From 9ef2ec345c56f118301abda8c5db2812a6016dfc Mon Sep 17 00:00:00 2001
From: Amar Saljic <amar.logins@outlook.com>
Date: Sun, 26 Oct 2025 12:45:33 +0100
Subject: [PATCH] changes for Authelia setup

---
 .gitignore                                            |  2 +-
 homelab/applications/authelia/compose.yaml            |  8 +++++++-
 .../applications/authelia/config/configuration.yml    |  7 +++----
 homelab/applications/caddy/Caddyfile                  | 11 +++++++++++
 4 files changed, 22 insertions(+), 6 deletions(-)

diff --git a/.gitignore b/.gitignore
index e991c1f..16fae6d 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1,2 @@
 .DS_Store
-*/secrets
+secrets/
diff --git a/homelab/applications/authelia/compose.yaml b/homelab/applications/authelia/compose.yaml
index cfd72b0..b961bc7 100644
--- a/homelab/applications/authelia/compose.yaml
+++ b/homelab/applications/authelia/compose.yaml
@@ -1,3 +1,7 @@
+secrets:
+  STORAGE_ENCRYPTION_KEY:
+    file: './secrets/authelia_db_encryption_key'
+
 services:
   authelia:
     image: authelia/authelia:latest
@@ -11,8 +15,10 @@ services:
       - ./db:/config/db
     ports:
       - '9091:9091'
+    secrets: ['STORAGE_ENCRYPTION_KEY']
     environment:
-      - TZ=Etc/UTC
+      TZ: 'Etc/UTC'
+      AUTHELIA_STORAGE_ENCRYPTION_KEY_FILE: '/run/secrets/STORAGE_ENCRYPTION_KEY'
         
     restart: always
     healthcheck:
diff --git a/homelab/applications/authelia/config/configuration.yml b/homelab/applications/authelia/config/configuration.yml
index 0e50cdd..6f5acf0 100644
--- a/homelab/applications/authelia/config/configuration.yml
+++ b/homelab/applications/authelia/config/configuration.yml
@@ -1,6 +1,5 @@
 server:
-  host: 0.0.0.0
-  port: 9091
+  address: 0.0.0.0:9091
   endpoints:
     authz:
       forward-auth:
@@ -11,7 +10,7 @@ log:
 
 # --- Storage ---
 storage:
-  sqlite:
+  local:
     path: /config/db/authelia.sqlite.db
 
 # --- Authentication ---
@@ -35,7 +34,7 @@ session:
   cookies:
     - domain: 'saljic.me'
       authelia_url: 'https://auth.saljic.me'
-      default_redirection_url: 'https://auth.saljic.me'
+      default_redirection_url: 'https://saljic.me'
   # name: authelia_session
   # expiration: 1h
   # inactivity: 5m
diff --git a/homelab/applications/caddy/Caddyfile b/homelab/applications/caddy/Caddyfile
index 5c83aeb..ddca991 100644
--- a/homelab/applications/caddy/Caddyfile
+++ b/homelab/applications/caddy/Caddyfile
@@ -20,4 +20,15 @@ ha.saljic.me {
 # --- Immich ---
 tagebuch.saljic.me {
   reverse_proxy 10.10.10.6:2283
+}
+
+# --- default --- 
+saljic.me {
+  header Content-Type text/html
+	respond <<HTML
+		<html>
+			<head><title>saljic.me</title></head>
+			<body>Hello there</body>
+		</html>
+		HTML 200
 }
\ No newline at end of file