diff options
author | Wm Salt Hale <salt@altsalt.net> | 2020-12-23 13:18:58 -0800 |
---|---|---|
committer | Wm Salt Hale <salt@altsalt.net> | 2020-12-29 12:49:58 -0800 |
commit | 3cca1d7982093d9652d15c40eac693c9ee7fa19c (patch) | |
tree | 1823f3bb9b8626377782daeacd9fc4cf4837044c | |
parent | 6e6c7e6114794d434bfa61567e0598153b482de0 (diff) |
Add instructions about password protecting Docker
-rw-r--r-- | docs/docker.rst | 69 |
1 files changed, 69 insertions, 0 deletions
diff --git a/docs/docker.rst b/docs/docker.rst index 958c49a3..036ebbc9 100644 --- a/docs/docker.rst +++ b/docs/docker.rst @@ -73,3 +73,72 @@ You can also include Glances container in you own `docker-compose.yml`. Here's a labels: - "traefik.port=61208" - "traefik.frontend.rule=Host:glances.docker.localhost" + +How to protect your Dockerized server (or Web server) with a login/password ? +------------------------------------------------------------------ + +Below are two methods for setting up a login/password to protect Glances running inside a Docker container. + +Option 1 +^^^^^^^^ + +You can enter the running container by entering this command (replacing ``glances_docker`` with the name of your container): + +.. code-block:: console + + docker exec -it glances_docker sh + +and generate the password file (the default login is ``glances``, add the ``--username`` flag if you would like to change it): + +.. code-block:: console + + glances -s --password + +which will prompt you to answer the following questions: + +.. code-block:: console + Define the Glances server password (glances username): + Password (confirm): + Do you want to save the password? [Yes/No]: Yes + +after which you will need to kill the process by entering ``CTRL+C`` (potentially twice), before leaving the container: + +.. code-block:: console + ^C^C + exit + +You will then need to copy the password file to your host machine: + +.. code-block:: console + docker cp glances_docker:/root/.config/glances/glances.pwd ./secrets/glances_password + +and make it visible to your container by adding it to ``docker-compose.yml`` as a ``secret``: + +.. code-block:: yaml + services: + glances: + image: nicolargo/glances:latest + secrets: + - source: glances_password + target: /root/.config/glances/glances.pwd + mode: '0440' + + secrets: + glances_password: + file: ./secrets/glances_password + +Option 2 +^^^^^^^^ + +You can add a ``[passwords]`` block to the Glances configuration file as mentioned elsewhere in the documentation: + +.. code-block:: ini + + [passwords] + # Define the passwords list + # Syntax: host=password + # Where: host is the hostname + # password is the clear password + # Additionally (and optionally) a default password could be defined + localhost=mylocalhostpassword + default=mydefaultpassword |