# # ============================================================================= # GENERAL CONFIGURATION # ============================================================================= # APP_NAME = name of application for use in scripts # COMPOSE_FILE = default for no app_name in docker-compose file name, app if there is # BACKUP = if true, include this application in backup operations # HEALTHCHECK = if true, default docker health checks for that container will be enabled # AUTHELIA = if true, use Authelia authentication, if false turned off. # HEADSCALE = options : false, local, remote (see general config). e.g false or local,remote # MONITORING = if true, export this app's metrics to Prometheus + Grafana (needs both apps installed) # CFG_UNBOUND_APP_NAME=unbound CFG_UNBOUND_BACKUP=true CFG_UNBOUND_BACKUP_STRATEGY=auto CFG_UNBOUND_COMPOSE_FILE=default CFG_UNBOUND_HEALTHCHECK=true CFG_UNBOUND_AUTHELIA=false CFG_UNBOUND_HEADSCALE=false CFG_UNBOUND_MONITORING=false # # ============================================================================= # METADATA # ============================================================================= # CATEGORY = application category for grouping # TITLE = display name for the application # DESCRIPTION = short description of the application # LONG_DESCRIPTION = detailed description of the application # URL = source repository or documentation URL # ACTIONS = available actions for this application # CFG_UNBOUND_CATEGORY="networking" CFG_UNBOUND_TITLE="Unbound" CFG_UNBOUND_DESCRIPTION="DNS Resolver" CFG_UNBOUND_LONG_DESCRIPTION="Unbound is a validating, recursive, and caching DNS resolver that provides secure and fast DNS resolution" CFG_UNBOUND_URL="https://github.com/NLnetLabs/unbound" CFG_UNBOUND_ACTIONS="configure|install|restart|shutdown|uninstall" # # ============================================================================= # NETWORK CONFIGURATION # ============================================================================= # DOMAIN = number of domain from the general config, useful when using multiple domains # WHITELIST = if true only allow whitelisted ips on traefik, if false allow all # CFG_UNBOUND_DOMAIN=1 CFG_UNBOUND_WHITELIST=false CFG_UNBOUND_NETWORK=default # # ============================================================================= # PORT CONFIGURATION # ============================================================================= # PORT_ = port configuration: app|name|external:internal|access|protocol|login|traefik|webui|description # - app: application name # - name: service identifier (webui, api, ssh, etc.) # - external:internal: port mapping (external can be 'random' for auto-allocation) # - access: 'public' (internet accessible), 'private' (local network only), 'disabled' (not running) # - protocol: 'tcp' or 'udp' # - login: if true, this port requires basic-auth via Traefik (only meaningful when traefik=true) # - traefik: if true, Traefik handles this port (reverse proxy) # - webui: if true, this port serves the main web interface # - description: human-readable description of the service # CFG_UNBOUND_PORT_1="unbound-service|dns-tcp|5335:53|private|tcp|false|false|false|DNS Resolver (TCP)|" CFG_UNBOUND_PORT_2="unbound-service|dns-udp|5335:53|private|udp|false|false|false|DNS Resolver (UDP)|" CFG_UNBOUND_PORT_3="unbound-exporter|metrics|9167:9167|disabled|tcp|false|false|false|Metrics Exporter (sidecar, docker-network only)|"