{"id":35825902,"url":"https://github.com/maxfield-allison/dnsweaver","last_synced_at":"2026-04-02T22:00:52.603Z","repository":{"id":332013664,"uuid":"1129853756","full_name":"maxfield-allison/dnsweaver","owner":"maxfield-allison","description":"Automatic DNS management for Docker and Kubernetes workloads with multi-provider support","archived":false,"fork":false,"pushed_at":"2026-03-30T15:52:58.000Z","size":1210,"stargazers_count":18,"open_issues_count":0,"forks_count":4,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-03-30T17:08:04.563Z","etag":null,"topics":["cloudflare","container-orchestration","devops","dns","dns-automation","dns-management","docker","gateway-api","go","golang","helm","homelab","infrastructure-as-code","ingress","k8s","kubernetes","self-hosted","service-discovery","technitium","traefik"],"latest_commit_sha":null,"homepage":"https://github.com/maxfield-allison/dnsweaver","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/maxfield-allison.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-01-07T17:16:44.000Z","updated_at":"2026-03-30T15:38:22.000Z","dependencies_parsed_at":"2026-02-27T04:18:12.646Z","dependency_job_id":null,"html_url":"https://github.com/maxfield-allison/dnsweaver","commit_stats":null,"previous_names":["maxfield-allison/dnsweaver"],"tags_count":25,"template":false,"template_full_name":null,"purl":"pkg:github/maxfield-allison/dnsweaver","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/maxfield-allison%2Fdnsweaver","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/maxfield-allison%2Fdnsweaver/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/maxfield-allison%2Fdnsweaver/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/maxfield-allison%2Fdnsweaver/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/maxfield-allison","download_url":"https://codeload.github.com/maxfield-allison/dnsweaver/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/maxfield-allison%2Fdnsweaver/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31317831,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-02T21:35:00.834Z","status":"ssl_error","status_checked_at":"2026-04-02T21:34:59.806Z","response_time":89,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cloudflare","container-orchestration","devops","dns","dns-automation","dns-management","docker","gateway-api","go","golang","helm","homelab","infrastructure-as-code","ingress","k8s","kubernetes","self-hosted","service-discovery","technitium","traefik"],"created_at":"2026-01-07T20:12:10.750Z","updated_at":"2026-04-02T22:00:52.576Z","avatar_url":"https://github.com/maxfield-allison.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# dnsweaver\n\n[![Release](https://img.shields.io/github/v/release/maxfield-allison/dnsweaver?style=flat-square)](https://github.com/maxfield-allison/dnsweaver/releases)\n[![Docker Pulls](https://img.shields.io/docker/pulls/maxamill/dnsweaver?style=flat-square)](https://hub.docker.com/r/maxamill/dnsweaver)\n[![License](https://img.shields.io/github/license/maxfield-allison/dnsweaver?style=flat-square)](LICENSE)\n[![Go Version](https://img.shields.io/github/go-mod/go-version/maxfield-allison/dnsweaver?style=flat-square)](go.mod)\n\n**Automatic DNS record management for Docker and Kubernetes workloads with multi-provider support.**\n\ndnsweaver watches Docker events and Kubernetes resources to automatically create and delete DNS records. Unlike single-provider tools, dnsweaver supports **split-horizon DNS**, **multiple DNS providers** simultaneously, and works across both **Docker** and **Kubernetes** platforms.\n\n📚 **[Full Documentation](https://maxfield-allison.github.io/dnsweaver/)**\n\n## Features\n\n- 🔀 **Multi-Provider Support** — Route different domains to different DNS providers\n- 🌐 **Split-Horizon DNS** — Internal and external records from the same container labels\n- 🐳 **Docker \u0026 Swarm** — Works with standalone Docker and Docker Swarm clusters\n- ☸️ **Kubernetes Native** — Watches Ingress, IngressRoute, HTTPRoute, and Service resources via Helm or Kustomize\n- 🏗️ **Multi-Instance Safe** — Run multiple dnsweaver instances on the same DNS zone without conflicts\n- 🔒 **Socket Proxy Compatible** — Connect via TCP to a Docker socket proxy for improved security\n- 🏷️ **Traefik Integration** — Parses `traefik.http.routers.*.rule` labels to extract hostnames\n- 📊 **Observable** — Prometheus metrics, health endpoints, structured logging\n- 🔑 **Secrets Support** — Docker secrets and Kubernetes Secrets via `_FILE` suffix variables\n\n## Supported Providers\n\n| Provider | Record Types | Notes |\n|----------|--------------|-------|\n| [Technitium](https://maxfield-allison.github.io/dnsweaver/providers/technitium/) | A, AAAA, CNAME, SRV, TXT | Full-featured self-hosted DNS |\n| [Cloudflare](https://maxfield-allison.github.io/dnsweaver/providers/cloudflare/) | A, AAAA, CNAME, TXT | With optional proxy support |\n| [RFC 2136](https://maxfield-allison.github.io/dnsweaver/providers/rfc2136/) | A, AAAA, CNAME, SRV, TXT | BIND, Windows DNS, PowerDNS, Knot |\n| [Pi-hole](https://maxfield-allison.github.io/dnsweaver/providers/pihole/) | A, AAAA, CNAME | API or file mode |\n| [dnsmasq](https://maxfield-allison.github.io/dnsweaver/providers/dnsmasq/) | A, AAAA, CNAME | File-based configuration |\n| [Webhook](https://maxfield-allison.github.io/dnsweaver/providers/webhook/) | Any | Custom integrations |\n\n## Quick Start\n\n### Installation\n\n```bash\n# Docker Hub\ndocker pull maxamill/dnsweaver:latest\n\n# GitHub Container Registry\ndocker pull ghcr.io/maxfield-allison/dnsweaver:latest\n```\n\n### Basic Example\n\n```yaml\nservices:\n  dnsweaver:\n    image: maxamill/dnsweaver:latest\n    restart: unless-stopped\n    environment:\n      - DNSWEAVER_INSTANCES=internal-dns\n      - DNSWEAVER_INTERNAL_DNS_TYPE=technitium\n      - DNSWEAVER_INTERNAL_DNS_URL=http://dns.internal:5380\n      - DNSWEAVER_INTERNAL_DNS_TOKEN_FILE=/run/secrets/technitium_token\n      - DNSWEAVER_INTERNAL_DNS_ZONE=home.example.com\n      - DNSWEAVER_INTERNAL_DNS_RECORD_TYPE=A\n      - DNSWEAVER_INTERNAL_DNS_TARGET=192.0.2.100\n      - DNSWEAVER_INTERNAL_DNS_DOMAINS=*.home.example.com\n    volumes:\n      - /var/run/docker.sock:/var/run/docker.sock:ro\n    secrets:\n      - technitium_token\n\nsecrets:\n  technitium_token:\n    external: true\n```\n\n### How It Works\n\n```mermaid\nflowchart LR\n    A[\"Docker Events\"] --\u003e B[\"dnsweaver\u003cbr/\u003e(matching)\"]\n    D[\"Kubernetes Resources\"] --\u003e B\n    B --\u003e C[\"DNS Providers\u003cbr/\u003e(A/CNAME/SRV)\"]\n```\n\n1. A container starts with a Traefik label (or a Kubernetes Ingress/HTTPRoute is created):\n   ```yaml\n   labels:\n     - \"traefik.http.routers.myapp.rule=Host(`myapp.home.example.com`)\"\n   ```\n\n2. dnsweaver extracts the hostname and matches it against configured provider domain patterns\n\n3. The matching provider creates the DNS record:\n   - **A record**: `myapp.home.example.com → 192.0.2.100`\n   - **CNAME**: `myapp.example.com → proxy.example.com`\n\n4. When the container stops (or the Kubernetes resource is deleted), the DNS record is automatically cleaned up\n\n## Documentation\n\n| Topic | Description |\n|-------|-------------|\n| [Getting Started](https://maxfield-allison.github.io/dnsweaver/getting-started/) | Installation and first configuration |\n| [Configuration](https://maxfield-allison.github.io/dnsweaver/configuration/environment/) | Environment variables reference |\n| [Providers](https://maxfield-allison.github.io/dnsweaver/providers/) | Provider-specific setup guides |\n| [Kubernetes](https://maxfield-allison.github.io/dnsweaver/deployment/kubernetes/) | Kubernetes deployment with Helm/Kustomize |\n| [Split-Horizon DNS](https://maxfield-allison.github.io/dnsweaver/deployment/split-horizon/) | Internal + external records |\n| [Docker Swarm](https://maxfield-allison.github.io/dnsweaver/deployment/swarm/) | Swarm deployment guide |\n| [Observability](https://maxfield-allison.github.io/dnsweaver/observability/) | Metrics, logging, and health checks |\n| [FAQ](https://maxfield-allison.github.io/dnsweaver/faq/) | Common questions and troubleshooting |\n\n## Kubernetes Quick Start\n\nDeploy dnsweaver to watch Kubernetes resources for DNS management:\n\n```bash\n# Using Kustomize\nkubectl apply -k https://github.com/maxfield-allison/dnsweaver/deploy/kustomize/base\n\n# Using Helm\nhelm install dnsweaver deploy/helm/dnsweaver/ \\\n  --namespace dnsweaver --create-namespace\n```\n\ndnsweaver automatically detects hostnames from Ingress, IngressRoute (Traefik), HTTPRoute (Gateway API), and Service resources. Use `dnsweaver.dev/*` annotations for per-resource overrides:\n\n```yaml\napiVersion: networking.k8s.io/v1\nkind: Ingress\nmetadata:\n  name: my-app\n  annotations:\n    dnsweaver.dev/record-type: \"A\"\n    dnsweaver.dev/target: \"192.0.2.100\"\nspec:\n  rules:\n    - host: app.example.com\n```\n\nSee the [Kubernetes deployment guide](https://maxfield-allison.github.io/dnsweaver/deployment/kubernetes/) for full configuration.\n\n## Split-Horizon DNS Example\n\nManage internal and external DNS from the same container labels:\n\n```yaml\nenvironment:\n  - DNSWEAVER_INSTANCES=internal,external\n\n  # Internal: Technitium → private IP\n  - DNSWEAVER_INTERNAL_TYPE=technitium\n  - DNSWEAVER_INTERNAL_RECORD_TYPE=A\n  - DNSWEAVER_INTERNAL_TARGET=192.0.2.100\n  - DNSWEAVER_INTERNAL_DOMAINS=*.example.com\n\n  # External: Cloudflare → tunnel CNAME\n  - DNSWEAVER_EXTERNAL_TYPE=cloudflare\n  - DNSWEAVER_EXTERNAL_RECORD_TYPE=CNAME\n  - DNSWEAVER_EXTERNAL_TARGET=tunnel.example.com\n  - DNSWEAVER_EXTERNAL_DOMAINS=*.example.com\n```\n\nWith this configuration, when `app.example.com` starts:\n- Internal DNS → `A` record → `192.0.2.100`\n- External DNS → `CNAME` record → `tunnel.example.com`\n\n## Contributing\n\nContributions are welcome! See [CONTRIBUTING](https://maxfield-allison.github.io/dnsweaver/contributing/) for guidelines.\n\n## License\n\n[MIT License](LICENSE)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmaxfield-allison%2Fdnsweaver","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmaxfield-allison%2Fdnsweaver","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmaxfield-allison%2Fdnsweaver/lists"}