Part of halos-org/halos#92
What
Update the core containers prestart.sh to reflect the new port-based routing architecture.
Changes
TLS certificate generation:
- Simplify SANs to just
halos.local (drop wildcard *.halos.local — no longer needed)
Cockpit routing:
- Replace subdomain Host(
cockpit.${HALOS_DOMAIN}) route with a path redirect: /cockpit/ → 302 to https://${HALOS_DOMAIN}:9090/
- Cockpit serves native HTTPS on 9090 — no Traefik TLS proxy needed
OIDC configuration:
- Update issuer URL from
https://auth.${HALOS_DOMAIN} to https://${HALOS_DOMAIN}/auth/
- Update Homarr OIDC redirect URIs to use path-redirect form
- Update Homarr logout redirect URL
Localhost redirects:
- Simplify: remove subdomain capture logic, just redirect
localhost → ${HALOS_DOMAIN}
Docker extra_hosts:
- Remove subdomain entries (
auth.${HALOS_DOMAIN}:127.0.0.1 etc.) from container configs if no longer needed
Part of halos-org/halos#92
What
Update the core containers prestart.sh to reflect the new port-based routing architecture.
Changes
TLS certificate generation:
halos.local(drop wildcard*.halos.local— no longer needed)Cockpit routing:
cockpit.${HALOS_DOMAIN}) route with a path redirect:/cockpit/→ 302 tohttps://${HALOS_DOMAIN}:9090/OIDC configuration:
https://auth.${HALOS_DOMAIN}tohttps://${HALOS_DOMAIN}/auth/Localhost redirects:
localhost→${HALOS_DOMAIN}Docker extra_hosts:
auth.${HALOS_DOMAIN}:127.0.0.1etc.) from container configs if no longer needed