Protect your container logs with password authentication using Dozzle. This inline Docker Compose configuration requires no external files or volume mounts.
Implementation Steps
-
Generate Authentication Credentials
On your local machine, generate a Dozzle user configuration with escaped dollar signs for Docker Compose:
docker run --rm amir20/dozzle generate \
--name "Admin Name" \
--email [email protected] \
--password secret \
admin | sed 's/\$/\$\$/g'
admin, password: secret) with automatic $ escaping for Docker Compose. The output is ready to paste directly into your configuration.
-
Configure Dozzle in Docker Compose
Copy the output from step 1 and paste it into your docker-compose.yml:
services:
dozzle:
container_name: dozzle
image: amir20/dozzle:latest
environment:
- DOZZLE_AUTH_PROVIDER=simple
volumes:
- /var/run/docker.sock:/var/run/docker.sock
configs:
- source: dozzle_users
target: /data/users.yml
ports:
- 8080:8080
configs:
dozzle_users:
content: |
# Paste the output from step 1 here
users:
admin:
email: [email protected]
name: Admin Name
password: $$2a$$11$$JXzfhhgeNnFME75XzGTxKu46K2KI4OAjEL18HodilKkiBIQt8w9ka
filter: ""
configs directive embeds the authentication data directly in docker-compose.yml without needing external files or additional containers.
-
Access Protected Logs
Once deployed on Phala Cloud, Dozzle will be accessible at:
https://{app-id}-8080.dstack-{node-name}.phala.network
{app-id} with your App ID and {node-name} with your deployment target. You can also find the endpoint in your CVM’s View Details > Network > Endpoint section.
Log in with the secrets (or whatever you set in step 1):
- Username:
admin
- Password:
secret
Only authorized users with valid credentials can view your container logs.
For production environments with advanced requirements, consider using the Loki and Grafana stack for centralized log aggregation, querying, and visualization.
