---
navigation: true
title: IT Tools
main:
  fluid: false
---
:ellipsis{left=0px width=40rem top=10rem blur=140px}
# IT Tools

::alert{type="info"}
🎯 __Goals:__
- Install IT Tools
- Expose IT Tools with Swag
::

[IT Tools](https://github.com/CorentinTh/it-tools) is a container exposing a web page that provides access to a wide range of development tools.

![IT Tools](/img/serveex/it-tools.png)

## Installation
---

Open Dockge, click on `compose`, name the stack `it-tools`, and paste the following:

```yaml
---
services:
  it-tools:
    container_name: it-tools
    restart: unless-stopped
    image: corentinth/it-tools:latest
    ports:
      - 3222:80
```

::alert{type="success"}
✨ __Tip:__ Add the Watchtower label to each container to enable automatic updates.

    ```yaml
    services:
      it-tools:
        #...
        labels:
          - com.centurylinklabs.watchtower.enable=true
::

Deploy the container and visit `http://yourserverip:3222`. That’s it, your IT Tools web UI instance is up and running!

::alert{type="danger"}
:::list{type="danger"}
- __If it fails:__ check your firewall rules.
:::
::

## Expose IT Tools with Swag
---
You might want to access it remotely on all your devices. To do that, we'll expose IT Tools using Swag.

::alert{type="info"}
:::list{type="info"}
- __Pre-requisite:__ We assume you’ve created a subdomain like `tools.yourdomain.com` in your [DNS zone](/general/networking/dns) with `CNAME` set to `yourdomain.com`. Also, unless you’re using [Cloudflare Zero Trust](/serveex/security/cloudflare), make sure you’ve already forwarded port `443` from your router to port `443` on your server in the [NAT rules](/general/networking/nat).
:::
::

In Dockge, go to the SWAG stack and edit the compose file to add the IT Tools network:

```yaml
services:
  swag:
     container_name: # ...
      # ...
     networks:              # Connects the container to the custom network 
      # ...           
      - it-tools            # Network name as defined in the IT Tools stack
    
networks:                   # Defines the custom network
  # ...
  it-tools:                 # Network name as defined in the IT Tools stack
    name: it-tools_default  # Actual name of the external network
    external: true          # Indicates it's an external network
```

::alert{type="info"}
:::list{type="info"}
- We assume the IT Tools network is named `it-tools_default`. You can check connectivity by visiting the SWAG dashboard at http://yourserverip:81.
:::
::

::alert{type="info"}
:::list{type="info"}
- We also assume the SWAG network is named `swag_default`.
:::
::

Restart the stack by clicking "deploy" and wait for SWAG to be fully operational.

Inside the Swag folders, create the file `tools.subdomain.conf`.

::alert{type="success"}
✨ __Tip:__ You can use [File Browser](/serveex/files/file-browser) to navigate and edit your files instead of using terminal commands.
::

```shell
sudo vi /docker/swag/config/nginx/proxy-confs/tools.subdomain.conf
```

Enter edit mode by pressing `i` and paste the configuration below:

```nginx
## Version 2023/12/19

server {
    listen 443 ssl;
    listen [::]:443 ssl;

    server_name tools.*;

    include /config/nginx/ssl.conf;

    client_max_body_size 0;

    #if ($lan-ip = yes) { set $geo-whitelist yes; }
    #if ($geo-whitelist = no) { return 404; }
    if ($geo-blacklist = no) { return 404; }

    # enable for ldap auth (requires ldap-location.conf in the location block)
    #include /config/nginx/ldap-server.conf;

    # enable for Authelia (requires authelia-location.conf in the location block)
    #include /config/nginx/authelia-server.conf;

    # enable for Authentik (requires authentik-location.conf in the location block)
    #include /config/nginx/authentik-server.conf;

    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
        #auth_basic_user_file /config/nginx/.htpasswd;

        # enable for ldap auth (requires ldap-server.conf in the server block)
        #include /config/nginx/ldap-location.conf;

        # enable for Authelia (requires authelia-server.conf in the server block)
        #include /config/nginx/authelia-location.conf;

        # enable for Authentik (requires authentik-server.conf in the server block)
        #include /config/nginx/authentik-location.conf;

        include /config/nginx/proxy.conf;
        include /config/nginx/resolver.conf;
        set $upstream_app it-tools;
        set $upstream_port 80;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;

    }
}
```

Press `Esc`, then save and exit by typing `:x` and pressing `Enter`.

And that’s it — IT Tools is now exposed!

::alert{type="success"}
✨ __Tip:__ You can secure this app with Authentik by opening `tools.subdomain.conf` and uncommenting the lines `include /config/nginx/authentik-server.conf;` and `include /config/nginx/authentik-location.conf;`. Don’t forget to [create an application and a provider in Authentik](/serveex/security/authentik#protecting-an-app-via-reverse-proxy).
::