Infrastructure

Authelia: Access protection 🔒 Single sign-on to all Potato Energy services with enterprise-level protection. What does: 🔐 A single account for all services - no need to remember passwords anymore 📱 Two-factor authentication (TOTP, WebAuthn, push notifications) 🎯 Flexible access policies: by user, IP, device 🛡️ Protection against brute force and suspicious inputs 📋 Detailed logs of authorizations for administrators How to use: When logging into any service for the first time, create an Authelia account Set up 2FA in your personal account (recommended) Log in to the services with one click - general authorization For administrators: Rights management, forced 2FA, session auditing - all in a single dashboard. ...

Diun: Guardian of the relevance of containers 🔄 Personal assistant for updating Docker images. What does: 🔍 Monitors image tags in Docker Hub, GitHub, and private registries 📩 Sends notifications to Telegram, Discord when new versions are released 📋 Detailed log of changes with links to releases How to use: Diun works in the background - no configuration required You will receive a notification when an update is available for the service. The administrator applies the update or sets up an auto-update For administrators: Flexible rules, filtering, and notifications are all in the config. ...

Error-Pages: Custom error pages 🚨 Friendly messages instead of the standard “404 Not Found”. What does: 🎨 Stylish pages for 4xx/5xx errors in a single Potato Energy brand 🌍 Automatic language detection and dark/light theme 🔧 Useful tips: “check the URL”, “go back to the main page”, “write to support” 📊 Error logging for administrators ⚡ Lightweight static pages - load even in case of backend failures How it works: If there is an access error, Nginx/Traefik redirects to a custom page. You see a clear message with options for action. The administrator receives notification of critical failures For administrators: Flexible customization of texts, redirects, and styles through a single configuration. ...

Traefik: Smart Router 🛠️ Your digital dispatcher, who directs requests to the necessary services. What does: 🔐 Auto-issue and update of SSL certificates (Let’s Encrypt) 🚦 Routing by domains: grafana.*/ → Grafana, cloud.*/ → Nextcloud ⚡ Zero-downtime deployment: service updates without disconnecting connections 🧩 Middleware: authentication (Authelia), rate-limiting, redirects, compression 📊 Exporting metrics for Prometheus - real - time traffic visibility How it works: You enter service.potatoenergy.ru in the browser Traefik checks the rules, applies SSL and middleware The request gets into the right container - you see the service For administrators: Dynamic configuration via Docker labels and configuration files, hot-reload without restarting, integration with Docker. ...