The quickstart Docker image is an all-in-one container launching the Fief server, the Fief worker for background jobs and a Redis server to schedule those jobs. While suitable for local development and testing, it's usually better in production to have dedicated containers for each purpose.
Docker Compose greatly simplifies the configuration of multiple containers. This is probably the easiest way if you already know Docker and want to deploy on your own server. You'll find below a typical
docker-compose.yml configuration for Fief.
version: "3" services: fief-server: image: ghcr.io/fief-dev/fief:latest command: fief run-server --port 80 ports: - 80:80 env_file: - .env fief-worker: image: ghcr.io/fief-dev/fief:latest command: fief run-worker -p 1 -t 1 env_file: - .env postgres: image: postgres:alpine environment: - POSTGRES_PASSWORD=fief - POSTGRES_USER=fief - POSTGRES_DB=fief volumes: - postgres-data:/var/lib/postgresql/data redis: image: redis:alpine command: redis-server --save 60 1 --loglevel warning volumes: - redis-data:/data volumes: redis-data: postgres-data:
# Reference: https://docs.fief.dev/self-hosting/environment-variables/ SECRET=XXX FIEF_CLIENT_ID=XXX FIEF_CLIENT_SECRET=XXX ENCRYPTION_KEY=XXX PORT=80 ROOT_DOMAIN=mydomain.com FIEF_DOMAIN=fief.mydomain.com FIEF_MAIN_USER_EMAILfirstname.lastname@example.org FIEF_MAIN_USER_PASSWORD=XXX # Read more: https://docs.fief.dev/self-hosting/deployment/setup-database/ DATABASE_TYPE=POSTGRESQL DATABASE_HOST=postgres DATABASE_PORT=5432 DATABASE_USERNAME=fief DATABASE_PASSWORD=fief DATABASE_NAME=fief REDIS_URL=redis://redis:6379
We have two Fief containers: one for the web server and one for the worker.
We also defined a dedicated database container, PostgreSQL, and a broker for passing job messages, Redis. Note how we defined and linked a volume for both of them. By doing this, we make sure we persist our data in a dedicated Docker volume that will persist even if we delete the containers.
.env file will contain all the environment variables for configuring Fief. You can have more details about the configuration of your database and email provider in the dedicated sections.
Backup the volumes
You should probably think about a proper backup method for those volumes. A convenient solution is to use
docker-volume-backup, a dedicated Docker image capable of archiving Docker volumes and send them to a distant storage.
You'll probably want a reverse proxy
In general, we don't directly expose the web server to the internet. A common pattern is to use a reverse proxy, which takes care of routing the incoming requests. It's also a great candidate to manage HTTPS/SSL. A common choice is Traefik Proxy, which is very convenient to use with Docker containers.