Securing Your Docker Logs

For enhanced security, you may want to restrict log access to specific individuals. You can configure a private log viewer in your Docker Compose file using open-source tools like Dozzle.

Implementation Steps

  1. Generate Authentication Credentials On your local machine, generate a Dozzle user authority token using the following command: 
    docker run amir20/dozzle generate --name Admin --email me@email.net --password secret admin | base64 -w 1000
    This example creates a user with:
    • Username: “Admin”
    • Password: “secret”
    • Role: “admin”
  2. Configure Dozzle in Docker Compose Add the following services to your Docker Compose file: 
    services:
  # Setup service to initialize user data
  setup:
    image: busybox
    restart: "no"
    volumes:
      - dozzle-data:/dozzle-data/
    command: >
      sh -c 'echo "use authority token" | base64 -d > /dozzle-data/users.yml || true'

  # Dozzle log viewer service
  dozzle:
    container_name: dozzle
    image: amir20/dozzle:latest
    depends_on:
      - setup
    environment:
      - DOZZLE_AUTH_PROVIDER=simple
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - dozzle-data:/data/
    ports:
      - 8080:8080
  3. Access Protected Logs Once deployed, you can access the logs through the container’s public endpoint using the credentials you configured. Only authorized users with the correct username and password will be able to view the logs.