jason/socktop-webterm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6e48c095ab
socktop-webterm/DOCKER_README.md

464 lines
9.8 KiB
Markdown
Raw Normal View History

Initial commit: Socktop WebTerm with k3s deployment - Multi-architecture Docker image (ARM64 + AMD64) - Kubernetes manifests for 3-replica deployment - Traefik ingress configuration - NGINX Proxy Manager integration - ConfigMap-based configuration - Automated build and deployment scripts - Session monitoring tools
2025-11-28 09:31:33 +00:00
# socktop webterm - Docker Deployment
🐳 **Containerized web-based terminal for socktop system monitoring**
This Docker container packages the socktop webterm application with all dependencies, providing an isolated environment for running the beautiful web-based monitoring interface.
## 🎯 What's Inside
- **Debian Trixie Slim** base image
- **Rust webterm server** (built from source)
- **xterm.js 5.5.0** with Catppuccin Frappe theme
- **Alacritty** terminal emulator with transparency
- **FiraCode Nerd Font** for beautiful monospace rendering
- **socktop-agent** installed via APT (port 3001)
- **Supervisor** for process management
- **Security hardening** (non-root user, minimal attack surface)
## 🚀 Quick Start
### Prerequisites
- Docker 20.10+
- Docker Compose 1.29+
- Your configuration files (see below)
### 1. Clone and Navigate
```bash
cd webterm
```
### 2. Set Up Configuration
```bash
# Create configuration files from examples
cd files
cp alacritty.toml.example alacritty.toml
cp catppuccin-frappe.toml.example catppuccin-frappe.toml
cp profiles.json.example profiles.json
```
### 3. Add Your SSH Keys
```bash
# Copy your SSH private keys
cp /path/to/your/rpi-master.pem files/
cp /path/to/your/rpi-worker-*.pem files/
# Set correct permissions (IMPORTANT!)
chmod 600 files/*.pem
```
### 4. Build and Run
**Option A: Use the Quick Start Script (Recommended)**
```bash
./docker-quickstart.sh start
```
This interactive script will:
- Check Docker installation
- Verify configuration files
- Build the image
- Start the container
- Show you the access URL
**Option B: Manual Docker Compose**
```bash
# Build the image
docker-compose build
# Start the container
docker-compose up -d
# View logs
docker-compose logs -f
```
### 5. Access the Application
Open your browser:
```
http://localhost:8082
```
You should see:
- ✨ Beautiful Catppuccin Frappe themed interface
- 🖼️ Terminal window with macOS-style frame
- 🔗 Links to GitHub, Crates.io, and APT repository
- 💻 Terminal automatically running `socktop -P local`
## 📋 Configuration Files
All configuration files go in the `files/` directory and are mounted into the container at runtime.
### Required Files
| File | Description | Source |
|------|-------------|--------|
| `alacritty.toml` | Alacritty terminal config | Copy from example |
| `catppuccin-frappe.toml` | Terminal color theme | Copy from example |
| `profiles.json` | socktop remote profiles | Copy from example |
| `*.pem` | SSH private keys | Your keys |
### Example Configuration
See `files/README.md` for detailed configuration instructions.
**Important**: Always set correct permissions on SSH keys:
```bash
chmod 600 files/*.pem
```
## 🛠️ Management Commands
### Using the Quick Start Script
```bash
./docker-quickstart.sh [COMMAND]
```
Available commands:
- `start` - Build and start the container (default)
- `stop` - Stop the container
- `restart` - Restart the container
- `rebuild` - Rebuild from scratch (no cache)
- `logs` - Show and follow logs
- `shell` - Open bash shell in container
- `status` - Show container status
- `clean` - Remove container and volumes
- `help` - Show help message
### Using Docker Compose Directly
```bash
# Start
docker-compose up -d
# Stop
docker-compose down
# Restart
docker-compose restart
# View logs
docker-compose logs -f
# Rebuild
docker-compose build --no-cache
# Shell access
docker exec -it socktop-webterm bash
```
## 🔍 Troubleshooting
### Container Won't Start
**Check logs:**
```bash
docker-compose logs
```
**Common issues:**
- Missing configuration files in `files/`
- Port 8082 already in use (change in `docker-compose.yml`)
- Incorrect permissions on `.pem` files (must be 600)
### Terminal Not Connecting
**Check socktop-agent status:**
```bash
docker exec socktop-webterm ps aux | grep socktop-agent
```
**View agent logs:**
```bash
docker exec socktop-webterm tail -f /var/log/supervisor/socktop-agent.out.log
```
**Test agent:**
```bash
docker exec socktop-webterm curl http://localhost:3001/health
```
### Configuration Not Loading
**Verify files are mounted:**
```bash
docker exec socktop-webterm ls -la /files
```
**Check if copied to config directories:**
```bash
docker exec socktop-webterm ls -la /home/socktop/.config/alacritty
docker exec socktop-webterm ls -la /home/socktop/.config/socktop
```
### Font Issues
**Verify font installation:**
```bash
docker exec socktop-webterm fc-list | grep -i firacode
```
If missing, rebuild:
```bash
docker-compose build --no-cache
```
## 🔒 Security
### Container Security Features
-**Non-root user**: Application runs as `socktop` user
-**No new privileges**: `security_opt: no-new-privileges:true`
-**Read-only config**: Configuration files mounted read-only
-**Minimal attack surface**: Only necessary ports exposed
-**Resource limits**: CPU and memory limits configured
-**Security updates**: Applied during build
### Best Practices
1. **Never commit SSH keys to git**
```bash
# Already in .gitignore, but verify:
git status files/
```
2. **Use correct permissions**
```bash
chmod 600 files/*.pem # SSH keys
chmod 644 files/*.toml # Config files
chmod 644 files/*.json # JSON files
```
3. **For production**
- Use a reverse proxy (nginx/Traefik) with HTTPS
- Don't expose port 3001 (socktop-agent) externally
- Use firewall rules to restrict port 8082
- Consider adding authentication
4. **Network isolation**
- Container runs in isolated Docker network
- Only exposes necessary ports
- Internal services not exposed
## 📊 Monitoring
### Health Checks
The container includes built-in health checks:
```bash
# Check health status
docker inspect --format='{{.State.Health.Status}}' socktop-webterm
# View health check logs
docker inspect socktop-webterm | jq '.[0].State.Health'
```
### Resource Usage
```bash
# Monitor CPU/Memory
docker stats socktop-webterm
# View detailed stats
docker-compose stats
```
### Logs
```bash
# All logs
docker-compose logs -f
# Specific service
docker exec socktop-webterm tail -f /var/log/supervisor/webterm.out.log
docker exec socktop-webterm tail -f /var/log/supervisor/socktop-agent.out.log
# Export logs
docker cp socktop-webterm:/var/log/supervisor/ ./logs/
```
## 🔧 Advanced Configuration
### Custom Ports
Edit `docker-compose.yml`:
```yaml
ports:
- "8080:8082" # Host:Container
```
### Environment Variables
```yaml
environment:
- TERM=xterm-256color
- TZ=America/New_York
- RUST_LOG=debug # Logging level
```
### Resource Limits
```yaml
deploy:
resources:
limits:
cpus: '4.0'
memory: 2G
```
### Volume Persistence
```yaml
volumes:
- socktop-data:/home/socktop/.local/share/socktop
- ./logs:/var/log/supervisor
```
## 📦 Building for Production
### Multi-Architecture
Build for multiple platforms (AMD64, ARM64):
```bash
docker buildx create --use
docker buildx build --platform linux/amd64,linux/arm64 -t socktop-webterm:latest --push .
```
### Optimized Build
```bash
# Build with specific target
docker build --target production -t socktop-webterm:latest .
# Build with build args
docker build --build-arg RUST_VERSION=1.70 -t socktop-webterm:latest .
```
### Image Size
Current image size: ~1.5GB (includes Rust toolchain, Node.js, fonts)
To reduce size, consider:
- Multi-stage builds (already implemented)
- Removing build dependencies after compilation
- Using Alpine base (requires significant changes)
## 🚢 Deployment Options
### Docker Compose (Recommended)
Already configured in `docker-compose.yml`
### Docker Swarm
```bash
docker stack deploy -c docker-compose.yml socktop
```
### Kubernetes
Example deployment in `DOCKER_DEPLOYMENT.md`
### Standalone Docker
```bash
docker run -d \
--name socktop-webterm \
-p 8082:8082 \
-v $(pwd)/files:/files:ro \
--restart unless-stopped \
socktop-webterm:latest
```
## 📚 Documentation
- **Full Deployment Guide**: `DOCKER_DEPLOYMENT.md` (543 lines of detailed instructions)
- **Configuration Guide**: `files/README.md`
- **Main README**: `README.md`
- **Transparency Guide**: `TRANSPARENCY_GUIDE.md`
- **Catppuccin Styling**: `CATPPUCCIN_STYLING.md`
- **Terminal Window Styling**: `TERMINAL_WINDOW_STYLING.md`
## 🆘 Getting Help
### Check Documentation
1. Read `DOCKER_DEPLOYMENT.md` for comprehensive guide
2. Check `files/README.md` for configuration help
3. Review logs with `docker-compose logs`
### Common Commands Reference
```bash
# Start everything
./docker-quickstart.sh start
# View logs
docker-compose logs -f
# Restart after config change
docker-compose restart
# Full rebuild
./docker-quickstart.sh rebuild
# Shell access for debugging
docker exec -it socktop-webterm bash
# Remove everything
./docker-quickstart.sh clean
```
### Support
- **GitHub Issues**: https://github.com/jasonwitty/socktop/issues
- **Documentation**: https://jasonwitty.github.io/socktop/
- **Source Code**: https://github.com/jasonwitty/socktop
## 🎨 Features
### Beautiful UI
- Catppuccin Frappe color scheme throughout
- Transparent terminal window with backdrop blur
- macOS-style window frame with traffic lights
- Responsive design for all screen sizes
### Terminal Features
- xterm.js 5.5.0 with modern addon system
- Auto-connects to local socktop-agent
- FiraCode Nerd Font with ligature support
- Configurable transparency and blur
### Monitoring
- socktop-agent runs on port 3001 (to avoid conflicts with host machine's agent on port 3000)
- Supports remote host monitoring via SSH
- Profile-based configuration
- Real-time system metrics
## 📝 License
Same as the socktop project.
## 🙏 Credits
- **xterm.js**: https://xtermjs.org/
- **Catppuccin**: https://github.com/catppuccin/catppuccin
- **Alacritty**: https://github.com/alacritty/alacritty
- **socktop**: https://github.com/jasonwitty/socktop
---
**Happy monitoring!** 🚀📊✨
For detailed instructions, see `DOCKER_DEPLOYMENT.md`
Reference in New Issue Copy Permalink