From 7f7d19378c37716dfcbf871d4929e91bc79a5047 Mon Sep 17 00:00:00 2001
From: ginta1337 <ginta1337@gmail.com>
Date: Fri, 18 Oct 2024 21:28:50 +0300
Subject: [PATCH] Clarify documentation about own ssl certificate setup

---
 docs/configuring-playbook-ssl-certificates.md | 35 +++++++------------
 1 file changed, 13 insertions(+), 22 deletions(-)

diff --git a/docs/configuring-playbook-ssl-certificates.md b/docs/configuring-playbook-ssl-certificates.md
index 31799b37f..e086d457f 100644
--- a/docs/configuring-playbook-ssl-certificates.md
+++ b/docs/configuring-playbook-ssl-certificates.md
@@ -52,14 +52,19 @@ traefik_config_certificatesResolvers_acme_enabled: false
 # Force-enable it here, because we'll add our certificate files there.
 traefik_ssl_dir_enabled: true
 
-# Tell Traefik to load our custom configuration file (certificates.yml).
-# The file is created below, in `aux_file_definitions`.
-# The `/config/..` path is an in-container path, not a path on the host (like `/matrix/traefik/config`). Do not change it!
-traefik_configuration_extension_yaml: |
-  providers:
-    file:
-      filename: /config/certificates.yml
-      watch: true
+# Tell Traefik to load our custom ssl key pair by extending provider configuration.
+# The key pair files are created below, in `aux_file_definitions`.
+# The `/ssl/..` path is an in-container path, not a path on the host (like `/matrix/traefik/ssl`). Do not change it!
+traefik_provider_configuration_extension_yaml:
+  tls:
+    certificates:
+      - certFile: /ssl/cert.pem
+        keyFile: /ssl/privkey.pem
+    stores:
+      default:
+        defaultCertificate:
+          certFile: /ssl/cert.pem
+          keyFile: /ssl/privkey.pem
 
 # Use the aux role to create our custom files on the server.
 # If you'd like to do this manually, you remove this `aux_file_definitions` variable.
@@ -83,20 +88,6 @@ aux_file_definitions:
     # content: |
     #   FILE CONTENT
     #   HERE
-
-  # Create the custom Traefik configuration.
-  # The `/ssl/..` paths below are in-container paths, not paths on the host (/`matrix/traefik/ssl/..`). Do not change them!
-  - dest: "{{ traefik_config_dir_path }}/certificates.yml"
-    content: |
-      tls:
-        certificates:
-          - certFile: /ssl/cert.pem
-            keyFile: /ssl/privkey.pem
-        stores:
-          default:
-            defaultCertificate:
-              certFile: /ssl/cert.pem
-              keyFile: /ssl/privkey.pem
 ```
 
 ## Using a DNS-01 ACME challenge type, instead of HTTP-01