Skip to main content

Install with Docker Compose

You can use the docker install utility with compose which will automaticaly setup the compose script and environment needed. Or alternatively you can install the sercices manually.

Using the install utility: docker-compose.yml

services: \
daployi-installer: \
  image: daployi/daployi-installer:1.0.5 \
  environment: \
    WEBAUTHN_RP_ID: "[instance domain here e.g. daployi.yourdomain.com]" \
    WEBAUTHN_RP_NAME: "[Name to display in WebAuthn registration]" \
    WEBAUTHN_ORIGIN: "[Url to use for WebAuthn registration e.g. https://daployi.yourdomain.com]" \
    WEB_PUBLIC_BASE: "[Base system url e.g. https://daployi.yourdomain.com]" \
    PUBLIC_API_BASE: "[Base api url e.g. https://api.daployi.yourdomain.com]" \
    PUBLIC_WS_BASE: "[Base websocket url e.g. wss://api.daployi.yourdomain.com]" \
    API_PORT: "3005" \
    WEB_PORT: "3006" \
    LOG_LEVEL: "DEBUG" \
  volumes: \
    - /var/run/docker.sock:/var/run/docker.sock \
    - ${PWD}:${PWD} \
  working_dir: ${PWD} \
  restart: "no"

Manual Install: This guide uses Docker Compose to deploy Daployi with MongoDB, Redis, API server, worker, and web UI.

  1. Create project structure
  • mkdir -p daployi/.secrets
  • cd daployi
  1. Create secret files
  • echo "strong-redis-password" > .secrets/redis_password
  • echo "strong-mongo-root-password" > .secrets/mongo_root_password
  • openssl rand -hex 32 > .secrets/jwt_secret
  • chmod 600 .secrets/*
  1. Prepare .env file Create a .env file in the same directory as docker-compose.yml:

Prepare environment variables and secrets


# Core
API_PORT=[API_PORT]
WEB_PORT=[WEB_PORT]
LOG_LEVEL=WARN

# Mongo
MONGO_USER=[MONGO_USER]
# If you keep the raw password too:
# MONGO_PASSWORD=[MONGO_PASSWORD]
MONGO_PASSWORD_ENC=[MONGO_PASSWORD_ENC]

# Redis
REDIS_PASSWORD=[REDIS_PASSWORD]

# Auth
JWT_SECRET=[JWT_SECRET]

# Public bases (what the browser will use)
PUBLIC_API_BASE=[Base api url e.g. https://api.daployi.yourdomain.com]
PUBLIC_WS_BASE=[Base websocket url e.g. wss://api.daployi.yourdomain.com]

# WebAuthn (Passkeys)
WEBAUTHN_RP_ID=[instance domain here e.g. daployi.yourdomain.com]
WEBAUTHN_RP_NAME=Daployi
WEBAUTHN_ORIGIN=[Url to use for WebAuthn registration e.g. https://daployi.yourdomain.com]

# Encryption
MASTER_KEY_B64=[MASTER_KEY_B64]

# Public base for the web app (used by API for links)
WEB_PUBLIC_BASE=[Base system url e.g. https://daployi.yourdomain.com]

Notes:

  • MONGO_USER must match MONGO_INITDB_ROOT_USERNAME below (default: admin)
  • MONGO_PASSWORD_ENC must be the URL-encoded value of the mongo root password (from .secrets/mongo_root_password). To generate:

    • macOS/Linux (Node):

      PW=$(cat .secrets/mongo_root_password)
      node -e 'console.log(encodeURIComponent(process.env.PW))'

    • Python:

      PW=$(cat .secrets/mongo_root_password)
      python3 - <<'PY'
      import os, urllib.parse
      print(urllib.parse.quote(os.environ['PW']))
      PY

    • Paste the output into MONGO_PASSWORD_ENC in your .env.

  1. Generate a random keys and add them to the env file:

    • Generate a master key for encryption [MASTER_KEY_B64]: 
      openssl rand -base64 32
    • Generate random JWT secret [JWT_SECRET]: 
      openssl rand -hex 32

  2. Create docker-compose.yml Place the following file in the project directory. Adjust versions and ports as needed.

name: daployi
services:
redis:
  container_name: daployi-redis
  image: redis:alpine
  environment:
    TZ: Africa/Johannesburg
  ports:
    - "6378:6379"
  command: ["sh","-c","redis-server --requirepass "$(cat /run/secrets/redis_password)"" ]
  volumes:
    - redis_data:/data
  secrets:
    - redis_password
  networks:
    daployi_net:
      ipv4_address: 10.99.0.11
  logging:
    driver: "json-file"
    options:
      max-size: "100m"
      max-file: "5"

mongodb:
  image: mongo:8.2.3
  container_name: daployi-mongodb
  restart: always
  command: [ "mongod", "--bind_ip_all", "--auth" ]
  ports:
    - "27018:27017"
  volumes:
    - mongodb_data:/data/db
  environment:
    MONGO_INITDB_ROOT_USERNAME: ${MONGO_USER}
    MONGO_INITDB_ROOT_PASSWORD_FILE: /run/secrets/mongo_root_password
  secrets:
    - mongo_root_password
  networks:
    daployi_net:
      ipv4_address: 10.99.0.10
  logging:
    driver: "json-file"
    options:
      max-size: "100m"
      max-file: "5"

server:
  image: daployi/daployi-api:1.0.5
  platform: linux/amd64
  container_name: daployi-server
  restart: unless-stopped
  depends_on:
    - redis
    - mongodb
  volumes:
    - /var/run/docker.sock:/var/run/docker.sock
  environment:
    API_PORT: ${API_PORT}
    HOST: 0.0.0.0
    NODE_ENV: development
    LOG_LEVEL: ${LOG_LEVEL}
    MONGODB_URI: "mongodb://${MONGO_USER}:${MONGO_PASSWORD_ENC}@mongodb:27017?authSource=admin"
    MONGODB_DB_NAME: daployi
    REDIS_HOST: redis
    REDIS_PORT: "6379"
    REDIS_PASSWORD: "${REDIS_PASSWORD}"
    REDIS_DATABASE: "0"
    JWT_SECRET: ${JWT_SECRET}
    JWT_EXPIRES_IN: 7d
    MASTER_KEY_B64: ${MASTER_KEY_B64}
    PUBLIC_WS_BASE: ${PUBLIC_WS_BASE}
    WEB_PUBLIC_BASE: ${WEB_PUBLIC_BASE}
    API_PUBLIC_BASE: ${PUBLIC_API_BASE}
    WEBAUTHN_RP_ID: ${WEBAUTHN_RP_ID}
    WEBAUTHN_RP_NAME: '${WEBAUTHN_RP_NAME}'
    WEBAUTHN_ORIGIN: ${WEBAUTHN_ORIGIN}
  secrets:
    - jwt_secret
  ports:
    - "${API_PORT}:${API_PORT}"
  networks:
    daployi_net:
      ipv4_address: 10.99.0.12
  logging:
    driver: "json-file"
    options:
      max-size: "100m"
      max-file: "5"

worker:
  image: daployi/daployi-worker:1.0.3
  platform: linux/amd64
  container_name: daployi-worker
  restart: unless-stopped
  depends_on:
    - server
  environment:
    API_BASE: ${PUBLIC_API_BASE}
    MAX_DEVICE_CONNECTIONS: 20
    MONGODB_URI: "mongodb://${MONGO_USER}:${MONGO_PASSWORD_ENC}@mongodb:27017?authSource=admin"
    MONGODB_DB_NAME: daployi
    REDIS_HOST: redis
    REDIS_PORT: "6379"
    REDIS_PASSWORD: "${REDIS_PASSWORD}"
    REDIS_DATABASE: "0"
    LOG_LEVEL: ${LOG_LEVEL}
    MASTER_KEY_B64: ${MASTER_KEY_B64}
  networks:
    daployi_net:
      ipv4_address: 10.99.0.13
  logging:
    driver: "json-file"
    options:
      max-size: "100m"
      max-file: "5"

web:
  image: daployi/daployi-web:1.0.5
  platform: linux/amd64
  container_name: daployi-web
  restart: unless-stopped
  depends_on:
    - server
  environment:
    NUXT_PUBLIC_API_BASE: ${PUBLIC_API_BASE}
    NUXT_PUBLIC_WS_BASE: ${PUBLIC_WS_BASE}
    NUXT_PUBLIC_AGENT_VERSION: 1.0.5
    API_PORT: ${WEB_PORT}
    NITRO_PORT: ${WEB_PORT}
  ports:
    - "${WEB_PORT}:${WEB_PORT}"
  networks:
    daployi_net:
      ipv4_address: 10.99.0.14
  logging:
    driver: "json-file"
    options:
      max-size: "100m"
      max-file: "5"

secrets:
redis_password:
  file: .secrets/redis_password
mongo_root_password:
  file: .secrets/mongo_root_password
jwt_secret:
  file: .secrets/jwt_secret

networks:
  daployi_net:
    driver: bridge
    ipam:
      config:
        - subnet: 10.99.0.0/24

volumes:
  redis_data:
  mongodb_data:
  1. Start the stack
docker compose up -d
  1. Verify
  • API:
docker logs -f daployi-server

  • Web: open http://localhost:\${WEB_PORT} in your browser

  • MongoDB:

mongo --host localhost --port 27018 -u $MONGO_USER -p $(cat .secrets/mongo_root_password) --authenticationDatabase admin
  • Redis:
redis-cli -h localhost -p 6378 -a $(cat .secrets/redis_password) PING

Notes and tips

  • Static IPs are assigned within the custom bridge network to simplify service discovery. Avoid collisions with existing networks.
  • If ports 27018, 6378, API_PORT, or WEB_PORT are in use, adjust the host port mappings.
  • For production, consider setting NODE_ENV=production and tightening firewall rules.
  • Keep your .secrets directory out of version control.