The Great Playtopia Dev Lab Adventure 🚀

The Quest Begins

What started as a simple request to build a “containerized dev environment” quickly became an epic adventure filled with SSL certificates, authentication middleware, and the occasional 404 error that made us question our life choices.

Chapter 1: The Flawed Architecture

Our first attempt seemed logical enough:

• nginx handling SSL termination
• Traefik managing service routing
• Authelia providing authentication
• Various services running behind the scenes

What could go wrong?

The Plot Twist 🎭

Everything. Literally everything went wrong.

The architecture had a fundamental flaw: nginx terminated SSL and forwarded HTTP to Traefik, but Authelia v4.39+ refused HTTP URLs for security reasons. This created an unsolvable conflict that left us with working SSL certificates but broken authentication.

# The error that haunted our dreams
level=error msg="Target URL 'http://dev.playtopia.com.au/' has an insecure scheme 'http', only the 'https' and 'wss' schemes are supported"

Chapter 2: The Great Rebuild

After much frustration and a healthy dose of “maybe the right products weren’t chosen,” we made a bold decision: tear it all down and rebuild it properly.

The New Architecture ✨

• Single Traefik instance handling ALL SSL termination
• Let’s Encrypt certificates with iOS compatibility
• Unified container orchestration
• No more nginx (RIP, you served us well… until you didn’t)

Chapter 3: The Breakthrough

The moment when everything clicked into place:

HTTP/2 302 
location: https://auth.playtopia.com.au/?rd=https%3A%2F%2Fdev.playtopia.com.au%2F
set-cookie: authelia_session=...

That beautiful HTTP 302 redirect meant authentication was finally working!

Chapter 4: The Victory

By the end of our adventure, we had achieved:

• ✅ Working HTTPS for all services
• ✅ Authentication flow protecting dev tools
• ✅ VS Code in the browser
• ✅ Docker management via Portainer
• ✅ Traffic monitoring with Traefik dashboard
• ✅ Jellyfin streaming with iOS app support

Lessons Learned

1. Architecture matters - Don’t fight against your tools
2. Keep it simple - Complex doesn’t mean better
3. Read the error logs - They’re usually telling you exactly what’s wrong
4. Persistence pays off - Even when everything seems broken

The Tech Stack That Actually Works

• Traefik v3.0 - Handling all SSL and routing
• Authelia - Providing secure authentication
• Docker Compose - Orchestrating everything
• Let’s Encrypt - Free SSL certificates
• Hugo - This very website you’re reading

What’s Next?

Now that we have a solid foundation, the real fun begins:

• Building cool projects
• Experimenting with new technologies
• Maybe even that block-matching game we’ve been talking about

The Code Behind The Magic

Here’s a glimpse of our final docker-compose.yml structure:

services:
  traefik:
    image: traefik:v3.0
    ports:
      - "80:80"
      - "443:443"
    command:
      - --certificatesresolvers.letsencrypt.acme.tlschallenge=true
      - --entrypoints.websecure.address=:443
    # The magic happens here...

Want to see the full configuration? Check out our documentation page!

Status: Environment fully operational and ready for world domination… I mean, creative projects. 🎯