/goaccess-for-nginxproxymanager

GoAccess Docker Image for Nginx Proxy Manager and more...

Primary LanguageShellMIT LicenseMIT

GoAccess for Nginx Proxy Manager Logs

Still in development... You might need to wait a bit if you have a large amount of logs for it to parse.

Parses the following log types:

  • NPM
  • NPM Redirection
  • NPM Error
  • Traefik
  • Load your own custom config as well to parse other logs

Alt text

Dependencies:

  • GoAccess version: 1.7.2
  • GeoLite2-City.mmdb (2023-09-09)
  • GeoLite2-Country.mmdb (2023-09-09)
  • GeoLite2-ASN.mmdb (2023-09-09)

Docker

Github Repo


version: '3.3'
services:
    goaccess:
        image: 'xavierh/goaccess-for-nginxproxymanager:latest'
        container_name: goaccess
        restart: always
        ports:
            - '7880:7880'
        environment:
            - TZ=America/New_York         
            - SKIP_ARCHIVED_LOGS=False #optional
            - DEBUG=False #optional
            - BASIC_AUTH=False #optional
            - BASIC_AUTH_USERNAME=user #optional
            - BASIC_AUTH_PASSWORD=pass #optional   
            - EXCLUDE_IPS=127.0.0.1 #optional - comma delimited 
            - LOG_TYPE=NPM #optional - more information below
        volumes:
        - /path/to/host/nginx/logs:/opt/log
        - /path/to/host/custom:/opt/custom #optional, required if using log_type = CUSTOM

If you have permission issues, you can add PUID and PGID with the correct user id that has read access to the log files.

version: '3.3'
services:
    goaccess:
        image: 'xavierh/goaccess-for-nginxproxymanager:latest'
        container_name: goaccess
        restart: always
        ports:
            - '7880:7880'
        environment:
            - PUID=0
            - PGID=0
            - TZ=America/New_York         
            - SKIP_ARCHIVED_LOGS=False #optional
            - DEBUG=False #optional
            - BASIC_AUTH=False #optional
            - BASIC_AUTH_USERNAME=user #optional
            - BASIC_AUTH_PASSWORD=pass #optional   
            - EXCLUDE_IPS=127.0.0.1 #optional - comma delimited 
            - LOG_TYPE=NPM #optional - more information below
        volumes:
        - /path/to/host/nginx/logs:/opt/log
        - /path/to/host/custom:/opt/custom #optional, required if using log_type = CUSTOM
Parameter Function
-e SKIP_ARCHIVED_LOGS=True/False (Optional) Defaults to False. Set to True to skip archived logs, i.e. proxy-host*.gz
-e DEBUG=True/False (Optional) Displays more information in the docker logs. This mode also checks logs for parsing errors.
-e BASIC_AUTH=True/False (Optional) Defaults to False. Set to True to enable nginx basic authentication. Docker container needs to stopped or restarted each time this flag is modified. This allows for the .htpasswd file to be changed accordingly.
-e BASIC_AUTH_USERNAME=user (Optional) Requires BASIC_AUTH to bet set to True. Username for basic authentication.
-e BASIC_AUTH_PASSWORD=pass (Optional) Requires BASIC_AUTH to bet set to True. Password for basic authentication.
-e EXCLUDE_IPS= (Optional) IP Addresses or range of IPs delimited by comma refer to https://goaccess.io/man. For example: 192.168.0.1-192.168.0.100 or 127.0.0.1,192.168.0.1-192.168.0.100
-e INCLUDE_PROXY_HOSTS= (Optional) Only consume the list of provided proxy hosts. This is a comma separated list containing the proxy host number for example "11,21". This would consume proxy-host-11_access.log* and proxy-host-21_access.log* . The host number can be found right clicking on the 3 dots on the proxy host line in the GUI.
-e LOG_TYPE= (Optional) By default the configuration will be set to read NPM logs. Options are: CUSTOM, NPM, NPM+R, TRAEFIK, NCSA_COMBINED. More information below.
-e LOG_TYPE_FILE_PATTERN= (Optional) Only to be used with LOG_TYPE=NCSA_COMBINED or TRAEFIK. This parameter will pass along the file type you are trying match. For example you can pass -e LOG_TYPE_FILE_PATTERN="*.log" or -e LOG_TYPE_FILE_PATTERN="access.log". The default is *.log. Please keep it simple as I have not tested this completely. Use at your own RISK!
-e LANG=zh_CN.UTF-8 -e LANGUAGE=zh_CN.UTF-8 (Optional) Language localization added. GoAccess only has a few translations available. Please visit https://github.com/allinurl/goaccess/tree/master/po to see the translations available.

Current Translations
de - German
es - Spanish
fr - French
it - Italian
ja - Japanese
ko - Korean
pt_BR - Portuguese (Brazil)
ru - Russian
sv - Swedish
uk - English (United Kingdom)
zh_CN - Chinese - Simplified

Additional environment information

-e LOG_TYPE=

  • Options:
    • CUSTOM
      • this feature will load your own configuration
      • an additional volume must be included
        • /path/to/host/custom:/opt/custom
      • volume should include
        • goaccess.conf
          • this is your custom config
          • container will exit if no file is found
          • leave the default port number at 7890
      • environment parameters that will not work and will be ignored
        • SKIP_ARCHIVED_LOGS
        • EXCLUDE_IPS
    • NPM (default if variable is empty or not included)
      • the following file(s) are read and parsed.
        • proxy-host-*_access.log.gz
        • proxy-host-*_access.log
        • proxy*host-*.log
    • NPM+R
      • a second instance of GOACCESS is created
      • append "/redirection" to the url to access the instance, for example http://localhost:7880/redirection/
      • the following file(s) are read and parsed:
        • redirection*host-*.log*.gz
        • redirection*host-*.log
        • fallback_access.log*.gz
        • fallback_access.log
        • dead-host*.log*.gz
        • dead-host*.log
    • NPM+ALL
      • a second and third instance of GOACCESS are created
        • append "/redirection" to the url to access the instance, for example http://localhost:7880/redirection/
          • the following file(s) are read and parsed.
            • redirection*host-.log.gz
            • redirection*host-*.log
        • append "/error" to the url to access the instance, for example http://localhost:7880/error/
          • the following file(s) are read and parsed.
            • *_error.log*.gz
            • *_error.log
          • "error" log files sometimes have inconsistent log types and there isn't a way to process these. GoAccess does process files that have at least 1 error log in the files in the correct format. Viewing the docker container logs will tell you which files have been skipped.
    • TRAEFIK
      • environment parameters that will not work and will be ignored
        • SKIP_ARCHIVED_LOGS
      • the following file(s) are read and parsed.
        • access.log
    • NCSA_COMBINED
      • environment parameters that will not work and will be ignored
        • SKIP_ARCHIVED_LOGS
      • by default the following file(s) are read and parsed.
        • *.log

LOG FORMATS

NPM PROXY LOG FORMAT

time-format %T
date-format %d/%b/%Y
log_format [%d:%t %^] %^ %^ %s - %m %^ %v "%U" [Client %h] [Length %b] [Gzip %^] [Sent-to %^] "%u" "%R"

NPM REDIRECTION LOG FORMAT

time-format %T
date-format %d/%b/%Y
log_format [%d:%t %^] %s - %m %^ %v "%U" [Client %h] [Length %b] [Gzip %^] "%u" "%R"

NPM ERROR LOG FORMAT

time-format %T
date-format %Y/%m/%d
log_format %d %t %^: %v, %^: %h, %^ %v %^"%r" %^

TRAEFIK ACCESS LOG FORMAT

time-format %T
date-format %d/%b/%Y
log-format %h %^[%d:%t %^] "%r" %s %b "%R" "%u" %Lm"

Possible/Known Issues

  • A lot of CPU Usage and 10000 request every second in webUI
  • If your using NPM to proxy the container you need to turn on websockets support
  • LOG_TYPE=NPM+ALL
    • "error" log files sometimes have inconsistent log types and there isn't a way to process these. GoAccess does process files that have at least 1 error log in the files in the correct format. Viewing the docker container logs will tell you which files have been skipped.
  • Debug=True
    • The version of this application, (GOAN vX), does not get displayed in the left side toolbar on purpose. In debug mode I don't want many customizations.

Thanks

To https://github.com/GregYankovoy for the inspiration, and for their nginx.conf :)

Users:

  • Just5KY
  • martadinata666

Disclaimer

This product includes GeoLite2 data created by MaxMind, available from https://www.maxmind.com.