Learn how to self-host Latitude in production mode
Latitude can be easily deployed in a single machine using Docker Compose, which will set up all required services including the web interface, API gateway, workers, websockets, database, and Redis.
.env
configuration fileYou can create the network using the following command:
Make sure this network is created before running the containers with docker compose
.
.env
file with your production settings. The following key configurations are available:Traefik Settings:
TRAEFIK_ACME_EMAIL
: Email address used for Let’s Encrypt ACME registration. Required for issuing and renewing SSL certificates. It is also used to receive expiration and renewal notifications.TRAEFIK_ADMIN_PASS
: Passwords must be hashed using MD5, SHA1, or BCrypt. Read more: https://doc.traefik.io/traefik/middlewares/http/basicauth/
Example command to generate a password for user admin:
Database Settings:
POSTGRES_USER
and POSTGRES_PASSWORD
: Database credentialsDATABASE_URL
: PostgreSQL connection stringRedis Settings:
QUEUE_PORT
and QUEUE_HOST
: Redis queue configurationCACHE_PORT
and CACHE_HOST
: Redis cache configurationNetwork Settings:
APP_DOMAIN
: Your domain (e.g., latitude.so
)APP_URL
: Full URL to your applicationGATEWAY_HOSTNAME
: API gateway hostnameGATEWAY_SSL
: Enable/disable SSLEmail Configuration:
MAIL_TRANSPORT
: smtp
, mailgun
, mailpit
- default
transport is mailpit
MAILGUN_EMAIL_DOMAIN
: Email domain for sending emailsFROM_MAILER_EMAIL
: Sender email addressMAILGUN_MAILER_API_KEY
: Mailgun API key (optional)DISABLE_EMAIL_AUTHENTICATION
: Disable email authentication (optional, default: false
)If MAIL_TRANSPORT
is set to smtp
, you must provide the following environment variables:
SMTP_HOST
: The SMTP server host (e.g., smtp.gmail.com
)SMTP_PORT
: The SMTP port number (e.g., 465
for SMTPS or 587
for STARTTLS)SMTP_SECURE
: Set to true
for SMTPS (465
) or false
for STARTTLS (587
)SMTP_USER
: Your email address used for authentication (e.g., your_email@gmail.com
)SMTP_PASS
: The password for your email account (use an app password if using Gmail)Security Considerations:
TLS/SSL Encryption:
SMTP_SECURE
set to true
for SMTPS or false
for STARTTLS). This is crucial for protecting your email credentials and the contents of your email.Storage Configuration:
DRIVE_DISK
: Choose between local
or s3
for file storage
local
file storage configuration:
Files are stored locally on the host machine using Docker volumes.
Default variables used:
s3
AWS S3 storage configuration:
With environment variables (for convenience/legacy): You explicitly provide AWS credentials (AWS_ACCESS_KEY and AWS_ACCESS_SECRET) via .env file. Required variables:
AWS S3 with IAM Roles (recommended): No explicit AWS keys needed! Use IAM Roles attached to your AWS services (ECS, EC2, Lambda). Ensure AWS resource has proper IAM Role with S3 access (GetObject, PutObject, DeleteObject). Only required environment variables (no keys explicitly stored):
How to configure IAM Role (example):
AWS SDK automatically handles credentials from attached IAM roles.
Optional Features:
This will start the following services from public Docker images stored in our GitHub Container Registry:
gateway.latitude.localhost
)app.latitude.localhost
)ws.latitude.localhost
)Once running, you can access:
http://app.latitude.localhost
http://gateway.latitude.localhost
http://ws.latitude.localhost
http://localhost:8090
You can monitor the services using standard Docker commands:
./docker/pgdata
..env
fileYou might want to run the services in localhost for development purposes. To do so, you can use the following command:
This will start the same services as in production mode but SSL/HTTPS disabled,
which allows you to use local tlds such as localhost
. Remember to configure
your .env
file accordingly.
We provide a custom docker profile for building your own images locally.
To build and run your local images, run the following command:
Learn how to self-host Latitude in production mode
Latitude can be easily deployed in a single machine using Docker Compose, which will set up all required services including the web interface, API gateway, workers, websockets, database, and Redis.
.env
configuration fileYou can create the network using the following command:
Make sure this network is created before running the containers with docker compose
.
.env
file with your production settings. The following key configurations are available:Traefik Settings:
TRAEFIK_ACME_EMAIL
: Email address used for Let’s Encrypt ACME registration. Required for issuing and renewing SSL certificates. It is also used to receive expiration and renewal notifications.TRAEFIK_ADMIN_PASS
: Passwords must be hashed using MD5, SHA1, or BCrypt. Read more: https://doc.traefik.io/traefik/middlewares/http/basicauth/
Example command to generate a password for user admin:
Database Settings:
POSTGRES_USER
and POSTGRES_PASSWORD
: Database credentialsDATABASE_URL
: PostgreSQL connection stringRedis Settings:
QUEUE_PORT
and QUEUE_HOST
: Redis queue configurationCACHE_PORT
and CACHE_HOST
: Redis cache configurationNetwork Settings:
APP_DOMAIN
: Your domain (e.g., latitude.so
)APP_URL
: Full URL to your applicationGATEWAY_HOSTNAME
: API gateway hostnameGATEWAY_SSL
: Enable/disable SSLEmail Configuration:
MAIL_TRANSPORT
: smtp
, mailgun
, mailpit
- default
transport is mailpit
MAILGUN_EMAIL_DOMAIN
: Email domain for sending emailsFROM_MAILER_EMAIL
: Sender email addressMAILGUN_MAILER_API_KEY
: Mailgun API key (optional)DISABLE_EMAIL_AUTHENTICATION
: Disable email authentication (optional, default: false
)If MAIL_TRANSPORT
is set to smtp
, you must provide the following environment variables:
SMTP_HOST
: The SMTP server host (e.g., smtp.gmail.com
)SMTP_PORT
: The SMTP port number (e.g., 465
for SMTPS or 587
for STARTTLS)SMTP_SECURE
: Set to true
for SMTPS (465
) or false
for STARTTLS (587
)SMTP_USER
: Your email address used for authentication (e.g., your_email@gmail.com
)SMTP_PASS
: The password for your email account (use an app password if using Gmail)Security Considerations:
TLS/SSL Encryption:
SMTP_SECURE
set to true
for SMTPS or false
for STARTTLS). This is crucial for protecting your email credentials and the contents of your email.Storage Configuration:
DRIVE_DISK
: Choose between local
or s3
for file storage
local
file storage configuration:
Files are stored locally on the host machine using Docker volumes.
Default variables used:
s3
AWS S3 storage configuration:
With environment variables (for convenience/legacy): You explicitly provide AWS credentials (AWS_ACCESS_KEY and AWS_ACCESS_SECRET) via .env file. Required variables:
AWS S3 with IAM Roles (recommended): No explicit AWS keys needed! Use IAM Roles attached to your AWS services (ECS, EC2, Lambda). Ensure AWS resource has proper IAM Role with S3 access (GetObject, PutObject, DeleteObject). Only required environment variables (no keys explicitly stored):
How to configure IAM Role (example):
AWS SDK automatically handles credentials from attached IAM roles.
Optional Features:
This will start the following services from public Docker images stored in our GitHub Container Registry:
gateway.latitude.localhost
)app.latitude.localhost
)ws.latitude.localhost
)Once running, you can access:
http://app.latitude.localhost
http://gateway.latitude.localhost
http://ws.latitude.localhost
http://localhost:8090
You can monitor the services using standard Docker commands:
./docker/pgdata
..env
fileYou might want to run the services in localhost for development purposes. To do so, you can use the following command:
This will start the same services as in production mode but SSL/HTTPS disabled,
which allows you to use local tlds such as localhost
. Remember to configure
your .env
file accordingly.
We provide a custom docker profile for building your own images locally.
To build and run your local images, run the following command: