Round 4 improvements: automated config, relative paths, simplified deployment

- Automate Traefik email substitution in deploy script - Auto-generate Authelia admin password (saved to ADMIN_PASSWORD.txt) - Standardize all volume paths to use relative paths (./service/config) - Switch Traefik to HTTP challenge by default (DNS challenge optional) - Update documentation with improved setup instructions - Enhance troubleshooting guide - Update AGENT_INSTRUCTIONS with new conventions - Simplify .env.example with clearer guidance These changes reduce manual configuration steps and improve deployment reliability.
2026-01-13 18:30:06 -05:00
parent f92424ed6d
commit f0a3907002
14 changed files with 316 additions and 80 deletions
--- a/.env.example
+++ b/.env.example
@@ -37,12 +37,17 @@ ADMIN_EMAIL=your-email@example.com  # Used for admin user account
 # ====================================
 # AUTHELIA SSO CONFIGURATION
 # ====================================
-# These secrets are AUTO-GENERATED by setup-homelab.sh
-# DO NOT manually set these - the setup script will create them!
+# Generate these secrets with: openssl rand -hex 64
+# The deploy script will use these to configure Authelia

-AUTHELIA_JWT_SECRET=will-be-auto-generated-by-setup-script
-AUTHELIA_SESSION_SECRET=will-be-auto-generated-by-setup-script
-AUTHELIA_STORAGE_ENCRYPTION_KEY=will-be-auto-generated-by-setup-script
+AUTHELIA_JWT_SECRET=generate-with-openssl-rand-hex-64
+AUTHELIA_SESSION_SECRET=generate-with-openssl-rand-hex-64
+AUTHELIA_STORAGE_ENCRYPTION_KEY=generate-with-openssl-rand-hex-64
+
+# Authelia Admin Password (OPTIONAL)
+# If not provided, deploy script will generate a random password
+# and save it to /opt/stacks/core/authelia/ADMIN_PASSWORD.txt
+# AUTHELIA_ADMIN_PASSWORD=your-secure-password-here

 # SMTP for Authelia Notifications (OPTIONAL)
 # If not configured, notifications are saved to file instead