From b0ca4dc9066589d8b2a09e4458a660eff0417516 Mon Sep 17 00:00:00 2001
From: Kris Lamoureux <kris@lamoureux.io>
Date: Thu, 17 Nov 2022 01:59:04 -0500
Subject: [PATCH] Remove auth and LE requirements (nginx replaces)

---
 roles/gitea/tasks/main.yml      | 1 -
 roles/jenkins/tasks/server.yml  | 1 -
 roles/nextcloud/tasks/main.yml  | 1 -
 roles/nginx/tasks/main.yml      | 3 +--
 roles/prometheus/tasks/main.yml | 2 --
 roles/traefik/tasks/main.yml    | 5 ++---
 6 files changed, 3 insertions(+), 10 deletions(-)

diff --git a/roles/gitea/tasks/main.yml b/roles/gitea/tasks/main.yml
index 290945b..248ac41 100644
--- a/roles/gitea/tasks/main.yml
+++ b/roles/gitea/tasks/main.yml
@@ -47,7 +47,6 @@
     labels:
       traefik.http.routers.gitea.rule: "Host(`{{ gitea_domain }}`)"
       traefik.http.routers.gitea.entrypoints: websecure
-      traefik.http.routers.gitea.tls.certresolver: letsencrypt
       traefik.http.routers.gitea.middlewares: "securehttps@file"
       traefik.http.services.gitea.loadbalancer.server.port: "3000"
       traefik.docker.network: traefik
diff --git a/roles/jenkins/tasks/server.yml b/roles/jenkins/tasks/server.yml
index e6f08b5..b11ef80 100644
--- a/roles/jenkins/tasks/server.yml
+++ b/roles/jenkins/tasks/server.yml
@@ -20,7 +20,6 @@
     labels:
       traefik.http.routers.jenkins.rule: "Host(`{{ jenkins_domain }}`)"
       traefik.http.routers.jenkins.entrypoints: websecure
-      traefik.http.routers.jenkins.tls.certresolver: letsencrypt
       traefik.http.routers.jenkins.middlewares: "securehttps@file"
       traefik.docker.network: traefik
       traefik.enable: "true"
diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml
index ea344e2..c5e2fb3 100644
--- a/roles/nextcloud/tasks/main.yml
+++ b/roles/nextcloud/tasks/main.yml
@@ -32,7 +32,6 @@
     labels:
       traefik.http.routers.nextcloud.rule: "Host(`{{ nextcloud_domain }}`)"
       traefik.http.routers.nextcloud.entrypoints: websecure
-      traefik.http.routers.nextcloud.tls.certresolver: letsencrypt
       traefik.http.routers.nextcloud.middlewares: "securehttps@file,nextcloud-webdav"
       traefik.http.middlewares.nextcloud-webdav.redirectregex.regex: "https://(.*)/.well-known/(card|cal)dav"
       traefik.http.middlewares.nextcloud-webdav.redirectregex.replacement: "https://${1}/remote.php/dav/"
diff --git a/roles/nginx/tasks/main.yml b/roles/nginx/tasks/main.yml
index f026b86..0f0e98c 100644
--- a/roles/nginx/tasks/main.yml
+++ b/roles/nginx/tasks/main.yml
@@ -31,7 +31,6 @@
       traefik.http.routers.nginx.rule: "Host(`{{ nginx_domain }}`)"
       #traefik.http.middlewares.nginxauth.basicauth.users: "{{ nginx_auth }}"
       traefik.http.routers.nginx.entrypoints: websecure
-      traefik.http.routers.nginx.tls.certresolver: letsencrypt
-      traefik.http.routers.nginx.middlewares: "securehttps@file,nginxauth"
+      traefik.http.routers.nginx.middlewares: "securehttps@file"
       traefik.docker.network: traefik
       traefik.enable: "true"
diff --git a/roles/prometheus/tasks/main.yml b/roles/prometheus/tasks/main.yml
index f19fead..0954792 100644
--- a/roles/prometheus/tasks/main.yml
+++ b/roles/prometheus/tasks/main.yml
@@ -45,7 +45,6 @@
       traefik.http.routers.prometheus.rule: "Host(`{{ prom_domain }}`)"
       traefik.http.routers.prometheus.entrypoints: websecure
       traefik.http.routers.prometheus.middlewares: "securehttps@file,localonly"
-      traefik.http.routers.prometheus.tls.certresolver: letsencrypt
       traefik.http.middlewares.localonly.ipwhitelist.sourcerange: "{{ traefik_localonly }}"
       traefik.docker.network: traefik
       traefik.enable: "true"
@@ -65,7 +64,6 @@
     labels:
       traefik.http.routers.grafana.rule: "Host(`{{ grafana_domain }}`)"
       traefik.http.routers.grafana.entrypoints: websecure
-      traefik.http.routers.grafana.tls.certresolver: letsencrypt
       traefik.http.routers.grafana.middlewares: "securehttps@file"
       traefik.docker.network: traefik
       traefik.enable: "true"
diff --git a/roles/traefik/tasks/main.yml b/roles/traefik/tasks/main.yml
index 3d1880a..040bf20 100644
--- a/roles/traefik/tasks/main.yml
+++ b/roles/traefik/tasks/main.yml
@@ -42,9 +42,8 @@
     labels:
       traefik.http.routers.traefik.rule: "Host(`{{ traefik_domain }}`)"
       #traefik.http.middlewares.auth.basicauth.users: "{{ traefik_auth }}"
-      traefik.http.middlewares.localonly.ipwhitelist.sourcerange: "{{ traefik_localonly }}"
-      traefik.http.routers.traefik.tls.certresolver: letsencrypt
-      traefik.http.routers.traefik.middlewares: "securehttps@file,auth@docker,localonly"
+      #traefik.http.middlewares.localonly.ipwhitelist.sourcerange: "{{ traefik_localonly }}"
+      traefik.http.routers.traefik.middlewares: "securehttps@file,auth@docker"
       traefik.http.routers.traefik.service: "api@internal"
       traefik.http.routers.traefik.entrypoints: websecure
       traefik.http.routers.traefik.tls: "true"