DockFlare/env.example

# -----------------------------------------------------------------------------
# DockFlare Environment Variables Example
#
# Copy this file to '.env' in the same directory as your docker-compose.yml
# and fill in your details.
# -----------------------------------------------------------------------------

# === REQUIRED CLOUDFLARE CREDENTIALS ===
# Your Cloudflare API token. MUST have the required permissions.
# See README.md for the list of required permissions.
CF_API_TOKEN=your_cloudflare_api_token_here

# Your Cloudflare Account ID. Found on the main overview page of your Cloudflare dashboard.
CF_ACCOUNT_ID=your_cloudflare_account_id_here

# [Highly Recommended] The Zone ID for your primary domain.
# If you set this, you don't need to add the 'zonename' label to most of your containers.
# If this is not set, the 'dockflare.zonename' (or 'cloudflare.tunnel.zonename') label is REQUIRED for all services.
CF_ZONE_ID=your_default_cloudflare_zone_id_here

# === CORE TUNNEL CONFIGURATION ===
# The name for the Cloudflare Tunnel that DockFlare will create and manage.
# This is REQUIRED if you are NOT using an external cloudflared agent (see advanced section).
TUNNEL_NAME=DockFlare-Tunnel

# === DOCKFLARE BEHAVIOR & CUSTOMIZATION ===
# The prefix for Docker labels.
# The default is now 'dockflare.'. DockFlare is fully backward-compatible and will
# also recognize the old 'cloudflare.tunnel.' prefix automatically.
# You only need to uncomment and change this if you want a custom prefix.
# LABEL_PREFIX=dockflare.

# The time in seconds before a rule from a stopped container is deleted from Cloudflare.
GRACE_PERIOD_SECONDS=28800

# How often, in seconds, the cleanup task runs to check for expired rules.
CLEANUP_INTERVAL_SECONDS=300

# How often, in seconds, the status of the managed cloudflared agent is checked.
AGENT_STATUS_UPDATE_INTERVAL_SECONDS=10

# Set to 'true' to make DockFlare scan containers across all Docker networks.
# Default is 'false', meaning DockFlare only sees containers on its own network.
SCAN_ALL_NETWORKS=false

# The name of the Docker network for DockFlare's managed cloudflared agent to use.
# Your target containers should also be on this network.
CLOUDFLARED_NETWORK_NAME=cloudflare-net

# Path to the state file inside the container. It's recommended to set this
# via the volume mount in docker-compose.yml, but can be overridden here.
# STATE_FILE_PATH=/app/data/state.json

# Sets the timezone for the container, which affects log timestamps.
# Example: America/New_York, Europe/Zurich, UTC
TZ=UTC

# === ADVANCED & PERFORMANCE TUNING ===
# A comma-separated list of additional zone NAMES (not IDs) you own.
# This allows the UI to scan for DNS records across multiple domains.
# The domain for your CF_ZONE_ID is automatically included.
# Example: TUNNEL_DNS_SCAN_ZONE_NAMES=extradomain.com,another-zone.net
TUNNEL_DNS_SCAN_ZONE_NAMES=

# Limits how many DNS operations can run at the same time during reconciliation to avoid API rate-limiting.
MAX_CONCURRENT_DNS_OPS=3

# For the internally managed cloudflared container, set UDP buffer sizes to resolve QUIC warnings.
# See: https://github.com/quic-go/quic-go/wiki/UDP-Buffer-Sizes
# IMPORTANT: Using these requires running the DockFlare container with '--privileged' flag.
# CLOUDFLARED_RMEM_MAX=7500000
# CLOUDFLARED_WMEM_MAX=7500000

# === EXTERNAL CLOUDFLARED MODE (FOR ADVANCED USERS) ===
# WARNING: Do NOT use this unless you are managing your own cloudflared agent and
# understand Docker networking thoroughly. See the README.md for critical details.
#
# Set to 'true' to have DockFlare manage DNS and Access Policies for an existing, externally managed tunnel.
# USE_EXTERNAL_CLOUDFLARED=false

# The Tunnel ID (UUID) of your externally managed cloudflared agent.
# This is REQUIRED if USE_EXTERNAL_CLOUDFLARED is 'true'.
# EXTERNAL_TUNNEL_ID=your_external_tunnel_uuid_here