From 8a42cb3bb93fbf86ce9748b9d80a9c18e3f4f814 Mon Sep 17 00:00:00 2001
From: admin <jkilloran@mapletree.email>
Date: Fri, 30 Jan 2026 14:13:29 -0700
Subject: [PATCH] variables for traefik

---
 lxc1/core/traefik.yml | 39 +++++++++++++++++----------------------
 1 file changed, 17 insertions(+), 22 deletions(-)

diff --git a/lxc1/core/traefik.yml b/lxc1/core/traefik.yml
index 34f701a..d26487a 100644
--- a/lxc1/core/traefik.yml
+++ b/lxc1/core/traefik.yml
@@ -9,39 +9,34 @@ services:
     mem_limit: "1024m"
     mem_reservation: "128m"
     restart: always
-    #ports:
-    #  - "80:80"     # HTTP
-    #  - "443:443"   # HTTPS
-    #  - "888:8080" # Traefik Dashboard (optional, password-protect in production!)
     command:
       - "--api.dashboard=true"
-      - "--api.insecure=true"  # Remove or secure in prod
+      - "--api.insecure=true" 
       - "--providers.docker=true"
       - "--providers.docker.exposedbydefault=false"
       - "--providers.docker.useBindPortIP=false"
       - "--entrypoints.web.address=:80"
       - "--entrypoints.websecure.address=:443"
-      - "--providers.docker.network=${DOCKER_NETWORK_LIST}"
+      # Variables for flexibility
+      - "--providers.docker.network=${DOCKER_NETWORKS}"
       - "--providers.file.directory=/etc/traefik/dynamic"
       - "--providers.file.watch=true"
-      ##DNS resolver
-      - "--certificatesresolvers.myresolver.acme.dnschallenge=true"
-      - "--certificatesresolvers.myresolver.acme.dnschallenge.provider=desec"
-      - "--certificatesresolvers.myresolver.acme.dnschallenge.delaybeforecheck=90"
-      - --certificatesresolvers.myresolver.acme.dnschallenge.resolvers=1.1.1.1:53,8.8.8.8:53
-      - "--certificatesresolvers.myresolver.acme.email=admin@mapletree.email"
-      - "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
-      ##HTTP resolver
-      - --certificatesresolvers.le_http.acme.httpchallenge=true
-      - --certificatesresolvers.le_http.acme.httpchallenge.entrypoint=web
-      - --certificatesresolvers.le_http.acme.email=admin@mapletree.email
-      - --certificatesresolvers.le_http.acme.storage=/letsencrypt/acme.json
+      ## DNS resolver
+      - "--certificatesresolvers.dns_resolver.acme.dnschallenge=true"
+      - "--certificatesresolvers.dns_resolver.acme.dnschallenge.provider=desec"
+      - "--certificatesresolvers.dns_resolver.acme.dnschallenge.delaybeforecheck=90"
+      - "--certificatesresolvers.dns_resolver.acme.dnschallenge.resolvers=1.1.1.1:53,8.8.8.8:53"
+      - "--certificatesresolvers.dns_resolver.acme.email=${ACME_EMAIL}"
+      - "--certificatesresolvers.dns_resolver.acme.storage=/letsencrypt/acme.json"
+      ## HTTP Resolver
+      - "--certificatesresolvers.http_resolver.acme.httpchallenge=true"
+      - "--certificatesresolvers.http_resolver.acme.httpchallenge.entrypoint=web"
+      - "--certificatesresolvers.http_resolver.acme.storage=/letsencrypt/acme.json"
+      - "--certificatesresolvers.http_resolver.acme.email=${ACME_EMAIL}"
     environment:
-    # Pass the variables through
       - DESEC_TOKEN=${DESEC_TOKEN}
       - DESEC_DOMAIN=${DESEC_DOMAIN}
-      # (Any other Traefik env vars you need)
     volumes:
       - "/var/run/docker.sock:/var/run/docker.sock:ro"
-      - "/docker/core/traefik/letsencrypt:/letsencrypt"
-      - "${REPO_ROOT}/traefik/dynamic:/etc/traefik/dynamic"
+      - "/docker/traefik/letsencrypt:/letsencrypt"
+      - "/docker/traefik/dynamic:/etc/traefik/dynamic"
\ No newline at end of file