From 24e5018e6ca133dcf473a3a4fddae85e26e43dab Mon Sep 17 00:00:00 2001
From: Dave Conroy <dave@tiredofit.ca>
Date: Fri, 6 Jan 2023 14:24:07 -0800
Subject: [PATCH] Release 7.0.0 - See CHANGELOG.md

---
 CHANGELOG.md                                  |  15 +++
 Dockerfile                                    |  12 +-
 LICENSE                                       |   2 +-
 README.md                                     | 103 +++++++++++-------
 examples/docker-compose.yml                   |  15 +--
 .../assets/defaults/10-cloudflare-companion   |   7 ++
 .../assets/functions/10-cloudflare-companion  |  35 ++++++
 .../etc/cont-init.d/10-cloudflare-companion   |   6 +-
 .../10-cloudflare-companion/run               |   5 +-
 install/usr/sbin/cloudflare-companion         |  61 ++++++-----
 10 files changed, 182 insertions(+), 79 deletions(-)
 create mode 100755 install/assets/defaults/10-cloudflare-companion
 create mode 100755 install/assets/functions/10-cloudflare-companion

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 041c891..deeb0d3 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,18 @@
+## 7.0.0 2023-01-06 <dave at tiredofit dot ca>
+
+This release changes some environment variable names to more explicit variables for this image as opposed to piggybacking off of base image variables. Please review changelog accordingly and make necessary changes by following the variables in the README
+
+   ### Added
+      - [logging] Added Timestamps for Logging. LOG_LEVEL=DEBUG also provides line number of script for troubleshooting
+      - [logging] Add LOG_TYPE (CONSOLE,FILE,BOTH) options for better logging. FILE and BOTH also include log rotation
+      - [runtime] Ability to run as non root - User available is `tcc` by setting environment variable 'TCC_USER' - Will check if it can access Docker Socket and fail if not
+
+   ### Changed
+      - Environment variable SWARM_MODE changes to DOCKER_SWARM_MODE
+      - CONTAINER_LOG_LEVEL changes to LOG_LEVEL
+      - Switch to using packaged Docker python module instead of building ourselves
+
+
 ## 6.10.0 2022-12-14 <dave at tiredofit dot ca>
 
    ### Added
diff --git a/Dockerfile b/Dockerfile
index 376d66e..d58162d 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -11,6 +11,14 @@ ENV CONTAINER_ENABLE_MESSAGING=FALSE \
 
 RUN source /assets/functions/00-container && \
     set -x && \
+    addgroup -S -g 10000 tcc && \
+    adduser -D -S -s /sbin/nologin \
+            -h /dev/null \
+            -G tcc \
+            -g "tcc" \
+            -u 10000 tcc \
+            && \
+    \
     package update && \
     package upgrade && \
     package install .tcc-build-deps \
@@ -26,6 +34,7 @@ RUN source /assets/functions/00-container && \
                 && \
     \
     package install .tcc-run-deps \
+                docker-py \
                 py3-beautifulsoup4 \
                 py3-certifi \
                 py3-chardet \
@@ -43,12 +52,11 @@ RUN source /assets/functions/00-container && \
     pip install \
             cloudflare \
             get-docker-secret \
-            docker[tls] \
             requests \
             && \
     \
     package remove .tcc-build-deps && \
-    package cleanup && \ 
+    package cleanup && \
     rm -rf /root/.cache \
            /root/.cargo
 
diff --git a/LICENSE b/LICENSE
index d333478..35e8726 100644
--- a/LICENSE
+++ b/LICENSE
@@ -1,6 +1,6 @@
 The MIT License (MIT)
 
-Copyright (c) 2020 Dave Conroy
+Copyright (c) 2023 Dave Conroy
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal
diff --git a/README.md b/README.md
index c0693d4..e5ead6e 100644
--- a/README.md
+++ b/README.md
@@ -9,7 +9,7 @@
 
 ## About
 
-This builds a Docker image to automatically update Cloudflare DNS records upon container start. A time saver if you are regularly moving containers around to different systems. This will allow you to set multiple zone's you wish to update.
+This will build a Docker image to automatically update [Cloudflare](https://www.cloudflare.com/) DNS records upon container start when using [Traefik](https://github.com/traefik/traefik) as a Reverse Proxy.
 
 ## Maintainer
 
@@ -30,6 +30,10 @@ This builds a Docker image to automatically update Cloudflare DNS records upon c
   - [Persistent Storage](#persistent-storage)
   - [Environment Variables](#environment-variables)
     - [Base Images used](#base-images-used)
+    - [Container Options](#container-options)
+    - [Docker Options](#docker-options)
+    - [Cloudflare Options](#cloudflare-options)
+    - [Traefik Options](#traefik-options)
     - [Docker Secrets](#docker-secrets)
   - [Discovery](#discovery)
     - [Docker](#docker)
@@ -112,39 +116,61 @@ Be sure to view the following repositories to understand all the customizable op
 | ------------------------------------------------------ | -------------------------------------- |
 | [OS Base](https://github.com/tiredofit/docker-alpine/) | Customized Image based on Alpine Linux |
 
+#### Container Options
+
+| Parameter   | Description                                                         | Default   |
+| ----------- | ------------------------------------------------------------------- | --------- |
+| `DRY_RUN`   | Perform a test run without making any changes `TRUE` or `FALSE`     | `FALSE`   |
+| `LOG_LEVEL` | Logging Level `INFO` `VERBOSE` `DEBUG`                              | `INFO`    |
+| `LOG_TYPE`  | Log Type `CONSOLE` `FILE` `BOTH`                                    | `BOTH`    |
+| `LOG_FILE`  | Log Filename                                                        | `tcc.log` |
+| `LOG_PATH`  | Log Path                                                            | `/logs/`  |
+| `TCC_USER`  | User to run application as (there is a user `tcc` that can be used) | `root`    |
+
+#### Docker Options
+
+| Parameter           | Description                                                                             | Default                      |
+| ------------------- | --------------------------------------------------------------------------------------- | ---------------------------- |
+| `DOCKER_ENTRYPOINT` | Docker Entrypoint default (local mode)                                                  | `unix://var/run/docker.sock` |
+| `DOCKER_HOST`       | (optional) If using tcp connection e.g. `tcp://111.222.111.32:2376`                     |                              |
+| `DOCKER_CERT_PATH`  | (optional) If using tcp connection with TLS - Certificate location e.g. `/docker-certs` |                              |
+| `DOCKER_SWARM_MODE` | Enable Docker Swarm Mode `TRUE` or `FALSE`                                              | `FALSE`                      |
+| `DOCKER_TLS_VERIFY` | (optional) If using tcp conneciton to socket Verify TLS                                 | `1`                          |
+
+#### Cloudflare Options
+
+| Parameter                      | Description                                                                                                                                          | Default |
+| ------------------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------- | ------- |
+| `CF_EMAIL`                     | Email address tied to Cloudflare Account - Leave Blank for Scoped API                                                                                |         |
+| `CF_TOKEN`                     | API Token for the Domain                                                                                                                             |         |
+| `TARGET_DOMAIN`                | Destination Host to forward records to e.g. `host.example.com`                                                                                       |         |
+| `DOMAIN1`                      | Domain 1 you wish to update records for.                                                                                                             |         |
+| `DOMAIN1_ZONE_ID`              | Domain 1 Zone ID from Cloudflare                                                                                                                     |         |
+| `DOMAIN1_PROXIED`              | Domain 1 True or False if proxied                                                                                                                    |         |
+| `DOMAIN1_TARGET_DOMAIN`        | (optional specify target_domain for Domain 1, overriding the default value from TARGET_DOMAIN)                                                       |         |
+| `DOMAIN1_EXCLUDED_SUB_DOMAINS` | (optional specify sub domain trees to be ignored in lables) ex: `DOMAIN1_EXCLUDED_SUB_DOMAINS=int` would not create a CNAME for `*.int.example.com`  |         |
+| `DOMAIN2`                      | (optional Domain 2 you wish to update records for.)                                                                                                  |         |
+| `DOMAIN2_ZONE_ID`              | Domain 2 Zone ID from Cloudflare                                                                                                                     |         |
+| `DOMAIN2_PROXIED`              | Domain 1 True or False if proxied                                                                                                                    |         |
+| `DOMAIN2_TARGET_DOMAIN`        | (optional specify target_domain for Domain 2, overriding the default value from TARGET_DOMAIN)                                                       |         |
+| `DOMAIN2_EXCLUDED_SUB_DOMAINS` | (optional specify sub domain trees to be ignored in lables) ex: `DOMAIN2_EXCLUDED_SUB_DOMAINS=int` would not create a CNAME for `*.int.example2.com` |         |
+| `DOMAIN3....`                  | And so on..                                                                                                                                          |         |
+| `DEFAULT_TTL`                  | TTL to apply to records                                                                                                                              | `1`     |
+
+#### Traefik Options
+
+| Parameter                  | Description                                                                      | Default |
+| -------------------------- | -------------------------------------------------------------------------------- | ------- |
+| `TRAEFIK_VERSION`          | What version of Traefik do you want to work against - `1` or `2`                 | `2`     |
+| `ENABLE_TRAEFIK_POLL`      | Enable Traefik Polling Mode `TRUE` or `FALSE`                                    | `FALSE` |
+| `TRAEFIK_POLL_URL`         | (optional) If using Traefik Polling mode - URL to Traefik API endpoint           |         |
+| `TRAEFIK_POLL_SECONDS`     | (optional) If using Traefik Polling mode - Seconds to delay between poll attemps | `60`    |
+| `TRAEFIK_INCLUDED_HOST1`   | (optional) If using Traefik Polling mode - Regex patterns for hosts to include   | `.*`    |
+| `TRAEFIK_INCLUDED_HOST...` | (optional traefik host include pattern 2 - N)                                    |         |
+| `TRAEFIK_EXCLUDED_HOST1`   | (optional) If using Traefik Polling mode - Regex patterns for hosts to exclude   |         |
+| `TRAEFIK_EXCLUDED_HOST...` | (optional traefik host exclude pattern 2 - N)                                    |         |
+| `REFRESH_ENTRIES`          | If record exists, update entry with new values `TRUE` or `FALSE`                 | `FALSE` |
 
-| Parameter                      | Description                                                                                                                                          | Default                      |
-| ------------------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------- |
-| `TRAEFIK_VERSION`              | What version of Traefik do you want to work against - `1` or `2`                                                                                     | `2`                          |
-| `DOCKER_ENTRYPOINT`            | Docker Entrypoint default (local mode)                                                                                                               | `unix://var/run/docker.sock` |
-| `DOCKER_HOST`                  | (optional) If using tcp connection e.g. `tcp://111.222.111.32:2376`                                                                                  |                              |
-| `DOCKER_CERT_PATH`             | (optional) If using tcp connection with TLS - Certificate location e.g. `/docker-certs`                                                              |                              |
-| `DOCKER_TLS_VERIFY`            | (optional) If using tcp conneciton to socket Verify TLS                                                                                              | `1`                          |
-| `REFRESH_ENTRIES`              | If record exists, update entry with new values `TRUE` or `FALSE`                                                                                     | `FALSE`                      |
-| `SWARM_MODE`                   | Enable Docker Swarm Mode `TRUE` or `FALSE`                                                                                                           | `FALSE`                      |
-| `ENABLE_TRAEFIK_POLL`          | Enable Traefik Polling Mode `TRUE` or `FALSE`                                                                                                        | `FALSE`                      |
-| `TRAEFIK_POLL_URL`             | (optional) If using Traefik Polling mode - URL to Traefik API endpoint                                                                               |                              |
-| `TRAEFIK_POLL_SECONDS`         | (optional) If using Traefik Polling mode - Seconds to delay between poll attemps                                                                     | `60`                         |
-| `TRAEFIK_INCLUDED_HOST1`       | (optional) If using Traefik Polling mode - Regex patterns for hosts to include                                                                       | `.*`                         |
-| `TRAEFIK_INCLUDED_HOST...`     | (optional traefik host include pattern 2 - N)                                                                                                        |                              |
-| `TRAEFIK_EXCLUDED_HOST1`       | (optional) If using Traefik Polling mode - Regex patterns for hosts to exclude                                                                       |                              |
-| `TRAEFIK_EXCLUDED_HOST...`     | (optional traefik host exclude pattern 2 - N)                                                                                                        |                              |
-| `DRY_RUN`                      | Enable Dry Run Mode `TRUE` or `FALSE`                                                                                                                | `FALSE`                      |
-| `CF_EMAIL`                     | Email address tied to Cloudflare Account - Leave Blank  for Scoped API                                                                               |                              |
-| `CF_TOKEN`                     | API Token for the Domain                                                                                                                             |                              |
-| `DEFAULT_TTL`                  | TTL to apply to records                                                                                                                              | `1`                          |
-| `TARGET_DOMAIN`                | Destination Host to forward records to e.g. `host.example.com`                                                                                       |                              |
-| `DOMAIN1`                      | Domain 1 you wish to update records for.                                                                                                             |                              |
-| `DOMAIN1_ZONE_ID`              | Domain 1 Zone ID from Cloudflare                                                                                                                     |                              |
-| `DOMAIN1_PROXIED`              | Domain 1 True or False if proxied                                                                                                                    |                              |
-| `DOMAIN1_TARGET_DOMAIN`        | (optional specify target_domain for Domain 1, overriding the default value from TARGET_DOMAIN)                                                       |                              |
-| `DOMAIN1_EXCLUDED_SUB_DOMAINS` | (optional specify sub domain trees to be ignored in lables) ex: `DOMAIN1_EXCLUDED_SUB_DOMAINS=int` would not create a CNAME for `*.int.example.com`  |                              |
-| `DOMAIN2`                      | (optional Domain 2 you wish to update records for.)                                                                                                  |                              |
-| `DOMAIN2_ZONE_ID`              | Domain 2 Zone ID from Cloudflare                                                                                                                     |                              |
-| `DOMAIN2_PROXIED`              | Domain 1 True or False if proxied                                                                                                                    |                              |
-| `DOMAIN2_TARGET_DOMAIN`        | (optional specify target_domain for Domain 2, overriding the default value from TARGET_DOMAIN)                                                       |                              |
-| `DOMAIN2_EXCLUDED_SUB_DOMAINS` | (optional specify sub domain trees to be ignored in lables) ex: `DOMAIN2_EXCLUDED_SUB_DOMAINS=int` would not create a CNAME for `*.int.example2.com` |                              |
-| `DOMAIN3....`                  | And so on..                                                                                                                                          |                              |
 
 #### Docker Secrets
 
@@ -163,8 +189,8 @@ The supported labels are:
 
 | Traefik Version | Single Host                                                       | Multiple Host                                                               |
 | --------------- | ----------------------------------------------------------------- | --------------------------------------------------------------------------- |
-| 1               | `traefik.normal.frontend.rule=Host:example1.domain.tld`           | `traefik.normal.frontend.rule=Host:example1.domain.tld,example2.domain.tld` |
-| 2               | ``traefik.http.routers.example.rule=Host(`example1.domain.tld`)`` | ``traefik.http.routers.example.rule=Host(`example1.domain.tld`)             |  | Host(`example2.domain.tld`)`` |
+| `1`             | `traefik.normal.frontend.rule=Host:example1.domain.tld`           | `traefik.normal.frontend.rule=Host:example1.domain.tld,example2.domain.tld` |
+| `2`             | ``traefik.http.routers.example.rule=Host(`example1.domain.tld`)`` | ``traefik.http.routers.example.rule=Host(`example1.domain.tld`)             |  | Host(`example2.domain.tld`)`` |
 
 #### Docker Swarm
 
@@ -174,8 +200,8 @@ The supported labels are:
 
 | Traefik Version | Single Host                                                       | Multiple Host                                                               |
 | --------------- | ----------------------------------------------------------------- | --------------------------------------------------------------------------- |
-| 1               | `traefik.normal.frontend.rule=Host:example1.domain.tld`           | `traefik.normal.frontend.rule=Host:example1.domain.tld,example2.domain.tld` |
-| 2               | ``traefik.http.routers.example.rule=Host(`example1.domain.tld`)`` | ``traefik.http.routers.example.rule=Host(`example1.domain.tld`)             |  | Host(`example2.domain.tld`)`` |
+| `1`             | `traefik.normal.frontend.rule=Host:example1.domain.tld`           | `traefik.normal.frontend.rule=Host:example1.domain.tld,example2.domain.tld` |
+| `2`             | ``traefik.http.routers.example.rule=Host(`example1.domain.tld`)`` | ``traefik.http.routers.example.rule=Host(`example1.domain.tld`)             |  | Host(`example2.domain.tld`)`` |
 
 #### Traefik Polling
 
@@ -216,7 +242,8 @@ docker exec -it (whatever your container name is e.g. traefik-cloudflare-compani
 These images were built to serve a specific need in a production environment and gradually have had more functionality added based on requests from the community.
 ### Usage
 - The [Discussions board](../../discussions) is a great place for working with the community on tips and tricks of using this image.
-- Consider [sponsoring me](https://github.com/sponsors/tiredofit) personalized support.
+- Consider [sponsoring me](https://github.com/sponsors/tiredofit) for personalized support.
+
 ### Bugfixes
 - Please, submit a [Bug Report](issues/new) if something isn't working as expected. I'll do my best to issue a fix in short order.
 
diff --git a/examples/docker-compose.yml b/examples/docker-compose.yml
index ad34e85..068416c 100644
--- a/examples/docker-compose.yml
+++ b/examples/docker-compose.yml
@@ -1,12 +1,16 @@
-version: '3.7'
 services:
-
   cloudflare-companion:
     image: tiredofit/traefik-cloudflare-companion
     container_name: cloudflare-companion
     volumes:
-      - /var/run/docker.sock:/var/run/docker.sock:ro
+      - ./logs:/logs
+      - /var/run/docker.sock:/var/run/docker.sock
     environment:
+      - TIMEZONE=America/Vancouver
+
+      - LOG_TYPE=BOTH
+      - LOG_LEVEL=INFO
+
       - TRAEFIK_VERSION=2
       - CF_EMAIL=email@example.com
       - CF_TOKEN=fbSx3dk3A3mJ6UukLQ7zRbo63H5UdsGSCqQnTvbJDgyQaTp
@@ -18,12 +22,9 @@ services:
       #- DOCKER_CERT_PATH=/docker-certs
       #- DOCKER_TLS_VERIFY=1
     networks:
-    - internal
-    - services
+      - services
     restart: always
 
 networks:
-  internal:
-    external: false
   services:
     external: true
diff --git a/install/assets/defaults/10-cloudflare-companion b/install/assets/defaults/10-cloudflare-companion
new file mode 100755
index 0000000..8046176
--- /dev/null
+++ b/install/assets/defaults/10-cloudflare-companion
@@ -0,0 +1,7 @@
+#!/command/with-contenv bash
+
+DOCKER_ENTRYPOINT=${DOCKER_ENTRYPOINT:-"unix:///var/run/docker.sock"}
+LOG_FILE=${LOG_FILE:-"tcc.log"}
+LOG_PATH=${LOG_PATH:-"/logs/"}
+LOG_TYPE=${LOG_TYPE:-"BOTH"}
+TCC_USER=${TCC_USER:-"root"}
\ No newline at end of file
diff --git a/install/assets/functions/10-cloudflare-companion b/install/assets/functions/10-cloudflare-companion
new file mode 100755
index 0000000..cb12f6b
--- /dev/null
+++ b/install/assets/functions/10-cloudflare-companion
@@ -0,0 +1,35 @@
+#!/command/with-contenv bash
+
+bootstrap_filesystem() {
+    case "${LOG_TYPE,,}" in
+        both | file )
+            print_debug "[bootstrap_filesystem] Logging to file at '${LOG_PATH}/${LOG_FILE}'"
+            if [ ! -d "${LOG_PATH}" ] ; then
+                mkdir -p "${LOG_PATH}"
+            fi
+            if [ $(stat -c %U "${LOG_PATH}") != "${TCC_USER}" ] ; then chown "${TCC_USER}":"${TCC_USER}" "${LOG_PATH}" ; fi
+            if [ ! -f "${LOG_PATH}"/"${LOG_FILE}" ] ; then
+                sudo -u "${TCC_USER}" touch "${LOG_PATH}"/"${LOG_FILE}"
+            fi
+            create_logrotate tcc "${LOG_PATH}"/"${LOG_FILE}" "${TCC_USER}" "${TCC_USER}" tcc
+            if [ "$(stat -c %U "${LOG_PATH}"/"${LOG_FILE}")" != "${TCC_USER}" ] ; then chown "${TCC_USER}":"${TCC_USER}" "${LOG_PATH}"/"${LOG_FILE}" ; fi
+        ;;
+    esac
+}
+
+sanity_test() {
+    if [ -z "${DOCKER_HOST}" ] && [ "${TCC_USER}" != "root" ] ; then
+        if [ "$(echo "${DOCKER_ENTRYPOINT}" | sed -e 's,^\(.*://\).*,\1,g')" = "unix://" ] ; then
+            docker_socket="$(echo "${DOCKER_ENTRYPOINT}" | sed 's/^\s*.*:\/\///g'})"
+            if [ "$(stat -c %F "${docker_socket}")" = "socket" ] && [ "$(sudo -u "${TCC_USER}" test -r "${docker_socket}")" ] ; then
+                print_debug "[sanity_test] Can access Docker socket at '${docker_socket}' as user '${TCC_USER}'"
+            else
+                print_error "[sanity_test] Can't access Docker socket at '${docker_socket}' as user '${TCC_USER}'"
+            exit 1
+            fi
+        fi
+    fi
+
+    sanity_var TARGET_DOMAIN "Target Domain"
+    sanity_var DOMAIN1 "Domain 1"
+}
diff --git a/install/etc/cont-init.d/10-cloudflare-companion b/install/etc/cont-init.d/10-cloudflare-companion
index a99458d..60f6912 100755
--- a/install/etc/cont-init.d/10-cloudflare-companion
+++ b/install/etc/cont-init.d/10-cloudflare-companion
@@ -4,8 +4,6 @@ source /assets/functions/00-container
 prepare_service single
 PROCESS_NAME="traefik-cloudflare-companion"
 
-### Sanity Test
-sanity_var TARGET_DOMAIN "Target Domain"
-sanity_var DOMAIN1 "Domain 1"
-
+bootstrap_filesystem
+sanity_test
 liftoff
diff --git a/install/etc/services.available/10-cloudflare-companion/run b/install/etc/services.available/10-cloudflare-companion/run
index 6125a19..c1e16e0 100755
--- a/install/etc/services.available/10-cloudflare-companion/run
+++ b/install/etc/services.available/10-cloudflare-companion/run
@@ -1,6 +1,7 @@
 #!/command/with-contenv bash
 
 source /assets/functions/00-container
+prepare_service defaults single
 PROCESS_NAME="traefik-cloudflare-companion"
 
 check_container_initialized
@@ -8,4 +9,6 @@ check_service_initialized init
 liftoff
 
 print_start "Starting Traefik Cloudflare Companion"
-exec python3 -u /usr/sbin/cloudflare-companion
+exec s6-setuidgid "${TCC_USER}" \
+                                python3 \
+                                        -u /usr/sbin/cloudflare-companion
diff --git a/install/usr/sbin/cloudflare-companion b/install/usr/sbin/cloudflare-companion
index 40e91bc..88be7ae 100755
--- a/install/usr/sbin/cloudflare-companion
+++ b/install/usr/sbin/cloudflare-companion
@@ -7,23 +7,28 @@ from get_docker_secret import get_docker_secret
 import atexit
 import CloudFlare
 import docker
+import logging
+from logging.handlers import RotatingFileHandler
+from logging import handlers
 import os
 import re
 import requests
-import logging
+import sys
 import time
 import threading
 from urllib.parse import urlparse
 
+DRY_RUN = os.environ.get('DRY_RUN', "FALSE")
 DEFAULT_TTL = os.environ.get('DEFAULT_TTL', "1")
-SWARM_MODE = os.environ.get('SWARM_MODE', "FALSE")
+DOCKER_SWARM_MODE = os.environ.get('DOCKER_SWARM_MODE', "FALSE")
 ENABLE_TRAEFIK_POLL = os.environ.get('ENABLE_TRAEFIK_POLL', "FALSE")
+LOGFILE = os.environ.get('LOG_PATH', "/logs") + '/' + os.environ.get('LOG_FILE', "tcc.log")
+LOG_LEVEL = os.environ.get('LOG_LEVEL', "INFO")
+LOG_TYPE = os.environ.get('LOG_TYPE', "BOTH")
 REFRESH_ENTRIES = os.environ.get('REFRESH_ENTRIES', "FALSE")
-TRAEFIK_VERSION = os.environ.get('TRAEFIK_VERSION', "2")
-TRAEFIK_POLL_URL = os.environ.get('TRAEFIK_POLL_URL', None)
 TRAEFIK_POLL_SECONDS = int(os.environ.get('TRAEFIK_POLL_SECONDS', "60"))
-CONTAINER_LOG_LEVEL = os.environ.get('CONTAINER_LOG_LEVEL', "INFO")
-DRY_RUN = os.environ.get('DRY_RUN', "FALSE")
+TRAEFIK_POLL_URL = os.environ.get('TRAEFIK_POLL_URL', None)
+TRAEFIK_VERSION = os.environ.get('TRAEFIK_VERSION', "2")
 
 # set up logging
 logger = logging.getLogger(__name__)
@@ -31,31 +36,34 @@ DEBUG = False
 VERBOSE = False
 date_fmt = "%Y-%m-%dT%H:%M:%S%z"
 
-if CONTAINER_LOG_LEVEL.upper() == "DEBUG":
+if LOG_LEVEL.upper() == "DEBUG":
     logger.setLevel(logging.DEBUG)
     fmt = "%(asctime)s %(levelname)s %(lineno)d | %(message)s"
     DEBUG = True
 
-if CONTAINER_LOG_LEVEL.upper() == "VERBOSE":
+if LOG_LEVEL.upper() == "VERBOSE":
     logger.setLevel(logging.DEBUG)
     fmt = "%(asctime)s %(levelname)s | %(message)s"
     DEBUG = True
     VERBOSE = True
 
-if CONTAINER_LOG_LEVEL.upper() == "NOTICE":
+if LOG_LEVEL.upper() == "NOTICE" or LOG_LEVEL.upper() == "INFO":
+    logger.setLevel(logging.INFO)
     fmt = "%(asctime)s %(levelname)s | %(message)s"
 
-if CONTAINER_LOG_LEVEL.upper() == "INFO":
-    fmt = "%(asctime)s %(levelname)s | %(message)s"
+if LOG_TYPE.upper() == "CONSOLE" or LOG_TYPE.upper() == "BOTH":
+    ch = logging.StreamHandler(sys.stdout)
+    formatter = logging.Formatter(fmt, date_fmt)
+    ch.setFormatter(formatter)
+    logger.addHandler(ch)
 
-ch = logging.StreamHandler()
-formatter = logging.Formatter(fmt, date_fmt)
-ch.setFormatter(formatter)
-logger.addHandler(ch)
+if LOG_TYPE.upper() == "FILE" or LOG_TYPE.upper() == "BOTH":
+    fh = handlers.logging.FileHandler(LOGFILE)
+    fh.setFormatter(formatter)
+    logger.addHandler(fh)
 
 synced_mappings = {}
 
-
 class RepeatedTimer(object):
     def __init__(self, interval, function, *args, **kwargs):
         self._timer = None
@@ -374,7 +382,7 @@ def get_initial_mappings(included_hosts, excluded_hosts):
         elif TRAEFIK_VERSION == "2":
             add_to_mappings(mappings, check_container_t2(c))
 
-    if SWARM_MODE:
+    if DOCKER_SWARM_MODE:
         logger.debug("Service List Discovery Loop")
         for s in api.services():
             full_serv_id = s["ID"]
@@ -446,10 +454,10 @@ if REFRESH_ENTRIES.lower() == "true":
 elif REFRESH_ENTRIES.lower() == "false":
     REFRESH_ENTRIES = False
 
-if SWARM_MODE.lower() == "true":
-    SWARM_MODE = True
-elif SWARM_MODE.lower() == "false":
-    SWARM_MODE = False
+if DOCKER_SWARM_MODE.lower() == "true":
+    DOCKER_SWARM_MODE = True
+elif DOCKER_SWARM_MODE.lower() == "false":
+    DOCKER_SWARM_MODE = False
 
 if ENABLE_TRAEFIK_POLL.lower() == "true":
     ENABLE_TRAEFIK_POLL = True
@@ -458,10 +466,11 @@ elif ENABLE_TRAEFIK_POLL.lower() == "false":
 
 if DRY_RUN:
     logger.warning("Dry Run: %s", DRY_RUN)
-logger.debug("Swarm Mode: %s", SWARM_MODE)
+logger.debug("Swarm Mode: %s", DOCKER_SWARM_MODE)
 logger.debug("Refresh Entries: %s", REFRESH_ENTRIES)
 logger.debug("Traefik Version: %s", TRAEFIK_VERSION)
 logger.debug("Default TTL: %s", DEFAULT_TTL)
+
 if not email:
     logger.debug("API Mode: Scoped")
     cf = CloudFlare.CloudFlare(debug=VERBOSE, token=token)
@@ -486,7 +495,7 @@ logger.debug("Traefik Polling Mode: %s", False)
 
 client = docker.from_env()
 
-if SWARM_MODE:
+if DOCKER_SWARM_MODE:
     DOCKER_HOST = os.environ.get('DOCKER_HOST', None)
     api = docker.APIClient(base_url=DOCKER_HOST)
 
@@ -512,17 +521,17 @@ for event in client.events(since=t, filters={'Type': 'service', 'Action': u'upda
         try:
             if TRAEFIK_VERSION == "1":
                 add_to_mappings(new_mappings, check_container_t1(client.containers.get(event.get(u'id'))))
-                if SWARM_MODE:
+                if DOCKER_SWARM_MODE:
                     add_to_mappings(new_mappings, check_service_t1(client.services.get(event.get(u'id'))))
             elif TRAEFIK_VERSION == "2":
                 add_to_mappings(new_mappings, check_container_t2(client.containers.get(event.get(u'id'))))
-                if SWARM_MODE:
+                if DOCKER_SWARM_MODE:
                     add_to_mappings(new_mappings, check_service_t2(client.services.get(event.get(u'id'))))
 
         except docker.errors.NotFound as e:
             pass
 
-    if SWARM_MODE:
+    if DOCKER_SWARM_MODE:
         if event.get(u'Action') == u'update':
             try:
                 if TRAEFIK_VERSION == "1":