dozzle_n8n_logging/coolify/DEPLOY.md

83 lines
2.9 KiB
Markdown
Raw Permalink Normal View History

# Deploying log-proxy via Coolify
Coolify v4 — Docker Compose service backed by this Forgejo repo.
## Prereqs
- The Forgejo repo `https://repo.rahamafresh.com/kianiadee/dozzle_n8n_logging` is public (already true).
- The target n8n container `n8n-o55elukmxacgp1s2xcwktyam` is running (already true).
- The Docker network `o55elukmxacgp1s2xcwktyam` exists on the host (auto-created by Coolify when n8n was deployed).
## One-time setup in Coolify UI
1. **New Resource** → pick the same project as the n8n service (or any project; visibility-only).
2. Source type: **Public Repository**.
3. Repository URL:
```
https://repo.rahamafresh.com/kianiadee/dozzle_n8n_logging
```
4. Branch: `main`
5. Build pack: **Docker Compose**
6. Docker Compose file location:
```
/coolify/log-proxy.compose.yml
```
7. Domains: **leave empty** (internal-only service; no Traefik route).
8. Deploy.
## What Coolify will do
- Clone the repo into its build workspace.
- Run `docker compose -f coolify/log-proxy.compose.yml build` — builds the image from `log-proxy/Dockerfile`.
- Run `docker compose -f coolify/log-proxy.compose.yml up -d` — starts the container.
- The `n8n_net` external network reference resolves to `o55elukmxacgp1s2xcwktyam`, joining log-proxy to the n8n service network with alias `log-proxy`.
## Verifying
From the host:
```bash
# 1. Container is up and healthy
docker ps --filter 'name=log-proxy' --format 'table {{.Names}}\t{{.Status}}'
# 2. n8n can reach it
docker exec n8n-o55elukmxacgp1s2xcwktyam wget -qO- http://log-proxy:8080/healthz
# Expected: {"ok":true}
# 3. /services returns all allow-listed groups
docker exec n8n-o55elukmxacgp1s2xcwktyam wget -qO- http://log-proxy:8080/services | head -c 600
# 4. Logs since 5 minutes ago for tracksolid
docker exec n8n-o55elukmxacgp1s2xcwktyam sh -c 'wget -qO- "http://log-proxy:8080/logs/tracksolid?since=$(date -d "5 minutes ago" +%s)"' | head -c 500
```
Negative checks (these MUST fail — proves the proxy is read-only):
```bash
# Any non-allow-listed UUID → 404
docker exec n8n-o55elukmxacgp1s2xcwktyam wget -qO- http://log-proxy:8080/logs/garage 2>&1 | head -c 200
# Expected: 404 / "Unknown group"
# No mutating endpoints
docker exec n8n-o55elukmxacgp1s2xcwktyam wget -qO- --method=POST http://log-proxy:8080/services 2>&1 | head -c 200
# Expected: 405 / Method Not Allowed
```
## Redeploying after a change
Any change to `log-proxy/*` or `coolify/log-proxy.compose.yml`:
1. Commit + push to `main`.
2. In Coolify UI: open the log-proxy resource → **Redeploy**.
A webhook-based auto-deploy can be configured later (Coolify → resource → Webhook → register URL on the Forgejo repo).
## Updating groups.yml
`groups.yml` is baked into the image (not a mount). To add or remove a monitored service:
1. Edit `log-proxy/groups.yml`.
2. Commit + push.
3. Redeploy (image rebuilds, container restarts).
4. Clone an n8n Poll workflow for any new group.