37 lines
1.2 KiB
Markdown
37 lines
1.2 KiB
Markdown
# Environment Monitoring
|
|
|
|
Dozzle is deployed as a separate Swarm monitoring service.
|
|
|
|
## Production
|
|
|
|
- Swarm mode is enabled with `DOZZLE_MODE=swarm`.
|
|
- The service uses `deploy.mode: global` so one Dozzle task runs on every Swarm node.
|
|
- Dozzle is attached to both `dozzle` and `iklimco-net`.
|
|
- Docker socket is mounted read-only.
|
|
- Simple authentication is enabled with `DOZZLE_AUTH_PROVIDER=simple`.
|
|
- The real `users.yml` must be supplied through Gitea secret `DOZZLE_USERS_YML_B64` or `DOZZLE_USERS_YML`.
|
|
- Prefer `roles: none` for read-only log viewing. Dozzle defaults to full action access when roles are omitted.
|
|
|
|
Generate a bcrypt-backed users file with Dozzle itself:
|
|
|
|
```bash
|
|
docker run -it --rm amir20/dozzle:v10.6.6 generate admin \
|
|
--password '<strong-password>' \
|
|
--email admin@iklim.co \
|
|
--name 'Admin' \
|
|
--user-roles none > users.yml
|
|
```
|
|
|
|
Store the result as either:
|
|
|
|
- `DOZZLE_USERS_YML_B64`: `base64 -w0 users.yml`
|
|
- `DOZZLE_USERS_YML`: raw multiline file content
|
|
|
|
Default public hostname:
|
|
|
|
```text
|
|
dozzle.iklim.co
|
|
```
|
|
|
|
The workflow writes SWAG reverse proxy config, configures APISIX, updates DNS, deploys the Swarm stack, and verifies `iklimco_dozzle`.
|