Cockpit

Overview

Cockpit is a web-based interface for Linux servers that allows for easy system management, log inspection, and performance monitoring. It provides a real-time view of CPU, memory, and disk usage, as well as an integrated terminal.

Ports

Port	Protocol	Purpose
9090	TCP	Web UI and API

External Access

Access Method	URL
Local network	http://nixos.local:9090
Cloudflare Tunnel	https://cockpit-home.javiersc.com

Secrets

This service does not require authentication credentials managed by 1Password. It uses the system’s PAM authentication (local user accounts).

Backup

This service is stateless and does not require backup of its own data. It acts as an interface to the underlying OS.

Troubleshooting

Terminal not loading

Symptom: The integrated terminal in the Cockpit UI fails to connect or shows a blank screen.

Cause: This is often caused by a proxy configuration that doesn’t correctly handle WebSockets.

Solution: Ensure that the Nginx proxy is configured with proxyWebsockets = true. This is handled automatically by the homelab.proxies configuration in this homelab.

journalctl -fu cockpit

”Connection failed” error in UI

Symptom: The login page loads, but after entering credentials, the UI shows a “Connection failed” banner.

Cause: Cockpit’s CSRF protection rejects requests if the Origin header doesn’t match its allowed origins list.

Solution: The Origins list in modules/nixos/services/cockpit.nix must include the exact domain and port used for access.

services.cockpit.settings.WebService.Origins = lib.mkForce "https://cockpit-home.javiersc.com http://nixos.local:9090";

Service appears as “inactive (dead)”

Symptom: Running systemctl status cockpit shows the service is dead.

Cause: Cockpit is socket-activated by default. It only starts when a connection is made to port 9090.

Solution: This is normal behavior. Check systemctl status cockpit.socket to ensure the listener is active.