Skip to content

App Settings

Jump to bottom
Kim Oliver Drechsel edited this page Jun 28, 2025 · 57 revisions

Available Settings

The application can be configured using the following environment variables:

Note

Settings without a default value are required.

Key Type Description Default value
GIT_ACCESS_TOKEN string Access token for cloning repositories (required for private repositories), see Access Token Setup
GIT_ACCESS_TOKEN_FILE string Path to the file containing the webhook secret (Mutually exclusive with GIT_ACCESS_TOKEN).
WEBHOOK_SECRET string Secret that is used by webhooks for authentication to the application
WEBHOOK_SECRET_FILE string Path to the file containing the Git access token (Mutually exclusive with WEBHOOK_SECRET).
AUTH_TYPE string AuthType is the type of authentication to use when cloning repositories and is added to the clone url before the access token oauth2
TZ string The timezone used in the container and for timestamps in logs UTC
LOG_LEVEL string Log level of the app.
Possible values: debug, info, warn, error 		INFO
HTTP_PORT number Port on which the application will listen for incoming webhooks 80
HTTP_PROXY string HTTP proxy to use for outgoing requests (e.g. http://username:password@proxy.com:8080) (Ignored when not specified)
SKIP_TLS_VERIFICATION boolean Skip TLS verification when cloning repositories. false
DOCKER_QUIET_DEPLOY boolean Disable the status output of Docker Compose deployments (e.g. pull, create, start, healthy) in the application logs true
POLL_CONFIG list A list/array of poll configurations provided in YAML format (see Poll Settings) (Ignored when not specified)
POLL_CONFIG_FILE string Path to the file inside the container containing the poll configurations in YAML format (see Poll Settings) (Ignored when not specified)

Docker-specific Settings

Settings to configure the Docker client used by doco-cd to interact with the Docker daemon. By default, the Docker client will use the settings from the host system.

Note

All of these settings are optional.

Key Type Description
DOCKER_API_VERSION string Overwrites the API version that doco-cd will use to connect to the Docker Daemon (e.g. "1.49")
DOCKER_HOST string The url that doco-cd will use to connect to the Docker Daemon (e.g. tcp://192.168.0.10:2375)
DOCKER_TLS_VERIFY boolean Enable or disable TLS verification
DOCKER_CERT_PATH string The directory from which to load the TLS certificates ("ca.pem", "cert.pem", "key.pem'). The directory has to be accessible from inside the container, e.g. by using a bind mount

Encrypting sensitive data

Doco-CD supports the encryption of sensitive data in your deployment files with SOPS.

See the Encryption wiki page for more information on how to use SOPS with Doco-CD.

Specifying the settings

You can set the settings directly in the docker-compose.yml file with the environment option or in a separate .env file with the env_file option.

Both options can be used at the same time.

With env_file

Example with env_file option:

services:
  app:
    env_file:
      - .env

The settings in the .env file should be in the format KEY=VALUE or KEY: VALUE and separated by a newline.

Example .env file:

GIT_ACCESS_TOKEN: xxx
WEBHOOK_SECRET: xxx

With environment

Example with environment option:

services:
  app:
    environment:
      GIT_ACCESS_TOKEN: xxx
      WEBHOOK_SECRET: xxx

Usage with Docker Secrets

The application can also be configured to use Docker secrets for sensitive information like the Git access token and the webhook secret.

Note

Docker secrets are only fully supported in Docker Swarm mode. You can still use Docker secrets in the normal (standalone) mode, but it is less secure.

To use Docker secrets, you need to create the secrets in Docker and then reference them in the docker-compose.yml file.

Create Docker Secrets

Create Docker secrets (only with Docker Swarm)

echo "<your Git token>" | docker secret create git_access_token -
echo "<random secret>" | docker secret create webhook_secret -

Reference Docker Secrets in docker-compose.yml 

services:
  app:
    container_name: doco-cd
    image: ghcr.io/kimdre/doco-cd:latest
    restart: unless-stopped
    ports:
      - "80:80"
    environment:
      TZ: Europe/Berlin
      # The file name after the /run/secrets/ path is the name of the secret
      GIT_ACCESS_TOKEN_FILE: /run/secrets/git_access_token
      WEBHOOK_SECRET_FILE: /run/secrets/webhook_secret
    # The secret names must match with the secrets: section below
    secrets:
      - git_access_token
      - webhook_secret
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - data:/data

volumes:
  data:

secrets:
  git_access_token:
    external: true
  webhook_secret:
    external: true

Deploy in Docker Swarm mode

To run the application in Docker Swarm mode, you need to use the docker stack deploy command instead of docker compose up.

docker stack deploy -c docker-compose.yml doco-cd

Check the logs

To check the logs of the application, you can use the following command:

docker service logs doco-cd_app

Check the status of the service

To check the status of the service, you can use the following command:

docker service ps doco-cd_app

GitHub Release GitHub Release Date

Doco CD Logo

Clone this wiki locally