Overview
Obeya Cloud can be self-hosted on your own infrastructure for full data control. This guide covers Docker Compose deployment for small teams and Kubernetes deployment for production environments.
System Requirements
Minimum Requirements
| Resource | Specification |
|---|
| CPU | 2 cores |
| RAM | 4 GB |
| Storage | 20 GB SSD |
| OS | Linux (Ubuntu 22.04+, Debian 12+) |
| Docker | 24+ with Compose v2 |
| Network | Public IP or domain with HTTPS |
Recommended (Production)
| Resource | Specification |
|---|
| CPU | 4+ cores |
| RAM | 8+ GB |
| Storage | 100+ GB SSD |
| Database | Managed PostgreSQL (RDS, Cloud SQL, etc.) |
| Redis | Managed Redis (ElastiCache, Upstash, etc.) |
Docker Compose Deployment
Clone the Repository
git clone https://github.com/obeya-cloud/obeya.git
cd obeya-cloud
Configure Environment
cp .env.example .env.production
.env.production with your production values:# Application
NODE_ENV=production
APP_URL=https://obeya.yourcompany.com
# Database
DATABASE_URL="postgresql://obeya:SECURE_PASSWORD@postgres:5432/obeya"
# Auth
AUTH_SECRET="generate-a-random-64-char-string"
AUTH_URL="https://obeya.yourcompany.com"
# Redis
REDIS_URL="redis://redis:6379"
# Storage
S3_ENDPOINT="http://minio:9000"
S3_ACCESS_KEY="your-access-key"
S3_SECRET_KEY="your-secret-key"
S3_BUCKET="obeya"
# Search
MEILI_URL="http://meilisearch:7700"
MEILI_MASTER_KEY="generate-a-random-master-key"
# Email (SMTP)
SMTP_HOST="smtp.yourcompany.com"
SMTP_PORT=587
SMTP_USER="noreply@yourcompany.com"
SMTP_PASS="your-smtp-password"
EMAIL_FROM="Obeya Cloud <noreply@yourcompany.com>"
Start Services
docker compose -f docker/docker-compose.prod.yml \
--env-file .env.production \
up -d
- Next.js web application (port 3000)
- WebSocket server (port 3001)
- PostgreSQL 16
- Redis 7
- MinIO (S3-compatible storage)
- Meilisearch
Initialize Database
docker compose -f docker/docker-compose.prod.yml \
exec web pnpm db:push
docker compose -f docker/docker-compose.prod.yml \
exec web pnpm db:seed # Optional: seed with sample data
Configure Reverse Proxy
Set up Nginx, Caddy, or Traefik as a reverse proxy with SSL termination.Caddy example (Caddyfile):obeya.yourcompany.com {
reverse_proxy localhost:3000
}
*.obeya.yourcompany.com {
reverse_proxy localhost:3000
}
Kubernetes Deployment
For production environments, use the provided Kubernetes manifests:
# Create namespace
kubectl create namespace obeya
# Apply configuration
kubectl apply -f kubernetes/configmap.yaml -n obeya
kubectl apply -f kubernetes/secrets.yaml -n obeya
# Deploy services
kubectl apply -f kubernetes/postgres.yaml -n obeya
kubectl apply -f kubernetes/redis.yaml -n obeya
kubectl apply -f kubernetes/minio.yaml -n obeya
kubectl apply -f kubernetes/meilisearch.yaml -n obeya
# Deploy application
kubectl apply -f kubernetes/web.yaml -n obeya
kubectl apply -f kubernetes/ws.yaml -n obeya
# Set up ingress
kubectl apply -f kubernetes/ingress.yaml -n obeya
For production Kubernetes deployments, we recommend using managed services for PostgreSQL, Redis, and S3 instead of running them in-cluster.
Wildcard DNS
Multi-tenancy requires wildcard DNS for subdomains. Configure a wildcard DNS record:
*.obeya.yourcompany.com → A → YOUR_SERVER_IP
Backups
Database Backups
Set up automated PostgreSQL backups:
# Daily backup cron job
0 2 * * * pg_dump -U obeya -h localhost obeya | gzip > /backups/obeya-$(date +\%Y\%m\%d).sql.gz
File Storage Backups
If using MinIO, enable built-in replication or sync to external S3:
mc mirror minio/obeya s3/obeya-backup --watch
Upgrading
Rebuild and Restart
docker compose -f docker/docker-compose.prod.yml build
docker compose -f docker/docker-compose.prod.yml up -d
Run Migrations
docker compose -f docker/docker-compose.prod.yml exec web pnpm db:migrate
Always back up your database before upgrading. Review the changelog for breaking changes before applying updates.
Health Checks
The application exposes health check endpoints:
| Endpoint | Purpose |
|---|
GET /api/health | Application health |
GET /api/health/db | Database connectivity |
GET /api/health/redis | Redis connectivity |
GET /api/health/ready | Full readiness check |
