# ────────────────────────────────────────────────────────────────────────────── # traefik-dns-watcher — environment configuration # Copy this file to /etc/traefik-dns-watcher/env and fill in real values. # For Docker Compose, pass these as environment: directives or an env_file. # ────────────────────────────────────────────────────────────────────────────── # ── Traefik API ─────────────────────────────────────────────────────────────── # Base URL of the Traefik API endpoint (no trailing slash). # When running inside Docker on the same network, use the service name. TRAEFIK_URL=http://traefik:8080 # Optional Basic Auth credentials if the Traefik API is protected. # Leave empty if Traefik API is accessible without authentication (internal network). TRAEFIK_USERNAME= TRAEFIK_PASSWORD= # ── DNS zones ───────────────────────────────────────────────────────────────── # Comma-separated list of DNS zones that the watcher manages. # Only Traefik routers with Host() rules matching these zones will produce DNS records. DNS_ZONES=example.com,example.net # Public IPv4 address that all A records will point to. PUBLIC_IP=1.2.3.4 # Public IPv6 address for AAAA records. Leave empty to disable AAAA record generation. PUBLIC_IPV6= # TTL (in seconds) for all generated DNS records. RECORD_TTL=300 # Enable Cloudflare automatic TTL handling in OctoDNS-generated records: # octodns.cloudflare.auto-ttl: true # true - include provider-specific auto-ttl metadata # false - do not include provider-specific metadata CF_AUTO_TTL=true # ── DNS Git repository ──────────────────────────────────────────────────────── # Absolute path to the pre-cloned DNS OctoDNS repository on the local filesystem. # The service will not clone the repository; it must already exist. # Docker: mount this path as a volume. DNS_REPO_PATH=/dns-repo # Branch to pull from and push to. DNS_REPO_BRANCH=main # Git remote name. DNS_REPO_REMOTE=origin # Directory inside the repository where dynamic zone files are stored. # The watcher will only write to this directory; static zones are left untouched. DNS_REPO_DYNAMIC_DIR=zones-dynamic # Author identity for git commits produced by this service. DNS_REPO_AUTHOR_NAME=traefik-dns-watcher DNS_REPO_AUTHOR_EMAIL=dns-bot@example.com # ── Timing ──────────────────────────────────────────────────────────────────── # Interval between full periodic reconciles (independent of Docker events). # Compensates for missed events after restarts or stream interruptions. # Valid Go duration strings: 60s, 5m, 1h RECONCILE_INTERVAL=60s # Quiet-period after the last Docker event before a reconcile is triggered. # Coalesces rapid bursts (e.g. rolling restarts) into a single reconcile. DEBOUNCE_DELAY=5s # ── Docker ──────────────────────────────────────────────────────────────────── # Docker daemon endpoint. Leave empty to use the default Unix socket. # The standard DOCKER_HOST variable is read automatically by the Docker SDK. # Examples: # unix:///var/run/docker.sock (default) # tcp://remote-host:2376 DOCKER_HOST= # ── Filtering ───────────────────────────────────────────────────────────────── # Comma-separated list of Traefik router names to exclude from DNS management. # Useful for internal or special-purpose routers that happen to match a managed zone. # Example: my-internal-router@docker,legacy-app@docker EXCLUDE_ROUTERS=