bug

.env.example

@@ -26,3 +26,8 @@ SMTP_HOST=my.directonline.io
 SMTP_PORT=587
 SMTP_USER=no-reply@noxious.gg
 SMTP_PASSWORD=""
+
+# Traefik configuration
+ACME_EMAIL=info@noxious.gg
+TRAEFIK_DASHBOARD_HOST=traefik.server.noxious.gg
+TRAEFIK_BASIC_AUTH=admin:$apr1$42pa8hen$p.bKJ3.gHJ9U0ZwyVxmIc0

config/traefik.yml

@@ -0,0 +1,33 @@
+entryPoints:
+  web:
+    address: ":80"
+    http:
+      redirections:
+        entryPoint:
+          to: websecure
+          scheme: https
+  websecure:
+    address: ":443"
+    http:
+      tls:
+        certResolver: letsencrypt
+
+certificatesResolvers:
+  letsencrypt:
+    acme:
+      email: info@noxious.gg
+      storage: /certificates/acme.json
+      httpChallenge:
+        entryPoint: web
+
+providers:
+  docker:
+    endpoint: "unix:///var/run/docker.sock"
+    exposedByDefault: false
+    network: app-network
+
+log:
+  level: INFO
+
+api:
+  dashboard: false

docker-compose.yml

@@ -38,24 +38,9 @@ services:
       - "traefik.enable=true"
       - "traefik.http.routers.app.rule=Host(`${HOST}`)"
       - "traefik.http.routers.app.entrypoints=websecure"
-      - "traefik.http.routers.app.tls.certresolver=le"
+      - "traefik.http.routers.app.tls=true"
+      - "traefik.http.routers.app.service=app"
       - "traefik.http.services.app.loadbalancer.server.port=${PORT}"
-      - "traefik.http.routers.app.middlewares=websocket"
-
-  traefik:
-    image: traefik:v3.3.3
-    ports:
-      - "80:80"
-      - "443:443"
-      - "8080:8080"
-    volumes:
-      - traefik_data:/data
-      - ./traefik.yml:/traefik.yml
-      - /var/run/docker.sock:/var/run/docker.sock:ro
-    restart: unless-stopped
-    networks:
-      - app-network
-    command: --configFile=/traefik.yml
 
   mariadb:
     image: mariadb:lts
@@ -84,6 +69,19 @@ services:
     networks:
       - app-network
 
+  traefik:
+    image: traefik:v3.3.3
+    ports:
+      - "80:80"
+      - "443:443"
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+      - ./config/traefik.yml:/etc/traefik/traefik.yml:ro
+      - ./certificates:/certificates
+    networks:
+      - app-network
+    restart: unless-stopped
+
 networks:
   app-network:
     driver: bridge
@@ -93,4 +91,3 @@ volumes:
   app-logs:
   mariadb-data:
   redis-data:
-  traefik_data:

traefik.yml

@@ -1,74 +0,0 @@
-entryPoints:
-  web:
-    address: ":80"
-    http:
-      redirections:
-        entryPoint:
-          to: "websecure"
-          scheme: "https"
-  websecure:
-    address: ":443"
-
-providers:
-  docker:
-    endpoint: "unix:///var/run/docker.sock"
-    exposedByDefault: false
-
-certificatesResolvers:
-  le:
-    acme:
-      email: "your-email@example.com"
-      storage: "/data/acme.json"
-      tlsChallenge: {}
-
-api:
-  dashboard: true
-
-ping:
-  entryPoint: "websecure"
-
-http:
-  routers:
-    api:
-      rule: "PathPrefix(`/api`)"
-      service: "api"
-      entryPoints: ["websecure"]
-    app:
-      rule: "Host(`${HOST}`)"
-      entryPoints: ["websecure"]
-      service: "app"
-      tls:
-        certResolver: "le"
-      middlewares:
-        - "websocket"
-
-  services:
-    api:
-      loadBalancer:
-        servers:
-          - url: "http://app:${PORT}"
-    app:
-      loadBalancer:
-        sticky: true
-        servers:
-          - url: "http://app:${PORT}"
-
-  middlewares:
-    websocket:
-      headers:
-        accessControlAllowHeaders:
-          - "Origin"
-          - "Content-Type"
-          - "Accept"
-          - "Authorization"
-        accessControlAllowMethods:
-          - "GET"
-          - "POST"
-          - "PUT"
-          - "DELETE"
-          - "PATCH"
-          - "OPTIONS"
-        accessControlAllowOrigin: ["*"]
-        accessControlExposeHeaders:
-          - "Content-Length"
-          - "Content-Range"