feat: implement task list updates
- getting-started.md: Moved checklist before Simple Setup, removed Round 4 section - authelia-customization.md: Updated Authentik reference to alternatives stack - services-overview.md: Added clickable links to all stack compose files - setup-homelab.sh: Added prompt to run deployment script after setup (defaults to yes) - traefik.yml: Changed default to DNS challenge for wildcard certificates (DuckDNS) All documentation now reflects wildcard certificate usage with DNS challenge.
This commit is contained in:
@@ -110,12 +110,12 @@ This is **by design** and makes Authelia perfect for AI management and security-
|
||||
|
||||
## Alternative with Web UI: Authentik
|
||||
|
||||
If you need a web UI for user management, Authentik is included in the infrastructure stack:
|
||||
If you need a web UI for user management, Authentik is included in the alternatives stack:
|
||||
- **Authentik**: Full-featured SSO with web UI for user/group management
|
||||
- Access at: `https://authentik.${DOMAIN}`
|
||||
- Includes PostgreSQL database and Redis cache
|
||||
- More complex but offers GUI-based configuration
|
||||
- Deploy only if you need web-based user management
|
||||
- Deploy via Dockge when needed
|
||||
|
||||
**Other Alternatives:**
|
||||
- **Keycloak**: Enterprise-grade SSO with web UI
|
||||
|
||||
@@ -2,6 +2,17 @@
|
||||
|
||||
Welcome to your AI-powered homelab! This guide will walk you through setting up your production-ready infrastructure with Dockge, Traefik, Authelia, and 60+ services.
|
||||
|
||||
## Getting Started Checklist
|
||||
|
||||
- [ ] Configure `.env` file with your domain and tokens
|
||||
- [ ] Run setup script (generates Authelia secrets and admin user)
|
||||
- [ ] Log out and back in for Docker group permissions
|
||||
- [ ] Run deployment script (deploys all core services)
|
||||
- [ ] Access Dockge web UI
|
||||
- [ ] Set up 2FA with Authelia
|
||||
- [ ] Deploy additional stacks as needed via Dockge
|
||||
- [ ] Configure Homepage dashboard widgets
|
||||
|
||||
## Quick Setup (Recommended)
|
||||
|
||||
For most users, the automated setup script handles everything:
|
||||
@@ -182,17 +193,6 @@ docker compose logs -f
|
||||
docker compose up -d --build service-name
|
||||
```
|
||||
|
||||
## Getting Started Checklist
|
||||
|
||||
- [ ] Run setup script or manual setup
|
||||
- [ ] Configure `.env` file
|
||||
- [ ] Deploy core infrastructure
|
||||
- [ ] Access Dockge web UI
|
||||
- [ ] Set up Authelia authentication
|
||||
- [ ] Deploy additional stacks as needed
|
||||
- [ ] Configure Homepage dashboard
|
||||
- [ ] Install VS Code with Copilot
|
||||
|
||||
## Next Steps
|
||||
|
||||
1. **Explore services** through Dockge
|
||||
@@ -201,37 +201,4 @@ docker compose up -d --build service-name
|
||||
4. **Add external services** via Traefik proxying
|
||||
5. **Use AI assistance** for custom configurations
|
||||
|
||||
Happy homelabbing! 🚀
|
||||
|
||||
## Deployment Improvements (Round 4)
|
||||
|
||||
The repository has been enhanced with the following improvements for better user experience:
|
||||
|
||||
### Automated Configuration
|
||||
- **Email Substitution**: Deploy script automatically configures Traefik with your ACME_EMAIL
|
||||
- **Password Generation**: Authelia admin password is auto-generated and saved to `/opt/stacks/core/authelia/ADMIN_PASSWORD.txt`
|
||||
- **Network Creation**: Docker networks are created automatically before deployment
|
||||
|
||||
### Volume Path Standardization
|
||||
- All compose files now use **relative paths** (e.g., `./service/config`) for portability
|
||||
- Stacks work correctly when deployed via Dockge or docker compose
|
||||
- Large shared data still uses absolute paths (`/mnt/media`, `/mnt/downloads`)
|
||||
|
||||
### SSL Certificate Configuration
|
||||
- **Default**: HTTP challenge (simple setup, works immediately)
|
||||
- **Optional**: DNS challenge for wildcard certificates (see comments in traefik.yml)
|
||||
- Certificates are automatically requested and renewed by Traefik
|
||||
|
||||
### What's Automated
|
||||
✅ Docker network creation
|
||||
✅ Traefik email configuration
|
||||
✅ Authelia password generation
|
||||
✅ Domain configuration in Authelia
|
||||
✅ Directory structure creation
|
||||
✅ Service deployment
|
||||
|
||||
### What You Configure
|
||||
📝 `.env` file with your domain and API keys
|
||||
📝 DuckDNS token
|
||||
📝 VPN credentials (if using Gluetun)
|
||||
📝 Service-specific settings via Dockge
|
||||
Happy homelabbing! 🚀
|
||||
|
||||
@@ -6,34 +6,34 @@ This document provides a comprehensive overview of all 60+ pre-configured servic
|
||||
|
||||
| Stacks (10) | Services (70 + 6db) | SSO | Storage | Access URLs |
|
||||
|-------|----------|-----|---------|-------------|
|
||||
| **📦 core.yaml (4)** | **Deploy First** | | | |
|
||||
| **📦 [core.yaml](../docker-compose/core.yml) (4)** | **Deploy First** | | | |
|
||||
| ├─ [DuckDNS](service-docs/duckdns.md) | Dynamic DNS updater | - | /opt/stacks/core/duckdns | No UI |
|
||||
| ├─ [Traefik](service-docs/traefik.md) | Reverse proxy + SSL | ✓ | /opt/stacks/core/traefik | traefik.${DOMAIN} |
|
||||
| ├─ [Authelia](service-docs/authelia.md) | SSO authentication | - | /opt/stacks/core/authelia | auth.${DOMAIN} |
|
||||
| └─ [Gluetun](service-docs/gluetun.md) | VPN (Surfshark) | - | /opt/stacks/core/gluetun | No UI |
|
||||
| **🔧 infrastructure.yaml (6+5)** | **Deployed: 6** | | | |
|
||||
| **🔧 [infrastructure.yaml](../docker-compose/infrastructure.yml) (6+5)** | **Deployed: 6** | | | |
|
||||
| ├─ [Dockge](service-docs/dockge.md) | Stack manager (PRIMARY) | ✓ | /opt/stacks/infrastructure | dockge.${DOMAIN} |
|
||||
| ├─ [Pi-hole](service-docs/pihole.md) | DNS + Ad blocking | ✓ | /opt/stacks/infrastructure | pihole.${DOMAIN} |
|
||||
| ├─ [Dozzle](service-docs/dozzle.md) | Docker log viewer | ✓ | /opt/stacks/infrastructure | dozzle.${DOMAIN} |
|
||||
| ├─ [Glances](service-docs/glances.md) | System monitoring | ✓ | /opt/stacks/infrastructure | glances.${DOMAIN} |
|
||||
| └─ [Docker Proxy](service-docs/docker-proxy.md) | Secure socket access | - | /opt/stacks/infrastructure | No UI |
|
||||
| **📦 alternatives.yaml (5)** | **Not deployed** | | | |
|
||||
| **📦 [alternatives.yaml](../docker-compose/alternatives.yml) (5)** | **Not deployed** | | | |
|
||||
| ├─ Portainer | Container management | ✓ | /opt/stacks/alternatives | portainer.${DOMAIN} |
|
||||
| ├─ Authentik Server | SSO with web UI | ✓ | /opt/stacks/alternatives | authentik.${DOMAIN} |
|
||||
| │ ├─ authentik-worker | Background tasks | - | /opt/stacks/alternatives | No UI |
|
||||
| │ ├─ authentik-db | PostgreSQL | - | /opt/stacks/alternatives | No UI |
|
||||
| │ └─ authentik-redis | Cache/messaging | - | /opt/stacks/alternatives | No UI |
|
||||
| **📊 dashboards.yaml** (2) | | | | |
|
||||
| **📊 [dashboards.yaml](../docker-compose/dashboards.yml)** (2) | | | | |
|
||||
| ├─ Homepage | App dashboard (AI cfg) | ✓ | /opt/stacks/dashboards | home.${DOMAIN} |
|
||||
| └─ Homarr | Modern dashboard | ✓ | /opt/stacks/dashboards | homarr.${DOMAIN} |
|
||||
| **🎬 media** (6) | | | | |
|
||||
| **🎬 [media.yml](../docker-compose/media.yml)** (6) | | | | |
|
||||
| ├─ Plex | Media server | ✗ | /mnt/media, /mnt/transcode | plex.${DOMAIN} |
|
||||
| ├─ Jellyfin | Media server (OSS) | ✗ | /mnt/media, /mnt/transcode | jellyfin.${DOMAIN} |
|
||||
| ├─ Sonarr | TV automation | ✓ | /opt/stacks/media, /mnt/media | sonarr.${DOMAIN} |
|
||||
| ├─ Radarr | Movie automation | ✓ | /opt/stacks/media, /mnt/media | radarr.${DOMAIN} |
|
||||
| ├─ Prowlarr | Indexer manager | ✓ | /opt/stacks/media | prowlarr.${DOMAIN} |
|
||||
| └─ qBittorrent | Torrent (via VPN) | ✓ | /mnt/downloads | qbit.${DOMAIN} |
|
||||
| **📚 media-extended.yaml** (10) | | | | |
|
||||
| **📚 [media-extended.yaml](../docker-compose/media-extended.yml)** (10) | | | | |
|
||||
| ├─ Readarr | Ebooks/Audiobooks | ✓ | /opt/stacks/media-ext, /mnt/media | readarr.${DOMAIN} |
|
||||
| ├─ Lidarr | Music manager | ✓ | /opt/stacks/media-ext, /mnt/media | lidarr.${DOMAIN} |
|
||||
| ├─ Lazy Librarian | Book automation | ✓ | /opt/stacks/media-ext, /mnt/media | lazylibrarian.${DOMAIN} |
|
||||
@@ -44,7 +44,7 @@ This document provides a comprehensive overview of all 60+ pre-configured servic
|
||||
| ├─ Tdarr Server | Transcoding server | ✓ | /opt/stacks/media-ext, /mnt/transcode | tdarr.${DOMAIN} |
|
||||
| ├─ Tdarr Node | Transcoding worker | - | /mnt/transcode-cache | No UI |
|
||||
| └─ Unmanic | Library optimizer | ✓ | /opt/stacks/media-ext, /mnt/transcode | unmanic.${DOMAIN} |
|
||||
| **🏠 homeassistant.yaml** (7) | | | | |
|
||||
| **🏠 [homeassistant.yaml](../docker-compose/homeassistant.yml)** (7) | | | | |
|
||||
| ├─ Home Assistant | HA platform | ✗ | /opt/stacks/homeassistant | ha.${DOMAIN} |
|
||||
| ├─ ESPHome | ESP firmware mgr | ✓ | /opt/stacks/homeassistant | esphome.${DOMAIN} |
|
||||
| ├─ TasmoAdmin | Tasmota device mgr | ✓ | /opt/stacks/homeassistant | tasmoadmin.${DOMAIN} |
|
||||
@@ -52,7 +52,7 @@ This document provides a comprehensive overview of all 60+ pre-configured servic
|
||||
| ├─ Mosquitto | MQTT broker | - | /opt/stacks/homeassistant | Ports 1883, 9001 |
|
||||
| ├─ Zigbee2MQTT | Zigbee bridge | ✓ | /opt/stacks/homeassistant | zigbee2mqtt.${DOMAIN} |
|
||||
| └─ MotionEye | Video surveillance | ✓ | /opt/stacks/homeassistant, /mnt/surveillance | motioneye.${DOMAIN} |
|
||||
| **💼 productivity.yaml** (8 + 6 DBs) | | | | |
|
||||
| **💼 [productivity.yaml](../docker-compose/productivity.yml)** (8 + 6 DBs) | | | | |
|
||||
| ├─ Nextcloud | File sync platform | ✓ | /opt/stacks/productivity, /mnt/nextcloud | nextcloud.${DOMAIN} |
|
||||
| │ └─ nextcloud-db | MariaDB | - | /opt/stacks/productivity | No UI |
|
||||
| ├─ Mealie | Recipe manager | ✗ | /opt/stacks/productivity | mealie.${DOMAIN} |
|
||||
@@ -67,7 +67,7 @@ This document provides a comprehensive overview of all 60+ pre-configured servic
|
||||
| │ └─ mediawiki-db | MariaDB | - | /opt/stacks/productivity | No UI |
|
||||
| └─ Form.io | Form builder | ✓ | /opt/stacks/productivity | forms.${DOMAIN} |
|
||||
| └─ formio-mongo | MongoDB | - | /opt/stacks/productivity | No UI |
|
||||
| **🛠️ utilities.yaml** (7) | | | | |
|
||||
| **🛠️ [utilities.yaml](../docker-compose/utilities.yml)** (7) | | | | |
|
||||
| ├─ Vaultwarden | Password manager | ✗ | /opt/stacks/utilities | bitwarden.${DOMAIN} |
|
||||
| ├─ Backrest | Backup (restic) | ✓ | /opt/stacks/utilities, /mnt/backups | backrest.${DOMAIN} |
|
||||
| ├─ Duplicati | Encrypted backups | ✓ | /opt/stacks/utilities, /mnt/backups | duplicati.${DOMAIN} |
|
||||
@@ -75,7 +75,7 @@ This document provides a comprehensive overview of all 60+ pre-configured servic
|
||||
| ├─ Form.io | Form platform | ✓ | /opt/stacks/utilities | forms.${DOMAIN} |
|
||||
| │ └─ formio-mongo | MongoDB | - | /opt/stacks/utilities | No UI |
|
||||
| └─ Authelia-Redis | Session storage | - | /opt/stacks/utilities | No UI |
|
||||
| **📈 monitoring.yaml** (8) | | | | |
|
||||
| **📈 [monitoring.yaml](../docker-compose/monitoring.yml)** (8) | | | | |
|
||||
| ├─ Prometheus | Metrics collection | ✓ | /opt/stacks/monitoring | prometheus.${DOMAIN} |
|
||||
| ├─ Grafana | Visualization | ✓ | /opt/stacks/monitoring | grafana.${DOMAIN} |
|
||||
| ├─ Loki | Log aggregation | - | /opt/stacks/monitoring | Via Grafana |
|
||||
@@ -83,7 +83,7 @@ This document provides a comprehensive overview of all 60+ pre-configured servic
|
||||
| ├─ Node Exporter | Host metrics | - | /opt/stacks/monitoring | No UI |
|
||||
| ├─ cAdvisor | Container metrics | - | /opt/stacks/monitoring | Internal :8080 |
|
||||
| └─ Uptime Kuma | Uptime monitoring | ✓ | /opt/stacks/monitoring | status.${DOMAIN} |
|
||||
| **👨💻 development.yaml** (6) | | | | |
|
||||
| **👨💻 [development.yaml](../docker-compose/development.yml)** (6) | | | | |
|
||||
| ├─ GitLab CE | Git + CI/CD | ✓ | /opt/stacks/development, /mnt/git | gitlab.${DOMAIN} |
|
||||
| ├─ PostgreSQL | SQL database | - | /opt/stacks/development | Port 5432 |
|
||||
| ├─ Redis | In-memory store | - | /opt/stacks/development | Port 6379 |
|
||||
|
||||
Reference in New Issue
Block a user