From 784b3272e841c833a81446efeef045ba8cc4c279 Mon Sep 17 00:00:00 2001 From: Zigzagill Date: Thu, 14 May 2026 20:01:30 -0700 Subject: [PATCH 1/4] Add Cloudflare compose file --- compose.cloudflare.yml | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) create mode 100644 compose.cloudflare.yml diff --git a/compose.cloudflare.yml b/compose.cloudflare.yml new file mode 100644 index 0000000..1feb55b --- /dev/null +++ b/compose.cloudflare.yml @@ -0,0 +1,18 @@ +version: "3.8" + +services: + app: + environment: + - CLOUDFLARE_EMAIL_FILE=/run/secrets/cf_email + - CLOUDFLARE_API_KEY_FILE=/run/secrets/cf_api_key + secrets: + - cf_email + - cf_api_key + +secrets: + cf_email: + name: ${STACK_NAME}_cf_email_${SECRET_CLOUDFLARE_EMAIL_VERSION} + external: true + cf_api_key: + name: ${STACK_NAME}_cf_api_key_${SECRET_CLOUDFLARE_API_KEY_VERSION} + external: true -- 2.49.0 From bc06a079b2299cf97d55d5ee4e99dd596019f386 Mon Sep 17 00:00:00 2001 From: Zigzagill Date: Thu, 14 May 2026 21:12:53 -0700 Subject: [PATCH 2/4] Update .env.sample with Cloudflare vars --- .env.sample | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/.env.sample b/.env.sample index 0ac5747..3b904b7 100644 --- a/.env.sample +++ b/.env.sample @@ -86,6 +86,15 @@ COMPOSE_FILE="compose.yml" #SECRET_PORKBUN_API_KEY_VERSION=v1 #SECRET_PORKBUN_SECRET_API_KEY_VERSION=v1 +## Cloudflare, htps://cloudflare.com +## To insert your secrets: +## abra app secret insert {myapp.example.coop} cf_email v1 "" +## abra app secret insert {myapp.example.coop} cf_api_key v1 "" +## cf_api_key is an account API key from Cloudflare that has DNS read + edit permission +#COMPOSE_FILE="$COMPOSE_FILE:compose.cloudflare.yml" +#SECRET_CLOUDFLARE_EMAIL_VERSION=v1 # generated=false +#SECRET_CLOUDFLARE_API_KEY_VERSION=v1 # generated=false + ##################################################################### # Manual wildcard certificate insertion # ##################################################################### -- 2.49.0 From 5ce48808dac9a730c97c17f5ac274e91a6aebfff Mon Sep 17 00:00:00 2001 From: Zigzagill Date: Thu, 14 May 2026 21:14:58 -0700 Subject: [PATCH 3/4] Update readme --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index a2bf262..e0e84bb 100644 --- a/README.md +++ b/README.md @@ -42,8 +42,8 @@ subdomains, like need to give Traefik access to your DNS provider so that it can carry out Letsencrypt DNS challenges. -1. Use Gandi, OVH, DO, Azure, or PorkBun for DNS 🤡 (support for other providers - can be easily added, see +1. Use Gandi, OVH, DO, Azure, PorkBun, or Cloudflare for DNS 🤡 (support for + other providers can be easily added, see [the `lego` docs](https://go-acme.github.io/lego/dns/#dns-providers). 2. Run `abra app config YOURAPPDOMAIN` 3. Uncomment e.g. `ENABLE_GANDI` and the related `SECRET_.._VERSION` line, e.g. -- 2.49.0 From fbe027dff126acaa0b252d8824ea7a5ea7044b1e Mon Sep 17 00:00:00 2001 From: Zigzagill Date: Fri, 15 May 2026 13:01:37 -0700 Subject: [PATCH 4/4] generated -> generate --- .env.sample | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.env.sample b/.env.sample index 3b904b7..cb14413 100644 --- a/.env.sample +++ b/.env.sample @@ -92,8 +92,8 @@ COMPOSE_FILE="compose.yml" ## abra app secret insert {myapp.example.coop} cf_api_key v1 "" ## cf_api_key is an account API key from Cloudflare that has DNS read + edit permission #COMPOSE_FILE="$COMPOSE_FILE:compose.cloudflare.yml" -#SECRET_CLOUDFLARE_EMAIL_VERSION=v1 # generated=false -#SECRET_CLOUDFLARE_API_KEY_VERSION=v1 # generated=false +#SECRET_CLOUDFLARE_EMAIL_VERSION=v1 # generate=false +#SECRET_CLOUDFLARE_API_KEY_VERSION=v1 # generate=false ##################################################################### # Manual wildcard certificate insertion # -- 2.49.0