diff --git a/roles/proxy/templates/server-nginx.conf.j2 b/roles/proxy/templates/server-nginx.conf.j2
index 5b391b2..fefaaa6 100644
--- a/roles/proxy/templates/server-nginx.conf.j2
+++ b/roles/proxy/templates/server-nginx.conf.j2
@@ -31,6 +31,7 @@ server {
 {% if item.restrict is defined and item.restrict  %}
     auth_basic "{{ item.restrict_name | default('Restricted Access') }}";
     auth_basic_user_file {{ item.restrict_file | default('/etc/nginx/.htpasswd') }};
+    proxy_set_header Authorization "";
 {% endif %}
     proxy_set_header Host $host;
     proxy_set_header X-Real-IP $remote_addr;
diff --git a/roles/traefik/templates/external.yml.j2 b/roles/traefik/templates/external.yml.j2
index de9fabd..9ee0f8b 100644
--- a/roles/traefik/templates/external.yml.j2
+++ b/roles/traefik/templates/external.yml.j2
@@ -10,10 +10,12 @@ http:
 {% elif item.middlewares is defined %}
       middlewares: "{{ item.middlewares }}"
 {% endif %}
+{% if traefik_acme_email is defined %}
       tls:
         certResolver: letsencrypt
         domains:
           - main: "{{ item.domain }}"
+{% endif %}
       entryPoints:
         - "websecure"
   services: