diff --git a/docker-compose/core/authelia/config/users_database.yml b/docker-compose/core/authelia/config/users_database.yml index 8538fd4..9421ef4 100644 --- a/docker-compose/core/authelia/config/users_database.yml +++ b/docker-compose/core/authelia/config/users_database.yml @@ -3,10 +3,10 @@ ############################################################### users: - admin: - displayname: "admin" - password: "generate-with-openssl-rand-hex-64" - email: admin@example.com + ${AUTHELIA_ADMIN_USER}: + displayname: "${AUTHELIA_ADMIN_USER}" + password: "${AUTHELIA_ADMIN_PASSWORD_HASH}" + email: ${AUTHELIA_ADMIN_EMAIL} groups: - admins - users diff --git a/docker-compose/core/docker-compose.yml b/docker-compose/core/docker-compose.yml index e02eeb0..cbccf05 100644 --- a/docker-compose/core/docker-compose.yml +++ b/docker-compose/core/docker-compose.yml @@ -15,8 +15,8 @@ services: - PUID=1000 - PGID=1000 - TZ=America/New_York - - SUBDOMAINS=yourdomain - - TOKEN=your-duckdns-token + - SUBDOMAINS=${DUCKDNS_SUBDOMAINS} + - TOKEN=${DUCKDNS_TOKEN} volumes: - ./duckdns/config:/config networks: @@ -29,7 +29,7 @@ services: restart: unless-stopped command: ['--configFile=/config/traefik.yml'] environment: - - DUCKDNS_TOKEN=your-duckdns-token + - DUCKDNS_TOKEN=${DUCKDNS_TOKEN} ports: - 80:80 - 443:443 @@ -48,7 +48,7 @@ services: - 'homelab.category=core' - 'homelab.description=Reverse proxy and SSL termination' - 'traefik.enable=true' - - 'traefik.http.routers.traefik.rule=Host(`traefik.yourdomain.duckdns.org`)' + - 'traefik.http.routers.traefik.rule=Host(`traefik.${DOMAIN}`)' - 'traefik.http.routers.traefik.entrypoints=websecure' - 'traefik.http.routers.traefik.tls.certresolver=letsencrypt' - 'traefik.http.routers.traefik.middlewares=authelia@docker' @@ -80,13 +80,13 @@ services: # If Traefik is on a remote server: these labels are NOT USED; # configure external yml files in /traefik/dynamic folder instead. - 'traefik.enable=true' - - 'traefik.http.routers.authelia.rule=Host(`auth.yourdomain.duckdns.org`)' + - 'traefik.http.routers.authelia.rule=Host(`auth.${DOMAIN}`)' - 'traefik.http.routers.authelia.entrypoints=websecure' - 'traefik.http.routers.authelia.tls.certresolver=letsencrypt' - 'traefik.http.routers.authelia.service=authelia' - 'traefik.http.services.authelia.loadbalancer.server.port=9091' # Authelia forward auth middleware configuration - - 'traefik.http.middlewares.authelia.forwardauth.address=http://authelia:9091/api/verify?rd=https://auth.yourdomain.duckdns.org/' + - 'traefik.http.middlewares.authelia.forwardauth.address=http://authelia:9091/api/verify?rd=https://auth.${DOMAIN}/' - 'traefik.http.middlewares.authelia.forwardauth.authResponseHeaders=X-Secret' - 'traefik.http.middlewares.authelia.forwardauth.trustForwardHeader=true' @@ -96,7 +96,7 @@ networks: x-dockge: urls: - - https://auth.yourdomain.duckdns.org - - http://192.168.1.100:9091 - - https://traefik.yourdomain.duckdns.org - - http://192.168.1.100:8080 + - https://auth.${DOMAIN} + - http://${SERVER_IP}:9091 + - https://traefik.${DOMAIN} + - http://${SERVER_IP}:8080 diff --git a/docker-compose/core/traefik/traefik.yml b/docker-compose/core/traefik/traefik.yml index 01297a1..d1179fa 100644 --- a/docker-compose/core/traefik/traefik.yml +++ b/docker-compose/core/traefik/traefik.yml @@ -27,7 +27,7 @@ entryPoints: certificatesResolvers: letsencrypt: acme: - email: admin@example.com # Your email for Let's Encrypt notifications + email: ${DEFAULT_EMAIL} # Your email for Let's Encrypt notifications caServer: https://acme-v02.api.letsencrypt.org/directory # Use staging for testing storage: /letsencrypt/acme.json # DNS challenge - For wildcard certificates (*.yourdomain.duckdns.org) diff --git a/docker-compose/sablier/docker-compose.yml b/docker-compose/sablier/docker-compose.yml index 77f3eee..3d90597 100644 --- a/docker-compose/sablier/docker-compose.yml +++ b/docker-compose/sablier/docker-compose.yml @@ -9,7 +9,7 @@ services: - /var/run/docker.sock:/var/run/docker.sock:ro labels: - "traefik.enable=true" - - "traefik.http.routers.sablier.rule=Host(`sablier.{{DUCKDNS_DOMAIN}}`)" + - "traefik.http.routers.sablier.rule=Host(`sablier.${DOMAIN}`)" - "traefik.http.routers.sablier.entrypoints=websecure" - "traefik.http.routers.sablier.tls=true" - "traefik.http.routers.sablier.tls.certresolver=letsencrypt"