diff --git a/.ansible-lint b/.ansible-lint
index 2b580a2..9b9b52a 100644
--- a/.ansible-lint
+++ b/.ansible-lint
@@ -3,7 +3,6 @@
 exclude_paths:
   - ".gitlab/*"
   - ".gitlab-ci.yml"
-  - ".woodpecker/*"
   - "defaults/main.yaml"
   - "meta/main.yaml"
   - "vars/*"
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
new file mode 100644
index 0000000..7ec2c37
--- /dev/null
+++ b/.gitlab-ci.yml
@@ -0,0 +1,13 @@
+---
+
+# gitlab stages
+stages:
+  - "gitleaks"
+  - "linting"
+
+# include components
+include:
+  - component: "$CI_SERVER_FQDN/components/ansible/linting@v3.0.3"
+  - component: "$CI_SERVER_FQDN/components/gitleaks/gitleaks@v1.0.0"
+  - component: "$CI_SERVER_FQDN/components/markdownlint/markdownlint@1.0.0"
+  - component: "$CI_SERVER_FQDN/components/yamllint/yamllint@1.0.2"
diff --git a/.markdownlint-cli2.jsonc b/.markdownlint-cli2.jsonc
index a4ea90f..56cd87c 100644
--- a/.markdownlint-cli2.jsonc
+++ b/.markdownlint-cli2.jsonc
@@ -6,8 +6,7 @@
   // linting rules
   "config": {
     "MD013": {
-      "line_length": 120,
-      "tables": false
+      "line_length": 120
     }
   }
 }
diff --git a/.woodpecker/linting.yml b/.woodpecker/linting.yml
deleted file mode 100644
index 02cf4c2..0000000
--- a/.woodpecker/linting.yml
+++ /dev/null
@@ -1,41 +0,0 @@
----
-when:
-  - event: "push"
-    branch: "main"
-  - event: "manual"
-
-steps:
-
-  # gitleaks
-  - name: "gitleaks"
-    # renovate: datasource=github-releases depName=gitleaks/gitleaks
-    image: "cr.simoncor.net/ghcr/gitleaks/gitleaks:v8.30.1"
-    commands:
-      - "gitleaks detect --source . --verbose --redact"
-
-  # yamllint
-  - name: "yamllint"
-    # renovate: datasource=docker depName=cr.simoncor.net/yamllint
-    image: "cr.simoncor.net/yamllint:1.38.0"
-    depends_on:
-      - "gitleaks"
-    commands:
-      - "yamllint -c .yamllint ."
-
-  # ansible-lint
-  - name: "ansible-lint"
-    # renovate: datasource=docker depName=docker.io/pipelinecomponents/ansible-lint
-    image: "cr.simoncor.net/dockerhub/pipelinecomponents/ansible-lint:0.79.11"
-    depends_on:
-      - "gitleaks"
-    commands:
-      - "ansible-lint -c .ansible-lint ."
-
-  # markdownlint
-  - name: "markdownlint"
-    # renovate: datasource=docker depName=docker.io/davidanson/markdownlint-cli2
-    image: "cr.simoncor.net/dockerhub/davidanson/markdownlint-cli2:v0.22.1"
-    depends_on:
-      - "gitleaks"
-    commands:
-      - "markdownlint-cli2 --config .markdownlint-cli2.jsonc"
diff --git a/readme.md b/readme.md
index 639a01d..26c6d41 100644
--- a/readme.md
+++ b/readme.md
@@ -4,15 +4,15 @@ Install and configure [Traefik](https://traefik.io/) - a modern HTTP reverse pro
 
 ## Variables
 
-| Variable                    | Required | Default             | Description                          |
-| --------------------------- | -------- | ------------------- | ------------------------------------ |
-| `traefik_letsencrypt_email` | Yes      | `email@example.com` | Email for Let's Encrypt certificates |
-| `traefik_routes`            | Yes      | `[]`                | List of Traefik routes to configure  |
-| `traefik_routes[].name`     | Yes      | ------------------- | Route domain name                    |
-| `traefik_routes[].service`  | Yes      | ------------------- | Service name                         |
-| `traefik_routes[].host`     | Yes      | ------------------- | Backend host                         |
-| `traefik_routes[].proto`    | Yes      | ------------------- | Backend protocol (http/https)        |
-| `traefik_routes[].port`     | Yes      | ------------------- | Backend port                         |
+| Variable | Required | Default | Description |
+|----------|----------|---------|-------------|
+| `traefik_letsencrypt_email` | Yes | `email@example.com` | Email for Let's Encrypt certificates |
+| `traefik_routes` | Yes | `[]` | List of Traefik routes to configure |
+| `traefik_routes[].name` | Yes | - | Route domain name |
+| `traefik_routes[].service` | Yes | - | Service name |
+| `traefik_routes[].host` | Yes | - | Backend host |
+| `traefik_routes[].proto` | Yes | - | Backend protocol (http/https) |
+| `traefik_routes[].port` | Yes | - | Backend port |
 
 ## Example
 
diff --git a/tasks/traefik.yaml b/tasks/traefik.yaml
index dd52b7f..f50ce39 100644
--- a/tasks/traefik.yaml
+++ b/tasks/traefik.yaml
@@ -12,23 +12,13 @@
 # traefik config
 - name: "traefik config"
   ansible.builtin.template:
-    src: "templates/traefik/traefik.yml.j2"
+    src: "templates/traefik/config.yml.j2"
     dest: "/mnt/traefik/traefik.yml"
     owner: "root"
     group: "root"
     mode: "0640"
   notify: "restart traefik"
 
-# traefik http routes
-- name: "traefik https routes"
-  ansible.builtin.template:
-    src: "templates/traefik/http.yml.j2"
-    dest: "/mnt/traefik/http.yml"
-    owner: "root"
-    group: "root"
-    mode: "0640"
-  notify: "restart traefik"
-
 # transip apikey
 - name: "traefik - transip api"
   ansible.builtin.copy:
@@ -73,13 +63,12 @@
 
     # traefik
     name: "traefik"
-    image: "cr.simoncor.net/dockerhub/library/traefik:v3.7.1"
+    image: "docker.io/traefik:v3.6.13"
     image_name_mismatch: "recreate"
     restart_policy: "unless-stopped"
     network_mode: "host"
     volumes:
       - "/mnt/traefik/traefik.yml:/traefik.yml:ro"
-      - "/mnt/traefik/http.yml:/http.yml:ro"
       - "/mnt/traefik/acme.json:/acme.json"
       - "/mnt/traefik/transip.key:/transip.key:ro"
 
diff --git a/templates/traefik/traefik.yml.j2 b/templates/traefik/config.yml.j2
similarity index 51%
rename from templates/traefik/traefik.yml.j2
rename to templates/traefik/config.yml.j2
index 74dc7df..80a12e1 100644
--- a/templates/traefik/traefik.yml.j2
+++ b/templates/traefik/config.yml.j2
@@ -16,6 +16,7 @@ entryPoints:
         readTimeout: 0
         writeTimeout: 0
         idleTimeout: 0
+
 certificatesResolvers:
   transip:
     acme:
@@ -23,13 +24,28 @@ certificatesResolvers:
         provider: "transip"
       email: "{{ traefik_letsencrypt_email }}"
       storage: "/acme.json"
-
-{% if traefik_routes | selectattr('proto', 'equalto', 'https') | list | length > 0 %}
-serversTransport:
-  insecureSkipVerify: true
-{% endif %}
+      caServer: "https://acme-v02.api.letsencrypt.org/directory"
 
 providers:
   file:
-    filename: /http.yml
+    filename: /traefik.yml
     watch: true
+
+http:
+  routers:
+{% for item in traefik_routes %}
+    {{ item.service }}:
+      rule: "Host(`{{ item.name }}`)"
+      entryPoints:
+        - websecure
+      service: {{ item.service }}-svc
+      tls:
+        certResolver: transip
+{% endfor %}
+  services:
+{% for item in traefik_routes %}
+    {{ item.service }}-svc:
+      loadBalancer:
+        servers:
+          - url: "{{ item.proto }}://{{ item.host }}:{{ item.port }}"
+{% endfor %}
diff --git a/templates/traefik/http.yml.j2 b/templates/traefik/http.yml.j2
deleted file mode 100644
index 236e05c..0000000
--- a/templates/traefik/http.yml.j2
+++ /dev/null
@@ -1,18 +0,0 @@
-http:
-  routers:
-{% for item in traefik_routes %}
-    {{ item.service }}:
-      rule: "Host(`{{ item.name }}`)"
-      entryPoints:
-        - websecure
-      service: {{ item.service }}-svc
-      tls:
-        certResolver: transip
-{% endfor %}
-  services:
-{% for item in traefik_routes %}
-    {{ item.service }}-svc:
-      loadBalancer:
-        servers:
-          - url: "{{ item.proto }}://{{ item.host }}:{{ item.port }}"
-{% endfor %}