Getting Started¶
This guide walks you through installing dnsweaver and setting up your first DNS provider on Docker or Kubernetes.
Prerequisites¶
- Docker (standalone or Swarm mode)
- A supported DNS provider with API access
- Container labels using Traefik-style
Host()rules (or native dnsweaver labels)
- Kubernetes 1.25+ cluster
- Helm 3+ or kubectl with Kustomize
- A supported DNS provider with API access
- Ingress, IngressRoute (Traefik CRD), HTTPRoute (Gateway API), or annotated Service resources
Installation¶
Supported Architectures¶
linux/amd64linux/arm64
Basic Configuration¶
dnsweaver is configured via environment variables (Docker) or a combination of environment variables, ConfigMaps, and Secrets (Kubernetes). The key concepts:
- Instances - Named configurations that connect to DNS providers
- Domain patterns - Which hostnames each instance manages
- Record types - What DNS records to create (A, AAAA, CNAME)
Minimal Example¶
services:
dnsweaver:
image: maxamill/dnsweaver:latest
restart: unless-stopped
environment:
# Define your instance name
- DNSWEAVER_INSTANCES=my-dns
# Configure the instance
- DNSWEAVER_MY_DNS_TYPE=technitium
- DNSWEAVER_MY_DNS_URL=http://dns-server:5380
- DNSWEAVER_MY_DNS_TOKEN=your-api-token
- DNSWEAVER_MY_DNS_ZONE=example.com
- DNSWEAVER_MY_DNS_RECORD_TYPE=A
- DNSWEAVER_MY_DNS_TARGET=192.0.2.100
- DNSWEAVER_MY_DNS_DOMAINS=*.example.com
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
apiVersion: apps/v1
kind: Deployment
metadata:
name: dnsweaver
namespace: dnsweaver
spec:
replicas: 1
selector:
matchLabels:
app: dnsweaver
template:
metadata:
labels:
app: dnsweaver
spec:
serviceAccountName: dnsweaver
containers:
- name: dnsweaver
image: maxamill/dnsweaver:latest
env:
- name: DNSWEAVER_INSTANCES
value: "my-dns"
- name: DNSWEAVER_MY_DNS_TYPE
value: "technitium"
- name: DNSWEAVER_MY_DNS_URL
value: "http://dns-server.dns.svc:5380"
- name: DNSWEAVER_MY_DNS_ZONE
value: "example.com"
- name: DNSWEAVER_MY_DNS_RECORD_TYPE
value: "A"
- name: DNSWEAVER_MY_DNS_TARGET
value: "192.0.2.100"
- name: DNSWEAVER_MY_DNS_DOMAINS
value: "*.example.com"
- name: DNSWEAVER_MY_DNS_TOKEN
valueFrom:
secretKeyRef:
name: dnsweaver-credentials
key: technitium-token
How Instance Names Work¶
Instance names are arbitrary identifiers you choose. They become environment variable prefixes:
| Instance Name | Environment Variable Prefix |
|---|---|
internal-dns |
DNSWEAVER_INTERNAL_DNS_* |
cloudflare |
DNSWEAVER_CLOUDFLARE_* |
my-dns |
DNSWEAVER_MY_DNS_* |
Note
Dashes (-) in instance names become underscores (_) in environment variables.
Using Secrets¶
For production deployments, avoid passing credentials as plain environment variables.
Use the _FILE suffix to read credentials from Docker secrets:
services:
dnsweaver:
image: maxamill/dnsweaver:latest
environment:
- DNSWEAVER_INSTANCES=internal-dns
- DNSWEAVER_INTERNAL_DNS_TYPE=technitium
- DNSWEAVER_INTERNAL_DNS_URL=http://dns-server:5380
- DNSWEAVER_INTERNAL_DNS_TOKEN_FILE=/run/secrets/dns_token # Note: _FILE suffix
- DNSWEAVER_INTERNAL_DNS_ZONE=example.com
- DNSWEAVER_INTERNAL_DNS_RECORD_TYPE=A
- DNSWEAVER_INTERNAL_DNS_TARGET=192.0.2.100
- DNSWEAVER_INTERNAL_DNS_DOMAINS=*.example.com
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
secrets:
- dns_token
secrets:
dns_token:
external: true
See Secrets Management for more details.
Verify It's Working¶
-
Check logs:
-
Check health endpoint:
-
View metrics:
-
Start a container with Traefik labels:
-
Verify the DNS record was created in your provider
-
Check pod status:
-
Check logs:
-
Check health endpoint:
-
Create a test Ingress:
-
Verify the DNS record was created in your provider
Next Steps¶
- Environment Variables — Complete configuration reference
- Domain Matching — Wildcards, regex, and exclusions
- Provider Setup — Detailed provider configuration
- Kubernetes Deployment — Full Kubernetes guide with Helm, Kustomize, and RBAC
- Docker Swarm Deployment — Swarm-specific deployment patterns
- Split-Horizon DNS — Internal + external records