kelin/EZ-Homelab
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Replace personal URLs with placeholders and fix variable replacement logic

Browse Source
This commit is contained in:
Kelin
2026-02-02 13:19:22 -05:00
parent 0041b15cc2
commit faaf39002a
23 changed files with 959 additions and 462 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
docker-compose/core/authelia/users_database.yml
View File

@@ -3,10 +3,10 @@
###############################################################
users:
kelin:
${DEFAULT_USER}:
displayname: "Admin User"
password: "$argon2id$v=19$m=65536,t=3,p=4$a+3pIrywP/li9wy9J6UkMA$+3THyJiAnS/gNYnLaYtlsRCaYfgnnxsUyGZ4D3xGnUg"
email: kelinshomelab@gmail.com
password: "${AUTHELIA_ADMIN_PASSWORD_HASH}"
email: ${DEFAULT_EMAIL}
groups:
- admins
- users

16
docker-compose/core/docker-compose.yml
View File

@@ -1,7 +1,4 @@
# Core Infrastructure Services
# These services form the foundation of the homelab and should always be running
# Place in /opt/stacks/core/docker-compose.yml
# RESTART POLICY GUIDE:
# - unless-stopped: Core infrastructure services that should always run
# - no: Services with Sablier lazy loading (start on-demand)
@@ -50,11 +47,8 @@ services:
# Service metadata
- "homelab.category=core"
- "homelab.description=Reverse proxy and SSL termination"
# Traefik reverse proxy (comment/uncomment to disable/enable)
# If Traefik is on a remote server: these labels are NOT USED;
# configure external yml files in /traefik/dynamic folder instead.
- "traefik.enable=true"
- "traefik.http.routers.traefik.rule=Host(`traefik.kelinreij.duckdns.org`)"
- "traefik.http.routers.traefik.rule=Host(`traefik.${DOMAIN}`)"
- "traefik.http.routers.traefik.entrypoints=websecure"
- "traefik.http.routers.traefik.tls.certresolver=letsencrypt"
- "traefik.http.routers.traefik.middlewares=authelia@docker"
@@ -86,13 +80,13 @@ services:
# If Traefik is on a remote server: these labels are NOT USED;
# configure external yml files in /traefik/dynamic folder instead.
- "traefik.enable=true"
- "traefik.http.routers.authelia.rule=Host(`auth.kelinreij.duckdns.org`)"
- "traefik.http.routers.authelia.rule=Host(`auth.${DOMAIN}`)"
- "traefik.http.routers.authelia.entrypoints=websecure"
- "traefik.http.routers.authelia.tls.certresolver=letsencrypt"
- "traefik.http.routers.authelia.service=authelia"
- "traefik.http.services.authelia.loadbalancer.server.port=9091"
# Authelia forward auth middleware configuration
- "traefik.http.middlewares.authelia.forwardauth.address=http://authelia:9091/api/verify?rd=https://auth.kelinreij.duckdns.org/"
- "traefik.http.middlewares.authelia.forwardauth.address=http://authelia:9091/api/verify?rd=https://auth.${DOMAIN}/"
- "traefik.http.middlewares.authelia.forwardauth.authResponseHeaders=X-Secret"
- "traefik.http.middlewares.authelia.forwardauth.trustForwardHeader=true"
@@ -133,7 +127,7 @@ networks:
x-dockge:
urls:
- https://auth.kelinreij.duckdns.org
- https://auth.${DOMAIN}
- http://192.168.4.11:9091
- https://traefik.kelinreij.duckdns.org
- https://traefik.${DOMAIN}
- http://192.168.4.11:8080