From e046ac0dba1d586ce25cb50f9f05d7ae4b359a40 Mon Sep 17 00:00:00 2001 From: kelinfoxy <67766943+kelinfoxy@users.noreply.github.com> Date: Wed, 18 Mar 2026 20:35:22 -0400 Subject: [PATCH] documentaion update --- README.md | 65 ++++++++++++++++++- .../media-management/remote-server.yaml | 5 +- 2 files changed, 67 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index eb7d627..4b084b5 100644 --- a/README.md +++ b/README.md @@ -1,8 +1,28 @@ # Authelia DuckDNS & Traefik based Arcane Registry ## Approach + +Authelia provides single sign on authentication +DuckDNS provides free sub domain redirects, and letsencrypt certificates (domain and wildcard) -Use env variables to template the required labels +Traefik routes based on labels for services running on the same server +Traefik routes based on remote-host.yaml files for services NOT running on the same server. + +Each docker-compose.yml & .env file template includes templated labels to easily configure traefik routing. + +>***Tip:*** **Create the following variables in .env.global** +>* TZ=America/New_York +>* PUID=1000 +>* PGID=1000 +>* SERVER_NAME= +>* SERVER_IP= +>* SUBDOMAIN= +> +> Then you can simply remove them from the .env file instead of filling in the values every time. + +To disable Authelia for a specific site (like Jellyfin): Comment out this line in the compose file `- ${AUTHELIA_LABEL}` + +## Deploying a new server? Start with the core stack ## Compose file template @@ -112,6 +132,49 @@ AUTHELIA_LABEL=traefik.http.routers.${SERVICE_NAME}.middlewares=authelia@docker WATCHTOWER_ENABLE_LABEL=com.centurylinklabs.watchtower.enable=true ``` +## Traefik remote server yaml files + +When Traefik is on a different server + +* labels in compose files are ignored (remove to avoid confussion) + +* The routers and services must be included in a yaml file under traefik/dynamic + +> **VARIABLES MUST BE REPLACED BY THE ACTUAL VALUES - The files in traefik/dynamic do NOT have access to the env variables** +***Tip:*** **Use find/replace in your text editor** + +```yaml +http: + routers: + + ${SERVICE_NAME}-${SERVER_NAME}: + rule: "Host(`${SERVICE_NAME}$.${DOMAIN}`)" + service: ${SERVICE_NAME}-${SERVER_NAME}-service + entrypoints: + - websecure + tls: + certResolver: letsencrypt + middlewares: + - authelia@docker + + + services: + + ${SERVICE_NAME}-${SERVER_NAME}-service: + loadBalancer: + servers: + - url: "http://${SERVER_IP}:${EXTERNAL_PORT}" + passHostHeader: true + +``` + +Filename doesn't technically matter, but it is recomended to either + +* create a file for each service named like `service-server_name-remote-host.yaml` + +* OR Create a single file per server like `server_name-remote-host.yaml` + + ## Docker Compose Templates * Core diff --git a/docker-templates/media-management/remote-server.yaml b/docker-templates/media-management/remote-server.yaml index b0714ab..c7a6cd8 100644 --- a/docker-templates/media-management/remote-server.yaml +++ b/docker-templates/media-management/remote-server.yaml @@ -8,6 +8,7 @@ http: routers: + sonarr-${SERVER_NAME}: rule: "Host(`sonarr.${DOMAIN}`)" service: sonarr-${SERVER_NAME}-service @@ -17,6 +18,7 @@ http: certResolver: letsencrypt middlewares: - authelia@docker + radarr-${SERVER_NAME}: rule: "Host(`radarr.${DOMAIN}`)" service: radarr-${SERVER_NAME}-service @@ -90,6 +92,7 @@ http: services: + sonarr-${SERVER_NAME}-service: loadBalancer: servers: @@ -137,5 +140,3 @@ http: servers: - url: "http://${SERVER_IP}:5055" passHostHeader: true - - \ No newline at end of file