Setup Guide

Docker Monitor Wiki

Overview

Docker Monitor architecture

Deploy the Docker Monitor Agent container on each Docker host. The mobile app connects to the agent with a bearer token for authenticated API operations.

Docker Monitor uses a containerized agent setup for onboarding and operations.

Requirements

  • Docker Engine 20.10+
  • A host where you can run containers
  • iOS 12+ or Android 6+ device with Docker Monitor installed
  • SSH access for private network hosts

Quick Start: Deploy The Agent

Run the commands below on your Docker host. Replace the image reference if you publish your own tag.

TOKEN="$(openssl rand -hex 32)" IMAGE="appleberryd/dockermonitor-agent:0.1.1" docker rm -f docker-monitor-agent >/dev/null 2>&1 || true docker run -d \ --name docker-monitor-agent \ --restart unless-stopped \ -p 9876:9876 \ -e AGENT_AUTH_TOKEN="$TOKEN" \ -v /var/run/docker.sock:/var/run/docker.sock:ro \ -v /:/host:ro \ --security-opt no-new-privileges:true \ --read-only \ --tmpfs /tmp \ --memory 128m \ --cpus 0.5 \ "$IMAGE" echo "AGENT_AUTH_TOKEN=$TOKEN"

Validate Deployment

curl http://localhost:9876/agent/health curl -H "Authorization: Bearer $TOKEN" http://localhost:9876/version curl http://localhost:9876/version # expected: 401

If health returns 200 and unauthorized version returns 401, your agent auth flow is working correctly.

App Configuration

  1. Open Docker Monitor and tap Add Server.
  2. Set host to your server IP or DNS.
  3. Set port to 9876 (or your custom agent port).
  4. Paste the token from `AGENT_AUTH_TOKEN` into Agent Access Token.
  5. Test connection and save.

Token rotation

To rotate credentials, generate a new token, restart the container with updated `AGENT_AUTH_TOKEN`, then update the token in the app server profile.

SSH Tunneling

Use SSH tunneling if your agent port is not publicly reachable. Tunnel directly to the agent service endpoint.

ssh -L 19876:127.0.0.1:9876 user@your-server # In Docker Monitor: # Host: 127.0.0.1 # Port: 19876 # Agent token: same AGENT_AUTH_TOKEN
  • Create and save SSH profiles inside the app for repeat connections.
  • Use key-based auth where possible.
  • Keep agent bound to trusted interfaces when not using a reverse proxy.

Agent API Endpoints

EndpointAuthPurpose
`/agent/health`NoLiveness and Docker connectivity state
`/agent/stats`YesHost + Docker metrics payload
`/containers/*`, `/images/*`, `/info`, `/version`YesDocker operations used by app flows

What You Can Do In-App

  • View servers, running/stopped container counts, and host usage cards
  • Start, stop, restart, rename, and remove containers
  • Read and refresh container logs
  • Inspect container stats, env, and runtime details
  • List, pull, and remove images
  • Track operation jobs and notifications

Troubleshooting

Image pull fails

Symptoms: `pull access denied` or `manifest unknown`.

  • Verify the exact repository/tag exists in your registry.
  • Use your own published image tag if not using a public image.
  • Run `docker login` if your image is private.

401 Unauthorized in app

  • Confirm the token in app exactly matches `AGENT_AUTH_TOKEN` on server.
  • Restart container after changing environment variables.
  • Verify request reaches the correct host and port.

Agent not healthy

  • Check `docker logs docker-monitor-agent`.
  • Confirm Docker socket is mounted: `/var/run/docker.sock`.
  • Confirm host firewall allows the exposed agent port.

Need Help?

If your setup is still failing, send your deployment command and `docker logs docker-monitor-agent` output.

Contact Support