refactor: use $DOMAIN env var instead of hardcoded lazyworkhorse.net
Replace all hardcoded lazyworkhorse.net references in compose files
with ${DOMAIN} variable substitution. Create .env.production and
.env.staging environment files. Update Makefile with ENV selection
(--env-file support) and staging/production targets.
Changes:
- All 13 compose YAML files: lazyworkhorse.net -> ${DOMAIN}
- New .env.production (DOMAIN=lazyworkhorse.net)
- New .env.staging (DOMAIN=staging.lazyworkhorse.net)
- Makefile: ENV var, --env-file flag, staging/production targets
- Gitea redirect regex updated for variable substitution
- CI workflow checkout URLs left hardcoded (infrastructure refs)
- Dockerfile SSH host refs left hardcoded (infrastructure refs)
Deploy: make ENV=staging all_up or make staging
make ENV=production all_up or make production
This commit is contained in:
@@ -15,20 +15,20 @@ services:
|
||||
- "traefik.enable=true"
|
||||
|
||||
# HTTP → HTTPS redirect
|
||||
- "traefik.http.routers.fava-http.rule=Host(`money.lazyworkhorse.net`)"
|
||||
- "traefik.http.routers.fava-http.rule=Host(`money.${DOMAIN}`)"
|
||||
- "traefik.http.routers.fava-http.entrypoints=web"
|
||||
- "traefik.http.routers.fava-http.middlewares=redirect-to-https"
|
||||
- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
|
||||
|
||||
# HTTPS router protected by Authelia
|
||||
- "traefik.http.routers.fava-https.rule=Host(`money.lazyworkhorse.net`)"
|
||||
- "traefik.http.routers.fava-https.rule=Host(`money.${DOMAIN}`)"
|
||||
- "traefik.http.routers.fava-https.entrypoints=websecure"
|
||||
- "traefik.http.routers.fava-https.tls=true"
|
||||
- "traefik.http.routers.fava-https.tls.certresolver=njalla"
|
||||
- "traefik.http.routers.fava-https.middlewares=fava-auth"
|
||||
|
||||
# Authelia forwardAuth
|
||||
- "traefik.http.middlewares.fava-auth.forwardauth.address=http://authelia:9091/api/verify?rd=https://auth.lazyworkhorse.net/"
|
||||
- "traefik.http.middlewares.fava-auth.forwardauth.address=http://authelia:9091/api/verify?rd=https://auth.${DOMAIN}/"
|
||||
- "traefik.http.middlewares.fava-auth.forwardauth.trustforwardheader=true"
|
||||
- "traefik.http.middlewares.fava-auth.forwardauth.authresponseheaders=X-Forwarded-User,X-Forwarded-Groups"
|
||||
|
||||
|
||||
Reference in New Issue
Block a user