From 083e29bd3e9df69fc2ab5a5af3353eac402bea1a Mon Sep 17 00:00:00 2001
From: Ryan Malloy <ryan@supported.systems>
Date: Thu, 21 May 2026 11:17:56 -0600
Subject: [PATCH] docker-compose: make VULTR_API_KEY optional

Caddy needs this only for DNS-01 cert renewal via Vultr's API, which
happens within the final 30 days of the cert's 90-day lifetime --
roughly once a quarter. Requiring it to be exported on every `docker
compose up` was friction for routine ops (CoreDNS recreations during
unrelated config changes).

Empty default keeps the stack startable without the key in scope. When
renewal is imminent, set the var properly OR (preferred long-term)
migrate Caddy to caddy-dns/rfc2136 pointing at our own plugin and
retire the Vultr dependency entirely.
---
 docker-compose.yml | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/docker-compose.yml b/docker-compose.yml
index b8746ec..f150f38 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -11,7 +11,13 @@ services:
     environment:
       - CADDY_HOSTNAME=${CADDY_HOSTNAME}
       - ACME_EMAIL=${ACME_EMAIL}
-      - VULTR_API_KEY=${VULTR_API_KEY:?VULTR_API_KEY must be exported in your shell}
+      # Optional: only required for Caddy's DNS-01 cert renewal via Vultr's
+      # API. Cert is valid ~90 days; this env var only matters within the
+      # final 30d renewal window. Empty default keeps `docker compose up`
+      # working without the key in scope. Set it when renewal is imminent,
+      # OR migrate Caddy to caddy-dns/rfc2136 (via our plugin) and retire
+      # the Vultr dependency entirely.
+      - VULTR_API_KEY=${VULTR_API_KEY:-}
     volumes:
       - ./caddy/Caddyfile:/etc/caddy/Caddyfile:ro
       - ./caddy-data:/data