This fixes ETIMEDOUT errors when exchanging OAuth tokens. The container
now uses the Docker internal service name (authentiknucleo-server-1:9000)
for server-to-server API calls while keeping the public URL for browser
redirects.
Changes:
- Add NUXT_OAUTH_AUTHENTIK_SERVER_URL_INTERNAL env var
- Use internal URL for token exchange and userinfo endpoints
- Update docker-compose.yml and Gitea workflow
- Integrated Authentik OAuth/OIDC authentication
- Added PWA functionality with offline support
- Created protected and public API endpoints
- Configured Docker deployment with Traefik
- Added Gitea Actions CI/CD workflow
- Included comprehensive setup documentation
