I got tired of SSH and Loki for four containers, so I built DockLog

Source: Dev.to

If you run a few containers on one VPS or homelab box, you’ve probably lived this loop: SSH in docker logs -f something Realize someone else on your team needs the same thing Either hand out SSH keys or start designing an observability stack you don’t actually need yet I hit that wall with staging and random homelab services on the same machine. I didn’t want Elasticsearch or Loki for four containers. I also didn’t want everyone having shell access just to read stdout. So I built DockLog — a self-hosted Docker log viewer and light admin UI. One container on the socket. No agents. No external telemetry. Live logs over WebSockets (stdout/stderr, not polling) Host + container CPU/memory, with about 30 days of samples in SQLite Multi-user auth with per-user container patterns (wildcards and regex) Optional actions — start, stop, restart, delete, shell — gated by server env flags and per-user permissions Audit log when auth mode uses a persistent database Native apps (Android, Windows, Linux) that connect to DockLog servers you host — save multiple servers and switch between them in the app Typical RAM use for me is around 30–40 MB. Image is aimldev/docklog:latest on Docker Hub (amd64 and arm64). MIT licensed. Being upfront about scope: One Docker engine per DockLog instance — not fleet-wide aggregation in a single dashboard (that’s on the roadmap) Not a replacement for Loki/ELK/Grafana at cluster scale Not a hosted SaaS — you run it, you own the data docker.sock is still privileged — treat it like any admin tool services: docklog: image: aimldev/docklog:latest container_name: docklog ports: - “8888:8000” volumes: - /var/run/docker.sock:/var/run/docker.sock - ./data:/app/data environment: - SECRET_KEY=change-me-use-openssl-rand-base64-32 - DB_PATH=/app/data/docklog.db - CLIENT_ACCESS=strict - ENV=production restart: unless-stopped

Open http://localhost:8888. A fresh install seeds admin / admin123 and prompts you to change the password on first login. Or with docker run: docker pull aimldev/docklog:latest

docker run -d
—name docklog
-p 8888:8000
-v /var/run/docker.sock:/var/run/docker.sock
-v $(pwd)/data:/app/data
-e SECRET_KEY=your-secure-key-here
-e DB_PATH=/app/data/docklog.db
-e CLIENT_ACCESS=strict
—restart unless-stopped
aimldev/docklog:latest

A question I got early on (fair one): if you restrict containers per user, is that only hidden in the UI? No. allowed_containers patterns are checked server-side before container lists, log WebSocket streams, stats, and actions. Action rights use two layers: server ALLOW_* flags and per-user can_* flags in the database — both have to pass, including for admin accounts. In no-auth mode (fine for a local laptop, not for the public internet), the ALLOW_* env vars are the only gate. Go backend talking to the Docker API Vue 3 UI embedded in the same image SQLite for users, RBAC, audits, and short metric history WebSockets for logs, events, and optional shell sessions Flutter for the mobile/desktop companion apps The image also ships a docklog CLI on PATH (reset-password, config, version, and agent subcommands for future fleet work). There’s a public demo if you want to click around first: https://demo.docklog.dev login: demo / Demo@1106

Shared sandbox don’t put real secrets there. The apps are clients for servers you already run. Add your URL, sign in, tail logs without keeping a browser tab open. You can store prod, staging, and homelab instances in one app and flip between them. Each host still runs its own DockLog container. The app is multi-server management, not one merged view of every container across every machine yet. Downloads: https://www.docklog.dev/app I reached for something heavier when multiple people needed access with different container visibility without giving everyone the Docker socket through SSH. DockLog is aimed at that middle ground: faster than standing up a full logging stack, more structured than shared SSH access. Site: https://www.docklog.dev

Docs: https://www.docklog.dev/docs

GitHub: https://github.com/dockloghq/docklog

Docker Hub: https://hub.docker.com/r/aimldev/docklog

If you try it, I’d genuinely like to know what you use today for single-host Docker logs and what’s still missing. Issues and feedback welcome on GitHub.