Improve TLS setup

services/reverse-proxy/configs/dynamic/tls.yml

@@ -1,6 +0,0 @@
-tls:
-  stores:
-    default:
-      defaultGeneratedCert:
-        resolver: defaultResolver
-        domain:

services/reverse-proxy/configs/traefik.yml

@@ -16,11 +16,9 @@ accessLog: {}
 certificatesResolvers:
   defaultResolver:
     acme:
-      email: {{ env `NASCOMPOSE_TRAEFIK_ADMIN_EMAIL` }}
       storage: /etc/traefik/acme/acme.json
       dnsChallenge:
         provider: cloudflare
-      caServer: https://acme-staging-v02.api.letsencrypt.org/directory
 
 entryPoints:
   web:
@@ -33,7 +31,8 @@ entryPoints:
   websecure:
     address: :443
     http:
-      tls: {}
+      tls:
+        certResolver: defaultResolver
       middlewares:
         - hsts@file
   ssh:

services/reverse-proxy/docker-compose.yml

@@ -8,6 +8,8 @@ services:
       NASCOMPOSE_TRAEFIK_DOMAINS: ${NASCOMPOSE_TRAEFIK_DOMAINS?}
       NASCOMPOSE_TRAEFIK_ADMIN_EMAIL: ${NASCOMPOSE_TRAEFIK_ADMIN_EMAIL?}
       CF_DNS_API_TOKEN_FILE: /run/secrets/cf_dns_token
+      TRAEFIK_CERTIFICATESRESOLVERS_DEFAULTRESOLVER_ACME_EMAIL: admin@${NASCOMPOSE_TRAEFIK_DOMAINS?}
+      TRAEFIK_ENTRYPOINTS_WEBSECURE_HTTP_TLS_DOMAINS_0_MAIN: '*.${NASCOMPOSE_TRAEFIK_DOMAINS?}'
       LEGO_DISABLE_CNAME_SUPPORT: true
     networks:
       - reverse-proxy