Move to self-serve domain

2023-04-30 12:14:14 +10:00
parent 87bfb200be
commit 50c7bb9f86
9 changed files with 12 additions and 20 deletions
--- a/nas-compose.env
+++ b/nas-compose.env
@@ -5,6 +5,7 @@ NASCOMPOSE_GID=1000
 NASCOMPOSE_SERVICES=
 NASCOMPOSE_DATA=
 NASCOMPOSE_DOMAIN=
 NASCOMPOSE_MACVLAN_IFACE=
 NASCOMPOSE_MACVLAN_SUBNET=
@@ -15,15 +16,8 @@ NASCOMPOSE_MACVLAN_TRAEFIK_IP=
 NASCOMPOSE_MACVLAN_PLEX_IP=
 NASCOMPOSE_MACVLAN_PORTAINER_IP=
 NASCOMPOSE_TRAEFIK_DOMAINS=
 NASCOMPOSE_TRAEFIK_ADMIN_EMAIL=
 NASCOMPOSE_AUTHELIA_DOMAIN=
 NASCOMPOSE_AUTHELIA_SMTP_HOST=
 NASCOMPOSE_AUTHELIA_SMTP_PORT=
 NASCOMPOSE_AUTHELIA_SMTP_USERNAME=
 NASCOMPOSE_AUTHELIA_SMTP_SENDER=
 NASCOMPOSE_DUCKDNS_DOMAIN=
 NASCOMPOSE_NOTIFIARR_MODE=
--- a/services/authentication/docker-compose.yml
+++ b/services/authentication/docker-compose.yml
@@ -8,15 +8,15 @@ services:
    environment:
      PUID: ${NASCOMPOSE_UID?}
      PGID: ${NASCOMPOSE_GID?}
-      AUTHELIA_SESSION_DOMAIN: ${NASCOMPOSE_AUTHELIA_DOMAIN?} # Will be deprecated with newer versions of Authelia, which will support multiple domains
+      AUTHELIA_SESSION_DOMAIN: ${NASCOMPOSE_DOMAIN?}
-      AUTHELIA_DEFAULT_REDIRECTION_URL: "https://heimdall.${NASCOMPOSE_AUTHELIA_DOMAIN?}"
+      AUTHELIA_DEFAULT_REDIRECTION_URL: "https://heimdall.${NASCOMPOSE_DOMAIN?}"
      AUTHELIA_JWT_SECRET_FILE: /run/secrets/jwt_secret
      AUTHELIA_STORAGE_ENCRYPTION_KEY_FILE: /run/secrets/storage_key
      AUTHELIA_NOTIFIER_SMTP_HOST: ${NASCOMPOSE_AUTHELIA_SMTP_HOST?}
      AUTHELIA_NOTIFIER_SMTP_PORT: ${NASCOMPOSE_AUTHELIA_SMTP_PORT?}
      AUTHELIA_NOTIFIER_SMTP_USERNAME: ${NASCOMPOSE_AUTHELIA_SMTP_USERNAME?}
      AUTHELIA_NOTIFIER_SMTP_PASSWORD_FILE: /run/secrets/smtp_password
-      AUTHELIA_NOTIFIER_SMTP_SENDER: ${NASCOMPOSE_AUTHELIA_SMTP_SENDER?}
+      AUTHELIA_NOTIFIER_SMTP_SENDER: "authelia@${NASCOMPOSE_DOMAIN?}"
    networks:
      - reverse-proxy
    volumes:
--- a/services/notifiarr/docker-compose.yml
+++ b/services/notifiarr/docker-compose.yml
@@ -7,7 +7,6 @@ services:
    environment:
      PUID: ${NASCOMPOSE_UID?}
      PGID: ${NASCOMPOSE_GID?}
      DN_MODE: ${NASCOMPOSE_NOTIFIARR_MODE?}
    networks:
      - reverse-proxy
    volumes:
--- a/services/reverse-proxy/configs/dynamic/authelia.yml
+++ b/services/reverse-proxy/configs/dynamic/authelia.yml
@@ -2,7 +2,7 @@ http:
  middlewares:
    authelia:
      forwardAuth:
-        address: 'http://authelia:9091/api/verify?rd=https%3A%2F%2Fauthelia.{{ env `NASCOMPOSE_TRAEFIK_DOMAINS` | splitList `,` | first }}%2F'
+        address: 'http://authelia:9091/api/verify?rd=https%3A%2F%2Fauthelia.{{ env `NASCOMPOSE_DOMAIN` }}%2F'
        trustForwardHeader: true
        authResponseHeaders:
          - Remote-User
--- a/services/reverse-proxy/configs/dynamic/portainer.yml
+++ b/services/reverse-proxy/configs/dynamic/portainer.yml
@@ -2,7 +2,7 @@ http:
  #TODO: Convert to inline configuration for portainer
  routers:
    portainer:
-      rule: '{{ $s := "portainer" }}{{ range $i, $d := splitList "," (env `NASCOMPOSE_TRAEFIK_DOMAINS`) }}{{ if $i }} || {{end}}Host(`{{ $s }}.{{ $d }}`){{ end }}'
+      rule: 'portainer.{{ env `NASCOMPOSE_DOMAIN` }}'
      service: portainer@file
  services:
    portainer:
--- a/services/reverse-proxy/configs/dynamic/qbittorrent-api.yml
+++ b/services/reverse-proxy/configs/dynamic/qbittorrent-api.yml
@@ -1,7 +1,7 @@
 http:
  routers:
    qbittorrent-api:
-      rule: '{{ $s := "qbittorrent-api" }}{{ range $i, $d := splitList "," (env `NASCOMPOSE_TRAEFIK_DOMAINS`) }}{{ if $i }} || {{end}}Host(`{{ $s }}.{{ $d }}`){{ end }}'
+      rule: 'qbittorrent-api.{{ env `NASCOMPOSE_DOMAIN` }}'
      service: qbittorrent@docker
      middlewares:
        - authelia-basic@file
--- a/services/reverse-proxy/configs/dynamic/synology.yml
+++ b/services/reverse-proxy/configs/dynamic/synology.yml
@@ -1,7 +1,7 @@
 http:
  routers:
    synology:
-      rule: '{{ $s := "synology" }}{{ range $i, $d := splitList "," (env `NASCOMPOSE_TRAEFIK_DOMAINS`) }}{{ if $i }} || {{end}}Host(`{{ $s }}.{{ $d }}`){{ end }}'
+      rule: 'synology.{{ env `NASCOMPOSE_DOMAIN` }}'
      service: synology@file
  services:
    synology:
--- a/services/reverse-proxy/configs/traefik.yml
+++ b/services/reverse-proxy/configs/traefik.yml
@@ -3,7 +3,7 @@ providers:
    endpoint: tcp://docker:2375
    exposedByDefault: false
    network: reverse-proxy
-    defaultRule: '{{ $s := index .Labels "com.docker.compose.service" }}{{ range $i, $d := splitList "," (env `NASCOMPOSE_TRAEFIK_DOMAINS`) }}{{ if $i }} || {{end}}Host(`{{ $s }}.{{ $d }}`){{ end }}'
+    defaultRule: '{{ .Labels "com.docker.compose.service" }}{{ env `NASCOMPOSE_DOMAIN` }}'
  file:
    directory: /etc/traefik/dynamic/
--- a/services/reverse-proxy/docker-compose.yml
+++ b/services/reverse-proxy/docker-compose.yml
@@ -5,11 +5,10 @@ services:
    hostname: traefik
    image: traefik
    environment:
-      NASCOMPOSE_TRAEFIK_DOMAINS: ${NASCOMPOSE_TRAEFIK_DOMAINS?}
+      NASCOMPOSE_DOMAIN: ${NASCOMPOSE_DOMAIN?}
      NASCOMPOSE_TRAEFIK_ADMIN_EMAIL: ${NASCOMPOSE_TRAEFIK_ADMIN_EMAIL?}
      CF_DNS_API_TOKEN_FILE: /run/secrets/cf_dns_token
-      TRAEFIK_CERTIFICATESRESOLVERS_DEFAULTRESOLVER_ACME_EMAIL: admin@${NASCOMPOSE_TRAEFIK_DOMAINS?}
+      TRAEFIK_CERTIFICATESRESOLVERS_DEFAULTRESOLVER_ACME_EMAIL: admin@${NASCOMPOSE_DOMAIN?}
-      TRAEFIK_ENTRYPOINTS_WEBSECURE_HTTP_TLS_DOMAINS_0_MAIN: '*.${NASCOMPOSE_TRAEFIK_DOMAINS?}'
+      TRAEFIK_ENTRYPOINTS_WEBSECURE_HTTP_TLS_DOMAINS_0_MAIN: '*.${NASCOMPOSE_DOMAIN?}'
      LEGO_DISABLE_CNAME_SUPPORT: true
    networks:
      - reverse-proxy