Monitor — Server Dashboard

What is this?

A dashboard for monitoring my server. It displays system metrics such as CPU, RAM, disk, and network in real time. Additionally, systemd services and Docker containers can be inspected and restarted directly if needed. A centralized log view rounds out the feature set.

The foundation for this came from Alex, a good friend and former colleague who developed the original service panel. I adapted it to my own infrastructure — including Single Sign-On via my self-hosted Zitadel setup and a consistent design matching my other tools. Thanks to Alex for the solid base!

Features

Overview: CPU, RAM, disk, and network utilization at a glance
Services: List, filter, and restart all systemd services
Containers: Docker container status with restart functionality
Logs: Centralized log view for services and containers with download option
Monitoring: Automatic alerts for high RAM or disk utilization
Dark/Light Mode with a consistent style guide

Tech Stack

Area	Technology
Frontend	Vue 3 with Vite
Backend	Express + TypeScript
Auth	Zitadel OIDC ( SSO )
Deployment	Docker + Nginx + GitHub Actions

How It Works

The app runs as a Docker container on the server. A background poller regularly collects system data — metrics every 5 seconds, service and container status every minute. The results are cached so the dashboard can load instantly.

Since the container has no direct access to the host, commands like systemctl and journalctl are executed via nsenter in the host namespace. This is the most notable technical aspect of the setup.

Deployment is fully automated: on every push to main, GitHub Actions rebuilds the Docker image and deploys it to the server.

Security

Access only with a valid SSO session via Zitadel, my self-hosted identity provider for single sign-on across all my services
Rate limiting on all routes
Security headers including CSP and HSTS
Inputs are validated, shell commands have timeouts

Glossary

Single Page Application (SPA): A web application loaded as a single HTML page that dynamically fetches content via JavaScript. Navigation, data queries, and UI updates happen without a full page reload — the server only provides an API.
Background Polling: A pattern where the server periodically collects and caches data instead of querying live on each request. API requests immediately get the latest snapshot — ideal for dashboards with many concurrent users or short query intervals.
nsenter: A Linux tool that executes processes in existing namespaces. Allows a container to run commands in the host's mount namespace — e.g., nsenter -t 1 -m -- systemctl status to access the host's systemd.
OpenID Connect (OIDC): An authentication protocol based on OAuth 2.0. The Identity Provider confirms a user's identity and returns information such as name, email, and roles in a signed ID token.
Single Sign-On (SSO): An authentication method where a user logs in once and can then access multiple applications without logging in again. The Identity Provider manages the central session.
Docker Container: An isolated runtime environment that packages an application with all its dependencies. Containers share the host system's kernel, start in milliseconds, and guarantee that software runs the same everywhere — locally and on the server.
CI/CD: Continuous Integration and Continuous Deployment — automated processes that test, build, and deploy code after every push. Reduces manual errors and enables fast, reproducible deployments.