Update Traefik to v3

ansible/roles/traefik/files/docker-compose.yml

@@ -1,6 +1,6 @@
 services:
   traefik:
-    image: traefik:v2.11
+    image: traefik:v3
     user: "{{ docker_user.id }}"
     environment:
       - CF_DNS_API_TOKEN={{ vault_cloudflare_api_token }}

ansible/roles/traefik/files/file-provider-main.yml

@@ -10,7 +10,7 @@ http:
           Permissions-Policy: interest-cohort=()
 
     tailscale-only:
-      ipWhiteList:
+      ipAllowList:
         sourceRange:
           - "{{ tailscale_cidr }}"
           - "{{ tailscale_cidr_ipv6 }}"
@@ -18,7 +18,7 @@ http:
           - "{{ pve_hosts.forrest.ipv6 }}"
 
     private-access:
-      ipWhiteList:
+      ipAllowList:
         sourceRange:
           - "{{ tailscale_cidr }}"
           - "{{ tailscale_cidr_ipv6 }}"

ansible/roles/traefik/files/traefik.yml

@@ -18,12 +18,12 @@ entryPoints:
         - floc-block@file
         - compress@file
       tls:
-        certresolver: le
+        certResolver: le
         domains:
           - main: theorangeone.net
-            sans: "*.theorangeone.net"
+            sans: ["*.theorangeone.net"]
           - main: jakehoward.tech
-            sans: "*.jakehoward.tech"
+            sans: ["*.jakehoward.tech"]
     proxyProtocol:
       trustedIPs:
         - "{{ pve_hosts.ingress.ip }}/32"
@@ -47,6 +47,7 @@ providers:
 api:
   dashboard: true
   insecure: true
+  disableDashboardAd: true
 
 certificatesResolvers:
   le:
@@ -55,7 +56,7 @@ certificatesResolvers:
       storage: /etc/traefik/acme.json
       dnsChallenge:
         provider: cloudflare
-        delayBeforeCheck: 0
+        delayBeforeCheck: 0s
         resolvers:
           - 1.1.1.1:53
           - 1.0.0.1:53
@@ -66,7 +67,7 @@ certificatesResolvers:
       storage: /etc/traefik/acme.json
       dnsChallenge:
         provider: gandiv5
-        delayBeforeCheck: 0
+        delayBeforeCheck: 0s
         resolvers:
           - 1.1.1.1:53
           - 1.0.0.1:53