---
navigation: true
title: Dozzle
main:
  fluid: false
---
:ellipsis{left=0px width=40rem top=10rem blur=140px}
# Dozzle

::alert{type="info"}
🎯 __Goals:__
- Install Dozzle
- Expose Dozzle with Swag
::

[Dozzle](https://dozzle.dev/) is a container that lets you access logs from your other containers and display them in real time through a user-friendly interface. It's a simple way to browse logs and retrieve information from the history.

![Dozzle](https://blog.unixhost.pro/wp-content/uploads/2023/03/image-5.png)

## Installation
---
Folder structure

```console
root
└── docker
    └── dozzle
        └── data
```

Open Dockge, click on `compose`, name the stack `dozzle`, then copy and paste the following:

```yaml
---
services:
  dozzle:
    container_name: dozzle
    image: amir20/dozzle:latest
    ports:
      - 9135:8080
    env_file:
      - .env
    environment:
      - DOZZLE_HOSTNAME=${DOMAIN}
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
```

::alert{type="success"}
✨ __Tip:__ Add the watchtower label to each container to automate updates

    ```yaml
    services:
      dozzle:
        #...
        labels:
          - com.centurylinklabs.watchtower.enable=true
::

Fill in your domain name in the `.env` file, for example:

```properties
DOMAIN=dozzle.mydomain.com
```

Deploy the container. Go to `http://yourserverip:9135`. Voilà, your Dozzle web UI is up and running!

## Exposing Dozzle with Swag
---

::alert{type="warning"}
:::list{type="warning"}
- Dozzle does not use multi-factor authentication. Exposing Dozzle to the internet could compromise the connected machines. Only do this if you use a multi-factor authentication system like [Authentik](/serveex/security/authentik/). Otherwise, do not expose it with SWAG and instead use a VPN like [Wireguard](/serveex/security/wireguard).
:::
::

You may want to access Dozzle remotely and on all your devices. To do so, we’ll expose Dozzle via Swag.

::alert{type="info"}
📋 __Before you begin:__
<br/><br/>
We assume you have created a subdomain like `dozzle.mydomain.com` in your [DNS zone](/general/networking/dns) with a `CNAME` pointing to `mydomain.com` and that, [unless you're using Cloudflare Zero Trust](/serveex/security/cloudflare), you’ve redirected port `443` from your router to port `443` on your server in your [NAT rules](/general/networking/nat).
::

Go to Dockge and edit the SWAG compose file to add Dozzle’s network:

```yaml
services:
  swag:
     container_name: # ...
      # ... 
     networks:                 # Connects the container to a custom network
      # ...           
      - dozzle                 # Network name declared in the stack
    
networks:                      # Defines the custom network
  # ...
  dozzle:                      # Network name declared in the stack
    name: dozzle_default       # Actual name of the external network
    external: true             # Indicates it's an externally defined network
```

Redeploy the stack by clicking “Deploy” and wait for SWAG to be fully operational.

::alert{type="info"}
:::list{type="info"}
- We assume the Dozzle network name is `dozzle_default`. You can verify the connection is working by visiting the SWAG dashboard at `http://yourserverip:81`.
:::
::

In the Swag folder, create the `dozzle.subdomain.conf` file.

::alert{type="success"}
✨ __Tip:__ You can use [File Browser](/serveex/files/file-browser) to browse and edit files instead of using terminal commands.
::

```shell
sudo vi /docker/swag/config/nginx/proxy-confs/dozzle.subdomain.conf
```
Enter edit mode by pressing `i` and paste the configuration below:

```nginx
## Version 2023/12/19

server {
    listen 443 ssl;
    listen [::]:443 ssl;

    server_name dozzle.*;

    include /config/nginx/ssl.conf;

    client_max_body_size 0;

    #if ($lan-ip = yes) { set $geo-whitelist yes; }
    #if ($geo-whitelist = no) { return 404; }
    if ($geo-blacklist = no) { return 404; }

    # enable for ldap auth (requires ldap-location.conf in the location block)
    #include /config/nginx/ldap-server.conf;

    # enable for Authelia (requires authelia-location.conf in the location block)
    #include /config/nginx/authelia-server.conf;

    # enable for Authentik (requires authentik-location.conf in the location block)
    #include /config/nginx/authentik-server.conf;

    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
        #auth_basic_user_file /config/nginx/.htpasswd;

        # enable for ldap auth (requires ldap-server.conf in the server block)
        #include /config/nginx/ldap-location.conf;

        # enable for Authelia (requires authelia-server.conf in the server block)
        #include /config/nginx/authelia-location.conf;

        # enable for Authentik (requires authentik-server.conf in the server block)
        #include /config/nginx/authentik-location.conf;

        include /config/nginx/proxy.conf;
        include /config/nginx/resolver.conf;
        set $upstream_app dozzle;
        set $upstream_port 8080;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;

    }
}
```

Press `Esc`, then save and exit by typing `:x` and pressing `Enter`.

And there you go, Dozzle is now exposed!

::alert{type="success"}
✨ You can protect this app with Authentik by opening `dozzle.subdomain.conf` and removing the `#` in front of `include /config/nginx/authentik-server.conf;`{lang=nginx} and `include /config/nginx/authentik-location.conf;`{lang=nginx}. Don’t forget to [create an application and a provider in Authentik](/serveex/security/authentik#protecting-an-app-via-reverse-proxy).
::