Dockerfile

@@ -7,7 +7,7 @@ COPY haproxy_manager.py /haproxy/
 COPY scripts /haproxy/scripts
 RUN chmod +x /haproxy/scripts/*
 RUN pip install -r requirements.txt
-RUN echo "0 */12 * * * root test -x /usr/bin/certbot && /usr/bin/certbot -q renew" > /var/spool/cron/crontabs/root
+RUN echo "0 */12 * * * root test -x /usr/bin/certbot -a \! -d /run/systemd/system && perl -e 'sleep int(rand(43200))' && certbot -q renew --no-random-sleep-on-renew" > /var/spool/cron/crontabs/root
 EXPOSE 80 443 8000
 # Add health check
 HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \

README.md

@@ -34,17 +34,6 @@ The HAProxy Manager includes a web-based user interface accessible at port 8000,
 - Domain and backend server management interface
 - SSL certificate status monitoring
 
-__Do Not Expose port 8000 to the open internet__
-If you need to have it exposed to the internet, restrict it to an IP Address via IPTABLES or other firewalls.
-```bash
-# Allow access from the specific IP address (replace 192.168.1.100 with your IP)
-iptables -A INPUT -p tcp --dport 8000 -s {YOUR_PUBLIC_IP} -j ACCEPT
-
-# Drop all other connections to port 8000
-iptables -A INPUT -p tcp --dport 8000 -j DROP
-```
-If you need to be able to access the web interface from multiple locations, I recommend putting it behind an authenticated Proxy like Authentik
-
 ## API Endpoints
 
 ### Health Check