search icon

Manage your server from its web interface

· 2 min read
Self Hosting
An airplane cockpit showing gauge and radar indicators

Cockpit is a web-based graphical interface for servers, and comes with native support for podman.

Installing Cockpit

Have a look at pkgs.org to find the right package names for your Linux distribution.

For Arch Linux, I installed Cockpit by running:

yay -S cockpit cockpit-podman cockpit-pcp cockpit-storaged cockpit-packagekit

Once installed, make Cockpit to start automatically on each reboot:

sudo systemctl enable --now cockpit.socket

Notice the “.socket” extension, as it is not a traditional “.service” unit.

Now you can access the server web interface on port 9090 and login with your Linux username and password:

Cockpit login screen
Cockpit login screen
System overview from Cockpit
System overview from Cockpit

Terminal via web

My favorite Cockpit feature is by far terminal access via web. It makes very handy to run commands without installing a SSH client on the current device. This section can be accessed from the “Terminal” tab

Terminal interface
Terminal interface

The Cockpit terminal does not rely on sshd, so it can grant remote access even in rare case of OpenSSH bugs:

A scary situation where SSH is not responding
A scary situation where SSH is not responding

In this situation, it was enough to run sudo systemctl restart sshd from the Cockpit terminal to make remote SSH access work again.

One-click updates

Cockpit can also be used to update system packages with one click. Under the hood, it will run your package manager (e.g. apt or pacman):

Cockpit interface showing container images, containers, and pods
Cockpit interface showing container images, containers, and pods

Beware because you could miss important notifications, e.g. breaking changes or need for manual intervention.

For Arch Linux users, this will not update your AUR packages, so you still need to run yay -Syu from terminal.

Monitor running containers

If you are running Podman containers, try to login into Cockpit with the user running them. You will see resource usage, health status and pod grouping:

Cockpit interface showing container images, containers, and pods
Cockpit interface showing container images, containers, and pods

You can also see logs from each container and run command from their shell, directly from this page.

Security implications

Cockpit is handy, but it should not be exposed to the world: an attacker just needs to guess the root password to own your system.

It’s best to limit access with a firewall, by restricting access to just LAN, VPN, or specific clients.

Did you enjoy the article?

heart icon

If you have suggestions or opinions, just drop me a message, I'd love to hear from you!

Other posts for you

A blue container on the left, a purple container on the right. Original photo by Aron Yigin on Unsplash
Two seals photographed on grey rocks. Photo by Neil Cooper on Unsplash