nginx

Nginx Docker Logging Setup via Container Volume Sharing

In this guide we go over sharing the internal logs of a nginx-reverse proxy with another container that can do the IP decoding and look-ups making nice usage logs.

thinkmelt@protonmail.com

3 min read
Nginx Docker Logging Setup via Container Volume Sharing

NGINX is an amazing piece of software that will allow you to have multiple sites hidden behind a single port and ip address.

  • The issue is when it strips out the external IP information for the internal IP addresses, the internal containers only see the internal IP address - they never see the external as that has been masked and regenerated by the nginx reverse-proxy!
  • Inside the nginx container it actually holds logs. If we volume map them to a secondary container the information becomes live-shared, and a second container can then generate a nice log information that we can see.

Finding the internal logs:

  • We attach to the running container and start looking for its logs.
docker -exec -it proxy-manager /bin/bash

One should see something like this:

  • find is inherit to the inside of the nginx container so:
find / -type d -name "*log*"
  • We can see that inside /data/logs every access is nicely logged.
  • Now the goal is to map these logs connecting them to another container. Since this docker is build with a docker-compose.yml after some research we find that named volumes do not actually map to any external point without the external being set true: Our example docker-compose.yml configuration
version: '3'
services:
  app:
    image: 'jc21/nginx-proxy-manager:latest'
    container_name: proxy-manager
    restart: unless-stopped
    ports:
      - '80:80'
      - '81:81'
      - '443:443'
    volumes:
      - ./data:/data
      - ./letsencrypt:/etc/letsencrypt
      - nginx_logs:/data/logs/
    networks:
      - nginx-proxy


volumes:
  data:
  letsencrypt:
  nginx_logs:
    external : true

networks:
  nginx-proxy:
    external:
      name: nginx-proxy-network

The very important part is the 'external:true' on the nginx_logs which is going to create an external mapping. As you can see in the volumes configuration:

  • ./data:/data maps a local host directory to the inside of the container.
  • nginx_logs:/data/logs/ maps a named volume to the inside of the container - but without external : true in the volumes it never syncs (and this is very poorly documented so note it!)

Next we want to stand up a temporary ubuntu container and see if the inside of the nginx container shows up inside the ubuntu running container - so:

docker run -it -name u2 -v nginx_logs:/test ubuntu

Voila - it is there!

  • Finally live update testing, we refresh our domain names several times and note the size of the files inside the /test directory increases - it works!
  • Now one can set a 'watch' which then causes a re-cycle of the page generation only on a file-size change so that the logging software follows and updates with updates!

The standard output for regex formatting of a NGINX proxy log looks like this:

[22/Dec/2024:19:52:53 +0000] - 500 500 - GET https deltaharmonic.com "/wp-admin/setup-config.php" [Client 141.131.96.11] [Length 265] [Gzip -] [Sent-to 107.155.35.20] "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36" "-"

Bon-appetite!

Linux Rocks Every Day