Skip to main content

Docker

Docker is the easiest way to get started with the self-hosted version of Lago.

Requirements

  1. Install Docker on your machine;
  2. Make sure Docker Compose is installed and available (it should be the case if you have chosen to install Docker via Docker Desktop); and
  3. Make sure Git is installed on your machine.

Run the app

To start using Lago, run the following commands in a shell:

# Get the code
git clone https://github.com/getlago/lago.git

# Go to Lago folder
cd lago

# Set up environment configuration
echo "LAGO_RSA_PRIVATE_KEY=\"`openssl genrsa 2048 | base64`\"" >> .env
source .env

# Start
docker-compose up

You can now open your browser and go to http://localhost to connect to the application. Lago's API is exposed at http://localhost:3000.

Configuration

Version

Docker images are always updated to the last stable version in the docker-compose.yml file. You can use a different tag if needed by checking the releases list.

caution

We recommend to avoid the usage of latest tag, you should use the last tagged version, you can track what are the last version on Dockerhub

Environment variables

Lago uses the following environment variables to configure the components of the application. You can override them to customise your setup.

VariableDefault valueDescription
POSTGRES_HOSTdbHost name of the postgres server
POSTGRES_DBlagoName of the postgres database
POSTGRES_USERlagoDatabase user for postgres connection
POSTGRES_PASSWORDchangemeDatabase password for postgres connection
POSTGRES_PORT5432Port the postgres database listens to
REDIS_HOSTredisHost name of the redis server
REDIS_PORT6379Port the redis database listens to
LAGO_FRONT_URLhttp://localhostURL of the Lago front-end application.
Used for CORS configuration
FRONT_PORT80Port the front-end application listens to
LAGO_API_URLhttp://localhost:3000URL of the Lago back-end application
API_PORT3000Port the back-end application listens to
SECRET_KEY_BASEyour-secret-key-base-hex-64Secret key used for session encryption
SENTRY_DSNSentry DSN key for error and performance tracking
LAGO_RSA_PRIVATE_KEYPrivate key used for webhook signatures
LAGO_SIDEKIQ_WEBActivate the Sidekiq web UI, disabled by default
LAGO_ENCRYPTION_PRIMARY_KEYEncryption primary key used to secure sensitive values stored in the database
LAGO_ENCRYPTION_DETERMINISTIC_KEYEncryption deterministic key used to secure sensitive values stored in the database
LAGO_ENCRYPTION_KEY_DERIVATION_SALTEncryption key salt used to secure sensitive values stored in the database
caution

We recommend that you change POSTGRES_PASSWORD, SECRET_KEY_BASE, LAGO_RSA_PRIVATE_KEY, LAGO_ENCRYPTION_PRIMARY_KEY, LAGO_ENCRYPTION_DETERMINISTIC_KEY and LAGO_ENCRYPTION_KEY_DERIVATION_SALT to improve the security of your Lago instance:

  • SECRET_KEY_BASE can be generated using the openssl rand -hex 64 command.
  • LAGO_RSA_PRIVATE_KEY can be generated using the openssl genrsa 2048 | base64 command.
  • LAGO_ENCRYPTION_PRIMARY_KEY, LAGO_ENCRYPTION_DETERMINISTIC_KEY and LAGO_ENCRYPTION_KEY_DERIVATION_SALT can all be gerated using the cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1 command.

Components

Lago uses the following containers:

ContainerRole
frontFront-end application
apiAPI back-end application
api_workerAsynchronous worker for the API application
api_clockClock worker for the API application
dbPostgres database engine used to store application data
redisRedis database engine used as a queuing system for asynchronous tasks

You can also use your own database or Redis server. To do so, remove the db and redis configurations from the docker-compose.yml file and update the environment variables accordingly.