Round 5 improvements: complete automation and documentation fixes

- Fix password file ownership (user can now read without sudo)
- Add dashboards stack to automated deployment (Step 5/6)
- Add SSL certificate notes to deploy script output
- Clarify .env file location in documentation (stays in repo folder)
- Update README and getting-started.md with accurate deployment steps
- Add Watchtower notification URL documentation
- Improve user feedback with admin credentials and dashboard URLs
- Remove dashboards from 'Next Steps' since it's now automated

User experience improvements:
- Password file readable by user immediately
- Homepage and Homarr deployed automatically
- Clear guidance on .env file management
- Better SSL certificate expectations

.env.example

@@ -109,6 +109,12 @@ QBITTORRENT_PASS=changeme
 PIHOLE_PASSWORD=changeme
 
 # Watchtower Notifications (optional)
+# If not set, Watchtower will still update containers but without notifications
+# Supports various notification services via Shoutrrr URL format
+# Examples: 
+#   Discord: discord://token@webhookid
+#   Slack: slack://token@channel
+#   Email: smtp://username:password@host:port/?from=sender@example.com
 # WATCHTOWER_NOTIFICATION_URL=
 
 # ====================================

README.md

@@ -77,6 +77,8 @@ The infrastructure uses Traefik for reverse proxy with automatic SSL, Authelia f
    ```
    > Alternatively you can ssh in from VS Code using the Remote-SSH plugin and edit in a nice editor
 
+   **IMPORTANT:** Keep your `.env` file in the repository folder (`~/AI-Homelab/.env`). The deploy script will automatically copy it where needed.
+
    **Required variables:**
    - `DOMAIN` - Your DuckDNS domain (e.g., yourdomain.duckdns.org)
    - `DUCKDNS_TOKEN` - Your DuckDNS token
@@ -96,6 +98,7 @@ The infrastructure uses Traefik for reverse proxy with automatic SSL, Authelia f
    - Generate Authelia admin password (saved to `/opt/stacks/core/authelia/ADMIN_PASSWORD.txt`)
    - Deploy core stack (DuckDNS, Traefik, Authelia, Gluetun)
    - Deploy infrastructure stack (Dockge, Pi-hole, monitoring tools)
+   - Deploy dashboards stack (Homepage, Homarr)
    - Open Dockge in your browser
    
    ```bash
@@ -107,7 +110,6 @@ The infrastructure uses Traefik for reverse proxy with automatic SSL, Authelia f
 5. **Deploy additional stacks through Dockge:**
    
    Log in to Dockge at `https://dockge.yourdomain.duckdns.org` and deploy additional stacks from the repository's `docker-compose/` directory:
-   - `dashboards.yml` - Homepage, Homarr
    - `media.yml` - Plex, Jellyfin, Sonarr, Radarr, etc.
    - `media-extended.yml` - Readarr, Lidarr, etc.
    - `homeassistant.yml` - Home Assistant and accessories

docs/getting-started.md

@@ -41,6 +41,12 @@ For most users, the automated setup script handles everything:
    nano .env  # Edit with your settings and paste the Authelia secrets
    ```
    
+   **IMPORTANT: .env File Location**
+   - The `.env` file should remain in the **repository folder** (`~/AI-Homelab/.env`)
+   - The deploy script will automatically copy it to `/opt/stacks/*/` as needed
+   - Always edit the repo copy, not the deployed copies
+   - Changes to deployed copies will be overwritten on next deployment
+   
    **Required variables in .env:**
    - `DOMAIN` - Your DuckDNS domain (e.g., yourdomain.duckdns.org)
    - `DUCKDNS_TOKEN` - Your DuckDNS token
@@ -58,11 +64,16 @@ For most users, the automated setup script handles everything:
    **The deploy script automatically:**
    - Creates Docker networks
    - Configures Traefik with your email
-   - Generates Authelia admin password
+   - Generates Authelia admin password (saved to `/opt/stacks/core/authelia/ADMIN_PASSWORD.txt`)
    - Deploys core stack (DuckDNS, Traefik, Authelia, Gluetun)
    - Deploys infrastructure stack (Dockge, Pi-hole, monitoring)
+   - Deploys dashboards stack (Homepage, Homarr)
    - Opens Dockge in your browser
    
+   **Login credentials:**
+   - Username: `admin`
+   - Password: Check `/opt/stacks/core/authelia/ADMIN_PASSWORD.txt` or see script output
+
 **That's it!** Your homelab is ready. Access Dockge at `https://dockge.yourdomain.duckdns.org`
 
 ## What the Setup Script Does

scripts/deploy-homelab.sh

@@ -171,6 +171,7 @@ EOF
         log_warning "SAVE THIS PASSWORD! Writing to /opt/stacks/core/authelia/ADMIN_PASSWORD.txt"
         echo "$ADMIN_PASSWORD" > /opt/stacks/core/authelia/ADMIN_PASSWORD.txt
         chmod 600 /opt/stacks/core/authelia/ADMIN_PASSWORD.txt
+        chown $ACTUAL_USER:$ACTUAL_USER /opt/stacks/core/authelia/ADMIN_PASSWORD.txt
     fi
 else
     log_info "Authelia users_database.yml already configured"
@@ -196,7 +197,7 @@ fi
 echo ""
 
 # Step 4: Deploy infrastructure stack (Dockge and monitoring tools)
-log_info "Step 4/5: Deploying infrastructure stack..."
+log_info "Step 4/6: Deploying infrastructure stack..."
 log_info "  - Dockge (Docker Compose Manager)"
 log_info "  - Pi-hole (DNS Ad Blocker)"
 log_info "  - Watchtower (Container Updates)"
@@ -216,8 +217,32 @@ docker compose up -d
 log_success "Infrastructure stack deployed"
 echo ""
 
-# Step 5: Wait for Dockge to be ready and open browser
-log_info "Step 5/5: Waiting for Dockge web UI to be ready..."
+# Step 5: Deploy dashboards stack (Homepage and Homarr)
+log_info "Step 5/6: Deploying dashboards stack..."
+log_info "  - Homepage (AI-configurable Dashboard)"
+log_info "  - Homarr (Modern Dashboard)"
+echo ""
+
+# Copy dashboards stack
+mkdir -p /opt/stacks/dashboards
+cp "$REPO_DIR/docker-compose/dashboards.yml" /opt/stacks/dashboards/docker-compose.yml
+cp "$REPO_DIR/.env" /opt/stacks/dashboards/.env
+
+# Copy homepage config templates
+if [ -d "$REPO_DIR/config-templates/homepage" ]; then
+    cp -r "$REPO_DIR/config-templates/homepage" /opt/stacks/dashboards/
+    log_info "Homepage configuration templates copied"
+fi
+
+# Deploy dashboards stack
+cd /opt/stacks/dashboards
+docker compose up -d
+
+log_success "Dashboards stack deployed"
+echo ""
+
+# Step 6: Wait for Dockge to be ready and open browser
+log_info "Step 6/6: Waiting for Dockge web UI to be ready..."
 
 DOCKGE_URL="https://dockge.${DOMAIN}"
 MAX_WAIT=60  # Maximum wait time in seconds
@@ -280,22 +305,32 @@ echo "  🚀 Dockge:   $DOCKGE_URL"
 echo "  🔒 Authelia: https://auth.${DOMAIN}"
 echo "  🔀 Traefik:  https://traefik.${DOMAIN}"
 echo ""
+log_info "SSL Certificates:"
+echo "  📝 Let's Encrypt certificates will be acquired automatically within 2-5 minutes"
+echo "  ⚠️  Initial access uses self-signed certs (browser warning is normal)"
+echo "  🔓 Ensure ports 80/443 are accessible from internet for Let's Encrypt"
+echo "  💾 Admin password saved to: /opt/stacks/core/authelia/ADMIN_PASSWORD.txt"
+echo ""
 log_info "Next steps:"
 echo ""
 echo "  1. Log in to Dockge using your Authelia credentials"
-echo "     (configured in /opt/stacks/core/authelia/users_database.yml)"
+echo "     Username: admin"
+echo "     Password: (saved in /opt/stacks/core/authelia/ADMIN_PASSWORD.txt)"
 echo ""
 echo "  2. Deploy additional stacks through Dockge's web UI:"
-echo "     - alternatives.yml (Portainer, Authentik - optional alternatives)"
-echo "     - dashboards.yml (Homepage, Homarr)"
 echo "     - media.yml (Plex, Jellyfin, Sonarr, Radarr, etc.)"
 echo "     - media-extended.yml (Readarr, Lidarr, etc.)"
 echo "     - homeassistant.yml (Home Assistant and accessories)"
 echo "     - productivity.yml (Nextcloud, Gitea, wikis)"
 echo "     - monitoring.yml (Grafana, Prometheus, etc.)"
 echo "     - utilities.yml (Backups, code editors, etc.)"
+echo "     - alternatives.yml (Portainer, Authentik - optional)"
 echo ""
-echo "  3. Configure services via the AI assistant in VS Code"
+echo "  3. Access your dashboards:"
+echo "     \ud83c\udfe0 Homepage: https://home.${DOMAIN}"
+echo "     \ud83d\udcca Homarr:   https://homarr.${DOMAIN}"
+echo ""
+echo "  4. Configure services via the AI assistant in VS Code"
 echo ""
 echo "=========================================="
 echo ""