docudjeex/content/3.serveex/4.monitoring/3.speedtest-tracker.md

---
navigation: true
title: Speedtest Tracker
main:
  fluid: false
---
:ellipsis{left=0px width=40rem top=10rem blur=140px}
# Speedtest Tracker

::alert{type="info"}
🎯 **Objectives:**
- Install Speedtest Tracker  
- Expose Speedtest Tracker with SWAG  
::

[Speedtest Tracker](https://docs.speedtest-tracker.dev/) is a container that allows you to schedule regular speed tests in order to log your server's internet connection status.

![speedtest-tracker](/img/serveex/speedtest-tracker.avif)

## Installation
---
::alert{type="info"}
:::list{type="info"}
- We will use the Docker image maintained by [LinuxServer.io](https://docs.linuxserver.io/images/docker-speedtest-tracker/)
:::
::

File structure:

```console
root
└── docker
    └── speedtest-tracker
        └── data
            └── config
```

In a terminal, generate a key using the following command:

```shell
echo -n 'base64:'; openssl rand -base64 32;
```

Take note of the key.

Open Dockge, click on `compose`, name the stack `speedtest-tracker`, then paste the following:

```yaml
---
services:
    speedtest-tracker:
        image: lscr.io/linuxserver/speedtest-tracker:latest
        restart: unless-stopped
        container_name: speedtest-tracker
        ports:
            - ${PORT}$:80
        environment:
            - PUID=${PUID}
            - PGID=${GUID}
            - TZ=Europe/Paris
            - APP_KEY=${API_KEY}
            - DB_CONNECTION=sqlite
            - SPEEDTEST_SCHEDULE=${SCHEDULE}
        volumes:
            - /docker/speedtest-tracker/data/config:/config
```

Find your `PUID` and `GUID` by running the following command:

```shell
id yourusername
```

In the `.env` file, set the variable `API_KEY` with the key you generated and add a cron-style test schedule, as well as your `PUID` and `GUID`, for example:

```properties
SCHEDULE=15 */6 * * * # every 6 hours
KEY=base64:zihejehkj8_nzhY/OjeieR= # your key
PUID=1000
GUID=1000
PORT=3225 # port to access the web UI
```

::alert{type="success"}
✨ **Tip:** You can configure additional environment variables by referring to the [official documentation](https://docs.speedtest-tracker.dev/getting-started/environment-variables).
::

Deploy the container and go to `http://yourserverip:3225`. Log in with the account `admin@exemple.com` and the password `password`. Don’t forget to change your ID and password once logged in!

## Expose Speedtest Tracker
---
::alert{type="info"}
📋 **Prerequisites:**  
We assume that you've already created a subdomain like `speedtest.yourdomain.com` in your [DNS zone](/general/networking/dns) with a `CNAME` pointing to `yourdomain.com`, and [unless you’re using Cloudflare Zero Trust](/serveex/security/cloudflare), you've also forwarded port `443` from your router to port `443` of your server in your [NAT rules](/general/networking/nat).
::

Now we want to expose Speedtest Tracker to the internet so you can access it remotely. We assume you've set up the DNS `CNAME` for `speedtest.yourdomain.com` pointing to `yourdomain.com`.

::alert{type="warning"}
:::list{type="warning"}
- Speedtest Tracker does not use multi-factor authentication. Exposing it on the internet could compromise connected devices. Do so only if you use a multi-factor system like [Authentik](/serveex/security/authentik/). Otherwise, avoid using SWAG and prefer a VPN like [Wireguard](/serveex/security/wireguard).
:::
::

Open the `speedtest.subdomain.conf` file:

```shell
sudo vi /docker/swag/config/nginx/proxy-confs/speedtest.subdomain.conf
```

Configure it like this:

```nginx
## Version 2023/12/19

server {
    listen 443 ssl;
    listen [::]:443 ssl;
    
    server_name speedtest.*;  

    include /config/nginx/ssl.conf;

    client_max_body_size 0;

    #if ($lan-ip = yes) { set $geo-whitelist yes; }
    #if ($geo-whitelist = no) { return 404; }
    if ($geo-blacklist = no) { return 404; } 

    # Authentication options (uncomment as needed)
    #include /config/nginx/ldap-server.conf;
    #include /config/nginx/authelia-server.conf;
    #include /config/nginx/authentik-server.conf;

    location / {
        # Basic auth
        #auth_basic "Restricted";
        #auth_basic_user_file /config/nginx/.htpasswd;

        # Per-location authentication
        #include /config/nginx/ldap-location.conf;
        #include /config/nginx/authelia-location.conf;
        #include /config/nginx/authentik-location.conf;

        include /config/nginx/proxy.conf;
        include /config/nginx/resolver.conf;
        
        set $upstream_app speedtest-tracker;
        set $upstream_port 3225;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
}
```

Save and exit. The configuration will update in a few seconds.

::alert{type="info"}
:::list{type="info"}
- By default, SWAG doesn’t know the name "speedtest-tracker". To allow access, you need to add Speedtest Tracker’s network to SWAG’s `compose.yml`.
:::
::

Go to Dockge, and edit SWAG’s compose to include Speedtest Tracker’s network:

```yaml
services:
  swag:
    container_name: # ...
    # ...
    networks:
      # ...
      - speedtest-tracker

networks:
  # ...
  speedtest-tracker:
    name: speedtest-tracker_default
    external: true
```

Restart the stack by clicking "Deploy" and wait for SWAG to be fully up.

::alert{type="info"}
:::list{type="info"}
- This assumes the Speedtest Tracker network is named `speedtest-tracker_default`. You can verify the connection by visiting SWAG’s dashboard at `http://yourserverip:81`.
:::
::

Wait a moment, then visit `https://speedtest.yourdomain.com` in your browser — you should be redirected to Speedtest Tracker. You can check service status via the dashboard (`http://yourserverip:81` from the local network).

::alert{type="success"}
✨ You can protect this app with Authentik by opening `speedtest.subdomain.conf` and uncommenting  
`include /config/nginx/authentik-server.conf;` and `include /config/nginx/authentik-location.conf;`.  
Don’t forget to [create an application and provider in Authentik](/serveex/security/authentik#protecting-an-app-via-reverse-proxy).
::