: https://mqtt.yourdomain.duckdns.org description: MQTT Broker - Productivity: - Nextcloud: icon: nextcloud.png - href: https://nextcloud.kelinreij.duckdns.org + href: https://nextcloud.yourdomain.duckdns.org description: Cloud Storage & Collaboration - Gitea: icon: gitea.png - href: https://gitea.kelinreij.duckdns.org + href: https://gitea.yourdomain.duckdns.org description: Git Repository - Mealie: icon: mealie.png - href: https://mealie.kelinreij.duckdns.org + href: https://mealie.yourdomain.duckdns.org description: Recipe Manager - WordPress: icon: wordpress.png - href: https://wordpress.kelinreij.duckdns.org + href: https://wordpress.yourdomain.duckdns.org description: CMS Platform - Wikis: - BookStack: icon: bookstack.png - href: https://bookstack.kelinreij.duckdns.org + href: https://bookstack.yourdomain.duckdns.org description: Wiki Platform - DokuWiki: icon: dokuwiki.png - href: https://dokuwiki.kelinreij.duckdns.org + href: https://dokuwiki.yourdomain.duckdns.org description: Simple Wiki - Mediawiki: icon: mediawiki.png - href: https://mediawiki.kelinreij.duckdns.org + href: https://mediawiki.yourdomain.duckdns.org description: Collaborative Wiki - Development: - VS Code Server: icon: vscode.png - href: https://code.kelinreij.duckdns.org + href: https://code.yourdomain.duckdns.org description: Browser-based IDE - Jupyter: icon: jupyter.png - href: https://jupyter.kelinreij.duckdns.org + href: https://jupyter.yourdomain.duckdns.org description: Data Science Notebooks - Downloaders: - qBittorrent: icon: qbittorrent.png - href: https://qbit.kelinreij.duckdns.org + href: https://qbit.yourdomain.duckdns.org description: Torrent Client - Transcoders: - Tdarr: icon: tdarr.png - href: https://tdarr.kelinreij.duckdns.org + href: https://tdarr.yourdomain.duckdns.org description: Media Transcoding - Unmanic: icon: unmanic.png - href: https://unmanic.kelinreij.duckdns.org + href: https://unmanic.yourdomain.duckdns.org description: Media Transcoder - Utilities: - Vaultwarden: icon: vaultwarden.png - href: https://vault.kelinreij.duckdns.org + href: https://vault.yourdomain.duckdns.org description: Password Manager - Formio: icon: mdi-form-select - href: https://formio.kelinreij.duckdns.org + href: https://formio.yourdomain.duckdns.org description: Form Builder - Backup: - Backrest: icon: mdi-backup-restore - href: https://backrest.kelinreij.duckdns.org + href: https://backrest.yourdomain.duckdns.org description: Backup Solution - Duplicati: icon: duplicati.png - href: https://duplicati.kelinreij.duckdns.org + href: https://duplicati.yourdomain.duckdns.org description: Backup Software - Metrics: - Grafana: icon: grafana.png - href: https://grafana.kelinreij.duckdns.org + href: https://grafana.yourdomain.duckdns.org description: Metrics Dashboard - Prometheus: icon: prometheus.png - href: https://prometheus.kelinreij.duckdns.org + href: https://prometheus.yourdomain.duckdns.org description: Metrics Collection - cAdvisor: icon: cadvisor.png - href: https://cadvisor.kelinreij.duckdns.org + href: https://cadvisor.yourdomain.duckdns.org description: Container Metrics - Alternatives: - Portainer: icon: portainer.png - href: https://portainer.kelinreij.duckdns.org + href: https://portainer.yourdomain.duckdns.org description: Container Management UI - Authentik: icon: authentik.png - href: https://authentik.kelinreij.duckdns.org + href: https://authentik.yourdomain.duckdns.org description: Alternative Auth Provider - Plex: icon: plex.png - href: https://plex.kelinreij.duckdns.org + href: https://plex.yourdomain.duckdns.org description: Media Server diff --git a/docker-compose/infrastructure/code-server/config/.config/code-server/config.yaml b/docker-compose/infrastructure/code-server/config/.config/code-server/config.yaml index de1565d..32603ff 100644 --- a/docker-compose/infrastructure/code-server/config/.config/code-server/config.yaml +++ b/docker-compose/infrastructure/code-server/config/.config/code-server/config.yaml @@ -1,4 +1,4 @@ bind-addr: 127.0.0.1:8080 auth: password -password: 4d6c2b20e8d2c62be2512281 +password: ${CODE_SERVER_PASSWORD} cert: false diff --git a/docs/action-reports/2026-01-12-ssl-wildcard-certificate-setup.md b/docs/action-reports/2026-01-12-ssl-wildcard-certificate-setup.md index c13869b..7d1d7e3 100644 --- a/docs/action-reports/2026-01-12-ssl-wildcard-certificate-setup.md +++ b/docs/action-reports/2026-01-12-ssl-wildcard-certificate-setup.md @@ -15,14 +15,14 @@ Services were showing "not secure" warnings in browsers despite Traefik being co ### 1. **Multiple Simultaneous Certificate Requests** - **Issue:** Each service (dockge, dozzle, glances, pihole, authelia) had `traefik.http.routers.*.tls.certresolver=letsencrypt` labels - **Impact:** Traefik attempted to request individual certificates for each subdomain simultaneously -- **Consequence:** DuckDNS DNS challenge can only handle ONE TXT record at `_acme-challenge.kelin-hass.duckdns.org` at a time +- **Consequence:** DuckDNS DNS challenge can only handle ONE TXT record at `_acme-challenge.yourdomain.duckdns.org` at a time - **Result:** All certificate requests failed with "Incorrect TXT record" errors ### 2. **DNS TXT Record Conflicts** - **Issue:** Multiple services tried to create different TXT records at the same DNS location - **Example:** - - Service A creates: `_acme-challenge.kelin-hass.duckdns.org` = "token1" - - Service B overwrites: `_acme-challenge.kelin-hass.duckdns.org` = "token2" + - Service A creates: `_acme-challenge.yourdomain.duckdns.org` = "token1" + - Service B overwrites: `_acme-challenge.yourdomain.duckdns.org` = "token2" - Let's Encrypt validates Service A but finds "token2" → validation fails - **DuckDNS Limitation:** Can only maintain ONE TXT record per domain @@ -98,7 +98,7 @@ pihole: certificatesResolvers: letsencrypt: acme: - email: kelinfoxy@gmail.com + email: your-email@example.com storage: /acme.json dnsChallenge: provider: duckdns @@ -129,7 +129,7 @@ chown kelin:kelin /opt/stacks/core/traefik/acme.json # Wait for DNS to clear sleep 60 -dig +short TXT _acme-challenge.kelin-hass.duckdns.org # Verified empty +dig +short TXT _acme-challenge.yourdomain.duckdns.org # Verified empty # Deploy updated configuration cp /home/kelin/AI-Homelab/docker-compose/core.yml /opt/stacks/core/docker-compose.yml @@ -189,21 +189,21 @@ cd /opt/stacks/infrastructure && docker compose -f infrastructure.yml up -d { "letsencrypt": { "Account": { - "Email": "kelinfoxy@gmail.com", + "Email": "your-email@example.com", "Registration": { - "uri": "https://acme-v02.api.letsencrypt.org/acme/acct/2958966636" + "uri": "https://acme-v02.api.letsencrypt.org/acme/acct/XXXXXXXXXX" } }, "Certificates": [ { "domain": { - "main": "dockge.kelin-hass.duckdns.org" + "main": "dockge.yourdomain.duckdns.org" } }, { "domain": { - "main": "kelin-hass.duckdns.org", - "sans": ["*.kelin-hass.duckdns.org"] + "main": "yourdomain.duckdns.org", + "sans": ["*.yourdomain.duckdns.org"] } } ] @@ -212,7 +212,7 @@ cd /opt/stacks/infrastructure && docker compose -f infrastructure.yml up -d ``` **Certificate Details:** -- **Subject:** CN=kelin-hass.duckdns.org +- **Subject:** CN=yourdomain.duckdns.org - **Issuer:** C=US, O=Let's Encrypt, CN=R12 - **Coverage:** Wildcard certificate covering all subdomains - **File Size:** 23KB (up from 0 bytes) @@ -223,12 +223,12 @@ All services running with valid SSL certificates: | Service | Status | URL | Certificate | |---------|--------|-----|-------------| -| Traefik | ✅ Up | https://traefik.kelin-hass.duckdns.org | Valid | -| Authelia | ✅ Up | https://auth.kelin-hass.duckdns.org | Valid | -| Dockge | ✅ Up | https://dockge.kelin-hass.duckdns.org | Valid | -| Dozzle | ✅ Up | https://dozzle.kelin-hass.duckdns.org | Valid | -| Glances | ✅ Up | https://glances.kelin-hass.duckdns.org | Valid | -| Pi-hole | ✅ Up | https://pihole.kelin-hass.duckdns.org | Valid | +| Traefik | ✅ Up | https://traefik.yourdomain.duckdns.org | Valid | +| Authelia | ✅ Up | https://auth.yourdomain.duckdns.org | Valid | +| Dockge | ✅ Up | https://dockge.yourdomain.duckdns.org | Valid | +| Dozzle | ✅ Up | https://dozzle.yourdomain.duckdns.org | Valid | +| Glances | ✅ Up | https://glances.yourdomain.duckdns.org | Valid | +| Pi-hole | ✅ Up | https://pihole.yourdomain.duckdns.org | Valid | ## Best Practices & Prevention @@ -259,7 +259,7 @@ other-service: ### 2. ✅ DuckDNS DNS Challenge Limitations **Understand the Constraint:** -- DuckDNS can only maintain ONE TXT record at `_acme-challenge.kelin-hass.duckdns.org` +- DuckDNS can only maintain ONE TXT record at `_acme-challenge.yourdomain.duckdns.org` - Multiple simultaneous challenges WILL fail - Use wildcard certificate to avoid this limitation @@ -292,7 +292,7 @@ docker exec traefik tail -f /var/log/traefik/traefik.log | grep -E "acme|certifi docker exec traefik tail -100 /var/log/traefik/traefik.log | grep -E "error|Unable" # View specific domain -docker exec traefik tail -200 /var/log/traefik/traefik.log | grep "kelin-hass.duckdns.org" +docker exec traefik tail -200 /var/log/traefik/traefik.log | grep "yourdomain.duckdns.org" ``` ### 4. ✅ Certificate Troubleshooting Workflow @@ -307,10 +307,10 @@ cat /opt/stacks/core/traefik/acme.json | python3 -m json.tool | grep -A5 "Certif python3 -c "import json; d=json.load(open('/opt/stacks/core/traefik/acme.json')); print(f'Certificates: {len(d[\"letsencrypt\"][\"Certificates\"])}')" # 3. Test certificate being served -echo | openssl s_client -connect auth.kelin-hass.duckdns.org:443 -servername auth.kelin-hass.duckdns.org 2>/dev/null | openssl x509 -noout -subject -issuer +echo | openssl s_client -connect auth.yourdomain.duckdns.org:443 -servername auth.yourdomain.duckdns.org 2>/dev/null | openssl x509 -noout -subject -issuer # 4. Check DNS TXT records -dig +short TXT _acme-challenge.kelin-hass.duckdns.org +dig +short TXT _acme-challenge.yourdomain.duckdns.org # 5. Check Traefik logs docker exec traefik tail -50 /var/log/traefik/traefik.log @@ -457,15 +457,15 @@ docker exec traefik tail -f /var/log/traefik/traefik.log ### Verify Certificate Command ```bash -echo | openssl s_client -connect ${SUBDOMAIN}.kelin-hass.duckdns.org:443 -servername ${SUBDOMAIN}.kelin-hass.duckdns.org 2>/dev/null | openssl x509 -noout -subject -issuer -dates +echo | openssl s_client -connect ${SUBDOMAIN}.yourdomain.duckdns.org:443 -servername ${SUBDOMAIN}.yourdomain.duckdns.org 2>/dev/null | openssl x509 -noout -subject -issuer -dates ``` ### Check All Service Certificates ```bash for subdomain in auth traefik dockge dozzle glances pihole; do - echo "=== $subdomain.kelin-hass.duckdns.org ===" - echo | openssl s_client -connect $subdomain.kelin-hass.duckdns.org:443 -servername $subdomain.kelin-hass.duckdns.org 2>/dev/null | openssl x509 -noout -subject -issuer + echo "=== $subdomain.yourdomain.duckdns.org ===" + echo | openssl s_client -connect $subdomain.yourdomain.duckdns.org:443 -servername $subdomain.yourdomain.duckdns.org 2>/dev/null | openssl x509 -noout -subject -issuer echo done ``` diff --git a/docs/docker-guidelines.md b/docs/docker-guidelines.md index a732461..bacd9b0 100644 --- a/docs/docker-guidelines.md +++ b/docs/docker-guidelines.md @@ -1402,7 +1402,7 @@ Homepage configuration must be kept synchronized with deployed services. The AI 1. **Hard-Coded URLs Required**: Homepage does NOT support variables in href links - Template uses `{{HOMEPAGE_VAR_DOMAIN}}` as placeholder - - Active config uses `kelin-hass.duckdns.org` hard-coded + - Active config uses `yourdomain.duckdns.org` hard-coded - AI must replace placeholders when deploying configs 2. **No Container Restart Needed**: Homepage picks up config changes instantly @@ -1427,7 +1427,7 @@ Homepage configuration must be kept synchronized with deployed services. The AI - Stack Name (compose-file.yml): - Service Name: icon: service.png - href: https://subdomain.kelin-hass.duckdns.org # Hard-coded! + href: https://subdomain.yourdomain.duckdns.org # Hard-coded! description: Service description ``` @@ -1436,7 +1436,7 @@ Homepage configuration must be kept synchronized with deployed services. The AI ```bash # When deploying from template: cp /home/kelin/AI-Homelab/config-templates/homepage/*.yaml /opt/stacks/homepage/config/ -sed -i 's/{{HOMEPAGE_VAR_DOMAIN}}/kelin-hass.duckdns.org/g' /opt/stacks/homepage/config/services.yaml +sed -i 's/{{HOMEPAGE_VAR_DOMAIN}}/yourdomain.duckdns.org/g' /opt/stacks/homepage/config/services.yaml # No restart needed - configs load instantly ``` diff --git a/docs/troubleshooting/SSL-CERTIFICATES-DUCKDNS.md b/docs/troubleshooting/SSL-CERTIFICATES-DUCKDNS.md index 5799e19..36f38ba 100644 --- a/docs/troubleshooting/SSL-CERTIFICATES-DUCKDNS.md +++ b/docs/troubleshooting/SSL-CERTIFICATES-DUCKDNS.md @@ -7,8 +7,8 @@ Wildcard SSL certificate acquisition via DuckDNS DNS-01 challenge consistently f ### Why Both Domain and Wildcard are Required Let's Encrypt requires validation of BOTH domains when using SAN (Subject Alternative Name) certificates: -- `kelin-hass.duckdns.org` (apex domain) -- `*.kelin-hass.duckdns.org` (wildcard) +- `yourdomain.duckdns.org` (apex domain) +- `*.yourdomain.duckdns.org` (wildcard) This is a Let's Encrypt policy - you cannot obtain just the wildcard certificate. Both must be validated simultaneously. @@ -23,13 +23,13 @@ ping -c 2 ns1.duckdns.org # FAIL: 100% packet loss ping -c 2 99.79.143.35 # FAIL: 100% packet loss (direct IP) # DNS queries to authoritative servers - timeout -dig @99.79.143.35 kelin-hass.duckdns.org # FAIL: timeout -dig @35.182.183.211 kelin-hass.duckdns.org # FAIL: timeout -dig @3.97.58.28 kelin-hass.duckdns.org # FAIL: timeout +dig @99.79.143.35 yourdomain.duckdns.org # FAIL: timeout +dig @35.182.183.211 yourdomain.duckdns.org # FAIL: timeout +dig @3.97.58.28 yourdomain.duckdns.org # FAIL: timeout # Queries to recursive resolvers - SUCCESS -dig @8.8.8.8 kelin-hass.duckdns.org # SUCCESS -dig @1.1.1.1 kelin-hass.duckdns.org # SUCCESS +dig @8.8.8.8 yourdomain.duckdns.org # SUCCESS +dig @1.1.1.1 yourdomain.duckdns.org # SUCCESS # Traceroute analysis traceroute 99.79.143.35 @@ -83,15 +83,15 @@ The lego library **must** also query the authoritative nameservers directly to v ``` propagation: time limit exceeded: last error: authoritative nameservers: DNS call error: read udp 172.19.0.2:53666->3.97.58.28:53: i/o timeout -[ns=ns6.duckdns.org.:53, question='_acme-challenge.kelin-hass.duckdns.org. IN TXT'] +[ns=ns6.duckdns.org.:53, question='_acme-challenge.yourdomain.duckdns.org. IN TXT'] ``` **Phase 2: SOA record query failure** ``` propagation: time limit exceeded: last error: could not find zone: -[fqdn=_acme-challenge.kelin-hass.duckdns.org.] -unexpected response for 'kelin-hass.duckdns.org.' -[question='kelin-hass.duckdns.org. IN SOA', code=SERVFAIL] +[fqdn=_acme-challenge.yourdomain.duckdns.org.] +unexpected response for 'yourdomain.duckdns.org.' +[question='yourdomain.duckdns.org. IN SOA', code=SERVFAIL] ``` ## Working Configuration (Self-Signed Certificates) diff --git a/markup.yml b/markup.yml index 7520ba4..d07875a 100644 --- a/markup.yml +++ b/markup.yml @@ -15,12 +15,12 @@ echo "╚═══════════════════════ echo "╔═════════════════════════════════════════════════════════════╗ echo "║ ✅ SERVER_IP: 192.168.4.4 ║ echo "║ ✅ SERVER_HOSTNAME: jasper ║ -echo "║ ✅ DUCKDNS_SUBDOMAINS: kelinreij ║ -echo "║ ✅ DUCKDNS_TOKEN: 41ef7faa-fc93-41d2-a32f-340fd2b75b2f ║ -echo "║ ✅ DOMAIN: kelinreij.duckdns.org ║ -echo "║ ✅ DEFAULT_USER: kelin ║ -echo "║ ✅ DEFAULT_PASSWORD: Tiberi0u$ ║ -echo "║ ✅ DEFAULT_EMAIL: kelinshomelab@gmail.com ║ +echo "║ ✅ DUCKDNS_SUBDOMAINS: yourdomain ║ +echo "║ ✅ DUCKDNS_TOKEN: your-duckdns-token ║ +echo "║ ✅ DOMAIN: yourdomain.duckdns.org ║ +echo "║ ✅ DEFAULT_USER: admin ║ +echo "║ ✅ DEFAULT_PASSWORD: changeme ║ +echo "║ ✅ DEFAULT_EMAIL: admin@example.com ║ echo "╚═════════════════════════════════════════════════════════════╝ echo "╔═════════════════════════════════════════════════════════════╗ From 0052fa4ddc1107e373d8375004a34b8ed3d415b8 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Thu, 5 Feb 2026 18:41:42 +0000 Subject: [PATCH 3/3] Complete personal data replacement in Traefik configs - Replace remaining domain references in Traefik dynamic configs - Replace kelinreij.duckdns.org with yourdomain.duckdns.org in: - external-host-homeassistant.yml - local-host-production.yml - sablier.yml - markup.yml service URLs Co-authored-by: kelinfoxy <67766943+kelinfoxy@users.noreply.github.com> --- .../dynamic/external-host-homeassistant.yml | 2 +- .../traefik/dynamic/local-host-production.yml | 20 +++++++++---------- .../core/traefik/dynamic/sablier.yml | 2 +- markup.yml | 8 ++++---- 4 files changed, 16 insertions(+), 16 deletions(-) diff --git a/docker-compose/core/traefik/dynamic/external-host-homeassistant.yml b/docker-compose/core/traefik/dynamic/external-host-homeassistant.yml index 8f04899..446fd33 100644 --- a/docker-compose/core/traefik/dynamic/external-host-homeassistant.yml +++ b/docker-compose/core/traefik/dynamic/external-host-homeassistant.yml @@ -2,7 +2,7 @@ http: routers: # Individual Services homeassistant: - rule: "Host(`hass.kelinreij.duckdns.org`)" + rule: "Host(`hass.yourdomain.duckdns.org`)" entryPoints: - websecure service: homeassistant diff --git a/docker-compose/core/traefik/dynamic/local-host-production.yml b/docker-compose/core/traefik/dynamic/local-host-production.yml index c49224f..06ceb6b 100644 --- a/docker-compose/core/traefik/dynamic/local-host-production.yml +++ b/docker-compose/core/traefik/dynamic/local-host-production.yml @@ -2,7 +2,7 @@ http: routers: # Remote Server Services (your-remote-server) dockge-your-remote-server: - rule: "Host(`dockge.your-remote-server.kelinreij.duckdns.org`)" + rule: "Host(`dockge.your-remote-server.yourdomain.duckdns.org`)" entryPoints: - websecure service: dockge-your-remote-server @@ -12,7 +12,7 @@ http: - authelia@docker dozzle-your-remote-server: - rule: "Host(`dozzle.your-remote-server.kelinreij.duckdns.org`)" + rule: "Host(`dozzle.your-remote-server.yourdomain.duckdns.org`)" entryPoints: - websecure service: dozzle-your-remote-server @@ -22,7 +22,7 @@ http: - authelia@docker glances-your-remote-server: - rule: "Host(`glances.your-remote-server.kelinreij.duckdns.org`)" + rule: "Host(`glances.your-remote-server.yourdomain.duckdns.org`)" entryPoints: - websecure service: glances-your-remote-server @@ -32,7 +32,7 @@ http: - authelia@docker backrest-your-remote-server: - rule: "Host(`backrest.your-remote-server.kelinreij.duckdns.org`)" + rule: "Host(`backrest.your-remote-server.yourdomain.duckdns.org`)" entryPoints: - websecure service: backrest-your-remote-server @@ -42,7 +42,7 @@ http: - authelia@docker duplicati-your-remote-server: - rule: "Host(`duplicati.your-remote-server.kelinreij.duckdns.org`)" + rule: "Host(`duplicati.your-remote-server.yourdomain.duckdns.org`)" entryPoints: - websecure service: duplicati-your-remote-server @@ -52,7 +52,7 @@ http: - authelia@docker homepage-your-remote-server: - rule: "Host(`homepage.your-remote-server.kelinreij.duckdns.org`)" + rule: "Host(`homepage.your-remote-server.yourdomain.duckdns.org`)" entryPoints: - websecure service: homepage-your-remote-server @@ -62,7 +62,7 @@ http: - authelia@docker homarr-your-remote-server: - rule: "Host(`homarr.your-remote-server.kelinreij.duckdns.org`)" + rule: "Host(`homarr.your-remote-server.yourdomain.duckdns.org`)" entryPoints: - websecure service: homarr-your-remote-server @@ -72,7 +72,7 @@ http: - authelia@docker grafana-your-remote-server: - rule: "Host(`grafana.your-remote-server.kelinreij.duckdns.org`)" + rule: "Host(`grafana.your-remote-server.yourdomain.duckdns.org`)" entryPoints: - websecure service: grafana-your-remote-server @@ -82,7 +82,7 @@ http: - authelia@docker prometheus-your-remote-server: - rule: "Host(`prometheus.your-remote-server.kelinreij.duckdns.org`)" + rule: "Host(`prometheus.your-remote-server.yourdomain.duckdns.org`)" entryPoints: - websecure service: prometheus-your-remote-server @@ -92,7 +92,7 @@ http: - authelia@docker uptime-kuma-your-remote-server: - rule: "Host(`status.your-remote-server.kelinreij.duckdns.org`)" + rule: "Host(`status.your-remote-server.yourdomain.duckdns.org`)" entryPoints: - websecure service: uptime-kuma-your-remote-server diff --git a/docker-compose/core/traefik/dynamic/sablier.yml b/docker-compose/core/traefik/dynamic/sablier.yml index 2255cb3..b96f49b 100644 --- a/docker-compose/core/traefik/dynamic/sablier.yml +++ b/docker-compose/core/traefik/dynamic/sablier.yml @@ -3,7 +3,7 @@ http: middlewares: authelia: forwardauth: - address: http://authelia:9091/api/verify?rd=https://auth.kelinreij.duckdns.org/ + address: http://authelia:9091/api/verify?rd=https://auth.yourdomain.duckdns.org/ authResponseHeaders: - X-Secret trustForwardHeader: true diff --git a/markup.yml b/markup.yml index d07875a..b578af8 100644 --- a/markup.yml +++ b/markup.yml @@ -31,16 +31,16 @@ echo "╔═══════════════════════ echo "║ Deployment Complete! ║ echo "║ SSL Certificates may take a few minutes to be issued. ║ echo "║ ║ -echo "║ https://dockge.kelinreij.duckdns.org ║ +echo "║ https://dockge.yourdomain.duckdns.org ║ echo "║ http://192.168.4.4:5001 ║ echo "║ ║ -echo "║ https://homepage.kelinreij.duckdns.org ║ +echo "║ https://homepage.yourdomain.duckdns.org ║ echo "║ http://192.168.4.4:3003 ║ echo "║ ║ -echo "║ https://authelia.kelinreij.duckdns.org ║ +echo "║ https://authelia.yourdomain.duckdns.org ║ echo "║ http://192.168.4.4:9091 ║ echo "║ ║ -echo "║ https://traefik.kelinreij.duckdns.org ║ +echo "║ https://traefik.yourdomain.duckdns.org ║ echo "║ http://192.168.4.4:8080 ║ echo "║ ║ echo "╚═════════════════════════════════════════════════════════════╝