Configuration
dockmesh uses a minimal configuration approach. Most settings are managed via the web UI under Settings > System. A few bootstrap settings must be set via environment variables before the server starts.
Bootstrap environment variables
Section titled “Bootstrap environment variables”These are set in the systemd service file or Docker environment. They cannot be changed at runtime.
| Variable | Default | Description |
|---|---|---|
DOCKMESH_HTTP_ADDR | :8080 | HTTP listen address |
DOCKMESH_DB_PATH | ./data/dockmesh.db | SQLite database file path |
DOCKMESH_STACKS_ROOT | ./stacks | Root directory for compose files |
DOCKMESH_AGENT_LISTEN | :8443 | mTLS listen address for agents |
DOCKMESH_AGENT_SANS | (empty) | Extra SANs for the agent TLS cert |
Runtime settings (WebGUI)
Section titled “Runtime settings (WebGUI)”These are configured in Settings > System and stored in the database. Changes take effect immediately without restart.
| Setting | Description |
|---|---|
| Reverse Proxy | Enable/disable the embedded Caddy container |
| Vulnerability Scanner | Enable/disable Grype CVE scanning |
| Base URL | Public URL for OIDC callbacks and agent links |
| Agent Public URL | wss:// URL agents use to connect |
Global environment variables
Section titled “Global environment variables”Managed under Environment in the sidebar. These are injected into every stack deploy. Stack-level .env values override globals.
Common variables: TZ, PUID, PGID, database credentials, SMTP settings.