From 62ba41a8171bb587591bbe2caa4fb531e0a5ac0a Mon Sep 17 00:00:00 2001
From: fakebizprez <anthony@linehaul.ai>
Date: Sat, 3 Jan 2026 15:31:10 -0600
Subject: [PATCH 1/3] Refactor Cloudflare Tunnel setup in README and CI
 workflow

- Updated README to clarify the automatic start of the Cloudflare Tunnel service and simplified the startup command.
- Adjusted CI workflow to remove the cloudflare profile specification during deployment, ensuring a more straightforward process.
- Retained the restart policy in docker-compose.yml for the tunnel service.
---
 .github/workflows/ci.yml | 4 ++--
 README.md                | 4 ++--
 docker-compose.yml       | 4 +---
 3 files changed, 5 insertions(+), 7 deletions(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index d648e83..18a4d64 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -76,7 +76,7 @@ jobs:
             exit 1
           fi
 
-          # Validate CLOUDFLARED_TOKEN (required since we deploy with cloudflare profile)
+          # Validate CLOUDFLARED_TOKEN (required for cloudflared tunnel service)
           if [ -z "${CLOUDFLARED_TOKEN}" ]; then
             echo "Missing required secret: CLOUDFLARED_TOKEN"
             exit 1
@@ -116,4 +116,4 @@ jobs:
         run: mkdir -p logs
 
       - name: Deploy with Docker Compose
-        run: docker compose -p temp-monitor --profile cloudflare up -d --build --remove-orphans
+        run: docker compose -p temp-monitor up -d --build --remove-orphans
diff --git a/README.md b/README.md
index 260cea6..1e27f3c 100644
--- a/README.md
+++ b/README.md
@@ -228,9 +228,9 @@ docker compose down
 
 **Note**: Requires privileged mode for I2C/hardware access.
 
-**Cloudflare Tunnel (Optional):** To enable the bundled Cloudflare Tunnel:
+**Cloudflare Tunnel:** The bundled Cloudflare Tunnel service starts automatically:
 1. Add `CLOUDFLARED_TOKEN` to `.env`
-2. Start with the cloudflare profile: `docker compose --profile cloudflare up -d`
+2. Start with: `docker compose up -d`
 3. In Cloudflare Zero Trust UI, point the tunnel service at `http://temp-monitor:8080`
 
 ### Systemd Service
diff --git a/docker-compose.yml b/docker-compose.yml
index 0cd50e6..86ac37d 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -28,6 +28,4 @@ services:
     command: tunnel --no-autoupdate run --token ${CLOUDFLARED_TOKEN}
     depends_on:
       - temp-monitor
-    restart: unless-stopped
-    profiles:
-      - cloudflare
\ No newline at end of file
+    restart: unless-stopped
\ No newline at end of file

From ec34c2c18d8ea93831f93a095b588b09bae6e7ea Mon Sep 17 00:00:00 2001
From: fakebizprez <anthony@linehaul.ai>
Date: Sat, 3 Jan 2026 15:52:11 -0600
Subject: [PATCH 2/3] Clarify Cloudflare Tunnel token requirements in README
 and CI workflow

- Updated README to indicate that `CLOUDFLARED_TOKEN` is required for the Cloudflare Tunnel service to start.
- Modified CI workflow comments to reflect the necessity of the Cloudflare Tunnel token during environment setup.
---
 .github/workflows/ci.yml | 2 +-
 README.md                | 6 ++++--
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 18a4d64..e589949 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -85,7 +85,7 @@ jobs:
           # Create .env file with required configuration
           echo "BEARER_TOKEN=${BEARER_TOKEN}" > .env
 
-          # Add optional Cloudflare Tunnel token if configured
+          # Add required Cloudflare Tunnel token
           if [ -n "${CLOUDFLARED_TOKEN}" ]; then
             echo "CLOUDFLARED_TOKEN=${CLOUDFLARED_TOKEN}" >> .env
           fi
diff --git a/README.md b/README.md
index 1e27f3c..09d094d 100644
--- a/README.md
+++ b/README.md
@@ -82,7 +82,7 @@ All configuration is done via environment variables in `.env`. Copy `.env.exampl
 |----------|---------|-------------|
 | `BEARER_TOKEN` | (required) | API authentication token |
 | `LOG_FILE` | `temp_monitor.log` | Log file path |
-| `CLOUDFLARED_TOKEN` | (none) | Cloudflare Tunnel token for docker-compose `cloudflared` service |
+| `CLOUDFLARED_TOKEN` | (required) | Cloudflare Tunnel token for docker-compose `cloudflared` service |
 
 ### Webhook Settings
 
@@ -228,11 +228,13 @@ docker compose down
 
 **Note**: Requires privileged mode for I2C/hardware access.
 
-**Cloudflare Tunnel:** The bundled Cloudflare Tunnel service starts automatically:
+**Cloudflare Tunnel:** The bundled Cloudflare Tunnel service starts automatically (requires `CLOUDFLARED_TOKEN`):
 1. Add `CLOUDFLARED_TOKEN` to `.env`
 2. Start with: `docker compose up -d`
 3. In Cloudflare Zero Trust UI, point the tunnel service at `http://temp-monitor:8080`
 
+**Note:** If `CLOUDFLARED_TOKEN` is not set, the cloudflared service will fail to start, but the main temp-monitor service will continue working. To run without Cloudflare Tunnel, use `docker compose up -d temp-monitor`.
+
 ### Systemd Service
 
 ```bash

From 6028c88b4d023ae4511313abf107aed0d26f345c Mon Sep 17 00:00:00 2001
From: fakebizprez <anthony@linehaul.ai>
Date: Sat, 3 Jan 2026 16:00:35 -0600
Subject: [PATCH 3/3] Clarify Cloudflare Tunnel token requirements in README

- Updated README to specify that `CLOUDFLARED_TOKEN` is required for CI/production environments, while being optional for local development.
- Enhanced notes on the Cloudflare Tunnel service startup process and its implications for local and CI deployments.
---
 README.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index 09d094d..b895528 100644
--- a/README.md
+++ b/README.md
@@ -82,7 +82,7 @@ All configuration is done via environment variables in `.env`. Copy `.env.exampl
 |----------|---------|-------------|
 | `BEARER_TOKEN` | (required) | API authentication token |
 | `LOG_FILE` | `temp_monitor.log` | Log file path |
-| `CLOUDFLARED_TOKEN` | (required) | Cloudflare Tunnel token for docker-compose `cloudflared` service |
+| `CLOUDFLARED_TOKEN` | (required for CI) | Cloudflare Tunnel token for docker-compose `cloudflared` service (optional for local dev) |
 
 ### Webhook Settings
 
@@ -228,12 +228,12 @@ docker compose down
 
 **Note**: Requires privileged mode for I2C/hardware access.
 
-**Cloudflare Tunnel:** The bundled Cloudflare Tunnel service starts automatically (requires `CLOUDFLARED_TOKEN`):
+**Cloudflare Tunnel:** The bundled Cloudflare Tunnel service starts automatically:
 1. Add `CLOUDFLARED_TOKEN` to `.env`
 2. Start with: `docker compose up -d`
 3. In Cloudflare Zero Trust UI, point the tunnel service at `http://temp-monitor:8080`
 
-**Note:** If `CLOUDFLARED_TOKEN` is not set, the cloudflared service will fail to start, but the main temp-monitor service will continue working. To run without Cloudflare Tunnel, use `docker compose up -d temp-monitor`.
+**Note:** `CLOUDFLARED_TOKEN` is **required for CI/production** - the CI workflow (`.github/workflows/ci.yml:79-83`) enforces this and will fail deployment if missing. For **local development**, the token is optional: if not set, the cloudflared service will fail to start but the main temp-monitor service continues working. To run locally without Cloudflare Tunnel, use `docker compose up -d temp-monitor`.
 
 ### Systemd Service