Add Cloudflare as DNS provider (#103 )

* [x] I have deployed and tested my changes LetsEncrypt challenges passed * [x] I have [updated relevant versions in `abra.sh`](https://docs.coopcloud.tech/maintainers/upgrade/#updating-versions-in-the-abrash) No relevant versions to update * [x] I have made my environment variable changes [backwards compatible](https://docs.coopcloud.tech/maintainers/upgrade/#backwards-compatible-environment-variable-changes) Only new env vars were added * [ ] I have added a [release note entry](https://docs.coopcloud.tech/maintainers/upgrade/#creating-new-release-notes) Unsure if this is necessary but I'm happy to add notes if we want them 😄 Reviewed-on: #103 Reviewed-by: p4u1 <p4u1@noreply.git.coopcloud.tech> Reviewed-by: decentral1se <decentral1se@noreply.git.coopcloud.tech> Co-authored-by: Zigzagill <zigzagill@proton.me> Co-committed-by: Zigzagill <zigzagill@proton.me>
chore(deps): update lscr.io/linuxserver/socket-proxy docker tag to v3.2.19 (#101 )
2026-05-16 23:37:49 +00:00 · 2026-05-16 23:36:24 +00:00 · 2026-05-02 09:37:11 +02:00 · 2026-05-02 09:36:20 +02:00 · 2026-04-18 06:13:54 +00:00 · 2026-03-25 00:17:14 +01:00
5 changed files with 37 additions and 7 deletions
--- a/.env.sample
+++ b/.env.sample
@ -86,6 +86,15 @@ COMPOSE_FILE="compose.yml"
 #SECRET_PORKBUN_API_KEY_VERSION=v1
 #SECRET_PORKBUN_SECRET_API_KEY_VERSION=v1
 ## Cloudflare, htps://cloudflare.com
 ## To insert your secrets:
 ## abra app secret insert {myapp.example.coop} cf_email v1 "<CLOUDFLARE_EMAIL>"
 ## abra app secret insert {myapp.example.coop} cf_api_key v1 "<CLOUDFLARE_API_KEY>"
 ## cf_api_key is an account API key from Cloudflare that has DNS read + edit permission
 #COMPOSE_FILE="$COMPOSE_FILE:compose.cloudflare.yml"
 #SECRET_CLOUDFLARE_EMAIL_VERSION=v1 # generate=false
 #SECRET_CLOUDFLARE_API_KEY_VERSION=v1 # generate=false
 #####################################################################
 # Manual wildcard certificate insertion                             #
 #####################################################################
--- a/README.md
+++ b/README.md
@ -5,7 +5,7 @@
 > https://docs.traefik.io
 <!-- metadata -->
-* **Maintainer**: [@p4u1](https://git.coopcloud.tech/p4u1), [@decentral1se](https://git.coopcloud.tech/decentral1se), [@javielico](https://git.coopcloud.tech/javielico)
+* **Maintainer**: [@p4u1](https://git.coopcloud.tech/p4u1), [@decentral1se](https://git.coopcloud.tech/decentral1se), [@javielico](https://git.coopcloud.tech/javielico), [@moritz](https://git.coopcloud.tech/moritz)
 * **Status**: `stable`
 * **Category**: Utilities
 * **Features**: ?
@ -42,8 +42,8 @@ subdomains, like
 need to give Traefik access to your DNS provider so that it can carry out
 Letsencrypt DNS challenges.
-1. Use Gandi, OVH, DO, Azure, or PorkBun for DNS 🤡 (support for other providers
+1. Use Gandi, OVH, DO, Azure, PorkBun, or Cloudflare for DNS 🤡 (support for
-   can be easily added, see
+   other providers can be easily added, see
   [the `lego` docs](https://go-acme.github.io/lego/dns/#dns-providers).
 2. Run `abra app config YOURAPPDOMAIN`
 3. Uncomment e.g. `ENABLE_GANDI` and the related `SECRET_.._VERSION` line, e.g.
--- a/compose.cloudflare.yml
+++ b/compose.cloudflare.yml
@ -0,0 +1,18 @@
 version: "3.8"
 services:
  app:
    environment:
      - CLOUDFLARE_EMAIL_FILE=/run/secrets/cf_email
      - CLOUDFLARE_API_KEY_FILE=/run/secrets/cf_api_key
    secrets:
      - cf_email
      - cf_api_key
 secrets:
  cf_email:
    name: ${STACK_NAME}_cf_email_${SECRET_CLOUDFLARE_EMAIL_VERSION}
    external: true
  cf_api_key:
    name: ${STACK_NAME}_cf_api_key_${SECRET_CLOUDFLARE_API_KEY_VERSION}
    external: true
--- a/compose.garage.yml
+++ b/compose.garage.yml
@ -4,4 +4,7 @@ services:
    environment:
      - GARAGE_RPC_ENABLED
    ports:
-      - "3901:3901"
+      - target: 3901
        published: 3901
        protocol: tcp
        mode: host
--- a/compose.yml
+++ b/compose.yml
@ -3,7 +3,7 @@ version: "3.8"
 services:
  app:
-    image: "traefik:v3.6.11"
+    image: "traefik:v3.6.15"
    # Note(decentral1se): *please do not* add any additional ports here.
    # Doing so could break new installs with port conflicts. Please use
    # the usual `compose.$app.yml` approach for any additional ports
@ -55,12 +55,12 @@ services:
        - "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
        - "traefik.http.routers.${STACK_NAME}.service=api@internal"
        - "traefik.http.routers.${STACK_NAME}.middlewares=security@file"
-        - "coop-cloud.${STACK_NAME}.version=5.1.0+v3.6.11"
+        - "coop-cloud.${STACK_NAME}.version=5.1.1+v3.6.15"
        - "coop-cloud.${STACK_NAME}.timeout=${TIMEOUT}"
        - "backupbot.backup=${ENABLE_BACKUPS:-true}"
  socket-proxy:
-    image: lscr.io/linuxserver/socket-proxy:3.2.14
+    image: lscr.io/linuxserver/socket-proxy:3.2.19
    deploy:
      endpoint_mode: dnsrr
    environment:
Author	SHA1	Message	Date
Zigzagill	25cf7862ed	Add Cloudflare as DNS provider (#103 ) Some checks failed continuous-integration/drone/push Build is failing Details <!-- Thank you for doing recipe maintenance work! Please mark all checklist items which are relevant for your changes. Please remove the checklist items which are not relevant for your changes. Feel free to remove this comment. --> * [x] I have deployed and tested my changes LetsEncrypt challenges passed * [x] I have [updated relevant versions in `abra.sh`](https://docs.coopcloud.tech/maintainers/upgrade/#updating-versions-in-the-abrash) No relevant versions to update * [x] I have made my environment variable changes [backwards compatible](https://docs.coopcloud.tech/maintainers/upgrade/#backwards-compatible-environment-variable-changes) Only new env vars were added * [ ] I have added a [release note entry](https://docs.coopcloud.tech/maintainers/upgrade/#creating-new-release-notes) Unsure if this is necessary but I'm happy to add notes if we want them 😄 Reviewed-on: #103 Reviewed-by: p4u1 <p4u1@noreply.git.coopcloud.tech> Reviewed-by: decentral1se <decentral1se@noreply.git.coopcloud.tech> Co-authored-by: Zigzagill <zigzagill@proton.me> Co-committed-by: Zigzagill <zigzagill@proton.me>	2026-05-16 23:37:49 +00:00
Renovate Bot	7fc2cac6ff	chore(deps): update lscr.io/linuxserver/socket-proxy docker tag to v3.2.19 (#101 ) Some checks failed continuous-integration/drone/push Build is failing Details This PR contains the following updates: \| Package \| Update \| Change \| \|---\|---\|---\| \| [lscr.io/linuxserver/socket-proxy](https://github.com/linuxserver/docker-socket-proxy/packages) ([source](https://github.com/linuxserver/docker-socket-proxy)) \| patch \| `3.2.17` -> `3.2.19` \| > ❗ Important > > Release Notes retrieval for this PR were skipped because no github.com credentials were available. > If you are self-hosted, please see [this instruction](https://github.com/renovatebot/renovate/blob/master/docs/usage/examples/self-hosting.md#githubcom-token-for-release-notes). --- ### Configuration 📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied. ♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 Ignore: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MS4xNzMuMSIsInVwZGF0ZWRJblZlciI6IjQxLjE3My4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbXX0=--> Reviewed-on: #101 Reviewed-by: decentral1se <decentral1se@noreply.git.coopcloud.tech> Reviewed-by: p4u1 <p4u1@noreply.git.coopcloud.tech> Co-authored-by: Renovate Bot <renovate@coopcloud.tech> Co-committed-by: Renovate Bot <renovate@coopcloud.tech>	2026-05-16 23:36:24 +00:00
decentral1se	005f0235c0	chore: publish 5.1.1+v3.6.15 release Some checks failed continuous-integration/drone/tag Build is passing Details continuous-integration/drone/push Build is failing Details	2026-05-02 09:37:11 +02:00
decentral1se	7c6dd3f5a5	chore: patch bump for traefik/proxy tags	2026-05-02 09:36:20 +02:00
fauno	440a7f5228	fix: garage ports on host mode (#99 ) Some checks failed continuous-integration/drone/push Build is failing Details <!-- Thank you for doing recipe maintenance work! Please mark all checklist items which are relevant for your changes. Please remove the checklist items which are not relevant for your changes. Feel free to remove this comment. --> * [x] I have deployed and tested my changes * [ ] I have [updated relevant versions in `abra.sh`](https://docs.coopcloud.tech/maintainers/upgrade/#updating-versions-in-the-abrash) * [ ] I have made my environment variable changes [backwards compatible](https://docs.coopcloud.tech/maintainers/upgrade/#backwards-compatible-environment-variable-changes) * [ ] I have added a [release note entry](https://docs.coopcloud.tech/maintainers/upgrade/#creating-new-release-notes) Co-authored-by: f <f@sutty.nl> Reviewed-on: #99 Reviewed-by: p4u1 <p4u1@noreply.git.coopcloud.tech> Reviewed-by: decentral1se <decentral1se@noreply.git.coopcloud.tech> Co-authored-by: fauno <fauno@sutty.coop.ar> Co-committed-by: fauno <fauno@sutty.coop.ar>	2026-04-18 06:13:54 +00:00
decentral1se	74193326fb	chore: add moritz as maintainer Some checks failed continuous-integration/drone/push Build is failing Details	2026-03-25 00:17:14 +01:00
p4u1	57a6aed540	chore: publish 5.1.0+v3.6.11 release (#98 ) Some checks failed continuous-integration/drone/push Build is failing Details Reviewed-on: #98 Reviewed-by: decentral1se <decentral1se@noreply.git.coopcloud.tech>	2026-03-24 21:00:50 +00:00