Please use this README if you want to deploy Huly on your server with docker compose
. I'm using a Basic Droplet on Digital Ocean with Ubuntu 23.10, but these instructions can be easily adapted for any Linux distribution.
Note
Huly is quite resource-heavy, so I recommend using a Droplet with 2 vCPUs and 4GB of RAM. Droplets with less RAM may stop responding or fail.
If you prefer Kubernetes deployment, there is a sample Kubernetes configuration under kube directory.
First, let's install nginx
and docker
using the commands below if you have not already installed them on your machine.
$ sudo apt update
$ sudo apt install nginx
$ sudo snap install docker
Next, let's clone the huly-selfhost
repository and configure the server address. Please replace x.y.z.w with your server's IP address.
$ git clone https://github.com/hcengineering/huly-selfhost.git
$ cd huly-selfhost
$ ./setup.sh x.y.z.w # Replace x.y.z.w with your server's IP address
$ sudo ln -s $(pwd)/nginx.conf /etc/nginx/sites-enabled/
Finally, let's restart nginx
and run Huly with docker compose
.
$ sudo systemctl restart nginx
$ sudo docker compose up
Now, launch your web browser and enjoy Huly!
When exposing your self-hosted Huly deployment to the internet, it's crucial to implement some security measures to protect your server and data.
- Do not expose MongoDB, MinIO, and Elastic services to the internet. Huly does not require them to be accessible from the internet.
- It is highly recommended to change the default credentials. By default the services, mentioned above, require no authentication, or use default well-known credentials.
You'll need Node.js
installed on your machine. Installing npm
on Debian based distro:
sudo apt-get install npm
Install web-push using npm
sudo npm install -g web-push
Generate VAPID Keys. Run the following command to generate a VAPID key pair:
web-push generate-vapid-keys
It will generate both keys that looks like this:
=======================================
Public Key:
sdfgsdgsdfgsdfggsdf
Private Key:
asdfsadfasdfsfd
=======================================
Keep these keys secure, as you will need them to set up your push notification service on the server.
Add these keys into compose.yaml
in section services:front:environnement
:
- PUSH_PUBLIC_KEY=your public key
- PUSH_PRIVATE_KEY=your private key
You can configure a Huly instance to authorize users (sign-in/sign-up) using an OpenID Connect identity provider (IdP).
- Create a new OpenID application.
- Configure user access to the application as needed.
Specify the following environment variables (provided by the IdP) for the account service:
- OPENID_CLIENT_ID
- OPENID_CLIENT_SECRET
- OPENID_ISSUER
Ensure you have configured or add the following environment variable to the front service:
- ACCOUNTS_URL (This should contain the URL of the account service, accessible from the client side.)
Note: Once all the required environment variables are configured, you will see an additional button on the sign-in/sign-up pages.