diff --git a/tljh/traefik-dynamic.toml.tpl b/tljh/traefik-dynamic.toml.tpl
index a98e7d0..f1144d6 100644
--- a/tljh/traefik-dynamic.toml.tpl
+++ b/tljh/traefik-dynamic.toml.tpl
@@ -1,6 +1,6 @@
 # traefik.toml dynamic config (mostly TLS)
 # dynamic config in the static config file will be ignored
-{% if https['enabled'] %}
+{%- if https['enabled'] %}
 [tls]
   [tls.options.default]
   minVersion = "VersionTLS12"
@@ -12,13 +12,13 @@
     "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305",
     "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305",
   ]
-  {% if https['tls']['cert'] -%}
+  {%- if https['tls']['cert'] %}
   [tls.stores.default.defaultCertificate]
     certFile = "{{ https['tls']['cert'] }}"
     keyFile = "{{ https['tls']['key'] }}"
   {%- endif %}
 
-  {% if https['letsencrypt']['email'] and https['letsencrypt']['domains'] -%}
+  {%- if https['letsencrypt']['email'] and https['letsencrypt']['domains'] %}
   [tls.stores.default.defaultGeneratedCert]
   resolver = "letsencrypt"
     [tls.stores.default.defaultGeneratedCert.domain]
@@ -29,4 +29,4 @@
       {%- endfor %}
     ]
   {%- endif %}
-{% endif %}
+{%- endif %}
diff --git a/tljh/traefik.toml.tpl b/tljh/traefik.toml.tpl
index e1f82a1..fa5b6ef 100644
--- a/tljh/traefik.toml.tpl
+++ b/tljh/traefik.toml.tpl
@@ -23,35 +23,37 @@ X-Xsrftoken = "redact"
 [entryPoints]
   [entryPoints.http]
   address = ":{{ http['port'] }}"
+
   [entryPoints.http.transport.respondingTimeouts]
   idleTimeout = "10m"
 
-  {% if https['enabled'] %}
+  {%- if https['enabled'] %}
   [entryPoints.http.http.redirections.entryPoint]
   to = "https"
   scheme = "https"
 
   [entryPoints.https]
   address = ":{{ https['port'] }}"
+
   [entryPoints.https.http.tls]
   options = "default"
 
   [entryPoints.https.transport.respondingTimeouts]
   idleTimeout = "10m"
-  {% endif %}
+  {%- endif %}
 
   [entryPoints.auth_api]
   address = "localhost:{{ traefik_api['port'] }}"
 
-{% if https['enabled'] and https['letsencrypt']['email'] and https['letsencrypt']['domains'] %}
+{%- if https['enabled'] and https['letsencrypt']['email'] and https['letsencrypt']['domains'] %}
 [certificatesResolvers.letsencrypt.acme]
 email = "{{ https['letsencrypt']['email'] }}"
 storage = "acme.json"
-{% if https['letsencrypt']['staging'] -%}
+{%- if https['letsencrypt']['staging'] %}
 caServer = "https://acme-staging-v02.api.letsencrypt.org/directory"
 {%- endif %}
 [certificatesResolvers.letsencrypt.acme.tlsChallenge]
-{% endif %}
+{%- endif %}
 
 [providers]
 providersThrottleDuration = "0s"