# Server

Configuration for traefik 2 and authelia

## Environment variables

This setup uses two global environment variables: `PRIVATE_DOMAIN` and `PUBLIC_DOMAIN`. Those are two registered domain names I use for public and private services.

There is also an `.env` file which defines a few more variables:
```
AUTHELIA_JWT_SECRET=...
AUTHELIA_SESSION_SECRET=...
AUTHELIA_SESSION_DOMAIN=...
AUTHELIA_TOTP_ISSUER=...
TRAEFIK_CERTIFICATERESOLVERS_LE_ACME_EMAIL=...
```

The value of those depend on your setup and can be found in the Traefik and Authelia documentation.

## Lessons learned

- Authelia will ONLY work with https. Both the authelia url itself and the one being authenticated must be https.
- The authorization link should NOT end with `/#/` or `/%2F/` or anything, just `/`. Otherwise it will not redirect you back after authorizing.