LibrePortal/containers/adguard/adguard.config
librelad 3ba3f77f0b feat(backup): expose per-app strategy override on all apps, context-aware
Every backup-scope app now carries CFG_<APP>_BACKUP_STRATEGY=auto, so the
Backup Strategy dropdown appears in each app's Advanced tab — not just the
DB apps.

To keep it honest, the 'live' option is hidden where it isn't safe:
- apps.json generator emits backup_live_capable per app (from compose backup
  labels: a dumpable DB, or a live-safe marker).
- apps-manager filters the live option out of the strategy select when the
  current app isn't live-capable, so apps like gitea/focalboard (a DB we don't
  yet dump) never offer it.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Signed-off-by: librelad <librelad@digitalangels.vip>
2026-05-23 15:41:55 +01:00

79 lines
4.2 KiB
Plaintext
Executable File

#
# =============================================================================
# GENERAL CONFIGURATION
# =============================================================================
# APP_NAME = name of application for use in scripts
# COMPOSE_FILE = default for no app_name in docker-compose file name, app if there is
# BACKUP = if true, include this application in backup operations
# HEALTHCHECK = if true, default docker health checks for that container will be enabled
# AUTHELIA = if true, use Authelia authentication, if false turned off.
# HEADSCALE = options : false, local, remote (see general config). e.g false or local,remote
# USER = admin username for the AdGuardHome web UI
# PASSWORD = plain text admin password for the AdGuardHome web UI
# MONITORING = if true, export this app's metrics to Prometheus + Grafana (needs both apps installed)
#
CFG_ADGUARD_APP_NAME=adguard
CFG_ADGUARD_BACKUP=true
CFG_ADGUARD_BACKUP_STRATEGY=auto
CFG_ADGUARD_COMPOSE_FILE=default
CFG_ADGUARD_HEALTHCHECK=true
CFG_ADGUARD_AUTHELIA=false
CFG_ADGUARD_HEADSCALE=false
CFG_ADGUARD_USER=admin
CFG_ADGUARD_PASSWORD=RANDOMIZEDPASSWORD1
CFG_ADGUARD_MONITORING=false
#
# =============================================================================
# METADATA
# =============================================================================
# CATEGORY = application category for grouping
# TITLE = display name for the application
# DESCRIPTION = short description of the application
# LONG_DESCRIPTION = detailed description of the application
# URL = source repository or documentation URL
# ACTIONS = available actions for this application
#
CFG_ADGUARD_CATEGORY="networking"
CFG_ADGUARD_TITLE="AdGuard"
CFG_ADGUARD_DESCRIPTION="DNS based Ad Blocking"
CFG_ADGUARD_LONG_DESCRIPTION="AdGuard Home is a network-wide software for advertisements and tracking blocking that operates as a DNS server and returns the IP address of a local, blackhole DNS server for domains that should be blocked"
CFG_ADGUARD_URL="https://github.com/AdguardTeam/AdGuardHome"
CFG_ADGUARD_ACTIONS="configure|install|restart|shutdown|uninstall"
#
# =============================================================================
# NETWORK CONFIGURATION
# =============================================================================
# DOMAIN = number of domain from the general config, useful when using multiple domains
# WHITELIST = if true only allow whitelisted ips on traefik, if false allow all
#
CFG_ADGUARD_DOMAIN=1
CFG_ADGUARD_WHITELIST=false
CFG_ADGUARD_NETWORK=default
#
# =============================================================================
# PORT CONFIGURATION
# =============================================================================
# PORT_ = port configuration: app|name|external:internal|access|protocol|login|traefik|webui|description
# - app: application name
# - name: service identifier (webui, dns, ssh, etc.)
# - external:internal: port mapping (external can be 'random' for auto-allocation)
# - access: 'public' (internet accessible), 'private' (local network only), 'disabled' (not running)
# - protocol: 'tcp' or 'udp'
# - login: if true, this port requires basic-auth via Traefik (only meaningful when traefik=true)
# - traefik: if true, Traefik handles this port (reverse proxy)
# - webui: if true, this port serves the main web interface
# - description: human-readable description of the service
#
CFG_ADGUARD_PORT_1="adguard-service|webui|random:3000|public|tcp|true|true|true|Admin Interface||adguard"
CFG_ADGUARD_PORT_2="adguard-service|dns-tcp|random:53|public|tcp|false|false|false|DNS Server (TCP)|"
CFG_ADGUARD_PORT_3="adguard-service|dns-udp|random:53|public|udp|false|false|false|DNS Server (UDP)|"
CFG_ADGUARD_PORT_4="adguard-service|dns-alt|random:8053|disabled|tcp|false|false|false|Alternative DNS|"
CFG_ADGUARD_PORT_5="adguard-service|dot|random:853|disabled|tcp|false|false|false|DNS-over-TLS|"
CFG_ADGUARD_PORT_6="adguard-exporter|metrics|9617:9617|disabled|tcp|false|false|false|Metrics Exporter (sidecar, docker-network only)|"
# AUTH_PROFILE = capability tier for the WebUI auth tools (single_password | user_password | multi_user)
CFG_ADGUARD_AUTH_PROFILE=single_password
CFG_ADGUARD_ADMIN_USER=
CFG_ADGUARD_ADMIN_PASSWORD=RANDOMIZEDPASSWORD2