DATAZONE Control

English

Deutsch

English

Deutsch

Appearance

Installation

DATAZONE Control is deployed as a Docker Compose stack. The installation includes the backend, frontend, database, and reverse proxy.

Prerequisites

  • Linux server with Docker and Docker Compose
  • At least 2 GB of RAM and 10 GB of storage
  • Network access to the managed hosts (port 443 outbound for agents)

Installation with Docker Compose

1. Clone the Repository

bash
git clone https://gitlab.datazone.de/kidev/datazone-control.git
cd datazone-control

2. Configure Environment Variables

Create a .env file in the project directory:

env
# Database
POSTGRES_PASSWORD=YourSecurePassword
DATABASE_URL=postgresql://datazone:YourSecurePassword@db:5432/datazone_control

# Backend
SECRET_KEY=YourSecretKey
CORS_ORIGINS=https://control.yourdomain.com

# Optional: Email for reports
SMTP_HOST=smtp.yourdomain.com
SMTP_PORT=587
SMTP_USER=reports@yourdomain.com
SMTP_PASSWORD=SmtpPassword

3. Start the Stack

bash
docker compose up -d --build

This starts the following containers:

ContainerServicePort
datazone-dbPostgreSQL Database5432 (internal)
datazone-redisRedis Message Queue6379 (internal)
datazone-backendFlask API + SocketIO5001 (internal)
datazone-frontendReact (Nginx)80 (internal)
datazone-nginxReverse Proxy8080

4. Verify Accessibility

Open https://control.yourdomain.com in your browser. You should see the login screen.

Reverse Proxy (Optional)

For production environments, we recommend an upstream reverse proxy with SSL:

Nginx Example

nginx
server {
    listen 443 ssl;
    server_name control.yourdomain.com;

    ssl_certificate /etc/letsencrypt/live/control.yourdomain.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/control.yourdomain.com/privkey.pem;

    location / {
        proxy_pass http://127.0.0.1:8080;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
    }
}

Important

WebSocket support (Upgrade and Connection headers) must be enabled, as DATAZONE Control uses WebSockets for real-time updates, remote shell, and tunnels.

Tunnel Ports

For the tunnel functionality, ports 20000-25000 must be reachable on the backend server. These are used dynamically for SSH, RDP, and HTTP tunnels.

bash
# Firewall rule (ufw)
ufw allow 20000:25000/tcp

Update

bash
cd /path/to/datazone-control
git pull
docker compose up -d --build

Database migrations are executed automatically when the backend starts.

Next Steps

After installation, proceed with the First Login.

DATAZONE Control Documentation

Copyright © 2024-2026 DATAZONE