From 446e761eb299e50c8e0a52565573a517c389d50b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Murat=20=C3=96ZDEM=C4=B0R?= <muratozdemir@tarla.io>
Date: Thu, 18 Jun 2026 19:18:31 +0300
Subject: [PATCH] first commit

---
 README.md | 36 ++++++++++++++++++++++++++++++++++++
 1 file changed, 36 insertions(+)
 create mode 100644 README.md

diff --git a/README.md b/README.md
new file mode 100644
index 0000000..d925d43
--- /dev/null
+++ b/README.md
@@ -0,0 +1,36 @@
+# Environment Monitoring
+
+Dozzle is deployed as a separate Swarm monitoring service.
+
+## Production
+
+- Swarm mode is enabled with `DOZZLE_MODE=swarm`.
+- The service uses `deploy.mode: global` so one Dozzle task runs on every Swarm node.
+- Dozzle is attached to both `dozzle` and `iklimco-net`.
+- Docker socket is mounted read-only.
+- Simple authentication is enabled with `DOZZLE_AUTH_PROVIDER=simple`.
+- The real `users.yml` must be supplied through Gitea secret `DOZZLE_USERS_YML_B64` or `DOZZLE_USERS_YML`.
+- Prefer `roles: none` for read-only log viewing. Dozzle defaults to full action access when roles are omitted.
+
+Generate a bcrypt-backed users file with Dozzle itself:
+
+```bash
+docker run -it --rm amir20/dozzle:v10.6.6 generate admin \
+  --password '<strong-password>' \
+  --email admin@iklim.co \
+  --name 'Admin' \
+  --user-roles none > users.yml
+```
+
+Store the result as either:
+
+- `DOZZLE_USERS_YML_B64`: `base64 -w0 users.yml`
+- `DOZZLE_USERS_YML`: raw multiline file content
+
+Default public hostname:
+
+```text
+dozzle.iklim.co
+```
+
+The workflow writes SWAG reverse proxy config, configures APISIX, updates DNS, deploys the Swarm stack, and verifies `iklimco_dozzle`.