Round 9: Complete documentation overhaul

Major documentation updates reflecting current deployment state:

README.md:
✅ Updated features list with automated setup capabilities
✅ Accurate deployment workflow (12 containers, 7 additional stacks)
✅ Corrected setup script description (automated Authelia secrets)
✅ Removed manual secret generation steps
✅ Added note about optional image pre-pull
✅ Clarified .env requirements (Authelia secrets now automated)

docs/getting-started.md:
✅ Streamlined quick setup workflow (removed manual secrets)
✅ Comprehensive setup script capabilities list
✅ Detailed deployment script behavior
✅ Added interactive Authelia configuration details
✅ Clarified argon2id password hash generation process
✅ Updated login credentials location
✅ Removed outdated .env location warnings

docs/quick-reference.md:
✅ Added deployment scripts reference section
✅ Complete setup-homelab.sh documentation
✅ Complete deploy-homelab.sh documentation
✅ Added reset-test-environment.sh with warnings
✅ Updated stack overview with container counts
✅ Clarified which stacks deploy by default vs available in Dockge
✅ Noted Watchtower temporary disable status

docs/troubleshooting/COMMON-ISSUES.md (NEW):
✅ Installation issues (Docker permissions, timeouts, port conflicts)
✅ Deployment issues (Authelia loops, Watchtower status, Homepage URLs)
✅ Service-specific issues (Gluetun, Pi-hole, Dockge)
✅ Performance troubleshooting
✅ Reset and recovery procedures with warnings
✅ Complete getting help section with commands

Total changes: 456 additions, 71 modifications across 4 files
Documentation now accurately reflects Round 9 deployment capabilities

docs/getting-started.md

@@ -27,42 +27,41 @@ For most users, the automated setup script handles everything:
 4. **Configure environment**:
    ```bash
    cp .env.example .env
-   nano .env  # Edit with your settings and paste the Authelia secrets
+   nano .env  # Edit with your domain and tokens
    ```
    
-   **Testing considerations: .env File Location**
-   - The `.env` file should remain in the **repository folder** (`~/AI-Homelab/.env`)
-   - The deploy script will automatically copy it to `/opt/stacks/*/` as needed
-   - Always edit the repo copy, not the deployed copies
-   - Changes to deployed copies will be overwritten on next deployment
-   
    **Required variables in .env:**
    - `DOMAIN` - Your DuckDNS domain (e.g., yourdomain.duckdns.org)
-   - `DUCKDNS_TOKEN` - Your DuckDNS token
+   - `DUCKDNS_TOKEN` - Your DuckDNS token from [duckdns.org](https://www.duckdns.org/)
    - `ACME_EMAIL` - Your email for Let's Encrypt certificates
-   - `AUTHELIA_JWT_SECRET` - Generated in step 6
-   - `AUTHELIA_SESSION_SECRET` - Generated in step 6
-   - `AUTHELIA_STORAGE_ENCRYPTION_KEY` - Generated in step 6
    - `SURFSHARK_USERNAME` and `SURFSHARK_PASSWORD` - If using VPN
+   
+   **Note:** The `.env` file stays in the repository folder (`~/AI-Homelab/.env`). The deploy script copies it to stack directories automatically. Authelia secrets are generated by the setup script.
 
-5. **Run the setup script**   
-    ```bash
-      sudo ./scripts/setup-homelab.sh
+5. **Run the setup script:**
+   ```bash
+   sudo ./scripts/setup-homelab.sh
+   ```
+   
+   The script will:
+   - Update system packages
+   - Install Docker Engine + Compose V2 (if needed)
+   - Configure user groups (docker, sudo)
+   - Set up firewall (UFW)
+   - Enable SSH server
+   - **Generate Authelia secrets** (JWT, session, encryption key)
+   - **Prompt for admin username, password, and email**
+   - **Generate argon2id password hash** (30-60 seconds)
+   - Create `/opt/stacks/` directory structure
+   - Set up Docker networks (homelab, traefik, dockerproxy, media)
+   - Detect NVIDIA GPU and offer driver installation
+   
+   **Important:** The script generates a secure admin password hash that will be used during deployment. Credentials are displayed at the end and saved to a temporary file.
    
 6. **Log out and back in** (or run `newgrp docker`)
-   >Don't skip this step!
+   > Don't skip this step! Required for Docker group permissions.
 
-7. **Generate Authelia Secrets**:
-   ```bash
-   # Generate three required secrets for Authelia (128 characters each)
-   echo "AUTHELIA_JWT_SECRET=$(openssl rand -hex 64)"
-   echo "AUTHELIA_SESSION_SECRET=$(openssl rand -hex 64)"
-   echo "AUTHELIA_STORAGE_ENCRYPTION_KEY=$(openssl rand -hex 64)"
-   
-   # Copy these values and add them to your .env file
-   ```
-
-8. **Deploy homelab**:
+7. **Deploy homelab**:
    ```bash
    ./scripts/deploy-homelab.sh
    ```
@@ -84,17 +83,36 @@ For most users, the automated setup script handles everything:
 
 ## What the Setup Script Does
 
-The `setup-homelab.sh` script automatically:
-- ✅ Updates system packages
-- ✅ Installs Docker (if not present)
-- ✅ Configures user permissions
-- ✅ Sets up firewall (UFW)
-- ✅ Enables SSH server
-- ✅ Installs NVIDIA drivers (if GPU detected)
-- ✅ Creates directory structure
-- ✅ Sets up Docker networks
+The `setup-homelab.sh` script is a comprehensive first-run configuration tool:
 
-It safely skips steps that are already completed, so it's safe to run on partially configured systems.
+**System Preparation:**
+- ✅ Pre-flight checks (internet connectivity, disk space 50GB+)
+- ✅ Updates system packages
+- ✅ Installs required packages (git, curl, etc.)
+- ✅ Installs Docker Engine + Compose V2 (if not present)
+- ✅ Configures user permissions (docker, sudo groups)
+- ✅ Sets up firewall (UFW with SSH, HTTP, HTTPS)
+- ✅ Enables SSH server
+
+**Authelia Configuration (Interactive):**
+- ✅ Generates three cryptographic secrets (JWT, session, encryption)
+- ✅ Prompts for admin username (default: admin)
+- ✅ Prompts for secure password with confirmation
+- ✅ Prompts for admin email address
+- ✅ Generates argon2id password hash using Docker (30-60s process)
+- ✅ Validates Docker is available before password operations
+- ✅ Saves credentials securely for deployment script
+
+**Infrastructure Setup:**
+- ✅ Creates directory structure (`/opt/stacks/`)
+- ✅ Sets up Docker networks (homelab, traefik, dockerproxy, media)
+- ✅ Detects NVIDIA GPU and offers driver installation
+
+**Safety Features:**
+- Skips completed steps (safe to re-run)
+- Timeout handling (60s for Docker operations)
+- Comprehensive error messages with troubleshooting hints
+- Exit on critical failures with clear next steps
 
 ## Manual Setup (Alternative)