coop-cloud/traefik
8
2
Fork 18
Code Issues 12 Pull Requests 5 Releases Wiki Activity

Fix Cloudlfare DNS #104

Merged
decentral1se merged 3 commits from Zigzagill/traefik:cloudflare-config-fixes into master 2026-06-21 12:48:20 +00:00
Conversation 3 Commits 3 Files Changed 2 +25 -23
Zigzagill commented 2026-05-17 20:46:37 +00:00
Member
Copy Link

Apologies for submitting changes and then immediately undoing some of them. I made a mistake previously by assuming that letsdebug.net tests were sufficient to confirm that this setup was working. But, it turns out that my site was still failing to get valid SSL certs. After digging into the Lego docs I realized I needed to be using different environment variables, which I added here. Once I deployed these changes to a fresh VPS on a different domain with a more straightforward configuration, I confirmed that HTTPS connections to the Traefik dashboard worked just fine.

Please let me know if there's anything else I can do to verify these fixes so I can be extra-super-sure that it's good to go. I'm still new to a lot of this and clearly have lots to learn.

As a treat, I also added generate=false flags to the DNS secrets for other providers, as discussed in my previous PR. Cheers!

  • I have deployed and tested my changes
    Deployed on a fresh VPS, confirmed that HTTPS connections work after deploying these changes
  • I have updated relevant versions in abra.sh
    No version update needed
  • I have made my environment variable changes backwards compatible
    This does remove the two environment variables that I introduced in my prior PR. Since those haven't been picked up in a release, I'm hoping this is an acceptable regression. Those two variables are both perfectly valid, they just require an account-wide API token which is unnecessarily risky in my opinion. But if we want to keep them in, I'm happy to put things back as they were :)
  • I have added a release note entry
    Not necessary
<!-- Thank you for doing recipe maintenance work! Please mark all checklist items which are relevant for your changes. Please remove the checklist items which are not relevant for your changes. Feel free to remove this comment. --> Apologies for submitting changes and then immediately undoing some of them. I made a mistake previously by assuming that letsdebug.net tests were sufficient to confirm that this setup was working. But, it turns out that my site was still failing to get valid SSL certs. After digging into the Lego docs I realized I needed to be using different environment variables, which I added here. Once I deployed these changes to a fresh VPS on a different domain with a more straightforward configuration, I confirmed that HTTPS connections to the Traefik dashboard worked just fine. Please let me know if there's anything else I can do to verify these fixes so I can be extra-super-sure that it's good to go. I'm still new to a lot of this and clearly have lots to learn. As a treat, I also added `generate=false` flags to the DNS secrets for other providers, as discussed in my previous PR. Cheers! * [x] I have deployed and tested my changes Deployed on a fresh VPS, confirmed that HTTPS connections work after deploying these changes * [x] I have [updated relevant versions in `abra.sh`](https://docs.coopcloud.tech/maintainers/upgrade/#updating-versions-in-the-abrash) No version update needed * [x] I have made my environment variable changes [backwards compatible](https://docs.coopcloud.tech/maintainers/upgrade/#backwards-compatible-environment-variable-changes) This does remove the two environment variables that I introduced in my prior PR. Since those haven't been picked up in a release, I'm hoping this is an acceptable regression. Those two variables are both perfectly valid, they just require an account-wide API token which is unnecessarily risky in my opinion. But if we want to keep them in, I'm happy to put things back as they were :) * [x] I have added a [release note entry](https://docs.coopcloud.tech/maintainers/upgrade/#creating-new-release-notes) Not necessary
❤️ 1
Zigzagill added 2 commits 2026-05-17 20:46:38 +00:00
switch to dns/zone api token for cloudflare dns 5bab061cda
add generate=false to DNS secrets
Some checks failed
continuous-integration/drone/pr Build is failing
Details
856d0c1af0
decentral1se reviewed 2026-05-17 21:10:12 +00:00
decentral1se left a comment
Owner
Copy Link

It's all good, thanks for following up! One minor comment again but otherwise, it's looking good to me. I think the only way to truly verify things work is for you to just keep plugging away at it 😆 We'll get there

It's all good, thanks for following up! One minor comment again but otherwise, it's looking good to me. I think the only way to truly verify things work is for you to just keep plugging away at it 😆 We'll get there ✅
❤️ 1
compose.cloudflare.yml Outdated
@ -9,3 +9,1 @@
- cf_email
- cf_api_key
- cf_dns_api_token
decentral1se commented 2026-05-17 21:09:26 +00:00
Owner
Copy Link

I would go for something shorter in the naming, e.g. cf_dns_token/cf_zone_token, because of this really annoying limitation.

I would go for something shorter in the naming, e.g. `cf_dns_token`/`cf_zone_token`, because of this [really annoying limitation](https://docs.coopcloud.tech/maintainers/handbook/#r015-long-secret-names).
Zigzagill commented 2026-05-17 21:58:10 +00:00
Author
Member
Copy Link

Fixed! Maybe someday we'll have computers that can handle strings with more than 64 characters /s

Fixed! Maybe someday we'll have computers that can handle strings with more than 64 characters /s
😆 1
decentral1se marked this conversation as resolved
Zigzagill added 1 commit 2026-05-17 21:56:49 +00:00
Shorten Cloudflare token variable names
Some checks failed
continuous-integration/drone/pr Build is failing
Details
7d5d6efa29
Zigzagill force-pushed cloudflare-config-fixes from 7d5d6efa29 to be739f2c73 2026-06-19 04:10:16 +00:00 Compare
decentral1se approved these changes 2026-06-19 12:57:33 +00:00
decentral1se requested review from p4u1 2026-06-19 12:57:49 +00:00
decentral1se requested review from javielico 2026-06-19 12:57:54 +00:00
decentral1se requested review from carla 2026-06-19 12:58:04 +00:00
decentral1se requested review from moritz 2026-06-19 12:58:04 +00:00
decentral1se requested review from simon 2026-06-19 12:58:05 +00:00
Zigzagill force-pushed cloudflare-config-fixes from be739f2c73 to 47d8260f34 2026-06-20 00:37:24 +00:00 Compare
p4u1 approved these changes 2026-06-20 15:16:39 +00:00
decentral1se merged commit b2b311fef4 into master 2026-06-21 12:48:20 +00:00
Sign in to join this conversation.
Reviewers
No Reviewers
decentral1se
javielico
moritz
carla
simon
p4u1
Labels
Clear labels
bug
Something is not working
duplicate
This issue or pull request already exists
enhancement
New feature
help wanted
Need some help
invalid
Something is wrong
question
More information is needed
wontfix
This won't be fixed
No Label
Milestone
No items
No Milestone
Assignees
Clear assignees
3wordchant aadil abra-bot ammaratef45 amras BornDeleuze Brooke carla cas coopcloud decentral1se fauno javielico jjsfunhouse kawaiipunk knoflook moosemower moritz notplants oxaliq p4u1 renovate-bot simon stevensting trav yksflip
No Assignees
3 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: coop-cloud/traefik#104
No description provided.
Delete Branch "Zigzagill/traefik:cloudflare-config-fixes"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?