Install Daployi Services

The Daployi Installer is the quickest way to get Daployi up and running. It runs as a container will automatically setup the required services and generate secrets.

Repository (source): Docker hub - https://hub.docker.com/r/daployi/daployi-installer

Prerequisites:

Docker installed on your host
A directory where the installer can write configuration (.env) and secrets (.secrets/*)

Installation Methods

The installer can be run directly as a shell script or using Docker. Choose the method that best fits your environment.

Shell Script (Recommended)

This method downloads and executes the installation script directly on your host.

Docker Run

Run the installer inside a temporary Docker container.

Reinstall / Uninstall

If you need to uninstall or reinstall Daployi, it's important to understand that simple removal of containers will leave secrets and persistent volumes behind.

Using the REINSTALL or UNINSTALL flag will ensure that these secrets and volumes are also removed, allowing for a completely clean slate.

Data Destruction Warning

Using the REINSTALL or UNINSTALL flags will destroy all data in your installation, including database contents (MongoDB/Redis) and all generated secrets. This action is irreversible.

Why use these flags?

If you simply remove the containers and attempt to reinstall, you will likely run into authentication problems with Redis and MongoDB. This is because the new installation will attempt to use new or default secrets, while the existing volumes still expect the old secrets that were generated during the initial setup.

Reinstall: Use REINSTALL=true to wipe the existing installation (containers, volumes, and secrets) and start a fresh installation process immediately.
Uninstall: Use UNINSTALL=true to wipe everything and leave no trace, exiting after the cleanup is complete.

Command Generator

Use the following generator to pre-populate your environment variables. The commands below will update automatically.

RP ID

Ex: [instance domain ...[instance domain here e.g. daployi.yourdomain.com]

RP Name

Ex: [Name to display ...[Name to display in WebAuthn registration]

Origin

Ex: [Url to use for W...[Url to use for WebAuthn registration e.g. https://daployi.yourdomain.com]

Web Public Base

Ex: [Base system url ...[Base system url e.g. https://daployi.yourdomain.com]

API Public Base

Ex: [Base api url e.g...[Base api url e.g. https://api.daployi.yourdomain.com]

WS Public Base

Ex: [Base websocket u...[Base websocket url e.g. wss://api.daployi.yourdomain.com]

API Port

Ex: 30013001

Web Port

Ex: 30003000

Log Level

Ex: WARNWARN

Shell Script Installation

WEBAUTHN_RP_ID="[instance domain here e.g. daployi.yourdomain.com]" \
WEBAUTHN_RP_NAME="[Name to display in WebAuthn registration]" \
WEBAUTHN_ORIGIN="[Url to use for WebAuthn registration e.g. https://daployi.yourdomain.com]" \
WEB_PUBLIC_BASE="[Base system url e.g. https://daployi.yourdomain.com]" \
PUBLIC_API_BASE="[Base api url e.g. https://api.daployi.yourdomain.com]" \
PUBLIC_WS_BASE="[Base websocket url e.g. wss://api.daployi.yourdomain.com]" \
API_PORT=3001 \
WEB_PORT=3000 \
LOG_LEVEL=WARN \
bash -c "$(curl -sSL https://docs.daployi.io/install.sh)"

Docker Run Command

sudo docker run --rm \
  -e WEBAUTHN_RP_ID="[instance domain here e.g. daployi.yourdomain.com]" \
  -e WEBAUTHN_RP_NAME="[Name to display in WebAuthn registration]" \
  -e WEBAUTHN_ORIGIN="[Url to use for WebAuthn registration e.g. https://daployi.yourdomain.com]" \
  -e WEB_PUBLIC_BASE="[Base system url e.g. https://daployi.yourdomain.com]" \
  -e PUBLIC_API_BASE="[Base api url e.g. https://api.daployi.yourdomain.com]" \
  -e PUBLIC_WS_BASE="[Base websocket url e.g. wss://api.daployi.yourdomain.com]" \
  -e API_PORT=3001 \
  -e WEB_PORT=3000 \
  -e LOG_LEVEL=WARN \
  -v /var/run/docker.sock:/var/run/docker.sock \
  -v "$(pwd)":"$(pwd)" \
  -w "$(pwd)" \
  daployi/daployi-installer:1.1.1

Docker Compose

services:
  daployi-installer:
    image: daployi/daployi-installer:1.1.1
    environment:
      WEBAUTHN_RP_ID: "[instance domain here e.g. daployi.yourdomain.com]"
      WEBAUTHN_RP_NAME: "[Name to display in WebAuthn registration]"
      WEBAUTHN_ORIGIN: "[Url to use for WebAuthn registration e.g. https://daployi.yourdomain.com]"
      WEB_PUBLIC_BASE: "[Base system url e.g. https://daployi.yourdomain.com]"
      PUBLIC_API_BASE: "[Base api url e.g. https://api.daployi.yourdomain.com]"
      PUBLIC_WS_BASE: "[Base websocket url e.g. wss://api.daployi.yourdomain.com]"
      API_PORT: "3001"
      WEB_PORT: "3000"
      LOG_LEVEL: "WARN"
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - ${PWD}:${PWD}
    working_dir: ${PWD}
    restart: "no"

Local Installation (No SSL)

If you want to run without SSL or a custom domain, you can set the following environment variables:

WEB_PUBLIC_BASE: [SERVER_IP]:3000 (or your set port)
PUBLIC_API_BASE: [SERVER_IP]:3001 (or your set port)
PUBLIC_WS_BASE: ws://[SERVER_IP]:3001

Environment Variables

These variables control how the installer sets up the environment and what values it populates in the .env file and Docker secrets.

Variable	Description	Default Value
`API_PORT`	The host port mapped to the API server.	`3001`
`WEB_PORT`	The host port mapped to the Web frontend.	`3000`
`MONGO_USER`	The root username for the MongoDB database.	`daployi`
`LOG_LEVEL`	Logging verbosity (`TRACE`, `DEBUG`, `INFO`, `WARN`, `ERROR`, `FATAL`).	`WARN`
`WEB_PUBLIC_BASE`	The public URL/base path for the web frontend.	(Optional)
`PUBLIC_API_BASE`	The public URL for the API. If not set, it defaults to `WEB_PUBLIC_BASE`.	(Optional)
`PUBLIC_WS_BASE`	The public WebSocket base URL.	(Optional)
`WEBAUTHN_RP_ID`	Relying Party ID for WebAuthn (Passkeys) authentication.	(Optional)
`WEBAUTHN_RP_NAME`	Relying Party Name for WebAuthn (Passkeys) authentication.	(Optional)
`WEBAUTHN_ORIGIN`	Allowed origin for WebAuthn authentication.	(Optional)
`MTU` or `mtu`	Sets the MTU (Maximum Transmission Unit) for the Docker bridge network.	(Optional)
`TRUSTPROXY` or `trustproxy`	Enables Trust Proxy in the API service. Required if Daployi is behind a reverse proxy (like Cloudflare zero trust) to correctly identify client IPs and secure cookies.	`false`
`REINSTALL` or `reinstall`	If set to `true`, the installer will wipe the existing installation (containers, volumes, secrets, and `.daployi` directory) before starting a fresh install.	`false`
`UNINSTALL` or `uninstall`	If set to `true`, the installer will wipe the existing installation and then exit without re-installing.	`false`

Trust Proxy (TRUSTPROXY)

If you are running Daployi behind a reverse proxy (e.g., Nginx, Traefik, Caddy, or Cloudflare), you must set TRUSTPROXY=true.

This enables the API server to trust the X-Forwarded-For and X-Forwarded-Proto headers, ensuring correct client IP detection, secure cookie handling, and proper redirection.

Working Directory and Volumes

The installer needs access to a directory on your host to save the generated configuration files (.env) and secrets (.secrets/).

In the generator above, we use $(pwd) (or ${PWD} in Compose) to map the current working directory:

-v "$(pwd)":"$(pwd)": Maps the current directory from the host to the same path inside the container.
-w "$(pwd)": Sets the container's working directory to that same path.

This ensures that any files created by the installer are written directly to your current directory on the host.

Using a Static Directory

If you want to be consistent and not rely on the directory you are currently in, you can specify a static path. This is recommended for production environments to avoid accidental misconfiguration.

Example using /opt/daployi:

Shell Script
Docker Run
Docker Compose

To set a static directory with the shell script, set the ROOT_DIR environment variable:

ROOT_DIR=/opt/daployi \
bash -c "$(curl -sSL https://docs.daployi.io/install.sh)"

sudo docker run --rm \
... \
-v /opt/daployi:/opt/daployi \
-w /opt/daployi \
daployi/daployi-installer:1.1.1

services:
daployi-installer:
  image: daployi/daployi-installer:1.1.1
  ...
  volumes:
    - /var/run/docker.sock:/var/run/docker.sock
    - /opt/daployi:/opt/daployi
  working_dir: /opt/daployi

Follow the prompts:
- The installer will help you generate required secret files under .secrets
- It will create a .env file with the settings you choose
- It will bring up the stack using Docker Compose

Notes:

You can re-run the installer to update the stack. Make sure to run it from the same directory as it stores configurations.
If your environment uses SELinux or strict permissions, ensure the working directory allows Docker to mount it.
If using a remote Docker host, forward the Docker socket or use DOCKER_HOST env var inside the installer container.

Troubleshooting

Redis or MongoDB Authentication Failures

If you are performing a fresh installation or an update and find that Redis or MongoDB services fail to authenticate or the system fails to start, it's often due to a mismatch between the .secrets/ directory and the persistent volumes.

If you are stuck in this state, you may need to:

Ensure your credentials are consistent.
If you intend to start completely over, use the REINSTALL=true flag to ensure all old secrets and volumes are purged before the new ones are generated.

Next: proceed to Configuration to understand environment variables and secrets.

Installation Methods​

Shell Script (Recommended)​

Docker Run​

Reinstall / Uninstall​

Why use these flags?​

Command Generator​