bobban/sloth-manager
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
229a3c7383586285676a7760b169cb7dde6ef6d5
sloth-manager/ENVIRONMENT.md
T
bobban d2a8072a47 initial commit
2026-06-02 01:00:27 +02:00

122 lines
4.1 KiB
Markdown
Raw Blame History

# Environment Configuration
All settings are configured in `backend/.env`. Copy `backend/.env.example` to `backend/.env` and fill in the values for the providers you want to use. The backend must be restarted after any changes to `.env`.
---
## Cloudflare
| Variable | Required | Description |
|----------|----------|-------------|
| `CLOUDFLARE_API_TOKEN` | Yes | API token with Zone:Read and DNS:Edit permissions |
Create a token at **dash.cloudflare.com → My Profile → API Tokens → Create Token**. See `API-ACCESS.md` for the required permissions.
---
## Loopia
| Variable | Required | Description |
|----------|----------|-------------|
| `LOOPIA_USER` | Yes | API username in the format `youruser@loopiaapi` |
| `LOOPIA_PASSWORD` | Yes | API user password |
Create an API user at **customerzone.loopia.se → My Account → API Users**. See `API-ACCESS.md` for the required method groups.
---
## Pi-hole
| Variable | Required | Description |
|----------|----------|-------------|
| `PIHOLE_URL` | Yes | Base URL of the Pi-hole instance, e.g. `http://192.168.1.x` |
| `PIHOLE_PASSWORD` | Yes | Pi-hole web interface password |
Requires Pi-hole v6. Only A, AAAA, and CNAME records are supported. TTL is not configurable via the Pi-hole API.
---
## Azure DNS
| Variable | Required | Description |
|----------|----------|-------------|
| `AZURE_TENANT_ID` | Yes | Azure AD tenant ID |
| `AZURE_CLIENT_ID` | Yes | Service principal application (client) ID |
| `AZURE_CLIENT_SECRET` | Yes | Service principal client secret |
| `AZURE_SUBSCRIPTION_ID` | Yes | Azure subscription ID containing the DNS zones |
The service principal requires the **DNS Zone Contributor** role on the subscription or resource group. See `API-ACCESS.md` for setup instructions.
---
## cPanel
| Variable | Required | Description |
|----------|----------|-------------|
| `CPANEL_URL` | Yes | cPanel URL including port, e.g. `https://hostname:2083` |
| `CPANEL_USERNAME` | Yes | cPanel account username |
| `CPANEL_API_TOKEN` | Yes | API token created in cPanel → Security → Manage API Tokens |
| `CPANEL_INSECURE` | No | Set to `true` to disable SSL certificate verification. Use when cPanel uses a self-signed certificate. Defaults to `false`. |
The cPanel account must own the domains you want to manage. Uses the cPanel UAPI and API 2 (ZoneEdit module). See `API-ACCESS.md` for setup instructions.
---
## Authentication
| Variable | Required | Description |
|----------|----------|-------------|
| `JWT_SECRET` | Yes | A long random string used to sign login tokens. Generate one with: `node -e "console.log(require('crypto').randomBytes(32).toString('hex'))"` |
| `JWT_EXPIRES_IN` | No | How long login sessions last. Defaults to `24h`. Accepts values like `12h`, `7d`. |
---
## General
| Variable | Required | Description |
|----------|----------|-------------|
| `DISABLED_PROVIDERS` | No | Comma-separated list of provider IDs to hide from the app without removing credentials. Valid values: `cloudflare`, `loopia`, `pihole`, `azure`, `cpanel`. Example: `DISABLED_PROVIDERS=loopia,cpanel` |
| `PORT` | No | Port the backend listens on. Defaults to `3001`. |
| `DB_PATH` | No | Path to the DNS record cache file. Defaults to `backend/dns-cache.json`. |
| `SETTINGS_PATH` | No | Path to the settings file. Defaults to `backend/settings.json`. |
| `USERS_PATH` | No | Path to the users file. Defaults to `backend/users.json`. |
| `AUDIT_PATH` | No | Path to the audit log file. Defaults to `backend/audit-log.json`. |
---
## Example
```env
# Cloudflare
CLOUDFLARE_API_TOKEN=your_token_here
# Loopia
LOOPIA_USER=youruser@loopiaapi
LOOPIA_PASSWORD=yourpassword
# Pi-hole (v6)
PIHOLE_URL=http://192.168.1.10
PIHOLE_PASSWORD=yourpassword
# Azure DNS
AZURE_TENANT_ID=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
AZURE_CLIENT_ID=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
AZURE_CLIENT_SECRET=your_secret
AZURE_SUBSCRIPTION_ID=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
# cPanel
CPANEL_URL=https://hostname:2083
CPANEL_USERNAME=myuser
CPANEL_API_TOKEN=your_token
CPANEL_INSECURE=false
# Auth
JWT_SECRET=your-long-random-secret-here
JWT_EXPIRES_IN=24h
# Disable specific providers
DISABLED_PROVIDERS=
PORT=3001
```
Reference in New Issue View Git Blame Copy Permalink