DrydockDrydock
Configuration

Configuration

Drydock is configured via environment variables and Docker labels.

drydock is configured via Environment Variables and Docker labels.

Prefix convention

All environment variables use the DD_ prefix. All Docker labels use the dd. prefix.

ContextPrefixExample
Environment variablesDD_DD_SERVER_PORT
Docker labelsdd.dd.watch
Secret filesDD_ + __FILEDD_AUTH_BASIC_JOHN_HASH__FILE

Please find below the documentation for each of them:

Complete example

services:

  # Valid semver following by os name
  vaultwarden:
    image: vaultwarden/server:1.22.1-alpine
    container_name: bitwarden
    labels:
      - 'dd.tag.include=^\d+\.\d+\.\d+-alpine$$'
      - 'dd.link.template=https://github.com/dani-garcia/vaultwarden/releases/tag/$${major}.$${minor}.$${patch}'

  # Valid semver following by an build number (linux server style)
  duplicati:
    image: linuxserver/duplicati:v2.0.6.3-2.0.6.3_beta_2021-06-17-ls104
    container_name: duplicati
    labels:
      - 'dd.tag.include=^v\d+\.\d+\.\d+\.\d+-\d+\.\d+\.\d+\.\d+.*$$'

  # Valid calver
  homeassistant:
    image: homeassistant/home-assistant:2021.7.1
    container_name: homeassistant
    labels:
      - 'dd.tag.include=^\d+\.\d+\.\d+$$'
      - 'dd.link.template=https://github.com/home-assistant/core/releases/tag/$${major}.$${minor}.$${patch}'

  # Valid semver with a leading v
  pihole:
    image: pihole/pihole:v5.8.1
    container_name: pihole
    labels:
      - 'dd.tag.include=^v\d+\.\d+\.\d+$$'
      - 'dd.link.template=https://github.com/pi-hole/FTL/releases/tag/v$${major}.$${minor}.$${patch}'

  # Mutable tag (latest) with digest tracking
  pyload:
    image: writl/pyload:latest
    container_name: pyload
    labels:
      - 'dd.tag.include=latest'
      - 'dd.watch.digest=true'

  # drydock self tracking :)
  drydock:
    image: codeswhat/drydock:latest
    container_name: drydock
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - /opt/drydock/store:/store
    healthcheck:
      test: curl --fail http://localhost:${DD_SERVER_PORT:-3000}/health || exit 1
      interval: 10s
      timeout: 10s
      retries: 3
      start_period: 10s
    labels:
      - 'dd.tag.include=^latest$$'
      - 'dd.link.template=https://github.com/orgs/CodesWhat/packages/container/package/drydock'

Secret management

If you don't want to expose your secret values as environment variables, you can externalize them in external files and reference them by suffixing the original env var name with __FILE.

For example, instead of providing the Basic auth details as

DD_AUTH_BASIC_JOHN_HASH={SHA}1rToTufzHYhhemtgQhRRJy6/Gjo=

You can create an external file with the appropriate permissions (let's say /tmp/john_hash) containing the secret value ({SHA}1rToTufzHYhhemtgQhRRJy6/Gjo=). Then you need to reference this file by using the following env var

DD_AUTH_BASIC_JOHN_HASH__FILE=/tmp/john_hash
This feature can be used for any DD_ env var (no restrictions).

On this page