From 50c7bb9f86f1febb619503016e9ad53a18903dfb Mon Sep 17 00:00:00 2001
From: Colin Hebert <hebert.colin@gmail.com>
Date: Sun, 30 Apr 2023 12:14:14 +1000
Subject: [PATCH] Move to self-serve domain

---
 nas-compose.env                                           | 8 +-------
 services/authentication/docker-compose.yml                | 6 +++---
 services/notifiarr/docker-compose.yml                     | 1 -
 services/reverse-proxy/configs/dynamic/authelia.yml       | 2 +-
 services/reverse-proxy/configs/dynamic/portainer.yml      | 2 +-
 .../reverse-proxy/configs/dynamic/qbittorrent-api.yml     | 2 +-
 services/reverse-proxy/configs/dynamic/synology.yml       | 2 +-
 services/reverse-proxy/configs/traefik.yml                | 2 +-
 services/reverse-proxy/docker-compose.yml                 | 7 +++----
 9 files changed, 12 insertions(+), 20 deletions(-)

diff --git a/nas-compose.env b/nas-compose.env
index 16ce7ce..bab205f 100644
--- a/nas-compose.env
+++ b/nas-compose.env
@@ -5,6 +5,7 @@ NASCOMPOSE_GID=1000
 
 NASCOMPOSE_SERVICES=
 NASCOMPOSE_DATA=
+NASCOMPOSE_DOMAIN=
 
 NASCOMPOSE_MACVLAN_IFACE=
 NASCOMPOSE_MACVLAN_SUBNET=
@@ -15,15 +16,8 @@ NASCOMPOSE_MACVLAN_TRAEFIK_IP=
 NASCOMPOSE_MACVLAN_PLEX_IP=
 NASCOMPOSE_MACVLAN_PORTAINER_IP=
 
-NASCOMPOSE_TRAEFIK_DOMAINS=
-NASCOMPOSE_TRAEFIK_ADMIN_EMAIL=
-
-NASCOMPOSE_AUTHELIA_DOMAIN=
 NASCOMPOSE_AUTHELIA_SMTP_HOST=
 NASCOMPOSE_AUTHELIA_SMTP_PORT=
 NASCOMPOSE_AUTHELIA_SMTP_USERNAME=
-NASCOMPOSE_AUTHELIA_SMTP_SENDER=
 
 NASCOMPOSE_DUCKDNS_DOMAIN=
-
-NASCOMPOSE_NOTIFIARR_MODE=
diff --git a/services/authentication/docker-compose.yml b/services/authentication/docker-compose.yml
index 79610e1..80fcd18 100644
--- a/services/authentication/docker-compose.yml
+++ b/services/authentication/docker-compose.yml
@@ -8,15 +8,15 @@ services:
     environment:
       PUID: ${NASCOMPOSE_UID?}
       PGID: ${NASCOMPOSE_GID?}
-      AUTHELIA_SESSION_DOMAIN: ${NASCOMPOSE_AUTHELIA_DOMAIN?} # Will be deprecated with newer versions of Authelia, which will support multiple domains
-      AUTHELIA_DEFAULT_REDIRECTION_URL: "https://heimdall.${NASCOMPOSE_AUTHELIA_DOMAIN?}"
+      AUTHELIA_SESSION_DOMAIN: ${NASCOMPOSE_DOMAIN?}
+      AUTHELIA_DEFAULT_REDIRECTION_URL: "https://heimdall.${NASCOMPOSE_DOMAIN?}"
       AUTHELIA_JWT_SECRET_FILE: /run/secrets/jwt_secret
       AUTHELIA_STORAGE_ENCRYPTION_KEY_FILE: /run/secrets/storage_key
       AUTHELIA_NOTIFIER_SMTP_HOST: ${NASCOMPOSE_AUTHELIA_SMTP_HOST?}
       AUTHELIA_NOTIFIER_SMTP_PORT: ${NASCOMPOSE_AUTHELIA_SMTP_PORT?}
       AUTHELIA_NOTIFIER_SMTP_USERNAME: ${NASCOMPOSE_AUTHELIA_SMTP_USERNAME?}
       AUTHELIA_NOTIFIER_SMTP_PASSWORD_FILE: /run/secrets/smtp_password
-      AUTHELIA_NOTIFIER_SMTP_SENDER: ${NASCOMPOSE_AUTHELIA_SMTP_SENDER?}
+      AUTHELIA_NOTIFIER_SMTP_SENDER: "authelia@${NASCOMPOSE_DOMAIN?}"
     networks:
       - reverse-proxy
     volumes:
diff --git a/services/notifiarr/docker-compose.yml b/services/notifiarr/docker-compose.yml
index 1e42e6a..fe4c5bd 100644
--- a/services/notifiarr/docker-compose.yml
+++ b/services/notifiarr/docker-compose.yml
@@ -7,7 +7,6 @@ services:
     environment:
       PUID: ${NASCOMPOSE_UID?}
       PGID: ${NASCOMPOSE_GID?}
-      DN_MODE: ${NASCOMPOSE_NOTIFIARR_MODE?}
     networks:
       - reverse-proxy
     volumes:
diff --git a/services/reverse-proxy/configs/dynamic/authelia.yml b/services/reverse-proxy/configs/dynamic/authelia.yml
index 0915899..37f0e61 100644
--- a/services/reverse-proxy/configs/dynamic/authelia.yml
+++ b/services/reverse-proxy/configs/dynamic/authelia.yml
@@ -2,7 +2,7 @@ http:
   middlewares:
     authelia:
       forwardAuth:
-        address: 'http://authelia:9091/api/verify?rd=https%3A%2F%2Fauthelia.{{ env `NASCOMPOSE_TRAEFIK_DOMAINS` | splitList `,` | first }}%2F'
+        address: 'http://authelia:9091/api/verify?rd=https%3A%2F%2Fauthelia.{{ env `NASCOMPOSE_DOMAIN` }}%2F'
         trustForwardHeader: true
         authResponseHeaders:
           - Remote-User
diff --git a/services/reverse-proxy/configs/dynamic/portainer.yml b/services/reverse-proxy/configs/dynamic/portainer.yml
index c865af6..2b14095 100644
--- a/services/reverse-proxy/configs/dynamic/portainer.yml
+++ b/services/reverse-proxy/configs/dynamic/portainer.yml
@@ -2,7 +2,7 @@ http:
   #TODO: Convert to inline configuration for portainer
   routers:
     portainer:
-      rule: '{{ $s := "portainer" }}{{ range $i, $d := splitList "," (env `NASCOMPOSE_TRAEFIK_DOMAINS`) }}{{ if $i }} || {{end}}Host(`{{ $s }}.{{ $d }}`){{ end }}'
+      rule: 'portainer.{{ env `NASCOMPOSE_DOMAIN` }}'
       service: portainer@file
   services:
     portainer:
diff --git a/services/reverse-proxy/configs/dynamic/qbittorrent-api.yml b/services/reverse-proxy/configs/dynamic/qbittorrent-api.yml
index 5e51128..162837a 100644
--- a/services/reverse-proxy/configs/dynamic/qbittorrent-api.yml
+++ b/services/reverse-proxy/configs/dynamic/qbittorrent-api.yml
@@ -1,7 +1,7 @@
 http:
   routers:
     qbittorrent-api:
-      rule: '{{ $s := "qbittorrent-api" }}{{ range $i, $d := splitList "," (env `NASCOMPOSE_TRAEFIK_DOMAINS`) }}{{ if $i }} || {{end}}Host(`{{ $s }}.{{ $d }}`){{ end }}'
+      rule: 'qbittorrent-api.{{ env `NASCOMPOSE_DOMAIN` }}'
       service: qbittorrent@docker
       middlewares:
         - authelia-basic@file
diff --git a/services/reverse-proxy/configs/dynamic/synology.yml b/services/reverse-proxy/configs/dynamic/synology.yml
index 1e795f6..8255a4f 100644
--- a/services/reverse-proxy/configs/dynamic/synology.yml
+++ b/services/reverse-proxy/configs/dynamic/synology.yml
@@ -1,7 +1,7 @@
 http:
   routers:
     synology:
-      rule: '{{ $s := "synology" }}{{ range $i, $d := splitList "," (env `NASCOMPOSE_TRAEFIK_DOMAINS`) }}{{ if $i }} || {{end}}Host(`{{ $s }}.{{ $d }}`){{ end }}'
+      rule: 'synology.{{ env `NASCOMPOSE_DOMAIN` }}'
       service: synology@file
   services:
     synology:
diff --git a/services/reverse-proxy/configs/traefik.yml b/services/reverse-proxy/configs/traefik.yml
index a6a8f62..bfc4536 100644
--- a/services/reverse-proxy/configs/traefik.yml
+++ b/services/reverse-proxy/configs/traefik.yml
@@ -3,7 +3,7 @@ providers:
     endpoint: tcp://docker:2375
     exposedByDefault: false
     network: reverse-proxy
-    defaultRule: '{{ $s := index .Labels "com.docker.compose.service" }}{{ range $i, $d := splitList "," (env `NASCOMPOSE_TRAEFIK_DOMAINS`) }}{{ if $i }} || {{end}}Host(`{{ $s }}.{{ $d }}`){{ end }}'
+    defaultRule: '{{ .Labels "com.docker.compose.service" }}{{ env `NASCOMPOSE_DOMAIN` }}'
   file:
     directory: /etc/traefik/dynamic/
 
diff --git a/services/reverse-proxy/docker-compose.yml b/services/reverse-proxy/docker-compose.yml
index f566246..9fec895 100644
--- a/services/reverse-proxy/docker-compose.yml
+++ b/services/reverse-proxy/docker-compose.yml
@@ -5,11 +5,10 @@ services:
     hostname: traefik
     image: traefik
     environment:
-      NASCOMPOSE_TRAEFIK_DOMAINS: ${NASCOMPOSE_TRAEFIK_DOMAINS?}
-      NASCOMPOSE_TRAEFIK_ADMIN_EMAIL: ${NASCOMPOSE_TRAEFIK_ADMIN_EMAIL?}
+      NASCOMPOSE_DOMAIN: ${NASCOMPOSE_DOMAIN?}
       CF_DNS_API_TOKEN_FILE: /run/secrets/cf_dns_token
-      TRAEFIK_CERTIFICATESRESOLVERS_DEFAULTRESOLVER_ACME_EMAIL: admin@${NASCOMPOSE_TRAEFIK_DOMAINS?}
-      TRAEFIK_ENTRYPOINTS_WEBSECURE_HTTP_TLS_DOMAINS_0_MAIN: '*.${NASCOMPOSE_TRAEFIK_DOMAINS?}'
+      TRAEFIK_CERTIFICATESRESOLVERS_DEFAULTRESOLVER_ACME_EMAIL: admin@${NASCOMPOSE_DOMAIN?}
+      TRAEFIK_ENTRYPOINTS_WEBSECURE_HTTP_TLS_DOMAINS_0_MAIN: '*.${NASCOMPOSE_DOMAIN?}'
       LEGO_DISABLE_CNAME_SUPPORT: true
     networks:
       - reverse-proxy