fix(authelia): Update configuration for v4.38+ compatibility and remove deprecated variables

README.md

@@ -27,6 +27,7 @@ The core idea is to manage media libraries (movies, TV shows, music), automate d
   - [Optional Services](#optional-services)
   - [Troubleshooting](#troubleshooting)
     - [SELinux Socket Permissions (Docker)](#selinux-socket-permissions-docker)
+    - [Authelia v4.38+ Compatibility](#authelia-v438-compatibility)
     - [Tailscale Issues](#tailscale-issues)
     - [File Permissions](#file-permissions)
   - [Advanced Topics](#advanced-topics)
@@ -350,6 +351,23 @@ If you are running Docker on a host with SELinux enabled (like Fedora, CentOS, R
     ```
     This allows the specific actions that were being denied. You might need to repeat this if different denials appear after applying the first policy.
 
+### Authelia v4.38+ Compatibility
+
+If you see errors like these in your Authelia logs:
+```
+Configuration: configuration key not expected: session.domains
+Configuration: configuration key not expected: session.domains[].default_redirection_url
+Configuration: configuration key not expected: session.domains[].domain
+Can't continue due to the errors loading the configuration
+```
+
+This is likely due to Authelia v4.38+ changing the session domain configuration format. The stack has been updated to use the new `cookies` configuration structure:
+- Updated `authelia/configuration.yml` with new session cookies structure
+- Environment variables in Docker Compose are remapped to the new format
+- Old environment variables like `AUTHELIA_DEFAULT_REDIRECT_URL` are no longer directly used
+
+**Fix:** Update your `authelia/configuration.yml` with the latest version from the repository. See the configuration file for the current correct format.
+
 ### Tailscale Issues
 
 *   **Authentication:** Ensure your `TAILSCALE_AUTHKEY` in `.env` is valid and hasn't expired (especially if using ephemeral keys). Check the `tailscale` container logs (`docker compose logs tailscale`) for authentication errors.