疯狂的青蛙[Docker] Ward 单台服务器监控部署
Ward 是一个简单且简约的服务器监控工具,但仅支持单台服务器监控。
Github:https://github.com/Rudolf-Barbu/Ward
主要特性
- 支持自适应设计系统。
- 支持深色主题。
- 仅显示主要信息,显示漂亮的仪表板。
- 使用 OSHI,在所有流行的操作系统上都能很好地工作。
部署环境
- 系统:Debian
- 域名一个,并解析到服务器
- 安装好 Docker、Docker-compose,见VPS部署
- 安装好 Caddy,反向代理
部署
升级 packages,
apt update -yward
创建安装目录,
mkdir -p /root/data/docker/ward
cd /root/data/docker/ward在创建的文件夹下克隆项目并构建镜像,
git clone https://github.com/AntonyLeons/Ward.git
cd Ward
docker build . --tag wardward官方的文件现在少了几个,不能构建了。报错的用这个地址 https://github.com/AntonyLeons/Ward,是有人克隆下载的。
docker 安装
等构建镜像完成之后,直接运行,
docker run --restart unless-stopped -it -d --name ward -p 4000:4000 -e WARD_PORT=4000 -e WARD_THEME=dark --privileged ward直接下载镜像安装,
docker run --restart unless-stopped -it -d --name ward -p 4000:4000 -e WARD_PORT=4000 -e WARD_THEME=dark --privileged antonyleons/ward然后我们用 Chrome 打开 http://IP:4000/ 地址,并在此界面完成基本设置。
-
Server Name随便填,这个就是搭建完后的浏览器地址栏信息;然后可以选择命令主题或者黑暗主题; -
Application Port要填写成刚刚创建 Docker 容器时的自定义端口号。然后点击LAUNCH按钮即可完成基本设置。
注:如果这里填错了的话,可以进入容器内部,修改 setup.ini 文件即可。
docker exec -it ward /bin/shnano setup.ini或者直接停止容器,重建,
docker stop ward
docker rm -f ward docker run --restart unless-stopped -it -d --name ward -p 4000:4000 -e WARD_PORT=4000 -e WARD_THEME=dark --privileged antonyleons/ward这时候我们用 Chrome 打开 http://IP:4000/ 即可访问我们的监控面板了。
docker-compose 安装
下载 docker-compose.yml 文件,
wget https://raw.githubusercontent.com/AntonyLeons/Ward/main/docker-compose.ymlversion: '3.3'
services:
run:
restart: unless-stopped
container_name: ward
ports:
- '4000:4000'
environment:
- WARD_PORT=4000
- WARD_THEME=dark
- WARD_NAME=amaranth-server
privileged: true
image: antonyleons/ward启动,
docker-compose up -d 更新
进入 docker-compose.yml 所在的文件夹,
cd /root/data/docker/ward拉取最新的镜像,
docker-compose pull重新更新当前镜像,
docker-compose up -d卸载
进入 docker-compose 所在的文件夹,
cd /root/data/docker/ward停止容器,此时不会删除映射到本地的数据,
docker-compose down完全删除映射到本地的数据,
cd
rm -rf /root/data/docker/ward反向代理
进入目录 /etc/caddy/sites ,创建并编辑 status.amaranthinking.eu.org.conf ,
# Uncomment this in addition with the import admin_redir statement allow access to the admin interface only from local networks
# (admin_redir) {
# @admin {
# path /admin*
# not remote_ip private_ranges
# }
# redir @admin /
# }
status.amaranthinking.eu.org {
log {
level INFO
output file /root/data/docker/ward/ward.log {
roll_size 10MB
roll_keep 10
}
}
# Uncomment this if you want to get a cert via ACME (Let's Encrypt or ZeroSSL).
# tls {$EMAIL}
# Or uncomment this if you're providing your own cert. You would also use this option
# if you're running behind Cloudflare.
# tls {$SSL_CERT_PATH} {$SSL_KEY_PATH}
# This setting may have compatibility issues with some browsers
# (e.g., attachment downloading on Firefox). Try disabling this
# if you encounter issues.
encode gzip
# Uncomment to improve security (WARNING: only use if you understand the implications!)
# If you want to use FIDO2 WebAuthn, set X-Frame-Options to "SAMEORIGIN" or the Browser will block those requests
header {
# Enable HTTP Strict Transport Security (HSTS)
Strict-Transport-Security "max-age=31536000;"
# Enable cross-site filter (XSS) and tell browser to block detected attacks
X-XSS-Protection "1; mode=block"
# Disallow the site to be rendered within a frame (clickjacking protection)
X-Frame-Options "SAMEORIGIN"
# Prevent search engines from indexing (optional)
X-Robots-Tag "none"
# Server name removing
-Server
}
# Uncomment to allow access to the admin interface only from local networks
# import admin_redir
# Proxy everything to Rocket
reverse_proxy 127.0.0.1:4000 {
# Send the true remote IP to Rocket, so that it can put this in the
# log, so that fail2ban can ban the correct IP.
header_up X-Real-IP {remote_host}
}
}
本作品采用 知识共享署名-相同方式共享 4.0 国际许可协议 进行许可。
评论已关闭