From 4181ef756121038a2e93eb30521838a71277dab1 Mon Sep 17 00:00:00 2001
From: Jeff Emmett <jeffemmett@gmail.com>
Date: Tue, 17 Mar 2026 15:24:39 -0700
Subject: [PATCH] Fix: use web entrypoint for Cloudflare tunnel routing

Cloudflare tunnel sends HTTP to port 80 (Traefik web entrypoint),
not HTTPS to 443. TLS is terminated at Cloudflare edge.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 docker-compose.yml | 11 ++---------
 1 file changed, 2 insertions(+), 9 deletions(-)

diff --git a/docker-compose.yml b/docker-compose.yml
index f56d417..3bde9ad 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -7,17 +7,10 @@ services:
       - traefik-public
     labels:
       - "traefik.enable=true"
+      # HTTP router (for Cloudflare tunnel which sends HTTP to port 80)
       - "traefik.http.routers.elle-o-elle.rule=Host(`elle-o-elle.lol`) || Host(`www.elle-o-elle.lol`)"
-      - "traefik.http.routers.elle-o-elle.entrypoints=websecure"
-      - "traefik.http.routers.elle-o-elle.tls.certresolver=cloudflare"
-      - "traefik.http.routers.elle-o-elle.tls.domains[0].main=elle-o-elle.lol"
-      - "traefik.http.routers.elle-o-elle.tls.domains[0].sans=*.elle-o-elle.lol"
+      - "traefik.http.routers.elle-o-elle.entrypoints=web"
       - "traefik.http.services.elle-o-elle.loadbalancer.server.port=80"
-      # Redirect www to apex
-      - "traefik.http.middlewares.elle-www-redirect.redirectregex.regex=^https://www\\.elle-o-elle\\.lol/(.*)"
-      - "traefik.http.middlewares.elle-www-redirect.redirectregex.replacement=https://elle-o-elle.lol/$${1}"
-      - "traefik.http.middlewares.elle-www-redirect.redirectregex.permanent=true"
-      - "traefik.http.routers.elle-o-elle.middlewares=elle-www-redirect"
 
 networks:
   traefik-public: