chore: publish 3.0.0+v3.0.0 release

.env.sample

@@ -57,8 +57,8 @@ COMPOSE_FILE="compose.yml"
 
 # Set wildcards = 1, and uncomment compose_file to enable.
 # Create your certs elsewhere and add them like:
-# abra app secret insert {myapp.example.coop} ssl_cert v1 "$(cat /path/to/fullchain.pem)"
+# abra app secrets insert {myapp.example.coop} ssl_cert v1 "$(cat /path/to/fullchain.pem)"
-# abra app secret insert {myapp.example.coop} ssl_key v1 "$(cat /path/to/privkey.pem)"
+# abra app secrets insert {myapp.example.coop} ssl_key v1 "$(cat /path/to/privkey.pem)"
 #WILDCARDS_ENABLED=1
 #SECRET_WILDCARD_CERT_VERSION=v1
 #SECRET_WILDCARD_KEY_VERSION=v1

alaconnect.yml

@@ -1,4 +0,0 @@
-matrix-synapse:
-    uncomment:
-        - compose.matrix.yml
-        - MATRIX_FEDERATION_ENABLED

compose.yml

@@ -3,7 +3,7 @@ version: "3.8"
 
 services:
   app:
-    image: "traefik:v2.11.10"
+    image: "traefik:v3.0.0"
     # Note(decentral1se): *please do not* add any additional ports here.
     # Doing so could break new installs with port conflicts. Please use
     # the usual `compose.$app.yml` approach for any additional ports
@@ -11,6 +11,7 @@ services:
       - "80:80"
       - "443:443"
     volumes:
+      - "/var/run/docker.sock:/var/run/docker.sock"
       - "letsencrypt:/etc/letsencrypt"
       - "file-providers:/etc/traefik/file-providers"
     configs:
@@ -23,7 +24,6 @@ services:
         mode: 0555
     networks:
       - proxy
-      - internal
     environment:
       - DASHBOARD_ENABLED
       - LOG_LEVEL
@@ -47,48 +47,12 @@ services:
         - "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
         - "traefik.http.routers.${STACK_NAME}.service=api@internal"
         - "traefik.http.routers.${STACK_NAME}.middlewares=security@file"
-        - "coop-cloud.${STACK_NAME}.version=2.8.0+v2.11.10"
+        - "coop-cloud.${STACK_NAME}.version=3.0.0+v3.0.0"
         - "coop-cloud.${STACK_NAME}.timeout=${TIMEOUT:-120}"
 
-  socket-proxy:
-    image: lscr.io/linuxserver/socket-proxy:1.26.2-r0-ls26
-    environment:
-      - ALLOW_START=0
-      - ALLOW_STOP=0
-      - ALLOW_RESTARTS=0
-      - AUTH=0
-      - BUILD=0
-      - COMMIT=0
-      - CONFIGS=0
-      - CONTAINERS=1 # Needs access
-      - DISABLE_IPV6=0
-      - DISTRIBUTION=0
-      - EVENTS=1 # Needs access
-      - EXEC=0
-      - IMAGES=0
-      - INFO=0
-      - NETWORKS=1 # Needs access
-      - NODES=0
-      - PING=0
-      - POST=0
-      - PLUGINS=0
-      - SECRETS=0
-      - SERVICES=1 # Needs access
-      - SESSION=0
-      - SWARM=0
-      - SYSTEM=0
-      - TASKS=1 # Needs access
-      - VERSION=1 # Needs access
-      - VOLUMES=0
-    volumes:
-      - /var/run/docker.sock:/var/run/docker.sock:ro
-    networks:
-      - internal
-
 networks:
   proxy:
     external: true
-  internal:
 
 configs:
   traefik_yml:

release/2.8.0+v2.11.10

@@ -1 +0,0 @@
-Important Security Update! https://nvd.nist.gov/vuln/detail/CVE-2024-45410

traefik.yml.tmpl

@@ -3,11 +3,10 @@ log:
   level: {{ env "LOG_LEVEL" }}
 
 providers:
-  docker:
+  swarm:
-    endpoint: "tcp://socket-proxy:2375"
+    endpoint: "unix:///var/run/docker.sock"
     exposedByDefault: false
     network: proxy
-    swarmMode: true
   {{ if eq (env "FILE_PROVIDER_DIRECTORY_ENABLED") "1" }}
   file:
     directory: /etc/traefik/file-providers