Running in Docker
Written By charan
Last updated About 3 hours ago
Docker Compose configuration for running dFlow self-hosted with Traefik, MongoDB, Redis, and monitoring.
Running dFlow on Docker
To get fast, reliable, and secure deployment with none of the work or hidden costs that come with self-hosting, check out dFlow Cloud.
Below is the complete docker-compose.yml file used to deploy the dFlow self-hosted platform.
This file defines all necessary services, networks, volumes, and environment variables for production-grade deployments.
Traefik for reverse proxy and automatic SSL via Let's Encrypt.
MongoDB for persistent data storage.
Redis for caching and background jobs.
Beszel for monitoring.
Config Generator for dynamic proxy routing.
Payload CMS app for the core dFlow platform.
networks:
custom-tailnet:
driver: bridge
services:
# Traefik Reverse Proxy
traefik:
image: traefik:v3.4
container_name: traefik
restart: always
ports:
- '80:80'
- '443:443'
networks:
- custom-tailnet
command:
- --configFile=/etc/traefik/traefik.yaml
environment:
- CF_DNS_API_TOKEN=${CF_DNS_API_TOKEN}
volumes:
- ./traefik.yaml:/etc/traefik/traefik.yaml
- ./acme.json:/etc/traefik/acme.json
- ./dynamic:/etc/traefik/dynamic
# Dynamic Config Generator
config-generator:
image: ghcr.io/dflow-sh/config-generator:latest
container_name: config-generator
restart: on-failure
networks:
- custom-tailnet
environment:
- JWT_TOKEN=${JWT_TOKEN}
- WILD_CARD_DOMAIN=${WILD_CARD_DOMAIN}
- PROXY_PORT=${PROXY_PORT}
volumes:
- ./dynamic:/app/output
# Monitoring dashboard
beszel:
image: henrygd/beszel:latest
container_name: beszel
restart: unless-stopped
networks:
- custom-tailnet
volumes:
- ./beszel_data:/beszel_data
- ./beszel_socket:/beszel_socket
# Monitoring beszel-agent
beszel-agent:
image: henrygd/beszel-agent
container_name: beszel-agent
restart: unless-stopped
networks:
- custom-tailnet
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- ./beszel_agent_data:/var/lib/beszel-agent
- ./beszel_socket:/beszel_socket
environment:
LISTEN: /beszel_socket/beszel.sock
KEY: '<beszel-ssh-key>'
TOKEN: '<token>'
HUB_URL: http://beszel:8090
# Redis
redis:
image: redis:7
container_name: redis
restart: unless-stopped
networks:
- custom-tailnet
volumes:
- redis-data:/data
# MongoDB
mongodb:
image: mongo:7
container_name: mongodb
restart: unless-stopped
networks:
- custom-tailnet
environment:
MONGO_INITDB_ROOT_USERNAME: ${MONGO_INITDB_ROOT_USERNAME}
MONGO_INITDB_ROOT_PASSWORD: ${MONGO_INITDB_ROOT_PASSWORD}
volumes:
- mongo-data:/data/db
# Payload CMS App
payload-app:
image: ghcr.io/dflow-sh/dflow:latest
container_name: payload-app
restart: always
cap_add:
- NET_ADMIN
devices:
- /dev/net/tun
networks:
- custom-tailnet
depends_on:
- redis
- mongodb
environment:
NEXT_PUBLIC_WEBSITE_URL: ${NEXT_PUBLIC_WEBSITE_URL}
DATABASE_URI: mongodb://${MONGO_INITDB_ROOT_USERNAME}:${MONGO_INITDB_ROOT_PASSWORD}@mongodb:27017/${MONGO_DB_NAME}?authSource=admin
REDIS_URI: redis://redis:6379
PAYLOAD_SECRET: ${PAYLOAD_SECRET}
TAILSCALE_AUTH_KEY: ${TAILSCALE_AUTH_KEY}
TAILSCALE_OAUTH_CLIENT_SECRET: ${TAILSCALE_OAUTH_CLIENT_SECRET}
TAILSCALE_TAILNET: ${TAILSCALE_TAILNET}
NEXT_PUBLIC_PROXY_DOMAIN_URL: ${NEXT_PUBLIC_PROXY_DOMAIN_URL}
NEXT_PUBLIC_BETTER_STACK_SOURCE_TOKEN: ${NEXT_PUBLIC_BETTER_STACK_SOURCE_TOKEN}
NEXT_PUBLIC_BETTER_STACK_INGESTING_URL: ${NEXT_PUBLIC_BETTER_STACK_INGESTING_URL}
RESEND_API_KEY: ${RESEND_API_KEY}
RESEND_SENDER_EMAIL: ${RESEND_SENDER_EMAIL}
RESEND_SENDER_NAME: ${RESEND_SENDER_NAME}
NEXT_PUBLIC_PROXY_CNAME: ${NEXT_PUBLIC_PROXY_CNAME}
NEXT_PUBLIC_DISCORD_INVITE_URL: ${NEXT_PUBLIC_DISCORD_INVITE_URL}
volumes:
- ./scripts:/app/scripts
volumes:
mongo-data:
redis-data: