feat(traefik): add multiple DNS challenge providers

- Add support for Porkbun, GoDaddy, DigitalOcean, Route53 (AWS), Azure, GCP, and Namecheap
- Add provider-specific credential variables with conditional visibility
- Support both standard and Docker Swarm modes for all providers
- Update environment variable handling for each provider

Closes #1478

library/compose/traefik/.env.j2

@@ -2,5 +2,29 @@
 {% if traefik_tls_enabled %}
 {% if traefik_tls_acme_provider == "cloudflare" %}
 CF_DNS_API_TOKEN={{ traefik_tls_acme_token }}
+{% elif traefik_tls_acme_provider == "porkbun" %}
+PORKBUN_API_KEY={{ traefik_tls_acme_token }}
+PORKBUN_SECRET_API_KEY={{ traefik_tls_acme_secret_key }}
+{% elif traefik_tls_acme_provider == "route53" %}
+AWS_ACCESS_KEY_ID={{ traefik_tls_acme_access_key }}
+AWS_SECRET_ACCESS_KEY={{ traefik_tls_acme_secret_key }}
+AWS_REGION={{ traefik_tls_acme_region }}
+{% elif traefik_tls_acme_provider == "digitalocean" %}
+DO_AUTH_TOKEN={{ traefik_tls_acme_token }}
+{% elif traefik_tls_acme_provider == "godaddy" %}
+GODADDY_API_KEY={{ traefik_tls_acme_token }}
+GODADDY_API_SECRET={{ traefik_tls_acme_secret_key }}
+{% elif traefik_tls_acme_provider == "gcp" %}
+GCE_PROJECT={{ traefik_tls_acme_project }}
+GCE_SERVICE_ACCOUNT_FILE=/path/to/service-account.json
+{% elif traefik_tls_acme_provider == "azure" %}
+AZURE_CLIENT_ID={{ traefik_tls_acme_access_key }}
+AZURE_CLIENT_SECRET={{ traefik_tls_acme_secret_key }}
+AZURE_TENANT_ID={{ traefik_tls_acme_tenant_id }}
+AZURE_SUBSCRIPTION_ID={{ traefik_tls_acme_subscription_id }}
+AZURE_RESOURCE_GROUP={{ traefik_tls_acme_resource_group }}
+{% elif traefik_tls_acme_provider == "namecheap" %}
+NAMECHEAP_API_KEY={{ traefik_tls_acme_token }}
+NAMECHEAP_API_USER={{ traefik_tls_acme_username }}
 {% endif %}
 {% endif %}

library/compose/traefik/compose.yaml.j2

@@ -36,6 +36,62 @@ services:
       {% else %}
       - CF_DNS_API_TOKEN=${CF_DNS_API_TOKEN}
       {% endif %}
+      {% elif traefik_tls_acme_provider == 'porkbun' %}
+      {% if swarm_enabled %}
+      - PORKBUN_API_KEY_FILE=/run/secrets/{{ traefik_tls_acme_secret_name }}_api_key
+      - PORKBUN_SECRET_API_KEY_FILE=/run/secrets/{{ traefik_tls_acme_secret_name }}_secret_key
+      {% else %}
+      - PORKBUN_API_KEY=${PORKBUN_API_KEY}
+      - PORKBUN_SECRET_API_KEY=${PORKBUN_SECRET_API_KEY}
+      {% endif %}
+      {% elif traefik_tls_acme_provider == 'route53' %}
+      {% if swarm_enabled %}
+      - AWS_ACCESS_KEY_ID_FILE=/run/secrets/{{ traefik_tls_acme_secret_name }}_access_key
+      - AWS_SECRET_ACCESS_KEY_FILE=/run/secrets/{{ traefik_tls_acme_secret_name }}_secret_key
+      {% else %}
+      - AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID}
+      - AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY}
+      {% endif %}
+      - AWS_REGION=${AWS_REGION}
+      {% elif traefik_tls_acme_provider == 'digitalocean' %}
+      {% if swarm_enabled %}
+      - DO_AUTH_TOKEN_FILE=/run/secrets/{{ traefik_tls_acme_secret_name }}
+      {% else %}
+      - DO_AUTH_TOKEN=${DO_AUTH_TOKEN}
+      {% endif %}
+      {% elif traefik_tls_acme_provider == 'godaddy' %}
+      {% if swarm_enabled %}
+      - GODADDY_API_KEY_FILE=/run/secrets/{{ traefik_tls_acme_secret_name }}_api_key
+      - GODADDY_API_SECRET_FILE=/run/secrets/{{ traefik_tls_acme_secret_name }}_secret
+      {% else %}
+      - GODADDY_API_KEY=${GODADDY_API_KEY}
+      - GODADDY_API_SECRET=${GODADDY_API_SECRET}
+      {% endif %}
+      {% elif traefik_tls_acme_provider == 'gcp' %}
+      - GCE_PROJECT=${GCE_PROJECT}
+      {% if swarm_enabled %}
+      - GCE_SERVICE_ACCOUNT_FILE=/run/secrets/{{ traefik_tls_acme_secret_name }}
+      {% else %}
+      - GCE_SERVICE_ACCOUNT_FILE=${GCE_SERVICE_ACCOUNT_FILE}
+      {% endif %}
+      {% elif traefik_tls_acme_provider == 'azure' %}
+      {% if swarm_enabled %}
+      - AZURE_CLIENT_ID_FILE=/run/secrets/{{ traefik_tls_acme_secret_name }}_client_id
+      - AZURE_CLIENT_SECRET_FILE=/run/secrets/{{ traefik_tls_acme_secret_name }}_client_secret
+      {% else %}
+      - AZURE_CLIENT_ID=${AZURE_CLIENT_ID}
+      - AZURE_CLIENT_SECRET=${AZURE_CLIENT_SECRET}
+      {% endif %}
+      - AZURE_TENANT_ID=${AZURE_TENANT_ID}
+      - AZURE_SUBSCRIPTION_ID=${AZURE_SUBSCRIPTION_ID}
+      - AZURE_RESOURCE_GROUP=${AZURE_RESOURCE_GROUP}
+      {% elif traefik_tls_acme_provider == 'namecheap' %}
+      {% if swarm_enabled %}
+      - NAMECHEAP_API_KEY_FILE=/run/secrets/{{ traefik_tls_acme_secret_name }}
+      {% else %}
+      - NAMECHEAP_API_KEY=${NAMECHEAP_API_KEY}
+      {% endif %}
+      - NAMECHEAP_API_USER=${NAMECHEAP_API_USER}
       {% endif %}
       {% endif %}
     {% if swarm_enabled %}

library/compose/traefik/template.yaml

@@ -118,11 +118,56 @@ spec:
         default: "cloudflare"
         options:
           - "cloudflare"
+          - "porkbun"
+          - "godaddy"
+          - "gcp"
+          - "digitalocean"
+          - "route53"
+          - "azure"
+          - "namecheap"
         extra: "DNS provider for domain validation"
       traefik_tls_acme_token:
         type: "str"
         description: "DNS provider API token"
         sensitive: true
+        needs: "traefik_tls_acme_provider=cloudflare,digitalocean,godaddy,namecheap,porkbun"
+        extra: "CF_DNS_API_TOKEN, DO_AUTH_TOKEN, GODADDY_API_KEY, NAMECHEAP_API_KEY, or PORKBUN_API_KEY"
+      traefik_tls_acme_secret_key:
+        type: "str"
+        description: "DNS provider secret key"
+        sensitive: true
+        needs: "traefik_tls_acme_provider=azure,godaddy,porkbun,route53"
+        extra: "AZURE_CLIENT_SECRET, GODADDY_API_SECRET, PORKBUN_SECRET_API_KEY, or AWS_SECRET_ACCESS_KEY"
+      traefik_tls_acme_access_key:
+        type: "str"
+        description: "AWS Access Key ID or Azure Client ID"
+        sensitive: true
+        needs: "traefik_tls_acme_provider=route53,azure"
+      traefik_tls_acme_region:
+        type: "str"
+        description: "AWS Region"
+        default: "us-east-1"
+        needs: "traefik_tls_acme_provider=route53"
+      traefik_tls_acme_username:
+        type: "str"
+        description: "Namecheap API username"
+        needs: "traefik_tls_acme_provider=namecheap"
+      traefik_tls_acme_tenant_id:
+        type: "str"
+        description: "Azure Tenant ID"
+        needs: "traefik_tls_acme_provider=azure"
+      traefik_tls_acme_subscription_id:
+        type: "str"
+        description: "Azure Subscription ID"
+        needs: "traefik_tls_acme_provider=azure"
+      traefik_tls_acme_resource_group:
+        type: "str"
+        description: "Azure Resource Group"
+        needs: "traefik_tls_acme_provider=azure"
+      traefik_tls_acme_project:
+        type: "str"
+        description: "GCP Project ID"
+        needs: "traefik_tls_acme_provider=gcp"
       traefik_tls_acme_email:
         type: "str"
         description: "Email address for ACME (Let's Encrypt) registration"