Merge pull request #2 from kelinfoxy/copilot/scan-and-replace-personal-data

Sanitize personal data from repository history
2026-02-05 14:09:23 -05:00
parent 10aee3b3b1 0052fa4ddc
commit 84b2cabacc
9 changed files with 109 additions and 109 deletions
--- a/docker-compose/core/traefik/dynamic/external-host-homeassistant.yml
+++ b/docker-compose/core/traefik/dynamic/external-host-homeassistant.yml
@@ -2,7 +2,7 @@ http:
  routers:
    # Individual Services
    homeassistant:
-      rule: "Host(`hass.kelinreij.duckdns.org`)"
+      rule: "Host(`hass.yourdomain.duckdns.org`)"
      entryPoints:
        - websecure
      service: homeassistant
--- a/docker-compose/core/traefik/dynamic/local-host-production.yml
+++ b/docker-compose/core/traefik/dynamic/local-host-production.yml
@@ -2,7 +2,7 @@ http:
  routers:
 # Remote Server Services (your-remote-server)
    dockge-your-remote-server:
-      rule: "Host(`dockge.your-remote-server.kelinreij.duckdns.org`)"
+      rule: "Host(`dockge.your-remote-server.yourdomain.duckdns.org`)"
      entryPoints:
        - websecure
      service: dockge-your-remote-server
@@ -12,7 +12,7 @@ http:
        - authelia@docker
    dozzle-your-remote-server:
-      rule: "Host(`dozzle.your-remote-server.kelinreij.duckdns.org`)"
+      rule: "Host(`dozzle.your-remote-server.yourdomain.duckdns.org`)"
      entryPoints:
        - websecure
      service: dozzle-your-remote-server
@@ -22,7 +22,7 @@ http:
        - authelia@docker
    glances-your-remote-server:
-      rule: "Host(`glances.your-remote-server.kelinreij.duckdns.org`)"
+      rule: "Host(`glances.your-remote-server.yourdomain.duckdns.org`)"
      entryPoints:
        - websecure
      service: glances-your-remote-server
@@ -32,7 +32,7 @@ http:
        - authelia@docker
    backrest-your-remote-server:
-      rule: "Host(`backrest.your-remote-server.kelinreij.duckdns.org`)"
+      rule: "Host(`backrest.your-remote-server.yourdomain.duckdns.org`)"
      entryPoints:
        - websecure
      service: backrest-your-remote-server
@@ -42,7 +42,7 @@ http:
        - authelia@docker
    duplicati-your-remote-server:
-      rule: "Host(`duplicati.your-remote-server.kelinreij.duckdns.org`)"
+      rule: "Host(`duplicati.your-remote-server.yourdomain.duckdns.org`)"
      entryPoints:
        - websecure
      service: duplicati-your-remote-server
@@ -52,7 +52,7 @@ http:
        - authelia@docker
    homepage-your-remote-server:
-      rule: "Host(`homepage.your-remote-server.kelinreij.duckdns.org`)"
+      rule: "Host(`homepage.your-remote-server.yourdomain.duckdns.org`)"
      entryPoints:
        - websecure
      service: homepage-your-remote-server
@@ -62,7 +62,7 @@ http:
        - authelia@docker
    homarr-your-remote-server:
-      rule: "Host(`homarr.your-remote-server.kelinreij.duckdns.org`)"
+      rule: "Host(`homarr.your-remote-server.yourdomain.duckdns.org`)"
      entryPoints:
        - websecure
      service: homarr-your-remote-server
@@ -72,7 +72,7 @@ http:
        - authelia@docker
    grafana-your-remote-server:
-      rule: "Host(`grafana.your-remote-server.kelinreij.duckdns.org`)"
+      rule: "Host(`grafana.your-remote-server.yourdomain.duckdns.org`)"
      entryPoints:
        - websecure
      service: grafana-your-remote-server
@@ -82,7 +82,7 @@ http:
        - authelia@docker
    prometheus-your-remote-server:
-      rule: "Host(`prometheus.your-remote-server.kelinreij.duckdns.org`)"
+      rule: "Host(`prometheus.your-remote-server.yourdomain.duckdns.org`)"
      entryPoints:
        - websecure
      service: prometheus-your-remote-server
@@ -92,7 +92,7 @@ http:
        - authelia@docker
    uptime-kuma-your-remote-server:
-      rule: "Host(`status.your-remote-server.kelinreij.duckdns.org`)"
+      rule: "Host(`status.your-remote-server.yourdomain.duckdns.org`)"
      entryPoints:
        - websecure
      service: uptime-kuma-your-remote-server
--- a/docker-compose/core/traefik/dynamic/sablier.yml
+++ b/docker-compose/core/traefik/dynamic/sablier.yml
@@ -3,7 +3,7 @@ http:
  middlewares:
    authelia:
      forwardauth:
-        address: http://authelia:9091/api/verify?rd=https://auth.kelinreij.duckdns.org/
+        address: http://authelia:9091/api/verify?rd=https://auth.yourdomain.duckdns.org/
        authResponseHeaders:
          - X-Secret
        trustForwardHeader: true
--- a/docker-compose/dashboards/homepage/services.yaml
+++ b/docker-compose/dashboards/homepage/services.yaml
@@ -4,253 +4,253 @@
 - Dashboards:
    - Homepage:
        icon: homepage.png
-        href: https://homepage.kelinreij.duckdns.org
+        href: https://homepage.yourdomain.duckdns.org
        description: Hosted on Raspberry Pi
    - Homarr:
        icon: homarr.png
-        href: https://homarr.kelinreij.duckdns.org
+        href: https://homarr.yourdomain.duckdns.org
        description: Alternative Dashboard
    - Dockge - jasper:
        icon: dockge.png
-        href: https://jasper.kelinreij.duckdns.org
+        href: https://jasper.yourdomain.duckdns.org
        description: Main Server
    - Dockge - your-remote-server :
        icon: dockge.png
-        href: https://your-remote-server .kelinreij.duckdns.org
+        href: https://your-remote-server .yourdomain.duckdns.org
        description: Raspberry Pi Authentication Server
 - Core:
    - Traefik:
        icon: traefik.png
-        href: https://traefik.kelinreij.duckdns.org
+        href: https://traefik.yourdomain.duckdns.org
        description: Reverse Proxy & SSL
    - Authelia:
        icon: authelia.png
-        href: https://auth.kelinreij.duckdns.org
+        href: https://auth.yourdomain.duckdns.org
        description: Authentication SSO Portal
    - Pi-hole:
        icon: pi-hole.png
-        href: https://pihole.kelinreij.duckdns.org
+        href: https://pihole.yourdomain.duckdns.org
        description: Network-wide Ad Blocking
 - Monitoring Stack:
    - Dozzle:
        icon: dozzle.png
-        href: https://dozzle.jasper.kelinreij.duckdns.org
+        href: https://dozzle.jasper.yourdomain.duckdns.org
        description: jasper - Real-time Log Viewer
    - Dozzle:
        icon: dozzle.png
-        href: https://dozzle.your-remote-server .kelinreij.duckdns.org
+        href: https://dozzle.your-remote-server .yourdomain.duckdns.org
        description: your-remote-server  - Real-time Log Viewer
    - Glances - jasper:
        icon: glances.png
-        href: https://glances.jasper.kelinreij.duckdns.org
+        href: https://glances.jasper.yourdomain.duckdns.org
        description: jasper - System Monitoring
    - Glances - your-remote-server :
        icon: glances.png
-        href: https://glances.your-remote-server .kelinreij.duckdns.org
+        href: https://glances.your-remote-server .yourdomain.duckdns.org
        description: your-remote-server  - System Monitoring
    - Uptime Kuma:
        icon: uptime-kuma.png
-        href: https://uptime-kuma.kelinreij.duckdns.org
+        href: https://uptime-kuma.yourdomain.duckdns.org
        description: Uptime Monitoring
 - Media:
    - Jellyfin:
        icon: jellyfin.png
-        href: https://jellyfin.kelinreij.duckdns.org
+        href: https://jellyfin.yourdomain.duckdns.org
        description: Open Source Media Server
    - Jellyseerr:
        icon: jellyseerr.png
-        href: https://jellyseerr.kelinreij.duckdns.org
+        href: https://jellyseerr.yourdomain.duckdns.org
        description: Media Request Manager
    - Calibre-Web:
        icon: calibre-web.png
-        href: https://calibre.kelinreij.duckdns.org
+        href: https://calibre.yourdomain.duckdns.org
        description: Ebook Library
 - Media Management:
    - Sonarr:
        icon: sonarr.png
-        href: https://sonarr.kelinreij.duckdns.org
+        href: https://sonarr.yourdomain.duckdns.org
        description: TV Shows Automation
    - Radarr:
        icon: radarr.png
-        href: https://radarr.kelinreij.duckdns.org
+        href: https://radarr.yourdomain.duckdns.org
        description: Movies Automation
    - Prowlarr:
        icon: prowlarr.png
-        href: https://prowlarr.kelinreij.duckdns.org
+        href: https://prowlarr.yourdomain.duckdns.org
        description: Indexer Manager
    - Readarr:
        icon: readarr.png
-        href: https://readarr.kelinreij.duckdns.org
+        href: https://readarr.yourdomain.duckdns.org
        description: Books Automation
    - Lidarr:
        icon: lidarr.png
-        href: https://lidarr.kelinreij.duckdns.org
+        href: https://lidarr.yourdomain.duckdns.org
        description: Music Automation
    - Mylar3:
        icon: mylar.png
-        href: https://mylar.kelinreij.duckdns.org
+        href: https://mylar.yourdomain.duckdns.org
        description: Comics Manager
 - Home Automation:
    - Home Assistant:
        icon: home-assistant.png
-        href: https://hass.kelinreij.duckdns.org
+        href: https://hass.yourdomain.duckdns.org
        description: Home Automation Platform
    - ESPHome:
        icon: esphome.png
-        href: https://esphome.kelinreij.duckdns.org
+        href: https://esphome.yourdomain.duckdns.org
        description: ESP Device Manager
    - Node-RED:
        icon: node-red.png
-        href: https://nodered.kelinreij.duckdns.org
+        href: https://nodered.yourdomain.duckdns.org
        description: Flow-based Automation
    - Zigbee2MQTT:
        icon: zigbee2mqtt.png
-        href: https://zigbee.kelinreij.duckdns.org
+        href: https://zigbee.yourdomain.duckdns.org
        description: Zigbee Bridge
    - Mosquitto:
        icon: mosquitto.png
-        href: https://mqtt.kelinreij.duckdns.org
+        href: https://mqtt.yourdomain.duckdns.org
        description: MQTT Broker
 - Productivity:
    - Nextcloud:
        icon: nextcloud.png
-        href: https://nextcloud.kelinreij.duckdns.org
+        href: https://nextcloud.yourdomain.duckdns.org
        description: Cloud Storage & Collaboration
    - Gitea:
        icon: gitea.png
-        href: https://gitea.kelinreij.duckdns.org
+        href: https://gitea.yourdomain.duckdns.org
        description: Git Repository
    - Mealie:
        icon: mealie.png
-        href: https://mealie.kelinreij.duckdns.org
+        href: https://mealie.yourdomain.duckdns.org
        description: Recipe Manager
    - WordPress:
        icon: wordpress.png
-        href: https://wordpress.kelinreij.duckdns.org
+        href: https://wordpress.yourdomain.duckdns.org
        description: CMS Platform
 - Wikis:
    - BookStack:
        icon: bookstack.png
-        href: https://bookstack.kelinreij.duckdns.org
+        href: https://bookstack.yourdomain.duckdns.org
        description: Wiki Platform
    - DokuWiki:
        icon: dokuwiki.png
-        href: https://dokuwiki.kelinreij.duckdns.org
+        href: https://dokuwiki.yourdomain.duckdns.org
        description: Simple Wiki
    - Mediawiki:
        icon: mediawiki.png
-        href: https://mediawiki.kelinreij.duckdns.org
+        href: https://mediawiki.yourdomain.duckdns.org
        description: Collaborative Wiki
 - Development:
    - VS Code Server:
        icon: vscode.png
-        href: https://code.kelinreij.duckdns.org
+        href: https://code.yourdomain.duckdns.org
        description: Browser-based IDE
    - Jupyter:
        icon: jupyter.png
-        href: https://jupyter.kelinreij.duckdns.org
+        href: https://jupyter.yourdomain.duckdns.org
        description: Data Science Notebooks
 - Downloaders:
    - qBittorrent:
        icon: qbittorrent.png
-        href: https://qbit.kelinreij.duckdns.org
+        href: https://qbit.yourdomain.duckdns.org
        description: Torrent Client
    - Transcoders:
        - Tdarr:
            icon: tdarr.png
-            href: https://tdarr.kelinreij.duckdns.org
+            href: https://tdarr.yourdomain.duckdns.org
            description: Media Transcoding
        - Unmanic:
            icon: unmanic.png
-            href: https://unmanic.kelinreij.duckdns.org
+            href: https://unmanic.yourdomain.duckdns.org
            description: Media Transcoder
 - Utilities:
    - Vaultwarden:
        icon: vaultwarden.png
-        href: https://vault.kelinreij.duckdns.org
+        href: https://vault.yourdomain.duckdns.org
        description: Password Manager
    - Formio:
        icon: mdi-form-select
-        href: https://formio.kelinreij.duckdns.org
+        href: https://formio.yourdomain.duckdns.org
        description: Form Builder
 - Backup:
    - Backrest:
        icon: mdi-backup-restore
-        href: https://backrest.kelinreij.duckdns.org
+        href: https://backrest.yourdomain.duckdns.org
        description: Backup Solution
    - Duplicati:
        icon: duplicati.png
-        href: https://duplicati.kelinreij.duckdns.org
+        href: https://duplicati.yourdomain.duckdns.org
        description: Backup Software
 - Metrics:
    - Grafana:
        icon: grafana.png
-        href: https://grafana.kelinreij.duckdns.org
+        href: https://grafana.yourdomain.duckdns.org
        description: Metrics Dashboard
    - Prometheus:
        icon: prometheus.png
-        href: https://prometheus.kelinreij.duckdns.org
+        href: https://prometheus.yourdomain.duckdns.org
        description: Metrics Collection
    - cAdvisor:
        icon: cadvisor.png
-        href: https://cadvisor.kelinreij.duckdns.org
+        href: https://cadvisor.yourdomain.duckdns.org
        description: Container Metrics
 - Alternatives:
    - Portainer:
        icon: portainer.png
-        href: https://portainer.kelinreij.duckdns.org
+        href: https://portainer.yourdomain.duckdns.org
        description: Container Management UI
    - Authentik:
        icon: authentik.png
-        href: https://authentik.kelinreij.duckdns.org
+        href: https://authentik.yourdomain.duckdns.org
        description: Alternative Auth Provider
    - Plex:
        icon: plex.png
-        href: https://plex.kelinreij.duckdns.org
+        href: https://plex.yourdomain.duckdns.org
        description: Media Server
--- a/docker-compose/infrastructure/code-server/config/.config/code-server/config.yaml
+++ b/docker-compose/infrastructure/code-server/config/.config/code-server/config.yaml
@@ -1,4 +1,4 @@
 bind-addr: 127.0.0.1:8080
 auth: password
-password: 4d6c2b20e8d2c62be2512281
+password: ${CODE_SERVER_PASSWORD}
 cert: false
--- a/docs/action-reports/2026-01-12-ssl-wildcard-certificate-setup.md
+++ b/docs/action-reports/2026-01-12-ssl-wildcard-certificate-setup.md
@@ -15,14 +15,14 @@ Services were showing "not secure" warnings in browsers despite Traefik being co
 ### 1. **Multiple Simultaneous Certificate Requests**
 - **Issue:** Each service (dockge, dozzle, glances, pihole, authelia) had `traefik.http.routers.*.tls.certresolver=letsencrypt` labels
 - **Impact:** Traefik attempted to request individual certificates for each subdomain simultaneously
- **Consequence:** DuckDNS DNS challenge can only handle ONE TXT record at `_acme-challenge.kelin-hass.duckdns.org` at a time
+- **Consequence:** DuckDNS DNS challenge can only handle ONE TXT record at `_acme-challenge.yourdomain.duckdns.org` at a time
 - **Result:** All certificate requests failed with "Incorrect TXT record" errors
 ### 2. **DNS TXT Record Conflicts**
 - **Issue:** Multiple services tried to create different TXT records at the same DNS location
 - **Example:** 
-  - Service A creates: `_acme-challenge.kelin-hass.duckdns.org` = "token1"
+  - Service A creates: `_acme-challenge.yourdomain.duckdns.org` = "token1"
-  - Service B overwrites: `_acme-challenge.kelin-hass.duckdns.org` = "token2"
+  - Service B overwrites: `_acme-challenge.yourdomain.duckdns.org` = "token2"
  - Let's Encrypt validates Service A but finds "token2" → validation fails
 - **DuckDNS Limitation:** Can only maintain ONE TXT record per domain
@@ -98,7 +98,7 @@ pihole:
 certificatesResolvers:
  letsencrypt:
    acme:
-      email: kelinfoxy@gmail.com
+      email: your-email@example.com
      storage: /acme.json
      dnsChallenge:
        provider: duckdns
@@ -129,7 +129,7 @@ chown kelin:kelin /opt/stacks/core/traefik/acme.json
 # Wait for DNS to clear
 sleep 60
-dig +short TXT _acme-challenge.kelin-hass.duckdns.org  # Verified empty
+dig +short TXT _acme-challenge.yourdomain.duckdns.org  # Verified empty
 # Deploy updated configuration
 cp /home/kelin/AI-Homelab/docker-compose/core.yml /opt/stacks/core/docker-compose.yml
@@ -189,21 +189,21 @@ cd /opt/stacks/infrastructure && docker compose -f infrastructure.yml up -d
 {
  "letsencrypt": {
    "Account": {
-      "Email": "kelinfoxy@gmail.com",
+      "Email": "your-email@example.com",
      "Registration": {
-        "uri": "https://acme-v02.api.letsencrypt.org/acme/acct/2958966636"
+        "uri": "https://acme-v02.api.letsencrypt.org/acme/acct/XXXXXXXXXX"
      }
    },
    "Certificates": [
      {
        "domain": {
-          "main": "dockge.kelin-hass.duckdns.org"
+          "main": "dockge.yourdomain.duckdns.org"
        }
      },
      {
        "domain": {
-          "main": "kelin-hass.duckdns.org",
+          "main": "yourdomain.duckdns.org",
-          "sans": ["*.kelin-hass.duckdns.org"]
+          "sans": ["*.yourdomain.duckdns.org"]
        }
      }
    ]
@@ -212,7 +212,7 @@ cd /opt/stacks/infrastructure && docker compose -f infrastructure.yml up -d
 ```
 **Certificate Details:**
- **Subject:** CN=kelin-hass.duckdns.org
+- **Subject:** CN=yourdomain.duckdns.org
 - **Issuer:** C=US, O=Let's Encrypt, CN=R12
 - **Coverage:** Wildcard certificate covering all subdomains
 - **File Size:** 23KB (up from 0 bytes)
@@ -223,12 +223,12 @@ All services running with valid SSL certificates:
 | Service | Status | URL | Certificate |
 |---------|--------|-----|-------------|
-| Traefik | ✅ Up | https://traefik.kelin-hass.duckdns.org | Valid |
+| Traefik | ✅ Up | https://traefik.yourdomain.duckdns.org | Valid |
-| Authelia | ✅ Up | https://auth.kelin-hass.duckdns.org | Valid |
+| Authelia | ✅ Up | https://auth.yourdomain.duckdns.org | Valid |
-| Dockge | ✅ Up | https://dockge.kelin-hass.duckdns.org | Valid |
+| Dockge | ✅ Up | https://dockge.yourdomain.duckdns.org | Valid |
-| Dozzle | ✅ Up | https://dozzle.kelin-hass.duckdns.org | Valid |
+| Dozzle | ✅ Up | https://dozzle.yourdomain.duckdns.org | Valid |
-| Glances | ✅ Up | https://glances.kelin-hass.duckdns.org | Valid |
+| Glances | ✅ Up | https://glances.yourdomain.duckdns.org | Valid |
-| Pi-hole | ✅ Up | https://pihole.kelin-hass.duckdns.org | Valid |
+| Pi-hole | ✅ Up | https://pihole.yourdomain.duckdns.org | Valid |
 ## Best Practices & Prevention
@@ -259,7 +259,7 @@ other-service:
 ### 2. ✅ DuckDNS DNS Challenge Limitations
 **Understand the Constraint:**
- DuckDNS can only maintain ONE TXT record at `_acme-challenge.kelin-hass.duckdns.org`
+- DuckDNS can only maintain ONE TXT record at `_acme-challenge.yourdomain.duckdns.org`
 - Multiple simultaneous challenges WILL fail
 - Use wildcard certificate to avoid this limitation
@@ -292,7 +292,7 @@ docker exec traefik tail -f /var/log/traefik/traefik.log | grep -E "acme|certifi
 docker exec traefik tail -100 /var/log/traefik/traefik.log | grep -E "error|Unable"
 # View specific domain
-docker exec traefik tail -200 /var/log/traefik/traefik.log | grep "kelin-hass.duckdns.org"
+docker exec traefik tail -200 /var/log/traefik/traefik.log | grep "yourdomain.duckdns.org"
 ```
 ### 4. ✅ Certificate Troubleshooting Workflow
@@ -307,10 +307,10 @@ cat /opt/stacks/core/traefik/acme.json | python3 -m json.tool | grep -A5 "Certif
 python3 -c "import json; d=json.load(open('/opt/stacks/core/traefik/acme.json')); print(f'Certificates: {len(d[\"letsencrypt\"][\"Certificates\"])}')"
 # 3. Test certificate being served
-echo | openssl s_client -connect auth.kelin-hass.duckdns.org:443 -servername auth.kelin-hass.duckdns.org 2>/dev/null | openssl x509 -noout -subject -issuer
+echo | openssl s_client -connect auth.yourdomain.duckdns.org:443 -servername auth.yourdomain.duckdns.org 2>/dev/null | openssl x509 -noout -subject -issuer
 # 4. Check DNS TXT records
-dig +short TXT _acme-challenge.kelin-hass.duckdns.org
+dig +short TXT _acme-challenge.yourdomain.duckdns.org
 # 5. Check Traefik logs
 docker exec traefik tail -50 /var/log/traefik/traefik.log
@@ -457,15 +457,15 @@ docker exec traefik tail -f /var/log/traefik/traefik.log
 ### Verify Certificate Command
 ```bash
-echo | openssl s_client -connect ${SUBDOMAIN}.kelin-hass.duckdns.org:443 -servername ${SUBDOMAIN}.kelin-hass.duckdns.org 2>/dev/null | openssl x509 -noout -subject -issuer -dates
+echo | openssl s_client -connect ${SUBDOMAIN}.yourdomain.duckdns.org:443 -servername ${SUBDOMAIN}.yourdomain.duckdns.org 2>/dev/null | openssl x509 -noout -subject -issuer -dates
 ```
 ### Check All Service Certificates
 ```bash
 for subdomain in auth traefik dockge dozzle glances pihole; do
-  echo "=== $subdomain.kelin-hass.duckdns.org ==="
+  echo "=== $subdomain.yourdomain.duckdns.org ==="
-  echo | openssl s_client -connect $subdomain.kelin-hass.duckdns.org:443 -servername $subdomain.kelin-hass.duckdns.org 2>/dev/null | openssl x509 -noout -subject -issuer
+  echo | openssl s_client -connect $subdomain.yourdomain.duckdns.org:443 -servername $subdomain.yourdomain.duckdns.org 2>/dev/null | openssl x509 -noout -subject -issuer
  echo
 done
 ```
--- a/docs/docker-guidelines.md
+++ b/docs/docker-guidelines.md
@@ -1402,7 +1402,7 @@ Homepage configuration must be kept synchronized with deployed services. The AI
 1. **Hard-Coded URLs Required**: Homepage does NOT support variables in href links
   - Template uses `{{HOMEPAGE_VAR_DOMAIN}}` as placeholder
-   - Active config uses `kelin-hass.duckdns.org` hard-coded
+   - Active config uses `yourdomain.duckdns.org` hard-coded
   - AI must replace placeholders when deploying configs
 2. **No Container Restart Needed**: Homepage picks up config changes instantly
@@ -1427,7 +1427,7 @@ Homepage configuration must be kept synchronized with deployed services. The AI
 - Stack Name (compose-file.yml):
    - Service Name:
        icon: service.png
-        href: https://subdomain.kelin-hass.duckdns.org  # Hard-coded!
+        href: https://subdomain.yourdomain.duckdns.org  # Hard-coded!
        description: Service description
 ```
@@ -1436,7 +1436,7 @@ Homepage configuration must be kept synchronized with deployed services. The AI
 ```bash
 # When deploying from template:
 cp /home/kelin/AI-Homelab/config-templates/homepage/*.yaml /opt/stacks/homepage/config/
-sed -i 's/{{HOMEPAGE_VAR_DOMAIN}}/kelin-hass.duckdns.org/g' /opt/stacks/homepage/config/services.yaml
+sed -i 's/{{HOMEPAGE_VAR_DOMAIN}}/yourdomain.duckdns.org/g' /opt/stacks/homepage/config/services.yaml
 # No restart needed - configs load instantly
 ```
--- a/docs/troubleshooting/SSL-CERTIFICATES-DUCKDNS.md
+++ b/docs/troubleshooting/SSL-CERTIFICATES-DUCKDNS.md
@@ -7,8 +7,8 @@ Wildcard SSL certificate acquisition via DuckDNS DNS-01 challenge consistently f
 ### Why Both Domain and Wildcard are Required
 Let's Encrypt requires validation of BOTH domains when using SAN (Subject Alternative Name) certificates:
- `kelin-hass.duckdns.org` (apex domain)
+- `yourdomain.duckdns.org` (apex domain)
- `*.kelin-hass.duckdns.org` (wildcard)
+- `*.yourdomain.duckdns.org` (wildcard)
 This is a Let's Encrypt policy - you cannot obtain just the wildcard certificate. Both must be validated simultaneously.
@@ -23,13 +23,13 @@ ping -c 2 ns1.duckdns.org  # FAIL: 100% packet loss
 ping -c 2 99.79.143.35     # FAIL: 100% packet loss (direct IP)
 # DNS queries to authoritative servers - timeout
-dig @99.79.143.35 kelin-hass.duckdns.org  # FAIL: timeout
+dig @99.79.143.35 yourdomain.duckdns.org  # FAIL: timeout
-dig @35.182.183.211 kelin-hass.duckdns.org  # FAIL: timeout
+dig @35.182.183.211 yourdomain.duckdns.org  # FAIL: timeout
-dig @3.97.58.28 kelin-hass.duckdns.org  # FAIL: timeout
+dig @3.97.58.28 yourdomain.duckdns.org  # FAIL: timeout
 # Queries to recursive resolvers - SUCCESS
-dig @8.8.8.8 kelin-hass.duckdns.org  # SUCCESS
+dig @8.8.8.8 yourdomain.duckdns.org  # SUCCESS
-dig @1.1.1.1 kelin-hass.duckdns.org  # SUCCESS
+dig @1.1.1.1 yourdomain.duckdns.org  # SUCCESS
 # Traceroute analysis
 traceroute 99.79.143.35
@@ -83,15 +83,15 @@ The lego library **must** also query the authoritative nameservers directly to v
 ```
 propagation: time limit exceeded: last error: authoritative nameservers: 
 DNS call error: read udp 172.19.0.2:53666->3.97.58.28:53: i/o timeout 
-[ns=ns6.duckdns.org.:53, question='_acme-challenge.kelin-hass.duckdns.org. IN TXT']
+[ns=ns6.duckdns.org.:53, question='_acme-challenge.yourdomain.duckdns.org. IN TXT']
 ```
 **Phase 2: SOA record query failure**
 ```
 propagation: time limit exceeded: last error: could not find zone: 
-[fqdn=_acme-challenge.kelin-hass.duckdns.org.] 
+[fqdn=_acme-challenge.yourdomain.duckdns.org.] 
-unexpected response for 'kelin-hass.duckdns.org.' 
+unexpected response for 'yourdomain.duckdns.org.' 
-[question='kelin-hass.duckdns.org. IN SOA', code=SERVFAIL]
+[question='yourdomain.duckdns.org. IN SOA', code=SERVFAIL]
 ```
 ## Working Configuration (Self-Signed Certificates)
--- a/markup.yml
+++ b/markup.yml
@@ -15,12 +15,12 @@ echo "╚═══════════════════════
 echo "╔═════════════════════════════════════════════════════════════╗
 echo "║  ✅ SERVER_IP: 192.168.4.4                                 ║
 echo "║  ✅ SERVER_HOSTNAME: jasper                                ║
-echo "║  ✅ DUCKDNS_SUBDOMAINS: kelinreij                          ║
+echo "║  ✅ DUCKDNS_SUBDOMAINS: yourdomain                         ║
-echo "║  ✅ DUCKDNS_TOKEN: 41ef7faa-fc93-41d2-a32f-340fd2b75b2f    ║
+echo "║  ✅ DUCKDNS_TOKEN: your-duckdns-token                      ║
-echo "║  ✅ DOMAIN: kelinreij.duckdns.org                          ║
+echo "║  ✅ DOMAIN: yourdomain.duckdns.org                         ║
-echo "║  ✅ DEFAULT_USER: kelin                                    ║
+echo "║  ✅ DEFAULT_USER: admin                                    ║
-echo "║  ✅ DEFAULT_PASSWORD: Tiberi0u$                            ║
+echo "║  ✅ DEFAULT_PASSWORD: changeme                             ║
-echo "║  ✅ DEFAULT_EMAIL: kelinshomelab@gmail.com                 ║
+echo "║  ✅ DEFAULT_EMAIL: admin@example.com                       ║
 echo "╚═════════════════════════════════════════════════════════════╝
 echo "╔═════════════════════════════════════════════════════════════╗
@@ -31,16 +31,16 @@ echo "╔═══════════════════════
 echo "║                  Deployment Complete!                       ║
 echo "║  SSL Certificates may take a few minutes to be issued.      ║
 echo "║                                                             ║
-echo "║  https://dockge.kelinreij.duckdns.org                       ║
+echo "║  https://dockge.yourdomain.duckdns.org                       ║
 echo "║  http://192.168.4.4:5001                                    ║
 echo "║                                                             ║
-echo "║  https://homepage.kelinreij.duckdns.org                     ║
+echo "║  https://homepage.yourdomain.duckdns.org                     ║
 echo "║  http://192.168.4.4:3003                                    ║
 echo "║                                                             ║
-echo "║  https://authelia.kelinreij.duckdns.org                     ║
+echo "║  https://authelia.yourdomain.duckdns.org                     ║
 echo "║  http://192.168.4.4:9091                                    ║
 echo "║                                                             ║
-echo "║  https://traefik.kelinreij.duckdns.org                      ║
+echo "║  https://traefik.yourdomain.duckdns.org                      ║
 echo "║  http://192.168.4.4:8080                                    ║
 echo "║                                                             ║
 echo "╚═════════════════════════════════════════════════════════════╝