From 32c719a6680d9741cf2db264f4ad02f3f82e947a Mon Sep 17 00:00:00 2001 From: kianiadee Date: Sun, 17 May 2026 23:38:47 +0300 Subject: [PATCH] docs(coolify): step-by-step deploy guide for log-proxy --- coolify/DEPLOY.md | 82 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 82 insertions(+) create mode 100644 coolify/DEPLOY.md diff --git a/coolify/DEPLOY.md b/coolify/DEPLOY.md new file mode 100644 index 0000000..817e16c --- /dev/null +++ b/coolify/DEPLOY.md @@ -0,0 +1,82 @@ +# Deploying log-proxy via Coolify + +Coolify v4 — Docker Compose service backed by this Forgejo repo. + +## Prereqs + +- The Forgejo repo `https://repo.rahamafresh.com/kianiadee/dozzle_n8n_logging` is public (already true). +- The target n8n container `n8n-o55elukmxacgp1s2xcwktyam` is running (already true). +- The Docker network `o55elukmxacgp1s2xcwktyam` exists on the host (auto-created by Coolify when n8n was deployed). + +## One-time setup in Coolify UI + +1. **New Resource** → pick the same project as the n8n service (or any project; visibility-only). +2. Source type: **Public Repository**. +3. Repository URL: + ``` + https://repo.rahamafresh.com/kianiadee/dozzle_n8n_logging + ``` +4. Branch: `main` +5. Build pack: **Docker Compose** +6. Docker Compose file location: + ``` + /coolify/log-proxy.compose.yml + ``` +7. Domains: **leave empty** (internal-only service; no Traefik route). +8. Deploy. + +## What Coolify will do + +- Clone the repo into its build workspace. +- Run `docker compose -f coolify/log-proxy.compose.yml build` — builds the image from `log-proxy/Dockerfile`. +- Run `docker compose -f coolify/log-proxy.compose.yml up -d` — starts the container. +- The `n8n_net` external network reference resolves to `o55elukmxacgp1s2xcwktyam`, joining log-proxy to the n8n service network with alias `log-proxy`. + +## Verifying + +From the host: + +```bash +# 1. Container is up and healthy +docker ps --filter 'name=log-proxy' --format 'table {{.Names}}\t{{.Status}}' + +# 2. n8n can reach it +docker exec n8n-o55elukmxacgp1s2xcwktyam wget -qO- http://log-proxy:8080/healthz +# Expected: {"ok":true} + +# 3. /services returns all allow-listed groups +docker exec n8n-o55elukmxacgp1s2xcwktyam wget -qO- http://log-proxy:8080/services | head -c 600 + +# 4. Logs since 5 minutes ago for tracksolid +docker exec n8n-o55elukmxacgp1s2xcwktyam sh -c 'wget -qO- "http://log-proxy:8080/logs/tracksolid?since=$(date -d "5 minutes ago" +%s)"' | head -c 500 +``` + +Negative checks (these MUST fail — proves the proxy is read-only): + +```bash +# Any non-allow-listed UUID → 404 +docker exec n8n-o55elukmxacgp1s2xcwktyam wget -qO- http://log-proxy:8080/logs/garage 2>&1 | head -c 200 +# Expected: 404 / "Unknown group" + +# No mutating endpoints +docker exec n8n-o55elukmxacgp1s2xcwktyam wget -qO- --method=POST http://log-proxy:8080/services 2>&1 | head -c 200 +# Expected: 405 / Method Not Allowed +``` + +## Redeploying after a change + +Any change to `log-proxy/*` or `coolify/log-proxy.compose.yml`: + +1. Commit + push to `main`. +2. In Coolify UI: open the log-proxy resource → **Redeploy**. + +A webhook-based auto-deploy can be configured later (Coolify → resource → Webhook → register URL on the Forgejo repo). + +## Updating groups.yml + +`groups.yml` is baked into the image (not a mount). To add or remove a monitored service: + +1. Edit `log-proxy/groups.yml`. +2. Commit + push. +3. Redeploy (image rebuilds, container restarts). +4. Clone an n8n Poll workflow for any new group.