Djeex/docudjeex
1
1
Fork 0
Code Issues Pull Requests Projects Wiki Activity
Files
a53a42439942781ce67a718df0c8f6df90f126d1
docudjeex/content/3.serveex/4.monitoring/2.dozzle.md
Djeex 876d0a6ff5 Better sh hl
2025-08-10 22:59:47 +00:00

179 lines
5.6 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

---
navigation: true
title: Dozzle
main:
fluid: false
---
:ellipsis{left=0px width=40rem top=10rem blur=140px}
# Dozzle
::alert{type="info"}
🎯 __Goals:__
- Install Dozzle
- Expose Dozzle with Swag
::
[Dozzle](https://dozzle.dev/) is a container that lets you access logs from your other containers and display them in real time through a user-friendly interface. It's a simple way to browse logs and retrieve information from the history.
![Dozzle](https://blog.unixhost.pro/wp-content/uploads/2023/03/image-5.png)
## Installation
---
Folder structure
```sh
root
└── docker
└── dozzle
└── data
```
Open Dockge, click on `compose`, name the stack `dozzle`, then copy and paste the following:
```yaml
---
services:
dozzle:
container_name: dozzle
image: amir20/dozzle:latest
ports:
- 9135:8080
env_file:
- .env
environment:
- DOZZLE_HOSTNAME=${DOMAIN}
volumes:
- /var/run/docker.sock:/var/run/docker.sock
```
::alert{type="success"}
__Tip:__ Add the watchtower label to each container to automate updates
```yaml
services:
dozzle:
#...
labels:
- com.centurylinklabs.watchtower.enable=true
::
Fill in your domain name in the `.env` file, for example:
```properties
DOMAIN=dozzle.mydomain.com
```
Deploy the container. Go to `http://yourserverip:9135`. Voilà, your Dozzle web UI is up and running!
## Exposing Dozzle with Swag
---
::alert{type="warning"}
:::list{type="warning"}
- Dozzle does not use multi-factor authentication. Exposing Dozzle to the internet could compromise the connected machines. Only do this if you use a multi-factor authentication system like [Authentik](/serveex/security/authentik/). Otherwise, do not expose it with SWAG and instead use a VPN like [Wireguard](/serveex/security/wireguard).
:::
::
You may want to access Dozzle remotely and on all your devices. To do so, well expose Dozzle via Swag.
::alert{type="info"}
📋 __Before you begin:__
<br/><br/>
We assume you have created a subdomain like `dozzle.mydomain.com` in your [DNS zone](/general/networking/dns) with a `CNAME` pointing to `mydomain.com` and that, [unless you're using Cloudflare Zero Trust](/serveex/security/cloudflare), youve redirected port `443` from your router to port `443` on your server in your [NAT rules](/general/networking/nat).
::
Go to Dockge and edit the SWAG compose file to add Dozzles network:
```yaml
services:
swag:
container_name: # ...
# ...
networks: # Connects the container to a custom network
# ...
- dozzle # Network name declared in the stack
networks: # Defines the custom network
# ...
dozzle: # Network name declared in the stack
name: dozzle_default # Actual name of the external network
external: true # Indicates it's an externally defined network
```
Redeploy the stack by clicking “Deploy” and wait for SWAG to be fully operational.
::alert{type="info"}
:::list{type="info"}
- We assume the Dozzle network name is `dozzle_default`. You can verify the connection is working by visiting the SWAG dashboard at `http://yourserverip:81`.
:::
::
In the Swag folder, create the `dozzle.subdomain.conf` file.
::alert{type="success"}
✨ __Tip:__ You can use [File Browser](/serveex/files/file-browser) to browse and edit files instead of using terminal commands.
::
```sh
sudo vi /docker/swag/config/nginx/proxy-confs/dozzle.subdomain.conf
```
Enter edit mode by pressing `i` and paste the configuration below:
```nginx
## Version 2023/12/19
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name dozzle.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
#if ($lan-ip = yes) { set $geo-whitelist yes; }
#if ($geo-whitelist = no) { return 404; }
if ($geo-blacklist = no) { return 404; }
# enable for ldap auth (requires ldap-location.conf in the location block)
#include /config/nginx/ldap-server.conf;
# enable for Authelia (requires authelia-location.conf in the location block)
#include /config/nginx/authelia-server.conf;
# enable for Authentik (requires authentik-location.conf in the location block)
#include /config/nginx/authentik-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable for ldap auth (requires ldap-server.conf in the server block)
#include /config/nginx/ldap-location.conf;
# enable for Authelia (requires authelia-server.conf in the server block)
#include /config/nginx/authelia-location.conf;
# enable for Authentik (requires authentik-server.conf in the server block)
#include /config/nginx/authentik-location.conf;
include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf;
set $upstream_app dozzle;
set $upstream_port 8080;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}
```
Press `Esc`, then save and exit by typing `:x` and pressing `Enter`.
And there you go, Dozzle is now exposed!
::alert{type="success"}
✨ You can protect this app with Authentik by opening `dozzle.subdomain.conf` and removing the `#` in front of `include /config/nginx/authentik-server.conf;`{lang=nginx} and `include /config/nginx/authentik-location.conf;`{lang=nginx}. Dont forget to [create an application and a provider in Authentik](/serveex/security/authentik#protecting-an-app-via-reverse-proxy).
::
Reference in New Issue View Git Blame Copy Permalink