- Auto-create SSH config entry for passwordless core server access
- Add pre-flight SSH connectivity check before registration
- Verify docker-provider and sablier-middleware files are created on core
- Display explicit success/failure messages with troubleshooting steps
- Create placeholder routes.yml for Traefik dynamic config
- Verify Traefik container starts successfully after deployment
- Add container status check after Traefik deployment
Fixes issues where remote server registration silently failed and
Traefik deployment did not verify configuration files existed.
Major features:
- Automated SSH key setup between remote and core servers
- Docker TLS configuration with shared CA certificates
- Automatic deployment of Dockge, Traefik, Sablier, and Infrastructure stacks
- Copy all stacks (except core) to remote server for on-demand deployment
- New standalone Traefik stack for remote server container discovery
- Locale-aware SSH/SCP commands to handle Raspberry Pi warnings
- Variable expansion support in .env files (${VAR} references)
- Comprehensive error handling and verbose deployment logging
Technical improvements:
- setup_ssh_key_to_core() - Automated RSA 4096-bit key generation and installation
- setup_multi_server_tls() - Fetch shared CA from core server via SSH
- copy_all_stacks_for_remote() - Deploy all stacks except core
- deploy_traefik_stack() - Local Traefik for container discovery
- Enhanced localization with envsubst support
- Docker network creation (traefik-network, homelab-network)
- Password authentication with special character handling
Fixes:
- Fixed SSH key path handling for non-root users
- Fixed SCP exit code checking (was checking grep instead of scp)
- Fixed CA file detection with proper test commands
- Removed unnecessary prepare_deployment() function call
- Added ACTUAL_USER variable initialization for remote deployments
Added Python script to automatically merge multi-line Authelia secrets
(JWT_SECRET, SESSION_SECRET, STORAGE_ENCRYPTION_KEY) during core
deployment. This prevents envsubst from reading truncated values when
the .env file contains accidental line breaks.
Fixes Authelia startup errors:
- 'encryption key does not appear to be valid for this database'
- Invalid URL parsing due to incomplete variable expansion
- Move users_database.yml template from config/ to secrets/ folder
- Authelia configuration expects users file at /secrets/users_database.yml
- Replace hardcoded values in configuration.yml with variables:
- jwt_secret, session secret, storage encryption_key
- Domain references (kelinreij.duckdns.org → ${DOMAIN})
- Update deploy script to not move config files (already in subdirectories)
- Fix sed command path to target config/configuration.yml
- Remove unnecessary mkdir and mv commands from deploy_core()
This ensures Authelia uses the correctly generated file with user credentials.
- Implement multi-server Traefik + Sablier architecture
- Add label-based automatic service discovery
- Create separate Sablier stack deployment
- Add remote server deployment workflow (Option 3)
- Add 9 new functions for multi-server management
- Remove deprecated config-templates folder
- Replace hardcoded private data with placeholders
- Update backup timestamp format to YY_MM_DD_hh_mm
- Add markup.yml to .gitignore
Breaking changes:
- Removed Sablier from core docker-compose.yml (now separate stack)
- Config templates moved from config-templates/ to docker-compose/core/
- REQUIRED_VARS now dynamic based on deployment type
- Use awk to extract only the argon2 hash from Authelia command output
- Prevent 'Digest:' or 'digest:' prefixes from being included in password hashes
- Apply fix to both password generation locations in the script
- Escape $ characters in AUTHELIA_ADMIN_PASSWORD_HASH in deployed .env file
- Prevent Docker Compose from interpreting password hash as environment variables
- Update ez-homelab.sh to source common.sh and use specialized users_database.yml processing
- Update localize_users_database_file to properly resolve nested variables in AUTHELIA_ADMIN_EMAIL
- Fix template to use correct AUTHELIA_* variables instead of DEFAULT_* variables
- Update deploy-core.sh to only process files containing variables and fix .env path
- Fix file permissions for authelia config files
- Reorganize Authelia configuration files
- Add new dynamic routing files for Traefik
- Update various service docker-compose files
- Remove outdated templates and scripts
- Remove localize_deployment call from main flow to avoid modifying repo files
- Enhance localize_yml_file to recursively expand nested variables using envsubst
- Ensure config files contain actual values, not variable names
- Fix password hash copying to user_database.yml by removing premature env cleanup
- Update menu case logic to match display options (1-4)
- Add input validation loop for better user experience
- Handle special menu options (prerequisites, NVIDIA drivers) appropriately
- Add professional ASCII box styling to main menu
- Implement interactive variable configuration with validation
- Add icons to all prompts (🌐🌍🦆🔑👤🔒📧🏠)
- Create vanishing prompts that replace with status confirmations
- Add comprehensive menu system with proceed/review/quit options
- Show current configuration values before deployment choices
- Implement proper error handling for invalid inputs
- Add immediate quit functionality with 'q' during any prompt
- Improve spacing and visual hierarchy throughout interface
- Fix deployment flow to prevent accidental starts on invalid input
- Add traefik.docker.network=traefik-network label to homepage service
- Prevent Traefik from using wrong IP from homelab-network
- Resolve 504 Gateway Timeout issues after authentication
- Update various docker-compose configurations and templates
- Clean up unused configuration files
- Move Traefik traefik.yml to config/ directory for correct Docker mounting
- Remove invalid session.cookies section from Authelia template and config processing
- Ensure all configuration files are placed in correct locations for Docker containers
- Prevent configuration validation errors that cause service restarts
- Move configuration.yml and users_database.yml to authelia/config/ directory
- Ensure files are in the correct location for Docker volume mount ./authelia/config:/config
- Prevent Authelia from using default configuration instead of processed template
- Remove local-host-production.yml for single-server setups
- Remove remote server sections from sablier.yml for local deployments
- Remove remote server entries from homepage services files when no REMOTE_SERVER_HOSTNAME is set
- Prevent placeholder replacement failures on files not needed for local deployments
- Fix variable substitution in prompt_for_values() to properly display DEFAULT_USER
- Only rename external-host-production.yml for multi-server setups (option 3)
- Prevent REMOTE_SERVER_HOSTNAME validation errors for local deployments (options 1-2)
- Ensure local deployments don't fail on missing remote server variables
- Menu now checks for whiptail/dialog before launching wizard
- Prevents wizard crashes due to missing UI dependencies
- Provides clear error message and installation instructions
- Changed menu to run wizard as subprocess instead of exec
- Removed wizard's exec of menu since it now returns naturally
- Wizard now properly returns to menu on completion or error
- Prevents terminal freezing when wizard crashes
- Removed setup_python_environment function and its call
- Commented out PYTHON_PACKAGES array as it's no longer needed
- Docker Compose V2 is built into Docker CLI, no Python package needed
- Streamlines setup process by removing unnecessary Python setup
- Changed required packages to warnings in preflight.sh (setup.sh installs them)
- Modified setup.sh to proceed with warnings from preflight checks
- Ensures Docker installation installs all dependencies automatically
- Preflight no longer fails on missing jq, tmux, etc.
- Add comprehensive error handling to menu.sh to prevent crashes when scripts fail
- Fix OS detection in common.sh for lsb_release output parsing
- Modify preflight.sh to run all checks without early exit on failures
- Ensure menu navigation remains stable during testing phase
- Add error handling to prevent script crashes during service enumeration
- Make service counting more robust against parsing failures
- Ensure menu displays properly even with docker-compose parsing issues
- Menu now shows complete interface with all 8 main options
- Complete documentation for the bash-based setup system
- Quick start guide with menu and manual usage options
- Architecture overview of all 4 phases
- Feature highlights and environment configuration
- Development guidelines and troubleshooting section
- Clear instructions for fresh installs and existing setups
- New menu.sh script provides single entry point for all functionality
- Interactive menu system with 7 main categories:
* System Setup & Validation
* Configuration Management
* Deployment & Services
* Monitoring & Maintenance
* Backup & Recovery
* Updates & Maintenance
* Advanced Options
- Real-time system status display
- User-friendly navigation with clear instructions
- Integrates all existing scripts into cohesive interface
- Move ez-homelab.py to scripts/ folder for better organization
- Add working directory detection to ensure script works from any location
- Update README-TUI.md with correct script paths
- First commit of the new Python TUI for EZ-Homelab deployment
- Add CORE_SERVER_IP variable for remote server configuration
- Implement setup_multi_server_tls() function for shared CA management
- Change TLS failure handling from exit-on-error to warning-based approach
- Add TLS_ISSUES_SUMMARY for end-of-deployment remediation guidance
- Update documentation for automated TLS setup process
- Add comprehensive AI assistant instructions for project management
This allows deployments to complete successfully even with TLS issues,
providing clear remediation steps instead of failing the entire setup.
- Use sudo for creating /opt directories during deployment
- Use sudo for copying files to /opt/dockge and /opt/stacks
- Ensure proper ownership of deployment directories
- Fix mkdir command for dashboards directory
- Check if shared CA exists on core server before attempting to copy
- Generate local shared CA if core server doesn't have certificates
- Provide clear instructions for manual certificate synchronization
- Remove script failure when certificates can't be copied
- Allow infrastructure deployment to continue with local CA generation
- Generate shared CA during core deployment for consistent trust across servers
- Modify setup_docker_tls() to use shared CA instead of per-server CAs
- Update share_certs_with_core() to copy shared CA from core server
- Re-enable TLS verification (DOCKER_TLS_VERIFY=1) in Sablier
- Fix Sablier certificate mounting for proper TLS connection
- Add docker-tls/ to .gitignore to prevent certificate leaks
- Update documentation for shared CA approach
