initial commit
This commit is contained in:
+121
@@ -0,0 +1,121 @@
|
||||
# Environment Configuration
|
||||
|
||||
All settings are configured in `backend/.env`. Copy `backend/.env.example` to `backend/.env` and fill in the values for the providers you want to use. The backend must be restarted after any changes to `.env`.
|
||||
|
||||
---
|
||||
|
||||
## Cloudflare
|
||||
|
||||
| Variable | Required | Description |
|
||||
|----------|----------|-------------|
|
||||
| `CLOUDFLARE_API_TOKEN` | Yes | API token with Zone:Read and DNS:Edit permissions |
|
||||
|
||||
Create a token at **dash.cloudflare.com → My Profile → API Tokens → Create Token**. See `API-ACCESS.md` for the required permissions.
|
||||
|
||||
---
|
||||
|
||||
## Loopia
|
||||
|
||||
| Variable | Required | Description |
|
||||
|----------|----------|-------------|
|
||||
| `LOOPIA_USER` | Yes | API username in the format `youruser@loopiaapi` |
|
||||
| `LOOPIA_PASSWORD` | Yes | API user password |
|
||||
|
||||
Create an API user at **customerzone.loopia.se → My Account → API Users**. See `API-ACCESS.md` for the required method groups.
|
||||
|
||||
---
|
||||
|
||||
## Pi-hole
|
||||
|
||||
| Variable | Required | Description |
|
||||
|----------|----------|-------------|
|
||||
| `PIHOLE_URL` | Yes | Base URL of the Pi-hole instance, e.g. `http://192.168.1.x` |
|
||||
| `PIHOLE_PASSWORD` | Yes | Pi-hole web interface password |
|
||||
|
||||
Requires Pi-hole v6. Only A, AAAA, and CNAME records are supported. TTL is not configurable via the Pi-hole API.
|
||||
|
||||
---
|
||||
|
||||
## Azure DNS
|
||||
|
||||
| Variable | Required | Description |
|
||||
|----------|----------|-------------|
|
||||
| `AZURE_TENANT_ID` | Yes | Azure AD tenant ID |
|
||||
| `AZURE_CLIENT_ID` | Yes | Service principal application (client) ID |
|
||||
| `AZURE_CLIENT_SECRET` | Yes | Service principal client secret |
|
||||
| `AZURE_SUBSCRIPTION_ID` | Yes | Azure subscription ID containing the DNS zones |
|
||||
|
||||
The service principal requires the **DNS Zone Contributor** role on the subscription or resource group. See `API-ACCESS.md` for setup instructions.
|
||||
|
||||
---
|
||||
|
||||
## cPanel
|
||||
|
||||
| Variable | Required | Description |
|
||||
|----------|----------|-------------|
|
||||
| `CPANEL_URL` | Yes | cPanel URL including port, e.g. `https://hostname:2083` |
|
||||
| `CPANEL_USERNAME` | Yes | cPanel account username |
|
||||
| `CPANEL_API_TOKEN` | Yes | API token created in cPanel → Security → Manage API Tokens |
|
||||
| `CPANEL_INSECURE` | No | Set to `true` to disable SSL certificate verification. Use when cPanel uses a self-signed certificate. Defaults to `false`. |
|
||||
|
||||
The cPanel account must own the domains you want to manage. Uses the cPanel UAPI and API 2 (ZoneEdit module). See `API-ACCESS.md` for setup instructions.
|
||||
|
||||
---
|
||||
|
||||
## Authentication
|
||||
|
||||
| Variable | Required | Description |
|
||||
|----------|----------|-------------|
|
||||
| `JWT_SECRET` | Yes | A long random string used to sign login tokens. Generate one with: `node -e "console.log(require('crypto').randomBytes(32).toString('hex'))"` |
|
||||
| `JWT_EXPIRES_IN` | No | How long login sessions last. Defaults to `24h`. Accepts values like `12h`, `7d`. |
|
||||
|
||||
---
|
||||
|
||||
## General
|
||||
|
||||
| Variable | Required | Description |
|
||||
|----------|----------|-------------|
|
||||
| `DISABLED_PROVIDERS` | No | Comma-separated list of provider IDs to hide from the app without removing credentials. Valid values: `cloudflare`, `loopia`, `pihole`, `azure`, `cpanel`. Example: `DISABLED_PROVIDERS=loopia,cpanel` |
|
||||
| `PORT` | No | Port the backend listens on. Defaults to `3001`. |
|
||||
| `DB_PATH` | No | Path to the DNS record cache file. Defaults to `backend/dns-cache.json`. |
|
||||
| `SETTINGS_PATH` | No | Path to the settings file. Defaults to `backend/settings.json`. |
|
||||
| `USERS_PATH` | No | Path to the users file. Defaults to `backend/users.json`. |
|
||||
| `AUDIT_PATH` | No | Path to the audit log file. Defaults to `backend/audit-log.json`. |
|
||||
|
||||
---
|
||||
|
||||
## Example
|
||||
|
||||
```env
|
||||
# Cloudflare
|
||||
CLOUDFLARE_API_TOKEN=your_token_here
|
||||
|
||||
# Loopia
|
||||
LOOPIA_USER=youruser@loopiaapi
|
||||
LOOPIA_PASSWORD=yourpassword
|
||||
|
||||
# Pi-hole (v6)
|
||||
PIHOLE_URL=http://192.168.1.10
|
||||
PIHOLE_PASSWORD=yourpassword
|
||||
|
||||
# Azure DNS
|
||||
AZURE_TENANT_ID=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
|
||||
AZURE_CLIENT_ID=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
|
||||
AZURE_CLIENT_SECRET=your_secret
|
||||
AZURE_SUBSCRIPTION_ID=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
|
||||
|
||||
# cPanel
|
||||
CPANEL_URL=https://hostname:2083
|
||||
CPANEL_USERNAME=myuser
|
||||
CPANEL_API_TOKEN=your_token
|
||||
CPANEL_INSECURE=false
|
||||
|
||||
# Auth
|
||||
JWT_SECRET=your-long-random-secret-here
|
||||
JWT_EXPIRES_IN=24h
|
||||
|
||||
# Disable specific providers
|
||||
DISABLED_PROVIDERS=
|
||||
|
||||
PORT=3001
|
||||
```
|
||||
Reference in New Issue
Block a user