From 76ac854d65c2e814f00776d0e65de381a801428e Mon Sep 17 00:00:00 2001
From: S <islam.ahmad@outlook.com>
Date: Sun, 1 Mar 2026 10:27:38 -0500
Subject: [PATCH] feat: replace Nginx vars with Caddy/TLS vars in .env.example

Remove NGINX_CONTAINER_NAME, NGINX_CONF_PATH, SSL_MODE, SSL_EMAIL.
Add TLS_MODE (cloudflare|existing), CADDY_DOMAIN, CADDY_DATA_PATH,
CLOUDFLARE_API_TOKEN. Keep SSL_CERT_PATH/SSL_KEY_PATH for existing
cert mode.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 .env.example | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/.env.example b/.env.example
index 7d25775..9ed00f8 100644
--- a/.env.example
+++ b/.env.example
@@ -119,14 +119,14 @@ GITHUB_MIRROR_INTERVAL=8h         # How often Gitea pushes to GitHub (offsite ba
 
 
 # -----------------------------------------------------------------------------
-# NGINX REVERSE PROXY (existing Docker container on Unraid)
+# TLS / REVERSE PROXY (Caddy — dedicated container per host)
 # -----------------------------------------------------------------------------
-NGINX_CONTAINER_NAME=             # Name of existing Nginx Docker container (e.g. nginx, swag)
-NGINX_CONF_PATH=                  # Host path to Nginx conf.d directory (e.g. /mnt/user/appdata/nginx/conf.d)
-SSL_MODE=letsencrypt              # SSL mode: "letsencrypt" (auto-provision via Certbot) or "existing" (provide cert paths)
-SSL_EMAIL=                        # Email for Let's Encrypt (only if SSL_MODE=letsencrypt)
-SSL_CERT_PATH=                    # Absolute path to SSL cert on Unraid (only if SSL_MODE=existing)
-SSL_KEY_PATH=                     # Absolute path to SSL key on Unraid (only if SSL_MODE=existing)
+TLS_MODE=cloudflare               # TLS mode: "cloudflare" (DNS-01 via CF API) or "existing" (manual certs)
+CADDY_DOMAIN=                     # Wildcard base domain (e.g. privacyindesign.com)
+CADDY_DATA_PATH=                  # Absolute path on host for Caddy data (e.g. /mnt/nvme/caddy)
+CLOUDFLARE_API_TOKEN=             # Cloudflare API token with Zone:DNS:Edit (only if TLS_MODE=cloudflare)
+SSL_CERT_PATH=                    # Absolute path to SSL cert (only if TLS_MODE=existing)
+SSL_KEY_PATH=                     # Absolute path to SSL key (only if TLS_MODE=existing)
 
 
 # -----------------------------------------------------------------------------