Commit Graph

5 Commits

Author SHA1 Message Date
14421a8a9e Fix Traefik routing for qbittorrent and vaultwarden
- Add tls=true label to vaultwarden for HTTPS routing
- Add Traefik routing labels to Gluetun for qbittorrent access
- Move qbittorrent service to media-management stack (proper location)
- Update copilot-instructions.md with project-specific architecture details
- Clean up outdated gluetun.yml references in media.yml template

Both services now accessible via HTTPS with proper SSL certificates.
2026-01-15 00:25:32 -05:00
adb894d35e Round 10: Add Traefik routing to monitoring services
- Added Traefik labels and routing to prometheus, grafana, loki, cadvisor
- Fixed Grafana ROOT_URL to use domain-based URL (https://grafana.${DOMAIN})
- Added uptime-kuma bypass rule in Authelia (needs initial setup)
- Updated all services to use traefik-network
- Synced domain from kelin-hass to kelin-casa across all configs
- Fixed missing tls=true label on uptime-kuma
- Note: Loki is API-only service (no web UI, accessed via Grafana)
2026-01-14 23:08:37 -05:00
f0a3907002 Round 4 improvements: automated config, relative paths, simplified deployment
- Automate Traefik email substitution in deploy script
- Auto-generate Authelia admin password (saved to ADMIN_PASSWORD.txt)
- Standardize all volume paths to use relative paths (./service/config)
- Switch Traefik to HTTP challenge by default (DNS challenge optional)
- Update documentation with improved setup instructions
- Enhance troubleshooting guide
- Update AGENT_INSTRUCTIONS with new conventions
- Simplify .env.example with clearer guidance

These changes reduce manual configuration steps and improve deployment reliability.
2026-01-13 18:30:06 -05:00
90462cd179 Fix SSL wildcard certificate setup
- Remove individual certresolver labels from all services except Traefik
- Configure wildcard certificate (*.kelin-hass.duckdns.org) on Traefik only
- Remove AUTHELIA_NOTIFIER_SMTP_PASSWORD env var (filesystem notifier only)
- Fix infrastructure.yml networks section syntax
- Add wildcard SSL certificate setup action report

All services now use single wildcard Let's Encrypt certificate.
Resolves DNS challenge conflicts with DuckDNS provider.
2026-01-12 23:19:27 -05:00
copilot-swe-agent[bot]
3cdf8606ff Implement core stack, add SSO to dashboards, and create compact services reference
- Create core.yml combining DuckDNS, Traefik, Authelia, and Gluetun into single stack
  - Simplifies initial deployment (deploy all core services with one command)
  - All core services in /opt/stacks/core/ directory
  - Reduces complexity for first-time setup

- Add Authelia SSO protection to Homepage and Homarr dashboards
  - Prevents exposing service list before authentication
  - Both dashboards now require sign-in to access

- Redesign services-reference.md with compact tree-view table
  - Reduced from ~460 lines to ~150 lines while keeping all info
  - Single comprehensive table with tree structure
  - Shows: Stack, Services, SSO status, Storage paths, Access URLs
  - Fits on 1-2 screen heights as requested

- Add comprehensive "Toggling SSO On/Off" section
  - Quick guide to enable/disable Authelia middleware
  - Use cases for development vs production
  - AI can automatically toggle SSO when asked

- Add "Authelia Customization" section with:
  - Branding and appearance options
  - User management via YAML files
  - Access control rules examples
  - 2FA/TOTP configuration
  - Session management settings
  - Email notification setup
  - Explanation of no web UI (by design, perfect for AI)
  - Alternatives with web UI (Authentik, Keycloak)

- Update .github/copilot-instructions.md
  - Add core stack explanation
  - Update file organization to show core stack structure
  - Add SSO toggling instructions

- Update docs/getting-started.md
  - Simplify Step 7 to deploy single core stack
  - Remove separate steps for DuckDNS, Traefik, Authelia
  - Add verification and troubleshooting for core deployment
  - Update subsequent steps to Step 8, 9, 10

Co-authored-by: kelinfoxy <67766943+kelinfoxy@users.noreply.github.com>
2026-01-12 01:57:22 +00:00