A lightweight, web-based system monitor with alerts and Docker insights—all bundled into a single binary
simon.mp4
- Features
- Setup
- Configuration
- Notifications and Alerts
- Building from Source
- Screenshots
- License
- Acknowledgments
- 💻 System Monitoring: Track CPU, memory, disk usage, disk I/O and network activity in real-time
- 🌐 Web-Based UI: A responsive interface accessible from any browser
- 🐳 Docker Integration: List containers, monitor resource usage, and view container logs
- 🚨 Alerting System: Configure thresholds and get notified when metrics cross set limits
- 📦 Zero Dependencies: Single binary deployment with no external requirements
- ⚡ Low Overhead: Minimal resource footprint
The simplest way to install Simon is using prebuilt binaries:
Download the latest release for your platform from the Releases page.
chmod +x simon
./simonJust run the binary and Simon will start monitoring! The web UI will be available at http://localhost:30000.
docker run -d \
--name simon \
-p 30000:30000 \
-v /sys:/sys:ro \
-v /var/run/docker.sock:/var/run/docker.sock:ro \
-v /:/fs:ro \
-v ./simon-data:/app/simon-data \
alibahmanyar/simonCreate a docker-compose.yml file:
services:
simon:
image: alibahmanyar/simon
hostname: simon # Set container hostname (replace with your own)
ports:
- "30000:30000"
environment:
# Authentication configuration
# Bcrypt hash for 'secret', replace with your own hash or remove to disable authentication
# Note: Dollar signs need to be escaped with additional dollar signs in Docker Compose files
SIMON_PASSWORD_HASH: "$$2a$$12$$nmCGsgJ3ovx76sc/J8Bcs.Vn235KLQK7Cze83Kzm36a1v59QKVOO."
volumes:
- /sys:/sys:ro
- /var/run/docker.sock:/var/run/docker.sock:ro
- /:/fs:ro
- ./simon-data:/app/simon-dataThen run:
docker-compose up -dNotes:
-
For accesing docker stats, the user account running Simon needs access to the Docker socket (
/var/run/docker.sock). This can be achieved by:- Using a user that belongs to the
dockergroup - Running as root
- Using a user that belongs to the
-
For accurate system information, mount relevant filesystem paths:
- Mount
/etc/lsb-releaseor similar OS identification files for correct OS detection - Mount
/sysfor hardware, network and process information - Mount filesystems you want to monitor (e.g.,
/as/rootfs) for disk usage statistics
- Mount
-
The password hash should be provided correctly; pay attention to escaping special characters (like dollar sign) in the hash
Simon can be deployed behind a reverse proxy like Nginx or Traefik:
...
location / {
proxy_pass http://localhost:30000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# WebSocket support
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_read_timeout 86400;
}
...The compose file below can be used; it will provide a reverse proxy with TLS support. You only need to provide the HOST and ACME_MAIL environment variables:
services:
reverse-proxy:
image: traefik:v3.2
ports:
- "443:443"
- "80:80"
volumes:
- "./letsencrypt:/letsencrypt"
- "/var/run/docker.sock:/var/run/docker.sock:ro"
command:
- --providers.docker.exposedByDefault=false
- --entrypoints.web.address=:80
- --entrypoints.web.http.redirections.entrypoint.to=websecure
- --entryPoints.web.http.redirections.entrypoint.scheme=https
- --entrypoints.websecure.address=:443
- --entrypoints.websecure.asDefault=true
- --entrypoints.websecure.http.tls.certresolver=myresolver
- --certificatesresolvers.myresolver.acme.email=${ACME_MAIL}
- --certificatesresolvers.myresolver.acme.tlschallenge=true
- --certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json
simon:
image: alibahmanyar/simon
hostname: simon # Set container hostname (replace with your own)
environment:
# Authentication configuration
# Bcrypt hash for 'secret', replace with your own hash or remove to disable authentication
# Note: Dollar signs need to be escaped with additional dollar signs in Docker Compose files
SIMON_PASSWORD_HASH: "$$2a$$12$$nmCGsgJ3ovx76sc/J8Bcs.Vn235KLQK7Cze83Kzm36a1v59QKVOO."
volumes:
- /sys:/sys:ro
- /var/run/docker.sock:/var/run/docker.sock:ro
- /:/fs:ro
- ./simon-data:/app/simon-data
labels:
- traefik.enable=true
- traefik.http.routers.simon.rule=Host(`${HOST}`)
- traefik.http.routers.simon.entrypoints=websecure
- traefik.http.routers.simon.tls.certresolver=myresolver
- traefik.http.services.simon.loadbalancer.server.port=30000Simon can be secured with password authentication:
- Generate a bcrypt hash of your password (many online tools available)
- Set the hash using the
SIMON_PASSWORD_HASHenvironment variable or--password-hashflag - Pay attnetion to the dollar signs and escape them if needed
# Using env var (in Docker Compose, dollar signs need to be escaped as $$)
SIMON_PASSWORD_HASH='$2a$12$YOUR_BCRYPT_HASH' simon
# Or using CLI flag
simon --password-hash '$2a$12$YOUR_BCRYPT_HASH'Simon is configured through environment variables or command-line arguments:
| Option | Environment Variable | CLI Flag | Default | Description |
|---|---|---|---|---|
| Address | SIMON_ADDRESS |
-a, --address |
0.0.0.0 |
Address to bind the server to |
| Port | SIMON_PORT |
-p, --port |
30000 |
Port to bind the server to |
| Update interval | SIMON_UPDATE_INTERVAL |
-T, --update-interval |
2 |
Metrics update interval in seconds (1-30 seconds) |
| Password hash | SIMON_PASSWORD_HASH |
-H, --password-hash |
None | Bcrypt password hash for authentication |
| Database path | SIMON_DB_PATH |
--db-path |
./simon-data/simon.db |
Path to SQLite database |
Simon provides an alert system to notify you about critical system events.
-
Navigate to settings by clicking on the gear icon in the top navigation bar
-
Add Notification Method
- Name your notification method
- Enter webhook URL for receiving alerts
- Use
{notif_msg}placeholder in url or request body to insert alert message
-
Configure Alert Conditions
- Set time window (in minutes)
- Select resource category, name, and property to monitor
- Define condition and threshold value
- Toggle "Active" to enable/disable
Alerts are triggered when conditions are met for the specified duration, sending formatted messages to your webhook endpoint. The system works with any service that accepts webhooks, including Discord, Telegram, Slack, etc.
Simon consists of a Rust backend and a web frontend. Here's how to build it from source:
# Prerequisites:
# - Rust toolchain (https://rustup.rs/)
# - Bun (https://bun.sh/docs/installation)
# Clone the repository
git clone https://github.com/alibahmanyar/simon.git
cd simon
# Build the web frontend first and then compile the Rust application
make web-setup
make web
make release
This project is licensed under the MIT License - see the LICENSE file for details.
This project utilizes several amazing open-source libraries and tools:
Thank you to all the contributors and maintainers of these projects!
Happy monitoring!