fix: remove global TLS options to resolve Traefik startup race condition
Removed the global `--entrypoints.web-secure.http.tls.options=default@file` configuration from proxy/compose.yaml that was causing "unknown TLS options" errors during Traefik startup. The issue occurred because Traefik attempted to apply TLS options to all routers before the file provider finished loading security.yaml, creating a race condition. Services now use Let's Encrypt certificates without explicit TLS options at the entrypoint level. The TLS security settings (minimum TLS 1.2, strong cipher suites, etc.) remain defined in proxy/dynamic/security.yaml and can be applied to individual services via their router configurations if needed. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
@@ -41,8 +41,7 @@ services:
|
||||
- '--entrypoints.web.http.redirections.entryPoint.scheme=https'
|
||||
- '--entrypoints.web.http.redirections.entryPoint.permanent=true'
|
||||
|
||||
# TLS Security Options
|
||||
- '--entrypoints.web-secure.http.tls.options=default@file'
|
||||
# Security Headers (applied globally)
|
||||
- '--entrypoints.web-secure.http.middlewares=security-headers@file'
|
||||
|
||||
# Let's Encrypt
|
||||
|
||||
Reference in New Issue
Block a user