diff --git a/roles/traefik/tasks/base.yml b/roles/traefik/tasks/base.yml
index f759d3f..d2c977f 100644
--- a/roles/traefik/tasks/base.yml
+++ b/roles/traefik/tasks/base.yml
@@ -16,8 +16,9 @@
     src: "{{ item.src }}"
     dest: "traefik/{{ item.dest }}"
   loop:
-    - { src: 'docker-compose.yml.j2', dest: 'docker-compose.yml' }
-    - { src: 'config/traefik.yml.j2', dest: 'config/traefik.yml' }
+    - { src: 'docker-compose.yml', dest: 'docker-compose.yml' }
+    - { src: 'config/traefik.yml', dest: 'config/traefik.yml' }
+    - { src: 'config/dynamic_conf.yaml', dest: 'config/dynamic_conf.yaml' }
   register: traefik_copy_templates_results
 
 - name: Create proxy network
diff --git a/roles/traefik/files/config/dynamic_conf.yaml b/roles/traefik/templates/config/dynamic_conf.yaml
similarity index 71%
rename from roles/traefik/files/config/dynamic_conf.yaml
rename to roles/traefik/templates/config/dynamic_conf.yaml
index f000348..01d209b 100644
--- a/roles/traefik/files/config/dynamic_conf.yaml
+++ b/roles/traefik/templates/config/dynamic_conf.yaml
@@ -1,4 +1,9 @@
 http:
+  middlewares:
+    private-network:
+      ipWhiteList:
+        sourceRange:
+          - "{{ server.vpn.subnet }}"
   routers:
     octoPrint-secure:
       entryPoints:
diff --git a/roles/traefik/templates/config/traefik.yml.j2 b/roles/traefik/templates/config/traefik.yml
similarity index 100%
rename from roles/traefik/templates/config/traefik.yml.j2
rename to roles/traefik/templates/config/traefik.yml
diff --git a/roles/traefik/templates/docker-compose.yml.j2 b/roles/traefik/templates/docker-compose.yml
similarity index 100%
rename from roles/traefik/templates/docker-compose.yml.j2
rename to roles/traefik/templates/docker-compose.yml
diff --git a/roles/whoami/templates/docker-compose.yml.j2 b/roles/whoami/templates/docker-compose.yml.j2
index 691e1bb..04b961a 100644
--- a/roles/whoami/templates/docker-compose.yml.j2
+++ b/roles/whoami/templates/docker-compose.yml.j2
@@ -13,8 +13,7 @@ services:
       - "traefik.http.routers.whoami-secure.rule=Host(`whoami.{{ server.domain }}`)"
       - "traefik.http.routers.whoami-secure.tls=true"
       - "traefik.http.routers.whoami-secure.tls.certresolver=sslResolver"
-      # - "traefik.http.routers.whoami-secure.service=whoami"
-      # - "traefik.http.services.whoami.loadbalancer.server.port=9002"
+      - "traefik.http.routers.whoami-secure.middlewares=private-network@http"
       - "traefik.docker.network=proxy"
 
 networks: