Self Hosting

We support various deployment methods and are actively working on adding more. Please let us know if you have a specific deployment method in mind!

Manual Deployment

The following guide will walk you through setting up Documenso manually on your server or cloud infrastructure.

1

Clone the Repository
2

The first step is to clone the repository:
3

git clone https://github.com/documenso/documenso.git
4

Configure the Environment Variables
5

Navigate to the documenso folder and create a .env file from the example .env.example file:
6

cp .env.example .env
7

Open the .env file and fill in the following variables:
8

- NEXTAUTH_URL
- NEXTAUTH_SECRET
- NEXT_PUBLIC_WEBAPP_URL
- NEXT_PUBLIC_MARKETING_URL
- NEXT_PRIVATE_DATABASE_URL
- NEXT_PRIVATE_DIRECT_DATABASE_URL
- NEXT_PRIVATE_SMTP_FROM_NAME
- NEXT_PRIVATE_SMTP_FROM_ADDRESS
9

Install the Dependencies
10

Install the project dependencies as follows:
11

npm i
npm run build:web
npm run prisma:migrate-deploy
12

Start the Application
13

Finally, start the application:
14

npm run start
15

This will start the server on localhost:3000. Any reverse proxy can handle the front end and SSL termination.

Docker

The following guide will walk you through setting up Documenso using Docker. You can choose between a Docker Compose production setup or a standalone container.

We provide a Docker container for Documenso, published on both DockerHub and GitHub Container Registry.

You can pull the Docker image from either of these registries and run it with your preferred container hosting provider.

Please note that you must provide environment variables for connecting to the database, mail server, and other services.

Option 1: Production Docker Compose Setup

This setup includes a PostgreSQL database and the Documenso application. You will need to provide your own SMTP details using environment variables.

1

Download the Docker Compose File
2

Download the Docker Compose file from the Documenso repository - compose.yml.
3

Navigate to the compose.yml File
4

Once downloaded, navigate to the directory containing the compose.yml file.
5

Set Up Environment Variables
6

Create a .env file in the same directory as the compose.yml file.
7

Then add your SMTP details as well as the following environment variables:
8

NEXTAUTH_SECRET="<your-secret>"
NEXT_PRIVATE_ENCRYPTION_KEY="<your-key>"
NEXT_PRIVATE_ENCRYPTION_SECONDARY_KEY="<your-secondary-key>"
NEXT_PUBLIC_WEBAPP_URL="<your-url>"
NEXT_PRIVATE_SMTP_TRANSPORT="smtp-auth"
NEXT_PRIVATE_SMTP_HOST="<your-host>"
NEXT_PRIVATE_SMTP_PORT=<your-port>
NEXT_PRIVATE_SMTP_USERNAME="<your-username>"
NEXT_PRIVATE_SMTP_PASSWORD="<your-password>"
9

Update the Volume Binding
10

The cert.p12 file is required to sign and encrypt documents, so you must provide your key file. Update the volume binding in the compose.yml file to point to your key file:
11

volumes:
  - /path/to/your/keyfile.p12:/opt/documenso/cert.p12
12

After updating the volume binding, save the compose.yml file and run the following command to start the containers:
13

docker-compose --env-file ./.env up -d
14

The command will start the PostgreSQL database and the Documenso application containers.
15

Access the Application
16

Access the Documenso application by visiting http://localhost:3000 in your web browser.

Option 2: Standalone Docker Container

If you prefer to host the Documenso application on a specific container provider, use the pre-built Docker image from DockerHub or GitHub’s Package Registry. You will need to provide your own database and SMTP host.

1

Pull the Docker Image
2

Pull the Documenso Docker image from DockerHub:
3

docker pull documenso/documenso
4

Or, pull the image from GitHub Container Registry:
5

docker pull ghcr.io/documenso/documenso
6

Run the Docker Container
7

Run the Docker container with the required environment variables:
8

docker run -d \
 -p 3000:3000 \
 -e NEXTAUTH_URL="<your-nextauth-url>"
 -e NEXTAUTH_SECRET="<your-nextauth-secret>"
 -e NEXT_PRIVATE_ENCRYPTION_KEY="<your-next-private-encryption-key>"
 -e NEXT_PRIVATE_ENCRYPTION_SECONDARY_KEY="<your-next-private-encryption-secondary-key>"
 -e NEXT_PUBLIC_WEBAPP_URL="<your-next-public-webapp-url>"
 -e NEXT_PRIVATE_DATABASE_URL="<your-next-private-database-url>"
 -e NEXT_PRIVATE_DIRECT_DATABASE_URL="<your-next-private-database-url>"
 -e NEXT_PRIVATE_SMTP_TRANSPORT="<your-next-private-smtp-transport>"
 -e NEXT_PRIVATE_SMTP_FROM_NAME="<your-next-private-smtp-from-name>"
 -e NEXT_PRIVATE_SMTP_FROM_ADDRESS="<your-next-private-smtp-from-address>"
 -v /path/to/your/keyfile.p12:/opt/documenso/cert.p12
 documenso/documenso
9

Replace the placeholders with the actual values.
10

Access the Application
11

You can access the Documenso application by visiting the URL you provided for the NEXT_PUBLIC_WEBAPP_URL environment variable in your web browser.

Advanced Configuration

The environment variables listed above are a subset of those available for configuring Documenso. The table below provides a complete list of environment variables and their descriptions.

VariableDescription
PORTThe port on which the Documenso application runs. It defaults to 3000.
NEXTAUTH_URLThe URL for the NextAuth.js authentication service.
NEXTAUTH_SECRETThe secret key used by NextAuth.js for encryption and signing.
NEXT_PRIVATE_ENCRYPTION_KEYThe primary encryption key for symmetric encryption and decryption (at least 32 characters).
NEXT_PRIVATE_ENCRYPTION_SECONDARY_KEYThe secondary encryption key for symmetric encryption and decryption (at least 32 characters).
NEXT_PRIVATE_GOOGLE_CLIENT_IDThe Google client ID for Google authentication (optional).
NEXT_PRIVATE_GOOGLE_CLIENT_SECRETThe Google client secret for Google authentication (optional).
NEXT_PUBLIC_WEBAPP_URLThe URL for the web application.
NEXT_PRIVATE_DATABASE_URLThe URL for the primary database connection (with connection pooling).
NEXT_PRIVATE_DIRECT_DATABASE_URLThe URL for the direct database connection (without connection pooling).
NEXT_PRIVATE_SIGNING_TRANSPORTThe signing transport to use. Available options: local (default)
NEXT_PRIVATE_SIGNING_PASSPHRASEThe passphrase for the key file.
NEXT_PRIVATE_SIGNING_LOCAL_FILE_CONTENTSThe base64-encoded contents of the key file will be used instead of the file path.
NEXT_PRIVATE_SIGNING_LOCAL_FILE_PATHThe path to the key file, default /opt/documenso/cert.p12.
NEXT_PUBLIC_UPLOAD_TRANSPORTThe transport for file uploads (database or s3).
NEXT_PRIVATE_UPLOAD_ENDPOINTThe endpoint for the S3 storage transport (for third-party S3-compatible providers).
NEXT_PRIVATE_UPLOAD_FORCE_PATH_STYLEWhether to force path-style URLs for the S3 storage transport.
NEXT_PRIVATE_UPLOAD_REGIONThe region for the S3 storage transport (defaults to us-east-1).
NEXT_PRIVATE_UPLOAD_BUCKETThe bucket to use for the S3 storage transport.
NEXT_PRIVATE_UPLOAD_ACCESS_KEY_IDThe access key ID for the S3 storage transport.
NEXT_PRIVATE_UPLOAD_SECRET_ACCESS_KEYThe secret access key for the S3 storage transport.
NEXT_PRIVATE_SMTP_TRANSPORTThe transport to send emails (smtp-auth, smtp-api, resend, or mailchannels).
NEXT_PRIVATE_SMTP_HOSTThe host for the SMTP server for SMTP transports.
NEXT_PRIVATE_SMTP_PORTThe port for the SMTP server for SMTP transports.
NEXT_PRIVATE_SMTP_USERNAMEThe username for the SMTP server for the smtp-auth transport.
NEXT_PRIVATE_SMTP_PASSWORDThe password for the SMTP server for the smtp-auth transport.
NEXT_PRIVATE_SMTP_APIKEY_USERThe API key user for the SMTP server for the smtp-api transport.
NEXT_PRIVATE_SMTP_APIKEYThe API key for the SMTP server for the smtp-api transport.
NEXT_PRIVATE_SMTP_SECUREWhether to force the use of TLS for the SMTP server for SMTP transports.
NEXT_PRIVATE_SMTP_FROM_ADDRESSThe email address for the “from” address.
NEXT_PRIVATE_SMTP_FROM_NAMEThe sender name for the “from” address.
NEXT_PRIVATE_RESEND_API_KEYThe API key for Resend.com for the resend transport.
NEXT_PRIVATE_MAILCHANNELS_API_KEYThe optional API key for MailChannels (if using a proxy) for the mailchannels transport.
NEXT_PRIVATE_MAILCHANNELS_ENDPOINTThe optional endpoint for the MailChannels API (if using a proxy) for the mailchannels transport.
NEXT_PRIVATE_MAILCHANNELS_DKIM_DOMAINThe domain for DKIM signing with MailChannels for the mailchannels transport.
NEXT_PRIVATE_MAILCHANNELS_DKIM_SELECTORThe selector for DKIM signing with MailChannels for the mailchannels transport.
NEXT_PRIVATE_MAILCHANNELS_DKIM_PRIVATE_KEYThe private key for DKIM signing with MailChannels for the mailchannels transport.
NEXT_PUBLIC_DOCUMENT_SIZE_UPLOAD_LIMITThe maximum document upload limit displayed to the user (in MB).
NEXT_PUBLIC_POSTHOG_KEYThe optional PostHog key for analytics and feature flags.
NEXT_PUBLIC_DISABLE_SIGNUPWhether to disable user signups through the /signup page.

Run as a Service

You can run the application using a systemd.service file. Here is a simple example of the service running on port 3500 (using 3000 by default):

[Unit]
Description=documenso
After=network.target

[Service]
Environment=PATH=/path/to/your/node/binaries
Type=simple
User=www-data
WorkingDirectory=/var/www/documenso/apps/web
ExecStart=/usr/bin/next start -p 3500
TimeoutSec=15
Restart=always

[Install]
WantedBy=multi-user.target

We offer several alternative deployment methods for Documenso if you need more options.

Railway

Render

Koyeb