let traefik handle CORS

.env.example

@@ -20,14 +20,6 @@ DEFAULT_BUTTON_NAME=game-button
 BASIC_AUTH_USERNAME=user12345
 BASIC_AUTH_PASSWORD=password
 
-# --- CORS Configuration (Optional but Recommended) ---
-# Comma-separated list of allowed origins for requests (e.g., your PWA frontend URL)
-# If blank or not set, CORS might block browser requests (like from a setup page).
-# Use '*' carefully, preferably list specific domains.
-ALLOWED_ORIGINS=https://game-timer.virtonline.eu,http://localhost
-ALLOWED_METHODS=POST,GET
-ALLOWED_HEADERS=Content-Type,Authorization,button-name,button-battery-level,timestamp
-
 # --- Web Push Retry Configuration (Optional) ---
 # Number of retries on failure (e.g., DNS issues)
 NOTIFICATION_MAX_RETRIES=3