docs: update README for TARGETS config and add pre-1.0 notice

2026-02-19 20:09:07 -08:00 · 2026-02-19 20:09:07 -08:00 · 628bba22fe
commit 628bba22fe
parent acae697aa2
1 changed files with 17 additions and 8 deletions
--- a/README.md
+++ b/README.md
@ -1,5 +1,8 @@
 # dnswatcher

+> ⚠️ **Pre-1.0 software.** APIs, configuration, and behavior may change
+> without notice.
+
 dnswatcher is a production DNS and infrastructure monitoring daemon written in
 Go.  It watches configured DNS domains and hostnames for changes, monitors TCP
 port availability, tracks TLS certificate expiry, and delivers real-time
@ -16,10 +19,19 @@ without requiring an external database.

 ## Features

+### Target Classification
+
+All monitored DNS names are provided via a single `DNSWATCHER_TARGETS`
+list.  dnswatcher uses the [Public Suffix List](https://publicsuffix.org/)
+to automatically classify each entry as an apex domain (eTLD+1, e.g.
+`example.com`, `example.co.uk`) or a hostname (subdomain, e.g.
+`www.example.com`).  Apex domains receive NS delegation monitoring;
+hostnames receive per-nameserver record monitoring.  Both receive port
+and TLS checks.
+
 ### DNS Domain Monitoring (Apex Domains)

- Accepts a list of DNS domain names (apex domains, identified via the
-  [Public Suffix List](https://publicsuffix.org/)).
+- Apex domains are identified automatically via the PSL.
 - Every **1 hour**, performs a full iterative trace from root servers to
  discover all authoritative nameservers (NS records) for each domain.
 - Queries **every** discovered authoritative nameserver independently.
@ -195,8 +207,7 @@ the following precedence (highest to lowest):
 | `PORT`                          | HTTP listen port                           | `8080`      |
 | `DNSWATCHER_DEBUG`              | Enable debug logging                       | `false`     |
 | `DNSWATCHER_DATA_DIR`           | Directory for state file                   | `./data`    |
-| `DNSWATCHER_DOMAINS`            | Comma-separated list of apex domains       | `""`        |
-| `DNSWATCHER_HOSTNAMES`          | Comma-separated list of hostnames          | `""`        |
+| `DNSWATCHER_TARGETS`            | Comma-separated list of DNS names to monitor | `""`      |
 | `DNSWATCHER_SLACK_WEBHOOK`      | Slack incoming webhook URL                 | `""`        |
 | `DNSWATCHER_MATTERMOST_WEBHOOK` | Mattermost incoming webhook URL            | `""`        |
 | `DNSWATCHER_NTFY_TOPIC`         | ntfy topic URL                             | `""`        |
@ -214,8 +225,7 @@ the following precedence (highest to lowest):
 PORT=8080
 DNSWATCHER_DEBUG=false
 DNSWATCHER_DATA_DIR=./data
-DNSWATCHER_DOMAINS=example.com,example.org
-DNSWATCHER_HOSTNAMES=www.example.com,api.example.com,mail.example.org
+DNSWATCHER_TARGETS=example.com,example.org,www.example.com,api.example.com,mail.example.org
 DNSWATCHER_SLACK_WEBHOOK=https://hooks.slack.com/services/T.../B.../xxx
 DNSWATCHER_MATTERMOST_WEBHOOK=https://mattermost.example.com/hooks/xxx
 DNSWATCHER_NTFY_TOPIC=https://ntfy.sh/my-dns-alerts
@ -352,8 +362,7 @@ docker build -t dnswatcher .
 docker run -d \
  -p 8080:8080 \
  -v dnswatcher-data:/var/lib/dnswatcher \
-  -e DNSWATCHER_DOMAINS=example.com \
-  -e DNSWATCHER_HOSTNAMES=www.example.com \
+  -e DNSWATCHER_TARGETS=example.com,www.example.com \
  -e DNSWATCHER_NTFY_TOPIC=https://ntfy.sh/my-alerts \
  dnswatcher
 ```