Installing Cockpit and setting it up with custom domain with Caddy 2

Table of content

• What is Cockpit?
• Installing Cockpit
• Opening port
• Configuring Custom Domain
• Configuring Caddy
  • First install Caddy
• Logging in Cockpit

What is Cockpit?

Cockpit is an easy to use and setup web-based graphical interface for managing and monitoring Linux servers using a web browser, even on Android and IOS.

Installing Cockpit

Cockpit supports almost all major Linux distros, and so it's easy to install.

Just use your package manage and install the cockpit package, you can check instruction for your distro on their official site.

In my case I am using AlmaLinux 9 so if you use Fedora/Red Hat based distro you can simple install it by running:

sudo dnf install cockpit

Next, enable cockpit by running sudo systemctl enable --now cockpit.socket.

After enabling it, you should be able to see cockpit dashboard running on port :9090 of your localhost and IP if you don't have firewall.

Test it by running curl -T localhost:9090 you should be able to get output like this:

HTTP/1.1 200 OK
Content-Type: text/html
Content-Security-Policy: connect-src 'self' http://localhost:9090 ws://localhost:9090; form-action 'self' http://localhost:9090; base-uri 'self' http://localhost:9090; object-src 'none'; font-src 'self' http://localhost:9090 data:; img-src 'self' http://localhost:9090 data:; block-all-mixed-content; default-src 'self' http://localhost:9090 'unsafe-inline'
Set-Cookie: cockpit=deleted; PATH=/; HttpOnly
Transfer-Encoding: chunked
Cache-Control: no-cache, no-store
X-DNS-Prefetch-Control: off
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff

Opening port

If you use any firewall, you need to open port 80 and 9090 to run cockpit through your custom domain.

If you are using Firewalld simple run:

sudo firewall-cmd --permanent --zone=public --add-service=cockpit
sudo firewall-cmd --reload

Configuring Custom Domain

First, create a cockpit.conf file in /etc/cockpit/ directory and edit it using any text editor of your choice.

And add the following:

[WebService]
Origins = https://cockpit.sahil.world wss://cockpit.sahil.world
ProtocolHeader = X-Forwarded-Proto

Here is an example of actual config:

Next, do sudo systemctl status cockpit.socket to make changes take place.

Configuring Caddy

Caddy will act as a reverse proxy and provide an SSL certificate.

First install Caddy

If you use Fedora/ Red Hat distro, run the following commands to install, else you can check their official install documentation to install it on your distro.

sudo dnf install 'dnf-command(copr)'
sudo dnf copr enable @caddy/caddy
sudo dnf install caddy

After installing, edit the Caddyfile in etc/caddy/ and paste the following:

cockpit.domain.tld {
    reverse_proxy http://localhost:9090 {
        transport http {
            tls_insecure_skip_verify
        }
    }
}

Once you are done, reload the caddy server by running sudo systemctl reload caddy.

Now you should be able to see your dashboard, yup and running on your custom dashboard.

Logging in Cockpit

Now you should see a login screen in front of you, use your username and password which you use to log in your Linux server.

Use Connect to when you have multiple servers to manage, in my case it was.

After you have login, you can manage following things right from your web browser.

And a full-fledged terminal without accessing it via ssh.

You can also intergate third party applications or create your own to manage services like Podman and VM which I will through in my next post.