diff --git a/docs/getting-started/install/digitalocean/index.html b/docs/getting-started/install/digitalocean/index.html index f7ef0af43..a33660ff4 100644 --- a/docs/getting-started/install/digitalocean/index.html +++ b/docs/getting-started/install/digitalocean/index.html @@ -3582,9 +3582,6 @@
Once the web UI has been submitted, you will be redirected to our application deployment tutorial, which will guide you through deploying a sample application to your Dokku server.
-Info
The backup plugin was deprecated in 0.4.x, below are backup recommendations for 0.5.x and later.
The best plan for disaster recovery is to always keep multiple (remote) copies of your local repo, static assets and periodic database dumps. Backups should be regularly tested for data integrity and completeness.
"},{"location":"advanced-usage/backup-recovery/#tldr","title":"TLDR","text":"Warning
This method has many caveats. Please read this entire document before assuming these backups work as expected, and test your backups on a regular basis.
"},{"location":"advanced-usage/backup-recovery/#creating-a-backup","title":"Creating a backup","text":"To create a backup, run the following command at a time when not executing any Dokku commands or app deployments:
export BACKUP_TIME=$(date +%Y-%m-%d-%H-%M)\nsudo mkdir -p /var/lib/dokku/services\nsudo chown dokku:dokku /var/lib/dokku/services\nmkdir -p /tmp/dokku-backups/\nsudo tar -czvf \"/tmp/dokku-backups/${BACKUP_TIME}.tar.gz\" /home/dokku /var/lib/dokku/config /var/lib/dokku/data /var/lib/dokku/services /var/lib/dokku/plugins\n
This will create a point-in-time backup of your entire Dokku installation in the /tmp/dokku-backups
directory. This backup may be moved offsite to another location via rsync, sftp, or some other protocol.
It is recommended that backups are regularly cleaned from the originating server and tested as necessary.
"},{"location":"advanced-usage/backup-recovery/#restoring-a-backup","title":"Restoring a backup","text":"To extract the backup onto another server, copy the backup to the server and extract it using the following command.
sudo tar -xzvf path/to/dokku/backup.tar.gz -C /\n
At this point, all datastores should be individually started and checked for data integrity. Once this is complete, individual apps can be rebuilt. Please consult the process management documentation for more information on how to rebuild apps.
"},{"location":"advanced-usage/backup-recovery/#caveats","title":"Caveats","text":""},{"location":"advanced-usage/backup-recovery/#app-config","title":"App config","text":"Application config is largely held in a small number of places:
/var/lib/dokku/config
: Properties set and managed by plugins/var/lib/dokku/data
: Files generated or extracted by various plugins/home/dokku
: Certain parts of Dokku core store data in this locationCompressing these directories when no Dokku commands are running is enough to ensure a complete backup of the system.
"},{"location":"advanced-usage/backup-recovery/#code-repositories","title":"Code Repositories","text":"Because Dokku is git based, rebuilding a deployed app is as easy as pushing from git. You can push to a new server by updating the dokku
remote in you local app's repo.
git remote rm dokku\ngit remote add dokku dokku@[dokku.me:dokku.me]\ngit push dokku [master]\n
"},{"location":"advanced-usage/backup-recovery/#docker-networks","title":"Docker Networks","text":"Docker networks generated by Dokku should be recreated. Running dokku network:report
will output all networks in use by various apps, which can then be used to recreate them via dokku network:create $NETWORK
.
Networks created by tools other than Dokku may be created as they initially were.
"},{"location":"advanced-usage/backup-recovery/#docker-image-and-tar-based-apps","title":"Docker Image and Tar-based Apps","text":"These apps may fail to rebuild via the normal ps:rebuild
method. Redeploy these apps by running the original commands used to deploy them
Info
Please note that point-in-time backups of the /var/lib/dokku/services
directory may contain partially written data due to how various datastores work. Consult the official datastore documentation for the best documentation surrounding proper backup and restore procedures.
Some plugins, like the official dokku-postgres plugin, have built-in commands that allow non-volatile data be exported and imported.
For dokku-postgres, use:
dokku postgres:export [db_name] > [db_name].dump\ndokku postgres:import [db_name] < [db_name].dump\n
Additionally, data for official datastores is located in the /var/lib/dokku/services
directory. If the directory is restored and the plugin is available, a dokku $SERVICE:start
may be enough to restart the service with the underlying data, so long as the datastore version does not change and the underlying data is not corrupt. If this is the case, it may be necessary to re-import all the data onto a fresh version of the datastore service.
The plugin directory is contained at the /var/lib/dokku/plugins
directory. Core plugins will automatically be included in new installs, but custom plugins may not. The aforementioned tar
creation command will back all plugins up, and the tar
extract command will restore the plugins.
Note that restoring a plugin will not trigger any install
or dependencies
triggers. You will need to run these manually. See the plugin management documentation for more information on how to trigger these two hooks.
Dokku doesn't enforce a 300mb limit on apps, but it's best practice to keep binary assets outside of git. Since containers are considered volatile in Dokku, external stores like s3 or storage mounts should be used for non-volatile items like user uploads. The Dokku storage core plugin can be used to mount local directories / volumes inside the docker container.
System administrators are highly encouraged to store persistent data in app-specific subdirectories of the path /var/lib/dokku/data/storage
. This will help ensure restores of the aforementioned primary Dokku directories will restore service to all apps.
See the persistent storage documentation for more information on how to attach persistent storage to your app.
"},{"location":"advanced-usage/backup-recovery/#recovering-app-code","title":"Recovering app code","text":"In case of an emergency when your git repo and backups are completely lost, you can recover the last pushed copy from your remote Dokku server (assuming you still have the ssh key).
mkdir [app-name] ; cd !$\ngit init && git remote add dokku dokku@[dokku.me:app-name]\ngit pull dokku/master && git checkout dokku/master\n
"},{"location":"advanced-usage/deployment-tasks/","title":"Deployment Tasks","text":"New
Introduced in 0.5.0
"},{"location":"advanced-usage/deployment-tasks/#usage","title":"Usage","text":""},{"location":"advanced-usage/deployment-tasks/#overview","title":"Overview","text":"Sometimes you need to run a command on deployment time, but before an app is completely deployed. Common use cases include:
collectstatic
)To support this, Dokku provides support for a special release
command within your app's Procfile
, as well as a special scripts.dokku
key inside of your app's app.json
file. Be aware that all commands are run within the context of the built docker image - no commands affect the host unless there are volume mounts attached to your app.
Each \"phase\" has different expectations and limitations:
app.json
: scripts.dokku.predeploy
app.json
: scripts.dokku.postdeploy
app.json
: scripts.postdeploy
Procfile
: release
Additionally, if using a Dockerfile with an ENTRYPOINT
, the deployment task is passed to that entrypoint as is. The exceptions are if the entrypoint is one of the following:
[\"/tini\", \"--\"]
[\"/bin/tini\", \"--\"]
[\"/usr/bin/tini\", \"--\"]
[\"/usr/local/bin/tini\", \"--\"]
Please keep the above in mind when utilizing deployment tasks.
Info
To execute commands on the host during a release phase, see the plugin creation documentation docs for more information on building your own custom plugin.
"},{"location":"advanced-usage/deployment-tasks/#changing-the-appjson-location","title":"Changing theapp.json
location","text":"The app.json
is expected to be found in a specific directory, depending on the deploy approach:
WORKDIR
of the Docker image for deploys resulting from git:from-image
and git:load-image
commands.git:from-archive
, git:sync
).Sometimes it may be desirable to set a different path for a given app, e.g. when deploying from a monorepo. This can be done via the appjson-path
property:
dokku app-json:set node-js-app appjson-path .dokku/app.json\n
The value is the path to the desired file relative to the base search directory, and will never be treated as absolute paths in any context. If that file does not exist within the repository, Dokku will continue the build process as if the repository has no app.json
.
The default value may be set by passing an empty value for the option:
dokku app-json:set node-js-app appjson-path\n
The appjson-path
property can also be set globally. The global default is app.json
, and the global value is used when no app-specific value is set.
dokku app-json:set --global appjson-path global-app.json\n
The default value may be set by passing an empty value for the option.
dokku app-json:set --global appjson-path\n
"},{"location":"advanced-usage/deployment-tasks/#displaying-app-json-reports-for-an-app","title":"Displaying app-json reports for an app","text":"New
Introduced in 0.25.0
You can get a report about the app's storage status using the app-json:report
command:
dokku app-json:report\n
=====> node-js-app app-json information\n App-json computed appjson path: app2.json\n App-json global appjson path: app.json\n App-json appjson path: app2.json\n=====> python-sample app-json information\n App-json computed appjson path: app.json\n App-json global appjson path: app.json\n App-json appjson path:\n=====> ruby-sample app-json information\n App-json computed appjson path: app.json\n App-json global appjson path: app.json\n App-json appjson path:\n
You can run the command for a specific app also.
ShellOutputdokku app-json:report node-js-app\n
=====> node-js-app app-json information\n App-json computed appjson path: app2.json\n App-json global appjson path: app.json\n App-json appjson path: app2.json\n
You can pass flags which will output only the value of the specific information you want. For example:
ShellOutputdokku app-json:report node-js-app --app-json-appjson-path\n
app2.json\n
"},{"location":"advanced-usage/deployment-tasks/#deployment-tasks_1","title":"Deployment tasks","text":""},{"location":"advanced-usage/deployment-tasks/#appjson-deployment-tasks","title":"app.json
deployment tasks","text":"Dokku provides limited support for the app.json
manifest from Heroku (documentation available here). The keys available for use with Deployment Tasks are:
scripts.dokku.predeploy
: This is run after an app's docker image is built, but before any containers are scheduled. Changes made to your image are committed at this phase.scripts.dokku.postdeploy
: This is run after an app's containers are scheduled. Changes made to your image are not committed at this phase.scripts.postdeploy
: This is run after an app's containers are scheduled. Changes made to your image are not committed at this phase.Warning
Any failed app.json
deployment task will fail the deploy. In the case of either phase, a failure will not affect any running containers.
The following is an example app.json
file. Please note that only the scripts.dokku.predeploy
and scripts.dokku.postdeploy
tasks are supported by Dokku at this time. All other fields will be ignored and can be omitted.
{\n \"scripts\": {\n \"dokku\": {\n \"predeploy\": \"touch /app/predeploy.test\",\n \"postdeploy\": \"curl https://some.external.api.service.com/deployment?state=success\"\n },\n \"postdeploy\": \"curl https://some.external.api.service.com/created?state=success\"\n }\n}\n
"},{"location":"advanced-usage/deployment-tasks/#procfile-release-command","title":"Procfile Release command","text":"New
Introduced in 0.14.0
The Procfile
also supports a special release
command which acts in a similar way to the Heroku Release Phase. This command is executed after an app's docker image is built, but before any containers are scheduled. This is also run after any command executed by scripts.dokku.predeploy
.
To use the release
command, simply add a release
stanza to your Procfile.
release: curl https://some.external.api.service.com/deployment?state=built\n
Unlike the scripts.dokku.predeploy
command, changes made during by the release
command are not persisted to disk.
Warning
scaling the release command up will likely result in unspecified issues within your deployment, and is highly discouraged.
"},{"location":"advanced-usage/docker-options/","title":"Docker Container Options","text":"New
Introduced in 0.3.17
Pass container options to the docker run
command during Dokku's build
, deploy
and run
phases
docker-options:add <app> <phase(s)> OPTION # Add Docker option to app for phase (comma-separated phase list)\ndocker-options:clear <app> [<phase(s)>...] # Clear a docker options from application\ndocker-options:remove <app> <phase(s)> OPTION # Remove Docker option from app for phase (comma-separated phase list)\ndocker-options:report [<app>] [<flag>] # Displays a docker options report for one or more apps\n
Info
When specifying multiple phases, they must be comma-separated without spaces in between each phase, like so:
dokku docker-options:add node-js-app deploy,run \"-v /var/log/node-js-app:/app/logs\"\n
"},{"location":"advanced-usage/docker-options/#about-dokku-phases","title":"About Dokku phases","text":"Dokku deploys your application in multiple \"phases\" and the docker-options
plugin allows you to pass arguments to their underlying docker container:
build
: the container that executes the appropriate buildpackdeploy
: the container that executes your running/deployed applicationrun
: the container that executes any arbitrary command via dokku run
Manipulation of docker options will not restart running containers. This enables multiple options to be set/unset before final application. As such, changing an app's docker options must be followed by a dokku ps:rebuild
in order to take effect.
More information on supported Docker options can be found here.
Container options configured via the docker-options
plugin are not used to modify the process a container runs. Container options are the [OPTIONS]
portion of the following, where [CONTAINER_COMMAND]
and [ARG]
are the process and the arguments passed to it that are launched in the created container: docker run [OPTIONS] [CONTAINER_COMMAND] [ARG...]
. Please see the documentation for customizing the run command or use a Procfile to modify the command used by a Dockerfile-based container.
Add some options for the deployed/running app and when executing dokku run
:
# Mount a host volume in a Docker container: \"-v /host/path:/container/path\"\ndokku docker-options:add node-js-app deploy \"-v /var/log/node-js-app:/app/logs\"\ndokku docker-options:add node-js-app run \"-v /var/log/node-js-app:/app/logs\"\n
Note
When mounting a host directory in a Dokku app you should first create that directory as user dokku
and then mount the directory under /app
in the container using docker-options
as above. Otherwise the app will lack write permission in the directory.
dokku docker-options:remove node-js-app run \"-v /var/log/node-js-app:/app/logs\"\n
"},{"location":"advanced-usage/docker-options/#clear-all-docker-options-for-an-app","title":"Clear all Docker options for an app","text":"Docker options can be removed for a specific app using the docker-options:clear
command.
dokku docker-options:clear node-js-app\n
-----> Clearing docker-options for node-js-app on all phases\n
One or more valid phases can also be specified. Phases are comma delimited, and specifying an invalid phase will result in an error.
ShellOutputShellOutputdokku docker-options:clear node-js-app run\n
-----> Clearing docker-options for node-js-app on phase run\n
dokku docker-options:clear node-js-app build,run\n
-----> Clearing docker-options for node-js-app on phase build\n-----> Clearing docker-options for node-js-app on phase run\n
"},{"location":"advanced-usage/docker-options/#displaying-docker-options-reports-for-an-app","title":"Displaying docker-options reports for an app","text":"New
Introduced in 0.8.1
You can get a report about the app's docker-options status using the docker-options:report
command:
dokku docker-options:report\n
=====> node-js-app docker options information\n Docker options build:\n Docker options deploy: -v /var/log/node-js-app:/app/logs\n Docker options run: -v /var/log/node-js-app:/app/logs\n=====> python-sample docker options information\n Docker options build:\n Docker options deploy:\n Docker options run:\n=====> ruby-sample docker options information\n Docker options build:\n Docker options deploy:\n Docker options run:\n
You can run the command for a specific app also.
ShellOutputdokku docker-options:report node-js-app\n
=====> node-js-app docker options information\n Docker options build:\n Docker options deploy: -v /var/log/node-js-app:/app/logs\n Docker options run: -v /var/log/node-js-app:/app/logs\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku docker-options:report node-js-app --docker-options-build\n
"},{"location":"advanced-usage/event-logs/","title":"Dokku Event Logs","text":"New
Introduced in 0.3.21
Docker provides an events command to show system's real time events. Likewise, Dokku can record events as syslog entries and also provides a plugin to display the last ones.
events [-t] # Show the last events (-t follows)\nevents:list # List logged events\nevents:on # Enable events logger\nevents:off # Disable events logger\n
"},{"location":"advanced-usage/event-logs/#usage","title":"Usage","text":"Enable the plugin:
ShellOutputdokku events:on\n
Enabling dokku events logger\n
Dokku will then write log entries to /var/log/syslog
as well as a Dokku-specific logs sub-directory /var/log/dokku/events.log
, which can be easily displayed with the command dokku events
:
dokku events\n
Jul 3 16:09:48 dokku.me dokku[127630]: INVOKED: pre-release-buildpack( pythonapp )\nJul 3 16:10:02 dokku.me dokku[128095]: INVOKED: docker-args-run( rubyapp )\nJul 3 16:10:02 dokku.me dokku[128114]: INVOKED: docker-args-run( nhl )\nJul 3 16:10:03 dokku.me dokku[128195]: INVOKED: pre-deploy( pythonapp )\nJul 3 16:10:23 dokku.me dokku[129253]: INVOKED: docker-args-deploy( pythonapp )\nJul 3 16:10:24 dokku.me dokku[129451]: INVOKED: check-deploy( pythonapp 6274ced0d4be11af4490cd18abaf77cdd593f025133f403d984e80d86a39acec web 5000 10.0.16.80 )\nJul 3 16:10:35 dokku.me dokku[129561]: INVOKED: docker-args-deploy( pythonapp )\nJul 3 16:10:36 dokku.me dokku[129760]: INVOKED: check-deploy( pythonapp ac88a56ee4161ff37e4b92d1498c3eadc91f0aa7c8b81b44fc077e2a51d54cc0 worker )\nJul 3 16:10:46 dokku.me dokku[129851]: INVOKED: post-deploy( pythonapp )\nJul 3 16:10:46 dokku.me dokku[129945]: INVOKED: nginx-pre-reload( pythonapp )\nJul 3 16:15:02 dokku.me dokku[130397]: INVOKED: docker-args-run( goapp )\nJul 3 16:21:02 dokku.me dokku[130796]: INVOKED: docker-args-run( rubyapp )\nJul 3 16:30:02 dokku.me dokku[131384]: INVOKED: docker-args-run( rubyapp )\n
You can list all events that are currently being recorded via dokku events:list
:
dokku events:list\n
=====> Events currently logged\ncheck-deploy\ndependencies\ndocker-args-build\ndocker-args-deploy\ndocker-args-run\ngit-post-pull\ngit-pre-pull\nnginx-hostname\nnginx-pre-reload\npost-build-buildpack\npost-build-dockerfile\npost-delete\npost-deploy\npost-domains-update\npre-build-buildpack\npre-build-dockerfile\npre-delete\npre-deploy\npre-release-buildpack\npre-release-dockerfile\nreceive-app\nupdate\n
"},{"location":"advanced-usage/persistent-storage/","title":"Persistent Storage","text":"New
Introduced in 0.5.0
The preferred method to mount external containers to a Dokku managed container, is to use the Dokku storage plugin.
storage:ensure-directory [--chown option] <directory> # Creates a persistent storage directory in the recommended storage path\nstorage:list <app> [--format text|json] # List bind mounts for app's container(s) (host:container)\nstorage:mount <app> <host-dir:container-dir> # Create a new bind mount\nstorage:report [<app>] [<flag>] # Displays a checks report for one or more apps\nstorage:unmount <app> <host-dir:container-dir> # Remove an existing bind mount\n
Info
The storage plugin is compatible with storage mounts created with the docker-options. The storage plugin will only list mounts from the deploy/run phase.
The storage plugin supports the following mount points:
Persistent storage bind mounts are specified on a per-app basis, and can be listed with the storage:list
command:
dokku storage:list node-js-app\n
-----> node-js-app volume bind-mounts:\n /var/lib/dokku/data/storage/node-js-app:/app/storage\n
The output format can also be set to json
for programmatic access:
dokku storage:list node-js-app --format json\n
[\n {\n \"host_path\": \"/var/lib/dokku/data/storage/node-js-app\",\n \"container_path\": \"/app/storage\",\n \"volume_options\": \"\"\n }\n]\n
"},{"location":"advanced-usage/persistent-storage/#creating-storage-directories","title":"Creating storage directories","text":"New
Introduced in 0.25.5
A storage directory can be created with the storage:ensure-directory
command. This command will create a subdirectory in the recommended /var/lib/dokku/data/storage
path - created during Dokku installation - and prepare it for use with an app.
dokku storage:ensure-directory node-js-app\n
-----> Ensuring /var/lib/dokku/data/storage/node-js-app exists\n Setting directory ownership to 32767:32767\n Directory ready for mounting\n
By default, permissions are set for usage with Herokuish buildpacks. These permissions can be changed via the --chown
option according to the following table:
--chown herokuish
(default): Use 32767:32767
as the folder permissions.--chown heroku
: Use 1000:1000
as the folder permissions.heroku/builder
builder.--chown packeto
: Use 2000:2000
as the folder permissions.cloudfoundry/cnb
or packeto
builders.--chown root
: Use 0:0
as the folder permissions.--chown false
: Skips the chown
call.Users deploying via Dockerfile will want to specify --chown false
and manually chown
the created directory if the user and/or group id of the runnning process in the deployed container do not correspond to any of the above options.
Warning
Failing to set the correct directory ownership may result in issues in persisting files written to the mounted storage directory.
"},{"location":"advanced-usage/persistent-storage/#mounting-storage-into-apps","title":"Mounting storage into apps","text":"Dokku supports mounting both explicit host paths as well as docker volumes via the storage:mount
command. This takes two arguments, an app name and a host-path:container-path
or docker-volume:container-path
combination.
# mount the directory into your container's /app/storage directory, relative to the container root (/)\n# explicit host paths _must_ exist prior to usage.\ndokku storage:mount node-js-app /var/lib/dokku/data/storage/node-js-app:/app/storage\n\n# mount the docker volume into your container's /app/storage directory, relative to the container root (/)\n# docker volumes _must_ exist prior to usage.\ndokku storage:mount node-js-app some-docker-volume:/app/storage\n
In the first example, Dokku will then mount the shared contents of /var/lib/dokku/data/storage/node-js-app
to /app/storage
inside the container. The mount point is not relative to your app's working directory, and is instead relative to the root (/
) of the container. Mounts are only available for containers created via run
and by the deploy process, and not during the build process. In addition, the host path is never auto-created by either Dokku or Docker, and should be an explicit path, not one relative to the current working directory.
Info
If the /storage
path within the container had pre-existing content, the container files will be over-written. This may be an issue for users that create assets at build time but then mount a directory at the same place during runtime. Files are not merged.
Once persistent storage is mounted, the app requires a restart. See the process scaling documentation for more information.
dokku ps:restart app-name\n
"},{"location":"advanced-usage/persistent-storage/#unmounting-storage","title":"Unmounting storage","text":"If an app no longer requires a mounted volume or directory, the storage:unmount
command can be called. This takes the same arguments as the storage:mount
command, an app name and a host-path:container-path
or docker-volume:container-path
combination.
# unmount the directory from your container's /app/storage directory, relative to the container root (/)\ndokku storage:unmount node-js-app /var/lib/dokku/data/storage/node-js-app:/app/storage\n\n# unmount the docker volume from your container's /app/storage directory, relative to the container root (/)\ndokku storage:unmount node-js-app some-docker-volume:/app/storage\n
Once persistent storage is unmounted, the app requires a restart. See the process scaling documentation for more information.
dokku ps:restart app-name\n
"},{"location":"advanced-usage/persistent-storage/#displaying-storage-reports-for-an-app","title":"Displaying storage reports for an app","text":"New
Introduced in 0.8.1
You can get a report about the app's storage status using the storage:report
command:
dokku storage:report\n
=====> node-js-app storage information\n Storage build mounts:\n Storage deploy mounts: -v /var/lib/dokku/data/storage/node-js-app:/app/storage\n Storage run mounts: -v /var/lib/dokku/data/storage/node-js-app:/app/storage\n=====> python-sample storage information\n Storage build mounts:\n Storage deploy mounts:\n Storage run mounts:\n=====> ruby-sample storage information\n Storage build mounts:\n Storage deploy mounts:\n Storage run mounts:\n
You can run the command for a specific app also.
ShellOutputdokku storage:report node-js-app\n
=====> node-js-app storage information\n Storage build mounts:\n Storage deploy mounts: -v /var/lib/dokku/data/storage/node-js-app:/app/storage\n Storage run mounts: -v /var/lib/dokku/data/storage/node-js-app:/app/storage\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku storage:report node-js-app --storage-deploy-mounts\n
"},{"location":"advanced-usage/persistent-storage/#use-cases","title":"Use Cases","text":""},{"location":"advanced-usage/persistent-storage/#sharing-storage-across-deploys","title":"Sharing storage across deploys","text":"Dokku is powered by Docker containers, which recommends in their best practices that containers be treated as ephemeral. In order to manage persistent storage for web apps, like user uploads or large binary assets like images, a directory outside the container should be mounted.
"},{"location":"advanced-usage/persistent-storage/#shared-storage-between-containers","title":"Shared storage between containers","text":"When scaling your app, you may require a common location to access shared assets between containers, a storage mount can be used in this situation.
"},{"location":"advanced-usage/persistent-storage/#shared-storage-across-environments","title":"Shared storage across environments","text":"Your app may be used in a cluster that requires containers or resources not running on the same host access your data. Mounting a shared file service (like S3FS or EFS) inside your container will give you great flexibility.
"},{"location":"advanced-usage/persistent-storage/#backing-up","title":"Backing up","text":"Your app may have services that are running in memory and need to be backed up locally (like a key store). Mount a non ephemeral storage mount will allow backups that are not lost when the app is shut down.
"},{"location":"advanced-usage/persistent-storage/#build-phase","title":"Build phase","text":"By default, Dokku will only bind storage mounts during the deploy and run phases. Under certain conditions, one might want to bind a storage mount during the build phase. This can be accomplished by using the docker-options
plugin directly.
dokku docker-options:add node-js-app build \"-v /tmp/python-test:/opt/test\"\n
You cannot use mounted volumes during the build phase of a Dockerfile deploy. This is because Docker does not support volumes when executing docker build
.
Warning
This can cause data loss if you bind a mount under /app
in buildpack apps as herokuish will attempt to remove the original app path during the build phase.
New
Introduced in 0.7.1
By default, Dokku will execute your buildpack app processes as the herokuishuser
user. You may override this by setting the DOKKU_APP_USER
config variable.
Note
this user must exist in your herokuish image.
Additionally, the default docker-local
scheduler that comes with Dokku will ensure your storage mounts are owned by either herokuishuser
or the overridden value you have set in DOKKU_APP_USER
. See the docker-local scheduler documentation docs for more information.
New
Introduced in 0.4.0
plugin:disable <name> # Disable an installed plugin (third-party only)\nplugin:enable <name> # Enable a previously disabled plugin\nplugin:install [--core|--git-url] [--committish branch|commit|tag] [--name custom-plugin-name] # Optionally download git-url (and pin to the specified branch/commit/tag) & run install trigger for active plugins (or only core ones)\nplugin:installed <name> # Checks if a plugin is installed\nplugin:install-dependencies [--core] # Run install-dependencies trigger for active plugins (or only core ones)\nplugin:list # Print active plugins\nplugin:trigger <args...>. # Trigger an arbitrary plugin hook\nplugin:uninstall <name> # Uninstall a plugin (third-party only)\nplugin:update [name [branch|commit|tag]] # Optionally update named plugin from git (and pin to the specified branch/commit/tag) & run update trigger for active plugins\n
# for 0.3.x\ncd /var/lib/dokku/plugins\ngit clone <git url>\ndokku plugins-install\n
Info
These commands require root
permissions as the install
and install-dependencies
plugin triggers may utilize commands such as apt-get
. For non-core plugins, please inspect those plugins before running the following command as root
user.
Installed plugins can be listed via the plugin:list
command:
dokku plugin:list\n
plugn: dev\n 00_dokku-standard 0.35.0 enabled dokku core standard plugin\n 20_events 0.35.0 enabled dokku core events logging plugin\n app-json 0.35.0 enabled dokku core app-json plugin\n apps 0.35.0 enabled dokku core apps plugin\n build-env 0.35.0 enabled dokku core build-env plugin\n buildpacks 0.35.0 enabled dokku core buildpacks plugin\n certs 0.35.0 enabled dokku core certificate management plugin\n checks 0.35.0 enabled dokku core checks plugin\n common 0.35.0 enabled dokku core common plugin\n config 0.35.0 enabled dokku core config plugin\n docker-options 0.35.0 enabled dokku core docker-options plugin\n domains 0.35.0 enabled dokku core domains plugin\n enter 0.35.0 enabled dokku core enter plugin\n git 0.35.0 enabled dokku core git plugin\n logs 0.35.0 enabled dokku core logs plugin\n network 0.35.0 enabled dokku core network plugin\n nginx-vhosts 0.35.0 enabled dokku core nginx-vhosts plugin\n plugin 0.35.0 enabled dokku core plugin plugin\n proxy 0.35.0 enabled dokku core proxy plugin\n ps 0.35.0 enabled dokku core ps plugin\n repo 0.35.0 enabled dokku core repo plugin\n resource 0.35.0 enabled dokku core resource plugin\n scheduler-docker-local 0.35.0 enabled dokku core scheduler-docker-local plugin\n shell 0.35.0 enabled dokku core shell plugin\n ssh-keys 0.35.0 enabled dokku core ssh-keys plugin\n storage 0.35.0 enabled dokku core storage plugin\n tags 0.35.0 enabled dokku core tags plugin\n tar 0.35.0 enabled dokku core tar plugin\n trace 0.35.0 enabled dokku core trace plugin\n
Warning
All plugin commands other than plugin:list
and plugin:help
require sudo access and must be run directly from the Dokku server.
You can check if a plugin has been installed via the plugin:installed
command:
dokku plugin:installed postgres\n
"},{"location":"advanced-usage/plugin-management/#installing-a-plugin","title":"Installing a plugin","text":"Note
Plugins installed in this method within a docker-based installation of Dokku do not persist across installs. Please see the plugin installation section of the docker-based installation docs for further details.
Installing a plugin is easy as well using the plugin:install
command. This command will also trigger the install
pluginhook on all existing plugins.
The most common usage is to install a plugin from a url. This url may be any of the following:
git
: For git+ssh based plugin repository clones.ssh
: For git+ssh based plugin repository clones.file
: For copying plugins from a path on disk.https
: For http based plugin repository clones.Additionally, any urls with the extensions .tar.gz
or .tgz
are treated as Gzipped Tarballs for installation purposes and will be downloaded and extracted into place.
dokku plugin:install https://github.com/dokku/dokku-postgres.git\n
-----> Cloning plugin repo https://github.com/dokku/dokku-postgres.git to /var/lib/dokku/plugins/available/postgres\nCloning into 'postgres'...\nremote: Counting objects: 646, done.\nremote: Total 646 (delta 0), reused 0 (delta 0), pack-reused 646\nReceiving objects: 100% (646/646), 134.24 KiB | 0 bytes/s, done.\nResolving deltas: 100% (406/406), done.\nChecking connectivity... done.\n-----> Plugin postgres enabled\n
For git-based plugin installation, a commit SHA-like object may be specified (tag/branch/commit sha) via the --committish
argument and Dokku will attempt to install the specified commit object.
# where 2.0.0 is a potential git tag\ndokku plugin:install https://github.com/dokku/dokku-postgres.git --committish 2.0.0\n
Plugin names are interpolated based on the repository name minus the dokku-
prefix. If the plugin being installed has a name other than what matches the repository name - or another name is desired - the --name
flag can be used to override this interpolation.
dokku plugin:install https://github.com/dokku/smoke-test-plugin.git --name smoke-test-plugin\n
The --core
flag may also be indicated as the sole argument, though it is only for installation of core plugins, and thus not useful for end-user installations.
dokku plugin:install --core\n
Finally, all flags may be omitted to trigger the install
procedures for both core and third-party plugins:
dokku plugin:install\n
"},{"location":"advanced-usage/plugin-management/#installing-plugin-dependencies","title":"Installing plugin dependencies","text":"In some cases, plugins will have system-level dependencies. These are not automatically installed via plugin:install
, and must be separately via the plugin:install-dependencies
command. This will run through all the dependencies
trigger for all plugins.
dokku plugin:install-dependencies\n
This command may also target just core plugins via the --core
flag. This is usually only useful for source-based installs of Dokku.
dokku plugin:install-dependencies --core\n
"},{"location":"advanced-usage/plugin-management/#updating-a-plugin","title":"Updating a plugin","text":"An installed, third-party plugin can be updated can updated via the plugin:update
command. This should be done after any upgrades of Dokku as there may be changes in the internal api that require an update of how the plugin interfaces with Dokku.
Please note that this command is only valid for plugin installs that were backed by a git-repository.
ShellOutputdokku plugin:update postgres\n
Plugin (postgres) updated\n
An optional commit SHA-like object may be specified.
dokku plugin:update postgres 2.0.0\n
Any future invocation of plugin:update
will respect the previously specified SHA-like object. To follow a particular branch again, specify that branch:
dokku plugin:update postgres main\n
"},{"location":"advanced-usage/plugin-management/#uninstalling-a-plugin","title":"Uninstalling a plugin","text":"Third party plugins can be uninstalled using the plugin:uninstall
command:
dokku plugin:uninstall postgres\n
-----> Plugin postgres uninstalled\n
"},{"location":"advanced-usage/plugin-management/#disabling-a-plugin","title":"Disabling a plugin","text":"Disabling a plugin can also be useful for debugging whether a third-party plugin is causing issues in a Dokku installation. Another common use case is for disabling core functionality for replacement with a third-party plugin.
ShellOutputdokku plugin:disable postgres\n
-----> Plugin postgres disabled\n
"},{"location":"advanced-usage/plugin-management/#enabling-a-plugin","title":"Enabling a plugin","text":"Disabled plugins can be re-enabled via the plugin:enable
command.
dokku plugin:enable postgres\n
-----> Plugin postgres enabled\n
"},{"location":"advanced-usage/plugin-management/#triggering-a-plugin-trigger","title":"Triggering a plugin trigger","text":"The plugin:trigger
can be used to call any internal plugin trigger. This may have unintended consequences, and thus should only be called for development or debugging purposes.
dokku plugin:trigger some-internal-trigger args-go-here\n
"},{"location":"advanced-usage/registry-management/","title":"Registry Management","text":"New
Introduced in 0.25.0
registry:login [--password-stdin] <server> <username> [<password>] # Login to a docker registry\nregistry:report [<app>] [<flag>] # Displays a registry report for one or more apps\nregistry:set <app> <key> (<value>) # Set or clear a registry property for an app\n
The registry plugin enables interacting with remote registries, which is useful when either deploying images via git:from-image
or when interacting with custom schedulers to deploy built image artifacts.
The registry:login
command can be used to log into a docker registry. The following are examples for logging into various common registries:
# hub.docker.com\ndokku registry:login docker.io $USERNAME $PASSWORD\n\n# digitalocean\n# the username and password are both defined as the same api token\ndokku registry:login registry.digitalocean.com $DIGITALOCEAN_API_TOKEN $DIGITALOCEAN_API_TOKEN\n\n# github container registry\n# see the following link for information on retrieving a personal access token\n# https://docs.github.com/en/packages/guides/pushing-and-pulling-docker-images#authenticating-to-github-container-registry\ndokku registry:login ghcr.io $USERNAME $REGISTRY_PAT_TOKEN\n\n# quay\n# a robot user may be used to login\ndokku registry:login quay.io $USERNAME $PASSWORD\n
For security reasons, the password may also be specified as stdin by specifying the --password-stdin
flag. This is supported regardless of the registry being logged into.
echo \"$PASSWORD\" | dokku registry:login --password-stdin docker.io $USERNAME\n
For certain Docker registries - such as Amazon ECR or Google's GCR registries - users may instead wish to use a docker credential helper to automatically authenticate against a server; please see the documentation regarding the credential helper in question for further setup instructions.
"},{"location":"advanced-usage/registry-management/#setting-a-remote-server","title":"Setting a remote server","text":"To specify a remote server registry for pushes, set the server
property via the registry:set
command. The default value for this property is empty string. Setting the value to docker.io
or hub.docker.com
will result in the computed value being empty string (as that is the default, implicit registry), while any non-zero length value will have a /
appended to it if there is not one already.
dokku registry:set node-js-app server docker.io\n
This property can be set for a single app or globally via the --global
flag. When set globally, the app-specific value will always overide the global value. The default global value for this property is empty string.
dokku registry:set --global server docker.io\n
Setting the property value to an empty string will reset the value to the system default. Resetting the value can be done per app or globally.
# per-app\ndokku registry:set node-js-app server\n\n# globally\ndokku registry:set --global server\n
The following are the values that should be used for common remote servers:
$AWS_ACCOUNT_ID.dkr.ecr.$AWS_REGION.amazonaws.com/
$AWS_ACCOUNT_ID
and $AWS_REGION
should match the values for your account and region, respectively. Additionally, an IAM profile that allows push
access to the repository specified by image-repo
should be attached to your Dokku server.$REGISTRY_NAME.azurecr.io/
$AKS_REGISTRY_NAME
should match the name of the registry created on your account.docker.io/
image-repo
value.registry.digitalocean.com/
image-repo
value for your registry.ghcr.io/
image-repo
value.quay.io/
By default, Dokku uses the value dokku/$APP_NAME
as the image repository that is pushed and deployed. For certain registries, the dokku
namespace may not be available to your user. In these cases, the value can be set by changing the value of the image-repo
property via the registry:set
command.
dokku registry:set node-js-app image-repo my-awesome-prefix/node-js-app\n
Setting the property value to an empty string will reset the value to the system default. Resetting the value has to be done per-app.
# per-app\ndokku registry:set node-js-app image-repo\n
"},{"location":"advanced-usage/registry-management/#templating-the-image-repository-name","title":"Templating the image repository name","text":"Instead of setting the image repository name on a per-app basis, it can be set via a template globally with the image-repo-template
property:
dokku registry:set --global image-repo-template \"my-awesome-prefix/{{ .AppName }}\"\n
Dokku uses a Golang template and has access to the AppName
variable as shown above.
To push the image on release, set the push-on-release
property to true
via the registry:set
command. The default value for this property is false
. Setting the property to true
will result in the image being tagged with an ID that is incremented with every release. This tag will be what is used for running app code.
dokku registry:set node-js-app push-on-release true\n
This property can be set for a single app or globally via the --global
flag. When set globally, the app-specific value will always overide the global value. The default global value for this property is false
.
dokku registry:set --global push-on-release true\n
Setting the property value to an empty string will reset the value to the system default. Resetting the value can be done per app or globally.
# per-app\ndokku registry:set node-js-app push-on-release\n\n# globally\ndokku registry:set --global push-on-release\n
"},{"location":"advanced-usage/registry-management/#push-extra-tags","title":"Push extra tags","text":"To push the image on release with extra tags, set the push-extra-tags
to a comma-separated list of tags via the registry:set
command. The default value for this property is empty. Setting the property will result in the image being tagged with extra tags every release.
The push-extra-tags
can be set to a single tag too.
# multiple-tags\ndokku registry:set node-js-app push-extra-tags foo,bar\n
# single tag\ndokku registry:set node-js-app push-extra-tags foo\n
This property can be set for a single app or globally via the --global
flag. When set globally, the app-specific value will always overide the global value. The default global value for this property is false
.
dokku registry:set --global push-extra-tags foo,bar\n
Setting the property value to an empty string will reset the value to the system default. Resetting the value can be done per app or globally.
# per-app\ndokku registry:set node-js-app push-extra-tags\n\n# globally\ndokku registry:set --global push-extra-tags\n
"},{"location":"advanced-usage/repository-management/","title":"Repository Management","text":"New
Introduced in 0.6.0
repo:gc <app> # Runs 'git gc --aggressive' against the application's repo\nrepo:purge-cache <app> # Deletes the contents of the build cache stored in the repository\n
The repository plugin is meant to allow users to perform management commands against a repository.
"},{"location":"advanced-usage/repository-management/#usage","title":"Usage","text":""},{"location":"advanced-usage/repository-management/#git-garbage-collection","title":"Git Garbage Collection","text":"This will run a git gc --aggressive against the applications repo. This is performed on the Dokku host, and not within an application container.
ShellOutputdokku repo:gc node-js-app\n
Counting objects: 396, done.\nDelta compression using up to 2 threads.\nCompressing objects: 100% (365/365), done.\nWriting objects: 100% (396/396), done.\nTotal 396 (delta 79), reused 315 (delta 0)\n
"},{"location":"advanced-usage/repository-management/#clearing-application-cache","title":"Clearing Application cache","text":"Building containers with buildpacks currently results in a persistent cache
directory between deploys. If you need to clear this cache directory for any reason, you may do so by running the following shell command:
dokku repo:purge-cache node-js-app\n
"},{"location":"advanced-usage/resource-management/","title":"Resource Management","text":"New
Introduced in 0.15.0
resource:limit [--process-type <process-type>] [RESOURCE_OPTS...] <app> # Limit resources for a given app/process-type combination\nresource:limit-clear [--process-type <process-type>] <app> # Limit resources for a given app/process-type combination\nresource:report [<app>] [<flag>] # Displays a resource report for one or more apps\nresource:reserve [--process-type <process-type>] [RESOURCE_OPTS...] <app> # Reserve resources for a given app/process-type combination\nresource:reserve-clear [--process-type <process-type>] <app> # Reserve resources for a given app/process-type combination\n
The resource plugin is meant to allow users to limit or reserve resources for a given app/process-type combination.
"},{"location":"advanced-usage/resource-management/#usage","title":"Usage","text":"By default, Dokku allows unlimited resource access to apps deployed on a server. In some cases, it may be desirable to limit this on a per-app or per-process-type basis. The resource
plugin allows management of both resource \"limits\" and resource \"reservations\", where each resource request type has specific meaning to the scheduler in use for a given app.
Warning
The meaning of a values and it's units are specific to the scheduler in use for a given app. If a value is incorrect for a scheduler, this may result in containers failing to start correctly. If a scheduler does not support a given resource type combination, it will be ignored. All resource commands require an app rebuild or deploy in order to take effect.
Valid resource options include:
--cpu
--memory
--memory-swap
--network
--network-ingress
--network-egress
--nvidia-gpu
See the Supported Resource Management Properties section of the docker local scheduler documentation for more information on how each resource limit maps to Docker.
Resource limits and reservations are applied only during the run
and deploy
phases of an application, and will not impact the build
phase of an application.
When specified and supported, a resource limit will ensure that your app does not go over the specified value. If this occurs, the underlying scheduler may either cap resource utilization, or it may decide to terminate and reschedule your process.
Resource limits may be set via the resource:limit
command:
dokku resource:limit --memory 100 node-js-app\n
=====> Setting resource limits for node-js-app\n memory: 100\n
Multiple resources can be limited in a single call:
ShellOutputdokku resource:limit --cpu 100 --memory 100 node-js-app\n
=====> Setting resource limits for node-js-app\n cpu: 100\n memory: 100\n
Resources can also be limited on a per-process type basis. If specified, this will override any generic limits set for the app.
ShellOutputdokku resource:limit --cpu 100 --memory 100 --process-type worker node-js-app\n
=====> Setting resource limits for node-js-app (worker)\n cpu: 100\n memory: 100\n
A resource value can be individually cleared by setting the value to the special value clear
.
dokku resource:limit --cpu clear node-js-app\n
=====> Setting resource limits for node-js-app\n cpu: cleared\n
"},{"location":"advanced-usage/resource-management/#displaying-resource-limits","title":"Displaying Resource Limits","text":"Running the resource:limit
command without any flags will display the currently configured default app limits.
dokku resource:limit node-js-app\n
=====> resource limits node-js-app information [defaults]\n cpu:\n memory:\n memory-swap: 100\n network: 100\n network-ingress:\n network-egress:\n nvidia-gpu:\n
This may also be combined with the --process-type
flag to see app limits on a process-type level. Note that the displayed values are not merged with the defaults.
dokku resource:limit --process-type web node-js-app\n
=====> resource limits node-js-app information (web)\n cpu: 100\n memory: 100\n memory-swap:\n network:\n network-ingress:\n network-egress:\n nvidia-gpu:\n
"},{"location":"advanced-usage/resource-management/#clearing-resource-limits","title":"Clearing Resource Limits","text":"In cases where the values are incorrect - or there is no desire to limit resources - resource limits may be cleared using the resource:limit-clear
command.
dokku resource:limit-clear node-js-app\n
-----> Clearing resource limit for node-js-app\n
Defaults can also be cleared by leaving the app unspecified.
ShellOutputdokku resource:limit-clear\n
-----> Clearing default resource limits\n
"},{"location":"advanced-usage/resource-management/#resource-reservations","title":"Resource Reservations","text":"When specified and supported, a resource reservation will ensure that your server has at least the specified resources before placing a given app's process. If there a resource exhaustion, future rebuilds and deploys may fail.
Resource reservations may be set via the resource:reserve
command:
dokku resource:reserve --memory 100 node-js-app\n
=====> Setting resource reservation for node-js-app\n memory: 100\n
Multiple resources can be limited in a single call:
ShellOutputdokku resource:reserve --cpu 100 --memory 100 node-js-app\n
=====> Setting resource reservation for node-js-app\n cpu: 100\n memory: 100\n
Resources can also be limited on a per-process type basis. If specified, this will override any generic limits set for the app.
ShellOutputdokku resource:reserve --cpu 100 --memory 100 --process-type worker node-js-app\n
=====> Setting resource reservation for node-js-app (worker)\n cpu: 100\n memory: 100\n
A resource value can be individually cleared by setting the value to the special value clear
.
dokku resource:reserve --cpu clear node-js-app\n
=====> Setting resource reservation for node-js-app\n cpu: cleared\n
"},{"location":"advanced-usage/resource-management/#displaying-resource-reservations","title":"Displaying Resource Reservations","text":"Running the resource:reserve
command without any flags will display the currently configured default app reservations.
dokku resource:reserve node-js-app\n
=====> resource reservation node-js-app information [defaults]\n cpu: 100\n memory: 100\n memory-swap:\n network:\n network-ingress:\n network-egress:\n nvidia-gpu:\n
This may also be combined with the --process-type
flag to see app reservations on a process-type level. Note that the displayed values are not merged with the defaults.
dokku resource:reserve --process-type web node-js-app\n
=====> resource reservation node-js-app information (web)\n cpu: 100\n memory: 100\n memory-swap:\n network:\n network-ingress:\n network-egress:\n nvidia-gpu:\n
"},{"location":"advanced-usage/resource-management/#clearing-resource-reservations","title":"Clearing Resource Reservations","text":"In cases where the values are incorrect - or there is no desire to reserve resources - resource reservations may be cleared using the resource:reserve-clear
command.
dokku resource:reserve-clear node-js-app\n
-----> Clearing resource reservation for node-js-app\n
Defaults can also be cleared by leaving the app unspecified.
ShellOutputdokku resource:reserve-clear\n
-----> Clearing default resource reservation\n
"},{"location":"advanced-usage/resource-management/#displaying-resource-reports-for-an-app","title":"Displaying resource reports for an app","text":"You can get a report about the app's resource status using the resource:report
command:
dokku resource:report\n
=====> node-js-app resource information\n web limit cpu:\n web limit memory: 1024\n web limit memory swap: 0\n web limit network: 10\n web limit network ingress:\n web limit network egress:\n web limit nvidia gpu:\n web reservation cpu:\n web reservation memory: 512\n web reservation memory swap:\n web reservation network: 8\n web reservation network ingress:\n web reservation network egress:\n web reservation nvidia gpu:\n=====> python-sample resource information\n web limit cpu:\n web limit memory:\n web limit memory swap:\n web limit network:\n web limit network ingress:\n web limit network egress:\n web limit nvidia gpu:\n web reservation cpu:\n web reservation memory:\n web reservation memory swap:\n web reservation network:\n web reservation network ingress:\n web reservation network egress:\n web reservation nvidia gpu:\n=====> ruby-sample resource information\n web limit cpu:\n web limit memory:\n web limit memory swap:\n web limit network:\n web limit network ingress:\n web limit network egress:\n web limit nvidia gpu:\n web reservation cpu:\n web reservation memory:\n web reservation memory swap:\n web reservation network:\n web reservation network ingress:\n web reservation network egress:\n web reservation nvidia gpu:\n
You can run the command for a specific app also.
ShellOutputdokku resource:report node-js-app\n
=====> node-js-app resource information\n web limit cpu:\n web limit memory: 1024\n web limit memory swap: 0\n web limit network: 10\n web limit network ingress:\n web limit network egress:\n web limit nvidia gpu:\n web reservation cpu:\n web reservation memory: 512\n web reservation memory swap:\n web reservation network: 8\n web reservation network ingress:\n web reservation network egress:\n web reservation nvidia gpu:\n
You can pass flags which will output only the value of the specific information you want. For example:
ShellOutput# Note the periods in the flag name\ndokku resource:report node-js-app --resource-web.limit.memory\n
1024\n
"},{"location":"appendices/0.10.0-migration-guide/","title":"0.10.0 Migration Guide","text":""},{"location":"appendices/0.10.0-migration-guide/#pci-compliance","title":"PCI Compliance","text":"By default, Dokku will ship a PCI Compliant nginx configuration. For developers whose users are on older browsers or mobile devices, you may need to ship a custom nginx.conf.sigil
to enable ciphers for older browsers.
See the nginx customization docs for more details.
"},{"location":"appendices/0.10.0-migration-guide/#nginx-error-pages","title":"Nginx Error Pages","text":"We now ship with nicer error pages by default. You are free to customize your Dokku installation via a custom nginx.conf.sigil
to change what error pages are displayed in different circumstances.
See the nginx customization docs for more details.
"},{"location":"appendices/0.20.0-migration-guide/","title":"0.20.0 Migration Guide","text":""},{"location":"appendices/0.20.0-migration-guide/#removals","title":"Removals","text":""},{"location":"appendices/0.20.0-migration-guide/#command-removals","title":"Command removals","text":"The following commands were previously deprecated and were removed in this release.
apps
: Use apps:list
instead.certs
: Use certs:report
instead.certs:info
: Use certs:report
instead.checks
: Use checks:report
instead.docker-options
: Use docker-options:report
instead.domains
: Use domains:report
instead.plugin
: Use plugin:list
instead.proxy
: Use proxy:report
instead.trace
: Use trace:on
or trace:off
instead.ps
: Use enter
with a container ID instead to run ps auxww
within a container.The refactor of the proxy plugin removes the following functions from being sourced in plugins:
proxy#get_app_proxy_port_map()
proxy#list_app_proxy_ports()
proxy#filter_app_proxy_ports()
proxy#add_proxy_ports()
proxy#remove_proxy_ports()
proxy#set_proxy_ports()
The informal policy is to allow removal of functions within a functions
file if they are not used in OSS plugins. Should you be affected by any such removals, please file an issue to expose the functionality via a plugin trigger.
tar#tar_in_cmd
was renamed to tar#cmd-tar-in
. Users should avoid using cmd-*
commands directly, and instead file an issue to have them exposed via a plugin trigger.tar#tar_from_cmd
was renamed to tar#cmd-tar-from
. Users should avoid using cmd-*
commands directly, and instead file an issue to have them exposed via a plugin trigger.Dokku will no longer distribute packages for Ubuntu versions that have reached either End of Life or End of Standard Support (for LTS releases). This currently includes the following releases:
Dokku will no longer distribute packages for Debian versions that are not stable
or oldstable
. This currently includes the following releases:
The --git-sha
flag was moved from the apps:report
command to the git:report
command.
When an app is not deployed, the apps:report
command no longer shows the message not deployed
. Please use the --deployed
flag on ps:report
instead to see if the app has been deployed.
The following changes on the apps:report
command were made in this release:
--deploy-source
flag was renamed to --app-deploy-source
.--locked
flag was renamed to --app-locked
.The following changes on the network:report
command were made in this release:
--network-listeners
flag was renamed to --network-web-listeners
.network-get-port
trigger was incorrectly documented to have the isHerokuishContainer
argument as the third argument. The code has been fixed to respect the documentation.network-get-listeners
trigger now takes an additional processType
argument. If not specified, it defaults to web
. This default will be removed in an upcoming release.nginx:show-conf
has been deprecated in favor of nginx:show-config
.proxy#is_app_proxy_enabled()
is deprecated in favor of plugn trigger proxy-is-enabled
.proxy#get_app_proxy_type()
is deprecated in favor of plugn trigger proxy-type
.apps#apps_create()
is deprecated in favor of plugn trigger app-create
.apps#apps_destroy()
is deprecated in favor of plugn trigger app-destroy
.apps#apps_exists()
is deprecated in favor of plugn trigger app-exists
.apps#apps_maybe_create()
is deprecated in favor of plugn trigger app-maybe-create
.plugin trigger network-get-listeners
usage without a second processType
argument is deprecated..NGINX_PORT
variable usage within nginx.conf.sigil
templates is deprecated in favor of .PROXY_PORT
..NGINX_SSL_PORT
variable usage within nginx.conf.sigil
templates is deprecated in favor of .PROXY_SSL_PORT
..DOKKU_APP_LISTENERS
variable usage within nginx.conf.sigil
templates is deprecated in favor of .DOKKU_APP_WEB_LISTENERS
.The tls
name is no longer a reserved app name, and can be used by applications. This was previously a reserved app name due to it's use as a place for global SSL certificate files; Dokku has not supported global SSL certificates for many releases, and thus there is no need to reserve the name.
git#git_deploy_branch()
is deprecated in favor of plugn trigger git-deploy-branch
.config
command is deprecated in favor of config:show
.--export
or --shell
flag is deprecated in favor of config:export --format
with the correct format value (exports
or shell
, respectively).nginx:build-config
command is deprecated in favor of proxy:build-config
.The apps:destroy
command no longer takes a second argument force
. Instead, this can be passed as the --force
flag, either globally or as a flag to the command itself.
The proxy:enable
and proxy:disable
no longer restart apps when setting the DOKKU_DISABLE_PROXY
environment variable. A future release will disable usage of DOKKU_DISABLE_PROXY
altogether.
logs:failed
without either a <name>
or the --all
flag is deprecated.common.GetDeployingAppImageName()
function now returns an error
as the second return argument instead of calling common.LogFail()
internally.DOKKU_DISABLE_ANSI_PREFIX_REMOVAL
is deprecated; Dokku 0.23.0 will avoid removing the remote:
ansi prefix entirely. No warning will be added in this release.The ps
command has had a few removals as a result of a rewrite to Golang:
ps:set-restart-policy
command has been removed in favor the ps:set
command.ps:restart-policy
command has been removed in favor of the ps:report
command.ps:rebuildall
command has been removed in favor of calling the ps:rebuild
with the --all
flag instead of an app name.ps:restartall
command has been removed in favor of calling the ps:restart
with the --all
flag instead of an app name.ps:stopall
command has been removed in favor of calling the ps:stop
with the --all
flag instead of an app name.ps:startall
command has been removed in favor of calling the ps:start
with the --all
flag instead of an app name.DOKKU_PROCFILE
file is no longer located in the git directory for a given app on the server. It's location is currently not exposed.procfile-get-command
plugin trigger no longer takes a procfile path
as the final argument.ps
functions have been removed. Please us a trigger as appropriate or file a PR to have a new trigger/wrapper function added.plugin:list
command no longer outputs the version for the plugn
binary.docker-image-labeler
binary to work correctly. A reference version has been placed in the docker
skeleton directory. This should only impact platform developers, and users of our Docker image will already have the file available.dokku
user's cron is now in use by Dokku itself. Customizations will be overwritten. Users are encouraged to use a cron entry in /etc/cron.d/dokku
to avoid this issue.max-size
log driver option for applications. This is restricted to app-configured log driver values empty, local
or json-file
in 0.23.1 to increase setup compatibility. Users who configure alternative log drivers at the system level will need to either set the global max-size
property to unlimited
or switch to the built-in vector
logging support.proxy:enable
, proxy:disable
and proxy:build-config
now support the --all
flag in addition to general parallelism.builder-cnb
plugin has been renamed builder-pack
, and all related plugin triggers have had the suffix -cnb
changed to -pack
.builder-detect
trigger. Users that wish to use a specific builder may set a builder using the builder:set
command, which will force Dokku to use the specified builder regardless of what might be auto-detected.tags
plugin is deprecated in favor of the git:from-image
command. It will be removed in the next minor release, and is considered unmaintained. Users are highly encouraged to switch their workflows to git:from-image
.tar
plugin is deprecated in favor of the git:from-archive
command. It will be removed in the next minor release, and is considered unmaintained. Users are highly encouraged to switch their workflows to git:from-archive
.The dokku-registry plugin is now built-in. This comes with a few changes:
post-release-builder
at the end of the build.push
and pull
command are not implemented. Users wishing to deploy a remote image should use git:from-image
. Image pushing is not available at this time.Before upgrading, uninstall the registry plugin via dokku plugin:uninstall registry
. Not doing so will cause issues with Dokku.
initial-network
for all containers on creation. This is a replacement for specifying the --network
flag via the docker-options
plugin. Please see the network documentation for more information.dokku run
command now always removes the ephemeral container on exit. Users that need a persistent container should instead specify a console
process type in their Procfile
specifying an available shell (usually either bash
or sh
) and scale that container appropriately.pre-deploy
plugin trigger is now called internally by Dokku. Scheduler plugins should avoid calling this trigger, as any image changes introduced by subsequent trigger calls will be ignored.gliderlabs/herokuish:latest-20
, and is based on both the heroku-20
stack as well as Ubuntu 20.04. Users that wish to stick with the old, heroku-18
/Ubuntu 18.04 builder may specify gliderlabs/herokuish:latest-18
as their builder image. Please see the herokuish buildpack deployment documentation for more information on how to specify a custom buildpack stack builder.Dockerfile
app contains a Procfile
that does not specify a web
process will fail to start. Usage of a Procfile
with only a release
command should be replaced with a scripts.dokku.postdeploy
deployment task in the app.json
file. The alternative is to define the web
process in the Procfile
. See the deployment task documentation for more information.Dockerfile
was to use the docker-options
plugin to set the --file
flag for a docker build. As of 0.25.0, the builder-dockerfile:set
command should be used instead, as outlined in the docs here. Usage of the old method should be migrated to the new method.--rm
and --rm-container
flags may be specified but no longer have any effect on dokku run
.--detach
flag is deprecated in favor of the run:detached
command.DOKKU_SCALE
file is deprecated. Please see the process management documentation for more information on it's replacement with the formation
key of the app.json
file.post-release-buildpack
, post-release-dockerfile
, and post-release-pack
are deprecated in favor of post-release-builder
. See the plugin triggers documentation for more details.scheduler-docker-cleanup
plugin trigger has been removed from the scheduler interface, and is no longer invoked.tags
plugin - deprecated in 0.24.0 - was removed. Users are highly encouraged to switch their workflows to git:from-image
.tar
plugin - deprecated in 0.24.0 - was removed. Users are highly encouraged to switch their workflows to git:from-archive
.scheduler
plugin now controls the scheduler in use for deploys. Apps will have their DOKKU_SCHEDULER
environment variables migrated to the scheduler plugin, after which that value will be removed from said app. Please see the scheduler documentation for more information.deploy-source
metadata from apps:report
is now no longer computed on the fly, but hydrated at deploy time via the deploy-source-set
trigger. This value may be empty until your next deploy.deploy-source
trigger has now been removed.Renaming an application will now only rename domains that are associated with global domains. As an example:
dokku domains:set-global dokku.me\ndokku apps:create node-js-app\ndokku domains:set node-js-app node-js-app.dokku.me node-js-app.dokku.com\ndokku apps:rename node-js-app other-name\ndokku domains:report node-js-app --domains-app-vhosts\n# output: other-name.dokku.me node-js-app.dokku.com\n
Support for the following operating systems has been removed:
Dokku will no longer provide packages for RPM based systems. Debian 9 users may use new Debian packages, though support is not guaranteed.
All users are encouraged to install Dokku via the Docker-based installation method, or switch to a supported operating system.
"},{"location":"appendices/0.28.0-migration-guide/#deprecations","title":"Deprecations","text":"Ubuntu 18.04 is now a deprecated installation target. The operating system will be considered EOL by Canonical in April 2023. Users are encouraged to upgrade to Ubuntu 22.04 or consider switching their instllation method to the Docker-based installation method to avoid any disruption in usage.
"},{"location":"appendices/0.28.0-migration-guide/#additions","title":"Additions","text":"New in 0.28.0 are the Caddy, Haproxy and Traefik plugins. As community plugins wrapping these proxies exist, users should:
proxy:set
value of caddy
, haproxy
or traefik
.run:detached
now uses the container name - eg. node-js-app.run.1
- vs the container id.cron
tasks is now base36-encoded instead of base64-encoded.nginx.conf.sigil
is now extracted when source code is extracted for a build and not from the built image. Users can specify alternative paths via the nginx-conf-sigil-path
property of the nginx
plugin. See the nginx documentation for more information on how to configure the nginx.conf.sigil
path for your application.git:from-image
, the nginx.conf.sigil
file will be extracted from the source image, respecting the value of nginx-conf-sigil-path
.Procfile
is now extracted when source code is extracted for a build and not from the built image. Users can specify alternative paths via the procfile-path
property of the ps
plugin. See the process management documentation for more information on how to configure the Procfile
path for your application.git:from-image
, the Procfile
file will be extracted from the source image, respecting the value of procfile-path
.pre-restore
hook has been renamed to scheduler-pre-restore
. There is a new pre-restore
hook that is triggered within the ps:restore
command prior to restoring any apps./usr/bin/systemctl
is available.DOKKU_WAIT_TO_RETIRE
environment variable has been migrated to a checks
property named wait-to-retire
and will be ignored if set as an environment variable.domains-setup
trigger has been removed. Initial app domains will now be automatically setup during app creation.URLS
file containing generated urls for an app is no longer generated or referenced. Users should retrieve app urls via the new domains-urls
plugin trigger.get_app_urls
has been removed. Users should retrieve app urls via the new domains-urls
plugin trigger.Info
Important: Due to the removal of DOKKU_SCALE
support, users with a version older than 0.25.x are heavily encouraged to upgrade to 0.29.x prior to 0.30.x. Not doing so will result in all app containers stopping on rebuild due to having no scale settings.
app.json
file is now extracted from the source code instead of the built image. For deploys via git:from-image
, the file is extracted from the built image.nginx.conf.sigil
templates referencing spdy-related variables will continue to build until the 1.0.0 release.DOKKU_SCALE
file - deprecated in 0.25.0 - has been removed in favor of the formation
key in the app.json
file. Please see the process management documentation for more information on how to use the formation
key of the app.json
file.--detach
global flag for dokku run
was removed. Please see the one-off tasks documentation for more information on running detached containers.post-release-builder
trigger. See the plugin triggers documentation for more details.post-release-buildpack
post-release-dockerfile
post-release-pack
logs:failed
without specifying an app or --all
flag has been removed. This was deprecated in 0.22.0. Please see the logs:failed.app/functions
file will fail going forward.apps#apps_create()
is removed in favor of plugn trigger app-create
.apps#apps_destroy()
is removed in favor of plugn trigger app-destroy
.apps#apps_exists()
is removed in favor of plugn trigger app-exists
.apps#apps_maybe_create()
is removed in favor of plugn trigger app-maybe-create
.common#is_container_running()
(deprecated since 0.12.6) is removed in favor of common#is_container_status()
.common#is_app_running()
(deprecated since 0.22.0) is removed in favor of ps#fn-ps-is-app-running()
.--rm-container
and --rm
flags - deprecated since 0.25.0 - have been removed.git#use_git_worktree()
(deprecated since 0.23.7) has been removed. There is no alternative as the function has been made internal.git#git_deploy_branch()
(deprecated since 0.21.0) has been removed in favor of plugn trigger git-deploy-branch
.nginx:show-conf
has been removed in favor of nginx:show-config
.nginx:validate
has been removed in favor of nginx:validate-config
.nginx:build-config
- deprecated since 0.21.0 - has been removed in favor of proxy:build-config
.proxy/functions
file will fail going forward.proxy#is_app_proxy_enabled()
is removed in favor of plugn trigger proxy-is-enabled
.proxy#get_app_proxy_type()
is removed in favor of plugn trigger proxy-type
.cache-node-js-app
- instead of the local filesystem. All existing app cache will be cleared upon upgrading past 0.29.0.vector
container integration now mounts config to /etc/vector
instead of the path /etc/vector/vector.json
, allowing users the ability to provide extra configuration for Vector Sinks. To take advantage of the new functionality, the vector container should be stopped (via dokku logs:vector-stop
) and then started (via dokku logs:vector-start
).traefik
integration now mounts config to /data
instead of the path /acme.json
, fixing permissions issues under certain architectures. To take advantage of the new functionality, the traefik container should be stopped (via dokku traefik:stop
) and then started (via dokku traefik:start
).source-image
git property when transitioning from image-based deploys (git:from-image
and git:load-image
) to other deployment methods (git push, git:from-archive
, git:sync
).git:from-image
and git:load-image
commands, the CHECKS
file is now extracted from the configured WORKDIR
property of the image. For all other deploys - git push, git:from-archive
, git:sync
- will have the CHECKS
extracted directly from the source code. The filename in both cases is CHECKS
and cannot be modified.ports
plugin. A default port mapping of http:80:5000
will be used if none is otherwise specified.docker-container-healthchecker
binary to work correctly. A reference version has been placed in the docker
skeleton directory. This should only impact platform developers, and users of our Docker image will already have the file available.gliderlabs/herokuish:latest-22
, and is based on both the heroku-22
stack as well as Ubuntu 22.04. Users that wish to stick with the old, heroku-20
/Ubuntu 20.04 builder may specify gliderlabs/herokuish:latest-20
as their builder image. Please see the herokuish buildpack deployment documentation for more information on how to specify a custom buildpack stack builder.heroku/builder:22
, and is based on both the heroku-22
stack as well as Ubuntu 22.04. Users that wish to stick with the old, heroku-20
/Ubuntu 20.04 builder may specify heroku/buildpacks:20
as their builder image. Please see the herokuish buildpack deployment documentation for more information on how to specify a custom buildpack stack builder.proxy:ports*
commands have been replaced with the new ports
plugin. Users will be able to use the old proxy:ports*
commands for a single minor release, and they will be removed in the next minor release.common#get_available_port()
function has been deprecated and will be removed in the next release. Users should avoid interacting with this function and instead use the ports-get-available
plugin trigger for fetching an available port.proxy-configure-ports
plugin trigger has been deprecated and will be removed in the next release. Users should instead trigger the ports-configure
plugin trigger.common#get_dockerfile_exposed_ports()
function is deprecated and will be removed in the next release. There is no replacement for this as it's only use in Dokku core was in the builder-dockerfile
plugin.common#get_exposed_ports_from_image()
function is deprecated and will be removed in the next release. There is no replacement for this as it's only use in Dokku core was during the build process.DOKKU_PROXY_PORT_MAP
has been migrated to the properties system. Direct changes to the value will be ignored, and users should interact with port maps via the ports
plugin.CHECKS
file is deprecated in favor of defining healthchecks in the app.json
file. The docker-container-healthchecker tool can be used to generate healthcheck entries in app.json
format from existing CHECKS
files. See the zero-downtime deploy documentation for more information on how the new zero downtime check format works.apps
and config
cli aliases are no longer deprecated. This better follows Heroku's output and is more useful to users. The subcommands will be treated as the primary, documented versions, while the aliases are there for convenience.RAW_TCP_PORTS
is no longer exposed for nginx.conf.sigil
templating.DOKKU_DOCKERFILE_PORTS
is no longer in use. Users wishing to change port mappings should instead use the ports
plugin.common#get_app_raw_tcp_ports()
function has been removed in the next release. Users should instead use the ports-get
plugin trigger for fetching ports for an app.network-compute-ports
has been removed. It's only use was in the scheduler-docker-local
plugin, for exposing ports. It's functionality is now implemented via the ports
plugin.network-get-port
has been removed. It's only use was in the scheduler-docker-local
plugin, for recording ports. It's functionality is now implemented via the ports
plugin.pre-build-*
plugin triggers have been deprecated and will be removed in the next release. Users should instead trigger the pre-build
plugin trigger.pre-release-*
plugin triggers have been deprecated and will be removed in the next release. Users should instead trigger the pre-release-builder
plugin trigger.post-build-*
plugin triggers have been deprecated and will be removed in the next release. Users should instead trigger the post-build
plugin trigger.CHECKS
file was deprecated in the previous release in favor of defining healthchecks in the app.json
file. It's support and auto-migration to healthchecks in the app.json
file will be removed in the next release. See the zero-downtime deploy documentation for more information on how the new zero downtime check format works.ports
plugin and it's related plugin triggers.proxy:ports-*
commandsproxy-configure-ports
plugin triggercommon#get_available_port()
common#get_dockerfile_exposed_ports()
common#get_exposed_ports_from_image()
Dokku 0.33.0 did not introduce any refactors, removals, or deprecations, and focused solely on system improvements.
"},{"location":"appendices/0.34.0-migration-guide/","title":"0.34.0 Migration Guide","text":""},{"location":"appendices/0.34.0-migration-guide/#removals","title":"Removals","text":"disable-chown
property of the scheduler-docker-local
plugin has been removed. Mounted paths will no longer have file permissions changed during the pre-deploy phase. Files baked into the container image for herokuish builds will always be owned by the correct user.git:unlock
command has been removed. It was previously used to \"unlock\" a temporary directory that already existed. The directory the git:unlock
command used to cleanup is now properly removed on exit of the git:from-image
command.https:443
and http:80
. If no matching port map is specified, Dokku will use expose the app on the first port mapping, with priority given to https
mappings over http
.PlugnTrigger*
have been removed in favor of CallPlugnTrigger
./home/dokku
directory and moved into the data/apps
directory.copytruncate
instead of create
in logrotate.The k3s scheduler now defaults to nginx as it's default proxy implementation. The traefik proxy implementation is still available, though users will need to set the global ingress-class
k3s property to traefik
via the following command:
dokku scheduler-k3s:set --global ingress-class traefik\n
The pre-deploy
plugin trigger is deprecated as of 0.34.4
. It is currently invoked during the post-release-builder
plugin trigger, where image mutation is heavily discouraged. Users should instead move any trigger usage to the pre-release-builder
plugin trigger. The pre-deploy
plugin trigger will be removed in a future release.
dokku/dokku:latest
Docker image now runs Ubuntu 24.04 Noble. Users that install custom packages within their docker-based installations should be sure to check package compatibility with Ubuntu 24.04.heroku/builder:24
, and is based on both the heroku-24
stack as well as Ubuntu 24.04. Users that wish to stick with the old, heroku-22
/Ubuntu 22.04 builder may specify heroku/buildpacks:22
as their builder image. Please see the cloud native buildpack deployment documentation for more information on how to specify a custom buildpack stack builder.gliderlabs/herokuish:latest-24
, and is based on both the heroku-24
stack as well as Ubuntu 24.04. Users that wish to stick with the old, heroku-22
/Ubuntu 22.04 builder may specify gliderlabs/herokuish:latest-22
as their builder image. Please see the herokuish buildpack deployment documentation for more information on how to specify a custom buildpack stack builder.vector
image used by Dokku for enhanced logging support has been upgraded from 0.39.x to 0.41.x. To take advantage of the new image, execute the following commands: dokku logs:vector-stop\ndokku logs:vector-start\n
openresty
image used by Dokku for proxying via openresty has been upgraded from 0.8.0 to 0.9.0. To take advantage of the new image, execute the following commands: dokku openresty:stop\ndokku openresty:start\n
nginx-vhosts
plugin","text":"$
characters (or other \"bash-isms\")nginx.conf.sigil
/app
in the container or WORKDIR
if defined in a dockerfile app)/home/dokku/node-js-app
on the Dokku servercerts
plugindokku certs:add node-js-app < certs.tar
NO_VHOST
variable with domains:enable/disable
checks:enable/disable
EXPOSE
clauses will get all tcp ports proxied by defaultdokku proxy:disable node-js-app
DOKKU_CHECKS_ENABLED
has been migrated to DOKKU_CHECKS_SKIPPED
DOKKU_CHECKS_DISABLED
is now a thing_all_
checks
docs for more infoDOKKU_PROXY_PORT_MAP
config variable in the format of scheme:host-port:container-port
. The default nginx-vhosts
proxy plugin supports both the http
and https
schemes.http:80:5000
and will also include https:443:5000
if SSL is enabled.EXPOSE
directive) will be configured with a listener on each exposed port that proxies to the same port of the deployed application container.proxy:ports-*
commands or by directly setting DOKKU_PROXY_PORT_MAP
with the config:set
commanddokku
binary","text":"dokku
binary directly. Clients using the --app
argument are potentially broken, amongst others, when doing so. Instead, please source the functions
file for a given plugin when attempting to call Dokku internal functions. As a result, the following Dokku commands are no longer publicly exposed:dokku build
dokku receive
dokku release
dokku tar:build
dokku tar:build-locked
dokku git:build
dokku git:build-locked
We should now properly handle file ownership for mounted directories. This was enhanced in 0.7.1. See the persistent storage documentation for more details.
"},{"location":"appendices/0.7.0-migration-guide/#restart-policies","title":"Restart Policies","text":"If you previously managed container restart policies via docker-options, these can now be managed natively via the built-in ps
plugin. There is no migration necessary. See the restart policy documentation for more details.
Dokku now has an ssh-keys
plugin that can be used to manage ssh keys for the dokku
user on the host operating system. See the user management documentation for more details.
You can now set global and app domains via domains:set
and domains:set-global
. See the domains documentation for more details.
A new uninstall
plugin trigger was introduced. This functionality may be in use for newer plugins, so be aware that older Dokku versions may require manual cleanup.
See the uninstall trigger documentation for implementation instructions.
"},{"location":"appendices/0.8.0-migration-guide/#deployment-tasks","title":"Deployment Tasks","text":"Should a pre or post deployment task fail, we now fail the entire deploy.
"},{"location":"appendices/0.8.0-migration-guide/#nginx-http2-support","title":"Nginx HTTP2 Support","text":"Due to bugs in Nginx, the minimum version for HTTP2 is now 1.11.5.
"},{"location":"appendices/0.9.0-migration-guide/","title":"0.9.0 Migration Guide","text":""},{"location":"appendices/0.9.0-migration-guide/#golang-migration","title":"Golang Migration","text":"There is an ongoing migration to rewrite Dokku in Golang. The reasons are beyond the scope of this document, but this may impact any patches you have for Dokku. As of 0.9.0, only the repo
plugin is in Golang.
The following shall remain true, regardless of the state of our rewrite:
plugn
will continue to be used for executing plugin triggers.Given the constraints, running Dokku commands remotely via SSH is fine. For certain configurations, the extra complication of manually invoking ssh can be a burden.
The easiest way to interact with Dokku remotely is by using the official client. Documented below are the various clients that you may wish to use.
"},{"location":"community/clients/#official-client","title":"Official Client","text":"See the remote commands documentation for more information on how to install and use the official client.
"},{"location":"community/clients/#nodejs-dokku-toolbelt","title":"(nodejs) dokku-toolbelt","text":"Dokku-toolbelt is a node-based cli wrapper that proxies requests to the Dokku command running on remote hosts. You can install it via the following shell command (assuming you have nodejs and npm installed):
npm install -g dokku-toolbelt\n
See documentation here for more information.
"},{"location":"community/clients/#ruby-dokku-cli","title":"(ruby) Dokku CLI","text":"Dokku CLI is a rubygem that acts as a client for your Dokku installation. You can install it via the following shell command (assuming you have ruby and rubygems installed):
gem install dokku-cli\n
See documentation here for more information.
"},{"location":"community/clients/#ruby-dokkuclient","title":"(ruby) DokkuClient","text":"DokkuClient is another rubygem that acts as a client for your Dokku installation with built-in support for certain external plugins. You can install it via the following shell command (assuming you have ruby and rubygems installed):
gem install dokku_client\n
See documentation here for more information.
"},{"location":"community/clients/#ruby-dokkufy","title":"(ruby) Dokkufy","text":"Dokkufy is a rubygem that handles automation of certain tasks, such as Dokku setup, plugin installation, etc. You can install it via the following shell command (assuming you have ruby and rubygems installed):
gem install dokkufy\n
See documentation here for more information.
"},{"location":"community/clients/#ruby-dockland","title":"(ruby) Dockland","text":"Dockland is a rubygem that acts as a client for your Dokku installation. You can install it via the following shell command (assuming you have ruby and rubygems installed):
gem install dockland\n
See documentation here for more information.
"},{"location":"community/plugins/","title":"Plugins","text":"Dokku itself is built out of plugins and uses plugn for its plugin system. In essence a plugin is a collection of scripts that will be run based on naming convention.
Let's take a quick look at the current Dokku nginx plugin that's shipped with Dokku by default.
nginx-vhosts/\n\u251c\u2500\u2500 plugin.toml # plugin metadata\n\u251c\u2500\u2500 commands # contains additional commands\n\u251c\u2500\u2500 install # runs on Dokku installation\n\u2514\u2500\u2500 post-deploy # runs after an app is deployed\n
"},{"location":"community/plugins/#installing-a-plugin","title":"Installing a plugin","text":"See the plugin management documentation.
"},{"location":"community/plugins/#creating-your-own-plugin","title":"Creating your own plugin","text":"See the full documentation.
"},{"location":"community/plugins/#official-plugins","title":"Official Plugins","text":"The following plugins are available and provided by Dokku maintainers. Please file issues against their respective issue trackers.
Plugin Author Compatibility Clickhouse dokku 0.4.0+ Copy Files to Image dokku 0.4.0+ CouchDB dokku 0.4.0+ Cron Restart dokku 0.30.0+ Elasticsearch dokku 0.4.0+ Grafana/Graphite/Statsd dokku 0.4.0+ HTTP Auth dokku 0.4.0+ Let's Encrypt dokku 0.4.0+ Maintenance mode dokku 0.4.0+ MariaDB dokku 0.4.0+ Meilisearch dokku 0.4.0+ Memcached dokku 0.4.0+ Mongo dokku 0.4.0+ MySQL dokku 0.4.0+ Nats dokku 0.4.0+ Omnisci dokku 0.4.0+ Postgres dokku 0.4.0+ Pushpin dokku 0.4.0+ RabbitMQ dokku 0.4.0+ Redirect dokku 0.4.0+ Redis dokku 0.4.0+ Registry dokku 0.12.0+ RethinkDB dokku 0.4.0+ Scheduler Kubernetes dokku 0.4.0+ Scheduler Nomad dokku 0.4.0+ Solr dokku 0.4.0+ SSH Hostkeys dokku 0.4.0+ Typesense dokku 0.4.0+"},{"location":"community/plugins/#community-plugins","title":"Community plugins","text":"Warning
The following plugins have been supplied by our community and may not have been tested by Dokku maintainers.
"},{"location":"community/plugins/#datastores","title":"Datastores","text":""},{"location":"community/plugins/#relational","title":"Relational","text":"Plugin Author Compatibility MariaDB kloadut 0.3.x MariaDB (single container) ohardy 0.3.x MariaDB (single container) krisrang 0.3.26+ PostgreSQL jlachowski 0.3.x PostgreSQL (single container) ohardy 0.3.x PostgreSQL (single container) flink 0.3.26+ Edgedb ignisda 0.27.0+"},{"location":"community/plugins/#newsql","title":"NewSQL","text":"Plugin Author Compatibility Surrealdb ignisda 0.27.0+"},{"location":"community/plugins/#caching","title":"Caching","text":"Plugin Author Compatibility Nginx Cache aluxian 0.5.0+ Redis (single container) ohardy 0.3.x Varnish zenedith Varnish cache between nginx and application with base configuration"},{"location":"community/plugins/#queuing","title":"Queuing","text":"Plugin Author Compatibility RabbitMQ jlachowski 0.3.x RabbitMQ (single container) jlachowski 0.3.x ElasticMQ (SQS compatible) cu12 0.5.0+ VerneMQ (MQTT Broker) mrname 0.4.0+"},{"location":"community/plugins/#other","title":"Other","text":"Plugin Author Compatibility etcd basgys 0.4.x FakeSNS cu12 0.5.0+ InfluxDB basgys 0.4.x RethinkDB stuartpb 0.3.x Headless Chrome lazyatom 0.8.1+"},{"location":"community/plugins/#plugins-implementing-new-dokku-functionality","title":"Plugins Implementing New Dokku Functionality","text":"Plugin Author Compatibility App name as env cjblomqvist 0.3.x APT dokku-community 0.18.x+ Auto Sync1 fomojola 0.8.1+ Deploy Webhook2 fomojola 0.8.1+ Docker auto persist volumes flink 0.4.0+ Docker Direct josegonzalez 0.4.0+ Dokku Clone crisward 0.4.0+ Dokku Copy App Config Files josegonzalez 0.4.0+ Dokku Require3 crisward 0.4.0+ Global Certificates josegonzalez 0.5.0+ Graduate (Environment Management) benjamin-dobell 0.4.0+ Host post-build command hook baikunz 0.4.0+ Host pre-build command hook fteychene 0.4.0+ Hostname michaelshobbs 0.4.0+ Hostname michaelshobbs 0.4.0+ HTTP Auth Secure Apps matto1990 0.4.0+ Image Size Limit Tashows Litestream4 AxelTheGerman 0.27.0+ Monit (Health Checks) mbreit 0.8.0+ Monit cjblomqvist 0.3.x Multicast DNS (mDNS) calyhre 0.33.0+ Nuke Containers josegonzalez 0.4.0+ Proctype Filter michaelshobbs 0.4.0+ robots.txt candlewaster 0.4.x Tor michaelshobbs 0.4.0+ UFW josegonzalez 0.3.x User Access mainto 0.4.0+ User ACL maciej \u0142ebkowski 0.4.0+1 Adds the ability to sync an application repo with a remote GitHub repo (useful for automated rebuilds without needing a git push from an external system
2 Adds the ability to invoke a post-deploy webhook with the IP, port and app name, all with a single config:set).
3 Extends app.json support to include creating volumes and creating / linking databases on push
4 Adds SQLite replication to external object storage via Litestream
"},{"location":"community/plugins/#other-plugins","title":"Other Plugins","text":"Plugin Author Compatibility Chef cookbook nickcharlton Discourse badsyntax 0.21.4+ Tailscale andrew-womeldorf 0.34.4+ Wordpress dokku-community 0.4.0+"},{"location":"community/plugins/#deprecated-plugins","title":"Deprecated Plugins","text":"The following plugins have been removed as their functionality is now in Dokku Core.
Plugin Author In Dokku Since Airbrake deploy flink v0.5.0 (deployment tasks) App User michaelshobbs v0.7.1 (herokuish 0.3.18) Bower/Grunt thrashr888 v0.5.0 (deployment tasks and .buildpacks) Bower/Gulp gdi2290 v0.5.0 (deployment tasks and .buildpacks) Bower install alexanderbeletsky v0.5.0 (deployment tasks and .buildpacks) Bower/Gulp jagandecapri v0.5.0 (deployment tasks and .buildpacks) Builders: bower, compass, gulp, grunt ignlg v0.5.0 (deployment tasks and .buildpacks) Custom Domains neam v0.3.10 (domains plugin) Debug josegonzalez v0.3.9 (trace command) Dockerfile custom path mimischi v0.25.0 (monorepo support) Docker Options dyson v0.3.17 (docker-options plugin) Dokku Name alex-sherwin v0.4.2 (named containers plugin) Events Logger alessio v0.3.21 (events plugin) Fonts ollej v0.5.0 (deployment tasks) git rev-parse HEAD in env cjblomqvist v0.12.0 (enhanced core git plugin) Host Port binding stuartpb v0.3.17 (docker-options plugin) Link Containers rlaneve v0.3.17 (docker-options plugin) List Containers josegonzalez v0.3.14 (ps plugin) Logspout michaelshobbs v0.22.6 (vector log shipping) Long Timeout investtools v0.21.0 (proxy-read-timeout nginx setting) Monorepo iamale v0.25.0 (monorepo builder support) Multi-Buildpack pauldub v0.4.0 (herokuish) Multiple Domains1 wmluke v0.3.10 (domains plugin) Multi Dockerfile artofrawr v0.25.0 (monorepo support) Named-containers flink v0.4.2 (named-containers plugin) Nginx Trust Proxy kingsquare v0.23.0 (nginx x-forwarded-* properties) Node ademuk v0.5.0 (deployment tasks and .buildpacks) Node pnegahdar v0.5.0 (deployment tasks and .buildpacks) Nginx-Alt mikexstudios v0.3.10 (domains plugin) Persistent Storage dyson v0.3.17 (docker-options plugin) Pre-Deploy Tasks michaelshobbs v0.5.0 (deployment tasks) PrimeCache darkpixel v0.3.0 (zero downtime deploys) Rollbar iloveitaly v0.5.0 (deployment tasks) Syslog michaelshobbs v0.22.6 (vector log shipping) Haproxy tcp load balancer 256dpi v0.28.0 (haproxt plugin) Process Manager: Circus apmorton v0.3.14/0.7.0 (ps/restart policy plugin) Process Manager: Forego flink v0.3.14/0.7.0 (ps plugin) Process Manager: Forego iskandar v0.3.14/0.7.0 (ps plugin) Process Manager: Logging Supervisord sehrope v0.3.14/0.7.0 (ps plugin) Process Manager: Shoreman statianzo v0.3.14/0.7.0 (ps plugin) Process Manager: Supervisord statianzo v0.3.14/0.7.0 (ps plugin) Rebuild application scottatron v0.3.14 (ps plugin) Reset mtime mixxorz Docker 1.8+ SSH Deployment Keys dokku v0.33.0 (git plugin) Supply env vars to buildpacks2 cameron-martin v0.3.9 (build-env plugin) Slack Notifications ribot v0.5.0 (deployment tasks) Telegram Notifications m0rth1um v0.5.0 (deployment tasks) user-env-compile2 motin v0.3.9 (build-env plugin) user-env-compile2 musicglue v0.3.9 (build-env plugin) Volume (persistent storage) ohardy v0.5.0 (storage plugin) Webhooks nickstenning v0.5.0 (deployment tasks) Wkhtmltopdf mbriskar v0.5.0 (deployment tasks)1 Conflicts with VHOSTS Custom Configuration 2 Similar to the heroku-labs feature
"},{"location":"community/plugins/#unmaintained-plugins","title":"Unmaintained Plugins","text":"The following plugins are no longer maintained by their developers.
Plugin Author Compatibility app-url mikecsh Works with 0.2.0 Chef cookbooks fgrehm CouchDB (multi containers) flink 0.4.0+ CouchDB raceHub Compatible with 0.2.0 Dokku Copy App Config Files alexkruegger Compatible with 0.3.17+ Dokku Registry agco-adm 0.4.0+ Elasticsearch robv Not compatible with >= 0.3.0 (still uses /home/git) Elasticsearch1 blag Compatible with 0.2.0 Graphite/statsd jlachowski < 0.4.0 HipChat Notifications cef Memcached flink 0.4.0+ MongoDB (single container) jeffutter MySQL hughfletcher Neo4j aomitayo PostGIS fermuch PostgreSQL (single container) jeffutter This plugin creates a single postgresql container that all your apps can use. Thus only one instance of postgresql running (good for servers without a ton of memory). Redis luxifer Redis sekjun9878 0.3.26+ RiakCS (single container) jeffutter Incompatible with 0.2.01 Forked from jezdez/dokku-elasticsearch-plugin: uses Elasticsearch 1.2 (instead of 0.90), doesn't depend on dokku-link, runs as elasticsearch user instead of root, and turns off multicast autodiscovery for use in a VPS environment.
"},{"location":"configuration/domains/","title":"Domain Configuration","text":"New
Introduced in 0.3.10
domains:add <app> <domain> [<domain> ...] # Add domains to app\ndomains:add-global <domain> [<domain> ...] # Add global domain names\ndomains:clear <app> # Clear all domains for app\ndomains:clear-global # Clear global domain names\ndomains:disable <app> # Disable VHOST support\ndomains:enable <app> # Enable VHOST support\ndomains:remove <app> <domain> [<domain> ...] # Remove domains from app\ndomains:remove-global <domain> [<domain> ...] # Remove global domain names\ndomains:report [<app>|--global] [<flag>] # Displays a domains report for one or more apps\ndomains:set <app> <domain> [<domain> ...] # Set domains for app\ndomains:set-global <domain> [<domain> ...] # Set global domain names\n
Info
Adding a domain before deploying an application will result in port mappings being set. This may cause issues for applications that use non-standard ports, as those will not be automatically detected. Please refer to the proxy documentation for information as to how to reconfigure the mappings.
"},{"location":"configuration/domains/#customizing-hostnames","title":"Customizing hostnames","text":"Applications typically have the following structure for their hostname:
scheme://subdomain.domain.tld\n
The subdomain
is inferred from the pushed application name, while the domain.tld
is set during initial dokku configuration. It can then be modified with dokku domains:add-global
and dokku domains:remove-global
. This value is used as a default TLD for all applications on a host.
If an FQDN such as dokku.org
is used as the application name, the global virtualhost will be ignored and the resulting vhost URL for that application will be dokku.org
.
You can optionally override this in a plugin by implementing the nginx-hostname
plugin trigger. If the nginx-hostname
plugin has no output, the normal hostname algorithm will be executed. See the plugin trigger documentation for more information.
If desired, it is possible to disable vhosts with the domains plugin.
dokku domains:disable node-js-app\n
On subsequent deploys, the nginx virtualhost will be discarded. This is useful when deploying internal-facing services that should not be publicly routeable. As of 0.4.0, nginx will still be configured to proxy your app on some random high port. This allows internal services to maintain the same port between deployments. You may change this port by setting DOKKU_PROXY_PORT
and/or DOKKU_PROXY_SSL_PORT
(for services configured to use SSL.)
The domains plugin allows you to specify custom domains for applications. This plugin is aware of any ssl certificates that are imported via certs:add
. Be aware that disabling domains (with domains:disable
) will override any custom domains.
# where `node-js-app` is the name of your app\n\n# add a domain to an app\ndokku domains:add node-js-app dokku.me\n\n# list custom domains for app\ndokku domains:report node-js-app\n\n# clear all custom domains for app\ndokku domains:clear node-js-app\n\n# remove a custom domain from app\ndokku domains:remove node-js-app dokku.me\n\n# set all custom domains for app\ndokku domains:set node-js-app dokku.me dokku.org\n
"},{"location":"configuration/domains/#displaying-domains-reports-for-an-app","title":"Displaying domains reports for an app","text":"New
Introduced in 0.8.1
You can get a report about the app's domains status using the domains:report
command:
dokku domains:report\n
=====> node-js-app domains information\n Domains app enabled: true\n Domains app vhosts: node-js-app.dokku.org\n Domains global enabled: true\n Domains global vhosts: dokku.org\n=====> python-app domains information\n Domains app enabled: true\n Domains app vhosts: python-app.dokku.org\n Domains global enabled: true\n Domains global vhosts: dokku.org\n=====> ruby-app domains information\n Domains app enabled: true\n Domains app vhosts: ruby-app.dokku.org\n Domains global enabled: true\n Domains global vhosts: dokku.org\n
You can run the command for a specific app also.
ShellOutputdokku domains:report node-js-app\n
=====> node-js-app domains information\n Domains app enabled: true\n Domains app vhosts: node-js-app.dokku.org\n Domains global enabled: true\n Domains global vhosts: dokku.org\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku domains:report node-js-app --domains-app-enabled\n
"},{"location":"configuration/domains/#default-site","title":"Default site","text":"This is specific to your proxy plugin of choice. See the nginx documentation for more information on how to configure this for the default nginx proxy implementation.
"},{"location":"configuration/environment-variables/","title":"Environment Variables","text":"Typically an application will require some configuration to run properly. Dokku supports application configuration via environment variables. Environment variables may contain private data, such as passwords or API keys, so it is not recommended to store them in your application's repository.
The config
plugin provides the following commands to manage your variables:
config:show (<app>|--global) Pretty-print an app or global environment\nconfig:bundle (<app>|--global) [--merged] Bundle environment into tarfile\nconfig:clear (<app>|--global) Clears environment variables\nconfig:export (<app>|--global) [--envfile] Export a global or app environment\nconfig:get (<app>|--global) KEY Display a global or app-specific config value\nconfig:keys (<app>|--global) [--merged] Show keys set in environment\nconfig:set [--encoded] [--no-restart] (<app>|--global) KEY1=VALUE1 [KEY2=VALUE2 ...] Set one or more config vars\nconfig:unset [--no-restart] (<app>|--global) KEY1 [KEY2 ...] Unset one or more config vars\n
Info
For security reasons - and as per docker recommendations - Dockerfile-based deploys have variables available only during runtime, as noted in this issue. Consider using build arguments to expose variables during build-time for Dockerfile apps.
Environment variables are available both at run time and during the application build/compilation step for buildpack-based deploys.
For buildpack deploys, Dokku will create a /app/.env
file that can be used for legacy buildpacks. Note that this is not updated when config:set
or config:unset
is called, and is only written during a deploy
or ps:rebuild
. Developers are encouraged to instead read from the application environment directly, as the proper values will be available then.
Note
Global ENV
files are sourced before app-specific ENV
files. This means that app-specific variables will take precedence over global variables. Configuring your global ENV
file is manual, and should be considered potentially dangerous as configuration applies to all applications.
You can set multiple environment variables at once:
dokku config:set node-js-app ENV=prod COMPILE_ASSETS=1\n
Whitespace and special characters get tricky. If you are using dokku locally you don't need to do any special escaping. If you are using dokku over ssh you will need to backslash-escape spaces:
dokku config:set node-js-app KEY=\"VAL\\ WITH\\ SPACES\"\n
Dokku can also read base64 encoded values. That's the easiest way to set a value with newlines or spaces. To set a value with newlines you need to base64 encode it first and pass the --encoded
flag:
dokku config:set --encoded node-js-app KEY=\"$(base64 ~/.ssh/id_rsa)\"\n
When setting or unsetting environment variables, you may wish to avoid an application restart. This is useful when developing plugins or when setting multiple environment variables in a scripted manner. To do so, use the --no-restart
flag:
dokku config:set --no-restart node-js-app ENV=prod\n
If you wish to have the variables output in an eval
-compatible form, you can use the config:export
command
dokku config:export node-js-app\n# outputs variables in the form:\n#\n# export ENV='prod'\n# export COMPILE_ASSETS='1'\n\n# source in all the node-js-app app environment variables\neval $(dokku config:export node-js-app)\n
You can control the format of the exported variables with the --format
flag. --format=shell
will output the variables in a single-line for usage in command-line utilities:
dokku config:export --format shell node-js-app\n\n# outputs variables in the form:\n#\n# ENV='prod' COMPILE_ASSETS='1'\n
"},{"location":"configuration/environment-variables/#special-config-variables","title":"Special Config Variables","text":"The following config variables have special meanings and can be set in a variety of ways. Unless specified via global app config, the values may not be passed into applications. Usage of these values within applications should be considered unsafe, as they are an internal configuration values that may be moved to the internal properties system in the future.
Warning
This list is not exhaustive, and may vary from version to version.
Name Default How to modify DescriptionDOKKU_ROOT
~dokku
/etc/environment
The root directory where dokku will store application repositories, as well as certain configuration files. DOKKU_IMAGE
gliderlabs/herokuish
/etc/environment
~dokku/.dokkurc
~dokku/.dokkurc/*
The default image to use when building herokuish containers. Deprecated in favor of using buildpacks:set-property
DOKKU_LIB_ROOT
/var/lib/dokku
/etc/environment
~dokku/.dokkurc
~dokku/.dokkurc/*
The directory where plugins, certain data, and general configuration is stored. PLUGIN_PATH
$DOKKU_LIB_ROOT/plugins\"
/etc/environment
~dokku/.dokkurc
~dokku/.dokkurc/*
The top-level directory where plugins are stored. PLUGIN_AVAILABLE_PATH
$PLUGIN_PATH/available\"
/etc/environment
~dokku/.dokkurc
~dokku/.dokkurc/*
The directory that holds all available plugins, including core. PLUGIN_ENABLED_PATH
$PLUGIN_PATH/enabled\"
/etc/environment
~dokku/.dokkurc
~dokku/.dokkurc/*
The directory that holds all enabled plugins, including core. PLUGIN_CORE_PATH
$DOKKU_LIB_ROOT/core-plugins\"
/etc/environment
~dokku/.dokkurc
~dokku/.dokkurc/*
The directory that stores all core plugins. PLUGIN_CORE_AVAILABLE_PATH
$PLUGIN_CORE_PATH/available\"
/etc/environment
~dokku/.dokkurc
~dokku/.dokkurc/*
The directory that stores all available core plugins. PLUGIN_CORE_ENABLED_PATH
$PLUGIN_CORE_PATH/enabled\"
/etc/environment
~dokku/.dokkurc
~dokku/.dokkurc/*
The directory that stores all enabled core plugins. DOKKU_LOGS_DIR
/var/log/dokku
/etc/environment
~dokku/.dokkurc
~dokku/.dokkurc/*
Where dokku logs should be written to. DOKKU_LOGS_HOST_DIR
$DOKKU_LOGS_DIR
/etc/environment
~dokku/.dokkurc
~dokku/.dokkurc/*
A path on the host that will be mounted into the vector logging container. DOKKU_EVENTS_LOGFILE
$DOKKU_LOGS_DIR/events.log
/etc/environment
~dokku/.dokkurc
~dokku/.dokkurc/*
Where the events log file is written to. DOKKU_APP_NAME
none --app APP
flag Name of application to work on. Respected by core plugins. DOKKU_APPS_FORCE_DELETE
none --force
flag Whether to force delete an application. Also used by other plugins for destructive actions. DOKKU_CHECKS_URL
https://dokku.com/docs/deployment/zero-downtime-deploys/
/etc/environment
~dokku/.dokkurc
~dokku/.dokkurc/*
Url displayed during deployment when no CHECKS file exists. DOKKU_QUIET_OUTPUT
none --quiet
flag Silences certain header output for dokku
commands. DOKKU_RM_CONTAINER
none dokku config:set
Deprecated: Whether to keep dokku run
containers around or not. DOKKU_TRACE
none dokku trace:on
dokku trace:off
--trace
flag Turn on very verbose debugging. DOKKU_APP_PROXY_TYPE
nginx
dokku proxy:set
DOKKU_APP_RESTORE
1
dokku config:set
dokku ps:stop
DOKKU_APP_SHELL
/bin/bash
dokku config:set
Allows users to change the default shell used by Dokku for dokku enter
and execution of deployment tasks. DOKKU_APP_TYPE
herokuish
Auto-detected by using buildpacks or dockerfile DOKKU_CHECKS_DISABLED
none dokku checks:disable
DOKKU_CHECKS_ENABLED
none dokku checks:enable
DOKKU_CHECKS_SKIPPED
none dokku checks:skip
DOKKU_CHECKS_WAIT
5
dokku config:set
Wait this many seconds for the container to start before running checks. DOKKU_CHECKS_TIMEOUT
30
dokku config:set
Wait this many seconds for each response before marking it as a failure. DOKKU_CHECKS_ATTEMPTS
5
dokku config:set
Number of retries for to run for a specific check before marking it as a failure DOKKU_DEFAULT_CHECKS_WAIT
10
dokku config:set
If no user-defined checks are specified - or if the process being checked is not a web
process - this is the period of time Dokku will wait before checking that a container is still running. DOKKU_DISABLE_PROXY
none dokku proxy:disable
dokku proxy:enable
Disables the proxy in front of your application, resulting in publicly routing the docker container. DOKKU_DISABLE_ANSI_PREFIX_REMOVAL
none dokku config:set
/etc/environment
~dokku/.dokkurc
~dokku/.dokkurc/*
Disables removal of the ANSI prefix during deploys. Can be used in cases where the client deployer does not understand ansi escape codes. DOKKU_DISABLE_APP_AUTOCREATION
none dokku config:set
Disables automatic creation of a non-existent app on deploy. DOKKU_DOCKER_STOP_TIMEOUT
10
dokku config:set
Configurable grace period given to the docker stop
command. If a container has not stopped by this time, a kill -9
signal or equivalent is sent in order to force-terminate the container. Both the ps:stop
and apps:destroy
commands also respect this value. If not specified, the docker defaults for the docker stop command will be used. DOKKU_DOCKERFILE_CACHE_BUILD
none dokku config:set
DOKKU_DOCKERFILE_START_CMD
none dokku config:set
DOKKU_PARALLEL_ARGUMENTS
. none dokku config:set
Allows passing custom arguments to parallel for ps:*all
commands DOKKU_PROXY_PORT
automatically assigned /etc/environment
~dokku/.dokkurc
~dokku/.dokkurc/*
dokku config:set
DOKKU_PROXY_SSL_PORT
automatically assigned /etc/environment
~dokku/.dokkurc
~dokku/.dokkurc/*
dokku config:set
DOKKU_SKIP_ALL_CHECKS
none dokku config:set
DOKKU_SKIP_CLEANUP
/etc/environment
~dokku/.dokkurc
~dokku/.dokkurc/*
When a deploy is triggered, if this is set to a non-empty value, then old docker containers and images will not be removed. DOKKU_SKIP_DEFAULT_CHECKS
dokku config:set
DOKKU_SKIP_DEPLOY
dokku config:set
DOKKU_START_CMD
none dokku config:set
Command to run instead of /start $PROC_TYPE
DOKKU_SYSTEM_GROUP
dokku
/etc/environment
~dokku/.dokkurc
~dokku/.dokkurc/*
System group to chown files as. DOKKU_SYSTEM_USER
dokku
/etc/environment
~dokku/.dokkurc
~dokku/.dokkurc/*
System user to chown files as."},{"location":"configuration/ssl/","title":"SSL Configuration","text":"New
Introduced in 0.4.0
Dokku supports SSL/TLS certificate inspection and CSR/Self-signed certificate generation via the certs
plugin. Note that whenever SSL/TLS support is enabled SPDY is also enabled.
certs:add <app> CRT KEY # Add an ssl endpoint to an app. Can also import from a tarball on stdin.\ncerts:generate <app> DOMAIN # Generate a key and certificate signing request (and self-signed certificate)\ncerts:remove <app> # Remove an SSL Endpoint from an app.\ncerts:report [<app>] [<flag>] # Displays an ssl report for one or more apps\ncerts:show <app> <crt|key> # Show the server.crt or server.key on stdout\ncerts:update <app> CRT KEY # Update an SSL Endpoint on an app. Can also import from a tarball on stdin\n
# for 0.3.x\ndokku nginx:import-ssl <app> < certs.tar\n
Info
Adding an ssl certificate before deploying an application will result in port mappings being updated. This may cause issues for applications that use non-standard ports, as those may not be automatically detected. Please refer to the proxy documentation for information as to how to reconfigure the mappings.
"},{"location":"configuration/ssl/#per-application-certificate-management","title":"Per-application certificate management","text":"Dokku provides built-in support for managing SSL certificates on a per-application basis. SSL is managed via nginx outside of application containers, and as such can be updated on-the-fly without rebuilding containers. At this time, applications only support a single SSL certificate at a time. To support multiple domains for a single application, wildcard certificate usage is encouraged.
"},{"location":"configuration/ssl/#certificate-setting","title":"Certificate setting","text":"The certs:add
command can be used to push a tar
containing a certificate .crt
and .key
file to a single application. The command should correctly handle cases where the .crt
and .key
are not named properly or are nested in a subdirectory of said tar
file. You can import it as follows:
tar cvf cert-key.tar server.crt server.key\ndokku certs:add node-js-app < cert-key.tar\n
Note
If your .crt
file came alongside a .ca-bundle
, you'll want to concatenate those into a single .crt
file before adding it to the .tar
.
cat yourdomain_com.crt yourdomain_com.ca-bundle > server.crt\n
"},{"location":"configuration/ssl/#ssl-and-multiple-domains","title":"SSL and Multiple Domains","text":"When an SSL certificate is associated to an application, the certificate will be associated with all domains currently associated with said application. Your certificate should be associated with all of those domains, otherwise accessing the application will result in SSL errors. If you wish to remove one of the domains from the application, refer to the domain configuration documentation.
Note that with the default nginx template, requests will be redirected to the https
version of the domain. If this is not the desired state of request resolution, you may customize the nginx template in use. For more details, see the nginx documentation.
Note
Using this method will create a self-signed certificate, which is only recommended for development or staging use, not production environments.
The certs:generate
command will walk you through the correct openssl
commands to create a key, csr and a self-signed cert for a given app/domain. We automatically put the self-signed cert in place as well as add the specified domain to the application configuration.
If you decide to obtain a CA signed certificate, you can import that certificate using the aforementioned dokku certs:add
command.
The certs:remove
command only works on app-specific certificates. It will rm
the app-specific tls directory, rebuild the nginx configuration, and reload nginx.
The certs:show
command can be used to show your configured certs for an app. The show command can be used for example to export Let's Encrypt certificates after they've been generated. You can export it as follows:
dokku certs:show node-js-app crt > server.crt\ndokku certs:show node-js-app key > server.key\n
"},{"location":"configuration/ssl/#displaying-certificate-reports-for-an-app","title":"Displaying certificate reports for an app","text":"New
Introduced in 0.8.1
You can get a report about the apps ssl status using the certs:report
command:
dokku certs:report\n
=====> node-js-app\n Ssl dir: /home/dokku/node-js-app/tls\n Ssl enabled: true\n Ssl hostnames: *.node-js-app.org node-js-app.org\n Ssl expires at: Oct 5 23:59:59 2019 GMT\n Ssl issuer: C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Domain Validation Secure Server CA\n Ssl starts at: Oct 5 00:00:00 2016 GMT\n Ssl subject: OU=Domain Control Validated; OU=PositiveSSL Wildcard; CN=*.node-js-app.org\n Ssl verified: self signed.\n=====> python-app\n Ssl dir: /home/dokku/python-app/tls\n Ssl enabled: false\n Ssl hostnames:\n Ssl expires at:\n Ssl issuer:\n Ssl starts at:\n Ssl subject:\n Ssl verified:\n
You can run the command for a specific app also.
ShellOutputdokku certs:report node-js-app\n
=====> node-js-app ssl information\n Ssl dir: /home/dokku/node-js-app/tls\n Ssl enabled: true\n Ssl hostnames: *.dokku.org dokku.org\n Ssl expires at: Oct 5 23:59:59 2019 GMT\n Ssl issuer: C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Domain Validation Secure Server CA\n Ssl starts at: Oct 5 00:00:00 2016 GMT\n Ssl subject: OU=Domain Control Validated; OU=PositiveSSL Wildcard; CN=*.dokku.org\n Ssl verified: self signed.\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku certs:report node-js-app --ssl-enabled\n
"},{"location":"configuration/ssl/#hsts-header","title":"HSTS Header","text":"The HSTS header is an HTTP header that can inform browsers that all requests to a given site should be made via HTTPS. Dokku enables this header by default for HTTPS requests.
See the NGINX HSTS documentation for more information on how the HSTS configuration can be managed for your application.
"},{"location":"configuration/ssl/#http2-support","title":"HTTP/2 support","text":"Certain versions of nginx have bugs that prevent HTTP/2 from properly responding to all clients, thus causing applications to be unavailable. For HTTP/2 to be enabled in your applications' nginx configs, you need to have installed nginx 1.11.5 or higher. See issue 2435 for more details.
"},{"location":"configuration/ssl/#ssl-port-exposure","title":"SSL Port Exposure","text":"When your app is served from port 80
then the /home/dokku/APP/nginx.conf
file will automatically be updated to instruct nginx to respond to ssl on port 443 as a new cert is added. If your app uses a non-standard port (perhaps you have a dockerfile deploy exposing port 99999
) you may need to manually expose an ssl port via dokku ports:add <APP> https:443:99999
.
X-Forwarded-Ssl
, etc.)","text":"See the running behind another proxy documentation for more information on how to configure your Nginx config when your server is running behind a proxy (e.g. load balancer, etc.).
"},{"location":"deployment/application-deployment/","title":"Deploying an Application","text":"Note
This walkthrough uses the hostname dokku.me
in commands. When deploying to your own server, you should substitute the domain dokku.me
for the domain name or IP address associated with your server. Users of the Vagrant VM included with Dokku can use dokku.me
which points to the IP of the VM.
Once you have configured Dokku with at least one user, you can deploy applications using git push
. To quickly see Dokku deployment in action, try using the Heroku Ruby on Rails \"Getting Started\" app.
# from your local machine\ngit clone https://github.com/heroku/ruby-getting-started\n
"},{"location":"deployment/application-deployment/#create-the-app","title":"Create the app","text":"SSH into the Dokku host and create the application as follows:
# on the Dokku host\ndokku apps:create ruby-getting-started\n
"},{"location":"deployment/application-deployment/#create-the-backing-services","title":"Create the backing services","text":"Dokku by default does not provide datastores (e.g. MySQL, PostgreSQL) on a newly created app. You can add datastore support by installing plugins, and the Dokku project provides official plugins for common datastores.
The Getting Started app requires a PostgreSQL service, so install the plugin and create the related service as follows:
# on the Dokku host\n# install the postgres plugin\n# plugin installation requires root, hence the user change\nsudo dokku plugin:install https://github.com/dokku/dokku-postgres.git\n\n# create a postgres service with the name railsdatabase\ndokku postgres:create railsdatabase\n
Each service may take a few moments to create.
"},{"location":"deployment/application-deployment/#linking-backing-services-to-applications","title":"Linking backing services to applications","text":"Once the services have been created, you then set the DATABASE_URL
environment variable by linking the service, as follows:
# on the Dokku host\n# each official datastore offers a `link` method to link a service to any application\ndokku postgres:link railsdatabase ruby-getting-started\n
Dokku supports linking a single service to multiple applications as well as linking only one service per application.
"},{"location":"deployment/application-deployment/#deploy-the-app","title":"Deploy the app","text":"Warning
Your app should respect the PORT
environment variable, otherwise it may not respond to web requests. You can find more information in the port management documentation.**
Now you can deploy the ruby-getting-started
app to your Dokku server. All you have to do is add a remote to name the app. Applications are created on-the-fly on the Dokku server.
# from your local machine\n# the remote username *must* be dokku or pushes will fail\ncd ruby-getting-started\ngit remote add dokku dokku@dokku.me:ruby-getting-started\ngit push dokku main\n
Note
Some tools may not support the short-upstream syntax referenced above, and you may need to prefix the upstream with the scheme ssh://
like so: ssh://dokku@dokku.me:ruby-getting-started
Please see the Git documentation for more details.
Note
Your private key should be registered with ssh-agent
in your local development environment. If you get a permission denied
error when pushing, you can register your private key as follows: ssh-add -k ~/<your private key>
.
After running git push dokku main
, you should have output similar to this in your terminal:
Counting objects: 231, done.\nDelta compression using up to 8 threads.\nCompressing objects: 100% (162/162), done.\nWriting objects: 100% (231/231), 36.96 KiB | 0 bytes/s, done.\nTotal 231 (delta 93), reused 147 (delta 53)\n-----> Cleaning up...\n-----> Building ruby-getting-started from herokuish...\n-----> Adding BUILD_ENV to build environment...\n-----> Ruby app detected\n-----> Compiling Ruby/Rails\n-----> Using Ruby version: ruby-2.2.1\n-----> Installing dependencies using 1.9.7\n Running: bundle install --without development:test --path vendor/bundle --binstubs vendor/bundle/bin -j4 --deployment\n Fetching gem metadata from https://rubygems.org/...........\n Fetching version metadata from https://rubygems.org/...\n Fetching dependency metadata from https://rubygems.org/..\n Using rake 10.4.2\n\n...\n\n=====> Application deployed:\n http://ruby-getting-started.dokku.me\n
Once the deploy is complete, the application's web URL will be generated as above.
Dokku supports deploying applications in a few ways:
Info
While SSL certificates can be imported, automated SSL via Letsencrypt requires that all domains on an app correctly point at your server's public ip address. Please keep this in mind when using Letsencrypt.
For many users, responding to requests via https
will be desirable. Dokku has a complete ssl plugin built in that can be used to import SSL certificates (below is a short example, please refer to the ssl documentation for more information):
dokku certs:add ruby-getting-started server.crt server.key\n
As an alternative, the Dokku project offers an optional letsencrypt plugin that can be used to automate SSL certificate retrieval and renewal.
# on the Dokku host\n# install the letsencrypt plugin\n# plugin installation requires root, hence the user change\nsudo dokku plugin:install https://github.com/dokku/dokku-letsencrypt.git\n\n# set global email for letsencrypt\ndokku letsencrypt:set --global email your-email@your.domain.com\n\n# set a custom domain that you own for your application\ndokku domains:set ruby-getting-started ruby-getting-started.your.domain.com\n\n# enable letsencrypt\ndokku letsencrypt:enable ruby-getting-started\n\n# enable auto-renewal\ndokku letsencrypt:cron-job --add\n
"},{"location":"deployment/application-deployment/#skipping-deployment","title":"Skipping deployment","text":"If you only want to rebuild and tag a container, you can skip the deployment phase by setting $DOKKU_SKIP_DEPLOY
to true
by running:
# on the Dokku host\ndokku config:set ruby-getting-started DOKKU_SKIP_DEPLOY=true\n
"},{"location":"deployment/application-deployment/#redeploying-or-restarting","title":"Redeploying or restarting","text":"If you need to redeploy or restart your app:
# on the Dokku host\ndokku ps:rebuild ruby-getting-started\n
See the process scaling documentation for more information on how to manage your app processes.
"},{"location":"deployment/application-deployment/#deploying-with-private-git-submodules","title":"Deploying with private Git submodules","text":"Dokku uses Git locally (i.e. not a Docker image) to build its own copy of your app repo, including submodules, as the dokku
user. This means that in order to deploy private Git submodules, you need to put your deploy key in /home/dokku/.ssh/
and potentially add github.com
(or your VCS host key) into /home/dokku/.ssh/known_hosts
. You can use the following test to confirm your setup is correct:
# on the Dokku host\nsu - dokku\nssh-keyscan -t rsa github.com >> ~/.ssh/known_hosts\nssh -T git@github.com\n
Warning
if the buildpack or Dockerfile build process require SSH key access for other reasons, the above may not always apply.
"},{"location":"deployment/application-deployment/#deploying-to-subdomains","title":"Deploying to subdomains","text":"If you do not enter a fully qualified domain name when pushing your app, Dokku deploys the app to <remotename>.yourdomain.tld
as follows:
# from your local machine\n# the remote username *must* be dokku or pushes will fail\n# the below example assumes your app server domain or IP is dokku.me. Push in the form of: dokku@{serveripordomain}:{dokkuappname}\ngit remote add dokku dokku@dokku.me:ruby-getting-started\ngit push dokku main\n
remote: -----> Application deployed:\nremote: http://ruby-getting-started.dokku.me\n
You can also specify the fully qualified name as follows:
ShellOutput# from your local machine\n# the remote username *must* be dokku or pushes will fail\ngit remote add dokku dokku@dokku.me:app.dokku.me\ngit push dokku main\n
remote: -----> Application deployed:\nremote: http://app.dokku.me\n
This is useful when you want to deploy to the root domain:
ShellOutput# from your local machine\n# the remote username *must* be dokku or pushes will fail\ngit remote add dokku dokku@dokku.me:dokku.me\ngit push dokku main\n
... deployment ...\n\nremote: -----> Application deployed:\nremote: http://dokku.me\n
"},{"location":"deployment/application-deployment/#dokkudocker-container-management-compatibility","title":"Dokku/Docker container management compatibility","text":"Dokku is, at its core, a Docker container manager. Thus, it does not necessarily play well with other out-of-band processes interacting with the Docker daemon.
Prior to every deployment, Dokku will execute a cleanup function. As of 0.5.x, the cleanup removes all containers with the dokku
label where the status is either dead
or exited
(previous versions would remove all dead
or exited
containers). The cleanup function also removes all images with dangling
status.
See the user management documentation for more information on how to manage users with access to your Dokku server.
"},{"location":"deployment/application-deployment/#default-vhost","title":"Default vhost","text":"See the domains documentation for more information on how to manage the default site.
"},{"location":"deployment/application-deployment/#deploying-non-master-branch","title":"Deploying non-master branch","text":"See the Git documentation for more information on deploying a non-master branch to your application.
"},{"location":"deployment/application-deployment/#dockerfile-deployment","title":"Dockerfile deployment","text":"See the Dockerfile documentation for information Dokku's Dockerfile support.
"},{"location":"deployment/application-deployment/#image-tagging","title":"Image tagging","text":"See the image tagging documentation for more information on how Docker images can be tagged and deployed for a given application.
"},{"location":"deployment/application-deployment/#specifying-a-custom-buildpack","title":"Specifying a custom buildpack","text":"See the herokuish buildpack documentation for more information on how to specify a set of custom buildpacks for your application.
"},{"location":"deployment/application-deployment/#removing-a-deployed-app","title":"Removing a deployed app","text":"See the application management documentation for more information on how to remove an application from your Dokku server.
"},{"location":"deployment/application-deployment/#renaming-a-deployed-app","title":"Renaming a deployed app","text":"See the application management documentation for more information on how an application can be renamed and the impact of doing so upon the application and associated resources.
"},{"location":"deployment/application-deployment/#zero-downtime-deploy","title":"Zero downtime deploy","text":"See the zero-downtime deploy documentation for more information on how Dokku enables zero-downtime deploys.
"},{"location":"deployment/application-management/","title":"Application Management","text":"New
Introduced in 0.3.1
apps:clone <old-app> <new-app> # Clones an app\napps:create <app> # Create a new app\napps:destroy <app> # Permanently destroy an app\napps:exists <app> # Checks if an app exists\napps:list # List your apps\napps:lock <app> # Locks an app for deployment\napps:locked <app> # Checks if an app is locked for deployment\napps:rename <old-app> <new-app> # Rename an app\napps:report [<app>] [<flag>] # Display report about an app\napps:unlock <app> # Unlocks an app for deployment\n
"},{"location":"deployment/application-management/#usage","title":"Usage","text":""},{"location":"deployment/application-management/#listing-applications","title":"Listing applications","text":"New
Introduced in 0.8.1. Use the apps
command for older versions.
You can easily list all available applications using the apps:list
command:
dokku apps:list\n
=====> My Apps\nnode-js-app\npython-app\n
Note that you can easily hide extra output from Dokku commands by using the --quiet
flag, which makes it easier to parse on the command line.
dokku --quiet apps:list\n
node-js-app\npython-app\n
"},{"location":"deployment/application-management/#checking-if-an-application-exists","title":"Checking if an application exists","text":"For CI/CD pipelines, it may be useful to see if an application exists before creating a \"review\" application for a specific branch. You can do so via the apps:exists
command:
dokku apps:exists node-js-app\n
App does not exist\n
The apps:exists
command will return non-zero if the application does not exist, and zero if it does.
A common pattern for deploying applications to Dokku is to configure an application before deploying it. You can do so via the apps:create
command:
dokku apps:create node-js-app\n
Creating node-js-app... done\n
Once created, you can configure the application as normal, and deploy the application whenever ready. This is useful for cases where you may wish to do any of the following kinds of tasks:
In some cases, you may need to destroy an application, whether it is because the application is temporary or because it was misconfigured. In these cases, you can use the apps:destroy
command. Performing any destructive actions in Dokku requires confirmation, and this command will ask for the name of the application being deleted before doing so.
dokku apps:destroy node-js-app\n
! WARNING: Potentially Destructive Action\n ! This command will destroy node-js-app (including all add-ons).\n ! To proceed, type \"node-js-app\"\n\nDestroying node-js-app (including all add-ons)\n
Info
node-js-app
This will prompt you to verify the application's name before destroying it. You may also use the --force
flag to circumvent this verification process:
dokku --force apps:destroy node-js-app\n
Destroying node-js-app (including all add-ons)\n
The --force
flag can also be specified on the command vs globally:
dokku apps:destroy --force node-js-app\n
Destroying node-js-app (including all add-ons)\n
Destroying an application will unlink all linked services and destroy any config related to the application. Note that linked services will retain their data for later use (or removal).
"},{"location":"deployment/application-management/#renaming-a-deployed-app","title":"Renaming a deployed app","text":"New
Introduced in 0.4.7
You can rename a deployed app using the apps:rename
command. Note that the application must have been deployed at least once, or the rename will not complete successfully:
dokku apps:rename node-js-app io-js-app\n
Destroying node-js-app (including all add-ons)\n-----> Cleaning up...\n-----> Building io-js-app from herokuish...\n-----> Adding BUILD_ENV to build environment...\n-----> Node.js app detected\n\n-----> Creating runtime environment\n\n...\n\n=====> Application deployed:\n http://io-js-app.ci.dokku.me\n\nRenaming node-js-app to io-js-app... done\n
This will copy all of your app's contents into a new app directory with the name of your choice, delete your old app, then rebuild the new version of the app and deploy it. All of your config variables, including database urls, will be preserved.
By default, Dokku will deploy the renamed app, though you can skip the deploy by using the --skip-deploy
flag:
dokku apps:rename --skip-deploy node-js-app io-js-app\n
Remember to also change your git remote on your local machine in order to make git push dokku main
work again. For this you can use git remote set-url
.
git remote set-url dokku dokku@dokku.me:io-js-app\n
"},{"location":"deployment/application-management/#cloning-an-existing-app","title":"Cloning an existing app","text":"New
Introduced in 0.11.5
You can clone an existing app using the apps:clone
command. Note that the application must have been deployed at least once, or cloning will not complete successfully:
dokku apps:clone node-js-app io-js-app\n
Cloning node-js-app to io-js-app... done\n
This will copy all of your app's contents into a new app directory with the name of your choice and then rebuild the new version of the app and deploy it with the following caveats:
https
and host-port 443
will be skipped.Warning
If you have exposed specific ports via docker-options
plugin, or performed anything that cannot be done against multiple applications, apps:clone
may result in errors.
By default, Dokku will deploy this new app, though you can skip the deploy by using the --skip-deploy
flag:
dokku apps:clone --skip-deploy node-js-app io-js-app\n
Finally, if the application already exists, you may wish to ignore errors resulting from attempting to clone over it. To do so, you can use the --ignore-existing
flag. A warning will be emitted, but the command will return 0
.
dokku apps:clone --ignore-existing node-js-app io-js-app\n
"},{"location":"deployment/application-management/#locking-app-deploys","title":"Locking app deploys","text":"New
Introduced in 0.11.6
If you wish to disable deploying for a period of time, this can be done via deploy locks. Normally, deploy locks exist only for the duration of a deploy so as to avoid deploys from colliding, but a deploy lock can be created by running the apps:lock
command.
dokku apps:lock node-js-app\n
-----> Deploy lock created\n
"},{"location":"deployment/application-management/#unlocking-app-deploys","title":"Unlocking app deploys","text":"New
Introduced in 0.11.6
In some cases, it may be necessary to remove an existing deploy lock. This can be performed via the apps:unlock
command.
Warning
Removing the deploy lock will not stop in progress deploys. At this time, in progress deploys will need to be manually terminated by someone with server access.
ShellOutputdokku apps:unlock node-js-app\n
! A deploy may be in progress.\n ! Removing the app lock will not stop in progress deploys.\n-----> Deploy lock removed.\n
"},{"location":"deployment/application-management/#checking-lock-status","title":"Checking lock status","text":"New
Introduced in 0.13.0
In some cases, you may wish to inspect the state of an app lock. To do so, you can issue an apps:lock
command. This will exit non-zero if there is no app lock in place.
dokku apps:locked node-js-app\n
Deploy lock does not exist\n
"},{"location":"deployment/application-management/#displaying-reports-for-an-app","title":"Displaying reports for an app","text":"New
Introduced in 0.8.1
You can get a report about the deployed apps using the apps:report
command:
dokku apps:report\n
=====> node-js-app app information\n App created at: 1635126111\n App dir: /home/dokku/node-js-app\n App deploy source: git\n App deploy source metadata: cd7b8afccb202f222e7dc7b427553e71ba5ddafd\n App locked: false\n=====> python-sample app information\n App created at: 1635126000\n App dir: /home/dokku/python-sample\n App deploy source:\n App deploy source metadata:\n App locked: false\n=====> ruby-sample app information\n App created at: 1635122462\n App dir: /home/dokku/ruby-sample\n App deploy source: git\n App deploy source metadata: c60921ea2799ca108276414b95ea197f16798d51\n App locked: false\n
You can run the command for a specific app also.
ShellOutputdokku apps:report node-js-app\n
=====> node-js-app app information\n App dir: /home/dokku/node-js-app\n App deploy source: git\n App deploy source metadata: cd7b8afccb202f222e7dc7b427553e71ba5ddafd\n App locked: false\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku apps:report node-js-app --app-dir\n
"},{"location":"deployment/logs/","title":"Log Management","text":"logs <app> [-h|--help] [-t|--tail] [-n|--num num] [-q|--quiet] [-p|--ps process] # Display recent log output\nlogs:failed --all|<app> # Shows the last failed deploy logs\nlogs:report [<app>] [<flag>] # Displays a logs report for one or more apps\nlogs:set [--global|<app>] <key> <value> # Set or clear a logs property for an app\nlogs:vector-logs [--num num] [--tail] # Display vector log output\nlogs:vector-start # Start the vector logging container\nlogs:vector-stop # Stop the vector logging container\n
"},{"location":"deployment/logs/#usage","title":"Usage","text":""},{"location":"deployment/logs/#application-logs","title":"Application logs","text":"You can easily get logs of an app using the logs
command:
dokku logs node-js-app\n
Logs are pulled via integration with the scheduler for the specified application via \"live tailing\". As such, logs from previously running deployments are usually not available. Users that desire to see logs from previous deployments for debugging purposes should persist those logs to external services. Please see Dokku's vector integration for more information on how to persist logs across deployments to ship logs to another service or a third-party platform.
"},{"location":"deployment/logs/#behavioral-modifiers","title":"Behavioral modifiers","text":"Dokku also supports certain command-line arguments that augment the log
command's behavior.
-n, --num NUM # the number of lines to display\n-p, --ps PS # only display logs from the given process\n-t, --tail # continually stream logs\n-q, --quiet # display raw logs without colors, time and names\n
You can use these modifiers as follows:
dokku logs node-js-app -t -p web\n
The above command will show logs continually from the web process.
"},{"location":"deployment/logs/#failed-deploy-logs","title":"Failed deploy logs","text":"Warning
The default docker-local scheduler will \"store\" these until the next deploy or until the old containers are garbage collected - whichever runs first. If you require the logs beyond this point in time, please ship the logs to a centralized log server.
In some cases, it may be useful to retrieve the logs from a previously failed deploy.
You can retrieve these logs by using the logs:failed
command.
dokku logs:failed node-js-app\n
You may also fetch all failed app logs by using the --all
flag.
dokku logs:failed --all\n
"},{"location":"deployment/logs/#docker-log-retention","title":"Docker Log Retention","text":"Docker log retention can be specified via the logs:set
command by specifying a value for max-size
. Log retention is set via injected docker options for all applications, but is also available via the logs-get-property
trigger for alternative schedulers.
dokku logs:set node-js-app max-size 20m\n
The default value may be set by passing an empty value for the option:
dokku logs:set node-js-app max-size\n
Valid values include any integer number followed by a unit of measure (k
, m
, or g
) or the string unlimited
. Setting to unlimited
will result in Dokku omitting the log option.
The max-size
property can also be set globally. The global default is 10m
, and the global value is used when no app-specific value is set.
dokku logs:set --global max-size 20m\n
The default value may be set by passing an empty value for the option.
dokku logs:set --global max-size\n
"},{"location":"deployment/logs/#vector-logging-shipping","title":"Vector Logging Shipping","text":"New
Introduced in 0.22.6
Vector is an open-source, lightweight and ultra-fast tool for building observability pipelines. Dokku integrates with it for shipping container logs for the docker-local
scheduler. Users may configure log-shipping on a per-app or global basis, neither of which interfere with the dokku logs
commands.
Warning
While the default vector image may be updated over time, this will not impact running vector containers. Users are encouraged to view any Dokku and Vector changelogs to ensure their system will continue running as expected.
Vector may be started via the logs:vector-start
command.
dokku logs:vector-start\n
This will start a new container named vector
with Dokku's vector config mounted and ready for use. If a running container already exists, this command will do nothing. Additionally, if a container exists but is not running, this command will attempt to start the container.
While the default vector image is hardcoded, users may specify an alternative via the --vector-image
flag:
dokku logs:vector-start --vector-image timberio/vector:latest-debian\n
The vector
container will be started with the following volume mounts:
/var/lib/dokku/data/logs/vector.json:/etc/vector/vector.json
/var/run/docker.sock:/var/run/docker.sock
/var/log/dokku/apps:/var/log/dokku/apps
The final volume mount - /var/log/dokku/apps
- may be used for users that wish to ship logs to a file on disk that may be later logrotated. This directory is owned by the dokku
user and group, with permissions set to 0755
. At this time, log-rotation is not configured for this directory.
Vector may be stopped via the logs:vector-stop
command.
dokku logs:vector-stop\n
The vector
container will be stopped and removed from the system. If the container is not running, this command will do nothing.
It may be necessary to check the vector container's logs to ensure that vector is operating as expected. This can be performed with the logs:vector-logs
command.
dokku logs:vector-logs\n
This command also supports the following modifiers:
--num NUM # the number of lines to display\n--tail # continually stream logs\n
You can use these modifiers as follows:
dokku logs:vector-logs --tail --num 10\n
The above command will show logs continually from the vector container, with an initial history of 10 log lines
"},{"location":"deployment/logs/#changing-the-vector-image","title":"Changing the vector image","text":"Dokku integrates with a Vector docker image version that is known to be compatible with the documentation. In some cases, it may be useful to specify an alternative image version. To do so, set the global vector-image
property.
dokku logs:set --global vector-image timberio/vector:0.35.X-debian\n
Once set, the vector container will need to be stopped and then started. Note that specifying the --vector-image
flag on the logs:vector-start
will override the setting.
dokku logs:vector-stop\ndokku logs:vector-start\n
Setting this to an empty string will reset the version to the version currently compatible with the Dokku installation.
dokku logs:set --global vector-image\n
"},{"location":"deployment/logs/#configuring-a-log-sink","title":"Configuring a log sink","text":"Vector uses the concept of log \"sinks\" to send logs to a given endpoint. Log sinks may be configured globally or on a per-app basis by specifying a vector-sink
in DSN form with the logs:set
command. Specifying a sink value will reload any running vector container.
# setting the sink value in quotes is encouraged to avoid\n# issues with ampersand encoding in shell commands\ndokku logs:set node-js-app vector-sink \"console://?encoding[codec]=json\"\n
A sink may be removed by setting an empty value, which will also reload the running vector container.
dokku logs:set node-js-app vector-sink\n
Only one sink may be specified on a per-app basis at a given time.
Log sinks can also be specified globally by specifying the --global
flag to logs:set
with no app name specified:
dokku logs:set --global vector-sink \"console://?encoding[codec]=json\"\n
As with app-specific sink settings, the global value may also be cleared by setting no value.
dokku logs:set --global vector-sink\n
"},{"location":"deployment/logs/#log-sink-dsn-format","title":"Log Sink DSN Format","text":"The DSN form of a sink is as follows:
SINK_TYPE://?SINK_OPTIONS\n
Valid values for SINK_TYPE
include all log vector log sinks, while SINK_OPTIONS
is a query-string form for the sink's options. The following is a short description on how to set various values:
bool
: form: key=bool
string
: form: key=string
int
: form: key=int
[string]
: form: key[]=string
[int]
: form: key[]=int
table
: form: option[key]=value
For some sinks - such as the http
sink - it may be useful to use special characters such as &
. These characters must be url escaped as per RFC 3986.
# the following command will set the `http` sink with a uri config value\n# for a uri config value: https://loggerservice.com:1234/?token=abc1234&type=vector\n# the url quoted version: https%3A//loggerservice.com%3A1234/%3Ftoken%3Dabc1234%26type%3Dvector\ndokku logs:set test vector-sink \"http://?uri=https%3A//loggerservice.com%3A1234/%3Ftoken%3Dabc1234%26type%3Dvector\"\n
Please read the sink documentation for your sink of choice to configure the sink as desired.
"},{"location":"deployment/remote-commands/","title":"Remote Commands","text":"Dokku commands can be run over SSH. Anywhere you would run dokku <command>
, just run ssh -t dokku@dokku.me <command>
The -t
is used to request a pty. It is highly recommended to do so. To avoid the need to type the -t
option each time, create/modify a section in the .ssh/config
on the client side, as follows:
Host dokku.me\n RequestTTY yes\n
"},{"location":"deployment/remote-commands/#behavioral-modifiers","title":"Behavioral modifiers","text":"Dokku also supports certain command line arguments that augment its behavior. If using these over SSH, you must use the form ssh -t dokku@dokku.me -- <command>
to avoid SSH interpreting Dokku arguments for itself.
--quiet suppress output headers\n--trace enable DOKKU_TRACE for current execution only\n--force force flag. currently used in apps:destroy and other \":destroy\" commands\n
"},{"location":"deployment/remote-commands/#official-client","title":"Official Client","text":"You may optionally use the official client when connecting to the Dokku server.
Of all methods, this is the most official method of interacting with your Dokku installation. It is a bash script that interacts with a remote Dokku installation via ssh
. It is available in contrib/dokku_client.sh
in the root of the Dokku repository.
It can be installed either via the Homebrew package manager (macOS only), or manually.
"},{"location":"deployment/remote-commands/#installation-via-homebrew","title":"Installation via Homebrew","text":"To install, simply run the following command:
brew install dokku/repo/dokku\n
"},{"location":"deployment/remote-commands/#manual-installation","title":"Manual installation","text":"To install manually, simply clone the Dokku repository down and add the dokku
alias pointing at the script:
git clone git@github.com:dokku/dokku.git ~/.dokku\n\n# optional: make sure that the dokku_client.sh version matches your Dokku version\ncd ~/.dokku\ngit checkout <tag/branch>\n\n# add the following to either your\n# .bashrc, .bash_profile, or .profile file\nalias dokku='$HOME/.dokku/contrib/dokku_client.sh'\n
Alternatively, if using another shell such as zsh, create an alias command which invokes the script using bash:
# zsh: add the following to either .zshenv or .zshrc\nalias dokku='bash $HOME/.dokku/contrib/dokku_client.sh'\n\n# fish: add the following to ~/.config/fish/config.fish\nalias dokku 'bash $HOME/.dokku/contrib/dokku_client.sh'\n\n# csh: add the following to .cshrc\nalias dokku 'bash $HOME/.dokku/contrib/dokku_client.sh'\n
"},{"location":"deployment/remote-commands/#usage","title":"Usage","text":"All commands have the application name automatically set via the --app
flag on the remote server, and thus the app name does not need to be specified manually for core plugins.
The client supports several environment variables:
DOKKU_HOST
(default: dokku
git remote): Used to interact with a specific remote server. Can be overridden via the --remote
flag.DOKKU_PORT
(default: 22
): Used to specify a port to connect to the Dokku server on.It also supports several flags (all flags unspecified here are passed as is to the server):
--app
: Override the remote app in use.--trace
: Enable trace mode.--remote
: Override the remote server.--global
: Unsets the \"app\" value. May not be supported for the specified command.In addition, the following commands have special local side-effects:
apps:create
:--app
flag is specified or detected from a dokku
git remote, a random name is generated and used for the app.dokku
git remote is set if not already set.apps:destroy
:dokku
git remote if set.While many users will only ever push to a single dokku remote from a given repository, it may be useful to point the same repository at multiple remotes, especially in the case of pre-production environments. This can be done via the remote
commands. These commands are only available within the official remote client, and are not server-side commands.
To see your currently configured remote, run dokku remote
. This will respect the --remote
flag.
To list all available remotes, run dokku remote:list
. This is equivalent to running git remote
.
To add a remote, run dokku remote:add $REMOTE_NAME dokku@dokku.me:$APP_NAME
, replacing $REMOTE_NAME
with your desired remote name, the $APP_NAME
with your desired app name and the host dokku.me
with your Dokku host. This is equivalent to running git remote add $REMOTE_NAME dokku@dokku.me:$APP_NAME
.
To remove a remote, run dokku remote:remove $REMOTE_NAME
. This is equivalent to running git remote remove $REMOTE_NAME
.
By default, the remote in use is dokku
. To change the remote the client uses by default, run dokku remote:set $REMOTE_NAME
, where $REMOTE_NAME
is the name of your desired remote. This will not check the value specified, so that remote must be available or errors will occur when running normal client commands. Note that specifying --remote
when running dokku commands will override this configuration value.
To clear the configured remote, run dokku remote:unset
. The client will unset the configured remote, and will default back to dokku
, or the value of --remote
if specified.
Please refer to the community clients list for more details.
"},{"location":"deployment/user-management/","title":"User Management","text":"New
Introduced in 0.7.0
ssh-keys:add <name> [/path/to/key] # Add a new public key by pipe or path\nssh-keys:list [--format text|json] [<name>] # List of all authorized Dokku public ssh keys\nssh-keys:remove [--fingerprint fingerprint|<name>] # Remove SSH public key by name\n
When pushing to Dokku, SSH key-based authorization is the preferred authentication method, for ease of use and increased security.
Users in Dokku are managed via the ~/dokku/.ssh/authorized_keys
file. It is highly recommended that you follow the steps below to manage users on a Dokku server.
Info
Users of older versions of Dokku may use the sshcommand
binary to manage keys instead of the ssh-keys
plugin. Please refer to the Dokku documentation for your version for more details.
You can use the ssh-keys:list
command to show all configured SSH keys.
dokku ssh-keys:list\n
SHA256:ABC123ABC123+abc123abc123Zabc123abcZ123abc NAME=\"admin\" SSHCOMMAND_ALLOWED_KEYS=\"no-agent-forwarding,no-user-rc,no-X11-forwarding,no-port-forwarding\"\n
The output contains the following information:
KEY_NAME
.SSHCOMMAND_ALLOWED_KEYS
name.New
Introduced in 0.20.2
The keys for a specific user may be listed by specifying a second argument to the ssh-keys:list
command:
dokku ssh-keys:list admin\n
New
Introduced in 0.22.3
The output format may be specified via the --format
flag. Supported values include json
and text
.
dokku ssh-keys:list --format json\n
This can additionally be used to filter to keys for a particular user:
dokku ssh-keys:list --format json admin\n
"},{"location":"deployment/user-management/#adding-ssh-keys","title":"Adding SSH keys","text":"You can add your public key to Dokku with the ssh-keys:add
command. The path specified must contain your desired public ssh key contents and must exist on the server. Any special characters - such as ~
- are interpreted under the dokku
user context. The output will be the fingerprint of the SSH key:
dokku ssh-keys:add KEY_NAME path/to/id_rsa.pub\n
SHA256:ABC123ABC123+abc123abc123Zabc123abcZ123abc\n
KEY_NAME
is the name you want to use to refer to this particular key. Including the word admin
in the name will grant the user privileges to add additional keys remotely.
Info
KEY_NAME
is a unique name which is used to identify public keys. Attempting to re-use a key name will result in an error. The SSH (Git) user is always dokku
, as this is the system user that the dokku
binary uses to perform all its actions.
Alternatively, you may pipe the contents of your ssh key via cat
or echo
into the ssh-keys:add
command instead of specifying a path to the ssh key:
echo \"$CONTENTS_OF_YOUR_PUBLIC_SSH_KEY_HERE\" | dokku ssh-keys:add KEY_NAME\n
SHA256:ABC123ABC123+abc123abc123Zabc123abcZ123abc\n
cat path/to/id_rsa.pub | dokku ssh-keys:add KEY_NAME\n
SHA256:ABC123ABC123+abc123abc123Zabc123abcZ123abc\n
Admin users and root can add keys remotely by specifying the dokku
bin on their ssh
command:
cat ~/.ssh/id_rsa.pub | ssh root@dokku.me dokku ssh-keys:add KEY_NAME\n
If you are using the Vagrant installation, you can also use the make vagrant-acl-add
target to add your public key to Dokku (it will use your host username as the USER
):
cat ~/.ssh/id_rsa.pub | make vagrant-acl-add\n
"},{"location":"deployment/user-management/#removing-ssh-keys","title":"Removing SSH keys","text":"As key names are unique, they can be used to remove a public SSH key.
dokku ssh-keys:remove KEY_NAME\n
An SSH Key can also be removed by fingerprint.
dokku ssh-keys:remove --fingerprint FINGERPRINT\n
"},{"location":"deployment/user-management/#scoping-commands-to-specific-users","title":"Scoping commands to specific users","text":"Support for scoping commands to specific users can be added through plugins that take advantage of the user-auth plugin trigger to handle command authorization. See also the list of community-provided plugins.
"},{"location":"deployment/user-management/#granting-other-unix-user-accounts-dokku-access","title":"Granting other Unix user accounts Dokku access","text":"Any Unix user account which belongs to the sudo
Unix group can run Dokku. However, you may want to give them Dokku access but not full sudo privileges.
To allow other Unix user accounts to be able to run Dokku commands, without giving them full sudo access, modify your sudoers configuration.
Use visudo /etc/sudoers.d/dokku-users
, or visudo /etc/sudoers
to add the following line:
%dokku ALL=(ALL:ALL) NOPASSWD:SETENV: /usr/bin/dokku\n
"},{"location":"deployment/zero-downtime-deploys/","title":"Zero Downtime Deploy Checks","text":"New
Introduced in 0.5.0
checks:disable <app> [process-type(s)] Disable zero-downtime deployment for all processes (or comma-separated process-type list) ***WARNING: this will cause downtime during deployments***\nchecks:enable <app> [process-type(s)] Enable zero-downtime deployment for all processes (or comma-separated process-type list)\nchecks:report [<app>] [<flag>] Displays a checks report for one or more apps\nchecks:run <app> [process-type(s)] Runs zero-downtime checks for all processes (or comma-separated process-type list)\nchecks:set [--global|<app>] <key> <value> Set or clear a logs property for an app\nchecks:skip <app> [process-type(s)] Skip zero-downtime checks for all processes (or comma-separated process-type list)\n
By default, Dokku will wait 10
seconds after starting each container before assuming it is up and proceeding with the deploy. Once this has occurred for all containers started by an application, traffic will be switched to point to your new containers. Dokku will also wait a further 60
seconds after the deploy is complete before terminating old containers in order to give time for long running connections to terminate. In either case, you may have more than one container running for a given application.
You may both create user-defined checks for web processes using the healthchecks
key in the app.json
file, as well as customize any and all parts of this experience using the checks plugin.
Info
Web checks are performed via curl
on Dokku host. Some application code - such as the Django framework - checks for specific hostnames or header values, these checks will fail. To avoid this:
After a successful deploy, the grace period given to old containers before they are stopped/terminated is determined by the value of wait-to-retire
. This is useful for ensuring completion of long-running HTTP connections.
dokku checks:set node-js-app wait-to-retire 30\n
Defaults to 60
.
config
plugin","text":"There are certain settings that can be configured via environment variables:
DOKKU_DEFAULT_CHECKS_WAIT
: (default: 10
) If no user-defined checks are specified - or if the process being checked is not a web
process - this is the period of time Dokku will wait before checking that a container is still running.DOKKU_DOCKER_STOP_TIMEOUT
: (default: 10
) Configurable grace period given to the docker stop
command. If a container has not stopped by this time, a kill -9
signal or equivalent is sent in order to force-terminate the container. Both the ps:stop
and apps:destroy
commands also respect this value. If not specified, the Docker defaults for the docker stop
command will be used.The following settings may also be specified in the app.json
file, though are available as environment variables in order to ease application reuse.
DOKKU_CHECKS_WAIT
: (default: 5
) Wait this many seconds for the container to start before running checks.DOKKU_CHECKS_TIMEOUT
: (default: 30
) Wait this many seconds for each response before marking it as a failure.DOKKU_CHECKS_ATTEMPTS
: (default: 5
) Number of retries for to run for a specific check before marking it as a failureInfo
Note that checks:disable
will now (as of 0.6.0) cause downtime for that process-type during deployments. Previously, it acted as checks:skip
currently does.
You can choose to skip checks completely on a per-application/per-process basis. Skipping checks will avoid the default 10 second waiting period entirely, as well as any other user-defined checks.
ShellOutput# process type specification is optional\ndokku checks:skip node-js-app worker,web\n
-----> Skipping zero downtime for app's (node-js-app) proctypes (worker,web)\n-----> Unsetting node-js-app\n-----> Unsetting DOKKU_CHECKS_DISABLED\n-----> Setting config vars\n DOKKU_CHECKS_SKIPPED: worker,web\n
Zero downtime checks can also be disabled completely. This will stop old containers before new ones start, which may result in broken connections and downtime if your application fails to boot properly.
ShellOutputdokku checks:disable node-js-app worker\n
-----> Disabling zero downtime for app's (node-js-app) proctypes (worker)\n-----> Setting config vars\n DOKKU_CHECKS_DISABLED: worker\n-----> Setting config vars\n DOKKU_CHECKS_SKIPPED: web\n
"},{"location":"deployment/zero-downtime-deploys/#displaying-checks-reports-for-an-app","title":"Displaying checks reports for an app","text":"New
Introduced in 0.8.1
You can get a report about the app's checks status using the checks:report
command:
dokku checks:report\n
=====> node-js-app checks information\n Checks disabled list: none\n Checks skipped list: none\n Checks computed wait to retire: 60\n Checks global wait to retire: 60\n Checks wait to retire:\n=====> python-app checks information\n Checks disabled list: none\n Checks skipped list: none\n Checks computed wait to retire: 60\n Checks global wait to retire: 60\n Checks wait to retire:\n=====> ruby-app checks information\n Checks disabled list: _all_\n Checks skipped list: none\n Checks computed wait to retire: 60\n Checks global wait to retire: 60\n Checks wait to retire:\n
You can run the command for a specific app also.
ShellOutputdokku checks:report node-js-app\n
=====> node-js-app checks information\n Checks disabled list: none\n Checks skipped list: none\n Checks computed wait to retire: 60\n Checks global wait to retire: 60\n Checks wait to retire:\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku checks:report node-js-app --checks-disabled-list\n
"},{"location":"deployment/zero-downtime-deploys/#customizing-checks","title":"Customizing checks","text":"New
Introduced in 0.31.0
If your application needs a longer period to boot up - perhaps to load data into memory, or because of slow boot time - you may also use Dokku's checks
functionality to more precisely check whether an application can serve traffic or not.
Healthchecks are run against all process from your application's Procfile
. When no healthcheck is defined, Dokku will fallback to a process uptime check.
One or more healthchecks can be defined in the app.json
file - see the deployment task documentation for more information on how this is extracted - under the healthchecks.web
path:
{\n \"healthchecks\": {\n \"web\": [\n {\n \"type\": \"startup\",\n \"name\": \"web check\",\n \"description\": \"Checking if the app responds to the /health/ready endpoint\",\n \"path\": \"/health/ready\",\n \"attempts\": 3\n }\n ]\n }\n}\n
A healthcheck entry takes the following properties:
attempts
: (default: 3
) Number of retry attempts to perform on failure.command
: (default ''
- empty string) Command to execute within container.content
: (default: ''
- empty string) Content to search in http path check output.initialDelay
: (default: 0, unit: seconds) Number of seconds to wait after a container has started before triggering the healthcheck.name
: (default: autogenerated) The name of the healthcheck. If unspecified, it will be autogenerated from the rest of the healthcheck information.path
: (default: /
- for http checks): An http path to check.port
: (default: 5000
): Port to run healthcheck against.timeout
: (default: 5
seconds): Number of seconds to wait before timing out a healthcheck.type
: (default: \"\"
- none): Type of the healthcheck. Options: liveness, readiness, startup.uptime
: (default: \"\"
- none): Amount of time the container must be alive before the container is considered healthy. Any restarts will cause this to check to fail, and this check does not respect retries.wait
: (default: 5
seconds): Number of seconds to wait between healthcheck attempts.Warning
Healthchecks are implemented by specific scheduler plugins, and not all plugins support all options. Please consult the scheduler documentation for further details on what is supported.
See the docker-container-healthchecker documentation for more details on how healthchecks are interpreted.
"},{"location":"deployment/zero-downtime-deploys/#manually-invoking-checks","title":"Manually invoking checks","text":"Checks can also be manually invoked via the checks:run
command. This can be used to check the status of an application via cron to provide integration with external healthchecking software.
Checks are run against a specific application:
ShellOutputdokku checks:run APP\n
-----> Running pre-flight checks\n-----> Running checks for app (APP.web.1)\n For more efficient zero downtime deployments, create a file CHECKS.\n See https://dokku.com/docs/deployment/zero-downtime-deploys/ for examples\n CHECKS file not found in container: Running simple container check...\n-----> Waiting for 10 seconds ...\n-----> Default container check successful!\n-----> Running checks for app (APP.web.2)\n For more efficient zero downtime deployments, create a file CHECKS.\n See https://dokku.com/docs/deployment/zero-downtime-deploys/ for examples\n CHECKS file not found in container: Running simple container check...\n-----> Waiting for 10 seconds ...\n-----> Default container check successful!\n-----> Running checks for app (APP.worker.1)\n For more efficient zero downtime deployments, create a file CHECKS.\n See https://dokku.com/docs/deployment/zero-downtime-deploys/ for examples\n CHECKS file not found in container: Running simple container check...\n-----> Waiting for 10 seconds ...\n-----> Default container check successful!\n
Checks can be scoped to a particular process type:
ShellOutputdokku checks:run node-js-app worker\n
-----> Running pre-flight checks\n-----> Running checks for app (APP.worker.1)\n For more efficient zero downtime deployments, create a file CHECKS.\n See https://dokku.com/docs/deployment/zero-downtime-deploys/ for examples\n CHECKS file not found in container: Running simple container check...\n-----> Waiting for 10 seconds ...\n-----> Default container check successful!\n
An app process ID may also be specified:
ShellOutputdokku checks:run node-js-app web.2\n
-----> Running pre-flight checks\n-----> Running checks for app (APP.web.2)\n For more efficient zero downtime deployments, create a file CHECKS.\n See https://dokku.com/docs/deployment/zero-downtime-deploys/ for examples\n CHECKS file not found in container: Running simple container check...\n-----> Waiting for 10 seconds ...\n-----> Default container check successful!\n
Non-existent process types will result in an error:
ShellOutputdokku checks:run node-js-app non-existent\n
-----> Running pre-flight checks\nInvalid process type specified (APP.non-existent)\n
Non-existent process IDs will also result in an error
ShellOutputdokku checks:run node-js-app web.3\n
-----> Running pre-flight checks\nInvalid container id specified (APP.web.3)\n
"},{"location":"deployment/builders/builder-management/","title":"Builder Management","text":"New
Introduced in 0.24.0
builder:report [<app>] [<flag>] # Displays a builder report for one or more apps\nbuilder:set <app> <key> (<value>) # Set or clear a builder property for an app\n
Builders are a way of customizing how an app is built from a source, allowing users flexibility in how artifacts are created for later scheduling.
"},{"location":"deployment/builders/builder-management/#usage","title":"Usage","text":""},{"location":"deployment/builders/builder-management/#builder-selection","title":"Builder selection","text":"Dokku supports the following built-in builders:
builder-dockerfile
: Builds apps using a Dockerfile
via docker build
. See the dockerfile builder documentation for more information on how this builder functions.builder-herokuish
: Builds apps with Heroku's v2a Buildpack specification via gliderlabs/herokuish
. See the herokuish builder documentation for more information on how this builder functions.builder-lambda
: Builds AWS Lambda functions in an environment simulating AWS Lambda runtimes via lambda-builder. See the lambda builder documentation for more information on how this builder functions.builder-null
: Does nothing during the build phase. See the null builder documentation for more information on how this builder functions.builder-pack
: Builds apps with Cloud Native Buildpacks via the pack-cli
tool. See the cloud native buildpacks builder documentation for more information on how this builder functions.Builders run a detection script against a source code repository, and the first detected builder will be used to build the app artifact. The exception to this is when a Dockerfile
is detected and the app is also able to use either herokuish
or pack-cli
for building, in which case one of the latter will be chosen.
If desired, the builder can be specified via the builder:set
command by specifying a value for selected
. The selected builder will always be used.
dokku builder:set node-js-app selected dockerfile\n
The default value may be set by passing an empty value for the option:
dokku builder:set node-js-app selected\n
The selected
property can also be set globally. The global default is an empty string, and auto-detection will be performed when no value is set per-app or globally.
dokku builder:set --global selected herokuish\n
Warning
Selecting a global builder will result in all applications using that builder unless a manual override is selected.
The default value may be set by passing an empty value for the option.
dokku builder:set --global selected\n
"},{"location":"deployment/builders/builder-management/#changing-the-build-directory","title":"Changing the build directory","text":"Warning
Please keep in mind that setting a custom build directory will result in loss of any changes to the top-level directory, such as the git.keep-git-dir
property.
When deploying a monorepo, it may be desirable to specify the specific build directory to use for a given app. This can be done via the builder:set
command. If a value is specified and that directory does not exist within the repository, the build will fail.
dokku builder:set node-js-app build-dir app2\n
The default value may be set by passing an empty value for the option:
dokku builder:set node-js-app build-dir\n
The build-dir
property can also be set globally. The global default is empty string, and the global value is used when no app-specific value is set.
dokku builder:set --global build-dir app2\n
The default value may be set by passing an empty value for the option.
dokku builder:set --global build-dir\n
"},{"location":"deployment/builders/builder-management/#displaying-builder-reports-for-an-app","title":"Displaying builder reports for an app","text":"You can get a report about the app's builder status using the builder:report
command:
dokku builder:report\n
=====> node-js-app builder information\n Builder build dir: custom\n Builder computed build dir: custom\n Builder computed selected: herokuish\n Builder global build dir:\n Builder global selected: herokuish\n Builder selected: herokuish\n=====> python-sample builder information\n Builder build dir:\n Builder computed build dir:\n Builder computed selected: dockerfile\n Builder global build dir:\n Builder global selected: herokuish\n Builder selected: dockerfile\n=====> ruby-sample builder information\n Builder build dir:\n Builder computed build dir:\n Builder computed selected: herokuish\n Builder global build dir:\n Builder global selected: herokuish\n Builder selected:\n
You can run the command for a specific app also.
ShellOutputdokku builder:report node-js-app\n
=====> node-js-app builder information\n Builder selected: herokuish\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku builder:report node-js-app --builder-selected\n
"},{"location":"deployment/builders/builder-management/#custom-builders","title":"Custom builders","text":"To create a custom builder, the following triggers must be implemented:
builder-build
:BUILDER_TYPE
APP
SOURCECODE_WORK_DIR
common#get_app_image_name $APP
.builder-detect
:APP
SOURCECODE_WORK_DIR
builder-
prefix) to use to build the app.builder-release
:BUILDER_TYPE
APP
IMAGE_AG
Custom plugins names must have the prefix builder-
or builder overriding via builder:set
may not function as expected.
Builders can use any tools available on the system to build the docker image, and may even be used to schedule building off-server. The only current requirement is that the image must exist on the server at the end of the builder-build
command, though this requirement may be relaxed in a future release.
For a simple example of how to implement this trigger, see builder-pack
, which utilizes a cli tool - pack-cli
- to generate an OCI image that is compatible with Docker and can be scheduled by the official scheduling plugins.
New
Introduced in 0.22.0
builder-pack:report [<app>] [<flag>] # Displays a builder-pack report for one or more apps\nbuilder-pack:set <app> <key> (<value>) # Set or clear a builder-pack property for an app\n
buildpacks:set-property [--global|<app>] <key> <value> # Set or clear a buildpacks property for an app\n
Cloud Native Buildpacks are an evolution over the Buildpacks technology provided by the Herokuish builder. See the herokuish buildpacks documentation for more information on how to clear buildpack build cache for an application.
Warning
This functionality uses the pack
cli from the Cloud Native Buildpacks project to build apps. As the integration is experimental in Dokku, it is likely to change over time.
The pack
cli tool is not included by default with Dokku or as a dependency. It must also be installed as shown on this page.
Builds will proceed with the pack
cli for the app from then on.
As this functionality is highly experimental, there are a number of caveats. Please note that not all issues are listed below.
buildpacks
plugin.pack
cli invocations.web
.repo:purge-cache
currently has no effect.repo
plugin.pack
is not currently included with Dokku, nor is it added as a package dependency.This builder will be auto-detected in either the following cases:
The DOKKU_CNB_EXPERIMENTAL
app environment variable is set to 1
.
dokku config:set --no-restart node-js-app DOKKU_CNB_EXPERIMENTAL=1\n
A project.toml
file exists in the root of the app repository.
pack-cli
and used to describe how the app is built.The builder can also be specified via the builder:set
command:
dokku builder:set node-js-app selected pack\n
Info
Dokku will only select the dockerfile
builder if both the herokuish
and pack
builders are not detected and a Dockerfile exists. See the dockerfile builder documentation for more information on how that builder functions.
project.toml
location","text":"The project.toml
is expected to be found in a specific directory, depending on the deploy approach:
WORKDIR
of the Docker image for deploys resulting from git:from-image
and git:load-image
commands.git:from-archive
, git:sync
).Sometimes it may be desirable to set a different path for a given app, e.g. when deploying from a monorepo. This can be done via the projecttoml-path
property:
dokku builder-pack:set node-js-app projecttoml-path .dokku/project.toml\n
The value is the path to the desired file relative to the base search directory, and will never be treated as absolute paths in any context. If that file does not exist within the repository, Dokku will continue the build process as if the repository has no project.toml
.
The default value may be set by passing an empty value for the option:
dokku builder-pack:set node-js-app projecttoml-path\n
The projecttoml-path
property can also be set globally. The global default is project.toml
, and the global value is used when no app-specific value is set.
dokku builder-pack:set --global projecttoml-path project2.toml\n
The default value may be set by passing an empty value for the option.
dokku builder-pack:set --global projecttoml-path\n
"},{"location":"deployment/builders/cloud-native-buildpacks/#displaying-builder-pack-reports-for-an-app","title":"Displaying builder-pack reports for an app","text":"New
Introduced in 0.25.0
You can get a report about the app's storage status using the builder-pack:report
command:
dokku builder-pack:report\n
=====> node-js-app builder-pack information\n Builder pack computed projecttoml path: project2.toml\n Builder pack global projecttoml path: project.toml\n Builder pack projecttoml path: project2.toml\n=====> python-sample builder-pack information\n Builder pack computed projecttoml path: project.toml\n Builder pack global projecttoml path: project.toml\n Builder pack projecttoml path:\n=====> ruby-sample builder-pack information\n Builder pack computed projecttoml path: project.toml\n Builder pack global projecttoml path: project.json\n Builder pack projecttoml path:\n
You can run the command for a specific app also.
ShellOutputdokku builder-pack:report node-js-app\n
=====> node-js-app builder-pack information\n Builder pack computed projecttoml path: project2.toml\n Builder pack global projecttoml path: project.toml\n Builder pack projecttoml path: project2.toml\n
You can pass flags which will output only the value of the specific information you want. For example:
ShellOutputdokku builder-pack:report node-js-app --builder-pack-projecttoml-path\n
project2.toml\n
"},{"location":"deployment/builders/cloud-native-buildpacks/#customizing-the-buildpack-stack-builder","title":"Customizing the Buildpack stack builder","text":"New
Introduced in 0.23.0
The default stack builder in use by CNB buildpacks in Dokku is based on heroku/builder:24
. Users may desire to switch the stack builder to a custom version, either to update the operating system or to customize packages included with the stack builder. This can be performed via the buildpacks:set-property
command.
dokku buildpacks:set-property node-js-app stack paketobuildpacks/build:base-cnb\n
The specified stack builder can also be unset by omitting the name of the stack builder when calling buildpacks:set-property
.
dokku buildpacks:set-property node-js-app stack\n
A change in the stack builder value will execute the post-stack-set
trigger.
Finally, stack builders can be set or unset globally as a fallback. This will take precedence over a globally set DOKKU_CNB_BUILDER
environment variable (heroku/builder:24
by default).
# set globally\ndokku buildpacks:set-property --global stack paketobuildpacks/build:base-cnb\n\n# unset globally\ndokku buildpacks:set-property --global stack\n
"},{"location":"deployment/builders/cloud-native-buildpacks/#specifying-commands-via-procfile","title":"Specifying commands via Procfile","text":"See the Procfile documentation for more information on how to specify different processes for your app.
"},{"location":"deployment/builders/dockerfiles/","title":"Dockerfile Deployment","text":"New
Introduced in 0.3.15
builder-dockerfile:report [<app>] [<flag>] # Displays a builder-dockerfile report for one or more apps\nbuilder-dockerfile:set <app> <key> (<value>) # Set or clear a builder-dockerfile property for an app\n
While Dokku normally defaults to using Heroku buildpacks for deployment, you can also use Docker's native Dockerfile
system to define a container.
Info
Dockerfile support is considered a power user feature. By using Dockerfile-based deployment, you agree that you will not have the same comfort as that enjoyed by buildpack users, and Dokku features may work differently. Differences between the two systems will be documented here.
"},{"location":"deployment/builders/dockerfiles/#usage","title":"Usage","text":""},{"location":"deployment/builders/dockerfiles/#detection","title":"Detection","text":"This builder will be auto-detected in the following case:
Dockerfile
exists in the root of the app repository.Dokku will only select the dockerfile
builder if both the herokuish
and pack
builders are not detected and a Dockerfile exists. For more information on how those are detected, see the following links:
If an application was previously deployed via buildpacks and ports were customized, the following commands should be run prior to a deploy to ensure the Dockerfile ports are respected:
dokku ports:clear node-js-app\n
"},{"location":"deployment/builders/dockerfiles/#changing-the-dockerfile-location","title":"Changing the Dockerfile
location","text":"Info
The previous method to perform this - via docker-options:add
- should be removed in favor of the builder-dockerfile:set
command outlined here.
The Dockerfile
is expected to be found in a specific directory, depending on the deploy approach:
WORKDIR
of the Docker image for deploys resulting from git:from-image
and git:load-image
commands.git:from-archive
, git:sync
).Sometimes it may be desirable to set a different path for a given app, e.g. when deploying from a monorepo. This can be done via the dockerfile-path
property:
dokku builder-dockerfile:set node-js-app dockerfile-path .dokku/Dockerfile\n
The value is the path to the desired file relative to the base search directory, and will never be treated as absolute paths in any context. If that file does not exist within the repository, the build will fail.
The default value may be set by passing an empty value for the option:
dokku builder-dockerfile:set node-js-app dockerfile-path\n
The dockerfile-path
property can also be set globally. The global default is Dockerfile
, and the global value is used when no app-specific value is set.
dokku builder-dockerfile:set --global dockerfile-path Dockerfile2\n
The default value may be set by passing an empty value for the option.
dokku builder-dockerfile:set --global dockerfile-path\n
"},{"location":"deployment/builders/dockerfiles/#displaying-builder-dockerfile-reports-for-an-app","title":"Displaying builder-dockerfile reports for an app","text":"New
Introduced in 0.25.0
You can get a report about the app's storage status using the builder-dockerfile:report
command:
dokku builder-dockerfile:report\n
=====> node-js-app builder-dockerfile information\n Builder dockerfile computed dockerfile path: Dockerfile2\n Builder dockerfile global dockerfile path: Dockerfile\n Builder dockerfile dockerfile path: Dockerfile2\n=====> python-sample builder-dockerfile information\n Builder dockerfile computed dockerfile path: Dockerfile\n Builder dockerfile global dockerfile path: Dockerfile\n Builder dockerfile dockerfile path:\n=====> ruby-sample builder-dockerfile information\n Builder dockerfile computed dockerfile path: Dockerfile\n Builder dockerfile global dockerfile path: Dockerfile\n Builder dockerfile dockerfile path:\n
You can run the command for a specific app also.
ShellOutputdokku builder-dockerfile:report node-js-app\n
=====> node-js-app builder-dockerfile information\n Builder dockerfile computed dockerfile path: Dockerfile2\n Builder dockerfile global dockerfile path: Dockerfile\n Builder dockerfile dockerfile path: Dockerfile2\n
You can pass flags which will output only the value of the specific information you want. For example:
ShellOutputdokku builder-dockerfile:report node-js-app --builder-dockerfile-dockerfile-path\n
Dockerfile2\n
"},{"location":"deployment/builders/dockerfiles/#build-time-configuration-variables","title":"Build-time configuration variables","text":"For security reasons - and as per Docker recommendations - Dockerfile-based deploys have variables available only during runtime.
For users that require customization in the build
phase, you may use build arguments via the docker-options plugin. All environment variables set by the config
plugin are automatically exported during a docker build, and thus --build-arg
only requires setting a key without a value.
dokku docker-options:add node-js-app build '--build-arg NODE_ENV'\n
Once set, the Dockerfile usage would be as follows:
FROM ubuntu:24.04\n\n# set the argument default\nARG NODE_ENV=production\n\n# use the argument\nRUN echo $NODE_ENV\n
You may also set the argument as an environment variable
FROM ubuntu:24.04\n\n# set the argument default\nARG NODE_ENV=production\n\n# assign it to an environment variable\n# we can wrap the variable in brackets\nENV NODE_ENV ${NODE_ENV}\n\n# or omit them completely\n\n# use the argument\nRUN echo $NODE_ENV\n
"},{"location":"deployment/builders/dockerfiles/#building-images-with-docker-buildkit","title":"Building images with Docker BuildKit","text":"If your Dockerfile is using Docker Engine's BuildKit (not to be confused with buildpacks), then the DOCKER_BUILDKIT=1
environment variable needs to be set (unless you're using Docker Engine v24 or higher, which uses BuildKit by default). Additionally, complete build log output can be forced via BUILDKIT_PROGRESS=plain
. Both of these environment variables can be set as follows:
echo \"export DOCKER_BUILDKIT=1\" | sudo tee -a /etc/default/dokku\necho \"export BUILDKIT_PROGRESS=plain\" | sudo tee -a /etc/default/dokku\n
"},{"location":"deployment/builders/dockerfiles/#buildkit-directory-caching","title":"BuildKit directory caching","text":"BuildKit implements the RUN --mount
option, enabling mount directory caches for RUN
directives. The following is an example that mounts debian packaging related directories, which can speed up fetching of remote package data.
FROM debian:latest\nRUN --mount=target=/var/lib/apt/lists,type=cache \\\n --mount=target=/var/cache/apt,type=cache \\\n apt-get update \\\n && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \\\n git\n
Mount cache targets may vary depending on the tool in use, and users are encouraged to investigate the directories that apply for their language and framework.
You would adjust the cache directory for whatever application cache you have, e.g. /root/.pnpm-store/v3
for pnpm, $HOME/.m2
for maven, or /root/.cache
for golang.
By default no arguments are passed to docker run
when deploying the container and the CMD
or ENTRYPOINT
defined in the Dockerfile
are executed. You can take advantage of docker ability of overriding the CMD
or passing parameters to your ENTRYPOINT
setting $DOKKU_DOCKERFILE_START_CMD
. Let's say for example you are deploying a base Node.js image, with the following ENTRYPOINT
:
ENTRYPOINT [\"node\"]\n
You can do:
dokku config:set node-js-app DOKKU_DOCKERFILE_START_CMD=\"--harmony server.js\"\n
To tell Docker what to run.
Setting $DOKKU_DOCKERFILE_CACHE_BUILD
to true
or false
will enable or disable Docker's image layer cache. Lastly, for more granular build control, you may also pass any docker build
option to docker
, by setting $DOKKU_DOCKER_BUILD_OPTS
.
New
Introduced in 0.5.0
See the Procfile documentation for more information on how to specify different processes for your app.
"},{"location":"deployment/builders/dockerfiles/#exposed-ports","title":"Exposed ports","text":"See the port management documentation for more information on how Dokku exposes ports for applications and how you can configure these for your app.
"},{"location":"deployment/builders/herokuish-buildpacks/","title":"Herokuish Buildpacks","text":"New
Subcommands introduced in 0.15.0
buildpacks:add [--index 1] <app> <buildpack> # Add new app buildpack while inserting into list of buildpacks if necessary\nbuildpacks:clear <app> # Clear all buildpacks set on the app\nbuildpacks:list <app> # List all buildpacks for an app\nbuildpacks:remove <app> <buildpack> # Remove a buildpack set on the app\nbuildpacks:report [<app>] [<flag>] # Displays a buildpack report for one or more apps\nbuildpacks:set [--index 1] <app> <buildpack> # Set new app buildpack at a given position defaulting to the first buildpack if no index is specified\nbuildpacks:set-property [--global|<app>] <key> <value> # Set or clear a buildpacks property for an app\n
builder-herokuish:report [<app>] [<flag>] # Displays a builder-herokuish report for one or more apps\nbuilder-herokuish:set <app> <key> (<value>) # Set or clear a builder-herokuish property for an app\n
Warning
If using the buildpacks
plugin, be sure to unset any BUILDPACK_URL
and remove any such entries from a committed .env
file. A specified BUILDPACK_URL
will always override a .buildpacks
file or the buildpacks plugin.
Dokku normally defaults to using Heroku buildpacks for deployment, though this may be overridden by committing a valid Dockerfile
to the root of your repository and pushing the repository to your Dokku installation. To avoid this automatic Dockerfile
deployment detection, you may do one of the following:
BUILDPACK_URL
environment variabledokku config:set
or via a committed .env
file in the root of the repository. See the environment variable documentation for more details..buildpacks
file in the root of your repository..buildpacks
file or managed via the buildpacks
plugin commands.This page will cover usage of the buildpacks
plugin.
This builder will be auto-detected in either the following cases:
BUILDPACK_URL
app environment variable is set.dokku config:set
or via a committed .env
file in the root of the repository. See the environment variable documentation for more details..buildpacks
file exists in the root of the app repository..buildpacks
file or managed via the buildpacks
plugin commands.The builder can also be specified via the builder:set
command:
dokku builder:set node-js-app selected herokuish\n
Info
Dokku will only select the dockerfile
builder if both the herokuish
and pack
builders are not detected and a Dockerfile exists. See the dockerfile builder documentation for more information on how that builder functions.
The buildpacks:list
command can be used to show buildpacks that have been set for an app. This will omit any auto-detected buildpacks.
# running for an app with no buildpacks specified\ndokku buildpacks:list node-js-app\n
-----> test buildpack urls\n
# running for an app with two buildpacks specified\ndokku buildpacks:list node-js-app\n
-----> test buildpack urls\n https://github.com/heroku/heroku-buildpack-python.git\n https://github.com/heroku/heroku-buildpack-nodejs.git\n
"},{"location":"deployment/builders/herokuish-buildpacks/#adding-custom-buildpacks","title":"Adding custom buildpacks","text":"Info
Please check the documentation for your particular buildpack as you may need to include configuration files (such as a Procfile) in your project root.
To add a custom buildpack, use the buildpacks:add
command:
dokku buildpacks:add node-js-app https://github.com/heroku/heroku-buildpack-nodejs.git\n
When no buildpacks are currently specified, the specified buildpack will be the only one executed for detection and compilation.
Multiple buildpacks may be specified by using the buildpacks:add
command multiple times.
dokku buildpacks:add node-js-app https://github.com/heroku/heroku-buildpack-ruby.git\ndokku buildpacks:add node-js-app https://github.com/heroku/heroku-buildpack-nodejs.git\n
Buildpacks are executed in order, may be inserted at a specified index via the --index
flag. This flag is specified starting at a 1-index value.
# will add the golang buildpack at the second position, bumping all proceeding ones by 1 position\ndokku buildpacks:add --index 2 node-js-app https://github.com/heroku/heroku-buildpack-golang.git\n
"},{"location":"deployment/builders/herokuish-buildpacks/#overwriting-a-buildpack-position","title":"Overwriting a buildpack position","text":"In some cases, it may be necessary to swap out a given buildpack. Rather than needing to re-specify each buildpack, the buildpacks:set
command can be used to overwrite a buildpack at a given position.
dokku buildpacks:set node-js-app https://github.com/heroku/heroku-buildpack-ruby.git\n
By default, this will overwrite the first buildpack specified. To specify an index, the --index
flag may be used. This flag is specified starting at a 1-index value, and defaults to 1
.
# the following are equivalent commands\ndokku buildpacks:set node-js-app https://github.com/heroku/heroku-buildpack-ruby.git\ndokku buildpacks:set --index 1 node-js-app https://github.com/heroku/heroku-buildpack-ruby.git\n
If the index specified is larger than the number of buildpacks currently configured, the buildpack will be appended to the end of the list.
dokku buildpacks:set --index 99 node-js-app https://github.com/heroku/heroku-buildpack-ruby.git\n
"},{"location":"deployment/builders/herokuish-buildpacks/#removing-a-buildpack","title":"Removing a buildpack","text":"Info
At least one of a buildpack or index must be specified
A single buildpack can be removed by name via the buildpacks:remove
command.
dokku buildpacks:remove node-js-app https://github.com/heroku/heroku-buildpack-ruby.git\n
Buildpacks can also be removed by index via the --index
flag. This flag is specified starting at a 1-index value.
dokku buildpacks:remove node-js-app --index 1\n
"},{"location":"deployment/builders/herokuish-buildpacks/#clearing-all-buildpacks","title":"Clearing all buildpacks","text":"Info
This does not affect automatically detected buildpacks, nor does it impact any specified BUILDPACK_URL
environment variable.
The buildpacks:clear
command can be used to clear all configured buildpacks for a specified app.
dokku buildpacks:clear node-js-app\n
"},{"location":"deployment/builders/herokuish-buildpacks/#customizing-the-buildpack-stack-builder","title":"Customizing the Buildpack stack builder","text":"New
Introduced in 0.23.0
The default stack builder in use by Herokuish buildpacks in Dokku is based on gliderlabs/herokuish:latest
. Typically, this is installed via an OS package which pulls the requisite Docker image. Users may desire to switch the stack builder to a custom version, either to update the operating system or to customize packages included with the stack builder. This can be performed via the buildpacks:set-property
command.
dokku buildpacks:set-property node-js-app stack gliderlabs/herokuish:latest\n
The specified stack builder can also be unset by omitting the name of the stack builder when calling buildpacks:set-property
.
dokku buildpacks:set-property node-js-app stack\n
A change in the stack builder value will execute the post-stack-set
trigger.
Finally, stack builders can be set or unset globally as a fallback. This will take precedence over a globally set DOKKU_IMAGE
environment variable (gliderlabs/herokuish:latest-24
by default).
# set globally\ndokku buildpacks:set-property --global stack gliderlabs/herokuish:latest\n\n# unset globally\ndokku buildpacks:set-property --global stack\n
"},{"location":"deployment/builders/herokuish-buildpacks/#allowing-herokuish-for-non-amd64-platforms","title":"Allowing herokuish for non-amd64 platforms","text":"New
Introduced in 0.29.0
By default, the builder-herokuish plugin is not enabled for non-amd64 platforms, and attempting to use it is blocked. This is because the majority of buildpacks are not cross-platform compatible, and thus building apps will either be considerably slower - due to emulating the amd64 platform - or won't work - due to building amd64 packages on arm64 platforms.
To force-enable herokuish on non-amd64 platforms, the allowed
property can be set via builder-herokuish:set
. The default value depends on the host platform architecture (true
on amd64, false
otherwise).
dokku builder-herokuish:set node-js-app allowed true\n
The default value may be set by passing an empty value for the option:
dokku builder-herokuish:set node-js-app allowed\n
The allowed
property can also be set globally. The global default is platform-dependent, and the global value is used when no app-specific value is set.
dokku builder-herokuish:set --global allowed true\n
The default value may be set by passing an empty value for the option.
dokku builder-herokuish:set --global allowed\n
"},{"location":"deployment/builders/herokuish-buildpacks/#displaying-buildpack-reports-for-an-app","title":"Displaying buildpack reports for an app","text":"You can get a report about the app's buildpacks status using the buildpacks:report
command:
dokku buildpacks:report\n
=====> node-js-app buildpacks information\n Buildpacks computed stack: gliderlabs/herokuish:v0.7.0-22\n Buildpacks global stack: gliderlabs/herokuish:latest-24\n Buildpacks list: https://github.com/heroku/heroku-buildpack-nodejs.git\n Buildpacks stack: gliderlabs/herokuish:v0.7.0-20\n=====> python-sample buildpacks information\n Buildpacks computed stack: gliderlabs/herokuish:latest-24\n Buildpacks global stack: gliderlabs/herokuish:latest-24\n Buildpacks list: https://github.com/heroku/heroku-buildpack-nodejs.git,https://github.com/heroku/heroku-buildpack-python.git\n Buildpacks stack:\n=====> ruby-sample buildpacks information\n Buildpacks computed stack: gliderlabs/herokuish:latest-24\n Buildpacks global stack: gliderlabs/herokuish:latest-24\n Buildpacks list:\n Buildpacks stack:\n
You can run the command for a specific app also.
ShellOutputdokku buildpacks:report node-js-app\n
=====> node-js-app buildpacks information\n Buildpacks list: https://github.com/heroku/heroku-buildpack-nodejs.git\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku buildpacks:report node-js-app --buildpacks-list\n
"},{"location":"deployment/builders/herokuish-buildpacks/#displaying-builder-herokuish-reports-for-an-app","title":"Displaying builder-herokuish reports for an app","text":"New
Introduced in 0.29.0
You can get a report about the app's storage status using the builder-herokuish:report
command:
dokku builder-herokuish:report\n
=====> node-js-app builder-herokuish information\n Builder herokuish computed allowed: false\n Builder herokuish global allowed: true\n Builder herokuish allowed: false\n=====> python-sample builder-herokuish information\n Builder herokuish computed allowed: true\n Builder herokuish global allowed: true\n Builder herokuish allowed:\n=====> ruby-sample builder-herokuish information\n Builder herokuish computed allowed: true\n Builder herokuish global allowed: true\n Builder herokuish allowed:\n
You can run the command for a specific app also.
ShellOutputdokku builder-herokuish:report node-js-app\n
=====> node-js-app builder-herokuish information\n Builder herokuish computed allowed: false\n Builder herokuish global allowed: true\n Builder herokuish allowed: false\n
You can pass flags which will output only the value of the specific information you want. For example:
ShellOutputdokku builder-herokuish:report node-js-app --builder-herokuish-allowed\n
false\n
"},{"location":"deployment/builders/herokuish-buildpacks/#errata","title":"Errata","text":""},{"location":"deployment/builders/herokuish-buildpacks/#switching-from-dockerfile-deployments","title":"Switching from Dockerfile deployments","text":"If an application was previously deployed via Dockerfile, the following commands should be run before a buildpack deploy will succeed:
dokku ports:clear node-js-app\n
"},{"location":"deployment/builders/herokuish-buildpacks/#using-a-specific-buildpack-version","title":"Using a specific buildpack version","text":"Info
Always remember to pin your buildpack versions when using the multi-buildpacks method, or you may find deploys changing your deployed environment.
By default, Dokku uses the gliderlabs/herokuish project, which pins all of it's vendored buildpacks. There may be occasions where the pinned version results in a broken deploy, or does not have a particular feature that is required to build your project. To use a more recent version of a given buildpack, the buildpack may be specified without a Git commit SHA like so:
# using the latest nodejs buildpack\ndokku buildpacks:set node-js-app https://github.com/heroku/heroku-buildpack-nodejs\n
This will use the latest commit on the master
branch of the specified buildpack. To pin to a newer version of a buildpack, a sha may also be specified by using the form REPOSITORY_URL#COMMIT_SHA
, where COMMIT_SHA
is any tree-ish git object - usually a git tag.
# using v87 of the nodejs buildpack\ndokku buildpacks:set node-js-app https://github.com/heroku/heroku-buildpack-nodejs#v87\n
"},{"location":"deployment/builders/herokuish-buildpacks/#curl-build-timeouts","title":"curl
build timeouts","text":"Certain buildpacks may time out in retrieving dependencies via curl
. This can happen when your network connection is poor or if there is significant network congestion. You may see a message similar to gzip: stdin: unexpected end of file
after a curl
command.
If you see output similar this when deploying , you may need to override the curl
timeouts to increase the length of time allotted to those tasks. You can do so via the config
plugin:
dokku config:set --global CURL_TIMEOUT=1200\ndokku config:set --global CURL_CONNECT_TIMEOUT=180\n
"},{"location":"deployment/builders/herokuish-buildpacks/#clearing-buildpack-cache","title":"Clearing buildpack cache","text":"See the repository management documentation for more information on how to clear buildpack build cache for an application.
"},{"location":"deployment/builders/herokuish-buildpacks/#specifying-commands-via-procfile","title":"Specifying commands via Procfile","text":"See the Procfile documentation for more information on how to specify different processes for your app.
"},{"location":"deployment/builders/lambda/","title":"Lambda Builder","text":"New
Introduced in 0.28.0
builder-lambda:report [<app>] [<flag>] # Displays a builder-lambda report for one or more apps\nbuilder-lambda:set <app> <key> (<value>) # Set or clear a builder-lambda property for an app\n
The lambda
builder builds AWS Lambda functions in an environment simulating AWS Lambda runtimes via lambda-builder. Apps built via this builder can run natively in Dokku and may also have their artifacts scheduled to Lambda via an appropriate scheduler.
This builder will be auto-detected in the following case:
lambda.yml
exists in the root of the app repository.The builder may also be selected via the builder:set
command
dokku builder:set node-js-app selected lambda\n
"},{"location":"deployment/builders/lambda/#supported-languages","title":"Supported languages","text":"The lambda
builder plugin supports the following AWS runtime languages on Amazon Linux 2:
See the lambda-builder documentation for more information on how specific languages are detected.
"},{"location":"deployment/builders/lambda/#customizing-the-build-environment","title":"Customizing the build environment","text":"The lambda
builder plugin delegates all build logic to lambda-builder, including language detection and build/runtime environment specification. The lambda-builder tool supports a lambda.yml
file format for customizing how apps are built. Please see the readme for lambda-builder for more information on different options.
lambda.yml
location","text":"The lambda.yml
is expected to be found in a specific directory, depending on the deploy approach:
WORKDIR
of the Docker image for deploys resulting from git:from-image
and git:load-image
commands.git:from-archive
, git:sync
).Sometimes it may be desirable to set a different path for a given app, e.g. when deploying from a monorepo. This can be done via the lambdayml-path
property:
dokku builder-lambda:set node-js-app lambdayml-path .dokku/lambda.yml\n
The value is the path to the desired file relative to the base search directory, and will never be treated as absolute paths in any context. If that file does not exist within the repository, the build will fail.
The default value may be set by passing an empty value for the option:
dokku builder-lambda:set node-js-app lambdayml-path\n
The lambdayml-path
property can also be set globally. The global default is lambda.yml
, and the global value is used when no app-specific value is set.
dokku builder-lambda:set --global lambdayml-path lambda2.yml\n
The default value may be set by passing an empty value for the option.
dokku builder-lambda:set --global lambdayml-path\n
"},{"location":"deployment/builders/lambda/#displaying-builder-lambda-reports-for-an-app","title":"Displaying builder-lambda reports for an app","text":"You can get a report about the app's storage status using the builder-lambda:report
command:
dokku builder-lambda:report\n
=====> node-js-app builder-lambda information\n Builder lambda computed lambdayml path: lambda2.yml\n Builder lambda global lambdayml path: lambda.yml\n Builder lambda lambdayml path: lambda2.yml\n=====> python-sample builder-lambda information\n Builder lambda computed lambdayml path: lambda.yml\n Builder lambda global lambdayml path: lambda.yml\n Builder lambda lambdayml path:\n=====> ruby-sample builder-lambda information\n Builder lambda computed lambdayml path: lambda.yml\n Builder lambda global lambdayml path: lambda.yml\n Builder lambda lambdayml path:\n
You can run the command for a specific app also.
ShellOutputdokku builder-lambda:report node-js-app\n
=====> node-js-app builder-lambda information\n Builder lambda computed lambdayml path: lambda2.yml\n Builder lambda global lambdayml path: lambda.yml\n Builder lambda lambdayml path: lambda2.yml\n
You can pass flags which will output only the value of the specific information you want. For example:
ShellOutputdokku builder-lambda:report node-js-app --builder-lambda-lambdayml-path\n
lambda2.yml\n
"},{"location":"deployment/builders/nixpacks/","title":"Nixpacks","text":"New
Introduced in 0.32.0
The nixpacks
builder builds apps via Nixpacks, a buildpack alternative.
The nixpacks
cli tool is not included by default with Dokku or as a dependency. It must also be installed as shown on this page.
Builds will proceed with the nixpacks
cli for the app from then on.
This builder will be auto-detected in the following case:
nixpacks.toml
exists in the root of the app repository.The builder may also be selected via the builder:set
command
dokku builder:set node-js-app selected nixpacks\n
"},{"location":"deployment/builders/nixpacks/#supported-languages","title":"Supported languages","text":"See the upstream nixpacks documentation for further information on what languages and frameworks are supported.
"},{"location":"deployment/builders/nixpacks/#build-time-configuration-variables","title":"Build-time configuration variables","text":"For security reasons - and as per Docker recommendations - nixpacks-based deploys have variables available only during runtime.
For users that require customization in the build
phase, you may use build arguments via the docker-options plugin. All environment variables set by the config
plugin are automatically exported within the nixpacks build environment, and thus --env
only requires setting a key without a value.
dokku docker-options:add node-js-app build '--env NODE_ENV'\n
Alternatively, a full value may be provided in the form of --env KEY=VALUE
:
dokku docker-options:add node-js-app build '--env NODE_ENV=production'\n
"},{"location":"deployment/builders/nixpacks/#changing-the-nixpackstoml-location","title":"Changing the nixpacks.toml
location","text":"The nixpacks.toml
is expected to be found in a specific directory, depending on the deploy approach:
WORKDIR
of the Docker image for deploys resulting from git:from-image
and git:load-image
commands.git:from-archive
, git:sync
).Sometimes it may be desirable to set a different path for a given app, e.g. when deploying from a monorepo. This can be done via the nixpackstoml-path
property:
dokku builder-nixpacks:set node-js-app nixpackstoml-path .dokku/nixpacks.toml\n
The value is the path to the desired file relative to the base search directory, and will never be treated as absolute paths in any context. If that file does not exist within the repository, the build will fail.
The default value may be set by passing an empty value for the option:
dokku builder-nixpacks:set node-js-app nixpackstoml-path\n
The nixpackstoml-path
property can also be set globally. The global default is nixpacks.toml
, and the global value is used when no app-specific value is set.
dokku builder-nixpacks:set --global nixpackstoml-path nixpacks2.toml\n
The default value may be set by passing an empty value for the option.
dokku builder-nixpacks:set --global nixpackstoml-path\n
"},{"location":"deployment/builders/nixpacks/#disabling-cache","title":"Disabling cache","text":"Cache is enabled by default, but can be disabled by setting the no-cache
property to true
:
dokku builder-nixpacks:set node-js-app no-cache true\n
The default value may be set by passing an empty value for the option:
dokku builder-nixpacks:set node-js-app no-cache\n
The no-cache
property can also be set globally. The global default is false
, and the global value is used when no app-specific value is set.
dokku builder-nixpacks:set --global no-cache true\n
The default value may be set by passing an empty value for the option.
dokku builder-nixpacks:set --global no-cache\n
"},{"location":"deployment/builders/nixpacks/#displaying-builder-nixpacks-reports-for-an-app","title":"Displaying builder-nixpacks reports for an app","text":"You can get a report about the app's storage status using the builder-nixpacks:report
command:
dokku builder-nixpacks:report\n
=====> node-js-app builder-nixpacks information\n Builder-nixpacks computed nixpackstoml path: nixpacks2.toml\n Builder-nixpacks global nixpackstoml path: nixpacks.toml\n Builder-nixpacks nixpackstoml path: nixpacks2.toml\n Builder-nixpacks computed no cache: true\n Builder-nixpacks global no cache: false\n Builder-nixpacks no cache: true\n=====> python-sample builder-nixpacks information\n Builder-nixpacks computed nixpackstoml path: nixpacks.toml\n Builder-nixpacks global nixpackstoml path: nixpacks.toml\n Builder-nixpacks nixpackstoml path:\n Builder-nixpacks computed no cache: false\n Builder-nixpacks global no cache: false\n Builder-nixpacks no cache:\n=====> ruby-sample builder-nixpacks information\n Builder-nixpacks computed nixpackstoml path: nixpacks.toml\n Builder-nixpacks global nixpackstoml path: nixpacks.toml\n Builder-nixpacks nixpackstoml path:\n Builder-nixpacks computed no cache: false\n Builder-nixpacks global no cache: false\n Builder-nixpacks no cache:\n
You can run the command for a specific app also.
ShellOutputdokku builder-nixpacks:report node-js-app\n
=====> node-js-app builder-nixpacks information\n Builder-nixpacks computed nixpackstoml path: nixpacks2.toml\n Builder-nixpacks global nixpackstoml path: nixpacks.toml\n Builder-nixpacks nixpackstoml path: nixpacks2.toml\n Builder-nixpacks computed no cache: true\n Builder-nixpacks global no cache: false\n Builder-nixpacks no cache: true\n
You can pass flags which will output only the value of the specific information you want. For example:
ShellOutputdokku builder-nixpacks:report node-js-app --builder-nixpacks-no-cache\n
true\n
"},{"location":"deployment/builders/null/","title":"Null Builder","text":"New
Introduced in 0.25.0
The null
builder does nothing, and is useful for routing to services not managed by Dokku. It should not be used in normal operation. Please see the network documentation for more information on the aforementioned use case.
This builder is never auto-detected. The builder must be specified via the builder:set
command:
dokku builder:set node-js-app selected null\n
"},{"location":"deployment/continuous-integration/generic/","title":"Generic CI/CD Integration","text":"In cases where there is no direct or documented integration available, the Dokku project provides an Official Docker Image for use in Continuous Integration/Continuous Deployment (CI/CD) systems.
Assuming a Docker image can be run as a CI task with environment variables injected, the following CI systems will have their variables automatically detected:
The simplest usage of the image is as follows.
# where the `.env` file contains `GIT_REMOTE_URL` and `SSH_PRIVATE_KEY`\n\ndocker run --rm -v=\"$PWD:/app\" --env-file=.env dokku/ci-docker-image dokku-deploy\n
For more configuration examples and further documentation, see the ci-docker-image readme.
"},{"location":"deployment/continuous-integration/github-actions/","title":"GitHub Actions","text":"The Dokku project has an official GitHub Action available on the GitHub Marketplace. The simplest usage example is as follows:
---\nname: 'deploy'\n\non:\n push:\n branches:\n - master\n\njobs:\n deploy:\n runs-on: ubuntu-24.04\n steps:\n - name: Cloning repo\n uses: actions/checkout@v3\n with:\n fetch-depth: 0\n\n - name: Push to dokku\n uses: dokku/github-action@master\n with:\n git_remote_url: 'ssh://dokku@dokku.me:22/appname'\n ssh_private_key: ${{ secrets.SSH_PRIVATE_KEY }}\n
For further usage documentation and other advanced examples, see the entry on the GitHub Marketplace.
"},{"location":"deployment/continuous-integration/gitlab-ci/","title":"GitLab CI","text":"GitLab CI can be used to automatically deploy a Dokku application via the official the dokku/ci-docker-image. The simplest example is as follows:
---\nimage: dokku/ci-docker-image\n\nstages:\n - deploy\n\nvariables:\n GIT_DEPTH: 0\n\ndeploy:\n stage: deploy\n only:\n - master\n variables:\n GIT_REMOTE_URL: ssh://dokku@dokku.me:22/appname\n script: \n - dokku-deploy\n after_script: \n - dokku-unlock\n
For further usage documentation and other advanced examples, see Dokku's gitlab-ci repository.
"},{"location":"deployment/methods/archive/","title":"Tar and Zip Archives","text":""},{"location":"deployment/methods/archive/#initializing-an-app-repository-from-an-archive-file","title":"Initializing an app repository from an archive file","text":"New
Introduced in 0.24.0
A Dokku app repository can be initialized or updated from the contents of an archive file via the git:from-archive
command. This is an excellent way of tracking changes when deploying pre-built binary archives, such as java jars or go binaries. This can also be useful when deploying directly from a GitHub repository at a specific commit.
dokku git:from-archive node-js-app https://github.com/dokku/smoke-test-app/releases/download/2.0.0/smoke-test-app.tar\n
In the above example, Dokku will build the app as if the repository contained the extracted contents of the specified archive file.
Triggering a build with the same archive file multiple times will result in Dokku exiting 0
early as there will be no changes detected.
The git:from-archive
command can optionally take a git user.name
and user.email
argument (in that order) to customize the author. If the arguments are left empty, they will fallback to Dokku
and automated@dokku.sh
, respectively.
dokku git:from-archive node-js-app https://github.com/dokku/smoke-test-app/releases/download/2.0.0/smoke-test-app.tar \"Camila\" \"camila@example.com\"\n
The default archive type is always set to .tar
. To use a different archive type, specify the --archive-type
flag. Failure to do so will result in a failure to extract the archive.
dokku git:from-archive --archive-type zip node-js-app https://github.com/dokku/smoke-test-app/archive/2.0.0.zip \"Camila\" \"camila@example.com\"\n
Finally, if the archive url is specified as --
, the archive will be fetched from stdin.
curl -sSL https://github.com/dokku/smoke-test-app/releases/download/2.0.0/smoke-test-app.tar | dokku git:from-archive node-js-app --\n
"},{"location":"deployment/methods/git/","title":"Git Deployment","text":"New
Subcommands introduced in 0.12.0
git:allow-host <host> # Adds a host to known_hosts\ngit:auth <host> [<username> <password>] # Configures netrc authentication for a given git server\ngit:from-archive [--archive-type ARCHIVE_TYPE] <app> <archive-url> [<git-username> <git-email>] # Updates an app's git repository with a given archive file\ngit:from-image [--build-dir DIRECTORY] <app> <docker-image> [<git-username> <git-email>] # Updates an app's git repository with a given docker image\ngit:generate-deploy-key # Generates a deploy ssh key\ngit:load-image [--build-dir DIRECTORY] <app> <docker-image> [<git-username> <git-email>] # Updates an app's git repository with a docker image loaded from stdin\ngit:sync [--build|build-if-changes] <app> <repository> [<git-ref>] # Clone or fetch an app from remote git repo\ngit:initialize <app> # Initialize a git repository for an app\ngit:public-key # Outputs the dokku public deploy key\ngit:report [<app>] [<flag>] # Displays a git report for one or more apps\ngit:set <app> <key> (<value>) # Set or clear a git property for an app\ngit:status <app> # Show the working tree status for an app\n
Git-based deployment has been the traditional method of deploying applications in Dokku. As of v0.12.0, Dokku introduces a few ways to customize the experience of deploying via git push
. A Git-based deployment currently supports building applications via:
Warning
Pushing from a shallow clone is not currently supported and may have undefined behavior. Please unshallow your local repository before pushing to a Dokku app to avoid potential errors in the deployment process.
"},{"location":"deployment/methods/git/#initializing-an-application","title":"Initializing an application","text":"When an application is created via git push
, Dokku will create the proper pre-receive
hook in order to execute the build pipeline. In certain cases - such as when fronting deploys with the git-http-backend
- this may not be correctly created. As an alternative, the git:initialize
command can be used to trigger this creation:
# on the Dokku host\n\n# overrides any existing pre-receive hook\ndokku git:initialize node-js-app\n
In order for the above command to succeed, the application must already exist.
Warning
If the pre-receive
hook was customized in any way, this will overwrite that hook with the current defaults for Dokku.
By default, Dokku will deploy code pushed to the master
branch. In order to quickly deploy a different local branch, the following Git command can be used:
# on the local machine\n\n# where `SOME_BRANCH_NAME` is the name of the branch\ngit push dokku SOME_BRANCH_NAME:master\n
In 0.12.0
, the correct way to change the deploy branch is to use the git:set
Dokku command.
# on the Dokku host\n\n# override for all applications\ndokku git:set --global deploy-branch SOME_BRANCH_NAME\n\n# override for a specific app\n# where `SOME_BRANCH_NAME` is the name of the branch\ndokku git:set node-js-app deploy-branch SOME_BRANCH_NAME\n
As of 0.22.1, Dokku will also respect the first pushed branch as the primary branch, and automatically set the deploy-branch
value at that time.
Pushing multiple branches can also be supported by creating a receive-branch plugin trigger in a custom plugin.
"},{"location":"deployment/methods/git/#configuring-the-git_rev-environment-variable","title":"Configuring theGIT_REV
environment variable","text":"New
Introduced in 0.12.0
Application deployments will include a special GIT_REV
environment variable containing the current deployment sha being deployed. For rebuilds, this SHA will remain the same.
To configure the name of the GIT_REV
environment variable, run the git:set
command as follows:
# on the Dokku host\n\n# override for a specific app\ndokku git:set node-js-app rev-env-var DOKKU_GIT_REV\n
This behavior can be disabled entirely on a per-app basis by setting the rev-env-var
value to an empty string:
# on the Dokku host\n\n# override for a specific app\ndokku git:set node-js-app rev-env-var \"\"\n
"},{"location":"deployment/methods/git/#keeping-the-git-directory","title":"Keeping the .git
directory","text":"By default, Dokku will remove the contents of the .git
before triggering a build for a given app. This is generally a safe default as shipping the entire source code history of your app in the deployed image artifact is unnecessary as it increases bloat and potentially can leak information if there are any security issues with your app code.
To enable the .git
directory, run the git:set
command as follows:
# on the Dokku host\n\n# keep the .git directory during builds\ndokku git:set node-js-app keep-git-dir true\n
The default behavior is to delete this directory and it's contents. To revert to the default behavior, the keep-git-dir
value can be set to either an empty string or false
.
# on the Dokku host\n\n# delete the .git directory during builds (default)\ndokku git:set node-js-app keep-git-dir false\n\n# delete the .git directory during builds (default)\ndokku git:set node-js-app keep-git-dir \"\"\n
Please keep in mind that setting keep-git-dir
to true
may result in unstaged changes shown within the built container due to the build process generating application changes within the built app directory.
New
Introduced in 0.23.0
A Dokku app repository can be initialized or updated from a remote git repository via the git:sync
command. This command will either clone or fetch updates from a remote repository and has undefined behavior if the history cannot be fast-fowarded to the referenced repository reference. Any repository that can be cloned by the dokku
user can be specified.
Info
The application must exist before the repository can be initialized
dokku git:sync node-js-app https://github.com/heroku/node-js-getting-started.git\n
The git:sync
command optionally takes an optional third parameter containing a git reference, which may be a branch, tag, or specific commit.
# specify a branch\ndokku git:sync node-js-app https://github.com/heroku/node-js-getting-started.git main\n\n# specify a tag\ndokku git:sync node-js-app https://github.com/heroku/node-js-getting-started.git 1\n\n# specify a commit\ndokku git:sync node-js-app https://github.com/heroku/node-js-getting-started.git 97e6c72491c7531507bfc5413903e0e00e31e1b0\n
By default, this command does not trigger an application build. To do so during a git:sync
, specify the --build
flag.
dokku git:sync --build node-js-app https://github.com/heroku/node-js-getting-started.git\n
When running git:sync
without a reference, it may be useful to only build when there are changes. To do so, specify the --build-if-changes
flag.
dokku git:sync --build-if-changes node-js-app https://github.com/heroku/node-js-getting-started.git\n
"},{"location":"deployment/methods/git/#initializing-from-private-repositories","title":"Initializing from private repositories","text":"New
Introduced in 0.24.0
Initializing from a private repository requires one of the following:
id_rsa.pub
file) configured on the remote server, with the associated private key (id_rsa
) in the Dokku server's /home/dokku/.ssh/
directory..netrc
entry.Dokku provides the git:auth
command which can be used to configure a netrc
entry for the remote server. This command can be used to add or remove configuration for any remote server.
# add credentials for github.com\ndokku git:auth github.com username personal-access-token\n\n# remove credentials for github.com\ndokku git:auth github.com\n
For syncing to a private repository stored on a remote Git product such as GitHub or GitLab, Dokku's recommendation is to use a personal access token on a bot user where possible. Please see your service's documentation for information regarding the recommended best practices.
"},{"location":"deployment/methods/git/#allowing-remote-repository-hosts","title":"Allowing remote repository hosts","text":"By default, the Dokku host may not have access to a server containing the remote repository. This can be initialized via the git:allow-host
command.
dokku git:allow-host github.com\n
Note that this command is currently not idempotent and may add duplicate entries to the ~dokku/.ssh/known_hosts
file.
New
Introduced in 0.33.0
While most repositories can be authenticated to via the git:auth
command, some users may prefer to use an ssh key. This can be generated via the git:generate-deploy-key
command, which generates a passwordless ed25519 key-pair.
dokku git:generate-deploy-key\n
Generating public/private ed25519 key pair.\nYour identification has been saved in /home/dokku/.ssh/id_ed25519\nYour public key has been saved in /home/dokku/.ssh/id_ed25519.pub\nThe key fingerprint is:\nSHA256:PvlvVfbpYvkmA87rTfLUq07e3GarRN1BcLqDSjod+p8 dokku@ubuntu\nThe key's randomart image is:\n+--[ED25519 256]--+\n| ..o |\n| + |\n| . . |\n| . o =|\n| So . + ++|\n| .=.o.. +..|\n| ++oo..*o. |\n| oo o%*oo=|\n| .+E=BOOo|\n+----[SHA256]-----+\n
"},{"location":"deployment/methods/git/#verifying-the-cloning-public-key","title":"Verifying the cloning public key","text":"In order to clone a remote repository, the remote server should have the Dokku host's public key configured. This plugin does not currently create this key, but if can be shown via the git:public-key
command.
dokku git:public-key\n
If there is no key, an error message is shown that displays the command that can be run on the Dokku server to generate a new public/private ssh key pair.
"},{"location":"deployment/methods/image/","title":"Docker Image Deployment","text":""},{"location":"deployment/methods/image/#initializing-an-app-repository-from-a-docker-image","title":"Initializing an app repository from a docker image","text":"New
Introduced in 0.24.0
A Dokku app repository can be initialized or updated from a Docker image via the git:from-image
command. This command will either initialize the app repository or update it to include the specified Docker image via a FROM
stanza. This is an excellent way of tracking changes when deploying only a given docker image, especially if deploying an image from a remote CI/CD pipeline.
dokku git:from-image node-js-app my-registry/node-js-getting-started:latest\n
In the above example, Dokku will build the app as if the repository contained only a Dockerfile
with the following content:
FROM my-registry/node-js-getting-started:latest\n
If the specified image already exists on the Dokku host, it will not be pulled again, though this behavior may be changed using build phase docker-options.
Triggering a build with the same arguments multiple times will result in Dokku exiting 0
early as there will be no changes detected. If the image tag is reused but the underlying image is different, it is recommended to use the image digest instead of the tag. This can be retrieved via the following command:
# for images pushed to a remote registry\ndocker inspect --format='{{index .RepoDigests 0}}' $IMAGE_NAME\n\n# for images built locally and not pushed to a registry\n# use when the previous command output is empty\ndocker images --no-trunc --quiet $IMAGE_NAME\n
The resulting git:from-image
call would then be:
# where the image sha is: sha256:9d187c3025d03c033dcc71e3a284fee53be88cc4c0356a19242758bc80cab673\ndokku git:from-image node-js-app my-registry/node-js-getting-started@sha256:9d187c3025d03c033dcc71e3a284fee53be88cc4c0356a19242758bc80cab673\n
The git:from-image
command can optionally take a git user.name
and user.email
argument (in that order) to customize the author. If the arguments are left empty, they will fallback to Dokku
and automated@dokku.sh
, respectively.
dokku git:from-image node-js-app my-registry/node-js-getting-started:latest \"Camila\" \"camila@example.com\"\n
If the image is a private image that requires a docker login to access, the registry:login
command should be used to log into the registry. See the registry documentation for more details on this process.
Finally, certain images may require a custom build context in order for ONBUILD ADD
and ONBUILD COPY
statements to succeed. A custom build context can be specified via the --build-dir
flag. All files in the specified build-dir
will be copied into the repository for use within the docker build
process. The build context must be specified on each deploy, and is not otherwise persisted between builds.
dokku git:from-image --build-dir path/to/build node-js-app domy-registrykku/node-js-getting-started:latest \"Camila\" \"camila@example.com\"\n
See the dockerfile documentation to learn about the different ways to configure Dockerfile-based deploys.
"},{"location":"deployment/methods/image/#initializing-an-app-repository-from-a-remote-image-without-a-registry","title":"Initializing an app repository from a remote image without a registry","text":"New
Introduced in 0.30.0
A Dokku app repository can be initialized or updated from the contents of an image archive tar file via the git:load-image
command. This method can be used when a Docker Registry is unavailable to act as an intermediary for storing an image, such as when building an image in CI and deploying directly from that image.
docker image save my-registry/node-js-getting-started:latest | ssh dokku@dokku.me git:load-image node-js-app my-registry/node-js-getting-started:latest\n
In the above example, we are saving the image to a tar file via docker image save
, streaming that to the Dokku host, and then running git:load-image
on the incoming stream. Dokku will build the app as if the repository contained only a Dockerfile
with the following content:
FROM my-registry/node-js-getting-started:latest\n
When deploying an app via git:load-image
, it is highly recommended to use a unique image tag when building the image. Not doing so will result in Dokku exiting 0
early as there will be no changes detected. If the image tag is reused but the underlying image is different, it is recommended to use the image digest instead of the tag. This can be retrieved via the following command:
# for images pushed to a remote registry\ndocker inspect --format='{{index .RepoDigests 0}}' $IMAGE_NAME\n\n# for images built locally and not pushed to a registry\n# use when the previous command output is empty\ndocker images --no-trunc --quiet $IMAGE_NAME\n
The resulting git:load-image
call would then be:
# where the image sha is: sha256:9d187c3025d03c033dcc71e3a284fee53be88cc4c0356a19242758bc80cab673\ndocker image save my-registry/node-js-getting-started:latest | ssh dokku@dokku.me git:load-image node-js-app my-registry/node-js-getting-started@sha256:9d187c3025d03c033dcc71e3a284fee53be88cc4c0356a19242758bc80cab673\n
The git:load-image
command can optionally take a git user.name
and user.email
argument (in that order) to customize the author. If the arguments are left empty, they will fallback to Dokku
and automated@dokku.sh
, respectively.
docker image save my-registry/node-js-getting-started:latest | ssh dokku@dokku.me git:load-image node-js-app my-registry/node-js-getting-started:latest \"Camila\" \"camila@example.com\"\n
Finally, certain images may require a custom build context in order for ONBUILD ADD
and ONBUILD COPY
statements to succeed. A custom build context can be specified via the --build-dir
flag. All files in the specified build-dir
will be copied into the repository for use within the docker build
process. The build context must be specified on each deploy, and is not otherwise persisted between builds.
docker image save my-registry/node-js-getting-started:latest | ssh dokku@dokku.me git:load-image --build-dir path/to/build node-js-app my-registry/node-js-getting-started:latest \"Camila\" \"camila@example.com\"\n
See the dockerfile documentation to learn about the different ways to configure Dockerfile-based deploys.
"},{"location":"deployment/schedulers/docker-local/","title":"Docker Local Scheduler","text":"New
Subcommands introduced in 0.12.12
scheduler-docker-local:report [<app>] [<flag>] # Displays a scheduler-docker-local report for one or more apps\nscheduler-docker-local:set <app> <key> (<value>) # Set or clear a scheduler-docker-local property for an app\n
New
Introduced in 0.12.0
Dokku natively includes functionality to manage application lifecycles for a single server using the scheduler-docker-local
plugin. It is the default scheduler, but as with all schedulers, it is set on a per-application basis. The scheduler can currently be overridden by running the following command:
dokku scheduler:set node-js-app selected docker-local\n
As it is the default, unsetting the selected
scheduler property is also a valid way to reset the scheduler.
dokku scheduler:set node-js-app selected\n
"},{"location":"deployment/schedulers/docker-local/#usage","title":"Usage","text":""},{"location":"deployment/schedulers/docker-local/#deploying-amd64-images-on-arm64","title":"Deploying amd64 images on arm64","text":"New
Introduced in 0.33.0
Many builders only produce amd64-compatible images. The docker-local scheduler will automatically detect these and run them via the --platform=linux/amd64
on arm64 deploy targets.
The scheduler-docker-local
injects an init process by default via the --init
. For some apps - such as those where the built docker image uses S6 as the init - this may be undesirable and cause issues with process starts. You may disable this by running the following scheduler-docker-local:set
command for your application:
dokku scheduler-docker-local:set node-js-app init-process false\n
Once set, you may re-enable it by setting a blank value for init-process
:
dokku scheduler-docker-local:set node-js-app init-process\n
All image containers with the label org.opencontainers.image.vendor=linuxserver.io
will have the automatic init process injection force-disabled without further intervention.
New
Introduced in 0.25.5
By default, Dokku deploys an app's processes one-by-one in order, with the web
process being deployed first. Deployment parallelism may be achieved by setting the parallel-schedule-count
property, which defaults to 1
. Increasing this number increases the number of process types that may be deployed in parallel (with the web process being the exception).
# Increase parallelism from 1 process type at a time to 4 process types at a time.\ndokku scheduler-docker-local:set node-js-app parallel-schedule-count 4\n
Once set, you may reset it by setting a blank value for parallel-schedule-count
:
dokku scheduler-docker-local:set node-js-app parallel-schedule-count\n
If the value of parallel-schedule-count
is increased and a given process type fails to schedule successfully, then any in-flight process types will continue to be processed, while all process types that have not been scheduled will be skipped before the deployment finally fails.
Container scheduling output is shown in the order it is received, and thus may be out of order in case of output to stderr.
Note that increasing the value of parallel-schedule-count
may significantly impact CPU utilization on your host as your app containers - and their respective processes - start up. Setting a value higher than the number of available CPUs is discouraged. It is recommended that users carefully set this value so as not to overburden their server.
New
Introduced in 0.26.0
By default, Dokku will deploy one instance of a given process type at a time. This can be increased by customizing the app.json
formation
key to include a max_parallel
key for the given process type.
The formation
key should be specified as follows in the app.json
file:
{\n \"formation\": {\n \"web\": {\n \"max_parallel\": 1\n },\n \"worker\": {\n \"max_parallel\": 4\n }\n }\n}\n
Omitting or removing the entry will result in parallelism for that process type to return to 1 entry at a time. This can be combined with the parallel-schedule-count
property to speed up deployments.
Note that increasing the value of max_parallel
may significantly impact CPU utilization on your host as your app containers - and their respective processes - start up. Setting a value higher than the number of available CPUs is discouraged. It is recommended that users carefully set this value so as not to overburden their server.
See the app.json location documentation for more information on where to place your app.json
file.
The following sections describe implemented scheduler functionality for the docker-local
scheduler.
This plugin implements various functionality through plugn
triggers to integrate with Docker for running apps on a single server. The following functionality is supported by the scheduler-docker-local
plugin.
apps:clone
apps:destroy
apps:rename
deploy
enter
logs
ps:inspect
ps:stop
run
App logs for the logs
command are fetched from running containers via the docker
cli. To persist logs across deployments, consider using Dokku's vector integration to ship logs to another service or a third-party platform.
The docker-local
scheduler supports a minimal list of resource limits and reservations. The following properties are supported:
--cpus
), is specified in number of CPUs a process can access.--memory
) should be specified with a suffix of b
(bytes), k
(kilobytes), m
(megabytes), g
(gigabytes). Default unit is m
(megabytes).--memory-swap
) should be specified with a suffix of b
(bytes), k
(kilobytes), m
(megabytes), g
(gigabytes)--gpus
), is specified in number of Nvidia GPUs a process can access.--memory-reservation
) should be specified with a suffix of b
(bytes), k
(kilobytes), m
(megabytes), g
(gigabytes). Default unit is m
(megabytes).New
Introduced in 0.33.0
scheduler-k3s:annotations:set <app|--global> <property> (<value>) [--process-type PROCESS_TYPE] <--resource-type RESOURCE_TYPE>, Set or clear an annotation for a given app/process-type/resource-type combination\nscheduler-k3s:autoscaling-auth:set <app|--global> <trigger> [<--metadata key=value>...], Set or clear a scheduler-k3s autoscaling keda trigger authentication resource for an app\nscheduler-k3s:autoscaling-auth:report <app|--global> [--format stdout|json] [--include-metadata] # Displays a scheduler-k3s autoscaling auth report for an app\nscheduler-k3s:cluster-add [ssh://user@host:port] # Adds a server node to a Dokku-managed cluster\nscheduler-k3s:cluster-list # Lists all nodes in a Dokku-managed cluster\nscheduler-k3s:cluster-remove [node-id] # Removes client node to a Dokku-managed cluster\nscheduler-k3s:initialize # Initializes a cluster\nscheduler-k3s:labels:set <app|--global> <property> (<value>) [--process-type PROCESS_TYPE] <--resource-type RESOURCE_TYPE>, Set or clear a label for a given app/process-type/resource-type combination\nscheduler-k3s:report [<app>] [<flag>] # Displays a scheduler-k3s report for one or more apps\nscheduler-k3s:set [<app>|--global] <key> (<value>) # Set or clear a scheduler-k3s property for an app or the scheduler\nscheduler-k3s:show-kubeconfig # Displays the kubeconfig for remote usage\nscheduler-k3s:uninstall # Uninstalls k3s from the Dokku server\n
Note
The k3s plugin replaces the external scheduler-kubernetes plugin. Users can continue to use the external plugin as necessary, but all future development will occur on the official core k3s plugin.
For multi-server support, Dokku provides the ability for users to setup a K3s cluster. As with all schedulers, it is set on a per-app basis. The scheduler can currently be overridden by running the following command:
dokku scheduler:set node-js-app selected k3s\n
As it is the default, unsetting the selected
scheduler property is also a valid way to reset the scheduler.
dokku scheduler:set node-js-app k3s\n
"},{"location":"deployment/schedulers/k3s/#usage","title":"Usage","text":"Info
[!IMPORTANT] The k3s plugin requires usage of a docker registry to store deployed image artifacts. See the registry documentation for more details on how to configure a registry.
"},{"location":"deployment/schedulers/k3s/#initializing-a-cluster","title":"Initializing a cluster","text":"Warning
This command must be run as root
Clusters can be initialized via the scheduler-k3s:initialize
command. This will start a k3s cluster on the Dokku node itself.
dokku scheduler-k3s:initialize\n
By default, the k3s installation can run both app and system workloads. For clusters where app workloads are run on distinct worker nodes, initialize the cluster with the --taint-scheduling
flag, which will allow only Critical cluster components on the k3s control-plane nodes.
dokku scheduler-k3s:initialize --taint-scheduling\n
By default, Dokku will attempt to auto-detect the IP address of the server. In cases where the auto-detected IP address is incorrect, an override may be specified via the --server-ip
flag:
dokku scheduler-k3s:initialize --server-ip 192.168.20.15\n
Dokku's k3s integration natively uses nginx
as it's ingress load balancer via ingress-nginx. Properties set by the nginx
plugin will be respected, either by turning them into annotations or creating a custom server/location snippet that the ingress-nginx
project can use.
Dokku can also use Traefik on cluster initialization via the Traefik's CRDs. To change the ingress, set the --ingress-class
flag:
dokku scheduler-k3s:initialize --ingress-class traefik\n
"},{"location":"deployment/schedulers/k3s/#adding-nodes-to-the-cluster","title":"Adding nodes to the cluster","text":"Warning
The dokku
user must be able to ssh onto the server in order to connect nodes to the cluster. The remote user must be root or have sudo enabled, or the install will fail.
Nodes that run app workloads can be added via the scheduler-k3s:cluster-add
command. This will ssh onto the specified server, install k3s, and join it to the current Dokku node in worker mode. Workers are typically used to run app workloads.
dokku scheduler-k3s:cluster-add ssh://root@worker-1.example.com\n
If the server isn't in the known_hosts
file, the connection will fail. This can be bypassed by setting the --insecure-allow-unknown-hosts
flag:
dokku scheduler-k3s:cluster-add --insecure-allow-unknown-hosts ssh://root@worker-1.example.com\n
By default, Dokku will attempt to auto-detect the IP address of the Dokku server for the remote server to connect to. In cases where the auto-detected IP address is incorrect, an override may be specified via the --server-ip
flag:
dokku scheduler-k3s:cluster-add --server-ip 192.168.20.15 ssh://root@worker-1.example.com\n
"},{"location":"deployment/schedulers/k3s/#adding-a-server-node","title":"Adding a server node","text":"Note
Only the initial Dokku server will be properly configured for push deployment, and should be considered your git remote. Additional server nodes are for ensuring high-availability of the K3s etcd state. Ensure this server is properly backed up and restorable or deployments will not work.
Server nodes are typically used to replicate the cluster state, and it is recommended to have an odd number of nodes spread across several availability zones (datacenters in close proximity within a region). This allows for higher availability in the event of a cluster failure. Server nodes run control-plane services such as the traefik load balancer and the etcd backing store.
Server nodes can also be added with the scheduler-k3s:cluster-add
command by specifying --role server
. This will ssh onto the specified server, install k3s, and join it to the current Dokku node in server mode.
dokku scheduler-k3s:cluster-add --role server ssh://root@server-1.example.com\n
Server nodes allow any workloads to be scheduled on them by default, in addition to the control-plane, etcd, and the scheduler itself. To avoid app workloads being scheduled on your control-plane, use the --taint-scheduling
flag:
dokku scheduler-k3s:cluster-add --role server --taint-scheduling ssh://root@server-1.example.com\n
If the server isn't in the known_hosts
file, the connection will fail. This can be bypassed by setting the --insecure-allow-unknown-hosts
flag:
dokku scheduler-k3s:cluster-add --role server --insecure-allow-unknown-hosts ssh://root@server-1.example.com\n
By default, Dokku will attempt to auto-detect the IP address of the Dokku server for the remote server to connect to. In cases where the auto-detected IP address is incorrect, an override may be specified via the --server-ip
flag:
dokku scheduler-k3s:cluster-add --role server --server-ip 192.168.20.15 ssh://root@server-1.example.com\n
"},{"location":"deployment/schedulers/k3s/#changing-the-network-interface","title":"Changing the network interface","text":"When attaching an worker or server node, the K3s plugin will look at the IP associated with the eth0
interface and use that to connect the new node to the cluster. To change this, set the network-interface
property to the appropriate value.
dokku scheduler-k3s:set --global network-interface eth1\n
"},{"location":"deployment/schedulers/k3s/#changing-deploy-timeouts","title":"Changing deploy timeouts","text":"By default, app deploys will timeout after 300s. To customize this value, set the deploy-timeout
property via scheduler-k3s:set
:
dokku scheduler-k3s:set node-js-app deploy-timeout 60s\n
The default value may be set by passing an empty value for the option:
dokku scheduler-k3s:set node-js-app deploy-timeout\n
The deploy-timeout
property can also be set globally. The global default is 300s
.
dokku scheduler-k3s:set --global deploy-timeout 60s\n
The default value may be set by passing an empty value for the option.
dokku scheduler-k3s:set --global deploy-timeout\n
"},{"location":"deployment/schedulers/k3s/#customizing-the-namespace","title":"Customizing the namespace","text":"By default, app deploys will run against the default
Kubernetes namespace. To customize this value, set the namespace
property via scheduler-k3s:set
:
dokku scheduler-k3s:set node-js-app namespace lollipop\n
The default value may be set by passing an empty value for the option:
dokku scheduler-k3s:set node-js-app namespace\n
The namespace
property can also be set globally. The global default is default
.
dokku scheduler-k3s:set --global namespace 60s\n
The default value may be set by passing an empty value for the option.
dokku scheduler-k3s:set --global namespace\n
"},{"location":"deployment/schedulers/k3s/#enabling-rollback-on-failure","title":"Enabling rollback on failure","text":"By default, app deploys do not rollback on failure. To enable this functionality, set the rollback-on-failure
property via scheduler-k3s:set
:
dokku scheduler-k3s:set node-js-app rollback-on-failure true\n
The default value may be set by passing an empty value for the option:
dokku scheduler-k3s:set node-js-app rollback-on-failure\n
The rollback-on-failure
property can also be set globally. The global default is false
.
dokku scheduler-k3s:set --global rollback-on-failure false\n
The default value may be set by passing an empty value for the option.
dokku scheduler-k3s:set --global rollback-on-failure\n
"},{"location":"deployment/schedulers/k3s/#using-image-pull-secrets","title":"Using image pull secrets","text":"When authenticating against a registry via registry:login
, the scheduler-k3s plugin will authenticate all servers in the cluster against the registry specified. If desired, an image pull secret can be used instead. To customize this value, set the image-pull-secrets
property via scheduler-k3s:set
:
dokku scheduler-k3s:set node-js-app image-pull-secrets lollipop\n
The default value may be set by passing an empty value for the option:
dokku scheduler-k3s:set node-js-app image-pull-secrets\n
The image-pull-secrets
property can also be set globally. The global default is empty string, and k3s will use Dokku's locally configured ~/.docker/config.json
for any private registry pulls.
dokku scheduler-k3s:set --global image-pull-secrets 60s\n
The default value may be set by passing an empty value for the option.
dokku scheduler-k3s:set --global image-pull-secrets\n
"},{"location":"deployment/schedulers/k3s/#ssl-certificates","title":"SSL Certificates","text":""},{"location":"deployment/schedulers/k3s/#enabling-letsencrypt-integration","title":"Enabling letsencrypt integration","text":"By default, letsencrypt is disabled and https port mappings are ignored. To enable, set the letsencrypt-email-prod
or letsencrypt-email-stag
property with the --global
flag:
# set the value for prod\ndokku scheduler-k3s:set --global letsencrypt-email-prod automated@dokku.sh\n\n# set the value for stag\ndokku scheduler-k3s:set --global letsencrypt-email-stag automated@dokku.sh\n
After enabling and rebuilding, all apps with an http:80
port mapping will have a corresponding https:443
added and ssl will be automatically enabled. All http requests will then be redirected to https.
The letsencrypt integration is set to the production letsencrypt server by default. This can be changed on an app-level by setting the letsencrypt-server
property with the scheduler-k3s:set
command
dokku scheduler-k3s:set node-js-app letsencrypt-server staging\n
The default value may be set by passing an empty value for the option:
dokku scheduler-k3s:set node-js-app letsencrypt-server\n
The image-pull-secrets
property can also be set globally. The global default is production
.
dokku scheduler-k3s:set --global letsencrypt-server staging\n
The default value may be set by passing an empty value for the option.
dokku scheduler-k3s:set --global letsencrypt-server staging\n
"},{"location":"deployment/schedulers/k3s/#customizing-annotations-and-labels","title":"Customizing Annotations and Labels","text":"Note
The cron ID is used as the process type if your app deploys any cron tasks
"},{"location":"deployment/schedulers/k3s/#setting-annotations","title":"Setting Annotations","text":"Dokku injects certain annotations into each created resource by default, but it may be necessary to inject others for tighter integration with third-party tools. The scheduler-k3s:annotations:set
command can be used to perform this task. The command takes an app name and a required --resource-type
flag.
dokku scheduler-k3s:annotations:set node-js-app annotation.key annotation.value --resource-type deployment\n
If not specified, the annotation will be applied to all processes within an app, though it may be further scoped to a specific process type via the --process-type
flag.
dokku scheduler-k3s:annotations:set node-js-app annotation.key annotation.value --resource-type deployment --process-type web\n
The following resource types are supported:
certificate
cronjob
deployment
ingress
job
pod
secret
service
serviceaccount
traefik_ingressroute
traefik_middleware
To unset an annotation, pass an empty value:
dokku scheduler-k3s:annotations:set node-js-app annotation.key --resource-type deployment\ndokku scheduler-k3s:annotations:set node-js-app annotation.key --resource-type deployment --process-type web\n
"},{"location":"deployment/schedulers/k3s/#setting-labels","title":"Setting Labels","text":"Dokku injects certain labels into each created resource by default, but it may be necessary to inject others for tighter integration with third-party tools. The scheduler-k3s:labels:set
command can be used to perform this task. The command takes an app name and a required --resource-type
flag.
dokku scheduler-k3s:labels:set node-js-app label.key label.value --resource-type deployment\n
If not specified, the label will be applied to all processes within an app, though it may be further scoped to a specific process type via the --process-type
flag.
dokku scheduler-k3s:labels:set node-js-app label.key label.value --resource-type deployment --process-type web\n
The following resource types are supported:
certificate
cronjob
deployment
ingress
job
pod
secret
service
serviceaccount
traefik_ingressroute
traefik_middleware
To unset an label, pass an empty value:
dokku scheduler-k3s:annotations:set node-js-app label.key --resource-type deployment\ndokku scheduler-k3s:labels:set node-js-app label.key --resource-type deployment --process-type web\n
"},{"location":"deployment/schedulers/k3s/#autoscaling","title":"Autoscaling","text":""},{"location":"deployment/schedulers/k3s/#workload-autoscaling","title":"Workload Autoscaling","text":"New
Introduced in 0.33.8 Users with older installations will need to manually install Keda.
Autoscaling in k3s is managed by Keda, which integrates with a variety of external metric providers to allow for autoscaling application workloads.
To enable autoscaling, use the app.json
formation.$PROCESS_TYPE.autoscaling
key to manage rules. In addition to the existing configuration used for process management, each process type in the formation.$PROCESS_TYPE.autoscaling
key can have the following keys:
min_quantity
: The minimum number of instances the application can run. If not specified, the quantity
specified for the app is used.max_quantity
: The maximum number of instances the application can run. If not specified, the higher value of quantity
and the min_quantity
is used.polling_interval_seconds
: (default: 30) The interval to wait for polling each of the configured triggerscooldown_seconds
: (default: 300) The number of seconds to wait in between each scaling eventtriggers
: A list of autoscaling triggers.Autoscaling triggers are passed as is to Keda, and should match the configuration keda uses for a given scaler. Below is an example for datadog:
{\n \"formation\": {\n \"web\": {\n \"autoscaling\": {\n \"min_quantity\": 1,\n \"max_quantity\": 10,\n \"triggers\": [\n {\n \"name\": \"name-for-trigger\",\n \"type\": \"datadog\",\n \"metadata\": {\n \"query\": \"per_second(sum:http.requests{service:myservice1}).rollup(max, 300))/180,per_second(sum:http.backlog{service:myservice1}).rollup(max, 300)/30\",\n \"queryValue\": \"1\",\n \"queryAggregator\": \"max\"\n }\n }\n ]\n }\n }\n }\n}\n
Each value in the metadata
stanza can use the following interpolated strings:
DOKKU_DEPLOYMENT_NAME
: The name of the deployment being scaledDOKKU_PROCESS_TYPE
: The name of the process being scaledDOKKU_APP_NAME
: The name of the app being scaledMost Keda triggers require some form of authentication to query for data. In the Kubernetes API, they are represented by TriggerAuthentication
and ClusterTriggerAuthentication
resources. Dokku can manage these via the scheduler-k3s:autoscaling-auth
commands, and includes generated resources with each helm release generated by a deploy.
If no app-specific authentication is provided for a given trigger type, Dokku will fallback to any globally defined ClusterTriggerAuthentication
resources. Autoscaling triggers within an app all share the same TriggerAuthentication
resources, while ClusterTriggerAuthentication
resources can be shared across all apps deployed by Dokku within a given cluster.
Users can specify custom authentication resources directly via the Kubernetes api or use the scheduler-k3s:autoscaling-auth:set
command to create the resources in the Kubernetes cluster.
dokku scheduler-k3s:autoscaling-auth:set $APP $TRIGGER --metadata apiKey=some-api-key --metadata appKey=some-app-key\n
For example, the following will configure the authentication for all datadog triggers on the specified app:
dokku scheduler-k3s:autoscaling-auth:set node-js-app datadog --metadata apiKey=1234567890 --metadata appKey=asdfghjkl --metadata datadogSite=us5.datadoghq.com\n
After execution, Dokku will include the following resources for each specified trigger with the helm release generated on subsequent app deploys:
Secret
: an Opaque Secret
resource storing the authentication credentialsTriggerAuthentication
: A TriggerAuthentication
resource that references the secret for use by triggersIf the --global
flag is specified instead of an app name, a custom helm chart is created on the fly with the above resources.
To remove a configured authenticatin resource, run the scheduler-k3s:autoscaling-auth:set
command with no metadata specified. Subsequent deploys will not include these resources.
dokku scheduler-k3s:autoscaling-auth:set $APP $TRIGGER_TYPE\n
"},{"location":"deployment/schedulers/k3s/#displaying-an-authentication-resource-report","title":"Displaying an Authentication Resource report","text":"To see a list of authentication resources managed by Dokku, run the scheduler-k3s:autoscaling-auth:report
command.
dokku scheduler-k3s:autoscaling-auth:report node-js-app\n
====> $APP autoscaling-auth report\n datadog: configured\n
By default, the report will not display configured metadata - making it safe to include in Dokku report output. To include metadata and their values, add the --include-metadata
flag:
dokku scheduler-k3s:autoscaling-auth:report node-js-app --include-metadata\n
====> node-js-app autoscaling-auth report\n Datadog: configured\n Datadog apiKey: 1234567890\n Datadog appKey: asdfghjkl\n Datadog datadogSite: us5.datadoghq.com\n
"},{"location":"deployment/schedulers/k3s/#using-kubectl-remotely","title":"Using kubectl remotely","text":"Warning
Certain ports must be open for interacting with the remote kubernets api. Refer to the K3s networking documentation for the required open ports between servers prior to running the command.
By default, Dokku assumes that all it controls all actions on the cluster, and thus does not expose the kubectl
binary for administrators. To interact with kubectl, you will need to retrieve the kubeconfig
for the cluster and configure your client to use that configuration.
dokku scheduler-k3s:show-kubeconfig\n
"},{"location":"deployment/schedulers/k3s/#interacting-with-an-external-kubernetes-cluster","title":"Interacting with an external Kubernetes cluster","text":"While the k3s scheduler plugin is designed to work with a Dokku-managed k3s cluster, Dokku can be configured to interact with any Kubernetes cluster by setting the global kubeconfig-path
to a path to a custom kubeconfig on the Dokku server. This property is only available at a global level.
dokku scheduler-k3s:set --global kubeconfig-path /path/to/custom/kubeconfig\n
To set the default value, omit the value from the scheduler-k3s:set
call:
dokku scheduler-k3s:set --global kubeconfig-path\n
The default value for the kubeconfig-path
is the k3s kubeconfig located at /etc/rancher/k3s/k3s.yaml
.
When interacting with a custom Kubeconfig, the kube-context
property can be set to specify a specific context within the kubeconfig to use. This property is available only at the global leve.
dokku scheduler-k3s:set --global kube-context lollipop\n
To set the default value, omit the value from the scheduler-k3s:set
call:
dokku scheduler-k3s:set --global kube-context\n
The default value for the kube-context
is an empty string, and will result in Dokku using the current context within the kubeconfig.
The following sections describe implemented and unimplemented scheduler functionality for the k3s
scheduler.
This plugin implements various functionality through plugn
triggers to integrate with Docker for running apps on a single server. The following functionality is supported by the scheduler-k3s
plugin.
apps:clone
apps:destroy
apps:rename
cron
enter
deploy
liveness
, readiness
, and startup
healthchecksapp.json
are ignored in favor of the container port on the port mapping detectedlogs
ps:stop
run
scheduler-post-run
trigger is not always triggeredrun:detached
run:list
run:logs
ps:inspect
The following Dokku functionality is not implemented at this time.
vector
log integrationApp logs for the logs
command are fetched by Dokku from running containers via the kubectl
cli. Persisting logs via Vector is not implemented at this time. Users may choose to configure the Vector Kubernetes integration directly by following this guide.
The k3s
scheduler supports a minimal list of resource limits and reservations:
b
(bytes), Ki
(kilobytes), Mi
(megabytes), Gi
(gigabytes). Default unit is Mi
(megabytes).If unspecified for any task, the default reservation will be .1
CPU and 128Mi
RAM, with no limit set for either CPU or RAM. This is to avoid issues with overscheduling pods on a cluster. To avoid issues, set more specific values for at least resource reservations. If unbounded utilization is desired, set CPU and Memory to 0m
and 0Mi
, respectively.
Note
Cron tasks retrieve resource limits based on the computed cron task ID.
"},{"location":"deployment/schedulers/kubernetes/","title":"Kubernetes Scheduler","text":"Warning
Deprecation notice: This scheduler has been replaced with the k3s scheduler plugin and is no longer under active development.
The Kubernetes Scheduler Plugin is available free as an external plugin. Please see the plugin's issue tracker for more information on the status of the plugin.
For users that require additional functionality, please refer to the Sponsoring Documentation.
"},{"location":"deployment/schedulers/kubernetes/#scheduler-interface","title":"Scheduler Interface","text":"The following sections describe implemented scheduler functionality for the kubernetes
scheduler.
This plugin implements various functionality through plugn
triggers to integrate with kubectl
for running apps on a Kubernetes cluster. The following functionality is supported by the scheduler-kubernetes
plugin.
apps:destroy
deploy
: partial, does not implement failed deploy log capturelogs
: partial, does not implement failure logsps:stop
App logs for the logs
command are fetched from running pods via the kubectl
cli. To persist logs across deployments, consider using Vector or a similar tool to ship logs to another service or a third-party platform.
Warning
This scheduler is not in Dokku core and thus functionality may change over time as the API stabilizes.
The Nomad Scheduler Plugin is available free as an external plugin. Please see the plugin's issue tracker for more information on the status of the plugin.
For users that require additional functionality, please refer to the Sponsoring Documentation.
"},{"location":"deployment/schedulers/nomad/#scheduler-interface","title":"Scheduler Interface","text":"The following sections describe implemented scheduler functionality for the nomad
scheduler.
This plugin implements various functionality through plugn
triggers to integrate with the nomad
cli for running apps on a Nomad cluster. The following functionality is supported by the scheduler-nomad
plugin.
apps:destroy
deploy
ps:stop
Warning
Fetching app logs for the logs
command is currently not implemented. Please consider using Vector or a similar tool to ship logs to another service or a third-party platform.
New
Introduced in 0.25.0
The null
scheduler does nothing, and is useful for routing to services not managed by Dokku. It should not be used in normal operation. Please see the network documentation for more information on the aforementioned use case.
This scheduler is never auto-detected. The scheduler must be specified via the scheduler:set
command:
dokku scheduler:set node-js-app selected null\n
"},{"location":"deployment/schedulers/scheduler-management/","title":"Scheduler Management","text":"New
Introduced in 0.26.0
scheduler:report [<app>] [<flag>] # Displays a scheduler report for one or more apps\nscheduler:set <app> <key> (<value>) # Set or clear a scheduler property for an app\n
Schedulers are a way of customizing how an app image is deployed, and can be used to interact with non-local systems such as Kubernetes and Nomad.
"},{"location":"deployment/schedulers/scheduler-management/#usage","title":"Usage","text":""},{"location":"deployment/schedulers/scheduler-management/#scheduler-selection","title":"Scheduler selection","text":"Dokku supports the following built-in schedulers:
scheduler-docker-local
: Schedules apps against the local docker socket and runs containers directly on the Dokku host. See the docker-local scheduler documentation for more information on how this scheduler functions.scheduler-null
: Does nothing during the scheduler phase. See the null scheduler documentation for more information on how this scheduler functions.If desired, the scheduler can be specified via the scheduler:set
command by speifying a value for selected
. The selected scheduler will always be used.
dokku scheduler:set node-js-app selected docker-local\n
The default value may be set by passing an empty value for the option:
dokku scheduler:set node-js-app selected\n
The selected
property can also be set globally. The global default is an empty string, and auto-detection will be performed when no value is set per-app or globally.
dokku scheduler:set --global selected docker-local\n
The default value may be set by passing an empty value for the option.
dokku scheduler:set --global selected\n
"},{"location":"deployment/schedulers/scheduler-management/#displaying-scheduler-reports-for-an-app","title":"Displaying scheduler reports for an app","text":"You can get a report about the app's scheduler status using the scheduler:report
command:
dokku scheduler:report\n
=====> node-js-app scheduler information\n Scheduler computed selected: herokuish\n Scheduler global selected: herokuish\n Scheduler selected: herokuish\n=====> python-sample scheduler information\n Scheduler computed selected: dockerfile\n Scheduler global selected: herokuish\n Scheduler selected: dockerfile\n=====> ruby-sample scheduler information\n Scheduler computed selected: herokuish\n Scheduler global selected: herokuish\n Scheduler selected:\n
You can run the command for a specific app also.
ShellOutputdokku scheduler:report node-js-app\n
=====> node-js-app scheduler information\n Scheduler selected: herokuish\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku scheduler:report node-js-app --scheduler-selected\n
"},{"location":"deployment/schedulers/scheduler-management/#implementing-a-scheduler","title":"Implementing a Scheduler","text":"Custom plugins names must have the prefix scheduler-
or scheduler overriding via scheduler:set
may not function as expected.
At this time, the following dokku commands are used to implement a complete scheduler.
apps:destroy
: stops the app processes on the schedulerapps:rename
: handles app renamingapps:clone
: handles app cloningcron
: generates cron tasks for the appdeploy
: deploys app proceses and checks the status of a deployenter
: enters a running containerlogs
: fetches app logsrun
: starts one-off run containers (detached and non-detached) as well as listing run processesrun:list
: lists running containersrun:logs
: fetches running container logsps:stop
: stops app processesps:inspect
: outputs inspect output for processes in an appSchedulers may decide to omit some functionality here, or use plugin triggers to supplement config with information from other plugins. Additionally, a scheduler may implement other triggers in order handle any extra processes needed during a deploy.
Schedulers can use any tools available on the system to build the docker image, and may even be used to interact with off-server systems. The only current requirement is that the scheduler must have access to the image built in the build phase. If this is not the case, the registry plugin can be used to push the image to a registry that the scheduler software can access.
Deployment tasks are currently executed directly on the primary Dokku server.
"},{"location":"development/plugin-creation/","title":"Plugin creation","text":"A plugin can be a simple implementation of triggers or can implement a command structure of its own. Dokku has no restrictions on the language in which a plugin is implemented; it only cares that the plugin implements the appropriate commands or triggers for the API. NOTE: any file that implements triggers or uses the command API must be executable.
"},{"location":"development/plugin-creation/#plugin-overview","title":"Plugin Overview","text":"When creating custom plugins:
dokku-<name>
convention (e.g. dokku-mariadb
)When developing a plugin, the install
trigger must be implemented such that it outputs the built executable(s) using a directory structure that implements the plugin's desired command and/or triggers the API. See the smoke-test-plugin for an example.
There are 3 main integration points: commands
, subcommands/default
, and subcommands/<command-name>
.
commands
","text":"Primarily used to supply the plugin's usage/help output. (i.e. plugin help).
"},{"location":"development/plugin-creation/#subcommandsdefault","title":"subcommands/default
","text":"Implements the plugin's default command behavior. (i.e. dokku plugin
).
subcommands/<command-name>
","text":"Implements the additional command interface and will translate to dokku plugin:cmd
on the command line. (i.e. dokku plugin:install
).
plugin.toml
","text":"The plugin.toml
file is used to describe the plugin in help output, and helps users understand the purpose of the plugin. This must have a description and a version. The version should be bumped at every plugin release.
[plugin]\ndescription = \"dokku example plugin\"\nversion = \"0.1.0\"\n[plugin.config]\n
"},{"location":"development/plugin-creation/#files-should-be-executable","title":"Files should be executable","text":"Commands, subcommands, triggers and source shell scripts should all be executable. On a Unix-like machine, the following command can be used to make them executable:
chmod +x path/to/file\n
Non-executable commands, subcommands, and triggers will be ignored.
"},{"location":"development/plugin-creation/#use-the-pipefail-bash-option","title":"Use thepipefail
bash option","text":"Consider whether to include the set -eo pipefail
option. Look at the following example:
IMAGE=$(docker images | grep \"user/repo\" | awk '{print $3}')\nif [[ -z $IMAGE ]]; then\n dokku_log_fail \"user/repo image not found... Did you run 'dokku plugin:install'?\"\nfi\n
If user/repo
doesn't exist, Dokku exits just before the awk
command and the dokku_log_fail
message will never go to STDOUT
. printed with echo. The set -e
option should be used in this case.
Here is the help
entry for set
:
help set\nOptions:\n -e Exit immediately if a command exits with a non-zero status.\n -o option-name\n pipefail the return value of a pipeline is the status of\n the last command to exit with a non-zero status,\n or zero if no command exited with a non-zero status\n
"},{"location":"development/plugin-creation/#support-trace-mode","title":"Support trace mode","text":"Trace mode is useful for getting debugging output from plugins when the --trace
flag is specified or dokku trace:on
is triggered. This should be done at the top of each shell script:
#!/usr/bin/env bash\nset -eo pipefail\n[[ $DOKKU_TRACE ]] && set -x\n
In the above example, the third line enables bash's debug mode, which prints command traces before executing command.
"},{"location":"development/plugin-creation/#verify-the-existence-of-dependencies","title":"Verify the existence of dependencies","text":"If a plugin depends on a specific command-line tool, check whether that tool exists before utilizing it. Either command -v
or which
may be used to do so:
# `command -v` example\nif ! command -v \"nginx\" &>/dev/null; then\n dokku_log_fail \"Missing nginx, install it\"\nfi\n\n# `which` example\nif ! which nginx &>/dev/null; then\n dokku_log_fail \"Missing nginx, install it\"\nfi\n
In cases where a dependency should be installed before the plugin can be used at all, use the dependencies
plugin trigger to install the dependency.
For plugins which expose commands, implement a help
command. This may be empty, but should contain a listing of all available commands.
Commas - ,
- are used in the help output for columnizing output. Verify that the plugin conforms to the spec by running dokku help --all
and manually verifying the output.
See the sample plugin below for an example.
"},{"location":"development/plugin-creation/#namespace-commands","title":"Namespace commands","text":"All commands should be namespaced. In cases where a core plugin is overridden, the plugin may utilize the a namespace in use by the core, but generally this should be avoided to reduce confusion as to where the command is implemented.
"},{"location":"development/plugin-creation/#implement-a-proper-catch-all-command","title":"Implement a proper catch-all command","text":"As of 0.3.3, a catch-all should be implemented that exits with a DOKKU_NOT_IMPLEMENTED_EXIT
code. This allows Dokku to output a command not found
message.
See the sample plugin below for an example.
"},{"location":"development/plugin-creation/#set-app-config-without-restarting","title":"Set app config without restarting","text":"In the case that a plugin needs to set app configuration settings and a restart should be avoided (default Heroku-style behavior) these \"internal\" commands provide this functionality:
config_set --no-restart node-js-app KEY1=VALUE1 [KEY2=VALUE2 ...]\nconfig_unset --no-restart node-js-app KEY1 [KEY2 ...]\n
"},{"location":"development/plugin-creation/#expose-functionality-in-a-functions-file","title":"Expose functionality in a functions
file","text":"To allow other plugins access to (some of) a plugin's functionality, functions can expose by including a functions
file in the plugin for others to source. All functions in that file should be considered publicly accessible by other plugins.
Any functions that must be kept private should reside in the plugin's trigger/
or commands/
directories. Other files may also be used to hide private functions; the official convention for hiding private functions is to place them an internal-functions
file.
New
Introduced in 0.4.0
Dokku allows image tagging and deployment of tagged images. This means hard-coding the $IMAGE
as dokku/$APP
is no longer sufficient.
Plugins should use get_running_image_tag()
and get_app_image_name()
as sourced from common/functions
. See the plugin triggers doc for examples.
Info
Note: This is only for plugins that are not pre/post-build-*
plugins
$DOCKER_BIN
instead of docker
directly","text":"New
Introduced in 0.17.5
Certain systems may require a wrapper function around the docker
binary for proper execution. Utilizing the $DOCKER_BIN
environment variable when calling docker for those functions is preferred.
# good\n\"$DOCKER_BIN\" container run -d $IMAGE /bin/bash -e -c \"$COMMAND\"\n\n# bad\ndocker run -d $IMAGE /bin/bash -e -c \"$COMMAND\"\n
"},{"location":"development/plugin-creation/#include-labels-for-all-temporary-containers-and-images","title":"Include labels for all temporary containers and images","text":"New
Introduced in 0.5.0
As of 0.5.0, labels are used to help cleanup intermediate containers with dokku cleanup
. Plugins that create containers and images should add the correct labels to the build
, commit
, and run
docker commands.
Note that where possible, a label com.dokku.app-name=$APP
- where $APP
is the name of the app - should also be included. This enables dokku cleanup APP
to cleanup the specific containers for a given app.
# `docker build` example\n\"$DOCKER_BIN\" image build \"--label=com.dokku.app-name=${APP}\" $DOKKU_GLOBAL_BUILD_ARGS ...\n\n# `docker commit` example\n# Note that the arguments must be set as a local array\n# as arrays cannot be exported in shell\nlocal DOKKU_COMMIT_ARGS=(\"--change\" \"LABEL org.label-schema.schema-version=1.0\" \"--change\" \"LABEL org.label-schema.vendor=dokku\" \"--change\" \"LABEL $DOKKU_CONTAINER_LABEL=\")\n\"$DOCKER_BIN\" container commit --change \"LABEL com.dokku.app-name=$APP\" \"${DOKKU_COMMIT_ARGS[@]}\" ...\n\n# `docker run` example\n\"$DOCKER_BIN\" container run \"--label=com.dokku.app-name=${APP}\" $DOKKU_GLOBAL_RUN_ARGS ...\n
"},{"location":"development/plugin-creation/#copy-files-from-the-built-image-using-copy_from_image","title":"Copy files from the built image using copy_from_image
","text":"Avoid copying files from running containers as these files may change over time. Instead copy files from the image built during the deploy process. This can be done via the copy_from_image
helper function. This will correctly handle various corner cases in copying files from an image.
source \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\n\nlocal TMP_FILE=$(mktemp \"/tmp/dokku-${DOKKU_PID}-${FUNCNAME[0]}.XXXXXX\")\ntrap \"rm -rf '$TMP_FILE' >/dev/null\" RETURN INT TERM EXIT\n\nlocal IMAGE_TAG=\"$(get_running_image_tag \"$APP\")\"\nlocal IMAGE=$(get_deploying_app_image_name \"$APP\" \"$IMAGE_TAG\")\ncopy_from_image \"$IMAGE\" \"file-being-copied\" \"$TMP_FILE\" 2>/dev/null\n
Files are copied from the /app
directory - for images built via buildpacks - or WORKDIR
- for images built via Dockerfile.
dokku
binary directly","text":"New
Introduced in 0.6.0
Plugins should not call the dokku
binary directly from within plugins because clients using the --app
argument are potentially broken when doing so.
Plugins should instead source the functions
file for a given plugin when attempting to call Dokku internal functions. In cases where plugin functions cannot be sourced (eg if a plugin is implemented in Golang), then call the relevant plugin triggers instead.
The below plugin is a dummy dokku hello
plugin.
Each plugin requires a plugin.toml
descriptor file with the following required fields:
[plugin]\ndescription = \"dokku hello plugin\"\nversion = \"0.1.0\"\n[plugin.config]\n
hello/subcommands/default
#!/usr/bin/env bash\nset -eo pipefail\n[[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\n\ncmd-hello-default() {\n declare desc=\"prints Hello \\$APP\"\n declare cmd=\"hello\"\n [[ \"$1\" == \"$cmd\" ]] && shift 1\n # Support --app/$DOKKU_APP_NAME flag\n # Use the following lines to reorder args into \"$cmd $DOKKU_APP_NAME $@\"\"\n [[ -n $DOKKU_APP_NAME ]] && set -- $DOKKU_APP_NAME $@\n set -- $cmd $@\n #\n declare APP=\"$1\"\n\n [[ -z \"$APP\" ]] && dokku_log_fail \"Please specify an app to run the command on\"\n verify_app_name \"$APP\"\n\n echo \"Hello $APP\"\n}\n\ncmd-hello-default \"$@\"\n
hello/subcommands/world
#!/usr/bin/env bash\nset -eo pipefail\n[[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\n\ncmd-hello-world() {\n declare desc=\"prints Hello world\"\n declare cmd=\"hello:world\"\n [[ \"$1\" == \"$cmd\" ]] && shift 1\n\n echo \"Hello world\"\n}\n\ncmd-hello-world \"$@\"\n
hello/commands
#!/usr/bin/env bash\nset -eo pipefail\n[[ $DOKKU_TRACE ]] && set -x\n\ncase \"$1\" in\n help | hello:help)\n help_content_func () {\n declare desc=\"return help_content string\"\n cat<<help_content\n hello <app>, Says \"Hello <app>\"\n hello:world, Says \"Hello world\"\nhelp_content\n }\n\n if [[ $1 = \"hello:help\" ]] ; then\n echo -e 'Usage: dokku hello[:world] [<app>]'\n echo ''\n echo 'Say Hello World.'\n echo ''\n echo 'Example:'\n echo ''\n echo '$ dokku hello:world'\n echo 'Hello world'\n echo ''\n echo 'Additional commands:'\n help_content_func | sort | column -c2 -t -s,\n else\n help_content_func\n fi\n ;;\n\n *)\n exit $DOKKU_NOT_IMPLEMENTED_EXIT\n ;;\n\nesac\n
"},{"location":"development/plugin-triggers/","title":"Plugin triggers","text":"Plugin triggers (formerly pluginhooks) are a good way to jack into existing Dokku infrastructure. You can use them to modify the output of various Dokku commands or override internal configuration.
Plugin triggers are simply scripts that are executed by the system. You can use any language you want, so long as the script:
For instance, if you wanted to write a plugin trigger in PHP, you would need to have php
installed and available on the CLI prior to plugin trigger invocation.
The following is an example for the nginx-hostname
plugin trigger. It reverses the hostname that is provided to nginx during deploys. If you created an executable file named nginx-hostname
with the following code in your plugin trigger, it would be invoked by Dokku during the normal app deployment process:
#!/usr/bin/env bash\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nAPP=\"$1\"; SUBDOMAIN=\"$2\"; VHOST=\"$3\"\n\nNEW_SUBDOMAIN=`echo $SUBDOMAIN | rev`\necho \"$NEW_SUBDOMAIN.$VHOST\"\n
"},{"location":"development/plugin-triggers/#available-plugin-triggers","title":"Available plugin triggers","text":"There are a number of plugin-related triggers. These can be optionally implemented by plugins and allow integration into the standard Dokku setup/teardown process.
The following plugin triggers describe those available to a Dokku installation. As well, there is an example for each trigger that you can use as templates for your own plugin development.
Info
The example plugin trigger code is not guaranteed to be implemented as in within dokku, and are merely simplified examples. Please look at the Dokku source for larger, more in-depth examples.
"},{"location":"development/plugin-triggers/#app-create","title":"app-create
","text":"$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#app-destroy","title":"app-destroy
","text":"$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#app-exists","title":"app-exists
","text":"$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#app-list","title":"app-list
","text":"false
.$FILTER
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#app-json-process-deploy-parallelism","title":"app-json-process-deploy-parallelism
","text":"dokku deploy
$APP $PROCESS_TYPE
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#app-json-get-content","title":"app-json-get-content
","text":"$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#app-maybe-create","title":"app-maybe-create
","text":"$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#app-restart","title":"app-restart
","text":"dokku config:clear
, dokku config:set
, dokku config:unset
$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#app-urls","title":"app-urls
","text":"dokku deploy
, dokku url
, and dokku urls
$APP $URL_TYPE
#!/usr/bin/env bash\n# Sets the domain to `internal.tld`\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nAPP=\"$1\"; URL_TYPE=\"$2\"\ncase \"$URL_TYPE\" in\n url)\n echo \"https://internal.tld/${APP}/\"\n ;;\n urls)\n echo \"https://internal.tld/${APP}/\"\n echo \"http://internal.tld/${APP}/\"\n ;;\nesac\n
"},{"location":"development/plugin-triggers/#builder-build","title":"builder-build
","text":"dokku deploy
$BUILDER_TYPE
$APP
$SOURCECODE_WORK_DIR
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#builder-create-dokku-image","title":"builder-create-dokku-image
","text":"dokku deploy
$BUILDER_TYPE
$APP
$SOURCECODE_WORK_DIR
$DOKKU_IMAGE
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#builder-detect","title":"builder-detect
","text":"herokuish
builder in favor of a custom one. Dockerfile gets lowest builder precedence.dokku deploy
$APP
$SOURCECODE_WORK_DIR
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nAPP=\"$1\"; SOURCECODE_WORK_DIR=\"$2\"\n\nif [[ -f \"$SOURCECODE_WORK_DIR/project.toml\" ]]; then\n echo -n \"pack\"\nfi\n
"},{"location":"development/plugin-triggers/#builder-dokku-image","title":"builder-dokku-image
","text":"dokku deploy
$BUILDER_TYPE
$APP
$SOURCECODE_WORK_DIR
$DOKKU_IMAGE
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#builder-get-property","title":"builder-get-property
","text":"$APP $KEY
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nAPP=\"$1\"; PROPERTY=\"$2\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#builder-herokuish-allowed","title":"builder-herokuish-allowed
","text":"$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#builder-image-is-cnb","title":"builder-image-is-cnb
","text":"$APP
$IMAGE_TAG
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#builder-image-is-herokuish","title":"builder-image-is-herokuish
","text":"$APP
$IMAGE_TAG
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#builder-release","title":"builder-release
","text":"dokku deploy
$BUILDER_TYPE
$APP
$IMAGE_TAG
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#buildpack-stack-name","title":"buildpack-stack-name
","text":"$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#caddy-template-source","title":"caddy-template-source
","text":"$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#certs-exists","title":"certs-exists
","text":"true
if certs exists for the app, false
otherwise$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#certs-force","title":"certs-force
","text":"true
if a cert should be simulated for the app, no output otherwise$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#check-deploy","title":"check-deploy
","text":"dokku deploy
$APP $CONTAINER_ID $PROC_TYPE $PORT $IP
#!/usr/bin/env bash\n# Disables deploys of containers based on whether the\n# `DOKKU_DISABLE_DEPLOY` env var is set to `true` for an app\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_AVAILABLE_PATH/config/functions\"\n\nAPP=\"$1\"; CONTAINER_ID=\"$2\"; PROC_TYPE=\"$3\"; PORT=\"$4\" ; IP=\"$5\"\n\neval \"$(config_export app $APP)\"\nDOKKU_DISABLE_DEPLOY=\"${DOKKU_DISABLE_DEPLOY:-false}\"\n\nif [[ \"$DOKKU_DISABLE_DEPLOY\" = \"true\" ]]; then\n echo -e \"\\033[31m\\033[1mDeploys disabled, sorry.\\033[0m\"\n exit 1\nfi\n
"},{"location":"development/plugin-triggers/#checks-get-property","title":"checks-get-property
","text":"$APP $KEY
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nAPP=\"$1\"; PROPERTY=\"$2\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#commands-help-and-commands-plugin_namehelp","title":"commands help
and commands <PLUGIN_NAME>:help
","text":"help
command in your commands
file to take advantage of this plugin trigger. commands help
is used by dokku help
to aggregate all plugins abbreviated help
output. Implementing <PLUGIN_NAME>:help
in your commands
file gives users looking for help, a more detailed output. 'commands help' must be implemented inside the commands
plugin file. It's recommended that PLUGIN_NAME:help
be added to the commands file to ensure consistency among community plugins and give you a new avenue to share rich help content with your user.dokku help
and commands <PLUGIN_NAME>:help
#!/usr/bin/env bash\n# Outputs help for the derp plugin\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\ncase \"$1\" in\n help | hello:help)\n help_content_func () {\n declare desc=\"return help_content string\"\n cat<<help_content\n hello <app>, Says \"Hello <app>\"\n hello:world, Says \"Hello world\"\nhelp_content\n }\n\n if [[ $1 = \"hello:help\" ]] ; then\n echo -e 'Usage: dokku hello[:world] [<app>]'\n echo ''\n echo 'Say Hello World.'\n echo ''\n echo 'Example:'\n echo ''\n echo '$ dokku hello:world'\n echo 'Hello world'\n echo ''\n echo 'Additional commands:'\n help_content_func | sort | column -c2 -t -s,\n else\n help_content_func\n fi\n ;;\n\n *)\n exit $DOKKU_NOT_IMPLEMENTED_EXIT\n ;;\n\nesac\n
"},{"location":"development/plugin-triggers/#config-export","title":"config-export
","text":"$APP $GLOBAL $MERGED $FORMAT
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#config-get","title":"config-get
","text":"$APP $KEY
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#config-get-global","title":"config-get-global
","text":"$KEY
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#core-post-deploy","title":"core-post-deploy
","text":"Info
To avoid issues with community plugins, this plugin trigger should be used only for core plugins. Please avoid using this trigger in your own plugins.
dokku deploy
$APP $INTERNAL_PORT $INTERNAL_IP_ADDRESS $IMAGE_TAG
#!/usr/bin/env bash\n# Notify an external service that a successful deploy has occurred.\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\ncurl \"http://httpstat.us/200\"\n
"},{"location":"development/plugin-triggers/#core-post-extract","title":"core-post-extract
","text":"Info
To avoid issues with community plugins, this plugin trigger should be used only for core plugins. Please avoid using this trigger in your own plugins.
receive-app
plugin trigger$APP
$TMP_WORK_DIR
$REV
#!/usr/bin/env bash\n# Adds a clock process to an app's Procfile\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nAPP=\"$1\"\nTMP_WORK_DIR=\"$2\"\nREV=\"$3\" # optional, may not be sent for tar-based builds\n\npushd \"$TMP_WORK_DIR\" >/dev/null\ntouch Procfile\necho \"clock: some-command\" >> Procfile\npopd &>/dev/null\n
"},{"location":"development/plugin-triggers/#cron-get-property","title":"cron-get-property
","text":"$APP $KEY
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nAPP=\"$1\"; PROPERTY=\"$2\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#cron-entries","title":"cron-entries
","text":"$SCHEDULE;$FULL_COMMAND;$ARBITRARY_DATA
. Individual implementations of cron writing can decide whether and how to include these cron entries. The ARBITRARY_DATA
includes the log file path for the basic docker-local
cron implementation.$DOKKU_SCHEDULER
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\n\nDOKKU_SCHEDULER=\"$1\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#cron-write","title":"cron-write
","text":"#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#dependencies","title":"dependencies
","text":"dokku plugin:install-dependencies
#!/usr/bin/env bash\n# Installs nginx for the current plugin\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nexport DEBIAN_FRONTEND=noninteractive\n\ncase \"$DOKKU_DISTRO\" in\n debian|raspbian|ubuntu)\n apt-get -qq -y --no-install-recommends install nginx\n ;;\n *)\n echo \"Installation on $DOKKU_DISTRO not supported\" 1>&2\n ;;\nesac\n
"},{"location":"development/plugin-triggers/#deploy","title":"deploy
","text":"dokku deploy
$APP [$IMAGE_TAG] [$PROC_TYPE]
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\n\nAPP=\"$1\" IMAGE_TAG=\"$2\" PROC_TYPE=\"$3\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#deployed-app-image-repo","title":"deployed-app-image-repo
","text":"dokku/$APP
internal function dokku_deploy_cmd() (deploy phase)
$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nAPP=\"$1\"\n# change the repo from dokku/APP to dokkupaas/APP\necho \"dokkupaas/$APP\"\n
"},{"location":"development/plugin-triggers/#deployed-app-image-tag","title":"deployed-app-image-tag
","text":"internal function dokku_deploy_cmd() (deploy phase)
$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# customize the tag version\necho 'not-latest'\n
"},{"location":"development/plugin-triggers/#deployed-app-repository","title":"deployed-app-repository
","text":"internal function dokku_deploy_cmd() (deploy phase)
$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\necho 'derp.dkr.ecr.us-east-1.amazonaws.com'\n
"},{"location":"development/plugin-triggers/#deploy-source-set","title":"deploy-source-set
","text":"git:from-archive
, git:from-image
, git:load-image
, git:sync
, and all git push commands$APP $SOURCE_TYPE $METADATA
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#docker-args-build","title":"docker-args-build
","text":"Warning
Deprecated, please use docker-args-process-build
instead
internal function dokku_build() (build phase)
$APP $IMAGE_SOURCE_TYPE
#!/usr/bin/env bash\n# Sets a docker build-arg called CACHEBUST which can be used\n# to bust cache at any arbitrary point in a Dockerfile build\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nSTDIN=$(cat)\nAPP=\"$1\"; IMAGE_SOURCE_TYPE=\"$2\"\noutput=\"\"\n\nif [[ \"$IMAGE_SOURCE_TYPE\" == \"dockerfile\" ]]; then\n output=\" --build-arg CACHEBUST=$(date +%s)\"\nfi\necho -n \"$STDIN$output\"\n
"},{"location":"development/plugin-triggers/#docker-args-deploy","title":"docker-args-deploy
","text":"Warning
Deprecated, please use docker-args-process-deploy
instead
dokku deploy
$APP $IMAGE_TAG [$PROC_TYPE $CONTAINER_INDEX]
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nAPP=\"$1\"; IMAGE_TAG=\"$2\"; IMAGE=$(get_app_image_name $APP $IMAGE_TAG)\n\n# TODO\n
"},{"location":"development/plugin-triggers/#docker-args-process-build","title":"docker-args-process-build
","text":"$PROC_TYPE
may be set to magic _all_
process type to signify global docker deploy options.dokku ps:rebuild
$APP $IMAGE_SOURCE_TYPE
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\n\nAPP=\"$1\"; IMAGE_SOURCE_TYPE=\"$2\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#docker-args-process-deploy","title":"docker-args-process-deploy
","text":"$PROC_TYPE
may be set to magic _all_
process type to signify global docker deploy options.dokku deploy
$APP $IMAGE_SOURCE_TYPE $IMAGE_TAG [$PROC_TYPE $CONTAINER_INDEX]
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nAPP=\"$1\"; $IMAGE_SOURCE_TYPE=\"$2\" IMAGE_TAG=\"$3\"; PROC_TYPE=\"$4\"; CONTAINER_INDEX=\"$5\"; IMAGE=$(get_app_image_name $APP $IMAGE_TAG)\n\n# TODO\n
"},{"location":"development/plugin-triggers/#docker-args-process-run","title":"docker-args-process-run
","text":"$PROC_TYPE
may be set to magic _all_
process type to signify global docker run options.dokku run
$APP $IMAGE_SOURCE_TYPE $IMAGE_TAG
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nAPP=\"$1\"; IMAGE_SOURCE_TYPE=\"$3\"; IMAGE_TAG=\"$2\"; IMAGE=$(get_app_image_name $APP $IMAGE_TAG)\n\n# TODO\n
"},{"location":"development/plugin-triggers/#docker-args-run","title":"docker-args-run
","text":"Warning
Deprecated, please use docker-args-process-run
instead
dokku run
$APP $IMAGE_TAG
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nAPP=\"$1\"; IMAGE_TAG=\"$2\"; IMAGE=$(get_app_image_name $APP $IMAGE_TAG)\n\n# TODO\n
"},{"location":"development/plugin-triggers/#domains-add","title":"domains-add
","text":"$APP
$DOMAIN
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#domains-disable","title":"domains-disable
","text":"$APP
$RESTART_APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#domains-enable","title":"domains-enable
","text":"$APP
$RESTART_APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#domains-list","title":"domains-list
","text":"$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#domains-urls","title":"domains-urls
","text":"$APP $URL_TYPE
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#domains-vhost-enabled","title":"domains-vhost-enabled
","text":"$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#git-deploy-branch","title":"git-deploy-branch
","text":"$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#git-get-property","title":"git-get-property
","text":"$APP $KEY
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nAPP=\"$1\"; PROPERTY=\"$2\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#git-from-archive","title":"git-from-archive
","text":"git:from-archive
$APP $ARCHIVE_URL $ARCHIVE_TYPE $USER_NAME $USER_EMAIL
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#git-from-directory","title":"git-from-directory
","text":"git:from-image
and git:from-archive
$APP $SOURCECODE_WORK_DIR $USER_NAME $USER_EMAIL
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#git-from-image","title":"git-from-image
","text":"git:from-image
$APP $DOCKER_IMAGE $BUILD_DIR $USER_NAME $USER_EMAIL
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#git-has-code","title":"git-has-code
","text":"$APP $BRANCH_NAME
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#git-post-pull","title":"git-post-pull
","text":"dokku git-upload-pack
$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#git-pre-pull","title":"git-pre-pull
","text":"dokku git-upload-pack
$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
Warning
The git-pre-pull
trigger should not be used for authentication since it does not get called for commands that use git-upload-archive
such as git archive
. Instead, use the user-auth
trigger.
git-revision
","text":"$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#install","title":"install
","text":"dokku plugin:install
.#!/usr/bin/env bash\n# Sets the hostname of the Dokku server\n# based on the output of `hostname -f`\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nif [[ ! -f \"$DOKKU_ROOT/VHOST\" ]]; then\n hostname -f > $DOKKU_ROOT/VHOST\nfi\n
"},{"location":"development/plugin-triggers/#haproxy-template-source","title":"haproxy-template-source
","text":"$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#logs-get-property","title":"logs-get-property
","text":"$APP $KEY
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nAPP=\"$1\"; PROPERTY=\"$2\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#network-build-config","title":"network-build-config
","text":"internally triggered by proxy-build-config within proxy implementations
$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#network-clear-config","title":"network-clear-config
","text":"internally triggered within proxy implementations
$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#network-config-exists","title":"network-config-exists
","text":"internally triggered by core-post-deploy within proxy implementations
$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#network-get-ipaddr","title":"network-get-ipaddr
","text":"internally triggered by a deploy
$APP $PROC_TYPE $CONTAINER_ID
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#network-get-listeners","title":"network-get-listeners
","text":"internally triggered by a deploy
$APP $PROCESS_TYPE
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#network-get-property","title":"network-get-property
","text":"internally triggered by a deploy
$APP $KEY
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#network-get-static-listeners","title":"network-get-static-listeners
","text":"internally triggered by proxy-build-config
$APP $PROCESS_TYPE
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#network-write-ipaddr","title":"network-write-ipaddr
","text":"internally triggered by a deploy
$APP $PROC_TYPE $CONTAINER_INDEX $IP_ADDRESS
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#network-write-port","title":"network-write-port
","text":"internally triggered by a deploy
$APP $PROC_TYPE $CONTAINER_INDEX $PORT
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#nginx-app-template-source","title":"nginx-app-template-source
","text":"sigil
template that should be used to generate a given nginx configuration file.nginx-vhosts#build-config
$APP $TEMPLATE_TYPE
TEMPLATE_TYPE
argument can be one of: [app-config, hsts-config, validate-config]
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\n\nAPP=\"$1\"\nTEMPLATE_TYPE=\"$2\"\ncase \"$TEMPLATE_TYPE\" in\n app-config)\n echo \"$(cd \"$(dirname \"${BASH_SOURCE[0]}\")\" && pwd)/app.conf.sigil\";;\n hsts-config)\n echo \"$(cd \"$(dirname \"${BASH_SOURCE[0]}\")\" && pwd)/hsts.conf.sigil\";;\n validate-config)\n echo \"$(cd \"$(dirname \"${BASH_SOURCE[0]}\")\" && pwd)/validate.conf.sigil\";;\n *)\n dokku_log_fail \"Invalid template type: ${TEMPLATE_TYPE}\"\nesac\n
The default templates are viewable here: plugins/nginx-vhosts/templates/
"},{"location":"development/plugin-triggers/#nginx-dokku-template-source","title":"nginx-dokku-template-source
","text":"sigil
template that should be used to generate the dokku.conf
nginx configuration file.nginx-vhosts#install
sigil
template can make use of the following variables: $.DOKKU_ROOT $.NGINX_ROOT
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\necho \"$(cd \"$(dirname \"${BASH_SOURCE[0]}\")\" && pwd)/dokku.conf.sigil\"\n
The default template is viewable here: plugins/nginx-vhosts/templates/dokku.conf.sigil
"},{"location":"development/plugin-triggers/#nginx-hostname","title":"nginx-hostname
","text":"dokku domains:setup
$APP $SUBDOMAIN $VHOST
#!/usr/bin/env bash\n# Reverses the hostname for the app\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nAPP=\"$1\"; SUBDOMAIN=\"$2\"; VHOST=\"$3\"\n\nNEW_SUBDOMAIN=`echo $SUBDOMAIN | rev`\necho \"$NEW_SUBDOMAIN.$VHOST\"\n
"},{"location":"development/plugin-triggers/#nginx-pre-reload","title":"nginx-pre-reload
","text":"Warning
The arguments INTERNAL_PORT and INTERNAL_IP_ADDRESS are no longer sufficient to retrieve all app listeners. Please run plugn trigger network-get-listeners APP
within any implementation of nginx-pre-reload
in order to retrieve all application listeners.
dokku proxy:build-config
$APP $INTERNAL_PORT $INTERNAL_IP_ADDRESS
#!/usr/bin/env bash\n# Runs a check against all nginx conf files\n# to ensure they are valid\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nnginx -t\n
"},{"location":"development/plugin-triggers/#openresty-template-source","title":"openresty-template-source
","text":"$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#ports-clear","title":"ports-clear
","text":"$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#ports-configure","title":"ports-configure
","text":"internally triggered by proxy plugins
$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#ports-get","title":"ports-get
","text":"$APP $FORMAT
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#ports-get-available","title":"ports-get-available
","text":"$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#ports-get-property","title":"ports-get-property
","text":"$APP $KEY
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nAPP=\"$1\"; PROPERTY=\"$2\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#ports-set-detected","title":"ports-set-detected
","text":"$APP [$PORT_MAPPING...]
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-app-clone","title":"post-app-clone
","text":"dokku apps:clone
$OLD_APP_NAME $NEW_APP_NAME
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-app-clone-setup","title":"post-app-clone-setup
","text":"dokku apps:clone
$OLD_APP_NAME $NEW_APP_NAME
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-app-rename","title":"post-app-rename
","text":"dokku apps:rename
$OLD_APP_NAME $NEW_APP_NAME
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-app-rename-setup","title":"post-app-rename-setup
","text":"dokku apps:rename
$OLD_APP_NAME $NEW_APP_NAME
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-build","title":"post-build
","text":"internal function dokku_build() (build phase)
$BUILDER_TYPE $APP $SOURCECODE_WORK_DIR
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-build-buildpack","title":"post-build-buildpack
","text":"Warning
Deprecated, please use post-build
instead
internal function dokku_build() (build phase)
$APP
$SOURCECODE_WORK_DIR
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-build-dockerfile","title":"post-build-dockerfile
","text":"Warning
Deprecated, please use post-build
instead
internal function dokku_build() (build phase)
$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-build-lambda","title":"post-build-lambda
","text":"Warning
Deprecated, please use post-build
instead
internal function dokku_build() (build phase)
$APP
$SOURCECODE_WORK_DIR
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-build-pack","title":"post-build-pack
","text":"Warning
Deprecated, please use post-build
instead
internal function dokku_build() (build phase)
$APP
$SOURCECODE_WORK_DIR
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-certs-remove","title":"post-certs-remove
","text":"dokku certs:remove
$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nAPP=\"$1\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-certs-update","title":"post-certs-update
","text":"dokku certs:add
, dokku certs:update
$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nAPP=\"$1\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-config-update","title":"post-config-update
","text":"set
or unset
.dokku config:set
, dokku config:unset
$APP
set|unset
key1=VALUE1 key2=VALUE2
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-container-create","title":"post-container-create
","text":"dokku run
, dokku ps:rebuild
, dokku deploy
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-create","title":"post-create
","text":"dokku apps:create
$APP
#!/usr/bin/env bash\n# Runs a command to ensure that an app\n# has a postgres database when it is starting\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nAPP=\"$1\";\nPOSTGRES=\"$1\"\n\ndokku postgres:create $POSTGRES\ndokku postgres:link $POSTGRES $APP\n
"},{"location":"development/plugin-triggers/#post-delete","title":"post-delete
","text":"dokku apps:destroy
$APP $IMAGE_TAG
#!/usr/bin/env bash\n# Runs a command to ensure that an app's\n# postgres installation is removed\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nAPP=\"$1\";\n\ndokku postgres:destroy $APP\n
"},{"location":"development/plugin-triggers/#post-deploy","title":"post-deploy
","text":"Info
Please see core-post-deploy if contributing a core plugin with the post-deploy
hook.
core-post-deploy
. Deployment Tasks are also invoked by this plugin trigger.dokku deploy
$APP $INTERNAL_PORT $INTERNAL_IP_ADDRESS $IMAGE_TAG
#!/usr/bin/env bash\n# Notify an external service that a successful deploy has occurred.\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\ncurl \"http://httpstat.us/200\"\n
"},{"location":"development/plugin-triggers/#post-domains-update","title":"post-domains-update
","text":"dokku domains:add
, dokku domains:clear
, dokku domains:remove
, dokku domains:set
$APP
action name
domains
#!/usr/bin/env bash\n# Reloads haproxy for our imaginary haproxy plugin\n# that replaces the nginx-vhosts plugin\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nsudo service haproxy reload\n
"},{"location":"development/plugin-triggers/#post-extract","title":"post-extract
","text":"receive-app
plugin trigger$APP
$TMP_WORK_DIR
$REV
#!/usr/bin/env bash\n# Adds a clock process to an app's Procfile\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nAPP=\"$1\"\nTMP_WORK_DIR=\"$2\"\nREV=\"$3\" # optional, may not be sent for tar-based builds\n\npushd \"$TMP_WORK_DIR\" >/dev/null\ntouch Procfile\necho \"clock: some-command\" >> Procfile\npopd &>/dev/null\n
"},{"location":"development/plugin-triggers/#post-proxy-ports-update","title":"post-proxy-ports-update
","text":"dokku ports:add
, dokku ports:clear
, dokku ports:remove
$APP
action name
#!/usr/bin/env bash\n# Rebuilds haproxy config for our imaginary haproxy plugin\n# that replaces the nginx-vhosts plugin\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nsource \"$PLUGIN_AVAILABLE_PATH/haproxy/functions\"\nAPP=\"$1\"\n\nhaproxy-build-config \"$APP\"\n
"},{"location":"development/plugin-triggers/#post-registry-login","title":"post-registry-login
","text":"dokku registry:login
$DOCKER_REGISTRY_SERVER $DOCKER_REGISTRY_USER
#!/usr/bin/env bash\n\n# the DOCKER_REGISTRY_PASS env var is also set\necho \"$DOCKER_REGISTRY_PASS\"\n
"},{"location":"development/plugin-triggers/#post-release-builder","title":"post-release-builder
","text":"Warning
Image mutation in this trigger may result in an invalid run state, and is heavily discouraged.
$BUILDER_TYPE $APP $IMAGE
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nBUILDER_TYPE=\"$1\"; APP=\"$2\"; IMAGE=$3\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-stack-set-todo","title":"post-stack-set
TODO","text":"$APP
$VALUE
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-stop","title":"post-stop
","text":"dokku ps:stop
$APP
#!/usr/bin/env bash\n# Marks an app as manually stopped\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nAPP=\"$1\";\n\ndokku config:set --no-restart $APP MANUALLY_STOPPED=1\n
"},{"location":"development/plugin-triggers/#pre-build","title":"pre-build
","text":"internal function dokku_build() (build phase)
$BUILDER_TYPE $APP $SOURCECODE_WORK_DIR
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#pre-build-buildpack","title":"pre-build-buildpack
","text":"Warning
Deprecated, please use pre-build
instead
internal function dokku_build() (build phase)
$APP
$SOURCECODE_WORK_DIR
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#pre-build-dockerfile","title":"pre-build-dockerfile
","text":"Warning
Deprecated, please use pre-build
instead
internal function dokku_build() (build phase)
$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#pre-build-lambda","title":"pre-build-lambda
","text":"Warning
Deprecated, please use pre-build
instead
internal function dokku_build() (build phase)
$APP
$SOURCECODE_WORK_DIR
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#pre-build-pack","title":"pre-build-pack
","text":"Warning
Deprecated, please use pre-build
instead
internal function dokku_build() (build phase)
$APP
$SOURCECODE_WORK_DIR
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#pre-delete","title":"pre-delete
","text":"dokku apps:destroy
$APP $IMAGE_TAG
#!/usr/bin/env bash\n# Clears out the gulp asset build cache for apps\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\n\nAPP=\"$1\"; GULP_CACHE_DIR=\"$DOKKU_ROOT/$APP/gulp\"; IMAGE=$(get_app_image_name $APP $IMAGE_TAG)\n\nif [[ -d $GULP_CACHE_DIR ]]; then\n docker run \"${DOCKER_COMMIT_LABEL_ARGS[@]}\" --rm -v \"$GULP_CACHE_DIR:/gulp\" \"$IMAGE\" find /gulp -depth -mindepth 1 -maxdepth 1 -exec rm -Rf {} \\; || true\nfi\n
"},{"location":"development/plugin-triggers/#pre-deploy","title":"pre-deploy
","text":"Warning
Deprecated, please use pre-release-builder
instead
dokku deploy
$APP $IMAGE_TAG
#!/usr/bin/env bash\n# Runs gulp in our container\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nAPP=\"$1\"; IMAGE_TAG=\"$2\"; IMAGE=$(get_app_image_name $APP $IMAGE_TAG)\n\ndokku_log_info1 \"Running gulp\"\nCID=$(docker run \"${DOCKER_COMMIT_LABEL_ARGS[@]}\" -d $IMAGE /bin/bash -c \"cd /app && gulp default\")\ntest $(docker wait $CID) -eq 0\nDOCKER_COMMIT_LABEL_ARGS=(\"--change\" \"LABEL org.label-schema.schema-version=1.0\" \"--change\" \"LABEL org.label-schema.vendor=dokku\" \"--change\" \"LABEL com.dokku.app-name=$APP\")\ndocker commit \"${DOCKER_COMMIT_LABEL_ARGS[@]}\" $CID $IMAGE >/dev/null\n
"},{"location":"development/plugin-triggers/#pre-disable-vhost","title":"pre-disable-vhost
","text":"dokku domains:disable
$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nAPP=\"$1\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#pre-enable-vhost","title":"pre-enable-vhost
","text":"dokku domains:enable
$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nAPP=\"$1\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#pre-receive-app","title":"pre-receive-app
","text":"IMAGE_SOURCE_TYPE
can be any of [herokuish, dockerfile]
dokku git-hook
, dokku tar-build-locked
$APP $IMAGE_SOURCE_TYPE $TMP_WORK_DIR $REV
#!/usr/bin/env bash\n# Adds a file called `dokku-is-awesome` to the repository\n# the contents will be the app name\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nAPP=\"$1\"; IMAGE_SOURCE_TYPE=\"$2\"; TMP_WORK_DIR=\"$3\"; REV=\"$4\"\n\necho \"$APP\" > \"$TMP_WORK_DIR/dokku-is-awesome\"\n
"},{"location":"development/plugin-triggers/#pre-release-builder","title":"pre-release-builder
","text":"internal function dokku_release() (release phase)
$BUILDER_TYPE $APP $IMAGE
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nBUILDER_TYPE=\"$1\"; APP=\"$2\"; IMAGE_TAG=\"$3\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#pre-release-buildpack","title":"pre-release-buildpack
","text":"Warning
Deprecated, please use pre-release-builder
instead
internal function dokku_release() (release phase)
$APP $IMAGE_TAG
#!/usr/bin/env bash\n# Installs the graphicsmagick package into the container\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nAPP=\"$1\"; IMAGE_TAG=\"$2\"; IMAGE=$(get_app_image_name $APP $IMAGE_TAG)\n\ndokku_log_info1 \"Installing GraphicsMagick...\"\n\nCMD=\"cat > gm && \\\n dpkg -s graphicsmagick &>/dev/null || \\\n (apt-get update -qq && apt-get -qq -y --no-install-recommends install graphicsmagick && apt-get clean)\"\n\nCID=$(docker run $DOKKU_GLOBAL_RUN_ARGS -i -a stdin $IMAGE /bin/bash -c \"$CMD\")\ntest $(docker wait $CID) -eq 0\nDOCKER_COMMIT_LABEL_ARGS=(\"--change\" \"LABEL org.label-schema.schema-version=1.0\" \"--change\" \"LABEL org.label-schema.vendor=dokku\" \"--change\" \"LABEL com.dokku.app-name=$APP\")\ndocker commit \"${DOCKER_COMMIT_LABEL_ARGS[@]}\" $CID $IMAGE >/dev/null\n
"},{"location":"development/plugin-triggers/#pre-release-lambda","title":"pre-release-lambda
","text":"Warning
Deprecated, please use pre-release-builder
instead
internal function dokku_release() (release phase)
$APP $IMAGE_TAG
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nAPP=\"$1\"; IMAGE_TAG=\"$2\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#pre-release-pack","title":"pre-release-pack
","text":"Warning
Deprecated, please use pre-release-builder
instead
internal function dokku_release() (release phase)
$APP $IMAGE_TAG
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nAPP=\"$1\"; IMAGE_TAG=\"$2\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#pre-release-dockerfile","title":"pre-release-dockerfile
","text":"Warning
Deprecated, please use pre-release-builder
instead
internal function dokku_release() (release phase)
$APP $IMAGE_TAG
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nAPP=\"$1\"; IMAGE_TAG=\"$2\"; IMAGE=$(get_app_image_name $APP $IMAGE_TAG)\n\n# TODO\n
"},{"location":"development/plugin-triggers/#pre-restore","title":"pre-restore
","text":"dokku ps:restore
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#pre-start","title":"pre-start
","text":"dokku ps:start
$APP
#!/usr/bin/env bash\n# Notifies an example url that an app is starting\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nAPP=\"$1\";\n\ncurl \"https://dokku.me/starting/${APP}\" || true\n
"},{"location":"development/plugin-triggers/#procfile-get-command","title":"procfile-get-command
","text":"internally
$APP $PROCESS_TYPE $PORT
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#procfile-exists","title":"procfile-exists
","text":"internally
$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#proxy-build-config","title":"proxy-build-config
","text":"internally triggered by ps:restore
$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#proxy-clear-config","title":"proxy-clear-config
","text":"internally triggered by apps:rename
$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#proxy-disable","title":"proxy-disable
","text":"internally triggered by ps:restore
$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#proxy-enable","title":"proxy-enable
","text":"internally triggered by ps:restore
$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#proxy-is-enabled","title":"proxy-is-enabled
","text":"$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#proxy-type","title":"proxy-type
","text":"$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#ps-can-scale","title":"ps-can-scale
","text":"ps:scale
$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#ps-current-scale","title":"ps-current-scale
","text":"$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#ps-set-scale","title":"ps-set-scale
","text":"$APP $SKIP_DEPLOY $CLEAR_EXISTING [$PROCESS_TUPLE...]
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#receive-app","title":"receive-app
","text":"dokku git-hook
, dokku ps:rebuild
$APP $REV
($REV
may not be included in cases where a repository is not pushed)#!/usr/bin/env bash\n# For our imaginary mercurial plugin, triggers a rebuild\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nAPP=\"$1\"; REV=\"$2\"\n\ndokku hg-build $APP $REV\n
"},{"location":"development/plugin-triggers/#receive-branch","title":"receive-branch
","text":"dokku git-hook
, dokku ps:rebuild
$APP $REV $REFNAME
#!/bin/bash\n# Gives Dokku the ability to support multiple branches for a given service\n# Allowing you to have multiple staging environments on a per-branch basis\n\nreference_app=$1\nrefname=$3\nnewrev=$2\nAPP=${refname/*\\//}.$reference_app\n\nif [[ ! -d \"$DOKKU_ROOT/$APP\" ]]; then\n REFERENCE_REPO=\"$DOKKU_ROOT/$reference_app\"\n git clone --bare --shared --reference \"$REFERENCE_REPO\" \"$REFERENCE_REPO\" \"$DOKKU_ROOT/$APP\" >/dev/null\nfi\nplugn trigger receive-app $APP $newrev\n
"},{"location":"development/plugin-triggers/#release-and-deploy","title":"release-and-deploy
","text":"$APP $IMAGE_TAG
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nAPP=\"$1\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#report","title":"report
","text":"dokku report
$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nAPP=\"$1\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#resource-get-property","title":"resource-get-property
","text":"$APP
$PROC_TYPE
$RESOURCE_TYPE
$PROPERTY
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nAPP=\"$1\"; PROC_TYPE=\"$2\" RESOURCE_TYPE=\"$3\" PROPERTY=\"$4\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#retire-container-failed","title":"retire-container-failed
","text":"dokku deploy
$APP
#!/usr/bin/env bash\n# Send an email when a container failed to retire\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nAPP=\"$1\"; HOSTNAME=$(hostname -s)\n\nmail -s \"$APP containers on $HOSTNAME failed to retire\" ops@dokku.me\n
"},{"location":"development/plugin-triggers/#scheduler-app-status","title":"scheduler-app-status
","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
dokku ps:report
$DOKKU_SCHEDULER $APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-deploy","title":"scheduler-deploy
","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
dokku deploy
$DOKKU_SCHEDULER $APP $IMAGE_TAG
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\"; IMAGE_TAG=\"$3\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-detect","title":"scheduler-detect
","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
dokku deploy
$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nAPP=\"$1\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-enter","title":"scheduler-enter
","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
dokku enter
$DOKKU_SCHEDULER $APP $@
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\"; ARGS=\"$@\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-inspect","title":"scheduler-inspect
","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
dokku ps:inspect
$DOKKU_SCHEDULER $APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-is-deployed","title":"scheduler-is-deployed
","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
$DOKKU_SCHEDULER $APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-logs","title":"scheduler-logs
","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
dokku logs:failed
$DOKKU_SCHEDULER $APP $PROCESS_TYPE $TAIL $PRETTY_PRINT $NUM
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\"; PROCESS_TYPE=\"$3\"; TAIL=\"$4\"; PRETTY_PRINT=\"$5\"; NUM=\"$6\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-logs-failed","title":"scheduler-logs-failed
","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
dokku logs:failed
$DOKKU_SCHEDULER $APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-pre-restore","title":"scheduler-pre-restore
","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
dokku ps:restore
$DOKU_SCHEDULER $APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-post-delete","title":"scheduler-post-delete
","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
dokku apps:destroy
$DOKKU_SCHEDULER $APP $IMAGE_TAG
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\"; IMAGE_TAG=\"$3\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-post-deploy-process","title":"scheduler-post-deploy-process
","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
$APP $PROCESS_TYPE
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nAPP=\"$1\"; PROCESS_TYPE=\"$2\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-post-run","title":"scheduler-post-run
","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
dokku run
invocation is calleddokku run
$DOKKU_SCHEDULER $APP $CONTAINER_ID
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\"; CONTAINER_ID=\"$3\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-register-retired","title":"scheduler-register-retired
","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
internally
$APP $CONTAINER_ID
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nAPP=\"$1\";\nCONTAINER_ID=\"$2\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-retire","title":"scheduler-retire
","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
dokku run
$DOKKU_SCHEDULER $APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-run","title":"scheduler-run
","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
dokku run
$DOKKU_SCHEDULER $APP ...ARGS
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\"; ARGS=\"${@:3}\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-run-list","title":"scheduler-run-list
","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
dokku run
$DOKKU_SCHEDULER $APP $FORMAT
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\"; FORMAT=\"$3\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-run-logs","title":"scheduler-run-logs
","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
dokku run
$DOKKU_SCHEDULER $APP $CONTAINER $TAIL $PRETTY_PRINT $NUM
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\"; CONTAINER=\"$3\"; TAIL=\"$4\"; PRETTY_PRINT=\"$5\"; NUM=\"$6\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-run-stop","title":"scheduler-run-stop
","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
dokku run:stop
$DOKKU_SCHEDULER $APP $CONTAINER_NAME
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\"; CONTAINER_NAME=\"$3\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-stop","title":"scheduler-stop
","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
dokku apps:destroy, dokku ps:stop
$DOKKU_SCHEDULER $APP $REMOVE_CONTAINERS
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\"; REMOVE_CONTAINERS=\"$3\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#storage-list","title":"storage-list
","text":"dokku storage:list
and dokku deploy
$APP $PHASE $FORMAT
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nAPP=\"$1\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#traefik-template-source","title":"traefik-template-source
","text":"$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#uninstall","title":"uninstall
","text":"dokku plugin:uninstall
$PLUGIN
#!/usr/bin/env bash\n# Cleanup up extra containers created\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nPLUGIN=\"$1\"\n\n[[ \"$PLUGIN\" = \"my-plugin\" ]] && docker rmi -f \"${PLUGIN_IMAGE_DEPENDENCY}\"\n
To avoid uninstalling other plugins make sure to check the plugin name like shown in the example.
"},{"location":"development/plugin-triggers/#update","title":"update
","text":"dokku plugin:update
.#!/usr/bin/env bash\n# Update the herokuish image from git source\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\ncd /root/dokku\nsudo BUILD_STACK=true make install\n
"},{"location":"development/plugin-triggers/#user-auth","title":"user-auth
","text":"This is a special plugin trigger that is executed on every command run. As Dokku sometimes internally invokes the dokku
command, special care should be taken to properly handle internal command redirects.
Note that the trigger should exit as follows:
0
to continue running as normal1
to halt execution of the commandThe SSH_USER
is the original ssh user. If you are running remote commands, this user will typically be dokku
, and as such should not be trusted when checking permissions. If you are connected via ssh as a different user who then invokes dokku
, the value of this variable will be that user's name (root
, myuser
, etc.).
The SSH_NAME
is the NAME
variable set via the sshcommand acl-add
command. For reference, the following command can be run as the root user to specify a specific NAME
for a given ssh key:
sshcommand acl-add dokku NAME < $PATH_TO_SSH_KEY\n
Note that the NAME
value is set at the first ssh key match. If an ssh key is set in the /home/dokku/.ssh/authorized_keys
multiple times, the first match will decide the value.
dokku
$SSH_USER $SSH_NAME $DOKKU_COMMAND
#!/usr/bin/env bash\n# Allow root/admin users to do everything\n# Deny plugin access to default users\n# Allow access to all other commands\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nSSH_USER=$1\nSSH_NAME=$2\nshift 2\n[[ \"$SSH_USER\" == \"root\" ]] && exit 0\n[[ \"$SSH_NAME\" == \"admin\" ]] && exit 0\n[[ \"$SSH_NAME\" == \"default\" && $1 == plugin:* ]] && exit 1\nexit 0\n
"},{"location":"development/plugin-triggers/#user-auth-app","title":"user-auth-app
","text":"This is a special plugin trigger that is executed when listing apps or checking if an app exists. All Dokku commands should check if an app exists at least once before interacting with them so as not to circumvent the check.
Note that the trigger should exit 0
, and each non-empty line on stdout is captured as a valid app name.
The SSH_USER
is the original ssh user. If you are running remote commands, this user will typically be dokku
, and as such should not be trusted when checking permissions. If you are connected via ssh as a different user who then invokes dokku
, the value of this variable will be that user's name (root
, myuser
, etc.).
The SSH_NAME
is the NAME
variable set via the sshcommand acl-add
command. For reference, the following command can be run as the root user to specify a specific NAME
for a given ssh key:
sshcommand acl-add dokku NAME < $PATH_TO_SSH_KEY\n
Note that the NAME
value is set at the first ssh key match. If an ssh key is set in the /home/dokku/.ssh/authorized_keys
multiple times, the first match will decide the value.
dokku
$SSH_USER $SSH_NAME $DOKKU_COMMAND
#!/usr/bin/env bash\n# hide any apps with the prefix \"admin\"\n# if the logged in user (SSH_USER) or SSH_NAME is not `root`\n\nmain() {\n declare SSH_USER=\"$1\" SSH_NAME=\"$2\" ARGS=(\"${@:3}\")\n\n for arg in \"${ARGS[@]}\"; do\n if [[ \"$arg\" == admin-* ]] && [[ \"$SSH_USER\" != \"root\" ]] && [[ \"$SSH_NAME\" != \"root\" ]]; then\n continue\n fi\n\n echo \"${arg}\"\n done\n}\n\nmain \"$@\"\n
"},{"location":"development/plugin-triggers/#vector-template-source","title":"vector-template-source
","text":"#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/release-process/","title":"Release Process","text":"Dokku is released in intervals at most three weeks apart, though may be released much quicker.
To propose a release, the following tasks need to be performed:
export PACKAGECLOUD_TOKEN=SOME_TOKEN\n# supports major/minor/patch/betafish\ncontrib/release-dokku\n
Info
If you are a maintainer and need the PACKAGECLOUD_TOKEN in order to make a release, please contact @josegonzalez to get this information.
As well, the Arch Linux package description must be updated via vagrant up build-arch
(needs to be done after the tag is pushed to GitHub, because it is based on that)
Dokku follows semver standards. As we are not yet at a stable release, breaking changes will require only a minor release, while all other changes only require a patch release. Once we hit stable, breaking changes will require a major release.
At the moment, tags need not be signed, though that may change in the future.
"},{"location":"development/release-process/#arch-linux-packages","title":"Arch Linux Packages","text":"Arch Linux packages are not really build, because all that is needed for an Arch User Repo (AUR) package is the description of how to build the package. To make this process as easy as possible there is a vagrant box called build-arch
that updates the version of this build description (a file called PKGBUILD
), then runs some helper scripts to fill all additional information and does test if the package could be build. Then only those changes need to be pushed to the AUR repo and an updated version of the package is ready for usage for our Arch Linux users. For detailed information see the section below.
The workflow looks like this:
# having dokku-arch in ../dokku-arch\nvagrant up build-arch\n# wait for \"==> build-arch: ==> Finished making: dokku 0.35.0-2 (Mon Feb 22 23:20:37 CET 2016)\"\ncd ../dokku-arch\ngit add PKGBUILD .SRCINFO\ngit commit -m 'Update to dokku 0.9.9'\ngit push aur master\n
Info
If you are a maintainer and need access to the AUR repositories in order to make a release, please contact @morrisjobke or @josegonzalez to get this co-maintainership.
"},{"location":"development/release-process/#detailed-information-for-arch-linux-packages","title":"Detailed information for Arch Linux packages","text":"All of the information to build the Arch Linux package is in the AUR git repository (see dokku AUR page). The release of a AUR package only consists of pushing the package information into the AUR git repo. Then users could use that information to build the package on their machines.
To update the package clone the repository and adjust the files in the repository. Then a helper script - updpkgsums
- to update the SHA sum could be called (check against the original SHA sum). Another helper script - mksrcinfo
- needs to be called to update the meta information of the package in a file called .SRCINFO
. The next step builds the package locally for verification - makepkg
. As last step commit your changes and push the commit.
depends
attribute in PKGBUILD
package()
method in PKGBUILD
dokku.install
PKGBUILD
could be found in the Arch Linux wikiThat is the usual workflow:
updpkgsums # update sha sums - compare them with the original ones\nmksrcinfo # update package metadata for AUR\nmakepkg # test package builds\ngit add PKGBUILD .SRCINFO\ngit commit -m 'Update to dokku 0.9.9'\ngit push\n
Info
If there is something unclear simply ask @morrisjobke for help.
"},{"location":"development/testing/","title":"Running Tests","text":"Dokku has a full test suite to assist in quick iterating development. These tests include a linter using shellcheck, functional unit tests using the Bats testing framework, and a deployment suite of example apps that use the most popular languages and frameworks.
We maintain the Dokku test harness within the tests
directory:
tests/unit/*.bats
: Bats teststests/apps/
: Example applications that can be used for testsAll pull requests have tests run against them on GitHub Actions, a continuous integration platform that provides Docker support for Ubuntu Jammy 22.04.
If you wish to skip tests for a particular commit, e.g. documentation changes, you may add the [ci skip]
designator to your commit message. Commits that should be tested but have the above designator will not be merged.
While we do provide official packages for a variety of platforms, as our test suite currently runs on Ubuntu Jammy 22.04, we only provide official installation support for that platform and the supported LTS releases of Ubuntu (currently 20.04, 22.04, and 24.04).
"},{"location":"development/testing/#local-test-execution","title":"Local Test Execution","text":""},{"location":"development/testing/#vagrant-vm","title":"Vagrant VM","text":"vagrant ssh\nsudo su -\ncd ~/dokku\nmake ci-dependencies setup-deploy-tests\n
After making changes to your local Dokku clone, don't forget to update the Vagrant Dokku install.
# update vagrant dokku install from local git clone\nmake copyfiles\n\n# build a specific plugin\nmake go-build-plugin copyplugin PLUGIN_NAME=apps\n
"},{"location":"development/testing/#vscode-dev-container","title":"VSCode Dev Container","text":"make ci-dependencies setup-deploy-tests\n
After making changes to your local Dokku clone, don't forget to update the Vagrant Dokku install.
# update vagrant dokku install from local git clone\nmake copyfiles\n\n# build a specific plugin\nmake go-build-plugin copyplugin PLUGIN_NAME=apps\n
"},{"location":"development/testing/#executing-tests","title":"Executing tests","text":"Execute the entire test suite (linter, bats tests, and app deployment tests):
make test\n
Run the linter
make lint\n
Execute all bats tests
make unit-tests\n
Execute all app deployment tests
make deploy-tests\n
"},{"location":"development/testing/#executing-app-tests","title":"Executing App Tests","text":"You may run a specific app deployment tests with a target similar to:
make deploy-test-nodejs-express\n
For a full list of test make targets check out tests.mk
in the root of the Dokku repository.
When working on a particular plugin, it may be useful to run only a particular test suite. This can be done by specifying the test suite path:
bats tests/unit/apps_1.bats\n
It is also possible to target multiple test suites at a time.
bats tests/unit/apps_1.bats tests/unit/certs.bats\n
"},{"location":"development/testing/#executing-a-single-test","title":"Executing a single test","text":"In order to increase testing velocity, a wrapper script around Bats is available that can be used to run a single test case within a suite.
Tests within a suite may be listed by specifying the suite as a parameter to bats
.
bats tests/unit/apps_1.bats\n
A single test can be specified via the --filter
argument. The tests are selected via regex match, and all matches are executed.
bats --filter list tests/unit/apps_1.bats\n
"},{"location":"enterprise/pro/","title":"Dokku Pro","text":"Dokku Pro is a commercial offering that provides a familiar Web UI for all common tasks performed by developers. End users can expect an interface that provides various complex cli commands in an intuitive, app-centric manner, quickly speeding up tasks that might otherwise be difficult for new and old users to perform. Additionally, it provides a way to perform these tasks remotely via a json api, enabling easier, audited remote management of servers. Finally, Dokku Pro provides an alternative, https-based method for deploying code which can be used in environments that lockdown ssh access to servers.
"},{"location":"enterprise/pro/#purchasing","title":"Purchasing","text":"Dokku Pro may be purchased online by clicking the following purchase link:
Dokku Pro Purchase Link
Info
Currently, the server must be able to contact the public internet to validate the license, or it will fail to start. For offline support, inquire for enterprise offline licensing.
"},{"location":"enterprise/pro/#installation","title":"Installation","text":"Dokku Pro is shipped as Debian and RPM packages, and depends on the following files:
/etc/default/dokku-pro
: Configures certain environment variables for usage by the dokku-pro binary/etc/dokku-pro/license.key
: Contains the downloaded license key/var/lib/dokku/data/pro/db
: Contains the local dokku-pro databasePlease refer to the purchase email for details on configuring Dokku Pro.
"},{"location":"enterprise/pro/#features-and-development","title":"Features and Development","text":"Dokku Pro has the following functionality:
While each release is fairly feature complete, individual features and documentation will expand over time. Feature development follows a monthly release cadence, with individual bug fixes released on an as needed basis.
"},{"location":"getting-started/advanced-installation/","title":"Advanced installation","text":""},{"location":"getting-started/advanced-installation/#installing-via-other-methods","title":"Installing via other methods","text":"For various reasons, certain hosting providers may have other steps that should be preferred to the above. If hosted on any of the following popular hosts, please follow the linked to instructions:
As well, you may wish to customize your installation in some other fashion. or experiment with Vagrant. The guides below should get you started:
You can always install Dokku straight from the latest - potentially unstable - master
branch via the following Bash command:
# using a branch results in installing from source\nwget -NP . https://dokku.com/install/master/bootstrap.sh;\nsudo DOKKU_BRANCH=master bash bootstrap.sh\n
"},{"location":"getting-started/advanced-installation/#development","title":"Development","text":"If you plan on developing Dokku, the easiest way to install from your own repository is cloning the repository and calling the install script. Example:
git clone https://github.com/yourusername/dokku.git\ncd dokku\nsudo make install\n
The Makefile
allows source URLs to be overridden to include customizations from your own repositories. The DOCKER_URL
, PLUGN_URL
, SSHCOMMAND_URL
and STACK_URL
environment variables may be set to override the defaults (see the Makefile
for how these apply). Example:
sudo SSHCOMMAND_URL=https://raw.githubusercontent.com/yourusername/sshcommand/master/sshcommand make install\n
"},{"location":"getting-started/advanced-installation/#bootstrap-a-server-from-your-own-repository","title":"Bootstrap a server from your own repository","text":"The bootstrap script allows the Dokku repository URL to be overridden to bootstrap a host from your own clone of Dokku using the DOKKU_REPO
environment variable. Example:
wget -NP . https://dokku.com/install/master/bootstrap.sh;\nchmod +x bootstrap.sh\nsudo DOKKU_REPO=https://github.com/yourusername/dokku.git DOKKU_BRANCH=master ./bootstrap.sh\n
"},{"location":"getting-started/advanced-installation/#custom-herokuish-build","title":"Custom Herokuish build","text":"Dokku ships with a pre-built version of the Herokuish component by default. If you want to build your own version you can specify that with an environment variable.
git clone https://github.com/dokku/dokku.git\ncd dokku\nsudo BUILD_STACK=true STACK_URL=https://github.com/gliderlabs/herokuish.git make install\n
"},{"location":"getting-started/advanced-installation/#skipping-herokuish-installation","title":"Skipping Herokuish installation","text":"The Herokuish package is recommended but not required if not using Heroku buildpacks for deployment. Debian-based OS users can run the bootstrap installer via sudo DOKKU_NO_INSTALL_RECOMMENDS=\" --no-install-recommends \" bash bootstrap.sh
to skip the dependency. Please note that this will also skip installation of other recommended dependencies.
Once Dokku is installed, you'll want to configure the virtualhost setup as well as the push user. If you do not, your installation will be considered incomplete and you will not be able to deploy applications.
For Debian, unattended installation is described Debian installation guide.
Set up a domain using your preferred vendor and a wildcard domain pointing to the host running Dokku. You can manage this global domain using the domains plugin.
Follow the user management documentation in order to add SSH keys for users to Dokku, or to give other Unix accounts access to Dokku.
"},{"location":"getting-started/advanced-installation/#vms-with-less-than-1-gb-of-memory","title":"VMs with less than 1 GB of memory","text":"Having less than 1 GB of system memory available for Dokku and its containers may result in unexpected errors, such as ! [remote rejected] master -> master (pre-receive hook declined)
during installation of NPM dependencies.
To work around this issue, it might suffice to augment the Linux swap file size to a maximum of twice the physical memory size.
To resize the swap file of a 512 MB machine to 1 GB, follow these steps while in SSH within your machine:
cd /var\ntouch swap.img\nchmod 600 swap.img\n\ndd if=/dev/zero of=/var/swap.img bs=1024k count=1000\nmkswap /var/swap.img\nswapon /var/swap.img\nfree\n\necho \"/var/swap.img none swap sw 0 0\" >> /etc/fstab\n
Reference
"},{"location":"getting-started/troubleshooting/","title":"Troubleshooting","text":"New
Introduced in 0.17.0
trace:on # Enables trace mode\ntrace:off # Disables trace mode\n
"},{"location":"getting-started/troubleshooting/#trace-mode","title":"Trace Mode","text":"By default, Dokku will constrain the amount of output displayed for any given command run. The verbosity of output can be increased by enabling trace mode. Trace mode will turn on the set -x
flag for bash plugins, while other plugins are free to respect the environment variable DOKKU_TRACE
and log differently as approprate. Trace mode can be useful to see where plugins are running commands that would otherwise be unexpected.
To enable trace mode, run trace:on
dokku trace:on\n
-----> Enabling trace mode\n
Trace mode can be disabled with trace:off
dokku trace:off\n
-----> Disabling trace mode\n
"},{"location":"getting-started/troubleshooting/#common-problems","title":"Common Problems","text":""},{"location":"getting-started/troubleshooting/#i-deployed-my-app-but-i-am-getting-the-default-nginx-page","title":"I deployed my app but I am getting the default nginx page","text":"Most of the time it's caused by some defaults newer versions of nginx set. To make sure that's the issue you're having run the following:
nginx -t\n## nginx: [emerg] could not build the server_names_hash, you should increase server_names_hash_bucket_size: 32\n
If you get a similar error just edit /etc/nginx/nginx.conf
and add the following line to your http
section:
http {\n (... existing content ...)\n server_names_hash_bucket_size 64;\n (...)\n}\n
Note that the server_names_hash_bucket_size
setting defines the maximum domain name length. A value of 64 would allow domains with up to 64 characters. Set it to 128 if you need longer ones.
Save the file and try stopping nginx and starting it again:
dokku nginx:stop\ndokku nginx:start\n
Using the EXPOSE
directive in a Dockerfile may be another reason why you might see the default site. When the EXPOSE
directive is in use and a proxy plugin is enabled (the default), the proxy plugin will listen to requests on the ports specified in the EXPOSE
stanza.
For example, if you have an EXPOSE
directive like so:
EXPOSE 8000\n
The port mapping will be http:8000:8000
.
To avoid this issue, either of the following can be done:
EXPOSE
directive: This will require respecting the $PORT
environment variable (automatically set by Dokku). Once that change is deployed, the port mapping should be cleared via the dokku ports:clear $APP
command (where $APP
is your app name).80
to your app's exposed port via dokku ports:set $APP http:80:$EXPOSED_PORT
can also fix the issue. This will also allow certificate management and the letsencrypt plugin to work correctly.See the port management documentation for more information on how Dokku exposes ports for applications and how you can configure these for your app.
"},{"location":"getting-started/troubleshooting/#i-want-to-deploy-my-app-but-while-pushing-i-get-the-following-error","title":"I want to deploy my app, but while pushing I get the following error","text":"The following error may be emitted from a deploy:
! [remote rejected] master -> master (pre-receive hook declined)\n
The remote rejected
error does not give enough information. Anything could have failed. Enable trace mode and begin debugging. If this does not help you, create a gist containing the full log, and create an issue.
One the reasons why you may get this error is because the command that is run in the container exited (without errors). For example, (in Procfile) when you define a new worker container to run Delayed Job and use the bin/delayed_job start command. This command deamonizes the process and exists. The container thinks it's done so it closes itself. The error you get is the one above. To fix the above problem for Delayed Job, you must define the worker to user rake jobs:work, which doesn't deamonize the process.
"},{"location":"getting-started/troubleshooting/#i-get-the-aforementioned-error-in-the-build-phase-after-turning-on-dokku-tracing","title":"I get the aforementioned error in the build phase (after turning on Dokku tracing)","text":"Most errors that happen in this phase are due to transient network issues (either locally or remotely) buildpack bugs.
Find the failed phase's container image (077581956a92
in this example).
docker ps -a | grep build\n## 94d9515e6d93 077581956a92 \"/build\" 29 minutes ago Exited (0) 25 minutes ago cocky_bell\n
Start a new container with the failed image and poke around (i.e. ensure you can access the internet from within the container or attempt the failed command, if known).
docker run -ti 077581956a92 /bin/bash\ncurl -s -S icanhazip.com\n## 192.168.0.1\ncurl http://s3pository.heroku.com/node/v0.10.30/node-v0.10.30-linux-x64.tar.gz -o node-v0.10.30-linux-x64.tar.gz\ntar tzf node-v0.10.30-linux-x64.tar.gz\n## ...\n
Sometimes (especially on DigitalOcean) deploying again seems to get past these seemingly transient issues. Additionally we've seen issues if changing networks that have different DNS resolvers. In this case, you can run the following to update your resolv.conf
.
resolvconf -u\n
Please see #841 and #649.
"},{"location":"getting-started/troubleshooting/#after-adding-an-ssh-key-i-am-told-i-cannot-read-from-the-remote-repository-on-push","title":"After adding an SSH key, I am told I cannot read from the remote repository on push","text":"Connection closed by <host> port 22\nfatal: Could not read from remote repository.\n\nPlease make sure you have the correct access rights\nand the repository exists.\n
Certain systems may have access to the dokku
user via SSH disabled. Please check that the dokku
user is allowed access to the system in the file /etc/security/access.conf
. As Dokku does not manage this file, please consult your Operating System's documentation for more information.
Sometimes the following error message may be shown on push
fatal: 'NAME' does not appear to be a git repository\nfatal: Could not read from remote repository.\n
You get asked for a password because your SSH secret key can't be found. This may happen if the private key corresponding to the public key you added with sshcommand acl-add
is not located in the default location ~/.ssh/id_rsa
.
You have to point SSH to the correct secret key for your domain name. Add the following to your ~/.ssh/config
:
Host DOKKU_HOSTNAME\n IdentityFile \"~/.ssh/KEYNAME\"\n
Also see issue #116.
"},{"location":"getting-started/troubleshooting/#i-successfully-deployed-my-application-with-no-deployment-errors-and-receiving-bad-gateway-when-attempting-to-access-the-application","title":"I successfully deployed my application with no deployment errors and receiving Bad Gateway when attempting to access the application","text":"In many cases the application will require the a process.env.PORT
port opposed to a specified port.
When specifying your port you may want to use something similar to:
var port = process.env.PORT || 3000\n
Please see #282.
Additionally, your application should listen/bind to all interfaces (0.0.0.0
). Many frameworks default to listening on 127.0.0.1
.
Please see #5798.
"},{"location":"getting-started/troubleshooting/#deployment-fails-because-of-slow-internet-connection-messages-shows-gzip-stdin-unexpected-end-of-file","title":"Deployment fails because of slow internet connection, messages showsgzip: stdin: unexpected end of file
","text":"If you see output similar this when deploying:
Command: 'set -o pipefail; curl --fail --retry 3 --retry-delay 1 --connect-timeout 3 --max-time 30 https://s3-external-1.amazonaws.com/heroku-buildpack-ruby/ruby-2.0.0-p451-default-cache.tgz -s -o - | tar zxf -' failed unexpectedly:\n !\n ! gzip: stdin: unexpected end of file\n ! tar: Unexpected EOF in archive\n ! tar: Unexpected EOF in archive\n ! tar: Error is not recoverable: exiting now\n
it might that the cURL command that is supposed to fetch the buildpack (anything in the low megabyte file size range) takes too long to finish, due to slowish connection. To overwrite the default values (connection timeout: 90 seconds, total maximum time for operation: 600 seconds), set the following environment variables:
dokku config:set --global CURL_TIMEOUT=1200\ndokku config:set --global CURL_CONNECT_TIMEOUT=180\n
Please see #509.
Another reason for this error (although it may respond immediately ruling out a timeout issue) may be because you've set the config setting SSL_CERT_FILE
. Using a config setting with this key interferes with the buildpack's ability to download its dependencies, so you must rename the config setting to something else, e.g. MY_APP_SSL_CERT_FILE
.
Killed
message","text":"This generally occurs when the server runs out of memory. You can either add more RAM to your server or setup swap space. The follow script will create 2 GB of swap space.
sudo install -o root -g root -m 0600 /dev/null /swapfile\ndd if=/dev/zero of=/swapfile bs=1k count=2048k\nmkswap /swapfile\nswapon /swapfile\necho \"/swapfile swap swap auto 0 0\" | sudo tee -a /etc/fstab\nsudo sysctl -w vm.swappiness=10\necho vm.swappiness = 10 | sudo tee -a /etc/sysctl.conf\n
"},{"location":"getting-started/troubleshooting/#i-successfully-deployed-my-application-with-no-deployment-errors-but-im-receiving-connection-timeout-when-attempting-to-access-the-application","title":"I successfully deployed my application with no deployment errors but I'm receiving Connection Timeout when attempting to access the application","text":"This can occur if Dokku is running on a system with a firewall like UFW enabled (some OS versions like Ubuntu have this enabled by default). You can check if this is your case by running the following script:
sudo ufw status\n
If the previous script returned Status: active
and a list of ports, UFW is enabled and is probably the cause of the symptom described above. To disable it, run:
sudo ufw disable\n
"},{"location":"getting-started/troubleshooting/#i-cant-connect-to-my-application-because-the-server-is-sending-an-invalid-response-or-cant-provide-a-secure-connection","title":"I can't connect to my application because the server is sending an invalid response, or can't provide a secure connection","text":"This isn't usually an issue with Dokku, but rather an app config problem. This can happen when your application is configured to enforce secure connections/HSTS, but you don't have SSL set up for the app.
In Rails at least, if your application.rb
or environmnents/production.rb
include the line configure.force_ssl = true
which includes HSTS, try commenting that out and redeploying.
If this solves the issue temporarily, longer term you should consider configuring SSL.
"},{"location":"getting-started/troubleshooting/#my-application-deploys-properly-but-wont-load-in-browser-connection-refused","title":"My application deploys properly, but won't load in browser \"connection refused\"","text":"This could be a result of a bad proxy configuration (http:5000:5000
may be incorrect). Run dokku ports:report node-js-app
to check if your app has the correct proxy configuration. It should show something like the following.
=====> node-js-app ports information\n Port map: http:80:5000 https:443:5000\n
Set dokku ports:set node-js-app http:80:5000
to get proxy correctly configured for http endpoint.
Sometimes nginx does something funky and cant actually reload for whatever reason.
# Validate the configuration\n$ sudo nginx -t\nnginx: the configuration file /etc/nginx/nginx.conf syntax is ok\nnginx: configuration file /etc/nginx/nginx.conf test is successful\n\n$ sudo service nginx restart\n\n# Re-enable Letsencrypt\n
Example: existing AppA (https) and AppB(https), deployed NEW (non-https) then noticed right away NEW's subdomain showed AppB's content and cert but under its own subdomain (cert miss-match of course). AppB still works. AppA also changed to show AppB content and cert.. Other apps were unaffected.
Consider caddy and traefik support via docker containers if this continues to be an issue.
"},{"location":"getting-started/uninstalling/","title":"Uninstalling","text":"While we hate to see you go, if you need to uninstall Dokku, the following may help you out:
"},{"location":"getting-started/uninstalling/#arch-uninstallation","title":"Arch Uninstallation","text":"# purge dokku from your system\nyay -Rsn dokku\n
"},{"location":"getting-started/uninstalling/#debian-uninstallation","title":"Debian Uninstallation","text":"# purge dokku from your system\napt-get purge dokku herokuish\n\n# remove any dependencies that are no longer necessary\napt-get autoremove\n
"},{"location":"getting-started/uninstalling/#makefile-uninstallation","title":"Makefile Uninstallation","text":"This is a manual deletion process, and as it is not a recommended installation method, there is currently no automated uninstallation.
All service plugins should be unlinked from applications, stopped, and destroyed.
All applications should be stopped, and all docker containers and images deleted:
# stop all applications\ndokku ps:stop --all\n\n# cleanup containers and images\ndokku cleanup\n
The following user/group must be deleted:
dokku
dokku
The following directories must be deleted:
~dokku
/var/lib/dokku
/var/log/dokku
If you\u2019re stuck, there are a number of places you can get help:
"},{"location":"getting-started/where-to-get-help/#the-official-dokku-website","title":"The Official Dokku Website","text":"The Official Dokku website is always a great place to visit. It features links to oft-used developer tools, community plugins, and guides on using Dokku.
"},{"location":"getting-started/where-to-get-help/#monitored-locations","title":"Monitored Locations","text":"The Code Of Conduct applies to all actively monitored Dokku discussion areas. Please be mindful of your neighbors on the internet.
"},{"location":"getting-started/where-to-get-help/#forums","title":"Forums","text":"GitHub Discussions is a new way for the Dokku community to interact with each other! This is a place to ask questions to the community or discuss potential feature requests before filing issues.
"},{"location":"getting-started/where-to-get-help/#the-slack-channel","title":"The Slack Channel","text":"#dokku
channel)If you\u2019re stumped, give us a holler in the Dokku Slack channel. Someone from the development team is usually there, especially during the daylight hours for North and South American users. We\u2019d love to hear from you, whether you need some help, want to find users in your area, or would like to donate our brand new sports car.
Chat is synced to Discord and IRC.
"},{"location":"getting-started/where-to-get-help/#discord","title":"Discord","text":"We provide a Dokku Discord that folks can use to ask questions or comments about the project. Someone from the development team is usually there, especially during the daylight hours for North and South American users. Feel free to join us online!
Chat is synced to IRC and Slack.
"},{"location":"getting-started/where-to-get-help/#unmonitored-locations","title":"Unmonitored Locations","text":"You may find help on these locations, but they are not actively monitored by the development team. The Code of Conduct still applies.
"},{"location":"getting-started/where-to-get-help/#stack-overflow","title":"Stack Overflow","text":"Tag your questions with dokku
to enable existing users of Stack Overflow to find your questions.
This location isn't as well monitored as Slack, and loses history. Chat is synced to Discord and Slack
"},{"location":"getting-started/install/azure/","title":"Microsoft Azure Installation Notes","text":"If you don't already have one generate an SSH key pair.
Go to the Dokku on Azure deployment page and click Deploy to Azure.
You'll be prompted to enter a few parameters, including a unique storage account name and a unique name for the subdomain used for your public IP address. For the sshKeyData
parameter, copy and paste the contents of the public key file you just created. After a few minutes the Dokku instance will be deployed.
Once the installation is complete, you should configure an ssh key and set your global domain.
# usually your key is already available under the current user's `~/.ssh/authorized_keys` file\ncat ~/.ssh/authorized_keys | dokku ssh-keys:add admin\n\n# you can use any domain you already have access to\n# this domain should have an A record or CNAME pointing at your server's IP\ndokku domains:set-global dokku.me\n\n# you can also use the ip of your server\ndokku domains:set-global 10.0.0.2\n\n# finally, you can use sslip.io to get subdomain support\n# as you would with a regular domain name\n# this would be done by appending `.sslip.io` to your ip address\ndokku domains:set-global 10.0.0.2.sslip.io\n
See the user management and domains documentation for more information.
"},{"location":"getting-started/install/debian/","title":"Debian Package Installation Notes","text":"As of 0.3.18, Dokku defaults to being installed via Debian package. While certain hosts may require extra work to get running, you may optionally wish to automate the installation of Dokku without the use of our bootstrap.sh
Bash script. The following are the steps run by said script:
# install docker\nwget -nv -O - https://get.docker.com/ | sh\n\n# install dokku\nwget -qO- https://packagecloud.io/dokku/dokku/gpgkey | sudo tee /etc/apt/trusted.gpg.d/dokku.asc\n# programmatically determine distro and codename\nDISTRO=\"$(awk -F= '$1==\"ID\" { print tolower($2) ;}' /etc/os-release)\"\nOS_ID=\"$(awk -F= '$1==\"VERSION_CODENAME\" { print tolower($2) ;}' /etc/os-release)\"\necho \"deb https://packagecloud.io/dokku/dokku/${DISTRO}/ ${OS_ID} main\" | sudo tee /etc/apt/sources.list.d/dokku.list\nsudo apt-get update -qq >/dev/null\nsudo apt-get -qq -y install dokku\nsudo dokku plugin:install-dependencies --core\n
"},{"location":"getting-started/install/debian/#unattended-installation","title":"Unattended installation","text":"In case you want to perform an unattended installation of Dokku, this is made possible through debconf, which allows you to configure a package before installing it.
You can set any of the below options through the debconf-set-selections
command, for example to enable vhost-based deployments:
echo \"dokku dokku/vhost_enable boolean true\" | sudo debconf-set-selections\n
After setting the desired options, proceed with the installation as described above.
"},{"location":"getting-started/install/debian/#debconf-options","title":"debconf options","text":"Name Type Default Description dokku/vhost_enable boolean false Use vhost-based deployments (e.g.[yourapp].dokku.me
) dokku/hostname string dokku.me Hostname, used as vhost domain and for showing app URL after deploy dokku/skip_key_file boolean false Don't check for the existence of the dokku/key_file. Warning: Setting this to true, will require you to manually add an SSH key later on. dokku/key_file string /root/.ssh/id_rsa.pub Path on disk to an SSH key to add to the Dokku user (Will be ignored on dpkg-reconfigure
) dokku/nginx_enable boolean true Enable nginx-vhosts plugin"},{"location":"getting-started/install/digitalocean/","title":"DigitalOcean Droplet Installation Notes","text":"DigitalOcean offers a pre-installed Dokku image. You can run this image on any sized Droplet, although larger Droplets will allow you to run larger applications.
Info
Please disable IPv6. There are known issues with IPv6 on DigitalOcean and Docker. If you would like to run Dokku on an IPv6 DigitalOcean Droplet, please consult this guide.
cat $HOME/.ssh/id_rsa.pub
.ssh root@$SERVER_IP
, where $SERVER_IP
is your server's IP address.rm /etc/nginx/sites-enabled/default
If you added more than one key, use the dokku ssh-keys:add
to add an ssh key to the dokku user:
echo \"$CONTENTS_OF_YOUR_PUBLIC_SSH_KEY_HERE\" | dokku ssh-keys:add KEY_NAME\n
Ensure your server has a correct global hostname via dokku domains:set-global
# replace dokku.me with a hostname pointed at your server\ndokku domains:set-global dokku.me\n
Once the web UI has been submitted, you will be redirected to our application deployment tutorial, which will guide you through deploying a sample application to your Dokku server.
Pull the dokku/dokku image:
docker pull dokku/dokku:0.35.0\n
Next, run the image.
docker container run -d \\\n --env DOKKU_HOSTNAME=dokku.me \\\n --env DOKKU_HOST_ROOT=/var/lib/dokku/home/dokku \\\n --env DOKKU_LIB_HOST_ROOT=/var/lib/dokku/var/lib/dokku \\\n --name dokku \\\n --publish 3022:22 \\\n --publish 8080:80 \\\n --publish 8443:443 \\\n --volume /var/lib/dokku:/mnt/dokku \\\n --volume /var/run/docker.sock:/var/run/docker.sock \\\n dokku/dokku:0.35.0\n
Alternatively, you can use docker-compose.yml
:
services:\n dokku:\n image: dokku/dokku:0.35.0\n container_name: dokku\n network_mode: bridge\n ports:\n - \"3022:22\"\n - \"8080:80\"\n - \"8443:443\"\n volumes:\n - \"/var/lib/dokku:/mnt/dokku\"\n - \"/var/run/docker.sock:/var/run/docker.sock\"\n environment:\n DOKKU_HOSTNAME: dokku.me\n DOKKU_HOST_ROOT: /var/lib/dokku/home/dokku\n DOKKU_LIB_HOST_ROOT: /var/lib/dokku/var/lib/dokku\n restart: unless-stopped\n
The above command will start a new docker container that is ready when a message similar to Runit started as PID 12345
appears.
Dokku is run in the following configuration:
dokku.me
on boot./var/lib/dokku
directory./home/dokku
.Application repositories, plugin config, as well as plugin data are persisted to disk within the specified host directory for /var/lib/dokku
.
Other docker container options can also be used when running Dokku, though the specific outcome will depend upon the specified options. For example, the Dokku container's nginx port can be bound to a specific host ip by specifying --publish $HOST_IP:8080:80
, where $HOST_IP
is the IP desired. Please see the docker container run documentation for further explanation for various docker arguments.
To install custom plugins, create a plugin-list
file in the host's /var/lib/dokku
directory. The plugins listed herein will be automatically installed by Dokku on container boot. This file should be the following format:
plugin_name: repository_url\n
An example for installing the postgres and redis plugins follows:
postgres: https://github.com/dokku/dokku-postgres.git\nredis: https://github.com/dokku/dokku-redis.git\n
"},{"location":"getting-started/install/docker/#prior-to-dokku-start","title":"Prior to Dokku start","text":"The alternative is to build a custom docker image via a custom Dockerfile. This Dockerfile can run any plugin:install
command. Note that the version installed at that time will be the one that persists. Below is an example Dockerfile showing this method.
FROM dokku/dokku:0.35.0\nRUN dokku plugin:install https://github.com/dokku/dokku-postgres.git postgres\nRUN dokku plugin:install https://github.com/dokku/dokku-redis.git redis\n
"},{"location":"getting-started/install/docker/#ssh-key-management","title":"SSH Key Management","text":"To initialize ssh-keys within the container, use docker exec
to enter the container:
docker exec -it dokku bash\n
Next, run the appropriate ssh-keys commands:
echo \"$CONTENTS_OF_YOUR_PUBLIC_SSH_KEY_HERE\" | dokku ssh-keys:add KEY_NAME\n
Please see the user management documentation for more information.
"},{"location":"getting-started/install/docker/#pushing-applications","title":"Pushing Applications","text":"When exposing the Dokku container's SSH port (22) on 3022, something similar to the following will need to be setup within the user's ~/.ssh/config
:
Host dokku.docker\n HostName 127.0.0.1\n Port 3022\n
In the above example, the hostname 127.0.0.1
is being aliased to dokku.docker
, while the port is being overridden to 3022
. All SSH commands - including git pushes - for the hostname dokku.docker
will be transparently sent to 127.0.0.1:3022
.
Cloud-init script can be used to automate installation of Dokku on Dreamhost (or any other OpenStack-compatible cloud with minimal changes).
A new server instance can be created on DreamHost Cloud from the command line using OpenStack client or from the web UI and with the same command use a cloud-init script to install Dokku. Install the OpenStack CLI, download the DreamHost Cloud credentials file before proceeding and make sure your public SSH key is added to the cloud.
source openrc.sh # Set the environment variables for DreamHost Cloud\n
This allows OpenStack client to connect to DreamHost API endpoints. The command below creates a new server instance named my-dokku-instance
based on Ubuntu 24.04, with 2 GB RAM and 1 CPU (the flavor called supersonic
), opening network port access to HTTP and SSH (the default
security group), and the name of the chosen SSH key. This key will be automatically added to the new server in the authorized_keys
for the default SSH user (ubuntu
), and it will be reused by Dokku.
openstack server create \\\n --image Ubuntu-24.04 \\\n --flavor gp1.supersonic \\\n --security-group default \\\n --key-name $YOUR_SSH_KEYNAME \\\n --user-data dokku-cloudinit.sh \\\n my-dokku-instance\n
The content of dokku-cloudinit.sh script contains instructions to add Docker and Dokku's apt repositories and install Dokku with the proper debconf options set. Don't forget to add the FQDN for your application server:
#cloud-config\n\napt:\n sources:\n source_dokku: \n source: 'deb https://packagecloud.io/dokku/dokku/ubuntu/ $RELEASE main'\n key: |\n -----BEGIN PGP PUBLIC KEY BLOCK-----\n Version: GnuPG v1.4.11 (GNU/Linux)\n\n mQINBFu7hksBEADJfS1wB4JJmVcJ3FYoY/F3DmEsg2/NSj/TleB7hkdFPGTaOEef\n c6SrK6bkQas8CzCZXskg3FFUFyxJwP0yQFosJ7nQCXbuaCzkGyOaob/2D4lqniKu\n lyFvZuN0Evh2SoJYB6Idiy3rG58/KMQxJ/73HjcrOPxwpcfIE+rfey0fo6HOcSz7\n AS3pXMbe0VoVOt8107i9qg6PizpaPugbSOP98aq2o0sPkjvKVzPsBvXWe9lDTreI\n X+00Z6WXjcDxmKTGvCkcJ6jk0L5r66Y6TNlJeYwFb0o7PbY7YeJSEJxw9eNozZpY\n EYvHCzHvsv7c8s+s5MeHDvvF5qsvt5qPPfw3zwLT01g1YTQpZdSDKn72YhrQUGJM\n j/W8ro8Ij9BYhYQMIdy+RPNQrBdKjj75kW1NLCGLlE89+6PYzlQwDFLdl9eZlUdM\n rvxbDPM99MRBBq30xfIS6YctHr40mEqZEi6OUoImaj5bbA1H3XHVH2JsWo1ttQYo\n 5qOGGhNi7/nyI9zxVo9r97lgGLztyl6ILZt8kxnWIx1QnPmSMuUNqYfuUuKAPs1q\n +bisBLvylnFvQSqnpEuPwUS1UDby4CzVBzshTsuykCQRiwdU9tcjzZUlKKKTRLhj\n CZCNxv1Ovgl+3m/4R5L7YOBYGCmVW0/GvlrxPLGCjZa1O8/3nih5+cv5TwARAQAB\n tGhodHRwczovL3BhY2thZ2VjbG91ZC5pby9kb2trdS9kb2trdSAoaHR0cHM6Ly9w\n YWNrYWdlY2xvdWQuaW8vZG9jcyNncGdfc2lnbmluZykgPHN1cHBvcnRAcGFja2Fn\n ZWNsb3VkLmlvPokCOAQTAQIAIgUCW7uGSwIbLwYLCQgHAwIGFQgCCQoLBBYCAwEC\n HgECF4AACgkQ8f9oUSiLMxUN3Q/+LeoFr8p3zSp9tRcCuMXfbc7rnJ/UgJiO53jW\n 8LsXH1h5dWeh2H5VqzGjDJ3SORisAWdOMu1SWkw4mvBZQQL12iwAMZmIDmbWU73c\n PplwGUQ4sltNxtiAVdntWC1vwSceY6/AQZwE2k60RYzg5bR2KAyZR9yGssGsekFO\n zOuMiTswzEYoZaJla+cduAXZzGf8NZgbzhXKhyfjVodRTyNR0dhoeMwNBlH0WWzW\n owwNOaJQ1LwDUkjrfRpkT53RJ5olRYa5ONDxuZEvmFy57bqXJh5U13m9FNWEtmF2\n NySFltZYEL6BZQn5qehF4kqqJ0JSVsHEyEC7sU9yr93khTGjWQfcGaITZXPNyXTC\n py/J1TeOEOz2VyvglPx/JL4dTfPg5uZCTWRXzLJDAbW26BcyFI4OyPjFly6FLj0o\n nMUuEzdCmNpHCKWkeyXajxtYd4EMo+UHGYC7jrpsAxRib0pdHUwnOG0MeNIUtPm/\n yW8i5St9PnX2y2qSaAoVURAI3irApn4Wc+hgRjo22l/B6ZudMAtASD5Ie8pXHNS0\n dlsgiv3sTZachMKU+usoIgejIb0MuBhBwVJ93A4YguEqNgZg0Cz4MUpWNma6zLIN\n Ko+3khp3z2Y/jWfNTKs41sz++png1iqjnvXjGIjKtgcFJyH+AwZzkh5LjRiahM/I\n OO/xTaO5Ag0EW7uGSwEQAL39qC95IFVNobRvecddeL26kHPgd0JS4fjB5r01pMFR\n 3fojnEwGTLzRJVR4iTfzOiAG1XKGYmEb15NkEgEcvaLaojSsaaAHv++BqL2qXHJa\n sfsgjKqxCAKyJps5wCEIzF1xfxHB/5BIyKenXZw9K/zlZzsfqzyehLAarZ4oMQEN\n u/dG3TlXCf/oSBHDttLTcRTGs1I8FEaA9O0ZeV+2S/WuT0kFa6s1tRUMMWHWzMmR\n 2a+vLCE3OMWtlRk6sfhfccf4rIzjj3xyieEGKznkOycu8JOqTBRmGMl3wRS2XI7c\n PFiV1MGRV5uhJ6a0D6DDAddL13TaXMfsZB0KkFHh8bKvAxJA9opHhl+X2NrdwsLz\n crCWF+QdoPX494j2aWnwSOXXtW9c2b6cpDfUoGVD79IYEzL0n6dgBPwCKLcmxotF\n Tv+H3Yy0DBn8BaQ0ZHbEgudwr73vxMgbYStGfu/bQEulcLA0vfTRGBRhzlZLE8k6\n +fXK23R4T/3kdyJovHdnK6aIN6oFTnVM5pyLrxmUkLCaPEbnoxVtA9zOeiGhqjYT\n pLgZMG95HgoscBlOh8BpuM2E3MSPV6XYjEKtvDpWy/i/oCPhd/PcY/qVxzj6dANU\n gQE/8hdf6Q//SvUxZaVrVwnmWkIZshGDJj/EM8VGhKzEoZF8Xmr/aibyN3CLoSMl\n ABEBAAGJBD4EGAECAAkFAlu7hksCGy4CKQkQ8f9oUSiLMxXBXSAEGQECAAYFAlu7\n hksACgkQ+ytqpCHNGT+1Vg//Z0ZiIoQQCLXmbAPdA79HVLCzsvkKQ3/RlqIR7Nq1\n JzgqPxg8drRo5+Ri+VrsIJt3AYH/lGm1UuSeycM6NrNWBpqL5FLjrMmbILQp9GMf\n bCZLXocOwDvrfpdBuEK+AS8SuLeiZtl8DcOe9Xtv3LSxXre0hsiIZpTRIjP+qkj8\n W7oZqUxwo1Wcnff+0snf6hPiTps/IB1utzSjxXVe86/89BWvLt/mT1o81h5mclgk\n l1eit6BvZsO/iicLB5KbyA7DVjAnxngze0+cCUAIVbqQbZhAVw5oZbKeXedbGuxr\n eRLWx+h5IBbtn+JwWngzueHyc3fY5b6ann06f6y6BF5+XmPRIXakYh4moJxSRQCA\n GVKGEubH/Y1Vyq8QIX7V6PGpS39mQkoYXEztvEtyZiV3J+SyObYZVTs9d5/rhoE2\n wXQIFTOdyHi52K2VfT3JU7rWOw5/SWuOQyyDdWgxEJuU6bUeOViOwHVkZDzwBX3Y\n 1to5cgY6dNQARplEgZZjRja4uc06u2d7Bk2CfqO4LvjV5UlPm838Ga+kGzBpp86X\n 5JBbZz9lPGf+GY7ZcROQp6ONui8P08+7EaTVtILTE0rd5g8umOnWBo1zteMv50As\n jyIPW20kUuJMdz3V+TNag5aCMW7qnO4zwildlQZmL54+xQDuRXK8P5JlKml6gnK+\n 4SLvUA/8CALEMqxNlb06ZJc1GCU/mcQYXfkNosHaNYpORjziDnH1LBQ7AnhIhhMy\n FwcuxpG9bABwQfoQE84Kx3zVU0xEoCGr549Kf5p7ZcqGwn3WzSql+qR/NcPRV9Dp\n tb4iSXoTUeutR1SeVn/TI2aOWez3UyIztnam+p32e4BNuyByFRmo2e8dP1RqCg6b\n 0KwuxDDE0k3zJCpjsWROrtBVQ9Zt9rsfG5kFxJ6Qi90uJP71f8rFDUuKmxJazDf3\n g3GHEGovUrOJO5JpvCcfCyT9mfOPxUSAKGBHj8NPY84vjqGaA9qqt54D8YT57TjR\n 5oWd8Iwex4XFHAoj59q04KmramVgP5q8VKFrxwVOhYmK6SNmvW9dEI3Y16bu9KF7\n CJnPq/mQXEI+a/G6hZgZ8eYxOV2812WcORppezALreHJeN1HogxI972G0kalKhNC\n p3315BKJdw/p6/j/qIob2EZOdqBsdHRKBgBVXVbaCnzgh1kKLEvJnVDio+zjEPDr\n lR9wQbcHRbu+ZqRSEbH0of/4rx0CdCPGKSDafviKPDXnvls85tWV/lMtNxamqYvv\n V0DUeTWQDmfiyWCgqXTiRA9U4ZFgFNWmirh38UmV7VtSlYaRos8fEQTfmN20fqTk\n 9mVAREENSiAuc4P93l8TtrN1bAqXaTX5oz+lepqWmHWvY+RiNiw=\n =laU4\n -----END PGP PUBLIC KEY BLOCK-----\n source_docker: \n source: 'deb [arch=amd64] https://download.docker.com/linux/ubuntu $RELEASE stable'\n key: |\n -----BEGIN PGP PUBLIC KEY BLOCK-----\n\n mQINBFit2ioBEADhWpZ8/wvZ6hUTiXOwQHXMAlaFHcPH9hAtr4F1y2+OYdbtMuth\n lqqwp028AqyY+PRfVMtSYMbjuQuu5byyKR01BbqYhuS3jtqQmljZ/bJvXqnmiVXh\n 38UuLa+z077PxyxQhu5BbqntTPQMfiyqEiU+BKbq2WmANUKQf+1AmZY/IruOXbnq\n L4C1+gJ8vfmXQt99npCaxEjaNRVYfOS8QcixNzHUYnb6emjlANyEVlZzeqo7XKl7\n UrwV5inawTSzWNvtjEjj4nJL8NsLwscpLPQUhTQ+7BbQXAwAmeHCUTQIvvWXqw0N\n cmhh4HgeQscQHYgOJjjDVfoY5MucvglbIgCqfzAHW9jxmRL4qbMZj+b1XoePEtht\n ku4bIQN1X5P07fNWzlgaRL5Z4POXDDZTlIQ/El58j9kp4bnWRCJW0lya+f8ocodo\n vZZ+Doi+fy4D5ZGrL4XEcIQP/Lv5uFyf+kQtl/94VFYVJOleAv8W92KdgDkhTcTD\n G7c0tIkVEKNUq48b3aQ64NOZQW7fVjfoKwEZdOqPE72Pa45jrZzvUFxSpdiNk2tZ\n XYukHjlxxEgBdC/J3cMMNRE1F4NCA3ApfV1Y7/hTeOnmDuDYwr9/obA8t016Yljj\n q5rdkywPf4JF8mXUW5eCN1vAFHxeg9ZWemhBtQmGxXnw9M+z6hWwc6ahmwARAQAB\n tCtEb2NrZXIgUmVsZWFzZSAoQ0UgZGViKSA8ZG9ja2VyQGRvY2tlci5jb20+iQI3\n BBMBCgAhBQJYrefAAhsvBQsJCAcDBRUKCQgLBRYCAwEAAh4BAheAAAoJEI2BgDwO\n v82IsskP/iQZo68flDQmNvn8X5XTd6RRaUH33kXYXquT6NkHJciS7E2gTJmqvMqd\n tI4mNYHCSEYxI5qrcYV5YqX9P6+Ko+vozo4nseUQLPH/ATQ4qL0Zok+1jkag3Lgk\n jonyUf9bwtWxFp05HC3GMHPhhcUSexCxQLQvnFWXD2sWLKivHp2fT8QbRGeZ+d3m\n 6fqcd5Fu7pxsqm0EUDK5NL+nPIgYhN+auTrhgzhK1CShfGccM/wfRlei9Utz6p9P\n XRKIlWnXtT4qNGZNTN0tR+NLG/6Bqd8OYBaFAUcue/w1VW6JQ2VGYZHnZu9S8LMc\n FYBa5Ig9PxwGQOgq6RDKDbV+PqTQT5EFMeR1mrjckk4DQJjbxeMZbiNMG5kGECA8\n g383P3elhn03WGbEEa4MNc3Z4+7c236QI3xWJfNPdUbXRaAwhy/6rTSFbzwKB0Jm\n ebwzQfwjQY6f55MiI/RqDCyuPj3r3jyVRkK86pQKBAJwFHyqj9KaKXMZjfVnowLh\n 9svIGfNbGHpucATqREvUHuQbNnqkCx8VVhtYkhDb9fEP2xBu5VvHbR+3nfVhMut5\n G34Ct5RS7Jt6LIfFdtcn8CaSas/l1HbiGeRgc70X/9aYx/V/CEJv0lIe8gP6uDoW\n FPIZ7d6vH+Vro6xuWEGiuMaiznap2KhZmpkgfupyFmplh0s6knymuQINBFit2ioB\n EADneL9S9m4vhU3blaRjVUUyJ7b/qTjcSylvCH5XUE6R2k+ckEZjfAMZPLpO+/tF\n M2JIJMD4SifKuS3xck9KtZGCufGmcwiLQRzeHF7vJUKrLD5RTkNi23ydvWZgPjtx\n Q+DTT1Zcn7BrQFY6FgnRoUVIxwtdw1bMY/89rsFgS5wwuMESd3Q2RYgb7EOFOpnu\n w6da7WakWf4IhnF5nsNYGDVaIHzpiqCl+uTbf1epCjrOlIzkZ3Z3Yk5CM/TiFzPk\n z2lLz89cpD8U+NtCsfagWWfjd2U3jDapgH+7nQnCEWpROtzaKHG6lA3pXdix5zG8\n eRc6/0IbUSWvfjKxLLPfNeCS2pCL3IeEI5nothEEYdQH6szpLog79xB9dVnJyKJb\n VfxXnseoYqVrRz2VVbUI5Blwm6B40E3eGVfUQWiux54DspyVMMk41Mx7QJ3iynIa\n 1N4ZAqVMAEruyXTRTxc9XW0tYhDMA/1GYvz0EmFpm8LzTHA6sFVtPm/ZlNCX6P1X\n zJwrv7DSQKD6GGlBQUX+OeEJ8tTkkf8QTJSPUdh8P8YxDFS5EOGAvhhpMBYD42kQ\n pqXjEC+XcycTvGI7impgv9PDY1RCC1zkBjKPa120rNhv/hkVk/YhuGoajoHyy4h7\n ZQopdcMtpN2dgmhEegny9JCSwxfQmQ0zK0g7m6SHiKMwjwARAQABiQQ+BBgBCAAJ\n BQJYrdoqAhsCAikJEI2BgDwOv82IwV0gBBkBCAAGBQJYrdoqAAoJEH6gqcPyc/zY\n 1WAP/2wJ+R0gE6qsce3rjaIz58PJmc8goKrir5hnElWhPgbq7cYIsW5qiFyLhkdp\n YcMmhD9mRiPpQn6Ya2w3e3B8zfIVKipbMBnke/ytZ9M7qHmDCcjoiSmwEXN3wKYI\n mD9VHONsl/CG1rU9Isw1jtB5g1YxuBA7M/m36XN6x2u+NtNMDB9P56yc4gfsZVES\n KA9v+yY2/l45L8d/WUkUi0YXomn6hyBGI7JrBLq0CX37GEYP6O9rrKipfz73XfO7\n JIGzOKZlljb/D9RX/g7nRbCn+3EtH7xnk+TK/50euEKw8SMUg147sJTcpQmv6UzZ\n cM4JgL0HbHVCojV4C/plELwMddALOFeYQzTif6sMRPf+3DSj8frbInjChC3yOLy0\n 6br92KFom17EIj2CAcoeq7UPhi2oouYBwPxh5ytdehJkoo+sN7RIWua6P2WSmon5\n U888cSylXC0+ADFdgLX9K2zrDVYUG1vo8CX0vzxFBaHwN6Px26fhIT1/hYUHQR1z\n VfNDcyQmXqkOnZvvoMfz/Q0s9BhFJ/zU6AgQbIZE/hm1spsfgvtsD1frZfygXJ9f\n irP+MSAI80xHSf91qSRZOj4Pl3ZJNbq4yYxv0b1pkMqeGdjdCYhLU+LZ4wbQmpCk\n SVe2prlLureigXtmZfkqevRz7FrIZiu9ky8wnCAPwC7/zmS18rgP/17bOtL4/iIz\n QhxAAoAMWVrGyJivSkjhSGx1uCojsWfsTAm11P7jsruIL61ZzMUVE2aM3Pmj5G+W\n 9AcZ58Em+1WsVnAXdUR//bMmhyr8wL/G1YO1V3JEJTRdxsSxdYa4deGBBY/Adpsw\n 24jxhOJR+lsJpqIUeb999+R8euDhRHG9eFO7DRu6weatUJ6suupoDTRWtr/4yGqe\n dKxV3qQhNLSnaAzqW/1nA3iUB4k7kCaKZxhdhDbClf9P37qaRW467BLCVO/coL3y\n Vm50dwdrNtKpMBh3ZpbB1uJvgi9mXtyBOMJ3v8RZeDzFiG8HdCtg9RvIt/AIFoHR\n H3S+U79NT6i0KPzLImDfs8T7RlpyuMc4Ufs8ggyg9v3Ae6cN3eQyxcK3w0cbBwsh\n /nQNfsA6uu+9H7NhbehBMhYnpNZyrHzCmzyXkauwRAqoCbGCNykTRwsur9gS41TQ\n M8ssD1jFheOJf3hODnkKU+HKjvMROl1DK7zdmLdNzA1cvtZH/nCC9KPj1z8QC47S\n xx+dTZSx4ONAhwbS/LN3PoKtn8LPjY9NP9uDWI+TWYquS2U+KHDrBDlsgozDbs/O\n jCxcpDzNmXpWQHEtHU7649OXHP7UeNST1mCUCH5qdank0V1iejF6/CfTFU4MfcrG\n YT90qFF93M3v01BbxP+EIY2/9tiIPbrd\n =0YYh\n -----END PGP PUBLIC KEY BLOCK-----\n\n debconf_selections:\n vhost: dokku dokku/vhost_enable boolean true\n # set the domain name of the new Dokku server\n hostname: dokku dokku/hostname string $YOUR_FULL_QUALIFIED_DOMAIN\n # this copies over the public SSH key assigned to the server\n key: dokku dokku/key_file string /home/ubuntu/.ssh/authorized_keys\n\npackages:\n - dokku\npackage_update: true\npackage_upgrade: true\npackage_reboot_if_required: true\n
Shortly after running the create command you will get a confirmation that the instance has been created, and after about a minute it should be ready to login. Check the IP of the instance through the web UI or by running:
nova list\n
SSH with the ubuntu
username and the public key previously added. Keep in mind that if you logged in quick enough Dokku might still be installing in the background, and not be ready. The installation takes a few minutes.
Download and install VirtualBox.
Download and install Vagrant.
Clone Dokku.
git clone https://github.com/dokku/dokku.git\n
Create VM.
# Optional ENV arguments:\n# - `BOX_NAME`\n# - `BOX_URI`\n# - `BOX_MEMORY`\n# - `DOKKU_DOMAIN`\n# - `DOKKU_IP`\n# - `FORWARDED_PORT`.\ncd path/to/dokku\n\n# for most users\nvagrant up\n\n# windows users must instead use the following in an elevated command prompt\nvagrant up dokku-windows\n
Setup SSH Config in ~/.ssh/config
.
Host dokku.me\n Port 22\n
For users that have customized the IP address of their VM - either in a custom Vagrantfile
or via the DOKKU_IP
environment variable - and are not using 10.0.0.2
for the Vagrant IP, you'll need to instead use the output of vagrant ssh-config dokku
for your ~/.ssh/config
entry.
Connect to the server via vagrant ssh
and add your ssh key to the install. Additionally, set the global domain name to dokku.me
.
# usually your key is already available under the current user's `~/.ssh/authorized_keys` file\ncat ~/.ssh/authorized_keys | dokku ssh-keys:add admin\n\n# you can use any domain you already have access to\ndokku domains:set-global dokku.me\n
Please note, the dokku.me
domain is setup to point to 10.0.0.2
along with all subdomains (i.e. yourapp.dokku.me
). If you change the DOKKU_IP
in your Vagrant setup you'll need to update your /etc/hosts
file to point your reconfigured IP address.
You are now ready to deploy an app or install plugins.
"},{"location":"getting-started/installation/","title":"Getting Started with Dokku","text":""},{"location":"getting-started/installation/#what-is-dokku","title":"What is Dokku?","text":"Dokku is an extensible, open source Platform as a Service that runs on a single server of your choice. Dokku supports building apps on the fly from a git push
via either Dockerfile or by auto-detecting the language with Buildpacks, and then starts containers based on your built image. Using technologies such as nginx and cron, Web processes are automatically routed to, while background processes and automated cron tasks are also managed by Dokku.
To start using Dokku, you'll need a system that meets the following minimum requirements:
x86_64
), commonly used for Intel cloud serversarm64
), commonly used for Raspberry PI and AWS GravitonTo avoid memory pressure during builds or runtime of your applications, we suggest the following:
Finally, we recommend attaching at least one domain name to your server. This is not required, but using a domain name will make app access easier. When connecting a domain, either a single domain or a wildcard may be associated to the server's IP.
*.domain.tld
A Record): will allow access to apps via $APP.domain.tld
.domain.tld
A or CNAME Record): will result in apps being accessed via domain.tld:$RANDOM_PORT
.Please see the dns documentation and domains documentation for more details.
"},{"location":"getting-started/installation/#installing-the-latest-stable-version","title":"Installing the latest stable version","text":"This is the simple method of installing Dokku. For alternative methods of installation, see the advanced install guide.
"},{"location":"getting-started/installation/#1-install-dokku","title":"1. Install Dokku","text":"To install the latest stable version of Dokku, you can run the following shell commands:
# for debian systems, installs Dokku via apt-get\nwget -NP . https://dokku.com/install/v0.35.0/bootstrap.sh\nsudo DOKKU_TAG=v0.35.0 bash bootstrap.sh\n
The installation process takes about 5-10 minutes, depending upon internet connection speed.
"},{"location":"getting-started/installation/#2-setup-ssh-key-and-virtualhost-settings","title":"2. Setup SSH key and Virtualhost Settings","text":"Once the installation is complete, you should configure an ssh key and set your global domain.
# usually your key is already available under the current user's `~/.ssh/authorized_keys` file\ncat ~/.ssh/authorized_keys | dokku ssh-keys:add admin\n\n# you can use any domain you already have access to\n# this domain should have an A record or CNAME pointing at your server's IP\ndokku domains:set-global dokku.me\n\n# you can also use the ip of your server\ndokku domains:set-global 10.0.0.2\n\n# finally, you can use sslip.io to get subdomain support\n# as you would with a regular domain name\n# this would be done by appending `.sslip.io` to your ip address\ndokku domains:set-global 10.0.0.2.sslip.io\n
See the user management and domains documentation for more information.
"},{"location":"getting-started/installation/#3-deploy-your-first-application","title":"3. Deploy your first application","text":"At this point, you should be able to deploy to the Dokku installation.
"},{"location":"getting-started/upgrading/","title":"Upgrading","text":"If your version of Dokku is pre 0.3.0 (check with dokku version
), we recommend a fresh install on a new server.
For any security related updates, please follow our Twitter account. As Dokku does not run any daemons, the security risk introduced by our software is minimal.
Your operating system may occasionally provide security updates. We recommend setting unattended upgrades for your operating system. Here are some helpful links:
Docker releases updates periodically to their engine. We recommend reading their release notes and upgrading accordingly. Please see the Docker documentation for more details.
"},{"location":"getting-started/upgrading/#migration-guides","title":"Migration Guides","text":"Before upgrading, check the migration guides to get comfortable with new features and prepare your deployment to be upgraded.
If you'll be updating docker or the herokuish package simultaneously, it's recommended that you stop all applications before upgrading and rebuild afterwards. This is not required if the upgrade only impacts the dokku
package.
Why do we recommend stopping all apps?
docker
: Containers may be randomly reset during the upgrade process, resulting in requests being sent to the wrong containers. Acknowledging and scheduling downtime thus becomes much more important.herokuish
: While not required, it may be useful to take advantage of the latest base image. Herokuish changes do not cause issues unless the base OS changes, which may happen in minor or major releases.# for 0.22.0 and newer versions, use\ndokku ps:stop --all\n\n# for versions between 0.11.4 and 0.21.4, use\ndokku ps:stopall\n\n# for versions between 0.8.1 and 0.11.3, use\ndokku --quiet apps:list | xargs -L1 dokku ps:stop\n\n# for versions older than 0.8.1, use\ndokku --quiet apps | xargs -L1 dokku ps:stop\n
"},{"location":"getting-started/upgrading/#upgrading_1","title":"Upgrading","text":"Info
[!IMPORTANT] Unless specified, the bootstrap.sh
script installs Dokku via a Debian package (.deb
). Using either the dokku-update
or apt
methods are enough to perform an upgrade of Dokku.
Please read the migration guides for each version in between your currently installed version of Dokku and the version you are upgrading to in order to ensure minimal downtime.
"},{"location":"getting-started/upgrading/#upgrading-using-dokku-update","title":"Upgrading usingdokku-update
","text":"Warning
The dokku-update
package currently does not support upgrading to a specific version of Dokku. If this is required by a particular migration guide, use the apt
method for upgrading.
We provide a helpful binary called dokku-update
. This is a recommended package that:
This binary is available on Debian and RPM-based systems from our package repositories under the name dokku-update
. When installing from source, this is available from a separate Github repository at dokku/dokku-update.
apt
","text":"If Dokku was installed in a Debian or Ubuntu system, via apt-get install dokku
or bootstrap.sh
, you can upgrade with apt-get
:
# update your local apt cache\nsudo apt-get update\n\n# update dokku and its dependencies\nsudo apt-get --no-install-recommends install dokku herokuish sshcommand plugn gliderlabs-sigil dokku-update dokku-event-listener\n\n# or just upgrade every package:\nsudo apt-get upgrade\n
To upgrade to a specific version of Dokku, specify it on the apt-get
call:
# specify the version _without_ the `v` prefix\nsudo apt-get dokku=$VERSION\n
"},{"location":"getting-started/upgrading/#upgrading-from-source","title":"Upgrading from source","text":"Info
[!CAUTION] Dokku is not normally installed from source. Executing a source upgrade when the installation was performed via apt package may result in an inoperable system and will require manual work to get Dokku in a working state.
If you installed Dokku from source (less common), upgrade with:
cd ~/dokku\ngit pull --tags origin master\n\n# continue to install from source\nsudo DOKKU_BRANCH=master make install\n\n# upgrade to debian package-based installation\nsudo make install\n
To upgrade Herokuish from source, upgrade with:
cd /tmp\ngit clone https://github.com/gliderlabs/herokuish.git\ncd herokuish\nCIRCLECI=true IMAGE_NAME=gliderlabs/herokuish BUILD_TAG=latest make build/docker\n
"},{"location":"getting-started/upgrading/#after-upgrading","title":"After upgrading","text":"After upgrading, you should rebuild the applications to take advantage of any new buildpacks that were released:
dokku ps:rebuild --all\n
"},{"location":"networking/dns/","title":"DNS Configuration","text":"Note
This is a work in progress.
"},{"location":"networking/dns/#dns-versions","title":"DNS Versions","text":"There are many different DNS servers 'in the wild'. Some of the popular ones on Linux are BIND, dnsmasq, and pdns. Windows has its own built-in DNS server as well as Unbound, Posadis, and more. A full list of DNS packages can be found on Wikipedia under Comparison of DNS Server Software. In addition to the various DNS packages, there are tens of thousands of Managed DNS Providers out that all have different DNS interfaces.
"},{"location":"networking/dns/#focus","title":"Focus","text":"Because there are so many different DNS server packages out there as well as a tremendous number of Managed DNS Providers, we will focus on the concepts of DNS as well as providing examples in the 'BIND' format so you can adapt the information to your own server package or managed DNS provider.
"},{"location":"networking/dns/#assumptions","title":"Assumptions","text":"Please remember that DNS relies heavily on caching. Changes you make to DNS could take anywhere from a few seconds to a few days to propagate. If you tried surfing to example.tld, then changed the IP address in DNS, it could be a while before your computer picks up on the changes.
"},{"location":"networking/dns/#getting-started","title":"Getting started","text":"For the examples, we will use the domain name example.tld
and the IP address 127.0.0.1
.
Dokku uses DNS to differentiate between apps on your dokku-powered server. If you are using the domain example.tld
, and you have two apps node-js-app1
and node-js-app2
, Dokku will make them available at node-js-app1.example.tld
and node-js-app2.example.tld
.
To get started, you need to know the IP address of your Dokku server. Connect to it and run ifconfig
or ip addr
to see the IP address.
Now you have to make a decision about your domain. Do you want everything and anything at example.tld
to go to your Dokku server, or would you rather use a 'sub domain' for your Dokku server?
In other words, do you want your applications on your Dokku server accessible via node-js-app.example.tld
or via node-js-app.myserver.example.tld
?
Using a sub-domain is easy. When you set up your server, you probably gave it a name like myserver.example.tld
.
Go in to your Managed DNS provider and create an A
record named myserver
and put in the IP address you got from your server a few moments ago.
Hopefully your managed DNS provider also supports wildcards. Create a second A
record named *.myserver
along with the IP address you got from your server a few moments ago.
If you are using BIND, your zone file will look similar to this:
$ORIGIN example.tld\n$TTL 5m\n\nmyserver IN A 127.0.0.1\n*.myserver IN A 127.0.0.1\n
You can verify your changes in Linux by trying one or more of the following commands:
host myserver.example.tld
dig -t A myserver.example.tld
nslookup myserver.example.tld
Now is a good time to remind you that the answers you get MAY BE CACHED.
If everything is working correctly, you should also be able to query for any other name under myserver.example.tld
and get back the IP address of your server. Try:
host test.myserver.example.tld
host xyzzy.myserver.example.tld
If they all return your IP address, you have set DNS up properly for dokku. You should also be able to ssh root@myserver.example.tld
and access your server.
Proceed with the setup instructions in the installation documentation
"},{"location":"networking/dns/#using-the-root-of-your-domain-node-js-appexampletld","title":"Using the root of your domain (node-js-app.example.tld)","text":"This section is a work in progress. It is incomplete.
Using the 'root' of your domain is nearly identical to the previous example.
example.tld
, still needs A
record.New
Introduced in 0.11.0, Enhanced in 0.20.0
network:create <network> # Creates an attachable docker network\nnetwork:destroy <network> # Destroys a docker network\nnetwork:exists <network> # Checks if a docker network exists\nnetwork:info <network> # Outputs information about a docker network\nnetwork:list # Lists all docker networks\nnetwork:report [<app>] [<flag>] # Displays a network report for one or more apps\nnetwork:rebuild <app> # Rebuilds network settings for an app\nnetwork:rebuildall # Rebuild network settings for all apps\nnetwork:set <app> <key> (<value>) # Set or clear a network property for an app\n
The Network plugin allows developers to abstract the concept of container network management, allowing developers to both change what networks a given container is attached to as well as rebuild the configuration on the fly.
"},{"location":"networking/network/#usage","title":"Usage","text":""},{"location":"networking/network/#listing-networks","title":"Listing networks","text":"New
Introduced in 0.20.0, Requires Docker 1.21+
You can easily list all available networks using the network:list
command:
dokku network:list\n
=====> Networks\nbridge\nhost\nnone\ntest-network\n
Note that you can easily hide extra output from Dokku commands by using the --quiet
flag, which makes it easier to parse on the command line.
dokku --quiet network:list\n
bridge\nhost\nnone\ntest-network\n
"},{"location":"networking/network/#creating-a-network","title":"Creating a network","text":"New
Introduced in 0.20.0, Requires Docker 1.21+
Docker networks can be created via the network:create
command. Executing this command will create an attachable bridge
network. This can be used to route requests between containers without going through any public network.
dokku network:create test-network\n
-----> Creating network test-network\n
Specifying other additional flags or other types of networks can be created directly via the docker
command.
New
Introduced in 0.20.0, Requires Docker 1.21+
A Docker network without any associated containers may be destroyed via the network:destroy
command. Docker will refuse to destroy networks that have containers attached.
dokku network:destroy test-network\n
! WARNING: Potentially Destructive Action\n ! This command will destroy network test.\n ! To proceed, type \"test\"\n-----> Destroying network test\n
Info
test
As the command is destructive, it will default to asking for confirmation before executing the removal of the network. This may be avoided by providing the --force
flag:
dokku --force network:destroy test-network\n
-----> Destroying network test\n
"},{"location":"networking/network/#checking-if-a-network-exists","title":"Checking if a network exists","text":"New
Introduced in 0.20.0, Requires Docker 1.21+
For CI/CD pipelines, it may be useful to see if an network exists before creating a new network. You can do so via the network:exists
command:
dokku network:exists nonexistent-network\n
Network does not exist\n
The network:exists
command will return non-zero if the network does not exist, and zero if it does.
New
Introduced in 0.20.0, Requires Docker 1.21+
Network information can be retrieved via the network:info
command. This is a slightly different version of the docker network
command.
dokku network:info test-network\n
// TODO\n
"},{"location":"networking/network/#routing-an-app-to-a-known-ipport-combination","title":"Routing an app to a known ip:port combination","text":"In some cases, it may be necessary to route an app to an existing $IP:$PORT
combination. This is particularly the case for internal admin tools or services that aren't run by Dokku but have a web ui that would benefit from being exposed by Dokku. This can be done by using a proxy application and routing requests through that.
# for a service listening on:\n# - ip address: 127.0.0.1\n# - port: 8080\n\n# create the app\ndokku apps:create local-app\n\n# add an extra host that maps host.docker.internal to the docker gateway\ndokku docker-options:add local-app deploy \"--add-host=host.docker.internal:host-gateway\"\n\n# set the SERVICE_HOST to the mapped hostname\ndokku config:set local-app SERVICE_HOST=host.docker.internal\n\n# set the SERVICE_PORT to the port combination for your app\ndokku config:set local-app SERVICE_PORT=8080\n\n# set the domains desired\ndokku domains:set local-app local-app.dokku.me\n\n# deploy the service-proxy image\ndokku git:from-image local-app dokku/service-proxy:latest\n
Only a single $IP:$PORT
combination can be routed to for a given app, and that $IP:$PORT
combination must be accessible to the service proxy on initial deploy, or the service proxy won't start.
New
Introduced in 0.20.0, Requires Docker 1.21+
Apps will default to being associated with the default bridge
network or a network specified by the initial-network
network property. Additionally, an app can be attached to attachable
networks by changing the attach-post-create
or attach-post-deploy
network properties when using the docker-local scheduler. A change in these values will require an app deploy or rebuild.
# associates the network after a container is created but before it is started\n# commonly used for cross-app networking\ndokku network:set node-js-app attach-post-create test-network\n\n# associates the network after the deploy is successful but before the proxy is updated\n# used for cross-app networking when healthchecks must be invoked first\ndokku network:set node-js-app attach-post-deploy other-test-network\n\n# associates the network at container creation\n# typically blocks access to services and external routing\ndokku network:set node-js-app initial-network global-network\n
Multiple networks can also be specified for the attach-post-create
and attach-post-deploy
phases.
# one or more networks can be specified\ndokku network:set node-js-app attach-post-create test-network test-network-2\n
Setting the attach
network property to an empty value will de-associate the container with the network.
dokku network:set node-js-app attach-post-create\ndokku network:set node-js-app attach-post-deploy\ndokku network:set node-js-app initial-network\n
The network properties can also be set globally. The global default value is an empty string, and the global value is used when no app-specific value is set.
dokku network:set --global attach-post-create global-create-network\ndokku network:set --global attach-post-deploy global-deploy-network\ndokku network:set --global initial-network global-network\n
The default value may be set by passing an empty value for the option.
dokku network:set --global attach-post-create\ndokku network:set --global attach-post-deploy\ndokku network:set --global initial-network\n
"},{"location":"networking/network/#network-aliases","title":"Network Aliases","text":"Note
This feature is only available when an app has been attached to a network other than the default bridge
network.
When a container created for a deployment is being attached to a network - regardless of which network property was used - a network alias of the pattern APP.PROC_TYPE
will be added to all containers. This can be used to load-balance requests between containers. For an application named node-js-app
with a process type of web, the network alias - or resolvable DNS record within the network - will be:
node-js-app.web\n
The fully-qualified URL for the resource will depend upon the PORT
being listened to by the application. Applications built via buildpacks will have their PORT
environment variable set to 5000
, and as such internal network requests for the above example should point to the following:
http://node-js-app.web:5000\n
Dockerfile-based applications may listen on other ports. For more information on how ports are specified for applications, please refer to the port management documentation.
"},{"location":"networking/network/#specifying-a-custom-tld","title":"Specifying a custom TLD","text":"When attaching applications to networks, a custom TLD can be specified via the network:set
command. This TLD is suffixed to the network alias for the application/process-type combination for all networks to which the application is attached, and cannot be customized per network. The default value is an empty string.
To specify a TLD of svc.cluster.local
for your application, run the following command:
# replace node-js-app with your application name\ndokku network:set node-js-app tld svc.cluster.local\n
With an application named node-js-app
and a process-type named web
, the above command will turn the network alias into:
node-js-app.web.svc.cluster.local\n
Note that this has no impact on container port handling, and users must still specify the container port when making internal network requests.
The default value may be set by passing an empty value for the option:
dokku network:set node-js-app tld\n
The tld
property can also be set globally. The global default is emty string, and the global value is used when no app-specific value is set.
dokku network:set --global tld svc.cluster.local\n
The default value may be set by passing an empty value for the option.
dokku network:set --global tld\n
"},{"location":"networking/network/#when-to-attach-containers-to-a-network","title":"When to attach containers to a network","text":"Containers can be attached to a network for a variety of reasons:
Whatever the reason, the semantics of the two network hooks are important and are outlined before.
attach-post-create
:build
: Intermediate containers created during the build process.deploy
: Deployed app containers.run
: Containers created by the run
command.created
but not running
attach-post-deploy
deploy
: Deployed app containers.running
initial-network
:build
: Intermediate containers created during the build process.deploy
: Deployed app containers.run
: Containers created by the run
command.created
initial-network
.Warning
If the attachment fails during the running
container state, this may result in your application failing to respond to proxied requests once older containers are removed.
There are cases where you may need to rebuild the network configuration for an app, such as on app boot or container restart. In these cases, you can use the network:rebuild
command:
dokku network:rebuild node-js-app\n
Info
This command will exit a non-zero number that depends on the number of containers for which configuration could not be built
"},{"location":"networking/network/#rebuilding-all-network-settings","title":"Rebuilding all network settings","text":"In some cases, a docker upgrade may reset container IPs or Ports. In both cases, you can quickly rewrite those files by using the network:rebuildall
command:
dokku network:rebuildall\n
Info
This command will exit a non-zero number that depends on the number of containers for which configuration could not be built
"},{"location":"networking/network/#container-network-interface-binding","title":"Container network interface binding","text":"Info
This functionality does not control the --network
docker flag. Please use the docker-options plugin to manage this flag.
By default, an app will only bind to the internal interface. This behavior can be modified per app by changing the bind-all-interfaces
network property.
# bind to the default docker interface (`docker0`) with a random internal ip\n# this is the default behavior\ndokku network:set node-js-app bind-all-interfaces false\n\n# bind to all interfaces (`0.0.0.0`) on a random port for each upstream port\n# this will make the app container directly accessible by other hosts on your network\n# ports are randomized for every deploy, e.g. `0.0.0.0:32771->5000/tcp`.\ndokku network:set node-js-app bind-all-interfaces true\n
By way of example, in the default case, each container is bound to the docker interface:
ShellOutputdocker ps\n
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES\n1b88d8aec3d1 dokku/node-js-app:latest \"/bin/bash -c '/star About a minute ago Up About a minute node-js-app.web.1\n
As such, the container's IP address will be an internal IP, and thus it is only accessible on the host itself:
ShellOutputdocker inspect --format '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' node-js-app.web.1\n
172.17.0.6\n
However, you can disable the internal proxying via the network:set
command so that it will listen on the host's IP address:
dokku network:set node-js-app bind-all-interfaces true\n\n# container bound to all interfaces\ndocker ps\n
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES\nd6499edb0edb dokku/node-js-app:latest \"/bin/bash -c '/star About a minute ago Up About a minute 0.0.0.0:49153->5000/tcp node-js-app.web.1\n
The bind-all-interfaces
property can also be set globally. The global default is false
, and the global value is used when no app-specific value is set.
dokku network:set --global bind-all-interfaces true\n
The default value may be set by passing an empty value for the option.
dokku network:set --global bind-all-interfaces\n
"},{"location":"networking/network/#displaying-network-reports-for-an-app","title":"Displaying network reports for an app","text":"You can get a report about the app's network status using the network:report
command:
dokku network:report\n
=====> node-js-app network information\n Network attach post create:\n Network attach post deploy:\n Network bind all interfaces: false\n Network computed attach post create:\n Network computed attach post deploy:\n Network computed bind all interfaces:false\n Network computed initial network:\n Network computed tld:\n Network global attach post create:\n Network global attach post deploy:\n Network global bind all interfaces:false\n Network global initial network:\n Network global tld:\n Network initial network:\n Network tld:\n Network web listeners: 172.17.0.1:5000\n=====> python-sample network information\n Network attach post create:\n Network attach post deploy:\n Network bind all interfaces: false\n Network computed attach post create:\n Network computed attach post deploy:\n Network computed bind all interfaces:false\n Network computed initial network:\n Network computed tld:\n Network global attach post create:\n Network global attach post deploy:\n Network global bind all interfaces:false\n Network global initial network:\n Network global tld:\n Network initial network:\n Network tld:\n Network web listeners: 172.17.0.2:5000\n=====> ruby-sample network information\n Network attach post create:\n Network attach post deploy:\n Network bind all interfaces: false\n Network computed attach post create:\n Network computed attach post deploy:\n Network computed bind all interfaces:false\n Network computed initial network:\n Network computed tld:\n Network global attach post create:\n Network global attach post deploy:\n Network global bind all interfaces:false\n Network global initial network:\n Network global tld:\n Network initial network:\n Network tld:\n Network web listeners:\n
You can run the command for a specific app also.
ShellOutputdokku network:report node-js-app\n
=====> node-js-app network information\n Network attach post create:\n Network attach post deploy:\n Network bind all interfaces: false\n Network computed attach post create:\n Network computed attach post deploy:\n Network computed bind all interfaces:false\n Network computed initial network:\n Network computed tld:\n Network global attach post create:\n Network global attach post deploy:\n Network global bind all interfaces:false\n Network global initial network:\n Network global tld:\n Network initial network:\n Network tld:\n Network web listeners: 172.17.0.1:5000\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku network:report node-js-app --network-bind-all-interfaces\n
"},{"location":"networking/port-management/","title":"Port Management","text":"New
Introduced in 0.31.0, replaces the previous proxy:ports*
commands
ports:list <app> # List port mappings for an app\nports:add <app> <scheme>:<host-port>:<container-port> [<scheme>:<host-port>:<container-port>...] # Add port mappings to an app\nports:clear <app> # Clear all port mappings for an app\nports:remove <app> <host-port> [<host-port>|<scheme>:<host-port>:<container-port>...] # Remove specific port mappings from an app\nports:set <app> <scheme>:<host-port>:<container-port> [<scheme>:<host-port>:<container-port>...] # Set port mappings for an app\n
"},{"location":"networking/port-management/#usage","title":"Usage","text":"Warning
Mapping alternative ports may conflict with the active firewall installed on your server or hosting provider. Such software includes - but is not limited to - AWS Security Groups, iptables, and UFW. Please consult the documentation for those softwares as applicable.
Users should also avoid setting the PORT
environment variable. Dokku will use port mappings to set this value. Overriding this manually may cause issues in application routing.
You can now configure host -> container
port mappings with the ports:*
commands. This mapping is currently supported by the built-in nginx-vhosts plugin.
By default, buildpack apps and dockerfile apps without explicitly exposed ports (i.e. using the EXPOSE
directive) will be configured with a listener on port 80
(and additionally a listener on 443 if ssl is enabled) that will proxy to the application container on port 5000
. Dockerfile apps with explicitly exposed ports will be configured with a listener on each exposed port and will proxy to that same port of the deployed application container.
Note
This default behavior will not be automatically changed on subsequent pushes and must be manipulated with the ports:*
commands detailed below.
The proxy port scheme is as follows:
SCHEME:HOST_PORT:CONTAINER_PORT
The scheme metadata can be used by proxy implementations in order to properly handle proxying of requests. For example, the built-in nginx-vhosts
proxy implementation supports the http
, https
, grpc
and grpcs
schemes. For the grpc
and grpcs
see nginx blog post on grpc.
Developers of proxy implementations are encouraged to use whatever schemes make the most sense, and ignore configurations which they do not support. For instance, a udp
proxy implementation can safely ignore http
and https
port mappings.
To change the proxy implementation in use for an application, use the proxy:set
command:
# no validation will be performed against\n# the specified proxy implementation\ndokku proxy:set node-js-app nginx\n
"},{"location":"networking/port-management/#listing-port-mappings","title":"Listing port mappings","text":"To inspect the port mapping for a given application, use the ports:list
command:
dokku ports:list node-js-app\n
-----> Port mappings for node-js-app\n-----> scheme host port container port\nhttp 80 5000\n
The above application is listening on the host's port 80
, which we can test via curl:
curl http://node-js-app.dokku.me\n
Hello World!\n
"},{"location":"networking/port-management/#adding-a-custom-port-mapping","title":"Adding a custom port mapping","text":"There are cases where we may wish for the service to be listening on more than one port, such as port 8080. Normally, this would not be possible:
ShellOutputcurl http://node-js-app.dokku.me:8080\n
curl: (7) Failed to connect to node-js-app.dokku.me port 8080: Connection refused\n
However, we can use the ports:add
command to add a second external port mapping - 8080
- to our application's port 5000
.
dokku ports:add node-js-app http:8080:5000\n
-----> Configuring node-js-app.dokku.me...(using built-in template)\n-----> Creating http nginx.conf\n Reloading nginx\n
We can now test that port 80 still responds properly:
ShellOutputcurl http://node-js-app.dokku.me\n
Hello World!\n
And our new listening port of 8080
also works:
curl http://node-js-app.dokku.me:8080\n
Hello World!\n
"},{"location":"networking/port-management/#setting-all-port-mappings-at-once","title":"Setting all port mappings at once","text":"Port mappings can also be force set using the ports:set
command.
dokku ports:set node-js-app http:8080:5000\n
-----> Configuring node-js-app.dokku.me...(using built-in template)\n-----> Creating http nginx.conf\n Reloading nginx\n
"},{"location":"networking/port-management/#removing-a-port-mapping","title":"Removing a port mapping","text":"A port mapping can be removed using the ports:remove
command if it no longer necessary:
dokku ports:remove node-js-app http:80:5000\n
Ports may also be removed by specifying only the host-port
value. This effectively acts as a wildcard and removes all mappings for that particular host port.
dokku ports:remove node-js-app http:80\n
"},{"location":"networking/port-management/#port-management-by-deployment-method","title":"Port management by Deployment Method","text":"Warning
If you set a port map but do not have a global domain set, Dokku will reset that map upon first deployment.
"},{"location":"networking/port-management/#buildpacks","title":"Buildpacks","text":"For buildpack deployments, your application must respect the PORT
environment variable. We will typically set this to port 5000
, but this is not guaranteed. If you do not respect the PORT
environment variable, your containers may start but your services will not be accessible outside of that container.
Info
Changed as of 0.5.0
Dokku's default proxy implementation - nginx - supports HTTP and GRPC request proxying. At this time, we do not support proxying plain TCP or UDP ports. UDP ports can be exposed by disabling the nginx proxy with dokku proxy:disable myapp
and manually exposing the ports via the docker-options
plugin. For example, dokku docker-options:add myapp deploy \"-p 2456:2456/udp\"
. If you would like to investigate alternative proxy methods, please refer to our proxy management documentation.
Dokku will extract all tcp ports exposed using the EXPOSE
directive (one port per line) and setup nginx to proxy the same port numbers to listen publicly. If you would like to change the exposed port, you should do so within your Dockerfile
.
For example, if the Dokku installation is configured with the domain dokku.me
and an application named node-js-app
is deployed with following Dockerfile:
FROM ubuntu:24.04\nEXPOSE 1234\nCMD python3 -m SimpleHTTPServer 1234\n
The application would be exposed to the user at node-js-app.dokku.me:1234
. If this is not desired, the following application configuration may be applied:
# add a port mapping to port 80\ndokku ports:add node-js-app http:80:1234\n\n# remove the incorrect port mapping\ndokku ports:remove node-js-app http:1234:1234\n
"},{"location":"networking/port-management/#applications-not-using-expose","title":"Applications not using EXPOSE","text":"Any application that does not use an EXPOSE
directive will result in Dokku defaulting to port 5000
. This behavior mimics the behavior of a Buildpack deploy. If your application does not support the PORT
environment variable, then you will either need to:
PORT
environment variable.EXPOSE
directive in your Dockerfile.You can get a report about the app's ports status using the ports:report
command:
dokku ports:report\n
=====> node-js-app ports information\n Port map detected: http:80:5000\n Port map: http:80:5000 https:443:5000\n=====> python-sample ports information\n Port map detected: http:80:5000\n Port map: http:80:5000\n=====> ruby-sample ports information\n Port map detected: http:80:5000\n Port map: http:80:5000\n
You can run the command for a specific app also.
ShellOutputdokku ports:report node-js-app\n
=====> node-js-app ports information\n Port map detected: http:80:5000\n Port map: http:80:5000 https:443:5000\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku ports:report node-js-app --ports-map\n
"},{"location":"networking/proxy-management/","title":"Proxy Management","text":"New
Introduced in 0.5.0, Enhanced in 0.6.0
proxy:build-config [--parallel count] [--all|<app>] # (Re)builds config for given app\nproxy:clear-config [--all|<app>] # Clears config for given app\nproxy:disable [--parallel count] [--all|<app>] # Disable proxy for app\nproxy:enable [--parallel count] [--all|<app>] # Enable proxy for app\nproxy:report [<app>] [<flag>] # Displays a proxy report for one or more apps\nproxy:set [<app>|--global] <proxy-type> # Set proxy type for app\n
In Dokku 0.5.0, port proxying was decoupled from the nginx-vhosts
plugin into the proxy plugin. Dokku 0.6.0 introduced the ability to map host ports to specific container ports. This allows other proxy software - such as HAProxy or Caddy - to be used in place of nginx.
The default proxy shipped with Dokku is nginx
. It can be changed via the proxy:set
command.
dokku proxy:set node-js-app caddy\n
-----> Setting config vars\n DOKKU_APP_PROXY_TYPE: caddy\n
The proxy may also be set on a global basis. This is usually preferred as running multiple proxy implementations may cause port collision issues.
ShellOutputdokku proxy:set --global caddy\n
-----> Setting config vars\n DOKKU_PROXY_TYPE: caddy\n
Changing the proxy does not stop or start any given proxy implementation. Please see the documentation for your proxy implementation for details on how to perform a change.
"},{"location":"networking/proxy-management/#regenerating-proxy-config","title":"Regenerating proxy config","text":"In certain cases, your app proxy configs may drift from the correct config for your app. You may regenerate the config at any point via the proxy:build-config
command. This command will trigger a rebuild for the configured proxy implementation (default: nginx) for a given app. The command may fail if there are no current web listeners for your app.
dokku proxy:build-config node-js-app\n
All apps may have their proxy config rebuilt by using the --all
flag.
dokku proxy:build-config --all\n
By default, rebuilding proxy configs for all apps happens serially. The parallelism may be controlled by the --parallel
flag.
dokku proxy:build-config --all --parallel 2\n
Finally, the number of parallel workers may be automatically set to the number of CPUs available by setting the --parallel
flag to -1
dokku proxy:build-config --all --parallel -1\n
"},{"location":"networking/proxy-management/#clearing-the-generated-proxy-config","title":"Clearing the generated proxy config","text":"New
Introduced in 0.27.0
Generated proxy configurations can also be cleared using the proxy:clear-config
command.
dokku proxy:clear-config node-js-app\n
All apps may have their proxy config cleared by using the --all
flag.
dokku proxy:clear-config --all\n
Clearing a proxy configuration has different effects depending on the proxy plugin in use. Consul the documentation for your proxy implementation for further details.
"},{"location":"networking/proxy-management/#displaying-proxy-reports-for-an-app","title":"Displaying proxy reports for an app","text":"New
Introduced in 0.8.1
You can get a report about the app's proxy status using the proxy:report
command:
dokku proxy:report\n
=====> node-js-app proxy information\n Proxy enabled: true\n Proxy type: nginx\n=====> python-sample proxy information\n Proxy enabled: true\n Proxy type: nginx\n=====> ruby-sample proxy information\n Proxy enabled: true\n Proxy type: nginx\n
You can run the command for a specific app also.
ShellOutputdokku proxy:report node-js-app\n
=====> node-js-app proxy information\n Proxy enabled: true\n Proxy type: nginx\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku proxy:report node-js-app --proxy-type\n
"},{"location":"networking/proxy-management/#proxy-port-scheme","title":"Proxy Port Scheme","text":"See the port scheme documentation for more information on the port mapping scheme used by dokku.
"},{"location":"networking/proxy-management/#proxy-port-mapping","title":"Proxy port mapping","text":"See the port management documentation for more information on how port mappings are managed for an application.
"},{"location":"networking/proxy-management/#container-network-interface-binding","title":"Container network interface binding","text":"Info
Changed as of 0.11.0
From Dokku versions 0.5.0
until 0.11.0
, enabling or disabling an application's proxy would also control whether or not the application was bound to all interfaces - e.g. 0.0.0.0
. As of 0.11.0
, this is now controlled by the network plugin. Please see the network documentation for more information.
Custom plugins names must have the suffix -vhosts
or scheduler overriding via proxy:set
may not function as expected.
At this time, the following dokku commands are used to interact with a complete proxy implementation.
domains:add
: Adds a given domain to an app.post-domains-update
domains:clear
: Clears out an app's associated domains.post-domains-update
domains:disable
: Disables domains for an app.pre-disable-vhost
domains:enable
: Enables domains for an app.pre-enable-vhost
domains:remove
: Removes a domain from an app.post-domains-update
domains:set
: Sets all domains for a given app.post-domains-update
proxy:build-config
: Builds - or rebuilds - external proxy configuration.proxy-build-config
proxy:clear-config
: Clears out external proxy configuration.proxy-clear-config
proxy:disable
: Disables the proxy configuration for an app.proxy-disable
proxy:enable
: Enables the proxy configuration for an app.proxy-enable
ports:add
: Adds one or more port mappings to an apppost-proxy-ports-update
ports:clear
: Clears out all port mappings for an app.post-proxy-ports-update
ports:remove
: Removes one or more port mappings from an app.post-proxy-ports-update
ports:set
: Sets all port mappings for an app.post-proxy-ports-update
Proxy implementations may decide to omit some functionality here, or use plugin triggers to supplement config with information from other plugins.
Individual proxy implementations may trigger app rebuilds, depending on how proxy metadata is exposed for the proxy implementation.
Finally, proxy implementations may install extra software needed for the proxy itself in whatever manner deemed fit. Proxy software can run on the host itself or within a running Docker container with either exposed ports or host networking.
"},{"location":"networking/proxies/caddy/","title":"Caddy Proxy","text":"New
Introduced in 0.28.0
Dokku provides integration with the Caddy proxy service by utilizing the Docker label-based integration implemented by Caddy.
caddy:report [<app>] [<flag>] # Displays a caddy report for one or more apps\ncaddy:logs [--num num] [--tail] # Display caddy log output\ncaddy:set <app> <property> (<value>) # Set or clear an caddy property for an app\ncaddy:show-config <app> # Display caddy compose config\ncaddy:start # Starts the caddy server\ncaddy:stop # Stops the caddy server\n
"},{"location":"networking/proxies/caddy/#requirements","title":"Requirements","text":"Using the caddy
plugin integration requires the docker-compose-plugin
for Docker. See this document from the Docker documentation for more information on the installation process for the docker-compose-plugin
.
Warning
As using multiple proxy plugins on a single Dokku installation can lead to issues routing requests to apps, doing so should be avoided. As the default proxy implementation is nginx, users are encouraged to stop the nginx service before switching to Caddy.
The Caddy plugin has specific rules for routing requests:
web
containers have Caddy labels injected by the plugin.http:80
and https:443
port mappings are supported.http:80
mapping is found, the first http
port mapping is used for http requests.https:443
mapping is found, the first https
port mapping is used for https requests.https
mapping is found, the container port from http:80
will be used for https requests.To use the Caddy plugin, use the proxy:set
command for the app in question:
dokku proxy:set node-js-app caddy\n
This will enable the docker label-based Caddy integration. All future deploys will inject the correct labels for Caddy to read and route requests to containers. Due to the docker label-based integration used by Caddy, a single deploy or rebuild will be required before requests will route successfully.
dokku ps:rebuild node-js-app\n
Any changes to domains or port mappings will also require either a deploy or rebuild.
"},{"location":"networking/proxies/caddy/#starting-caddy-container","title":"Starting Caddy container","text":"Caddy can be started via the caddy:start
command. This will start a Caddy container via the docker compose up
command.
dokku caddy:start\n
"},{"location":"networking/proxies/caddy/#stopping-the-caddy-container","title":"Stopping the Caddy container","text":"Caddy may be stopped via the caddy:stop
command.
dokku caddy:stop\n
The Caddy container will be stopped and removed from the system. If the container is not running, this command will do nothing.
"},{"location":"networking/proxies/caddy/#showing-the-caddy-compose-config","title":"Showing the Caddy compose config","text":"For debugging purposes, it may be useful to show the Caddy compose config. This can be achieved via the caddy:show-config
command.
dokku caddy:show-config\n
"},{"location":"networking/proxies/caddy/#customizing-the-caddy-container-image","title":"Customizing the Caddy container image","text":"While the default Caddy image is hardcoded, users may specify an alternative by setting the image
property with the --global
flag:
dokku caddy:set --global image lucaslorentz/caddy-docker-proxy:2.7\n
"},{"location":"networking/proxies/caddy/#checking-the-caddy-containers-logs","title":"Checking the Caddy container's logs","text":"It may be necessary to check the Caddy container's logs to ensure that Caddy is operating as expected. This can be performed with the caddy:logs
command.
dokku caddy:logs\n
This command also supports the following modifiers:
--num NUM # the number of lines to display\n--tail # continually stream logs\n
You can use these modifiers as follows:
dokku caddy:logs --tail --num 10\n
The above command will show logs continually from the caddy container, with an initial history of 10 log lines
"},{"location":"networking/proxies/caddy/#changing-the-caddy-log-level","title":"Changing the Caddy log level","text":"Caddy log output is set to ERROR
by default. It may be changed by setting the log-level
property with the --global
flag:
dokku caddy:set --global log-level DEBUG\n
After modifying, the Caddy container will need to be restarted.
"},{"location":"networking/proxies/caddy/#ssl-configuration","title":"SSL Configuration","text":"The caddy plugin only supports automatic ssl certificates from it's letsencrypt integration. Managed certificates provided by the certs
plugin are ignored.
By default, letsencrypt is disabled and https port mappings are ignored. To enable, set the letsencrypt-email
property with the --global
flag:
dokku caddy:set --global letsencrypt-email automated@dokku.sh\n
After enabling, the Caddy container will need to be restarted and apps will need to be rebuilt. All http requests will then be redirected to https.
"},{"location":"networking/proxies/caddy/#customizing-the-letsencrypt-server","title":"Customizing the letsencrypt server","text":"The letsencrypt integration is set to the production letsencrypt server by default. To change this, set the letsencrypt-server
property with the --global
flag:
dokku caddy:set --global letsencrypt-server https://acme-staging-v02.api.letsencrypt.org/directory\n
After enabling, the Caddy container will need to be restarted and apps will need to be rebuilt to retrieve certificates from the new server.
"},{"location":"networking/proxies/caddy/#using-caddys-internal-tls-server","title":"Using Caddy's Internal TLS server","text":"To switch to Caddy's internal TLS server for certificate provisioning, set the tls-internal
property. This can only be set on a per-app basis.
dokku caddy:set node-js-app tls-internal true\n
"},{"location":"networking/proxies/caddy/#displaying-caddy-reports-for-an-app","title":"Displaying Caddy reports for an app","text":"You can get a report about the app's Caddy config using the caddy:report
command:
dokku caddy:report\n
=====> node-js-app caddy information\n Caddy image: lucaslorentz/caddy-docker-proxy:2.7\n Caddy letsencrypt email:\n Caddy letsencrypt server:\n Caddy log level: ERROR\n Caddy polling interval: 5s\n Caddy tls internal: false\n=====> python-app caddy information\n Caddy image: lucaslorentz/caddy-docker-proxy:2.7\n Caddy letsencrypt email:\n Caddy letsencrypt server:\n Caddy log level: ERROR\n Caddy polling interval: 5s\n Caddy tls internal: false\n=====> ruby-app caddy information\n Caddy image: lucaslorentz/caddy-docker-proxy:2.7\n Caddy letsencrypt email:\n Caddy letsencrypt server:\n Caddy log level: ERROR\n Caddy polling interval: 5s\n Caddy tls internal: false\n
You can run the command for a specific app also.
ShellOutputdokku caddy:report node-js-app\n
=====> node-js-app caddy information\n Caddy image: lucaslorentz/caddy-docker-proxy:2.7\n Caddy letsencrypt email:\n Caddy letsencrypt server:\n Caddy log level: ERROR\n Caddy polling interval: 5s\n Caddy tls internal: false\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku caddy:report node-js-app --caddy-image\n
"},{"location":"networking/proxies/haproxy/","title":"Haproxy Proxy","text":"New
Introduced in 0.28.0
Dokku provides integration with the Haproxy proxy service by utilizing the Docker label-based integration implemented by EasyHaproxy.
haproxy:report [<app>] [<flag>] # Displays a haproxy report for one or more apps\nhaproxy:logs [--num num] [--tail] # Display haproxy log output\nhaproxy:set <app> <property> (<value>) # Set or clear an haproxy property for an app\nhaproxy:show-config <app> # Display haproxy compose config\nhaproxy:start # Starts the haproxy server\nhaproxy:stop # Stops the haproxy server\n
"},{"location":"networking/proxies/haproxy/#requirements","title":"Requirements","text":"Using the haproxy
plugin integration requires the docker-compose-plugin
for Docker. See this document from the Docker documentation for more information on the installation process for the docker-compose-plugin
.
Warning
As using multiple proxy plugins on a single Dokku installation can lead to issues routing requests to apps, doing so should be avoided. As the default proxy implementation is nginx, users are encouraged to stop the nginx service before switching to Haproxy.
The Haproxy plugin has specific rules for routing requests:
web
containers have Haproxy labels injected by the plugin.http:80
and https:443
port mappings are supported at this time.To use the Haproxy plugin, use the proxy:set
command for the app in question:
dokku proxy:set node-js-app haproxy\n
This will enable the docker label-based Haproxy integration. All future deploys will inject the correct labels for Haproxy to read and route requests to containers. Due to the docker label-based integration used by Haproxy, a single deploy or rebuild will be required before requests will route successfully.
dokku ps:rebuild node-js-app\n
Any changes to domains or port mappings will also require either a deploy or rebuild.
"},{"location":"networking/proxies/haproxy/#starting-haproxy-container","title":"Starting Haproxy container","text":"Haproxy can be started via the haproxy:start
command. This will start a Haproxy container via the docker compose up
command.
dokku haproxy:start\n
"},{"location":"networking/proxies/haproxy/#stopping-the-haproxy-container","title":"Stopping the Haproxy container","text":"Haproxy may be stopped via the haproxy:stop
command.
dokku haproxy:stop\n
The Haproxy container will be stopped and removed from the system. If the container is not running, this command will do nothing.
"},{"location":"networking/proxies/haproxy/#showing-the-haproxy-compose-config","title":"Showing the Haproxy compose config","text":"For debugging purposes, it may be useful to show the Haproxy compose config. This can be achieved via the haproxy:show-config
command.
dokku haproxy:show-config\n
"},{"location":"networking/proxies/haproxy/#customizing-the-haproxy-container-image","title":"Customizing the Haproxy container image","text":"While the default Haproxy image is hardcoded, users may specify an alternative by setting the image
property with the --global
flag:
dokku haproxy:set --global image byjg/easy-haproxy:4.0.0\n
"},{"location":"networking/proxies/haproxy/#checking-the-haproxy-containers-logs","title":"Checking the Haproxy container's logs","text":"It may be necessary to check the Haproxy container's logs to ensure that Haproxy is operating as expected. This can be performed with the haproxy:logs
command.
dokku haproxy:logs\n
This command also supports the following modifiers:
--num NUM # the number of lines to display\n--tail # continually stream logs\n
You can use these modifiers as follows:
dokku haproxy:logs --tail --num 10\n
The above command will show logs continually from the vector container, with an initial history of 10 log lines
"},{"location":"networking/proxies/haproxy/#changing-the-haproxy-log-level","title":"Changing the Haproxy log level","text":"Haproxy log output is set to ERROR
by default. It may be changed by setting the log-level
property with the --global
flag:
dokku haproxy:set --global log-level DEBUG\n
After modifying, the Haproxy container will need to be restarted.
"},{"location":"networking/proxies/haproxy/#ssl-configuration","title":"SSL Configuration","text":"The haproxy plugin only supports automatic ssl certificates from it's letsencrypt integration. Managed certificates provided by the certs
plugin are ignored.
By default, letsencrypt is disabled and https port mappings are ignored. To enable, set the letsencrypt-email
property with the --global
flag:
dokku haproxy:set --global letsencrypt-email automated@dokku.sh\n
After enabling, the Haproxy container will need to be restarted and apps will need to be rebuilt. All http requests will then be redirected to https.
"},{"location":"networking/proxies/haproxy/#customizing-the-letsencrypt-server","title":"Customizing the letsencrypt server","text":"The letsencrypt integration is set to the production letsencrypt server by default. To change this, set the letsencrypt-server
property with the --global
flag:
dokku haproxy:set --global letsencrypt-server https://acme-staging-v02.api.letsencrypt.org/directory\n
After enabling, the Haproxy container will need to be restarted and apps will need to be rebuilt to retrieve certificates from the new server.
"},{"location":"networking/proxies/haproxy/#displaying-haproxy-reports-for-an-app","title":"Displaying Haproxy reports for an app","text":"You can get a report about the app's Haproxy config using the haproxy:report
command:
dokku haproxy:report\n
=====> node-js-app haproxy information\n Haproxy image: byjg/easy-haproxy:4.0.0\n=====> python-app haproxy information\n Haproxy image: byjg/easy-haproxy:4.0.0\n=====> ruby-app haproxy information\n Haproxy image: byjg/easy-haproxy:4.0.0\n
You can run the command for a specific app also.
ShellOutputdokku haproxy:report node-js-app\n
=====> node-js-app haproxy information\n Haproxy image: byjg/easy-haproxy:4.0.0\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku haproxy:report node-js-app --haproxy-image\n
"},{"location":"networking/proxies/nginx/","title":"Nginx Proxy","text":"Dokku uses nginx as its server for routing requests to specific applications. By default, access and error logs are written for each app to /var/log/nginx/${APP}-access.log
and /var/log/nginx/${APP}-error.log
respectively
nginx:access-logs <app> [-t] # Show the nginx access logs for an application (-t follows)\nnginx:error-logs <app> [-t] # Show the nginx error logs for an application (-t follows)\nnginx:report [<app>] [<flag>] # Displays a nginx report for one or more apps\nnginx:set <app> <property> (<value>) # Set or clear an nginx property for an app\nnginx:show-config <app> # Display app nginx config\nnginx:start # Starts the nginx server\nnginx:stop # Stops the nginx server\nnginx:validate-config [<app>] [--clean] # Validates and optionally cleans up invalid nginx configurations\n
"},{"location":"networking/proxies/nginx/#usage","title":"Usage","text":"Warning
As using multiple proxy plugins on a single Dokku installation can lead to issues routing requests to apps, doing so should be avoided.
"},{"location":"networking/proxies/nginx/#request-proxying","title":"Request Proxying","text":"By default, the web
process is the only process proxied by the nginx proxy implementation. Proxying to other process types may be handled by a custom nginx.conf.sigil
file, as generally described below
Nginx will proxy the requests in a round-robin balancing fashion to the different deployed (scaled) containers running the web
proctype. This way, the host's resources can be fully leveraged for single-threaded applications (e.g. dokku ps:scale node-js-app web=4
on a 4-core machine).
Note
Due to how the plugin is implemented, if an app successfully starts up web
containers but fails to deploy some other containers, nginx may eventually stop routing requests. Users should revert their code in these cases, or manually trigger dokku proxy:build-config $APP
in order to ensure requests route to the new web containers.
New
Introduced in 0.28.0
The nginx server can be started via nginx:start
.
dokku nginx:start\n
"},{"location":"networking/proxies/nginx/#stopping-nginx","title":"Stopping nginx","text":"New
Introduced in 0.28.0
The nginx server can be stopped via nginx:stop
.
dokku nginx:stop\n
"},{"location":"networking/proxies/nginx/#checking-access-logs","title":"Checking access logs","text":"Note
Changing this value globally or on a per-app basis will require rebuilding the nginx config via the proxy:build-config
command.
You may check nginx access logs via the nginx:access-logs
command. This assumes that app access logs are being stored in /var/log/nginx/$APP-access.log
, as is the default in the generated nginx.conf
.
dokku nginx:access-logs node-js-app\n
You may also follow the logs by specifying the -t
flag.
dokku nginx:access-logs node-js-app -t\n
"},{"location":"networking/proxies/nginx/#checking-error-logs","title":"Checking error logs","text":"You may check nginx error logs via the nginx:error-logs
command. This assumes that app error logs are being stored in /var/log/nginx/$APP-error.log
, as is the default in the generated nginx.conf
.
dokku nginx:error-logs node-js-app\n
You may also follow the logs by specifying the -t
flag.
dokku nginx:error-logs node-js-app -t\n
"},{"location":"networking/proxies/nginx/#showing-the-nginx-config","title":"Showing the nginx config","text":"For debugging purposes, it may be useful to show the nginx config. This can be achieved via the nginx:show-config
command.
dokku nginx:show-config node-js-app\n
"},{"location":"networking/proxies/nginx/#validating-nginx-configs","title":"Validating nginx configs","text":"It may be desired to validate an nginx config outside of the deployment process. To do so, run the nginx:validate-config
command. With no arguments, this will validate all app nginx configs, one at a time. A minimal wrapper nginx config is generated for each app's nginx config, upon which nginx -t
will be run.
dokku nginx:validate-config\n
As app nginx configs are actually executed within a shared context, it is possible for an individual config to be invalid when being validated standalone but also be valid within the global server context. As such, the exit code for the nginx:validate-config
command is the exit code of nginx -t
against the server's real nginx config.
The nginx:validate-config
command also takes an optional --clean
flag. If specified, invalid nginx configs will be removed.
Warning
Invalid app nginx config's will be removed even if the config is valid in the global server context.
dokku nginx:validate-config --clean\n
The --clean
flag may also be specified for a given app:
dokku nginx:validate-config node-js-app --clean\n
"},{"location":"networking/proxies/nginx/#custom-error-pages","title":"Custom Error Pages","text":"By default, Dokku provides custom error pages for the following three categories of errors:
These are provided as an alternative to the generic Nginx error page, are shared for all applications, and their contents are located on disk at /var/lib/dokku/data/nginx-vhosts/dokku-errors
. To customize them for a specific app, create a custom nginx.conf.sigil
as described above and change the paths to point elsewhere.
By default, Dokku will route any received request with an unknown HOST header value to the lexicographically first site in the nginx config stack. This means that accessing the dokku server via its IP address or a bogus domain name may return a seemingly random website.
Warning
Some versions of Nginx may create a default site when installed. This site is simply a static page which says \"Welcome to Nginx\", and if this default site is enabled, Nginx will not route any requests with an unknown HOST header to Dokku. If you want Dokku to receive all requests, run the following commands:
rm /etc/nginx/sites-enabled/default\ndokku nginx:stop\ndokku nginx:start\n
If services should only be accessed via their domain name, you may want to disable the default site by adding the following configuration to the global nginx configuration.
Create the file at /etc/nginx/conf.d/00-default-vhost.conf
:
server {\n listen 80 default_server;\n listen [::]:80 default_server;\n\n # If services hosted by dokku are available via HTTPS, it is recommended\n # to also uncomment the following section.\n #\n # Please note that in order to let this work, you need an SSL certificate. However\n # it does not need to be valid. Users of Debian-based distributions can install the\n # `ssl-cert` package with `sudo apt install ssl-cert` to automatically generate\n # a self-signed certificate that is stored at `/etc/ssl/certs/ssl-cert-snakeoil.pem`.\n #\n #listen 443 ssl;\n #listen [::]:443 ssl;\n #ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem;\n #ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key;\n\n server_name _;\n access_log off;\n return 444;\n}\n
Make sure to reload nginx after creating this file by running systemctl reload nginx.service
.
This will catch all unknown HOST header values and close the connection without responding. You can replace the return 444;
with return 410;
which will cause nginx to respond with an error page.
The configuration file must be loaded before /etc/nginx/conf.d/dokku.conf
, so it can not be arranged as a vhost in /etc/nginx/sites-enabled
that is only processed afterwards.
Alternatively, you may push an app to your Dokku host with a name like \"00-default\". As long as it lists first in ls /home/dokku/*/nginx.conf | head
, it will be used as the default nginx vhost.
New
Introduced in 0.5.0
Dokku uses a templating library by the name of sigil to generate nginx configuration for each app. This may be overridden by committing the default configuration template to a file named nginx.conf.sigil
.
The nginx.conf.sigil
is expected to be found in a specific directory, depending on the deploy approach:
WORKDIR
of the Docker image for deploys resulting from git:from-image
and git:load-image
commands.git:from-archive
, git:sync
).Sometimes it may be desirable to set a different path for a given app, e.g. when deploying from a monorepo. This can be done via the nginx-conf-sigil-path
property:
dokku nginx:set node-js-app nginx-conf-sigil-path .dokku/nginx.conf.sigil\n
The value is the path to the desired file relative to the base search directory, and will never be treated as absolute paths in any context. If that file does not exist within the repository, Dokku will continue the build process as if the repository has no nginx.conf.sigil
.
The default value may be set by passing an empty value for the option:
dokku nginx:set node-js-app nginx-conf-sigil-path\n
The nginx-conf-sigil-path
property can also be set globally. The global default is nginx.conf.sigil
, and the global value is used when no app-specific value is set.
dokku nginx:set --global nginx-conf-sigil-path nginx.conf.sigil\n
The default value may be set by passing an empty value for the option.
dokku nginx:set --global nginx-conf-sigil-path\n
Info
The default template may change with new releases of Dokku. Please refer to the appropriate template file version for your Dokku version, and make sure to look out for changes when you upgrade.
"},{"location":"networking/proxies/nginx/#disabling-custom-nginx-config","title":"Disabling custom nginx config","text":"Note
Changing this value globally or on a per-app basis will require rebuilding the nginx config via the proxy:build-config
command.
While enabled by default, using a custom nginx config can be disabled via nginx:set
. This may be useful in cases where you do not want to allow users to override any higher-level customization of app nginx config.
# enable fetching custom config (default)\ndokku nginx:set node-js-app disable-custom-config false\n\n# disable fetching custom config\ndokku nginx:set node-js-app disable-custom-config true\n
Unsetting this value is the same as enabling custom nginx config usage.
"},{"location":"networking/proxies/nginx/#available-template-variables","title":"Available template variables","text":"{{ .APP }} Application name\n{{ .APP_SSL_PATH }} Path to SSL certificate and key\n{{ .DOKKU_ROOT }} Global Dokku root directory (ex: app dir would be `{{ .DOKKU_ROOT }}/{{ .APP }}`)\n{{ .PROXY_PORT }} Non-SSL nginx listener port (same as `DOKKU_PROXY_PORT` config var)\n{{ .PROXY_SSL_PORT }} SSL nginx listener port (same as `DOKKU_PROXY_SSL_PORT` config var)\n{{ .NOSSL_SERVER_NAME }} List of non-SSL VHOSTS\n{{ .PROXY_PORT_MAP }} List of port mappings (same as the `map` ports property)\n{{ .PROXY_UPSTREAM_PORTS }} List of configured upstream ports (derived from the `map` ports property)\n{{ .SSL_INUSE }} Boolean set when an app is SSL-enabled\n{{ .SSL_SERVER_NAME }} List of SSL VHOSTS\n
Finally, each process type has it's network listeners - a list of IP:PORT pairs for the respective app containers - exposed via an .DOKKU_APP_${PROCESS_TYPE}_LISTENERS
variable - the PROCESS_TYPE
will be upper-cased with hyphens transformed into underscores. Users can use the new variables to expose non-web processes via the nginx proxy.
Note
Application environment variables are available for use in custom templates. To do so, use the form of {{ var \"FOO\" }}
to access a variable named FOO
.
The default nginx.conf template will include everything from your apps nginx.conf.d/
subdirectory in the main server {}
block (see above):
include {{ .DOKKU_ROOT }}/{{ .APP }}/nginx.conf.d/*.conf;\n
That means you can put additional configuration in separate files. To increase the client request header timeout, the following can be performed:
mkdir /home/dokku/node-js-app/nginx.conf.d/\necho 'client_header_timeout 50s;' > /home/dokku/node-js-app/nginx.conf.d/timeout.conf\nchown dokku:dokku /home/dokku/node-js-app/nginx.conf.d/upload.conf\nservice nginx reload\n
The example above uses additional configuration files directly on the Dokku host. Unlike the nginx.conf.sigil
file, these additional files will not be copied over from your application repo, and thus need to be placed in the /home/dokku/node-js-app/nginx.conf.d/
directory manually.
For PHP Buildpack users, you will also need to provide a Procfile
and an accompanying nginx.conf
file to customize the nginx config within the container. The following are example contents for your Procfile
web: vendor/bin/heroku-php-nginx -C nginx.conf -i php.ini php/\n
Your nginx.conf
file - not to be confused with Dokku's nginx.conf.sigil
- would also need to be configured as shown in this example:
client_header_timeout 50s;\nlocation / {\n index index.php;\n try_files $uri $uri/ /index.php$is_args$args;\n}\n
Please adjust the Procfile
and nginx.conf
file as appropriate.
The nginx plugin exposes a variety of properties configurable via the nginx:set
command. The properties are used to configure the generated nginx.conf
file from the nginx.conf.sigil
template. The value precedence is app-specific, then global, and finally the Dokku default.
The nginx:set command takes an app name or the --global
flag.
# set a property for the node-js-app\ndokku nginx:set node-js-app property-name some-value\n\n# set a property globally\ndokku nginx:set --global property-name some-value\n
Additionally, setting an empty value will result in reverting the value back to it's default. For app-specific values, this means that Dokku will revert to the globally specified (or global default) value.
# default the value back to the global value for node-js-app\ndokku nginx:set node-js-app property-name\n\n# use the dokku default as the global value\ndokku nginx:set --global property-name\n
Changing these value globally or on a per-app basis will require rebuilding the nginx config via the proxy:build-config
command.
Warning
Validation is not performed against the values, and they are used as is within Dokku.
Property Default Type Explanation access-log-format empty string string Name of custom log format to use (log format must be specified elsewhere) access-log-path${NGINX_LOG_ROOT}/${APP}-access.log
string Log path for nginx access logs (set to off
to disable) bind-address-ipv4 0.0.0.0
string Default IPv4 address to bind to bind-address-ipv6 [::]
string Default IPv6 address to bind to client-max-body-size 1m
string Size (with units) of client request body (usually modified for file uploads) error-log-path ${NGINX_LOG_ROOT}/${APP}-error.log
string Log path for nginx error logs (set to off
to disable) hsts true
boolean Enables or disables HSTS for your application hsts-include-subdomains true
boolean Forces the browser to apply the HSTS policy to all app subdomains hsts-max-age 15724800
integer Time in seconds to cache HSTS configuration hsts-preload false
boolean Tells the browser to include the domain in their HSTS preload lists nginx-conf-sigil-path nginx.conf.sigil
string Path in the repository to the nginx.conf.sigil
file proxy-buffer-size 8k
(# is os pagesize) string Size of the buffer used for reading the first part of proxied server response proxy-buffering on
string Enables or disables buffering of responses from the proxied server proxy-buffers 8 8k
string Number and size of the buffers used for reading the proxied server response, for a single connection proxy-busy-buffers-size 16k
string Limits the total size of buffers that can be busy sending a response to the client while the response is not yet fully read. proxy-read-timeout 60s
string Timeout (with units) for reading response from your backend server underscore-in-headers off
string Enables or disables the use of underscores in client request header fields. x-forwarded-for-value $remote_addr
string Used for specifying the header value to set for the X-Forwarded-For
header x-forwarded-port-value $server_port
string Used for specifying the header value to set for the X-Forwarded-Port
header x-forwarded-proto-value $scheme
string Used for specifying the header value to set for the X-Forwarded-Proto
header x-forwarded-ssl empty string string Less commonly used alternative to X-Forwarded-Proto
(valid values: on
or off
)"},{"location":"networking/proxies/nginx/#binding-to-specific-addresses","title":"Binding to specific addresses","text":"Note
Users with apps that contain a custom nginx.conf.sigil
file will need to modify the files to respect the new NGINX_BIND_ADDRESS_IPV4
and NGINX_BIND_ADDRESS_IPV6
variables.
Properties:
bind-address-ipv4
bind-address-ipv6
This is useful in cases where the proxying should be internal to a network or if there are multiple network interfaces that should respond with different content.
"},{"location":"networking/proxies/nginx/#hsts-header","title":"HSTS Header","text":"Warning
if you enable the header and a subsequent deploy of your application results in an HTTP deploy (for whatever reason), the way the header works means that a browser will not attempt to request the HTTP version of your site if the HTTPS version fails until the max-age is reached.
Properties:
hsts
hsts-include-subdomains
hsts-max-age
hsts-preload
If SSL certificates are present, HSTS will be automatically enabled.
"},{"location":"networking/proxies/nginx/#running-behind-another-proxy-configuring-x-forwarded-headers","title":"Running behind another proxy \u2014 configuringX-Forwarded-*
headers","text":"Warning
These values should only be modified if there is an intermediate Load balancer or CDN between the user and the Dokku server hosting your application.
Properties:
x-forwarded-for-value
x-forwarded-port-value
x-forwarded-proto-value
x-forwarded-ssl
Dokku's default Nginx configuration passes the de-facto standard HTTP headers X-Forwarded-For
, X-Forwarded-Proto
, and X-Forwarded-Port
to your application. These headers indicate the IP address of the original client making the request, the protocol of the original request (HTTP or HTTPS), and the port number of the original request, respectively.
If you have another HTTP proxy sitting in between the end user and your server (for example, a load balancer, or a CDN), then the values of these headers will contain information about (e.g. the IP address of) the closest proxy, and not the end user.
To fix this, assuming that the other proxy also passes X-Forwarded-*
headers, which in turn contain information about the end user, you can tell Nginx include those values in the X-Forwarded-*
headers that it sends to your application. You can do this via nginx:set
, like so:
dokku nginx:set node-js-app x-forwarded-for-value '$http_x_forwarded_for'\ndokku nginx:set node-js-app x-forwarded-port-value '$http_x_forwarded_port'\ndokku nginx:set node-js-app x-forwarded-proto-value '$http_x_forwarded_proto'\n
However, note that you should only do this if:
X-Forwarded-*
headers.Otherwise, if it's possible for clients to make HTTP requests directly against your server, bypassing the other proxy, or if the other proxy is not configured to set these headers, then a client can basically pass any arbitrary values for these headers (which your app then presumably reads) and thereby fake an IP address, for example.
There's also the X-Forwarded-Ssl
header which a less common alternative to X-Forwarded-Proto
\u2014 and because of that, isn't included in Dokku's default Nginx configuration. It can be turned on
if need be:
# force-setting value to `on`\ndokku nginx:set node-js-app x-forwarded-ssl on\n
"},{"location":"networking/proxies/nginx/#changing-log-path","title":"Changing log path","text":"Warning
The defaults should not be changed without verifying that the paths will be writeable by nginx.
Properties:
access-log-path
error-log-path
These setting can be useful for enabling or disabling logging by setting the values to off
.
dokku nginx:set node-js-app access-log-path off\ndokku nginx:set node-js-app error-log-path off\n
"},{"location":"networking/proxies/nginx/#changing-log-format","title":"Changing log format","text":"Properties:
acccess-log-format
Prior to changing the log-format, log formats should be specified at a file such as /etc/nginx/conf.d/00-log-formats.conf
. This will ensure they are available within your app's nginx context. For instance, the following may be added to the above file. It only needs to be specified once to be used for all apps.
# /etc/nginx/conf.d/00-log-formats.conf\n# escape=json was added in nginx 1.11.8\nlog_format json_combined escape=json\n '{'\n '\"time_local\":\"$time_local\",'\n '\"remote_addr\":\"$remote_addr\",'\n '\"remote_user\":\"$remote_user\",'\n '\"request\":\"$request\",'\n '\"status\":\"$status\",'\n '\"body_bytes_sent\":\"$body_bytes_sent\",'\n '\"request_time\":\"$request_time\",'\n '\"http_referrer\":\"$http_referer\",'\n '\"http_user_agent\":\"$http_user_agent\"'\n '}';\n
"},{"location":"networking/proxies/nginx/#specifying-a-read-timeout","title":"Specifying a read timeout","text":"Note
All numeric values must have a trailing time value specified (s
for seconds, m
for minutes).
Properties:
proxy-read-timeout
Note
All numerical values must have a trailing size unit specified (k
for kilobytes, m
for megabytes).
Properties:
client-max-body-size
This property is commonly used to increase the max file upload size.
Changing this value when using the PHP buildpack (or any other buildpack that uses an intermediary server) will require changing the value in the server config shipped with that buildpack. Consult your buildpack documentation for further details.
"},{"location":"networking/proxies/nginx/#other","title":"Other","text":""},{"location":"networking/proxies/nginx/#domains-plugin","title":"Domains plugin","text":"See the domain configuration documentation for more information on how to configure domains for your app.
"},{"location":"networking/proxies/nginx/#customizing-hostnames","title":"Customizing hostnames","text":"See the customizing hostnames documentation for more information on how to configure domains for your app.
"},{"location":"networking/proxies/nginx/#disabling-vhosts","title":"Disabling VHOSTS","text":"See the disabling vhosts documentation for more information on how to disable domain usage for your app.
"},{"location":"networking/proxies/nginx/#ssl-configuration","title":"SSL Configuration","text":"See the ssl documentation for more information on how to configure SSL certificates for your application.
"},{"location":"networking/proxies/nginx/#disabling-nginx","title":"Disabling Nginx","text":"See the proxy documentation for more information on how to disable nginx as the proxy implementation for your app.
"},{"location":"networking/proxies/nginx/#managing-proxy-port-mappings","title":"Managing Proxy Port mappings","text":"See the ports documentation for more information on how to manage ports proxied for your app.
"},{"location":"networking/proxies/nginx/#regenerating-nginx-config","title":"Regenerating nginx config","text":"See the proxy documentation for more information on how to rebuild the nginx proxy configuration for your app.
"},{"location":"networking/proxies/openresty/","title":"OpenResty Proxy","text":"New
Introduced in 0.31.0
Dokku can provide integration with the OpenResty proxy service by utilizing the Docker label-based integration implemented by openresty-docker-proxy.
openresty:report [<app>] [<flag>] # Displays a openresty report for one or more apps\nopenresty:logs [--num num] [--tail] # Display openresty log output\nopenresty:set <app> <property> (<value>) # Set or clear an openresty property for an app\nopenresty:show-config <app> # Display openresty compose config\nopenresty:start # Starts the openresty server\nopenresty:stop # Stops the openresty server\n
"},{"location":"networking/proxies/openresty/#requirements","title":"Requirements","text":"Using the openresty
plugin integration requires the docker-compose-plugin
for Docker. See this document from the Docker documentation for more information on the installation process for the docker-compose-plugin
.
Warning
As using multiple proxy plugins on a single Dokku installation can lead to issues routing requests to apps, doing so should be avoided. As the default proxy implementation is nginx, users are encouraged to stop the nginx service before switching to OpenResty.
The OpenResty plugin has specific rules for routing requests:
web
containers have OpenResty labels injected by the plugin.http:80
and https:443
port mappings are supported at this time.To use the OpenResty plugin, use the proxy:set
command for the app in question:
dokku proxy:set node-js-app openresty\n
This will enable the docker label-based OpenResty integration. All future deploys will inject the correct labels for OpenResty to read and route requests to containers. Due to the docker label-based integration used by OpenResty, a single deploy or rebuild will be required before requests will route successfully.
dokku ps:rebuild node-js-app\n
Any changes to domains or port mappings will also require either a deploy or rebuild.
"},{"location":"networking/proxies/openresty/#starting-openresty-container","title":"Starting OpenResty container","text":"OpenResty can be started via the openresty:start
command. This will start a OpenResty container via the docker compose up
command.
dokku openresty:start\n
"},{"location":"networking/proxies/openresty/#stopping-the-openresty-container","title":"Stopping the OpenResty container","text":"OpenResty may be stopped via the openresty:stop
command.
dokku openresty:stop\n
The OpenResty container will be stopped and removed from the system. If the container is not running, this command will do nothing.
"},{"location":"networking/proxies/openresty/#showing-the-openresty-compose-config","title":"Showing the OpenResty compose config","text":"For debugging purposes, it may be useful to show the OpenResty compose config. This can be achieved via the openresty:show-config
command.
dokku openresty:show-config\n
"},{"location":"networking/proxies/openresty/#customizing-the-openresty-container-image","title":"Customizing the OpenResty container image","text":"While the default OpenResty image is hardcoded, users may specify an alternative by setting the image
property with the --global
flag:
dokku openresty:set --global image dokku/openresty-docker-proxy:0.5.6\n
"},{"location":"networking/proxies/openresty/#checking-the-openresty-containers-logs","title":"Checking the OpenResty container's logs","text":"It may be necessary to check the OpenResty container's logs to ensure that OpenResty is operating as expected. This can be performed with the openresty:logs
command.
dokku openresty:logs\n
This command also supports the following modifiers:
--num NUM # the number of lines to display\n--tail # continually stream logs\n
You can use these modifiers as follows:
dokku openresty:logs --tail --num 10\n
The above command will show logs continually from the openresty container, with an initial history of 10 log lines
"},{"location":"networking/proxies/openresty/#customizing-openresty-settings-for-an-app","title":"Customizing Openresty Settings for an app","text":""},{"location":"networking/proxies/openresty/#openresty-properties","title":"OpenResty Properties","text":"The OpenResty plugin supports all properties supported by the nginx:set
command via openresty:set
. At this time, please consult the nginx documentation for more information on what properties are available.
Please note that the oldest running container will be used for OpenResty configuration, and thus newer config may not apply until older app containers are retired during/after a deploy, depending on your zero-downtime settings.
"},{"location":"networking/proxies/openresty/#custom-openresty-templates","title":"Custom OpenResty Templates","text":"At this time, the OpenResty plugin does not allow complete customization of the template used to manage an app's vhost. Apps will use a template provided by the OpenResty container to proxy requests. See the next section for documentation on how to configure portions of the template.
"},{"location":"networking/proxies/openresty/#injecting-custom-snippets-into-the-openresty-config","title":"Injecting custom snippets into the OpenResty config","text":"The OpenResty plugin allows users to specify templates in their repository for auto-injection into the OpenResty config. Please note that this configuration should be validated prior to deployment or may cause outages in your OpenResty proxy layer.
The following folders within an app repository may have *.conf
files that will be automatically injected into the OpenResty config.
openresty/http-includes/
: Injected in the server
block serving http(s) requests for the app.openresty/http-location-includes/
: Injected in the location
block that proxies to the app in the app's respective server
block.The OpenResty plugin only supports automatic ssl certificates from it's letsencrypt integration. Managed certificates provided by the certs
plugin are ignored.
By default, letsencrypt is disabled and https port mappings are ignored. To enable, set the letsencrypt-email
property with the --global
flag:
dokku openresty:set --global letsencrypt-email automated@dokku.sh\n
After enabling, the OpenResty container will need to be restarted and apps will need to be rebuilt. All http requests will then be redirected to https.
"},{"location":"networking/proxies/openresty/#customizing-the-letsencrypt-server","title":"Customizing the letsencrypt server","text":"The letsencrypt integration is set to the production letsencrypt server by default. To change this, set the letsencrypt-server
property with the --global
flag:
dokku openresty:set --global letsencrypt-server https://acme-staging-v02.api.letsencrypt.org/directory\n
After enabling, the OpenResty container will need to be restarted and apps will need to be rebuilt to retrieve certificates from the new server.
"},{"location":"networking/proxies/openresty/#limiting-letsencrypt-to-certain-domains","title":"Limiting letsencrypt to certain domains","text":"Warning
Changing this value may cause OpenResty to fail to start if the value is not valid. Caution should be exercised when changing this value from the defaults.
In cases where your server's IP may have invalid domains pointing at it, limiting letsencrypt to certain allowed domains may be desirable to reduce spam requests on the Letsencrypt servers. The default is to allow all domains to have certificates retrieved, but this can be limited by specifying the allowed-letsencrypt-domains-func-base64
global property.
The default internal value for allowed-letsencrypt-domains-func-base64
is the base64 representation of return true
, and is meant to be the body of a lua function that return a boolean value.
value=\"$(echo 'return true' | base64 -w 0)\"\ndokku openresty:set --global allowed-letsencrypt-domains-func-base64 $value\n
As this is a global value, once changed, OpenResty should be stopped and started again for the value to take effect:
dokku openresty:stop\ndokku openresty:start\n
A more complex example would be to limit provisioning of certificates to domains in a specific list. The body of the lua function has access to a variable domain
, and we can use it like so:
body='allowed_domains = {\"domain.com\", \"extra-domain.com\"}\n\nfor index, value in ipairs(allowed_domains) do\n if value == domain then\n return true\n end\nend\n\nreturn false\n'\nvalue=\"$(echo \"$body\" | base64 -w 0)\"\ndokku openresty:set --global allowed-letsencrypt-domains-func-base64 $value\n
To reset the value to the default, simply specify a blank value prior to restarting OpenResty:
dokku openresty:set --global allowed-letsencrypt-domains-func-base64\n
"},{"location":"networking/proxies/openresty/#displaying-openresty-reports-for-an-app","title":"Displaying OpenResty reports for an app","text":"You can get a report about the app's OpenResty config using the openresty:report
command:
dokku openresty:report\n
=====> node-js-app openresty information\n Openresty image: dokku/openresty-docker-proxy:0.5.6\n Openresty letsencrypt email: automated@dokku.sh\n=====> python-app openresty information\n Openresty image: dokku/openresty-docker-proxy:0.5.6\n Openresty letsencrypt email: automated@dokku.sh\n=====> ruby-app openresty information\n Openresty image: dokku/openresty-docker-proxy:0.5.6\n Openresty letsencrypt email: automated@dokku.sh\n
You can run the command for a specific app also.
ShellOutputdokku openresty:report node-js-app\n
=====> node-js-app openresty information\n Openresty image: dokku/openresty-docker-proxy:0.5.6\n Openresty letsencrypt email: automated@dokku.sh\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku openresty:report node-js-app --openresty-letsencrypt-email\n
"},{"location":"networking/proxies/traefik/","title":"Traefik Proxy","text":"New
Introduced in 0.28.0
Dokku provides integration with the Traefik proxy service by utilizing the Docker label-based integration implemented by Traefik.
traefik:report [<app>] [<flag>] # Displays a traefik report for one or more apps\ntraefik:logs [--num num] [--tail] # Display traefik log output\ntraefik:set <app> <property> (<value>) # Set or clear an traefik property for an app\ntraefik:show-config <app> # Display traefik compose config\ntraefik:start # Starts the traefik server\ntraefik:stop # Stops the traefik server\n
"},{"location":"networking/proxies/traefik/#requirements","title":"Requirements","text":"Using the traefik
plugin integration requires the docker-compose-plugin
for Docker. See this document from the Docker documentation for more information on the installation process for the docker-compose-plugin
.
Warning
As using multiple proxy plugins on a single Dokku installation can lead to issues routing requests to apps, doing so should be avoided. As the default proxy implementation is nginx, users are encouraged to stop the nginx service before switching to Traefik.
The Traefik plugin has specific rules for routing requests:
web
containers have Traefik labels injected by the plugin.http:80
and https:443
port mappings are supported.http:80
mapping is found, the first http
port mapping is used for http requests.https:443
mapping is found, the first https
port mapping is used for https requests.https
mapping is found, the container port from http:80
will be used for https requests.To use the Traefik plugin, use the proxy:set
command for the app in question:
dokku proxy:set node-js-app traefik\n
This will enable the docker label-based Traefik integration. All future deploys will inject the correct labels for Traefik to read and route requests to containers. Due to the docker label-based integration used by Traefik, a single deploy or rebuild will be required before requests will route successfully.
dokku ps:rebuild node-js-app\n
Any changes to domains or port mappings will also require either a deploy or rebuild.
"},{"location":"networking/proxies/traefik/#starting-traefik-container","title":"Starting Traefik container","text":"Traefik can be started via the traefik:start
command. This will start a Traefik container via the docker compose up
command.
dokku traefik:start\n
"},{"location":"networking/proxies/traefik/#stopping-the-traefik-container","title":"Stopping the Traefik container","text":"Traefik may be stopped via the traefik:stop
command.
dokku traefik:stop\n
The Traefik container will be stopped and removed from the system. If the container is not running, this command will do nothing.
"},{"location":"networking/proxies/traefik/#changing-the-traefik-entrypoint-names","title":"Changing the Traefik entrypoint names","text":"When you use a self-hosted Traefik instance, your entrypoint names might be different from the default http
and https
Use traefik:set
to set both http-entry-point
and https-entry-point
to custom values
dokku traefik:set --global http-entry-point web\ndokku traefik:set --global https-entry-point websecure\n
"},{"location":"networking/proxies/traefik/#showing-the-traefik-compose-config","title":"Showing the Traefik compose config","text":"For debugging purposes, it may be useful to show the Traefik compose config. This can be achieved via the traefik:show-config
command.
dokku traefik:show-config\n
"},{"location":"networking/proxies/traefik/#customizing-the-traefik-container-image","title":"Customizing the Traefik container image","text":"While the default Traefik image is hardcoded, users may specify an alternative by setting the image
property with the --global
flag:
dokku traefik:set --global image traefik:v2.8\n
"},{"location":"networking/proxies/traefik/#checking-the-traefik-containers-logs","title":"Checking the Traefik container's logs","text":"It may be necessary to check the Traefik container's logs to ensure that Traefik is operating as expected. This can be performed with the traefik:logs
command.
dokku traefik:logs\n
This command also supports the following modifiers:
--num NUM # the number of lines to display\n--tail # continually stream logs\n
You can use these modifiers as follows:
dokku traefik:logs --tail --num 10\n
The above command will show logs continually from the traefik container, with an initial history of 10 log lines
"},{"location":"networking/proxies/traefik/#changing-the-traefik-log-level","title":"Changing the Traefik log level","text":"Traefik log output is set to ERROR
by default. It may be changed by setting the log-level
property with the --global
flag:
dokku traefik:set --global log-level DEBUG\n
After modifying, the Traefik container will need to be restarted.
"},{"location":"networking/proxies/traefik/#ssl-configuration","title":"SSL Configuration","text":"The traefik plugin only supports automatic ssl certificates from it's letsencrypt integration. Managed certificates provided by the certs
plugin are ignored.
By default, letsencrypt is disabled and https port mappings are ignored. To enable, set the letsencrypt-email
property with the --global
flag:
dokku traefik:set --global letsencrypt-email automated@dokku.sh\n
After enabling, apps will need to be rebuilt and the Traefik container will need to be restarted. All http requests will then be redirected to https.
"},{"location":"networking/proxies/traefik/#customizing-the-letsencrypt-server","title":"Customizing the letsencrypt server","text":"The letsencrypt integration is set to the production letsencrypt server by default. To change this, set the letsencrypt-server
property with the --global
flag:
dokku traefik:set --global letsencrypt-server https://acme-staging-v02.api.letsencrypt.org/directory\n
After enabling, the Traefik container will need to be restarted and apps will need to be rebuilt to retrieve certificates from the new server.
"},{"location":"networking/proxies/traefik/#api-access","title":"API Access","text":"Traefik exposes an API and Dashboard, which Dokku disables by default for security reasons. It can be exposed and customized as described below.
"},{"location":"networking/proxies/traefik/#enabling-the-api","title":"Enabling the api","text":"Warning
Users enabling the dashboard should also enable api basic auth.
By default, the api is disabled. To enable, set the api-enabled
property with the --global
flag:
dokku traefik:set --global api-enabled true\n
After enabling, the Traefik container will need to be restarted.
"},{"location":"networking/proxies/traefik/#enabling-the-dashboard","title":"Enabling the dashboard","text":"Warning
Users enabling the dashboard should also enable api basic auth.
By default, the dashboard is disabled. To enable, set the dashboard-enabled
property with the --global
flag:
dokku traefik:set --global dashboard-enabled true\n
After enabling, the Traefik container will need to be restarted.
"},{"location":"networking/proxies/traefik/#enabling-api-basic-auth","title":"Enabling api basic auth","text":"Users enabling either the api or dashboard are encouraged to enable basic auth. This will apply only to the api/dashboard, and not to apps. To enable, set the basic-auth-username
and basic-auth-password
properties with the --global
flag:. Both must be set or basic auth will not be enabled.
dokku traefik:set --global basic-auth-username username\ndokku traefik:set --global basic-auth-password password\n
After enabling, the Traefik container will need to be restarted.
"},{"location":"networking/proxies/traefik/#customizing-the-api-hostname","title":"Customizing the api hostname","text":"The hostname used for the api and dashboard is set to traefik.dokku.me
by default. It can be customized by setting the api-vhost
property with the --global
flag:
dokku traefik:set --global api-vhost lb.dokku.me\n
After enabling, the Traefik container will need to be restarted.
"},{"location":"networking/proxies/traefik/#displaying-traefik-reports-for-an-app","title":"Displaying Traefik reports for an app","text":"You can get a report about the app's Traefik config using the traefik:report
command:
dokku traefik:report\n
=====> node-js-app traefik information\n Traefik api enabled: false\n Traefik api vhost: traefik.dokku.me\n Traefik basic auth password: password\n Traefik basic auth username: user\n Traefik dashboard enabled: false\n Traefik image: traefik:v2.8\n Traefik letsencrypt email:\n Traefik letsencrypt server:\n Traefik log level: ERROR\n=====> python-app traefik information\n Traefik api enabled: false\n Traefik api vhost: traefik.dokku.me\n Traefik basic auth password: password\n Traefik basic auth username: user\n Traefik dashboard enabled: false\n Traefik image: traefik:v2.8\n Traefik letsencrypt email:\n Traefik letsencrypt server:\n Traefik log level: ERROR\n=====> ruby-app traefik information\n Traefik api enabled: false\n Traefik api vhost: traefik.dokku.me\n Traefik basic auth password: password\n Traefik basic auth username: user\n Traefik dashboard enabled: false\n Traefik image: traefik:v2.8\n Traefik letsencrypt email:\n Traefik letsencrypt server:\n Traefik log level: ERROR\n
You can run the command for a specific app also.
ShellOutputdokku traefik:report node-js-app\n
=====> node-js-app traefik information\n Traefik api enabled: false\n Traefik api vhost: traefik.dokku.me\n Traefik basic auth password: password\n Traefik basic auth username: user\n Traefik dashboard enabled: false\n Traefik image: traefik:v2.8\n Traefik letsencrypt email:\n Traefik letsencrypt server:\n Traefik log level: ERROR\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku traefik:report node-js-app --traefik-api-enabled\n
"},{"location":"processes/entering-containers/","title":"Entering containers","text":"New
Introduced in 0.4.0
enter <app> [<container-type> || --container-id <container-id>] # Connect to a specific app container\n
"},{"location":"processes/entering-containers/#usage","title":"Usage","text":"The enter
command can be used to enter a running container. The following variations of the command exist:
# enter the web process\ndokku enter node-js-app web\n\n# enter the first web process\ndokku enter node-js-app web.1\n\n# enter a process for an app by container ID\ndokku enter node-js-app --container-id ID\n
The container-type
argument can be one either:
Procfile
, the name of a process type in your Procfile
.Procfile
, the word web
.If the specified process type is scaled up to more than one container, then the first container will be automatically selected. this can be overridden by specifying an integer index denoting the desired container, where the first container's index is 1
.
Additionally, the enter
command can be executed with no <container-type>
. If only a single <container-type>
is defined in the app's Procfile, executing enter
will drop the terminal into the only running container. This behavior is not supported when specifying a custom command; as described below.
By default, dokku enter
will run a /bin/bash
, but can also be used to run custom commands:
# just echo hi\ndokku enter node-js-app web echo hi\n\n# run a long-running command, as one might for a cron task\ndokku enter node-js-app web python script/background-worker.py\n
"},{"location":"processes/one-off-tasks/","title":"One-off Tasks","text":"run [-e|--env KEY=VALUE] [--no-tty] <app> <cmd> # Run a command in a new container using the current app image\nrun:detached [-e|-env KEY=VALUE] [--force-tty] <app> <cmd> # Run a command in a new detached container using the current app image\nrun:list [--format json|stdout] [<app>] # List all run containers for an app\nrun:logs <app|--container CONTAINER> [-h] [-t] [-n num] [-q] # Display recent log output for run containers\nrun:stop <app|--container CONTAINER> # Stops all run containers for an app or a specified run container\n
Sometimes it is necessary to run a one-off command under an app. Dokku makes it easy to run a fresh container via the run
command.
The run
command can be used to run a one-off process for a specific command. This will start a new container and run the desired command within that container. The container image will be the same container image as was used to start the currently deployed app.
New
Introduced in 0.25.0, this container will be removed after the process exits.
# runs `ls -lah` in the `/app` directory of the app `node-js-app`\ndokku run node-js-app ls -lah\n\n# optionally, run can be passed custom environment variables\ndokku run --env \"NODE_ENV=development\" --env \"PATH=/custom/path\" node-js-app npm run mytask\n
One off containers are removed at the end of process execution.
"},{"location":"processes/one-off-tasks/#running-procfile-commands","title":"Running Procfile commands","text":"The run
command can also be used to run a command defined in the app Procfile
:
console: bundle exec racksh\n
# runs `bundle exec racksh` in the `/app` directory of the app `my-app`\ndokku run my-app console\n
"},{"location":"processes/one-off-tasks/#specifying-container-labels","title":"Specifying container labels","text":"Containers may have specific labels attached. In order to avoid issues with dokku internals, do not use any labels beginning with either com.dokku
or org.label-schema
.
dokku --label=com.example.test-label=value run node-js-app ls -lah\n
"},{"location":"processes/one-off-tasks/#disabling-tty","title":"Disabling TTY","text":"New
Introduced in 0.25.0
One-off containers default to interactive mode where possible. To disable this behavior, specify the --no-tty
flag:
dokku run --no-tty node-js-app ls -lah\n
"},{"location":"processes/one-off-tasks/#running-a-detached-container","title":"Running a detached container","text":"New
Introduced in 0.25.0
Finally, a container can be run in \"detached\" mode via the run:detached
Dokku command. Running a process in detached mode will immediately return a CONTAINER_ID
. Detached containers are run without a tty and are also removed at the end of process execution.
dokku run:detached node-js-app ls -lah\n# returns the ID of the new container\n
To start a detached container with a tty, specify the --force-tty
flag. Containers will still exit upon command termination, but can be attached to as long as they are running.
dokku run:detached --force-tty node-js-app bash\n
"},{"location":"processes/one-off-tasks/#displaying-one-off-container-logs","title":"Displaying one-off container logs","text":"You can easily get logs of all one-off containers for an app using the logs
command:
dokku run:logs node-js-app\n
Logs are pulled via integration with the scheduler for the specified application via \"live tailing\". As such, logs from previously running deployments are usually not available. Users that desire to see logs from previous deployments for debugging purposes should persist those logs to external services. Please see Dokku's vector integration for more information on how to persist logs across deployments to ship logs to another service or a third-party platform.
"},{"location":"processes/one-off-tasks/#behavioral-modifiers","title":"Behavioral modifiers","text":"Dokku also supports certain command-line arguments that augment the run:log
command's behavior.
--container NAME # the name of a specific container to show logs for\n-n, --num NUM # the number of lines to display\n-t, --tail # continually stream logs\n-q, --quiet # display raw logs without colors, time and names\n
You can use these modifiers as follows:
dokku run:logs -t --container node-js-app.run.1234\n
The above command will show logs continually from the node-js-app.run.1234
one-off run process.
New
Introduced in 0.25.0
One-off containers for a given app can be listed via the run:list
command:
dokku run:list node-js-app\n
=====> node-js-app run containers\nNAMES COMMAND CREATED\nnode-js-app.run.28689 \"/exec sleep 15\" 2 seconds ago\n
Info
The COMMAND
displayed will be what Docker executes and may not exactly match the command specified by a dokku run
command.
The output can also be shown in json format:
ShellOutputdokku run:list node-js-app --format json\n
[\n {\n \"name\": \"node-js-app.run.28689\",\n \"state\": \"running\",\n \"command\": \"\\\"/exec 'sleep 15'\\\"\",\n \"created_at\": \"2022-08-03 05:47:44 +0000 UTC\"\n }\n]\n
"},{"location":"processes/one-off-tasks/#stopping-a-one-off-container","title":"Stopping a one-off container","text":"New
Introduced in 0.29.0
Run containers for an app can be stopped via the run:stop
command. The output will be the container id.
# start a container\n# the output will be something like: node-js-app.run.2313\ndokku run node-js-app sleep 300\n\n# stop the container\ndokku run:stop --container node-js-app.run.2313\n
node-js-app.run.2313\n
All containers for a given app can be stopped by specifying the app name.
ShellOutputdokku run:stop node-js-app\n
node-js-app.run.2313\nnode-js-app.run.574\n
"},{"location":"processes/process-management/","title":"Process Management","text":"New
Introduced in 0.3.14, Enhanced in 0.7.0
ps:inspect <app> # Displays a sanitized version of docker inspect for an app\nps:rebuild [--parallel count] [--all|<app>] # Rebuilds an app from source\nps:report [<app>] [<flag>] # Displays a process report for one or more apps\nps:restart [--parallel count] [--all|<app>] [<process-name>] # Restart an app\nps:restore [<app>] # Start previously running apps e.g. after reboot\nps:scale [--skip-deploy] <app> <proc>=<count> [<proc>=<count>...] # Get/Set how many instances of a given process to run\nps:set <app> <key> <value> # Set or clear a ps property for an app\nps:start [--parallel count] [--all|<app>] # Start an app\nps:stop [--parallel count] [--all|<app>] # Stop an app\n
"},{"location":"processes/process-management/#usage","title":"Usage","text":""},{"location":"processes/process-management/#inspecting-app-containers","title":"Inspecting app containers","text":"New
Introduced in 0.13.0
A common administrative task to perform is calling docker inspect
on the containers that are running for an app. This can be an error-prone task to perform, and may also reveal sensitive environment variables if not done correctly. Dokku provides a wrapper around this command via the ps:inspect
command:
dokku ps:inspect node-js-app\n
This command will gather all the running container IDs for your app and call docker inspect
, sanitizing the output data so it can be copy-pasted elsewhere safely.
It may be useful to rebuild an app at will, such as for commands that do not rebuild an app or when skipping a rebuild after setting multiple config values. For these use cases, the ps:rebuild
function can be used.
dokku ps:rebuild node-js-app\n
All apps may be rebuilt by using the --all
flag.
dokku ps:rebuild --all\n
By default, rebuilding all apps happens serially. The parallelism may be controlled by the --parallel
flag.
dokku ps:rebuild --all --parallel 2\n
Finally, the number of parallel workers may be automatically set to the number of CPUs available by setting the --parallel
flag to -1
dokku ps:rebuild --all --parallel -1\n
A missing linked container will result in failure to boot apps. Services should all be started for apps being rebuilt.
"},{"location":"processes/process-management/#restarting-apps","title":"Restarting apps","text":"An app may be restarted using the ps:restart
command.
dokku ps:restart node-js-app\n
A single process type - such as web
or worker
- may also be specified. This does not support specifying a given instance of a process type, and only supports restarting all instances of that process type.
dokku ps:restart node-js-app web\n
All apps may be restarted by using the --all
flag. This flag is incompatible with specifying a process type.
dokku ps:restart --all\n
By default, restarting all apps happens serially. The parallelism may be controlled by the --parallel
flag.
dokku ps:restart --all --parallel 2\n
Finally, the number of parallel workers may be automatically set to the number of CPUs available by setting the --parallel
flag to -1
dokku ps:restart --all --parallel -1\n
A missing linked container will result in failure to boot apps. Services should all be started for apps being rebuilt.
"},{"location":"processes/process-management/#displaying-existing-scale-properties","title":"Displaying existing scale properties","text":"Issuing the ps:scale
command with no arguments will output the current scaling properties for an app.
dokku ps:scale node-js-app\n
-----> Scaling for python\nproctype: qty\n--------: ---\nweb: 1\n
"},{"location":"processes/process-management/#defining-processes","title":"Defining Processes","text":""},{"location":"processes/process-management/#procfile","title":"Procfile","text":"Note
Dokku supports the Procfile format as defined in this document under \"Strict Mode\" parsing rules.
Apps can define processes to run by using a Procfile
. A Procfile
is a simple text file that can be used to specify multiple commands, each of which is subject to process scaling. In the case where the built image sets a default command to run - either through usage of CMD
for Dockerfile-based builds, a default process for buildpack-based builds, or any other method for the builder in use - the Procfile
will take precedence.
If the file exists, it should not be empty, as doing so may result in a failed deploy.
The syntax for declaring a Procfile
is as follows. Note that the format is one process type per line, with no duplicate process types.
<process type>: <command>\n
If, for example, you have multiple queue workers and wish to scale them separately, the following would be a valid way to work around the requirement of not duplicating process types:
worker: env QUEUE=* bundle exec rake resque:work\nimportantworker: env QUEUE=important bundle exec rake resque:work\n
If the app build declares an ENTRYPOINT
, the command defined in the Procfile
is passed as an argument to that entrypoint. This is the case for all Dockerfile-based, Docker Image, and Cloud Native Buildpack deployments.
The web
process type holds some significance in that it is the only process type that is automatically scaled to 1
on the initial application deploy. See the web process scaling documentation for more details around scaling individual processes.
See the Procfile location documentation for more information on where to place your Procfile
file.
web
process","text":"For initial app deploys, Dokku will default to starting a single web
process for each app. This process may be defined within the Procfile
or as the CMD
(for Dockerfile or Docker image deploys). Scaling of the web
process - and all other processes - may be managed via ps:scale
or the formation
key in the app.json
file either before or after the initial deploy.
There are also a few other exceptions for the web
process.
web
process (others may be handled via a custom nginx.conf.sigil
).web
process may be bound to an external port.release
process","text":"The Procfile
also supports a special release
command which acts in a similar way to the Heroku Release Phase. See the Release deployment task documentation for more information on how Dokku handles this process type.
Procfile
location","text":"The Procfile
is expected to be found in a specific directory, depending on the deploy approach:
WORKDIR
of the Docker image for deploys resulting from git:from-image
and git:load-image
commands.git:from-archive
, git:sync
).Sometimes it may be desirable to set a different path for a given app, e.g. when deploying from a monorepo. This can be done via the procfile-path
property:
dokku ps:set node-js-app procfile-path .dokku/Procfile\n
The value is the path to the desired file relative to the base search directory, and will never be treated as absolute paths in any context. If that file does not exist within the repository, Dokku will continue the build process as if the repository has no Procfile
.
The default value may be set by passing an empty value for the option:
dokku ps:set node-js-app procfile-path\n
The procfile-path
property can also be set globally. The global default is Procfile
, and the global value is used when no app-specific value is set.
dokku ps:set --global procfile-path global-Procfile\n
The default value may be set by passing an empty value for the option.
dokku ps:set --global procfile-path\n
"},{"location":"processes/process-management/#scaling-apps","title":"Scaling apps","text":""},{"location":"processes/process-management/#via-cli","title":"Via CLI","text":"Info
This functionality is disabled if the formation is managed via the formation
key of app.json
.
Dokku can also manage scaling itself via the ps:scale
command. This command can be used to scale multiple process types at the same time.
dokku ps:scale node-js-app web=1\n
Multiple process types can be scaled at once:
dokku ps:scale node-js-app web=1 worker=1\n
If desired, the corresponding deploy will be skipped by using the --skip-deploy
flag:
dokku ps:scale --skip-deploy node-js-app web=1\n
"},{"location":"processes/process-management/#manually-managing-process-scaling","title":"Manually managing process scaling","text":"Info
Using a formation
key in an app.json
file with any quantity
specified disables the ability to use ps:scale
for scaling. All processes not specified in the app.json
will have their process count set to zero.
Users can also configure scaling within the codebase itself to manage process scaling. The formation
key should be specified as follows in the app.json
file:
{\n \"formation\": {\n \"web\": {\n \"quantity\": 1\n },\n \"worker\": {\n \"quantity\": 4\n }\n }\n}\n
Removing the formation
key or removing the app.json
file from your repository will result in Dokku respecting the ps:scale
command for setting scale values. The values set via the app.json
file from a previous deploy will be respected.
See the app.json location documentation for more information on where to place your app.json
file.
Deployed apps can be stopped using the ps:stop
command. This turns off all running containers for an app, and will result in a 502 Bad Gateway response for the default nginx proxy implementation.
dokku ps:stop node-js-app\n
All apps may be stopped by using the --all
flag.
dokku ps:stop --all\n
By default, stopping all apps happens serially. The parallelism may be controlled by the --parallel
flag.
dokku ps:stop --all --parallel 2\n
Finally, the number of parallel workers may be automatically set to the number of CPUs available by setting the --parallel
flag to -1
dokku ps:stop --all --parallel -1\n
"},{"location":"processes/process-management/#starting-apps","title":"Starting apps","text":"All stopped containers can be started using the ps:start
command. This is similar to running ps:restart
, except no action will be taken if the app containers are running.
dokku ps:start node-js-app\n
All apps may be started by using the --all
flag.
dokku ps:start --all\n
By default, starting all apps happens serially. The parallelism may be controlled by the --parallel
flag.
dokku ps:start --all --parallel 2\n
Finally, the number of parallel workers may be automatically set to the number of CPUs available by setting the --parallel
flag to -1
dokku ps:start --all --parallel -1\n
"},{"location":"processes/process-management/#restart-policies","title":"Restart policies","text":"New
Introduced in 0.7.0, Command Changed in 0.22.0
By default, Dokku will automatically restart containers that exit with a non-zero status up to 10 times via the on-failure Docker restart policy.
"},{"location":"processes/process-management/#setting-the-restart-policy","title":"Setting the restart policy","text":"Info
A change in the restart policy must be followed by a ps:rebuild
call.
You can configure this via the ps:set
command:
# always restart an exited container\ndokku ps:set node-js-app restart-policy always\n\n# never restart an exited container\ndokku ps:set node-js-app restart-policy no\n\n# only restart it on Docker restart if it was not manually stopped\ndokku ps:set node-js-app restart-policy unless-stopped\n\n# restart only on non-zero exit status\ndokku ps:set node-js-app restart-policy on-failure\n\n# restart only on non-zero exit status up to 20 times\ndokku ps:set node-js-app restart-policy on-failure:20\n
Restart policies have no bearing on server reboot, and Dokku will always attempt to restart your apps at that point unless they were manually stopped.
Dokku also runs dokku-event-listener
in the background via the system's init service. This monitors container state, performing the following actions:
New
Introduced in 0.12.0
You can get a report about the deployed apps using the ps:report
command:
dokku ps:report\n
=====> node-js-app ps information\n Deployed: false\n Processes: 0\n Ps can scale: true\n Ps computed procfile path: Procfile2\n Ps global procfile path: Procfile\n Ps restart policy: on-failure:10\n Ps procfile path: Procfile2\n Restore: true\n Running: false\n=====> python-sample ps information\n Deployed: false\n Processes: 0\n Ps can scale: true\n Ps computed procfile path: Procfile\n Ps global procfile path: Procfile\n Ps restart policy: on-failure:10\n Ps procfile path:\n Restore: true\n Running: false\n=====> ruby-sample ps information\n Deployed: false\n Processes: 0\n Ps can scale: true\n Ps computed procfile path: Procfile\n Ps global procfile path: Procfile\n Ps restart policy: on-failure:10\n Ps procfile path:\n Restore: true\n Running: false\n
You can run the command for a specific app also.
ShellOutputdokku ps:report node-js-app\n
=====> node-js-app ps information\n Deployed: false\n Processes: 0\n Ps can scale: true\n Ps restart policy: on-failure:10\n Restore: true\n Running: false\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku ps:report node-js-app --deployed\n
"},{"location":"processes/process-management/#restoring-apps-after-a-server-reboot","title":"Restoring apps after a server reboot","text":"When a server reboots or Docker is restarted/upgraded, Docker may or may not start old app containers automatically, and may in some cases re-assign container IP addresses. To combat this issue, Dokku uses an init process that triggers dokku ps:restore
after the Docker daemon is detected as starting. When triggered, the dokku ps:restore
command will serially (one by one) run the following for each:
During this time, requests may route to the incorrect app if the assigned IPs correspond to those for other apps. While dokku makes all efforts to avoid this, there may be a few minutes where urls may route to the wrong app. To avoid this, either use a custom proxy plugin or wait a few minutes until the restoration process is complete.
"},{"location":"processes/scheduled-cron-tasks/","title":"Scheduled Cron Tasks","text":"New
Introduced in 0.23.0
cron:list <app> [--format json|stdout] # List scheduled cron tasks for an app\ncron:report [<app>] [<flag>] # Display report about an app\ncron:run <app> <cron_id> [--detach] # Run a cron task on the fly\ncron:set [--global|<app>] <key> <value> # Set or clear a cron property for an app\n
"},{"location":"processes/scheduled-cron-tasks/#usage","title":"Usage","text":""},{"location":"processes/scheduled-cron-tasks/#dokku-managed-cron","title":"Dokku Managed Cron","text":"Dokku automates scheduled dokku run
commands via it's app.json
cron integration.
The app.json
file for a given app can define a special cron
key that contains a list of commands to run on given schedules. The following is a simple example app.json
that effectively runs the command dokku run $APP npm run send-email
once a day:
{\n \"cron\": [\n {\n \"command\": \"npm run send-email\",\n \"schedule\": \"@daily\"\n }\n ]\n}\n
A cron entry takes the following properties:
command
: A command to be run within the built app image. Specified commands can also be Procfile
entries.schedule
: A cron-compatible scheduling definition upon which to run the command. Seconds are generally not supported.Zero or more cron commands can be specified per app. Cron entries are validated after the build artifact is created but before the app is deployed, and the cron schedule is updated during the post-deploy phase.
See the app.json location documentation for more information on where to place your app.json
file.
When running scheduled cron tasks, there are a few items to be aware of:
PATH
and SHELL
environment variables are specified in the cron template.MAILTO
value can be set via the cron:set
command.run
container, and thus inherit any docker-options specified for run
containers. Resources are never shared between scheduled tasks.docker-local
scheduler.docker-local
scheduler are written to a single crontab file owned by the dokku
user. The dokku
user's crontab should be considered reserved for this purpose.By default, cron tasks complete and do not perform any reporting. Users can specify a value for MAILTO
via the global mailto
cron property by using the cron:set
command.
dokku cron:set --global mailto example@example.com\n
All output for individual cron runs will be sent to the specified email.
Cron emails can be disabled by running the cron:set
command for the global mailto
property with no value.
dokku cron:set --global mailto\n
"},{"location":"processes/scheduled-cron-tasks/#listing-cron-tasks","title":"Listing Cron tasks","text":"Cron tasks for an app can be listed via the cron:list
command. This command takes an app
argument.
dokku cron:list node-js-app\n
ID Schedule Command\ncGhwPT09cGhwIHRlc3QucGhwPT09QGRhaWx5 @daily node index.js\ncGhwPT09dHJ1ZT09PSogKiAqICogKg== * * * * * true\n
The output can also be displayed in json format:
ShellOutputdokku cron:list node-js-app --format json\n
[{\"id\":\"cGhwPT09cGhwIHRlc3QucGhwPT09QGRhaWx5\",\"app\":\"node-js-app\",\"command\":\"node index.js\",\"schedule\":\"@daily\"}]\n
"},{"location":"processes/scheduled-cron-tasks/#executing-a-cron-task-on-the-fly","title":"Executing a cron task on the fly","text":"Cron tasks can be invoked via the cron:run
command. This command takes an app
argument and a cron id
(retrievable from cron:list
output).
dokku cron:run node-js-app cGhwPT09cGhwIHRlc3QucGhwPT09QGRhaWx5\n
By default, the task is run in an attached container - as supported by the scheduler. To run in a background detached container, specify the --detach
flag:
dokku cron:run node-js-app cGhwPT09cGhwIHRlc3QucGhwPT09QGRhaWx5 --detach\n
All one-off cron executions have their containers terminated after invocation.
"},{"location":"processes/scheduled-cron-tasks/#displaying-reports","title":"Displaying reports","text":"You can get a report about the cron configuration for apps using the cron:report
command:
dokku cron:report\n
=====> node-js-app cron information\n Cron task count: 2\n=====> python-sample cron information\n Cron task count: 0\n=====> ruby-sample cron information\n Cron task count: 10\n
You can run the command for a specific app also.
ShellOutputdokku cron:report node-js-app\n
=====> node-js-app cron information\n Cron task count: 2\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku cron:report node-js-app --cron-task-count\n
"},{"location":"processes/scheduled-cron-tasks/#self-managed-cron","title":"Self Managed Cron","text":"Warning
Self-managed cron tasks should be considered advanced usage. While the instructions are available, users are highly encouraged to use the built-in scheduled cron task support unless absolutely necessary.
Some installations may require more fine-grained control over cron usage. The following are advanced instructions for configuring cron.
"},{"location":"processes/scheduled-cron-tasks/#using-run-for-cron-tasks","title":"Usingrun
for cron tasks","text":"You can always use a one-off container to run an app task:
dokku run node-js-app some-command\n
For tasks that should not be interrupted, run is the preferred method of handling cron tasks, as the container will continue running even during a deploy or scaling event. The trade-off is that there will be an increase in memory usage if there are multiple concurrent tasks running.
"},{"location":"processes/scheduled-cron-tasks/#using-enter-for-cron-tasks","title":"Usingenter
for cron tasks","text":"Your Procfile can have the following entry:
cron: sleep infinity\n
With the cron
process scaled to 1
:
dokku ps:scale node-js-app cron=1\n
You can now run all your commands in that container:
dokku enter node-js-app cron some-command\n
Note that you can also run multiple commands at the same time to reduce memory usage, though that may result in polluting the container environment.
For tasks that will properly resume, you should use the above method, as running tasks will be interrupted during deploys and scaling events, and subsequent commands will always run with the latest container. Note that if you scale the cron container down, this may interrupt proper running of the task.
"},{"location":"processes/scheduled-cron-tasks/#general-cron-recommendations","title":"General cron recommendations","text":"Regularly scheduled tasks can be a bit of a pain with Dokku. The following are general recommendations to follow to help ensure successful task runs.
dokku
user in your cron entry.dokku
binary will attempt to execute with sudo
, and your cron run with fail with sudo: no tty present and no askpass program specified
.MAILTO
environment variable to ship cron emails to yourself.PATH
environment variable or specify the full path to binaries on the host.SHELL
environment variable to specify Bash when running commands./etc/cron.d/APP
.The following is a sample cronfile that you can use for your apps:
# server cron jobs\nMAILTO=\"mail@dokku.me\"\nPATH=/usr/local/bin:/usr/bin:/bin\nSHELL=/bin/bash\n\n# m h dom mon dow username command\n# * * * * * dokku command to be executed\n# - - - - -\n# | | | | |\n# | | | | +----- day of week (0 - 6) (Sunday=0)\n# | | | +------- month (1 - 12)\n# | | +--------- day of month (1 - 31)\n# | +----------- hour (0 - 23)\n# +----------- min (0 - 59)\n\n### HIGH TRAFFIC TIME IS B/W 00:00 - 04:00 AND 14:00 - 23:59\n### RUN YOUR TASKS FROM 04:00 - 14:00\n### KEEP SORTED IN TIME ORDER\n\n### PLACE ALL CRON TASKS BELOW\n\n# removes unresponsive users from the subscriber list to decrease bounce rates\n0 0 * * * dokku dokku run node-js-app some-command\n\n# sends out our email alerts to users\n0 1 * * * dokku dokku ps:scale node-js-app cron=1 && dokku enter node-js-app cron some-other-command && dokku ps:scale node-js-app cron=0\n\n### PLACE ALL CRON TASKS ABOVE, DO NOT REMOVE THE WHITESPACE AFTER THIS LINE\n
"}]}
\ No newline at end of file
+{"config":{"lang":["en"],"separator":"[\\s\\-]+","pipeline":["stopWordFilter"]},"docs":[{"location":"advanced-usage/backup-recovery/","title":"Backup and Recovery","text":"Info
The backup plugin was deprecated in 0.4.x, below are backup recommendations for 0.5.x and later.
The best plan for disaster recovery is to always keep multiple (remote) copies of your local repo, static assets and periodic database dumps. Backups should be regularly tested for data integrity and completeness.
"},{"location":"advanced-usage/backup-recovery/#tldr","title":"TLDR","text":"Warning
This method has many caveats. Please read this entire document before assuming these backups work as expected, and test your backups on a regular basis.
"},{"location":"advanced-usage/backup-recovery/#creating-a-backup","title":"Creating a backup","text":"To create a backup, run the following command at a time when not executing any Dokku commands or app deployments:
export BACKUP_TIME=$(date +%Y-%m-%d-%H-%M)\nsudo mkdir -p /var/lib/dokku/services\nsudo chown dokku:dokku /var/lib/dokku/services\nmkdir -p /tmp/dokku-backups/\nsudo tar -czvf \"/tmp/dokku-backups/${BACKUP_TIME}.tar.gz\" /home/dokku /var/lib/dokku/config /var/lib/dokku/data /var/lib/dokku/services /var/lib/dokku/plugins\n
This will create a point-in-time backup of your entire Dokku installation in the /tmp/dokku-backups
directory. This backup may be moved offsite to another location via rsync, sftp, or some other protocol.
It is recommended that backups are regularly cleaned from the originating server and tested as necessary.
"},{"location":"advanced-usage/backup-recovery/#restoring-a-backup","title":"Restoring a backup","text":"To extract the backup onto another server, copy the backup to the server and extract it using the following command.
sudo tar -xzvf path/to/dokku/backup.tar.gz -C /\n
At this point, all datastores should be individually started and checked for data integrity. Once this is complete, individual apps can be rebuilt. Please consult the process management documentation for more information on how to rebuild apps.
"},{"location":"advanced-usage/backup-recovery/#caveats","title":"Caveats","text":""},{"location":"advanced-usage/backup-recovery/#app-config","title":"App config","text":"Application config is largely held in a small number of places:
/var/lib/dokku/config
: Properties set and managed by plugins/var/lib/dokku/data
: Files generated or extracted by various plugins/home/dokku
: Certain parts of Dokku core store data in this locationCompressing these directories when no Dokku commands are running is enough to ensure a complete backup of the system.
"},{"location":"advanced-usage/backup-recovery/#code-repositories","title":"Code Repositories","text":"Because Dokku is git based, rebuilding a deployed app is as easy as pushing from git. You can push to a new server by updating the dokku
remote in you local app's repo.
git remote rm dokku\ngit remote add dokku dokku@[dokku.me:dokku.me]\ngit push dokku [master]\n
"},{"location":"advanced-usage/backup-recovery/#docker-networks","title":"Docker Networks","text":"Docker networks generated by Dokku should be recreated. Running dokku network:report
will output all networks in use by various apps, which can then be used to recreate them via dokku network:create $NETWORK
.
Networks created by tools other than Dokku may be created as they initially were.
"},{"location":"advanced-usage/backup-recovery/#docker-image-and-tar-based-apps","title":"Docker Image and Tar-based Apps","text":"These apps may fail to rebuild via the normal ps:rebuild
method. Redeploy these apps by running the original commands used to deploy them
Info
Please note that point-in-time backups of the /var/lib/dokku/services
directory may contain partially written data due to how various datastores work. Consult the official datastore documentation for the best documentation surrounding proper backup and restore procedures.
Some plugins, like the official dokku-postgres plugin, have built-in commands that allow non-volatile data be exported and imported.
For dokku-postgres, use:
dokku postgres:export [db_name] > [db_name].dump\ndokku postgres:import [db_name] < [db_name].dump\n
Additionally, data for official datastores is located in the /var/lib/dokku/services
directory. If the directory is restored and the plugin is available, a dokku $SERVICE:start
may be enough to restart the service with the underlying data, so long as the datastore version does not change and the underlying data is not corrupt. If this is the case, it may be necessary to re-import all the data onto a fresh version of the datastore service.
The plugin directory is contained at the /var/lib/dokku/plugins
directory. Core plugins will automatically be included in new installs, but custom plugins may not. The aforementioned tar
creation command will back all plugins up, and the tar
extract command will restore the plugins.
Note that restoring a plugin will not trigger any install
or dependencies
triggers. You will need to run these manually. See the plugin management documentation for more information on how to trigger these two hooks.
Dokku doesn't enforce a 300mb limit on apps, but it's best practice to keep binary assets outside of git. Since containers are considered volatile in Dokku, external stores like s3 or storage mounts should be used for non-volatile items like user uploads. The Dokku storage core plugin can be used to mount local directories / volumes inside the docker container.
System administrators are highly encouraged to store persistent data in app-specific subdirectories of the path /var/lib/dokku/data/storage
. This will help ensure restores of the aforementioned primary Dokku directories will restore service to all apps.
See the persistent storage documentation for more information on how to attach persistent storage to your app.
"},{"location":"advanced-usage/backup-recovery/#recovering-app-code","title":"Recovering app code","text":"In case of an emergency when your git repo and backups are completely lost, you can recover the last pushed copy from your remote Dokku server (assuming you still have the ssh key).
mkdir [app-name] ; cd !$\ngit init && git remote add dokku dokku@[dokku.me:app-name]\ngit pull dokku/master && git checkout dokku/master\n
"},{"location":"advanced-usage/deployment-tasks/","title":"Deployment Tasks","text":"New
Introduced in 0.5.0
"},{"location":"advanced-usage/deployment-tasks/#usage","title":"Usage","text":""},{"location":"advanced-usage/deployment-tasks/#overview","title":"Overview","text":"Sometimes you need to run a command on deployment time, but before an app is completely deployed. Common use cases include:
collectstatic
)To support this, Dokku provides support for a special release
command within your app's Procfile
, as well as a special scripts.dokku
key inside of your app's app.json
file. Be aware that all commands are run within the context of the built docker image - no commands affect the host unless there are volume mounts attached to your app.
Each \"phase\" has different expectations and limitations:
app.json
: scripts.dokku.predeploy
app.json
: scripts.dokku.postdeploy
app.json
: scripts.postdeploy
Procfile
: release
Additionally, if using a Dockerfile with an ENTRYPOINT
, the deployment task is passed to that entrypoint as is. The exceptions are if the entrypoint is one of the following:
[\"/tini\", \"--\"]
[\"/bin/tini\", \"--\"]
[\"/usr/bin/tini\", \"--\"]
[\"/usr/local/bin/tini\", \"--\"]
Please keep the above in mind when utilizing deployment tasks.
Info
To execute commands on the host during a release phase, see the plugin creation documentation docs for more information on building your own custom plugin.
"},{"location":"advanced-usage/deployment-tasks/#changing-the-appjson-location","title":"Changing theapp.json
location","text":"The app.json
is expected to be found in a specific directory, depending on the deploy approach:
WORKDIR
of the Docker image for deploys resulting from git:from-image
and git:load-image
commands.git:from-archive
, git:sync
).Sometimes it may be desirable to set a different path for a given app, e.g. when deploying from a monorepo. This can be done via the appjson-path
property:
dokku app-json:set node-js-app appjson-path .dokku/app.json\n
The value is the path to the desired file relative to the base search directory, and will never be treated as absolute paths in any context. If that file does not exist within the repository, Dokku will continue the build process as if the repository has no app.json
.
The default value may be set by passing an empty value for the option:
dokku app-json:set node-js-app appjson-path\n
The appjson-path
property can also be set globally. The global default is app.json
, and the global value is used when no app-specific value is set.
dokku app-json:set --global appjson-path global-app.json\n
The default value may be set by passing an empty value for the option.
dokku app-json:set --global appjson-path\n
"},{"location":"advanced-usage/deployment-tasks/#displaying-app-json-reports-for-an-app","title":"Displaying app-json reports for an app","text":"New
Introduced in 0.25.0
You can get a report about the app's storage status using the app-json:report
command:
dokku app-json:report\n
=====> node-js-app app-json information\n App-json computed appjson path: app2.json\n App-json global appjson path: app.json\n App-json appjson path: app2.json\n=====> python-sample app-json information\n App-json computed appjson path: app.json\n App-json global appjson path: app.json\n App-json appjson path:\n=====> ruby-sample app-json information\n App-json computed appjson path: app.json\n App-json global appjson path: app.json\n App-json appjson path:\n
You can run the command for a specific app also.
ShellOutputdokku app-json:report node-js-app\n
=====> node-js-app app-json information\n App-json computed appjson path: app2.json\n App-json global appjson path: app.json\n App-json appjson path: app2.json\n
You can pass flags which will output only the value of the specific information you want. For example:
ShellOutputdokku app-json:report node-js-app --app-json-appjson-path\n
app2.json\n
"},{"location":"advanced-usage/deployment-tasks/#deployment-tasks_1","title":"Deployment tasks","text":""},{"location":"advanced-usage/deployment-tasks/#appjson-deployment-tasks","title":"app.json
deployment tasks","text":"Dokku provides limited support for the app.json
manifest from Heroku (documentation available here). The keys available for use with Deployment Tasks are:
scripts.dokku.predeploy
: This is run after an app's docker image is built, but before any containers are scheduled. Changes made to your image are committed at this phase.scripts.dokku.postdeploy
: This is run after an app's containers are scheduled. Changes made to your image are not committed at this phase.scripts.postdeploy
: This is run after an app's containers are scheduled. Changes made to your image are not committed at this phase.Warning
Any failed app.json
deployment task will fail the deploy. In the case of either phase, a failure will not affect any running containers.
The following is an example app.json
file. Please note that only the scripts.dokku.predeploy
and scripts.dokku.postdeploy
tasks are supported by Dokku at this time. All other fields will be ignored and can be omitted.
{\n \"scripts\": {\n \"dokku\": {\n \"predeploy\": \"touch /app/predeploy.test\",\n \"postdeploy\": \"curl https://some.external.api.service.com/deployment?state=success\"\n },\n \"postdeploy\": \"curl https://some.external.api.service.com/created?state=success\"\n }\n}\n
"},{"location":"advanced-usage/deployment-tasks/#procfile-release-command","title":"Procfile Release command","text":"New
Introduced in 0.14.0
The Procfile
also supports a special release
command which acts in a similar way to the Heroku Release Phase. This command is executed after an app's docker image is built, but before any containers are scheduled. This is also run after any command executed by scripts.dokku.predeploy
.
To use the release
command, simply add a release
stanza to your Procfile.
release: curl https://some.external.api.service.com/deployment?state=built\n
Unlike the scripts.dokku.predeploy
command, changes made during by the release
command are not persisted to disk.
Warning
scaling the release command up will likely result in unspecified issues within your deployment, and is highly discouraged.
"},{"location":"advanced-usage/docker-options/","title":"Docker Container Options","text":"New
Introduced in 0.3.17
Pass container options to the docker run
command during Dokku's build
, deploy
and run
phases
docker-options:add <app> <phase(s)> OPTION # Add Docker option to app for phase (comma-separated phase list)\ndocker-options:clear <app> [<phase(s)>...] # Clear a docker options from application\ndocker-options:remove <app> <phase(s)> OPTION # Remove Docker option from app for phase (comma-separated phase list)\ndocker-options:report [<app>] [<flag>] # Displays a docker options report for one or more apps\n
Info
When specifying multiple phases, they must be comma-separated without spaces in between each phase, like so:
dokku docker-options:add node-js-app deploy,run \"-v /var/log/node-js-app:/app/logs\"\n
"},{"location":"advanced-usage/docker-options/#about-dokku-phases","title":"About Dokku phases","text":"Dokku deploys your application in multiple \"phases\" and the docker-options
plugin allows you to pass arguments to their underlying docker container:
build
: the container that executes the appropriate buildpackdeploy
: the container that executes your running/deployed applicationrun
: the container that executes any arbitrary command via dokku run
Manipulation of docker options will not restart running containers. This enables multiple options to be set/unset before final application. As such, changing an app's docker options must be followed by a dokku ps:rebuild
in order to take effect.
More information on supported Docker options can be found here.
Container options configured via the docker-options
plugin are not used to modify the process a container runs. Container options are the [OPTIONS]
portion of the following, where [CONTAINER_COMMAND]
and [ARG]
are the process and the arguments passed to it that are launched in the created container: docker run [OPTIONS] [CONTAINER_COMMAND] [ARG...]
. Please see the documentation for customizing the run command or use a Procfile to modify the command used by a Dockerfile-based container.
Add some options for the deployed/running app and when executing dokku run
:
# Mount a host volume in a Docker container: \"-v /host/path:/container/path\"\ndokku docker-options:add node-js-app deploy \"-v /var/log/node-js-app:/app/logs\"\ndokku docker-options:add node-js-app run \"-v /var/log/node-js-app:/app/logs\"\n
Note
When mounting a host directory in a Dokku app you should first create that directory as user dokku
and then mount the directory under /app
in the container using docker-options
as above. Otherwise the app will lack write permission in the directory.
dokku docker-options:remove node-js-app run \"-v /var/log/node-js-app:/app/logs\"\n
"},{"location":"advanced-usage/docker-options/#clear-all-docker-options-for-an-app","title":"Clear all Docker options for an app","text":"Docker options can be removed for a specific app using the docker-options:clear
command.
dokku docker-options:clear node-js-app\n
-----> Clearing docker-options for node-js-app on all phases\n
One or more valid phases can also be specified. Phases are comma delimited, and specifying an invalid phase will result in an error.
ShellOutputShellOutputdokku docker-options:clear node-js-app run\n
-----> Clearing docker-options for node-js-app on phase run\n
dokku docker-options:clear node-js-app build,run\n
-----> Clearing docker-options for node-js-app on phase build\n-----> Clearing docker-options for node-js-app on phase run\n
"},{"location":"advanced-usage/docker-options/#displaying-docker-options-reports-for-an-app","title":"Displaying docker-options reports for an app","text":"New
Introduced in 0.8.1
You can get a report about the app's docker-options status using the docker-options:report
command:
dokku docker-options:report\n
=====> node-js-app docker options information\n Docker options build:\n Docker options deploy: -v /var/log/node-js-app:/app/logs\n Docker options run: -v /var/log/node-js-app:/app/logs\n=====> python-sample docker options information\n Docker options build:\n Docker options deploy:\n Docker options run:\n=====> ruby-sample docker options information\n Docker options build:\n Docker options deploy:\n Docker options run:\n
You can run the command for a specific app also.
ShellOutputdokku docker-options:report node-js-app\n
=====> node-js-app docker options information\n Docker options build:\n Docker options deploy: -v /var/log/node-js-app:/app/logs\n Docker options run: -v /var/log/node-js-app:/app/logs\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku docker-options:report node-js-app --docker-options-build\n
"},{"location":"advanced-usage/event-logs/","title":"Dokku Event Logs","text":"New
Introduced in 0.3.21
Docker provides an events command to show system's real time events. Likewise, Dokku can record events as syslog entries and also provides a plugin to display the last ones.
events [-t] # Show the last events (-t follows)\nevents:list # List logged events\nevents:on # Enable events logger\nevents:off # Disable events logger\n
"},{"location":"advanced-usage/event-logs/#usage","title":"Usage","text":"Enable the plugin:
ShellOutputdokku events:on\n
Enabling dokku events logger\n
Dokku will then write log entries to /var/log/syslog
as well as a Dokku-specific logs sub-directory /var/log/dokku/events.log
, which can be easily displayed with the command dokku events
:
dokku events\n
Jul 3 16:09:48 dokku.me dokku[127630]: INVOKED: pre-release-buildpack( pythonapp )\nJul 3 16:10:02 dokku.me dokku[128095]: INVOKED: docker-args-run( rubyapp )\nJul 3 16:10:02 dokku.me dokku[128114]: INVOKED: docker-args-run( nhl )\nJul 3 16:10:03 dokku.me dokku[128195]: INVOKED: pre-deploy( pythonapp )\nJul 3 16:10:23 dokku.me dokku[129253]: INVOKED: docker-args-deploy( pythonapp )\nJul 3 16:10:24 dokku.me dokku[129451]: INVOKED: check-deploy( pythonapp 6274ced0d4be11af4490cd18abaf77cdd593f025133f403d984e80d86a39acec web 5000 10.0.16.80 )\nJul 3 16:10:35 dokku.me dokku[129561]: INVOKED: docker-args-deploy( pythonapp )\nJul 3 16:10:36 dokku.me dokku[129760]: INVOKED: check-deploy( pythonapp ac88a56ee4161ff37e4b92d1498c3eadc91f0aa7c8b81b44fc077e2a51d54cc0 worker )\nJul 3 16:10:46 dokku.me dokku[129851]: INVOKED: post-deploy( pythonapp )\nJul 3 16:10:46 dokku.me dokku[129945]: INVOKED: nginx-pre-reload( pythonapp )\nJul 3 16:15:02 dokku.me dokku[130397]: INVOKED: docker-args-run( goapp )\nJul 3 16:21:02 dokku.me dokku[130796]: INVOKED: docker-args-run( rubyapp )\nJul 3 16:30:02 dokku.me dokku[131384]: INVOKED: docker-args-run( rubyapp )\n
You can list all events that are currently being recorded via dokku events:list
:
dokku events:list\n
=====> Events currently logged\ncheck-deploy\ndependencies\ndocker-args-build\ndocker-args-deploy\ndocker-args-run\ngit-post-pull\ngit-pre-pull\nnginx-hostname\nnginx-pre-reload\npost-build-buildpack\npost-build-dockerfile\npost-delete\npost-deploy\npost-domains-update\npre-build-buildpack\npre-build-dockerfile\npre-delete\npre-deploy\npre-release-buildpack\npre-release-dockerfile\nreceive-app\nupdate\n
"},{"location":"advanced-usage/persistent-storage/","title":"Persistent Storage","text":"New
Introduced in 0.5.0
The preferred method to mount external containers to a Dokku managed container, is to use the Dokku storage plugin.
storage:ensure-directory [--chown option] <directory> # Creates a persistent storage directory in the recommended storage path\nstorage:list <app> [--format text|json] # List bind mounts for app's container(s) (host:container)\nstorage:mount <app> <host-dir:container-dir> # Create a new bind mount\nstorage:report [<app>] [<flag>] # Displays a checks report for one or more apps\nstorage:unmount <app> <host-dir:container-dir> # Remove an existing bind mount\n
Info
The storage plugin is compatible with storage mounts created with the docker-options. The storage plugin will only list mounts from the deploy/run phase.
The storage plugin supports the following mount points:
Persistent storage bind mounts are specified on a per-app basis, and can be listed with the storage:list
command:
dokku storage:list node-js-app\n
-----> node-js-app volume bind-mounts:\n /var/lib/dokku/data/storage/node-js-app:/app/storage\n
The output format can also be set to json
for programmatic access:
dokku storage:list node-js-app --format json\n
[\n {\n \"host_path\": \"/var/lib/dokku/data/storage/node-js-app\",\n \"container_path\": \"/app/storage\",\n \"volume_options\": \"\"\n }\n]\n
"},{"location":"advanced-usage/persistent-storage/#creating-storage-directories","title":"Creating storage directories","text":"New
Introduced in 0.25.5
A storage directory can be created with the storage:ensure-directory
command. This command will create a subdirectory in the recommended /var/lib/dokku/data/storage
path - created during Dokku installation - and prepare it for use with an app.
dokku storage:ensure-directory node-js-app\n
-----> Ensuring /var/lib/dokku/data/storage/node-js-app exists\n Setting directory ownership to 32767:32767\n Directory ready for mounting\n
By default, permissions are set for usage with Herokuish buildpacks. These permissions can be changed via the --chown
option according to the following table:
--chown herokuish
(default): Use 32767:32767
as the folder permissions.--chown heroku
: Use 1000:1000
as the folder permissions.heroku/builder
builder.--chown packeto
: Use 2000:2000
as the folder permissions.cloudfoundry/cnb
or packeto
builders.--chown root
: Use 0:0
as the folder permissions.--chown false
: Skips the chown
call.Users deploying via Dockerfile will want to specify --chown false
and manually chown
the created directory if the user and/or group id of the runnning process in the deployed container do not correspond to any of the above options.
Warning
Failing to set the correct directory ownership may result in issues in persisting files written to the mounted storage directory.
"},{"location":"advanced-usage/persistent-storage/#mounting-storage-into-apps","title":"Mounting storage into apps","text":"Dokku supports mounting both explicit host paths as well as docker volumes via the storage:mount
command. This takes two arguments, an app name and a host-path:container-path
or docker-volume:container-path
combination.
# mount the directory into your container's /app/storage directory, relative to the container root (/)\n# explicit host paths _must_ exist prior to usage.\ndokku storage:mount node-js-app /var/lib/dokku/data/storage/node-js-app:/app/storage\n\n# mount the docker volume into your container's /app/storage directory, relative to the container root (/)\n# docker volumes _must_ exist prior to usage.\ndokku storage:mount node-js-app some-docker-volume:/app/storage\n
In the first example, Dokku will then mount the shared contents of /var/lib/dokku/data/storage/node-js-app
to /app/storage
inside the container. The mount point is not relative to your app's working directory, and is instead relative to the root (/
) of the container. Mounts are only available for containers created via run
and by the deploy process, and not during the build process. In addition, the host path is never auto-created by either Dokku or Docker, and should be an explicit path, not one relative to the current working directory.
Info
If the /storage
path within the container had pre-existing content, the container files will be over-written. This may be an issue for users that create assets at build time but then mount a directory at the same place during runtime. Files are not merged.
Once persistent storage is mounted, the app requires a restart. See the process scaling documentation for more information.
dokku ps:restart app-name\n
"},{"location":"advanced-usage/persistent-storage/#unmounting-storage","title":"Unmounting storage","text":"If an app no longer requires a mounted volume or directory, the storage:unmount
command can be called. This takes the same arguments as the storage:mount
command, an app name and a host-path:container-path
or docker-volume:container-path
combination.
# unmount the directory from your container's /app/storage directory, relative to the container root (/)\ndokku storage:unmount node-js-app /var/lib/dokku/data/storage/node-js-app:/app/storage\n\n# unmount the docker volume from your container's /app/storage directory, relative to the container root (/)\ndokku storage:unmount node-js-app some-docker-volume:/app/storage\n
Once persistent storage is unmounted, the app requires a restart. See the process scaling documentation for more information.
dokku ps:restart app-name\n
"},{"location":"advanced-usage/persistent-storage/#displaying-storage-reports-for-an-app","title":"Displaying storage reports for an app","text":"New
Introduced in 0.8.1
You can get a report about the app's storage status using the storage:report
command:
dokku storage:report\n
=====> node-js-app storage information\n Storage build mounts:\n Storage deploy mounts: -v /var/lib/dokku/data/storage/node-js-app:/app/storage\n Storage run mounts: -v /var/lib/dokku/data/storage/node-js-app:/app/storage\n=====> python-sample storage information\n Storage build mounts:\n Storage deploy mounts:\n Storage run mounts:\n=====> ruby-sample storage information\n Storage build mounts:\n Storage deploy mounts:\n Storage run mounts:\n
You can run the command for a specific app also.
ShellOutputdokku storage:report node-js-app\n
=====> node-js-app storage information\n Storage build mounts:\n Storage deploy mounts: -v /var/lib/dokku/data/storage/node-js-app:/app/storage\n Storage run mounts: -v /var/lib/dokku/data/storage/node-js-app:/app/storage\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku storage:report node-js-app --storage-deploy-mounts\n
"},{"location":"advanced-usage/persistent-storage/#use-cases","title":"Use Cases","text":""},{"location":"advanced-usage/persistent-storage/#sharing-storage-across-deploys","title":"Sharing storage across deploys","text":"Dokku is powered by Docker containers, which recommends in their best practices that containers be treated as ephemeral. In order to manage persistent storage for web apps, like user uploads or large binary assets like images, a directory outside the container should be mounted.
"},{"location":"advanced-usage/persistent-storage/#shared-storage-between-containers","title":"Shared storage between containers","text":"When scaling your app, you may require a common location to access shared assets between containers, a storage mount can be used in this situation.
"},{"location":"advanced-usage/persistent-storage/#shared-storage-across-environments","title":"Shared storage across environments","text":"Your app may be used in a cluster that requires containers or resources not running on the same host access your data. Mounting a shared file service (like S3FS or EFS) inside your container will give you great flexibility.
"},{"location":"advanced-usage/persistent-storage/#backing-up","title":"Backing up","text":"Your app may have services that are running in memory and need to be backed up locally (like a key store). Mount a non ephemeral storage mount will allow backups that are not lost when the app is shut down.
"},{"location":"advanced-usage/persistent-storage/#build-phase","title":"Build phase","text":"By default, Dokku will only bind storage mounts during the deploy and run phases. Under certain conditions, one might want to bind a storage mount during the build phase. This can be accomplished by using the docker-options
plugin directly.
dokku docker-options:add node-js-app build \"-v /tmp/python-test:/opt/test\"\n
You cannot use mounted volumes during the build phase of a Dockerfile deploy. This is because Docker does not support volumes when executing docker build
.
Warning
This can cause data loss if you bind a mount under /app
in buildpack apps as herokuish will attempt to remove the original app path during the build phase.
New
Introduced in 0.7.1
By default, Dokku will execute your buildpack app processes as the herokuishuser
user. You may override this by setting the DOKKU_APP_USER
config variable.
Note
this user must exist in your herokuish image.
Additionally, the default docker-local
scheduler that comes with Dokku will ensure your storage mounts are owned by either herokuishuser
or the overridden value you have set in DOKKU_APP_USER
. See the docker-local scheduler documentation docs for more information.
New
Introduced in 0.4.0
plugin:disable <name> # Disable an installed plugin (third-party only)\nplugin:enable <name> # Enable a previously disabled plugin\nplugin:install [--core|--git-url] [--committish branch|commit|tag] [--name custom-plugin-name] # Optionally download git-url (and pin to the specified branch/commit/tag) & run install trigger for active plugins (or only core ones)\nplugin:installed <name> # Checks if a plugin is installed\nplugin:install-dependencies [--core] # Run install-dependencies trigger for active plugins (or only core ones)\nplugin:list # Print active plugins\nplugin:trigger <args...>. # Trigger an arbitrary plugin hook\nplugin:uninstall <name> # Uninstall a plugin (third-party only)\nplugin:update [name [branch|commit|tag]] # Optionally update named plugin from git (and pin to the specified branch/commit/tag) & run update trigger for active plugins\n
# for 0.3.x\ncd /var/lib/dokku/plugins\ngit clone <git url>\ndokku plugins-install\n
Info
These commands require root
permissions as the install
and install-dependencies
plugin triggers may utilize commands such as apt-get
. For non-core plugins, please inspect those plugins before running the following command as root
user.
Installed plugins can be listed via the plugin:list
command:
dokku plugin:list\n
plugn: dev\n 00_dokku-standard 0.35.0 enabled dokku core standard plugin\n 20_events 0.35.0 enabled dokku core events logging plugin\n app-json 0.35.0 enabled dokku core app-json plugin\n apps 0.35.0 enabled dokku core apps plugin\n build-env 0.35.0 enabled dokku core build-env plugin\n buildpacks 0.35.0 enabled dokku core buildpacks plugin\n certs 0.35.0 enabled dokku core certificate management plugin\n checks 0.35.0 enabled dokku core checks plugin\n common 0.35.0 enabled dokku core common plugin\n config 0.35.0 enabled dokku core config plugin\n docker-options 0.35.0 enabled dokku core docker-options plugin\n domains 0.35.0 enabled dokku core domains plugin\n enter 0.35.0 enabled dokku core enter plugin\n git 0.35.0 enabled dokku core git plugin\n logs 0.35.0 enabled dokku core logs plugin\n network 0.35.0 enabled dokku core network plugin\n nginx-vhosts 0.35.0 enabled dokku core nginx-vhosts plugin\n plugin 0.35.0 enabled dokku core plugin plugin\n proxy 0.35.0 enabled dokku core proxy plugin\n ps 0.35.0 enabled dokku core ps plugin\n repo 0.35.0 enabled dokku core repo plugin\n resource 0.35.0 enabled dokku core resource plugin\n scheduler-docker-local 0.35.0 enabled dokku core scheduler-docker-local plugin\n shell 0.35.0 enabled dokku core shell plugin\n ssh-keys 0.35.0 enabled dokku core ssh-keys plugin\n storage 0.35.0 enabled dokku core storage plugin\n tags 0.35.0 enabled dokku core tags plugin\n tar 0.35.0 enabled dokku core tar plugin\n trace 0.35.0 enabled dokku core trace plugin\n
Warning
All plugin commands other than plugin:list
and plugin:help
require sudo access and must be run directly from the Dokku server.
You can check if a plugin has been installed via the plugin:installed
command:
dokku plugin:installed postgres\n
"},{"location":"advanced-usage/plugin-management/#installing-a-plugin","title":"Installing a plugin","text":"Note
Plugins installed in this method within a docker-based installation of Dokku do not persist across installs. Please see the plugin installation section of the docker-based installation docs for further details.
Installing a plugin is easy as well using the plugin:install
command. This command will also trigger the install
pluginhook on all existing plugins.
The most common usage is to install a plugin from a url. This url may be any of the following:
git
: For git+ssh based plugin repository clones.ssh
: For git+ssh based plugin repository clones.file
: For copying plugins from a path on disk.https
: For http based plugin repository clones.Additionally, any urls with the extensions .tar.gz
or .tgz
are treated as Gzipped Tarballs for installation purposes and will be downloaded and extracted into place.
dokku plugin:install https://github.com/dokku/dokku-postgres.git\n
-----> Cloning plugin repo https://github.com/dokku/dokku-postgres.git to /var/lib/dokku/plugins/available/postgres\nCloning into 'postgres'...\nremote: Counting objects: 646, done.\nremote: Total 646 (delta 0), reused 0 (delta 0), pack-reused 646\nReceiving objects: 100% (646/646), 134.24 KiB | 0 bytes/s, done.\nResolving deltas: 100% (406/406), done.\nChecking connectivity... done.\n-----> Plugin postgres enabled\n
For git-based plugin installation, a commit SHA-like object may be specified (tag/branch/commit sha) via the --committish
argument and Dokku will attempt to install the specified commit object.
# where 2.0.0 is a potential git tag\ndokku plugin:install https://github.com/dokku/dokku-postgres.git --committish 2.0.0\n
Plugin names are interpolated based on the repository name minus the dokku-
prefix. If the plugin being installed has a name other than what matches the repository name - or another name is desired - the --name
flag can be used to override this interpolation.
dokku plugin:install https://github.com/dokku/smoke-test-plugin.git --name smoke-test-plugin\n
The --core
flag may also be indicated as the sole argument, though it is only for installation of core plugins, and thus not useful for end-user installations.
dokku plugin:install --core\n
Finally, all flags may be omitted to trigger the install
procedures for both core and third-party plugins:
dokku plugin:install\n
"},{"location":"advanced-usage/plugin-management/#installing-plugin-dependencies","title":"Installing plugin dependencies","text":"In some cases, plugins will have system-level dependencies. These are not automatically installed via plugin:install
, and must be separately via the plugin:install-dependencies
command. This will run through all the dependencies
trigger for all plugins.
dokku plugin:install-dependencies\n
This command may also target just core plugins via the --core
flag. This is usually only useful for source-based installs of Dokku.
dokku plugin:install-dependencies --core\n
"},{"location":"advanced-usage/plugin-management/#updating-a-plugin","title":"Updating a plugin","text":"An installed, third-party plugin can be updated can updated via the plugin:update
command. This should be done after any upgrades of Dokku as there may be changes in the internal api that require an update of how the plugin interfaces with Dokku.
Please note that this command is only valid for plugin installs that were backed by a git-repository.
ShellOutputdokku plugin:update postgres\n
Plugin (postgres) updated\n
An optional commit SHA-like object may be specified.
dokku plugin:update postgres 2.0.0\n
Any future invocation of plugin:update
will respect the previously specified SHA-like object. To follow a particular branch again, specify that branch:
dokku plugin:update postgres main\n
"},{"location":"advanced-usage/plugin-management/#uninstalling-a-plugin","title":"Uninstalling a plugin","text":"Third party plugins can be uninstalled using the plugin:uninstall
command:
dokku plugin:uninstall postgres\n
-----> Plugin postgres uninstalled\n
"},{"location":"advanced-usage/plugin-management/#disabling-a-plugin","title":"Disabling a plugin","text":"Disabling a plugin can also be useful for debugging whether a third-party plugin is causing issues in a Dokku installation. Another common use case is for disabling core functionality for replacement with a third-party plugin.
ShellOutputdokku plugin:disable postgres\n
-----> Plugin postgres disabled\n
"},{"location":"advanced-usage/plugin-management/#enabling-a-plugin","title":"Enabling a plugin","text":"Disabled plugins can be re-enabled via the plugin:enable
command.
dokku plugin:enable postgres\n
-----> Plugin postgres enabled\n
"},{"location":"advanced-usage/plugin-management/#triggering-a-plugin-trigger","title":"Triggering a plugin trigger","text":"The plugin:trigger
can be used to call any internal plugin trigger. This may have unintended consequences, and thus should only be called for development or debugging purposes.
dokku plugin:trigger some-internal-trigger args-go-here\n
"},{"location":"advanced-usage/registry-management/","title":"Registry Management","text":"New
Introduced in 0.25.0
registry:login [--password-stdin] <server> <username> [<password>] # Login to a docker registry\nregistry:report [<app>] [<flag>] # Displays a registry report for one or more apps\nregistry:set <app> <key> (<value>) # Set or clear a registry property for an app\n
The registry plugin enables interacting with remote registries, which is useful when either deploying images via git:from-image
or when interacting with custom schedulers to deploy built image artifacts.
The registry:login
command can be used to log into a docker registry. The following are examples for logging into various common registries:
# hub.docker.com\ndokku registry:login docker.io $USERNAME $PASSWORD\n\n# digitalocean\n# the username and password are both defined as the same api token\ndokku registry:login registry.digitalocean.com $DIGITALOCEAN_API_TOKEN $DIGITALOCEAN_API_TOKEN\n\n# github container registry\n# see the following link for information on retrieving a personal access token\n# https://docs.github.com/en/packages/guides/pushing-and-pulling-docker-images#authenticating-to-github-container-registry\ndokku registry:login ghcr.io $USERNAME $REGISTRY_PAT_TOKEN\n\n# quay\n# a robot user may be used to login\ndokku registry:login quay.io $USERNAME $PASSWORD\n
For security reasons, the password may also be specified as stdin by specifying the --password-stdin
flag. This is supported regardless of the registry being logged into.
echo \"$PASSWORD\" | dokku registry:login --password-stdin docker.io $USERNAME\n
For certain Docker registries - such as Amazon ECR or Google's GCR registries - users may instead wish to use a docker credential helper to automatically authenticate against a server; please see the documentation regarding the credential helper in question for further setup instructions.
"},{"location":"advanced-usage/registry-management/#setting-a-remote-server","title":"Setting a remote server","text":"To specify a remote server registry for pushes, set the server
property via the registry:set
command. The default value for this property is empty string. Setting the value to docker.io
or hub.docker.com
will result in the computed value being empty string (as that is the default, implicit registry), while any non-zero length value will have a /
appended to it if there is not one already.
dokku registry:set node-js-app server docker.io\n
This property can be set for a single app or globally via the --global
flag. When set globally, the app-specific value will always overide the global value. The default global value for this property is empty string.
dokku registry:set --global server docker.io\n
Setting the property value to an empty string will reset the value to the system default. Resetting the value can be done per app or globally.
# per-app\ndokku registry:set node-js-app server\n\n# globally\ndokku registry:set --global server\n
The following are the values that should be used for common remote servers:
$AWS_ACCOUNT_ID.dkr.ecr.$AWS_REGION.amazonaws.com/
$AWS_ACCOUNT_ID
and $AWS_REGION
should match the values for your account and region, respectively. Additionally, an IAM profile that allows push
access to the repository specified by image-repo
should be attached to your Dokku server.$REGISTRY_NAME.azurecr.io/
$AKS_REGISTRY_NAME
should match the name of the registry created on your account.docker.io/
image-repo
value.registry.digitalocean.com/
image-repo
value for your registry.ghcr.io/
image-repo
value.quay.io/
By default, Dokku uses the value dokku/$APP_NAME
as the image repository that is pushed and deployed. For certain registries, the dokku
namespace may not be available to your user. In these cases, the value can be set by changing the value of the image-repo
property via the registry:set
command.
dokku registry:set node-js-app image-repo my-awesome-prefix/node-js-app\n
Setting the property value to an empty string will reset the value to the system default. Resetting the value has to be done per-app.
# per-app\ndokku registry:set node-js-app image-repo\n
"},{"location":"advanced-usage/registry-management/#templating-the-image-repository-name","title":"Templating the image repository name","text":"Instead of setting the image repository name on a per-app basis, it can be set via a template globally with the image-repo-template
property:
dokku registry:set --global image-repo-template \"my-awesome-prefix/{{ .AppName }}\"\n
Dokku uses a Golang template and has access to the AppName
variable as shown above.
To push the image on release, set the push-on-release
property to true
via the registry:set
command. The default value for this property is false
. Setting the property to true
will result in the image being tagged with an ID that is incremented with every release. This tag will be what is used for running app code.
dokku registry:set node-js-app push-on-release true\n
This property can be set for a single app or globally via the --global
flag. When set globally, the app-specific value will always overide the global value. The default global value for this property is false
.
dokku registry:set --global push-on-release true\n
Setting the property value to an empty string will reset the value to the system default. Resetting the value can be done per app or globally.
# per-app\ndokku registry:set node-js-app push-on-release\n\n# globally\ndokku registry:set --global push-on-release\n
"},{"location":"advanced-usage/registry-management/#push-extra-tags","title":"Push extra tags","text":"To push the image on release with extra tags, set the push-extra-tags
to a comma-separated list of tags via the registry:set
command. The default value for this property is empty. Setting the property will result in the image being tagged with extra tags every release.
The push-extra-tags
can be set to a single tag too.
# multiple-tags\ndokku registry:set node-js-app push-extra-tags foo,bar\n
# single tag\ndokku registry:set node-js-app push-extra-tags foo\n
This property can be set for a single app or globally via the --global
flag. When set globally, the app-specific value will always overide the global value. The default global value for this property is false
.
dokku registry:set --global push-extra-tags foo,bar\n
Setting the property value to an empty string will reset the value to the system default. Resetting the value can be done per app or globally.
# per-app\ndokku registry:set node-js-app push-extra-tags\n\n# globally\ndokku registry:set --global push-extra-tags\n
"},{"location":"advanced-usage/repository-management/","title":"Repository Management","text":"New
Introduced in 0.6.0
repo:gc <app> # Runs 'git gc --aggressive' against the application's repo\nrepo:purge-cache <app> # Deletes the contents of the build cache stored in the repository\n
The repository plugin is meant to allow users to perform management commands against a repository.
"},{"location":"advanced-usage/repository-management/#usage","title":"Usage","text":""},{"location":"advanced-usage/repository-management/#git-garbage-collection","title":"Git Garbage Collection","text":"This will run a git gc --aggressive against the applications repo. This is performed on the Dokku host, and not within an application container.
ShellOutputdokku repo:gc node-js-app\n
Counting objects: 396, done.\nDelta compression using up to 2 threads.\nCompressing objects: 100% (365/365), done.\nWriting objects: 100% (396/396), done.\nTotal 396 (delta 79), reused 315 (delta 0)\n
"},{"location":"advanced-usage/repository-management/#clearing-application-cache","title":"Clearing Application cache","text":"Building containers with buildpacks currently results in a persistent cache
directory between deploys. If you need to clear this cache directory for any reason, you may do so by running the following shell command:
dokku repo:purge-cache node-js-app\n
"},{"location":"advanced-usage/resource-management/","title":"Resource Management","text":"New
Introduced in 0.15.0
resource:limit [--process-type <process-type>] [RESOURCE_OPTS...] <app> # Limit resources for a given app/process-type combination\nresource:limit-clear [--process-type <process-type>] <app> # Limit resources for a given app/process-type combination\nresource:report [<app>] [<flag>] # Displays a resource report for one or more apps\nresource:reserve [--process-type <process-type>] [RESOURCE_OPTS...] <app> # Reserve resources for a given app/process-type combination\nresource:reserve-clear [--process-type <process-type>] <app> # Reserve resources for a given app/process-type combination\n
The resource plugin is meant to allow users to limit or reserve resources for a given app/process-type combination.
"},{"location":"advanced-usage/resource-management/#usage","title":"Usage","text":"By default, Dokku allows unlimited resource access to apps deployed on a server. In some cases, it may be desirable to limit this on a per-app or per-process-type basis. The resource
plugin allows management of both resource \"limits\" and resource \"reservations\", where each resource request type has specific meaning to the scheduler in use for a given app.
Warning
The meaning of a values and it's units are specific to the scheduler in use for a given app. If a value is incorrect for a scheduler, this may result in containers failing to start correctly. If a scheduler does not support a given resource type combination, it will be ignored. All resource commands require an app rebuild or deploy in order to take effect.
Valid resource options include:
--cpu
--memory
--memory-swap
--network
--network-ingress
--network-egress
--nvidia-gpu
See the Supported Resource Management Properties section of the docker local scheduler documentation for more information on how each resource limit maps to Docker.
Resource limits and reservations are applied only during the run
and deploy
phases of an application, and will not impact the build
phase of an application.
When specified and supported, a resource limit will ensure that your app does not go over the specified value. If this occurs, the underlying scheduler may either cap resource utilization, or it may decide to terminate and reschedule your process.
Resource limits may be set via the resource:limit
command:
dokku resource:limit --memory 100 node-js-app\n
=====> Setting resource limits for node-js-app\n memory: 100\n
Multiple resources can be limited in a single call:
ShellOutputdokku resource:limit --cpu 100 --memory 100 node-js-app\n
=====> Setting resource limits for node-js-app\n cpu: 100\n memory: 100\n
Resources can also be limited on a per-process type basis. If specified, this will override any generic limits set for the app.
ShellOutputdokku resource:limit --cpu 100 --memory 100 --process-type worker node-js-app\n
=====> Setting resource limits for node-js-app (worker)\n cpu: 100\n memory: 100\n
A resource value can be individually cleared by setting the value to the special value clear
.
dokku resource:limit --cpu clear node-js-app\n
=====> Setting resource limits for node-js-app\n cpu: cleared\n
"},{"location":"advanced-usage/resource-management/#displaying-resource-limits","title":"Displaying Resource Limits","text":"Running the resource:limit
command without any flags will display the currently configured default app limits.
dokku resource:limit node-js-app\n
=====> resource limits node-js-app information [defaults]\n cpu:\n memory:\n memory-swap: 100\n network: 100\n network-ingress:\n network-egress:\n nvidia-gpu:\n
This may also be combined with the --process-type
flag to see app limits on a process-type level. Note that the displayed values are not merged with the defaults.
dokku resource:limit --process-type web node-js-app\n
=====> resource limits node-js-app information (web)\n cpu: 100\n memory: 100\n memory-swap:\n network:\n network-ingress:\n network-egress:\n nvidia-gpu:\n
"},{"location":"advanced-usage/resource-management/#clearing-resource-limits","title":"Clearing Resource Limits","text":"In cases where the values are incorrect - or there is no desire to limit resources - resource limits may be cleared using the resource:limit-clear
command.
dokku resource:limit-clear node-js-app\n
-----> Clearing resource limit for node-js-app\n
Defaults can also be cleared by leaving the app unspecified.
ShellOutputdokku resource:limit-clear\n
-----> Clearing default resource limits\n
"},{"location":"advanced-usage/resource-management/#resource-reservations","title":"Resource Reservations","text":"When specified and supported, a resource reservation will ensure that your server has at least the specified resources before placing a given app's process. If there a resource exhaustion, future rebuilds and deploys may fail.
Resource reservations may be set via the resource:reserve
command:
dokku resource:reserve --memory 100 node-js-app\n
=====> Setting resource reservation for node-js-app\n memory: 100\n
Multiple resources can be limited in a single call:
ShellOutputdokku resource:reserve --cpu 100 --memory 100 node-js-app\n
=====> Setting resource reservation for node-js-app\n cpu: 100\n memory: 100\n
Resources can also be limited on a per-process type basis. If specified, this will override any generic limits set for the app.
ShellOutputdokku resource:reserve --cpu 100 --memory 100 --process-type worker node-js-app\n
=====> Setting resource reservation for node-js-app (worker)\n cpu: 100\n memory: 100\n
A resource value can be individually cleared by setting the value to the special value clear
.
dokku resource:reserve --cpu clear node-js-app\n
=====> Setting resource reservation for node-js-app\n cpu: cleared\n
"},{"location":"advanced-usage/resource-management/#displaying-resource-reservations","title":"Displaying Resource Reservations","text":"Running the resource:reserve
command without any flags will display the currently configured default app reservations.
dokku resource:reserve node-js-app\n
=====> resource reservation node-js-app information [defaults]\n cpu: 100\n memory: 100\n memory-swap:\n network:\n network-ingress:\n network-egress:\n nvidia-gpu:\n
This may also be combined with the --process-type
flag to see app reservations on a process-type level. Note that the displayed values are not merged with the defaults.
dokku resource:reserve --process-type web node-js-app\n
=====> resource reservation node-js-app information (web)\n cpu: 100\n memory: 100\n memory-swap:\n network:\n network-ingress:\n network-egress:\n nvidia-gpu:\n
"},{"location":"advanced-usage/resource-management/#clearing-resource-reservations","title":"Clearing Resource Reservations","text":"In cases where the values are incorrect - or there is no desire to reserve resources - resource reservations may be cleared using the resource:reserve-clear
command.
dokku resource:reserve-clear node-js-app\n
-----> Clearing resource reservation for node-js-app\n
Defaults can also be cleared by leaving the app unspecified.
ShellOutputdokku resource:reserve-clear\n
-----> Clearing default resource reservation\n
"},{"location":"advanced-usage/resource-management/#displaying-resource-reports-for-an-app","title":"Displaying resource reports for an app","text":"You can get a report about the app's resource status using the resource:report
command:
dokku resource:report\n
=====> node-js-app resource information\n web limit cpu:\n web limit memory: 1024\n web limit memory swap: 0\n web limit network: 10\n web limit network ingress:\n web limit network egress:\n web limit nvidia gpu:\n web reservation cpu:\n web reservation memory: 512\n web reservation memory swap:\n web reservation network: 8\n web reservation network ingress:\n web reservation network egress:\n web reservation nvidia gpu:\n=====> python-sample resource information\n web limit cpu:\n web limit memory:\n web limit memory swap:\n web limit network:\n web limit network ingress:\n web limit network egress:\n web limit nvidia gpu:\n web reservation cpu:\n web reservation memory:\n web reservation memory swap:\n web reservation network:\n web reservation network ingress:\n web reservation network egress:\n web reservation nvidia gpu:\n=====> ruby-sample resource information\n web limit cpu:\n web limit memory:\n web limit memory swap:\n web limit network:\n web limit network ingress:\n web limit network egress:\n web limit nvidia gpu:\n web reservation cpu:\n web reservation memory:\n web reservation memory swap:\n web reservation network:\n web reservation network ingress:\n web reservation network egress:\n web reservation nvidia gpu:\n
You can run the command for a specific app also.
ShellOutputdokku resource:report node-js-app\n
=====> node-js-app resource information\n web limit cpu:\n web limit memory: 1024\n web limit memory swap: 0\n web limit network: 10\n web limit network ingress:\n web limit network egress:\n web limit nvidia gpu:\n web reservation cpu:\n web reservation memory: 512\n web reservation memory swap:\n web reservation network: 8\n web reservation network ingress:\n web reservation network egress:\n web reservation nvidia gpu:\n
You can pass flags which will output only the value of the specific information you want. For example:
ShellOutput# Note the periods in the flag name\ndokku resource:report node-js-app --resource-web.limit.memory\n
1024\n
"},{"location":"appendices/0.10.0-migration-guide/","title":"0.10.0 Migration Guide","text":""},{"location":"appendices/0.10.0-migration-guide/#pci-compliance","title":"PCI Compliance","text":"By default, Dokku will ship a PCI Compliant nginx configuration. For developers whose users are on older browsers or mobile devices, you may need to ship a custom nginx.conf.sigil
to enable ciphers for older browsers.
See the nginx customization docs for more details.
"},{"location":"appendices/0.10.0-migration-guide/#nginx-error-pages","title":"Nginx Error Pages","text":"We now ship with nicer error pages by default. You are free to customize your Dokku installation via a custom nginx.conf.sigil
to change what error pages are displayed in different circumstances.
See the nginx customization docs for more details.
"},{"location":"appendices/0.20.0-migration-guide/","title":"0.20.0 Migration Guide","text":""},{"location":"appendices/0.20.0-migration-guide/#removals","title":"Removals","text":""},{"location":"appendices/0.20.0-migration-guide/#command-removals","title":"Command removals","text":"The following commands were previously deprecated and were removed in this release.
apps
: Use apps:list
instead.certs
: Use certs:report
instead.certs:info
: Use certs:report
instead.checks
: Use checks:report
instead.docker-options
: Use docker-options:report
instead.domains
: Use domains:report
instead.plugin
: Use plugin:list
instead.proxy
: Use proxy:report
instead.trace
: Use trace:on
or trace:off
instead.ps
: Use enter
with a container ID instead to run ps auxww
within a container.The refactor of the proxy plugin removes the following functions from being sourced in plugins:
proxy#get_app_proxy_port_map()
proxy#list_app_proxy_ports()
proxy#filter_app_proxy_ports()
proxy#add_proxy_ports()
proxy#remove_proxy_ports()
proxy#set_proxy_ports()
The informal policy is to allow removal of functions within a functions
file if they are not used in OSS plugins. Should you be affected by any such removals, please file an issue to expose the functionality via a plugin trigger.
tar#tar_in_cmd
was renamed to tar#cmd-tar-in
. Users should avoid using cmd-*
commands directly, and instead file an issue to have them exposed via a plugin trigger.tar#tar_from_cmd
was renamed to tar#cmd-tar-from
. Users should avoid using cmd-*
commands directly, and instead file an issue to have them exposed via a plugin trigger.Dokku will no longer distribute packages for Ubuntu versions that have reached either End of Life or End of Standard Support (for LTS releases). This currently includes the following releases:
Dokku will no longer distribute packages for Debian versions that are not stable
or oldstable
. This currently includes the following releases:
The --git-sha
flag was moved from the apps:report
command to the git:report
command.
When an app is not deployed, the apps:report
command no longer shows the message not deployed
. Please use the --deployed
flag on ps:report
instead to see if the app has been deployed.
The following changes on the apps:report
command were made in this release:
--deploy-source
flag was renamed to --app-deploy-source
.--locked
flag was renamed to --app-locked
.The following changes on the network:report
command were made in this release:
--network-listeners
flag was renamed to --network-web-listeners
.network-get-port
trigger was incorrectly documented to have the isHerokuishContainer
argument as the third argument. The code has been fixed to respect the documentation.network-get-listeners
trigger now takes an additional processType
argument. If not specified, it defaults to web
. This default will be removed in an upcoming release.nginx:show-conf
has been deprecated in favor of nginx:show-config
.proxy#is_app_proxy_enabled()
is deprecated in favor of plugn trigger proxy-is-enabled
.proxy#get_app_proxy_type()
is deprecated in favor of plugn trigger proxy-type
.apps#apps_create()
is deprecated in favor of plugn trigger app-create
.apps#apps_destroy()
is deprecated in favor of plugn trigger app-destroy
.apps#apps_exists()
is deprecated in favor of plugn trigger app-exists
.apps#apps_maybe_create()
is deprecated in favor of plugn trigger app-maybe-create
.plugin trigger network-get-listeners
usage without a second processType
argument is deprecated..NGINX_PORT
variable usage within nginx.conf.sigil
templates is deprecated in favor of .PROXY_PORT
..NGINX_SSL_PORT
variable usage within nginx.conf.sigil
templates is deprecated in favor of .PROXY_SSL_PORT
..DOKKU_APP_LISTENERS
variable usage within nginx.conf.sigil
templates is deprecated in favor of .DOKKU_APP_WEB_LISTENERS
.The tls
name is no longer a reserved app name, and can be used by applications. This was previously a reserved app name due to it's use as a place for global SSL certificate files; Dokku has not supported global SSL certificates for many releases, and thus there is no need to reserve the name.
git#git_deploy_branch()
is deprecated in favor of plugn trigger git-deploy-branch
.config
command is deprecated in favor of config:show
.--export
or --shell
flag is deprecated in favor of config:export --format
with the correct format value (exports
or shell
, respectively).nginx:build-config
command is deprecated in favor of proxy:build-config
.The apps:destroy
command no longer takes a second argument force
. Instead, this can be passed as the --force
flag, either globally or as a flag to the command itself.
The proxy:enable
and proxy:disable
no longer restart apps when setting the DOKKU_DISABLE_PROXY
environment variable. A future release will disable usage of DOKKU_DISABLE_PROXY
altogether.
logs:failed
without either a <name>
or the --all
flag is deprecated.common.GetDeployingAppImageName()
function now returns an error
as the second return argument instead of calling common.LogFail()
internally.DOKKU_DISABLE_ANSI_PREFIX_REMOVAL
is deprecated; Dokku 0.23.0 will avoid removing the remote:
ansi prefix entirely. No warning will be added in this release.The ps
command has had a few removals as a result of a rewrite to Golang:
ps:set-restart-policy
command has been removed in favor the ps:set
command.ps:restart-policy
command has been removed in favor of the ps:report
command.ps:rebuildall
command has been removed in favor of calling the ps:rebuild
with the --all
flag instead of an app name.ps:restartall
command has been removed in favor of calling the ps:restart
with the --all
flag instead of an app name.ps:stopall
command has been removed in favor of calling the ps:stop
with the --all
flag instead of an app name.ps:startall
command has been removed in favor of calling the ps:start
with the --all
flag instead of an app name.DOKKU_PROCFILE
file is no longer located in the git directory for a given app on the server. It's location is currently not exposed.procfile-get-command
plugin trigger no longer takes a procfile path
as the final argument.ps
functions have been removed. Please us a trigger as appropriate or file a PR to have a new trigger/wrapper function added.plugin:list
command no longer outputs the version for the plugn
binary.docker-image-labeler
binary to work correctly. A reference version has been placed in the docker
skeleton directory. This should only impact platform developers, and users of our Docker image will already have the file available.dokku
user's cron is now in use by Dokku itself. Customizations will be overwritten. Users are encouraged to use a cron entry in /etc/cron.d/dokku
to avoid this issue.max-size
log driver option for applications. This is restricted to app-configured log driver values empty, local
or json-file
in 0.23.1 to increase setup compatibility. Users who configure alternative log drivers at the system level will need to either set the global max-size
property to unlimited
or switch to the built-in vector
logging support.proxy:enable
, proxy:disable
and proxy:build-config
now support the --all
flag in addition to general parallelism.builder-cnb
plugin has been renamed builder-pack
, and all related plugin triggers have had the suffix -cnb
changed to -pack
.builder-detect
trigger. Users that wish to use a specific builder may set a builder using the builder:set
command, which will force Dokku to use the specified builder regardless of what might be auto-detected.tags
plugin is deprecated in favor of the git:from-image
command. It will be removed in the next minor release, and is considered unmaintained. Users are highly encouraged to switch their workflows to git:from-image
.tar
plugin is deprecated in favor of the git:from-archive
command. It will be removed in the next minor release, and is considered unmaintained. Users are highly encouraged to switch their workflows to git:from-archive
.The dokku-registry plugin is now built-in. This comes with a few changes:
post-release-builder
at the end of the build.push
and pull
command are not implemented. Users wishing to deploy a remote image should use git:from-image
. Image pushing is not available at this time.Before upgrading, uninstall the registry plugin via dokku plugin:uninstall registry
. Not doing so will cause issues with Dokku.
initial-network
for all containers on creation. This is a replacement for specifying the --network
flag via the docker-options
plugin. Please see the network documentation for more information.dokku run
command now always removes the ephemeral container on exit. Users that need a persistent container should instead specify a console
process type in their Procfile
specifying an available shell (usually either bash
or sh
) and scale that container appropriately.pre-deploy
plugin trigger is now called internally by Dokku. Scheduler plugins should avoid calling this trigger, as any image changes introduced by subsequent trigger calls will be ignored.gliderlabs/herokuish:latest-20
, and is based on both the heroku-20
stack as well as Ubuntu 20.04. Users that wish to stick with the old, heroku-18
/Ubuntu 18.04 builder may specify gliderlabs/herokuish:latest-18
as their builder image. Please see the herokuish buildpack deployment documentation for more information on how to specify a custom buildpack stack builder.Dockerfile
app contains a Procfile
that does not specify a web
process will fail to start. Usage of a Procfile
with only a release
command should be replaced with a scripts.dokku.postdeploy
deployment task in the app.json
file. The alternative is to define the web
process in the Procfile
. See the deployment task documentation for more information.Dockerfile
was to use the docker-options
plugin to set the --file
flag for a docker build. As of 0.25.0, the builder-dockerfile:set
command should be used instead, as outlined in the docs here. Usage of the old method should be migrated to the new method.--rm
and --rm-container
flags may be specified but no longer have any effect on dokku run
.--detach
flag is deprecated in favor of the run:detached
command.DOKKU_SCALE
file is deprecated. Please see the process management documentation for more information on it's replacement with the formation
key of the app.json
file.post-release-buildpack
, post-release-dockerfile
, and post-release-pack
are deprecated in favor of post-release-builder
. See the plugin triggers documentation for more details.scheduler-docker-cleanup
plugin trigger has been removed from the scheduler interface, and is no longer invoked.tags
plugin - deprecated in 0.24.0 - was removed. Users are highly encouraged to switch their workflows to git:from-image
.tar
plugin - deprecated in 0.24.0 - was removed. Users are highly encouraged to switch their workflows to git:from-archive
.scheduler
plugin now controls the scheduler in use for deploys. Apps will have their DOKKU_SCHEDULER
environment variables migrated to the scheduler plugin, after which that value will be removed from said app. Please see the scheduler documentation for more information.deploy-source
metadata from apps:report
is now no longer computed on the fly, but hydrated at deploy time via the deploy-source-set
trigger. This value may be empty until your next deploy.deploy-source
trigger has now been removed.Renaming an application will now only rename domains that are associated with global domains. As an example:
dokku domains:set-global dokku.me\ndokku apps:create node-js-app\ndokku domains:set node-js-app node-js-app.dokku.me node-js-app.dokku.com\ndokku apps:rename node-js-app other-name\ndokku domains:report node-js-app --domains-app-vhosts\n# output: other-name.dokku.me node-js-app.dokku.com\n
Support for the following operating systems has been removed:
Dokku will no longer provide packages for RPM based systems. Debian 9 users may use new Debian packages, though support is not guaranteed.
All users are encouraged to install Dokku via the Docker-based installation method, or switch to a supported operating system.
"},{"location":"appendices/0.28.0-migration-guide/#deprecations","title":"Deprecations","text":"Ubuntu 18.04 is now a deprecated installation target. The operating system will be considered EOL by Canonical in April 2023. Users are encouraged to upgrade to Ubuntu 22.04 or consider switching their instllation method to the Docker-based installation method to avoid any disruption in usage.
"},{"location":"appendices/0.28.0-migration-guide/#additions","title":"Additions","text":"New in 0.28.0 are the Caddy, Haproxy and Traefik plugins. As community plugins wrapping these proxies exist, users should:
proxy:set
value of caddy
, haproxy
or traefik
.run:detached
now uses the container name - eg. node-js-app.run.1
- vs the container id.cron
tasks is now base36-encoded instead of base64-encoded.nginx.conf.sigil
is now extracted when source code is extracted for a build and not from the built image. Users can specify alternative paths via the nginx-conf-sigil-path
property of the nginx
plugin. See the nginx documentation for more information on how to configure the nginx.conf.sigil
path for your application.git:from-image
, the nginx.conf.sigil
file will be extracted from the source image, respecting the value of nginx-conf-sigil-path
.Procfile
is now extracted when source code is extracted for a build and not from the built image. Users can specify alternative paths via the procfile-path
property of the ps
plugin. See the process management documentation for more information on how to configure the Procfile
path for your application.git:from-image
, the Procfile
file will be extracted from the source image, respecting the value of procfile-path
.pre-restore
hook has been renamed to scheduler-pre-restore
. There is a new pre-restore
hook that is triggered within the ps:restore
command prior to restoring any apps./usr/bin/systemctl
is available.DOKKU_WAIT_TO_RETIRE
environment variable has been migrated to a checks
property named wait-to-retire
and will be ignored if set as an environment variable.domains-setup
trigger has been removed. Initial app domains will now be automatically setup during app creation.URLS
file containing generated urls for an app is no longer generated or referenced. Users should retrieve app urls via the new domains-urls
plugin trigger.get_app_urls
has been removed. Users should retrieve app urls via the new domains-urls
plugin trigger.Info
Important: Due to the removal of DOKKU_SCALE
support, users with a version older than 0.25.x are heavily encouraged to upgrade to 0.29.x prior to 0.30.x. Not doing so will result in all app containers stopping on rebuild due to having no scale settings.
app.json
file is now extracted from the source code instead of the built image. For deploys via git:from-image
, the file is extracted from the built image.nginx.conf.sigil
templates referencing spdy-related variables will continue to build until the 1.0.0 release.DOKKU_SCALE
file - deprecated in 0.25.0 - has been removed in favor of the formation
key in the app.json
file. Please see the process management documentation for more information on how to use the formation
key of the app.json
file.--detach
global flag for dokku run
was removed. Please see the one-off tasks documentation for more information on running detached containers.post-release-builder
trigger. See the plugin triggers documentation for more details.post-release-buildpack
post-release-dockerfile
post-release-pack
logs:failed
without specifying an app or --all
flag has been removed. This was deprecated in 0.22.0. Please see the logs:failed.app/functions
file will fail going forward.apps#apps_create()
is removed in favor of plugn trigger app-create
.apps#apps_destroy()
is removed in favor of plugn trigger app-destroy
.apps#apps_exists()
is removed in favor of plugn trigger app-exists
.apps#apps_maybe_create()
is removed in favor of plugn trigger app-maybe-create
.common#is_container_running()
(deprecated since 0.12.6) is removed in favor of common#is_container_status()
.common#is_app_running()
(deprecated since 0.22.0) is removed in favor of ps#fn-ps-is-app-running()
.--rm-container
and --rm
flags - deprecated since 0.25.0 - have been removed.git#use_git_worktree()
(deprecated since 0.23.7) has been removed. There is no alternative as the function has been made internal.git#git_deploy_branch()
(deprecated since 0.21.0) has been removed in favor of plugn trigger git-deploy-branch
.nginx:show-conf
has been removed in favor of nginx:show-config
.nginx:validate
has been removed in favor of nginx:validate-config
.nginx:build-config
- deprecated since 0.21.0 - has been removed in favor of proxy:build-config
.proxy/functions
file will fail going forward.proxy#is_app_proxy_enabled()
is removed in favor of plugn trigger proxy-is-enabled
.proxy#get_app_proxy_type()
is removed in favor of plugn trigger proxy-type
.cache-node-js-app
- instead of the local filesystem. All existing app cache will be cleared upon upgrading past 0.29.0.vector
container integration now mounts config to /etc/vector
instead of the path /etc/vector/vector.json
, allowing users the ability to provide extra configuration for Vector Sinks. To take advantage of the new functionality, the vector container should be stopped (via dokku logs:vector-stop
) and then started (via dokku logs:vector-start
).traefik
integration now mounts config to /data
instead of the path /acme.json
, fixing permissions issues under certain architectures. To take advantage of the new functionality, the traefik container should be stopped (via dokku traefik:stop
) and then started (via dokku traefik:start
).source-image
git property when transitioning from image-based deploys (git:from-image
and git:load-image
) to other deployment methods (git push, git:from-archive
, git:sync
).git:from-image
and git:load-image
commands, the CHECKS
file is now extracted from the configured WORKDIR
property of the image. For all other deploys - git push, git:from-archive
, git:sync
- will have the CHECKS
extracted directly from the source code. The filename in both cases is CHECKS
and cannot be modified.ports
plugin. A default port mapping of http:80:5000
will be used if none is otherwise specified.docker-container-healthchecker
binary to work correctly. A reference version has been placed in the docker
skeleton directory. This should only impact platform developers, and users of our Docker image will already have the file available.gliderlabs/herokuish:latest-22
, and is based on both the heroku-22
stack as well as Ubuntu 22.04. Users that wish to stick with the old, heroku-20
/Ubuntu 20.04 builder may specify gliderlabs/herokuish:latest-20
as their builder image. Please see the herokuish buildpack deployment documentation for more information on how to specify a custom buildpack stack builder.heroku/builder:22
, and is based on both the heroku-22
stack as well as Ubuntu 22.04. Users that wish to stick with the old, heroku-20
/Ubuntu 20.04 builder may specify heroku/buildpacks:20
as their builder image. Please see the herokuish buildpack deployment documentation for more information on how to specify a custom buildpack stack builder.proxy:ports*
commands have been replaced with the new ports
plugin. Users will be able to use the old proxy:ports*
commands for a single minor release, and they will be removed in the next minor release.common#get_available_port()
function has been deprecated and will be removed in the next release. Users should avoid interacting with this function and instead use the ports-get-available
plugin trigger for fetching an available port.proxy-configure-ports
plugin trigger has been deprecated and will be removed in the next release. Users should instead trigger the ports-configure
plugin trigger.common#get_dockerfile_exposed_ports()
function is deprecated and will be removed in the next release. There is no replacement for this as it's only use in Dokku core was in the builder-dockerfile
plugin.common#get_exposed_ports_from_image()
function is deprecated and will be removed in the next release. There is no replacement for this as it's only use in Dokku core was during the build process.DOKKU_PROXY_PORT_MAP
has been migrated to the properties system. Direct changes to the value will be ignored, and users should interact with port maps via the ports
plugin.CHECKS
file is deprecated in favor of defining healthchecks in the app.json
file. The docker-container-healthchecker tool can be used to generate healthcheck entries in app.json
format from existing CHECKS
files. See the zero-downtime deploy documentation for more information on how the new zero downtime check format works.apps
and config
cli aliases are no longer deprecated. This better follows Heroku's output and is more useful to users. The subcommands will be treated as the primary, documented versions, while the aliases are there for convenience.RAW_TCP_PORTS
is no longer exposed for nginx.conf.sigil
templating.DOKKU_DOCKERFILE_PORTS
is no longer in use. Users wishing to change port mappings should instead use the ports
plugin.common#get_app_raw_tcp_ports()
function has been removed in the next release. Users should instead use the ports-get
plugin trigger for fetching ports for an app.network-compute-ports
has been removed. It's only use was in the scheduler-docker-local
plugin, for exposing ports. It's functionality is now implemented via the ports
plugin.network-get-port
has been removed. It's only use was in the scheduler-docker-local
plugin, for recording ports. It's functionality is now implemented via the ports
plugin.pre-build-*
plugin triggers have been deprecated and will be removed in the next release. Users should instead trigger the pre-build
plugin trigger.pre-release-*
plugin triggers have been deprecated and will be removed in the next release. Users should instead trigger the pre-release-builder
plugin trigger.post-build-*
plugin triggers have been deprecated and will be removed in the next release. Users should instead trigger the post-build
plugin trigger.CHECKS
file was deprecated in the previous release in favor of defining healthchecks in the app.json
file. It's support and auto-migration to healthchecks in the app.json
file will be removed in the next release. See the zero-downtime deploy documentation for more information on how the new zero downtime check format works.ports
plugin and it's related plugin triggers.proxy:ports-*
commandsproxy-configure-ports
plugin triggercommon#get_available_port()
common#get_dockerfile_exposed_ports()
common#get_exposed_ports_from_image()
Dokku 0.33.0 did not introduce any refactors, removals, or deprecations, and focused solely on system improvements.
"},{"location":"appendices/0.34.0-migration-guide/","title":"0.34.0 Migration Guide","text":""},{"location":"appendices/0.34.0-migration-guide/#removals","title":"Removals","text":"disable-chown
property of the scheduler-docker-local
plugin has been removed. Mounted paths will no longer have file permissions changed during the pre-deploy phase. Files baked into the container image for herokuish builds will always be owned by the correct user.git:unlock
command has been removed. It was previously used to \"unlock\" a temporary directory that already existed. The directory the git:unlock
command used to cleanup is now properly removed on exit of the git:from-image
command.https:443
and http:80
. If no matching port map is specified, Dokku will use expose the app on the first port mapping, with priority given to https
mappings over http
.PlugnTrigger*
have been removed in favor of CallPlugnTrigger
./home/dokku
directory and moved into the data/apps
directory.copytruncate
instead of create
in logrotate.The k3s scheduler now defaults to nginx as it's default proxy implementation. The traefik proxy implementation is still available, though users will need to set the global ingress-class
k3s property to traefik
via the following command:
dokku scheduler-k3s:set --global ingress-class traefik\n
The pre-deploy
plugin trigger is deprecated as of 0.34.4
. It is currently invoked during the post-release-builder
plugin trigger, where image mutation is heavily discouraged. Users should instead move any trigger usage to the pre-release-builder
plugin trigger. The pre-deploy
plugin trigger will be removed in a future release.
dokku/dokku:latest
Docker image now runs Ubuntu 24.04 Noble. Users that install custom packages within their docker-based installations should be sure to check package compatibility with Ubuntu 24.04.heroku/builder:24
, and is based on both the heroku-24
stack as well as Ubuntu 24.04. Users that wish to stick with the old, heroku-22
/Ubuntu 22.04 builder may specify heroku/buildpacks:22
as their builder image. Please see the cloud native buildpack deployment documentation for more information on how to specify a custom buildpack stack builder.gliderlabs/herokuish:latest-24
, and is based on both the heroku-24
stack as well as Ubuntu 24.04. Users that wish to stick with the old, heroku-22
/Ubuntu 22.04 builder may specify gliderlabs/herokuish:latest-22
as their builder image. Please see the herokuish buildpack deployment documentation for more information on how to specify a custom buildpack stack builder.vector
image used by Dokku for enhanced logging support has been upgraded from 0.39.x to 0.41.x. To take advantage of the new image, execute the following commands: dokku logs:vector-stop\ndokku logs:vector-start\n
openresty
image used by Dokku for proxying via openresty has been upgraded from 0.8.0 to 0.9.0. To take advantage of the new image, execute the following commands: dokku openresty:stop\ndokku openresty:start\n
nginx-vhosts
plugin","text":"$
characters (or other \"bash-isms\")nginx.conf.sigil
/app
in the container or WORKDIR
if defined in a dockerfile app)/home/dokku/node-js-app
on the Dokku servercerts
plugindokku certs:add node-js-app < certs.tar
NO_VHOST
variable with domains:enable/disable
checks:enable/disable
EXPOSE
clauses will get all tcp ports proxied by defaultdokku proxy:disable node-js-app
DOKKU_CHECKS_ENABLED
has been migrated to DOKKU_CHECKS_SKIPPED
DOKKU_CHECKS_DISABLED
is now a thing_all_
checks
docs for more infoDOKKU_PROXY_PORT_MAP
config variable in the format of scheme:host-port:container-port
. The default nginx-vhosts
proxy plugin supports both the http
and https
schemes.http:80:5000
and will also include https:443:5000
if SSL is enabled.EXPOSE
directive) will be configured with a listener on each exposed port that proxies to the same port of the deployed application container.proxy:ports-*
commands or by directly setting DOKKU_PROXY_PORT_MAP
with the config:set
commanddokku
binary","text":"dokku
binary directly. Clients using the --app
argument are potentially broken, amongst others, when doing so. Instead, please source the functions
file for a given plugin when attempting to call Dokku internal functions. As a result, the following Dokku commands are no longer publicly exposed:dokku build
dokku receive
dokku release
dokku tar:build
dokku tar:build-locked
dokku git:build
dokku git:build-locked
We should now properly handle file ownership for mounted directories. This was enhanced in 0.7.1. See the persistent storage documentation for more details.
"},{"location":"appendices/0.7.0-migration-guide/#restart-policies","title":"Restart Policies","text":"If you previously managed container restart policies via docker-options, these can now be managed natively via the built-in ps
plugin. There is no migration necessary. See the restart policy documentation for more details.
Dokku now has an ssh-keys
plugin that can be used to manage ssh keys for the dokku
user on the host operating system. See the user management documentation for more details.
You can now set global and app domains via domains:set
and domains:set-global
. See the domains documentation for more details.
A new uninstall
plugin trigger was introduced. This functionality may be in use for newer plugins, so be aware that older Dokku versions may require manual cleanup.
See the uninstall trigger documentation for implementation instructions.
"},{"location":"appendices/0.8.0-migration-guide/#deployment-tasks","title":"Deployment Tasks","text":"Should a pre or post deployment task fail, we now fail the entire deploy.
"},{"location":"appendices/0.8.0-migration-guide/#nginx-http2-support","title":"Nginx HTTP2 Support","text":"Due to bugs in Nginx, the minimum version for HTTP2 is now 1.11.5.
"},{"location":"appendices/0.9.0-migration-guide/","title":"0.9.0 Migration Guide","text":""},{"location":"appendices/0.9.0-migration-guide/#golang-migration","title":"Golang Migration","text":"There is an ongoing migration to rewrite Dokku in Golang. The reasons are beyond the scope of this document, but this may impact any patches you have for Dokku. As of 0.9.0, only the repo
plugin is in Golang.
The following shall remain true, regardless of the state of our rewrite:
plugn
will continue to be used for executing plugin triggers.Given the constraints, running Dokku commands remotely via SSH is fine. For certain configurations, the extra complication of manually invoking ssh can be a burden.
The easiest way to interact with Dokku remotely is by using the official client. Documented below are the various clients that you may wish to use.
"},{"location":"community/clients/#official-client","title":"Official Client","text":"See the remote commands documentation for more information on how to install and use the official client.
"},{"location":"community/clients/#nodejs-dokku-toolbelt","title":"(nodejs) dokku-toolbelt","text":"Dokku-toolbelt is a node-based cli wrapper that proxies requests to the Dokku command running on remote hosts. You can install it via the following shell command (assuming you have nodejs and npm installed):
npm install -g dokku-toolbelt\n
See documentation here for more information.
"},{"location":"community/clients/#ruby-dokku-cli","title":"(ruby) Dokku CLI","text":"Dokku CLI is a rubygem that acts as a client for your Dokku installation. You can install it via the following shell command (assuming you have ruby and rubygems installed):
gem install dokku-cli\n
See documentation here for more information.
"},{"location":"community/clients/#ruby-dokkuclient","title":"(ruby) DokkuClient","text":"DokkuClient is another rubygem that acts as a client for your Dokku installation with built-in support for certain external plugins. You can install it via the following shell command (assuming you have ruby and rubygems installed):
gem install dokku_client\n
See documentation here for more information.
"},{"location":"community/clients/#ruby-dokkufy","title":"(ruby) Dokkufy","text":"Dokkufy is a rubygem that handles automation of certain tasks, such as Dokku setup, plugin installation, etc. You can install it via the following shell command (assuming you have ruby and rubygems installed):
gem install dokkufy\n
See documentation here for more information.
"},{"location":"community/clients/#ruby-dockland","title":"(ruby) Dockland","text":"Dockland is a rubygem that acts as a client for your Dokku installation. You can install it via the following shell command (assuming you have ruby and rubygems installed):
gem install dockland\n
See documentation here for more information.
"},{"location":"community/plugins/","title":"Plugins","text":"Dokku itself is built out of plugins and uses plugn for its plugin system. In essence a plugin is a collection of scripts that will be run based on naming convention.
Let's take a quick look at the current Dokku nginx plugin that's shipped with Dokku by default.
nginx-vhosts/\n\u251c\u2500\u2500 plugin.toml # plugin metadata\n\u251c\u2500\u2500 commands # contains additional commands\n\u251c\u2500\u2500 install # runs on Dokku installation\n\u2514\u2500\u2500 post-deploy # runs after an app is deployed\n
"},{"location":"community/plugins/#installing-a-plugin","title":"Installing a plugin","text":"See the plugin management documentation.
"},{"location":"community/plugins/#creating-your-own-plugin","title":"Creating your own plugin","text":"See the full documentation.
"},{"location":"community/plugins/#official-plugins","title":"Official Plugins","text":"The following plugins are available and provided by Dokku maintainers. Please file issues against their respective issue trackers.
Plugin Author Compatibility Clickhouse dokku 0.4.0+ Copy Files to Image dokku 0.4.0+ CouchDB dokku 0.4.0+ Cron Restart dokku 0.30.0+ Elasticsearch dokku 0.4.0+ Grafana/Graphite/Statsd dokku 0.4.0+ HTTP Auth dokku 0.4.0+ Let's Encrypt dokku 0.4.0+ Maintenance mode dokku 0.4.0+ MariaDB dokku 0.4.0+ Meilisearch dokku 0.4.0+ Memcached dokku 0.4.0+ Mongo dokku 0.4.0+ MySQL dokku 0.4.0+ Nats dokku 0.4.0+ Omnisci dokku 0.4.0+ Postgres dokku 0.4.0+ Pushpin dokku 0.4.0+ RabbitMQ dokku 0.4.0+ Redirect dokku 0.4.0+ Redis dokku 0.4.0+ Registry dokku 0.12.0+ RethinkDB dokku 0.4.0+ Scheduler Kubernetes dokku 0.4.0+ Scheduler Nomad dokku 0.4.0+ Solr dokku 0.4.0+ SSH Hostkeys dokku 0.4.0+ Typesense dokku 0.4.0+"},{"location":"community/plugins/#community-plugins","title":"Community plugins","text":"Warning
The following plugins have been supplied by our community and may not have been tested by Dokku maintainers.
"},{"location":"community/plugins/#datastores","title":"Datastores","text":""},{"location":"community/plugins/#relational","title":"Relational","text":"Plugin Author Compatibility MariaDB kloadut 0.3.x MariaDB (single container) ohardy 0.3.x MariaDB (single container) krisrang 0.3.26+ PostgreSQL jlachowski 0.3.x PostgreSQL (single container) ohardy 0.3.x PostgreSQL (single container) flink 0.3.26+ Edgedb ignisda 0.27.0+"},{"location":"community/plugins/#newsql","title":"NewSQL","text":"Plugin Author Compatibility Surrealdb ignisda 0.27.0+"},{"location":"community/plugins/#caching","title":"Caching","text":"Plugin Author Compatibility Nginx Cache aluxian 0.5.0+ Redis (single container) ohardy 0.3.x Varnish zenedith Varnish cache between nginx and application with base configuration"},{"location":"community/plugins/#queuing","title":"Queuing","text":"Plugin Author Compatibility RabbitMQ jlachowski 0.3.x RabbitMQ (single container) jlachowski 0.3.x ElasticMQ (SQS compatible) cu12 0.5.0+ VerneMQ (MQTT Broker) mrname 0.4.0+"},{"location":"community/plugins/#other","title":"Other","text":"Plugin Author Compatibility etcd basgys 0.4.x FakeSNS cu12 0.5.0+ InfluxDB basgys 0.4.x RethinkDB stuartpb 0.3.x Headless Chrome lazyatom 0.8.1+"},{"location":"community/plugins/#plugins-implementing-new-dokku-functionality","title":"Plugins Implementing New Dokku Functionality","text":"Plugin Author Compatibility App name as env cjblomqvist 0.3.x APT dokku-community 0.18.x+ Auto Sync1 fomojola 0.8.1+ Deploy Webhook2 fomojola 0.8.1+ Docker auto persist volumes flink 0.4.0+ Docker Direct josegonzalez 0.4.0+ Dokku Clone crisward 0.4.0+ Dokku Copy App Config Files josegonzalez 0.4.0+ Dokku Require3 crisward 0.4.0+ Global Certificates josegonzalez 0.5.0+ Graduate (Environment Management) benjamin-dobell 0.4.0+ Host post-build command hook baikunz 0.4.0+ Host pre-build command hook fteychene 0.4.0+ Hostname michaelshobbs 0.4.0+ Hostname michaelshobbs 0.4.0+ HTTP Auth Secure Apps matto1990 0.4.0+ Image Size Limit Tashows Litestream4 AxelTheGerman 0.27.0+ Monit (Health Checks) mbreit 0.8.0+ Monit cjblomqvist 0.3.x Multicast DNS (mDNS) calyhre 0.33.0+ Nuke Containers josegonzalez 0.4.0+ Proctype Filter michaelshobbs 0.4.0+ robots.txt candlewaster 0.4.x Tor michaelshobbs 0.4.0+ UFW josegonzalez 0.3.x User Access mainto 0.4.0+ User ACL maciej \u0142ebkowski 0.4.0+1 Adds the ability to sync an application repo with a remote GitHub repo (useful for automated rebuilds without needing a git push from an external system
2 Adds the ability to invoke a post-deploy webhook with the IP, port and app name, all with a single config:set).
3 Extends app.json support to include creating volumes and creating / linking databases on push
4 Adds SQLite replication to external object storage via Litestream
"},{"location":"community/plugins/#other-plugins","title":"Other Plugins","text":"Plugin Author Compatibility Chef cookbook nickcharlton Discourse badsyntax 0.21.4+ Tailscale andrew-womeldorf 0.34.4+ Wordpress dokku-community 0.4.0+"},{"location":"community/plugins/#deprecated-plugins","title":"Deprecated Plugins","text":"The following plugins have been removed as their functionality is now in Dokku Core.
Plugin Author In Dokku Since Airbrake deploy flink v0.5.0 (deployment tasks) App User michaelshobbs v0.7.1 (herokuish 0.3.18) Bower/Grunt thrashr888 v0.5.0 (deployment tasks and .buildpacks) Bower/Gulp gdi2290 v0.5.0 (deployment tasks and .buildpacks) Bower install alexanderbeletsky v0.5.0 (deployment tasks and .buildpacks) Bower/Gulp jagandecapri v0.5.0 (deployment tasks and .buildpacks) Builders: bower, compass, gulp, grunt ignlg v0.5.0 (deployment tasks and .buildpacks) Custom Domains neam v0.3.10 (domains plugin) Debug josegonzalez v0.3.9 (trace command) Dockerfile custom path mimischi v0.25.0 (monorepo support) Docker Options dyson v0.3.17 (docker-options plugin) Dokku Name alex-sherwin v0.4.2 (named containers plugin) Events Logger alessio v0.3.21 (events plugin) Fonts ollej v0.5.0 (deployment tasks) git rev-parse HEAD in env cjblomqvist v0.12.0 (enhanced core git plugin) Host Port binding stuartpb v0.3.17 (docker-options plugin) Link Containers rlaneve v0.3.17 (docker-options plugin) List Containers josegonzalez v0.3.14 (ps plugin) Logspout michaelshobbs v0.22.6 (vector log shipping) Long Timeout investtools v0.21.0 (proxy-read-timeout nginx setting) Monorepo iamale v0.25.0 (monorepo builder support) Multi-Buildpack pauldub v0.4.0 (herokuish) Multiple Domains1 wmluke v0.3.10 (domains plugin) Multi Dockerfile artofrawr v0.25.0 (monorepo support) Named-containers flink v0.4.2 (named-containers plugin) Nginx Trust Proxy kingsquare v0.23.0 (nginx x-forwarded-* properties) Node ademuk v0.5.0 (deployment tasks and .buildpacks) Node pnegahdar v0.5.0 (deployment tasks and .buildpacks) Nginx-Alt mikexstudios v0.3.10 (domains plugin) Persistent Storage dyson v0.3.17 (docker-options plugin) Pre-Deploy Tasks michaelshobbs v0.5.0 (deployment tasks) PrimeCache darkpixel v0.3.0 (zero downtime deploys) Rollbar iloveitaly v0.5.0 (deployment tasks) Syslog michaelshobbs v0.22.6 (vector log shipping) Haproxy tcp load balancer 256dpi v0.28.0 (haproxt plugin) Process Manager: Circus apmorton v0.3.14/0.7.0 (ps/restart policy plugin) Process Manager: Forego flink v0.3.14/0.7.0 (ps plugin) Process Manager: Forego iskandar v0.3.14/0.7.0 (ps plugin) Process Manager: Logging Supervisord sehrope v0.3.14/0.7.0 (ps plugin) Process Manager: Shoreman statianzo v0.3.14/0.7.0 (ps plugin) Process Manager: Supervisord statianzo v0.3.14/0.7.0 (ps plugin) Rebuild application scottatron v0.3.14 (ps plugin) Reset mtime mixxorz Docker 1.8+ SSH Deployment Keys dokku v0.33.0 (git plugin) Supply env vars to buildpacks2 cameron-martin v0.3.9 (build-env plugin) Slack Notifications ribot v0.5.0 (deployment tasks) Telegram Notifications m0rth1um v0.5.0 (deployment tasks) user-env-compile2 motin v0.3.9 (build-env plugin) user-env-compile2 musicglue v0.3.9 (build-env plugin) Volume (persistent storage) ohardy v0.5.0 (storage plugin) Webhooks nickstenning v0.5.0 (deployment tasks) Wkhtmltopdf mbriskar v0.5.0 (deployment tasks)1 Conflicts with VHOSTS Custom Configuration 2 Similar to the heroku-labs feature
"},{"location":"community/plugins/#unmaintained-plugins","title":"Unmaintained Plugins","text":"The following plugins are no longer maintained by their developers.
Plugin Author Compatibility app-url mikecsh Works with 0.2.0 Chef cookbooks fgrehm CouchDB (multi containers) flink 0.4.0+ CouchDB raceHub Compatible with 0.2.0 Dokku Copy App Config Files alexkruegger Compatible with 0.3.17+ Dokku Registry agco-adm 0.4.0+ Elasticsearch robv Not compatible with >= 0.3.0 (still uses /home/git) Elasticsearch1 blag Compatible with 0.2.0 Graphite/statsd jlachowski < 0.4.0 HipChat Notifications cef Memcached flink 0.4.0+ MongoDB (single container) jeffutter MySQL hughfletcher Neo4j aomitayo PostGIS fermuch PostgreSQL (single container) jeffutter This plugin creates a single postgresql container that all your apps can use. Thus only one instance of postgresql running (good for servers without a ton of memory). Redis luxifer Redis sekjun9878 0.3.26+ RiakCS (single container) jeffutter Incompatible with 0.2.01 Forked from jezdez/dokku-elasticsearch-plugin: uses Elasticsearch 1.2 (instead of 0.90), doesn't depend on dokku-link, runs as elasticsearch user instead of root, and turns off multicast autodiscovery for use in a VPS environment.
"},{"location":"configuration/domains/","title":"Domain Configuration","text":"New
Introduced in 0.3.10
domains:add <app> <domain> [<domain> ...] # Add domains to app\ndomains:add-global <domain> [<domain> ...] # Add global domain names\ndomains:clear <app> # Clear all domains for app\ndomains:clear-global # Clear global domain names\ndomains:disable <app> # Disable VHOST support\ndomains:enable <app> # Enable VHOST support\ndomains:remove <app> <domain> [<domain> ...] # Remove domains from app\ndomains:remove-global <domain> [<domain> ...] # Remove global domain names\ndomains:report [<app>|--global] [<flag>] # Displays a domains report for one or more apps\ndomains:set <app> <domain> [<domain> ...] # Set domains for app\ndomains:set-global <domain> [<domain> ...] # Set global domain names\n
Info
Adding a domain before deploying an application will result in port mappings being set. This may cause issues for applications that use non-standard ports, as those will not be automatically detected. Please refer to the proxy documentation for information as to how to reconfigure the mappings.
"},{"location":"configuration/domains/#customizing-hostnames","title":"Customizing hostnames","text":"Applications typically have the following structure for their hostname:
scheme://subdomain.domain.tld\n
The subdomain
is inferred from the pushed application name, while the domain.tld
is set during initial dokku configuration. It can then be modified with dokku domains:add-global
and dokku domains:remove-global
. This value is used as a default TLD for all applications on a host.
If an FQDN such as dokku.org
is used as the application name, the global virtualhost will be ignored and the resulting vhost URL for that application will be dokku.org
.
You can optionally override this in a plugin by implementing the nginx-hostname
plugin trigger. If the nginx-hostname
plugin has no output, the normal hostname algorithm will be executed. See the plugin trigger documentation for more information.
If desired, it is possible to disable vhosts with the domains plugin.
dokku domains:disable node-js-app\n
On subsequent deploys, the nginx virtualhost will be discarded. This is useful when deploying internal-facing services that should not be publicly routeable. As of 0.4.0, nginx will still be configured to proxy your app on some random high port. This allows internal services to maintain the same port between deployments. You may change this port by setting DOKKU_PROXY_PORT
and/or DOKKU_PROXY_SSL_PORT
(for services configured to use SSL.)
The domains plugin allows you to specify custom domains for applications. This plugin is aware of any ssl certificates that are imported via certs:add
. Be aware that disabling domains (with domains:disable
) will override any custom domains.
# where `node-js-app` is the name of your app\n\n# add a domain to an app\ndokku domains:add node-js-app dokku.me\n\n# list custom domains for app\ndokku domains:report node-js-app\n\n# clear all custom domains for app\ndokku domains:clear node-js-app\n\n# remove a custom domain from app\ndokku domains:remove node-js-app dokku.me\n\n# set all custom domains for app\ndokku domains:set node-js-app dokku.me dokku.org\n
"},{"location":"configuration/domains/#displaying-domains-reports-for-an-app","title":"Displaying domains reports for an app","text":"New
Introduced in 0.8.1
You can get a report about the app's domains status using the domains:report
command:
dokku domains:report\n
=====> node-js-app domains information\n Domains app enabled: true\n Domains app vhosts: node-js-app.dokku.org\n Domains global enabled: true\n Domains global vhosts: dokku.org\n=====> python-app domains information\n Domains app enabled: true\n Domains app vhosts: python-app.dokku.org\n Domains global enabled: true\n Domains global vhosts: dokku.org\n=====> ruby-app domains information\n Domains app enabled: true\n Domains app vhosts: ruby-app.dokku.org\n Domains global enabled: true\n Domains global vhosts: dokku.org\n
You can run the command for a specific app also.
ShellOutputdokku domains:report node-js-app\n
=====> node-js-app domains information\n Domains app enabled: true\n Domains app vhosts: node-js-app.dokku.org\n Domains global enabled: true\n Domains global vhosts: dokku.org\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku domains:report node-js-app --domains-app-enabled\n
"},{"location":"configuration/domains/#default-site","title":"Default site","text":"This is specific to your proxy plugin of choice. See the nginx documentation for more information on how to configure this for the default nginx proxy implementation.
"},{"location":"configuration/environment-variables/","title":"Environment Variables","text":"Typically an application will require some configuration to run properly. Dokku supports application configuration via environment variables. Environment variables may contain private data, such as passwords or API keys, so it is not recommended to store them in your application's repository.
The config
plugin provides the following commands to manage your variables:
config:show (<app>|--global) Pretty-print an app or global environment\nconfig:bundle (<app>|--global) [--merged] Bundle environment into tarfile\nconfig:clear (<app>|--global) Clears environment variables\nconfig:export (<app>|--global) [--envfile] Export a global or app environment\nconfig:get (<app>|--global) KEY Display a global or app-specific config value\nconfig:keys (<app>|--global) [--merged] Show keys set in environment\nconfig:set [--encoded] [--no-restart] (<app>|--global) KEY1=VALUE1 [KEY2=VALUE2 ...] Set one or more config vars\nconfig:unset [--no-restart] (<app>|--global) KEY1 [KEY2 ...] Unset one or more config vars\n
Info
For security reasons - and as per docker recommendations - Dockerfile-based deploys have variables available only during runtime, as noted in this issue. Consider using build arguments to expose variables during build-time for Dockerfile apps.
Environment variables are available both at run time and during the application build/compilation step for buildpack-based deploys.
For buildpack deploys, Dokku will create a /app/.env
file that can be used for legacy buildpacks. Note that this is not updated when config:set
or config:unset
is called, and is only written during a deploy
or ps:rebuild
. Developers are encouraged to instead read from the application environment directly, as the proper values will be available then.
Note
Global ENV
files are sourced before app-specific ENV
files. This means that app-specific variables will take precedence over global variables. Configuring your global ENV
file is manual, and should be considered potentially dangerous as configuration applies to all applications.
You can set multiple environment variables at once:
dokku config:set node-js-app ENV=prod COMPILE_ASSETS=1\n
Whitespace and special characters get tricky. If you are using dokku locally you don't need to do any special escaping. If you are using dokku over ssh you will need to backslash-escape spaces:
dokku config:set node-js-app KEY=\"VAL\\ WITH\\ SPACES\"\n
Dokku can also read base64 encoded values. That's the easiest way to set a value with newlines or spaces. To set a value with newlines you need to base64 encode it first and pass the --encoded
flag:
dokku config:set --encoded node-js-app KEY=\"$(base64 ~/.ssh/id_rsa)\"\n
When setting or unsetting environment variables, you may wish to avoid an application restart. This is useful when developing plugins or when setting multiple environment variables in a scripted manner. To do so, use the --no-restart
flag:
dokku config:set --no-restart node-js-app ENV=prod\n
If you wish to have the variables output in an eval
-compatible form, you can use the config:export
command
dokku config:export node-js-app\n# outputs variables in the form:\n#\n# export ENV='prod'\n# export COMPILE_ASSETS='1'\n\n# source in all the node-js-app app environment variables\neval $(dokku config:export node-js-app)\n
You can control the format of the exported variables with the --format
flag. --format=shell
will output the variables in a single-line for usage in command-line utilities:
dokku config:export --format shell node-js-app\n\n# outputs variables in the form:\n#\n# ENV='prod' COMPILE_ASSETS='1'\n
"},{"location":"configuration/environment-variables/#special-config-variables","title":"Special Config Variables","text":"The following config variables have special meanings and can be set in a variety of ways. Unless specified via global app config, the values may not be passed into applications. Usage of these values within applications should be considered unsafe, as they are an internal configuration values that may be moved to the internal properties system in the future.
Warning
This list is not exhaustive, and may vary from version to version.
Name Default How to modify DescriptionDOKKU_ROOT
~dokku
/etc/environment
The root directory where dokku will store application repositories, as well as certain configuration files. DOKKU_IMAGE
gliderlabs/herokuish
/etc/environment
~dokku/.dokkurc
~dokku/.dokkurc/*
The default image to use when building herokuish containers. Deprecated in favor of using buildpacks:set-property
DOKKU_LIB_ROOT
/var/lib/dokku
/etc/environment
~dokku/.dokkurc
~dokku/.dokkurc/*
The directory where plugins, certain data, and general configuration is stored. PLUGIN_PATH
$DOKKU_LIB_ROOT/plugins\"
/etc/environment
~dokku/.dokkurc
~dokku/.dokkurc/*
The top-level directory where plugins are stored. PLUGIN_AVAILABLE_PATH
$PLUGIN_PATH/available\"
/etc/environment
~dokku/.dokkurc
~dokku/.dokkurc/*
The directory that holds all available plugins, including core. PLUGIN_ENABLED_PATH
$PLUGIN_PATH/enabled\"
/etc/environment
~dokku/.dokkurc
~dokku/.dokkurc/*
The directory that holds all enabled plugins, including core. PLUGIN_CORE_PATH
$DOKKU_LIB_ROOT/core-plugins\"
/etc/environment
~dokku/.dokkurc
~dokku/.dokkurc/*
The directory that stores all core plugins. PLUGIN_CORE_AVAILABLE_PATH
$PLUGIN_CORE_PATH/available\"
/etc/environment
~dokku/.dokkurc
~dokku/.dokkurc/*
The directory that stores all available core plugins. PLUGIN_CORE_ENABLED_PATH
$PLUGIN_CORE_PATH/enabled\"
/etc/environment
~dokku/.dokkurc
~dokku/.dokkurc/*
The directory that stores all enabled core plugins. DOKKU_LOGS_DIR
/var/log/dokku
/etc/environment
~dokku/.dokkurc
~dokku/.dokkurc/*
Where dokku logs should be written to. DOKKU_LOGS_HOST_DIR
$DOKKU_LOGS_DIR
/etc/environment
~dokku/.dokkurc
~dokku/.dokkurc/*
A path on the host that will be mounted into the vector logging container. DOKKU_EVENTS_LOGFILE
$DOKKU_LOGS_DIR/events.log
/etc/environment
~dokku/.dokkurc
~dokku/.dokkurc/*
Where the events log file is written to. DOKKU_APP_NAME
none --app APP
flag Name of application to work on. Respected by core plugins. DOKKU_APPS_FORCE_DELETE
none --force
flag Whether to force delete an application. Also used by other plugins for destructive actions. DOKKU_CHECKS_URL
https://dokku.com/docs/deployment/zero-downtime-deploys/
/etc/environment
~dokku/.dokkurc
~dokku/.dokkurc/*
Url displayed during deployment when no CHECKS file exists. DOKKU_QUIET_OUTPUT
none --quiet
flag Silences certain header output for dokku
commands. DOKKU_RM_CONTAINER
none dokku config:set
Deprecated: Whether to keep dokku run
containers around or not. DOKKU_TRACE
none dokku trace:on
dokku trace:off
--trace
flag Turn on very verbose debugging. DOKKU_APP_PROXY_TYPE
nginx
dokku proxy:set
DOKKU_APP_RESTORE
1
dokku config:set
dokku ps:stop
DOKKU_APP_SHELL
/bin/bash
dokku config:set
Allows users to change the default shell used by Dokku for dokku enter
and execution of deployment tasks. DOKKU_APP_TYPE
herokuish
Auto-detected by using buildpacks or dockerfile DOKKU_CHECKS_DISABLED
none dokku checks:disable
DOKKU_CHECKS_ENABLED
none dokku checks:enable
DOKKU_CHECKS_SKIPPED
none dokku checks:skip
DOKKU_CHECKS_WAIT
5
dokku config:set
Wait this many seconds for the container to start before running checks. DOKKU_CHECKS_TIMEOUT
30
dokku config:set
Wait this many seconds for each response before marking it as a failure. DOKKU_CHECKS_ATTEMPTS
5
dokku config:set
Number of retries for to run for a specific check before marking it as a failure DOKKU_DEFAULT_CHECKS_WAIT
10
dokku config:set
If no user-defined checks are specified - or if the process being checked is not a web
process - this is the period of time Dokku will wait before checking that a container is still running. DOKKU_DISABLE_PROXY
none dokku proxy:disable
dokku proxy:enable
Disables the proxy in front of your application, resulting in publicly routing the docker container. DOKKU_DISABLE_ANSI_PREFIX_REMOVAL
none dokku config:set
/etc/environment
~dokku/.dokkurc
~dokku/.dokkurc/*
Disables removal of the ANSI prefix during deploys. Can be used in cases where the client deployer does not understand ansi escape codes. DOKKU_DISABLE_APP_AUTOCREATION
none dokku config:set
Disables automatic creation of a non-existent app on deploy. DOKKU_DOCKER_STOP_TIMEOUT
10
dokku config:set
Configurable grace period given to the docker stop
command. If a container has not stopped by this time, a kill -9
signal or equivalent is sent in order to force-terminate the container. Both the ps:stop
and apps:destroy
commands also respect this value. If not specified, the docker defaults for the docker stop command will be used. DOKKU_DOCKERFILE_CACHE_BUILD
none dokku config:set
DOKKU_DOCKERFILE_START_CMD
none dokku config:set
DOKKU_PARALLEL_ARGUMENTS
. none dokku config:set
Allows passing custom arguments to parallel for ps:*all
commands DOKKU_PROXY_PORT
automatically assigned /etc/environment
~dokku/.dokkurc
~dokku/.dokkurc/*
dokku config:set
DOKKU_PROXY_SSL_PORT
automatically assigned /etc/environment
~dokku/.dokkurc
~dokku/.dokkurc/*
dokku config:set
DOKKU_SKIP_ALL_CHECKS
none dokku config:set
DOKKU_SKIP_CLEANUP
/etc/environment
~dokku/.dokkurc
~dokku/.dokkurc/*
When a deploy is triggered, if this is set to a non-empty value, then old docker containers and images will not be removed. DOKKU_SKIP_DEFAULT_CHECKS
dokku config:set
DOKKU_SKIP_DEPLOY
dokku config:set
DOKKU_START_CMD
none dokku config:set
Command to run instead of /start $PROC_TYPE
DOKKU_SYSTEM_GROUP
dokku
/etc/environment
~dokku/.dokkurc
~dokku/.dokkurc/*
System group to chown files as. DOKKU_SYSTEM_USER
dokku
/etc/environment
~dokku/.dokkurc
~dokku/.dokkurc/*
System user to chown files as."},{"location":"configuration/ssl/","title":"SSL Configuration","text":"New
Introduced in 0.4.0
Dokku supports SSL/TLS certificate inspection and CSR/Self-signed certificate generation via the certs
plugin. Note that whenever SSL/TLS support is enabled SPDY is also enabled.
certs:add <app> CRT KEY # Add an ssl endpoint to an app. Can also import from a tarball on stdin.\ncerts:generate <app> DOMAIN # Generate a key and certificate signing request (and self-signed certificate)\ncerts:remove <app> # Remove an SSL Endpoint from an app.\ncerts:report [<app>] [<flag>] # Displays an ssl report for one or more apps\ncerts:show <app> <crt|key> # Show the server.crt or server.key on stdout\ncerts:update <app> CRT KEY # Update an SSL Endpoint on an app. Can also import from a tarball on stdin\n
# for 0.3.x\ndokku nginx:import-ssl <app> < certs.tar\n
Info
Adding an ssl certificate before deploying an application will result in port mappings being updated. This may cause issues for applications that use non-standard ports, as those may not be automatically detected. Please refer to the proxy documentation for information as to how to reconfigure the mappings.
"},{"location":"configuration/ssl/#per-application-certificate-management","title":"Per-application certificate management","text":"Dokku provides built-in support for managing SSL certificates on a per-application basis. SSL is managed via nginx outside of application containers, and as such can be updated on-the-fly without rebuilding containers. At this time, applications only support a single SSL certificate at a time. To support multiple domains for a single application, wildcard certificate usage is encouraged.
"},{"location":"configuration/ssl/#certificate-setting","title":"Certificate setting","text":"The certs:add
command can be used to push a tar
containing a certificate .crt
and .key
file to a single application. The command should correctly handle cases where the .crt
and .key
are not named properly or are nested in a subdirectory of said tar
file. You can import it as follows:
tar cvf cert-key.tar server.crt server.key\ndokku certs:add node-js-app < cert-key.tar\n
Note
If your .crt
file came alongside a .ca-bundle
, you'll want to concatenate those into a single .crt
file before adding it to the .tar
.
cat yourdomain_com.crt yourdomain_com.ca-bundle > server.crt\n
"},{"location":"configuration/ssl/#ssl-and-multiple-domains","title":"SSL and Multiple Domains","text":"When an SSL certificate is associated to an application, the certificate will be associated with all domains currently associated with said application. Your certificate should be associated with all of those domains, otherwise accessing the application will result in SSL errors. If you wish to remove one of the domains from the application, refer to the domain configuration documentation.
Note that with the default nginx template, requests will be redirected to the https
version of the domain. If this is not the desired state of request resolution, you may customize the nginx template in use. For more details, see the nginx documentation.
Note
Using this method will create a self-signed certificate, which is only recommended for development or staging use, not production environments.
The certs:generate
command will walk you through the correct openssl
commands to create a key, csr and a self-signed cert for a given app/domain. We automatically put the self-signed cert in place as well as add the specified domain to the application configuration.
If you decide to obtain a CA signed certificate, you can import that certificate using the aforementioned dokku certs:add
command.
The certs:remove
command only works on app-specific certificates. It will rm
the app-specific tls directory, rebuild the nginx configuration, and reload nginx.
The certs:show
command can be used to show your configured certs for an app. The show command can be used for example to export Let's Encrypt certificates after they've been generated. You can export it as follows:
dokku certs:show node-js-app crt > server.crt\ndokku certs:show node-js-app key > server.key\n
"},{"location":"configuration/ssl/#displaying-certificate-reports-for-an-app","title":"Displaying certificate reports for an app","text":"New
Introduced in 0.8.1
You can get a report about the apps ssl status using the certs:report
command:
dokku certs:report\n
=====> node-js-app\n Ssl dir: /home/dokku/node-js-app/tls\n Ssl enabled: true\n Ssl hostnames: *.node-js-app.org node-js-app.org\n Ssl expires at: Oct 5 23:59:59 2019 GMT\n Ssl issuer: C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Domain Validation Secure Server CA\n Ssl starts at: Oct 5 00:00:00 2016 GMT\n Ssl subject: OU=Domain Control Validated; OU=PositiveSSL Wildcard; CN=*.node-js-app.org\n Ssl verified: self signed.\n=====> python-app\n Ssl dir: /home/dokku/python-app/tls\n Ssl enabled: false\n Ssl hostnames:\n Ssl expires at:\n Ssl issuer:\n Ssl starts at:\n Ssl subject:\n Ssl verified:\n
You can run the command for a specific app also.
ShellOutputdokku certs:report node-js-app\n
=====> node-js-app ssl information\n Ssl dir: /home/dokku/node-js-app/tls\n Ssl enabled: true\n Ssl hostnames: *.dokku.org dokku.org\n Ssl expires at: Oct 5 23:59:59 2019 GMT\n Ssl issuer: C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Domain Validation Secure Server CA\n Ssl starts at: Oct 5 00:00:00 2016 GMT\n Ssl subject: OU=Domain Control Validated; OU=PositiveSSL Wildcard; CN=*.dokku.org\n Ssl verified: self signed.\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku certs:report node-js-app --ssl-enabled\n
"},{"location":"configuration/ssl/#hsts-header","title":"HSTS Header","text":"The HSTS header is an HTTP header that can inform browsers that all requests to a given site should be made via HTTPS. Dokku enables this header by default for HTTPS requests.
See the NGINX HSTS documentation for more information on how the HSTS configuration can be managed for your application.
"},{"location":"configuration/ssl/#http2-support","title":"HTTP/2 support","text":"Certain versions of nginx have bugs that prevent HTTP/2 from properly responding to all clients, thus causing applications to be unavailable. For HTTP/2 to be enabled in your applications' nginx configs, you need to have installed nginx 1.11.5 or higher. See issue 2435 for more details.
"},{"location":"configuration/ssl/#ssl-port-exposure","title":"SSL Port Exposure","text":"When your app is served from port 80
then the /home/dokku/APP/nginx.conf
file will automatically be updated to instruct nginx to respond to ssl on port 443 as a new cert is added. If your app uses a non-standard port (perhaps you have a dockerfile deploy exposing port 99999
) you may need to manually expose an ssl port via dokku ports:add <APP> https:443:99999
.
X-Forwarded-Ssl
, etc.)","text":"See the running behind another proxy documentation for more information on how to configure your Nginx config when your server is running behind a proxy (e.g. load balancer, etc.).
"},{"location":"deployment/application-deployment/","title":"Deploying an Application","text":"Note
This walkthrough uses the hostname dokku.me
in commands. When deploying to your own server, you should substitute the domain dokku.me
for the domain name or IP address associated with your server. Users of the Vagrant VM included with Dokku can use dokku.me
which points to the IP of the VM.
Once you have configured Dokku with at least one user, you can deploy applications using git push
. To quickly see Dokku deployment in action, try using the Heroku Ruby on Rails \"Getting Started\" app.
# from your local machine\ngit clone https://github.com/heroku/ruby-getting-started\n
"},{"location":"deployment/application-deployment/#create-the-app","title":"Create the app","text":"SSH into the Dokku host and create the application as follows:
# on the Dokku host\ndokku apps:create ruby-getting-started\n
"},{"location":"deployment/application-deployment/#create-the-backing-services","title":"Create the backing services","text":"Dokku by default does not provide datastores (e.g. MySQL, PostgreSQL) on a newly created app. You can add datastore support by installing plugins, and the Dokku project provides official plugins for common datastores.
The Getting Started app requires a PostgreSQL service, so install the plugin and create the related service as follows:
# on the Dokku host\n# install the postgres plugin\n# plugin installation requires root, hence the user change\nsudo dokku plugin:install https://github.com/dokku/dokku-postgres.git\n\n# create a postgres service with the name railsdatabase\ndokku postgres:create railsdatabase\n
Each service may take a few moments to create.
"},{"location":"deployment/application-deployment/#linking-backing-services-to-applications","title":"Linking backing services to applications","text":"Once the services have been created, you then set the DATABASE_URL
environment variable by linking the service, as follows:
# on the Dokku host\n# each official datastore offers a `link` method to link a service to any application\ndokku postgres:link railsdatabase ruby-getting-started\n
Dokku supports linking a single service to multiple applications as well as linking only one service per application.
"},{"location":"deployment/application-deployment/#deploy-the-app","title":"Deploy the app","text":"Warning
Your app should respect the PORT
environment variable, otherwise it may not respond to web requests. You can find more information in the port management documentation.**
Now you can deploy the ruby-getting-started
app to your Dokku server. All you have to do is add a remote to name the app. Applications are created on-the-fly on the Dokku server.
# from your local machine\n# the remote username *must* be dokku or pushes will fail\ncd ruby-getting-started\ngit remote add dokku dokku@dokku.me:ruby-getting-started\ngit push dokku main\n
Note
Some tools may not support the short-upstream syntax referenced above, and you may need to prefix the upstream with the scheme ssh://
like so: ssh://dokku@dokku.me:ruby-getting-started
Please see the Git documentation for more details.
Note
Your private key should be registered with ssh-agent
in your local development environment. If you get a permission denied
error when pushing, you can register your private key as follows: ssh-add -k ~/<your private key>
.
After running git push dokku main
, you should have output similar to this in your terminal:
Counting objects: 231, done.\nDelta compression using up to 8 threads.\nCompressing objects: 100% (162/162), done.\nWriting objects: 100% (231/231), 36.96 KiB | 0 bytes/s, done.\nTotal 231 (delta 93), reused 147 (delta 53)\n-----> Cleaning up...\n-----> Building ruby-getting-started from herokuish...\n-----> Adding BUILD_ENV to build environment...\n-----> Ruby app detected\n-----> Compiling Ruby/Rails\n-----> Using Ruby version: ruby-2.2.1\n-----> Installing dependencies using 1.9.7\n Running: bundle install --without development:test --path vendor/bundle --binstubs vendor/bundle/bin -j4 --deployment\n Fetching gem metadata from https://rubygems.org/...........\n Fetching version metadata from https://rubygems.org/...\n Fetching dependency metadata from https://rubygems.org/..\n Using rake 10.4.2\n\n...\n\n=====> Application deployed:\n http://ruby-getting-started.dokku.me\n
Once the deploy is complete, the application's web URL will be generated as above.
Dokku supports deploying applications in a few ways:
Info
While SSL certificates can be imported, automated SSL via Letsencrypt requires that all domains on an app correctly point at your server's public ip address. Please keep this in mind when using Letsencrypt.
For many users, responding to requests via https
will be desirable. Dokku has a complete ssl plugin built in that can be used to import SSL certificates (below is a short example, please refer to the ssl documentation for more information):
dokku certs:add ruby-getting-started server.crt server.key\n
As an alternative, the Dokku project offers an optional letsencrypt plugin that can be used to automate SSL certificate retrieval and renewal.
# on the Dokku host\n# install the letsencrypt plugin\n# plugin installation requires root, hence the user change\nsudo dokku plugin:install https://github.com/dokku/dokku-letsencrypt.git\n\n# set global email for letsencrypt\ndokku letsencrypt:set --global email your-email@your.domain.com\n\n# set a custom domain that you own for your application\ndokku domains:set ruby-getting-started ruby-getting-started.your.domain.com\n\n# enable letsencrypt\ndokku letsencrypt:enable ruby-getting-started\n\n# enable auto-renewal\ndokku letsencrypt:cron-job --add\n
"},{"location":"deployment/application-deployment/#skipping-deployment","title":"Skipping deployment","text":"If you only want to rebuild and tag a container, you can skip the deployment phase by setting $DOKKU_SKIP_DEPLOY
to true
by running:
# on the Dokku host\ndokku config:set ruby-getting-started DOKKU_SKIP_DEPLOY=true\n
"},{"location":"deployment/application-deployment/#redeploying-or-restarting","title":"Redeploying or restarting","text":"If you need to redeploy or restart your app:
# on the Dokku host\ndokku ps:rebuild ruby-getting-started\n
See the process scaling documentation for more information on how to manage your app processes.
"},{"location":"deployment/application-deployment/#deploying-with-private-git-submodules","title":"Deploying with private Git submodules","text":"Dokku uses Git locally (i.e. not a Docker image) to build its own copy of your app repo, including submodules, as the dokku
user. This means that in order to deploy private Git submodules, you need to put your deploy key in /home/dokku/.ssh/
and potentially add github.com
(or your VCS host key) into /home/dokku/.ssh/known_hosts
. You can use the following test to confirm your setup is correct:
# on the Dokku host\nsu - dokku\nssh-keyscan -t rsa github.com >> ~/.ssh/known_hosts\nssh -T git@github.com\n
Warning
if the buildpack or Dockerfile build process require SSH key access for other reasons, the above may not always apply.
"},{"location":"deployment/application-deployment/#deploying-to-subdomains","title":"Deploying to subdomains","text":"If you do not enter a fully qualified domain name when pushing your app, Dokku deploys the app to <remotename>.yourdomain.tld
as follows:
# from your local machine\n# the remote username *must* be dokku or pushes will fail\n# the below example assumes your app server domain or IP is dokku.me. Push in the form of: dokku@{serveripordomain}:{dokkuappname}\ngit remote add dokku dokku@dokku.me:ruby-getting-started\ngit push dokku main\n
remote: -----> Application deployed:\nremote: http://ruby-getting-started.dokku.me\n
You can also specify the fully qualified name as follows:
ShellOutput# from your local machine\n# the remote username *must* be dokku or pushes will fail\ngit remote add dokku dokku@dokku.me:app.dokku.me\ngit push dokku main\n
remote: -----> Application deployed:\nremote: http://app.dokku.me\n
This is useful when you want to deploy to the root domain:
ShellOutput# from your local machine\n# the remote username *must* be dokku or pushes will fail\ngit remote add dokku dokku@dokku.me:dokku.me\ngit push dokku main\n
... deployment ...\n\nremote: -----> Application deployed:\nremote: http://dokku.me\n
"},{"location":"deployment/application-deployment/#dokkudocker-container-management-compatibility","title":"Dokku/Docker container management compatibility","text":"Dokku is, at its core, a Docker container manager. Thus, it does not necessarily play well with other out-of-band processes interacting with the Docker daemon.
Prior to every deployment, Dokku will execute a cleanup function. As of 0.5.x, the cleanup removes all containers with the dokku
label where the status is either dead
or exited
(previous versions would remove all dead
or exited
containers). The cleanup function also removes all images with dangling
status.
See the user management documentation for more information on how to manage users with access to your Dokku server.
"},{"location":"deployment/application-deployment/#default-vhost","title":"Default vhost","text":"See the domains documentation for more information on how to manage the default site.
"},{"location":"deployment/application-deployment/#deploying-non-master-branch","title":"Deploying non-master branch","text":"See the Git documentation for more information on deploying a non-master branch to your application.
"},{"location":"deployment/application-deployment/#dockerfile-deployment","title":"Dockerfile deployment","text":"See the Dockerfile documentation for information Dokku's Dockerfile support.
"},{"location":"deployment/application-deployment/#image-tagging","title":"Image tagging","text":"See the image tagging documentation for more information on how Docker images can be tagged and deployed for a given application.
"},{"location":"deployment/application-deployment/#specifying-a-custom-buildpack","title":"Specifying a custom buildpack","text":"See the herokuish buildpack documentation for more information on how to specify a set of custom buildpacks for your application.
"},{"location":"deployment/application-deployment/#removing-a-deployed-app","title":"Removing a deployed app","text":"See the application management documentation for more information on how to remove an application from your Dokku server.
"},{"location":"deployment/application-deployment/#renaming-a-deployed-app","title":"Renaming a deployed app","text":"See the application management documentation for more information on how an application can be renamed and the impact of doing so upon the application and associated resources.
"},{"location":"deployment/application-deployment/#zero-downtime-deploy","title":"Zero downtime deploy","text":"See the zero-downtime deploy documentation for more information on how Dokku enables zero-downtime deploys.
"},{"location":"deployment/application-management/","title":"Application Management","text":"New
Introduced in 0.3.1
apps:clone <old-app> <new-app> # Clones an app\napps:create <app> # Create a new app\napps:destroy <app> # Permanently destroy an app\napps:exists <app> # Checks if an app exists\napps:list # List your apps\napps:lock <app> # Locks an app for deployment\napps:locked <app> # Checks if an app is locked for deployment\napps:rename <old-app> <new-app> # Rename an app\napps:report [<app>] [<flag>] # Display report about an app\napps:unlock <app> # Unlocks an app for deployment\n
"},{"location":"deployment/application-management/#usage","title":"Usage","text":""},{"location":"deployment/application-management/#listing-applications","title":"Listing applications","text":"New
Introduced in 0.8.1. Use the apps
command for older versions.
You can easily list all available applications using the apps:list
command:
dokku apps:list\n
=====> My Apps\nnode-js-app\npython-app\n
Note that you can easily hide extra output from Dokku commands by using the --quiet
flag, which makes it easier to parse on the command line.
dokku --quiet apps:list\n
node-js-app\npython-app\n
"},{"location":"deployment/application-management/#checking-if-an-application-exists","title":"Checking if an application exists","text":"For CI/CD pipelines, it may be useful to see if an application exists before creating a \"review\" application for a specific branch. You can do so via the apps:exists
command:
dokku apps:exists node-js-app\n
App does not exist\n
The apps:exists
command will return non-zero if the application does not exist, and zero if it does.
A common pattern for deploying applications to Dokku is to configure an application before deploying it. You can do so via the apps:create
command:
dokku apps:create node-js-app\n
Creating node-js-app... done\n
Once created, you can configure the application as normal, and deploy the application whenever ready. This is useful for cases where you may wish to do any of the following kinds of tasks:
In some cases, you may need to destroy an application, whether it is because the application is temporary or because it was misconfigured. In these cases, you can use the apps:destroy
command. Performing any destructive actions in Dokku requires confirmation, and this command will ask for the name of the application being deleted before doing so.
dokku apps:destroy node-js-app\n
! WARNING: Potentially Destructive Action\n ! This command will destroy node-js-app (including all add-ons).\n ! To proceed, type \"node-js-app\"\n\nDestroying node-js-app (including all add-ons)\n
Info
node-js-app
This will prompt you to verify the application's name before destroying it. You may also use the --force
flag to circumvent this verification process:
dokku --force apps:destroy node-js-app\n
Destroying node-js-app (including all add-ons)\n
The --force
flag can also be specified on the command vs globally:
dokku apps:destroy --force node-js-app\n
Destroying node-js-app (including all add-ons)\n
Destroying an application will unlink all linked services and destroy any config related to the application. Note that linked services will retain their data for later use (or removal).
"},{"location":"deployment/application-management/#renaming-a-deployed-app","title":"Renaming a deployed app","text":"New
Introduced in 0.4.7
You can rename a deployed app using the apps:rename
command. Note that the application must have been deployed at least once, or the rename will not complete successfully:
dokku apps:rename node-js-app io-js-app\n
Destroying node-js-app (including all add-ons)\n-----> Cleaning up...\n-----> Building io-js-app from herokuish...\n-----> Adding BUILD_ENV to build environment...\n-----> Node.js app detected\n\n-----> Creating runtime environment\n\n...\n\n=====> Application deployed:\n http://io-js-app.ci.dokku.me\n\nRenaming node-js-app to io-js-app... done\n
This will copy all of your app's contents into a new app directory with the name of your choice, delete your old app, then rebuild the new version of the app and deploy it. All of your config variables, including database urls, will be preserved.
By default, Dokku will deploy the renamed app, though you can skip the deploy by using the --skip-deploy
flag:
dokku apps:rename --skip-deploy node-js-app io-js-app\n
Remember to also change your git remote on your local machine in order to make git push dokku main
work again. For this you can use git remote set-url
.
git remote set-url dokku dokku@dokku.me:io-js-app\n
"},{"location":"deployment/application-management/#cloning-an-existing-app","title":"Cloning an existing app","text":"New
Introduced in 0.11.5
You can clone an existing app using the apps:clone
command. Note that the application must have been deployed at least once, or cloning will not complete successfully:
dokku apps:clone node-js-app io-js-app\n
Cloning node-js-app to io-js-app... done\n
This will copy all of your app's contents into a new app directory with the name of your choice and then rebuild the new version of the app and deploy it with the following caveats:
https
and host-port 443
will be skipped.Warning
If you have exposed specific ports via docker-options
plugin, or performed anything that cannot be done against multiple applications, apps:clone
may result in errors.
By default, Dokku will deploy this new app, though you can skip the deploy by using the --skip-deploy
flag:
dokku apps:clone --skip-deploy node-js-app io-js-app\n
Finally, if the application already exists, you may wish to ignore errors resulting from attempting to clone over it. To do so, you can use the --ignore-existing
flag. A warning will be emitted, but the command will return 0
.
dokku apps:clone --ignore-existing node-js-app io-js-app\n
"},{"location":"deployment/application-management/#locking-app-deploys","title":"Locking app deploys","text":"New
Introduced in 0.11.6
If you wish to disable deploying for a period of time, this can be done via deploy locks. Normally, deploy locks exist only for the duration of a deploy so as to avoid deploys from colliding, but a deploy lock can be created by running the apps:lock
command.
dokku apps:lock node-js-app\n
-----> Deploy lock created\n
"},{"location":"deployment/application-management/#unlocking-app-deploys","title":"Unlocking app deploys","text":"New
Introduced in 0.11.6
In some cases, it may be necessary to remove an existing deploy lock. This can be performed via the apps:unlock
command.
Warning
Removing the deploy lock will not stop in progress deploys. At this time, in progress deploys will need to be manually terminated by someone with server access.
ShellOutputdokku apps:unlock node-js-app\n
! A deploy may be in progress.\n ! Removing the app lock will not stop in progress deploys.\n-----> Deploy lock removed.\n
"},{"location":"deployment/application-management/#checking-lock-status","title":"Checking lock status","text":"New
Introduced in 0.13.0
In some cases, you may wish to inspect the state of an app lock. To do so, you can issue an apps:lock
command. This will exit non-zero if there is no app lock in place.
dokku apps:locked node-js-app\n
Deploy lock does not exist\n
"},{"location":"deployment/application-management/#displaying-reports-for-an-app","title":"Displaying reports for an app","text":"New
Introduced in 0.8.1
You can get a report about the deployed apps using the apps:report
command:
dokku apps:report\n
=====> node-js-app app information\n App created at: 1635126111\n App dir: /home/dokku/node-js-app\n App deploy source: git\n App deploy source metadata: cd7b8afccb202f222e7dc7b427553e71ba5ddafd\n App locked: false\n=====> python-sample app information\n App created at: 1635126000\n App dir: /home/dokku/python-sample\n App deploy source:\n App deploy source metadata:\n App locked: false\n=====> ruby-sample app information\n App created at: 1635122462\n App dir: /home/dokku/ruby-sample\n App deploy source: git\n App deploy source metadata: c60921ea2799ca108276414b95ea197f16798d51\n App locked: false\n
You can run the command for a specific app also.
ShellOutputdokku apps:report node-js-app\n
=====> node-js-app app information\n App dir: /home/dokku/node-js-app\n App deploy source: git\n App deploy source metadata: cd7b8afccb202f222e7dc7b427553e71ba5ddafd\n App locked: false\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku apps:report node-js-app --app-dir\n
"},{"location":"deployment/logs/","title":"Log Management","text":"logs <app> [-h|--help] [-t|--tail] [-n|--num num] [-q|--quiet] [-p|--ps process] # Display recent log output\nlogs:failed --all|<app> # Shows the last failed deploy logs\nlogs:report [<app>] [<flag>] # Displays a logs report for one or more apps\nlogs:set [--global|<app>] <key> <value> # Set or clear a logs property for an app\nlogs:vector-logs [--num num] [--tail] # Display vector log output\nlogs:vector-start # Start the vector logging container\nlogs:vector-stop # Stop the vector logging container\n
"},{"location":"deployment/logs/#usage","title":"Usage","text":""},{"location":"deployment/logs/#application-logs","title":"Application logs","text":"You can easily get logs of an app using the logs
command:
dokku logs node-js-app\n
Logs are pulled via integration with the scheduler for the specified application via \"live tailing\". As such, logs from previously running deployments are usually not available. Users that desire to see logs from previous deployments for debugging purposes should persist those logs to external services. Please see Dokku's vector integration for more information on how to persist logs across deployments to ship logs to another service or a third-party platform.
"},{"location":"deployment/logs/#behavioral-modifiers","title":"Behavioral modifiers","text":"Dokku also supports certain command-line arguments that augment the log
command's behavior.
-n, --num NUM # the number of lines to display\n-p, --ps PS # only display logs from the given process\n-t, --tail # continually stream logs\n-q, --quiet # display raw logs without colors, time and names\n
You can use these modifiers as follows:
dokku logs node-js-app -t -p web\n
The above command will show logs continually from the web process.
"},{"location":"deployment/logs/#failed-deploy-logs","title":"Failed deploy logs","text":"Warning
The default docker-local scheduler will \"store\" these until the next deploy or until the old containers are garbage collected - whichever runs first. If you require the logs beyond this point in time, please ship the logs to a centralized log server.
In some cases, it may be useful to retrieve the logs from a previously failed deploy.
You can retrieve these logs by using the logs:failed
command.
dokku logs:failed node-js-app\n
You may also fetch all failed app logs by using the --all
flag.
dokku logs:failed --all\n
"},{"location":"deployment/logs/#docker-log-retention","title":"Docker Log Retention","text":"Docker log retention can be specified via the logs:set
command by specifying a value for max-size
. Log retention is set via injected docker options for all applications, but is also available via the logs-get-property
trigger for alternative schedulers.
dokku logs:set node-js-app max-size 20m\n
The default value may be set by passing an empty value for the option:
dokku logs:set node-js-app max-size\n
Valid values include any integer number followed by a unit of measure (k
, m
, or g
) or the string unlimited
. Setting to unlimited
will result in Dokku omitting the log option.
The max-size
property can also be set globally. The global default is 10m
, and the global value is used when no app-specific value is set.
dokku logs:set --global max-size 20m\n
The default value may be set by passing an empty value for the option.
dokku logs:set --global max-size\n
"},{"location":"deployment/logs/#vector-logging-shipping","title":"Vector Logging Shipping","text":"New
Introduced in 0.22.6
Vector is an open-source, lightweight and ultra-fast tool for building observability pipelines. Dokku integrates with it for shipping container logs for the docker-local
scheduler. Users may configure log-shipping on a per-app or global basis, neither of which interfere with the dokku logs
commands.
Warning
While the default vector image may be updated over time, this will not impact running vector containers. Users are encouraged to view any Dokku and Vector changelogs to ensure their system will continue running as expected.
Vector may be started via the logs:vector-start
command.
dokku logs:vector-start\n
This will start a new container named vector
with Dokku's vector config mounted and ready for use. If a running container already exists, this command will do nothing. Additionally, if a container exists but is not running, this command will attempt to start the container.
While the default vector image is hardcoded, users may specify an alternative via the --vector-image
flag:
dokku logs:vector-start --vector-image timberio/vector:latest-debian\n
The vector
container will be started with the following volume mounts:
/var/lib/dokku/data/logs/vector.json:/etc/vector/vector.json
/var/run/docker.sock:/var/run/docker.sock
/var/log/dokku/apps:/var/log/dokku/apps
The final volume mount - /var/log/dokku/apps
- may be used for users that wish to ship logs to a file on disk that may be later logrotated. This directory is owned by the dokku
user and group, with permissions set to 0755
. At this time, log-rotation is not configured for this directory.
Vector may be stopped via the logs:vector-stop
command.
dokku logs:vector-stop\n
The vector
container will be stopped and removed from the system. If the container is not running, this command will do nothing.
It may be necessary to check the vector container's logs to ensure that vector is operating as expected. This can be performed with the logs:vector-logs
command.
dokku logs:vector-logs\n
This command also supports the following modifiers:
--num NUM # the number of lines to display\n--tail # continually stream logs\n
You can use these modifiers as follows:
dokku logs:vector-logs --tail --num 10\n
The above command will show logs continually from the vector container, with an initial history of 10 log lines
"},{"location":"deployment/logs/#changing-the-vector-image","title":"Changing the vector image","text":"Dokku integrates with a Vector docker image version that is known to be compatible with the documentation. In some cases, it may be useful to specify an alternative image version. To do so, set the global vector-image
property.
dokku logs:set --global vector-image timberio/vector:0.35.X-debian\n
Once set, the vector container will need to be stopped and then started. Note that specifying the --vector-image
flag on the logs:vector-start
will override the setting.
dokku logs:vector-stop\ndokku logs:vector-start\n
Setting this to an empty string will reset the version to the version currently compatible with the Dokku installation.
dokku logs:set --global vector-image\n
"},{"location":"deployment/logs/#configuring-a-log-sink","title":"Configuring a log sink","text":"Vector uses the concept of log \"sinks\" to send logs to a given endpoint. Log sinks may be configured globally or on a per-app basis by specifying a vector-sink
in DSN form with the logs:set
command. Specifying a sink value will reload any running vector container.
# setting the sink value in quotes is encouraged to avoid\n# issues with ampersand encoding in shell commands\ndokku logs:set node-js-app vector-sink \"console://?encoding[codec]=json\"\n
A sink may be removed by setting an empty value, which will also reload the running vector container.
dokku logs:set node-js-app vector-sink\n
Only one sink may be specified on a per-app basis at a given time.
Log sinks can also be specified globally by specifying the --global
flag to logs:set
with no app name specified:
dokku logs:set --global vector-sink \"console://?encoding[codec]=json\"\n
As with app-specific sink settings, the global value may also be cleared by setting no value.
dokku logs:set --global vector-sink\n
"},{"location":"deployment/logs/#log-sink-dsn-format","title":"Log Sink DSN Format","text":"The DSN form of a sink is as follows:
SINK_TYPE://?SINK_OPTIONS\n
Valid values for SINK_TYPE
include all log vector log sinks, while SINK_OPTIONS
is a query-string form for the sink's options. The following is a short description on how to set various values:
bool
: form: key=bool
string
: form: key=string
int
: form: key=int
[string]
: form: key[]=string
[int]
: form: key[]=int
table
: form: option[key]=value
For some sinks - such as the http
sink - it may be useful to use special characters such as &
. These characters must be url escaped as per RFC 3986.
# the following command will set the `http` sink with a uri config value\n# for a uri config value: https://loggerservice.com:1234/?token=abc1234&type=vector\n# the url quoted version: https%3A//loggerservice.com%3A1234/%3Ftoken%3Dabc1234%26type%3Dvector\ndokku logs:set test vector-sink \"http://?uri=https%3A//loggerservice.com%3A1234/%3Ftoken%3Dabc1234%26type%3Dvector\"\n
Please read the sink documentation for your sink of choice to configure the sink as desired.
"},{"location":"deployment/remote-commands/","title":"Remote Commands","text":"Dokku commands can be run over SSH. Anywhere you would run dokku <command>
, just run ssh -t dokku@dokku.me <command>
The -t
is used to request a pty. It is highly recommended to do so. To avoid the need to type the -t
option each time, create/modify a section in the .ssh/config
on the client side, as follows:
Host dokku.me\n RequestTTY yes\n
"},{"location":"deployment/remote-commands/#behavioral-modifiers","title":"Behavioral modifiers","text":"Dokku also supports certain command line arguments that augment its behavior. If using these over SSH, you must use the form ssh -t dokku@dokku.me -- <command>
to avoid SSH interpreting Dokku arguments for itself.
--quiet suppress output headers\n--trace enable DOKKU_TRACE for current execution only\n--force force flag. currently used in apps:destroy and other \":destroy\" commands\n
"},{"location":"deployment/remote-commands/#official-client","title":"Official Client","text":"You may optionally use the official client when connecting to the Dokku server.
Of all methods, this is the most official method of interacting with your Dokku installation. It is a bash script that interacts with a remote Dokku installation via ssh
. It is available in contrib/dokku_client.sh
in the root of the Dokku repository.
It can be installed either via the Homebrew package manager (macOS only), or manually.
"},{"location":"deployment/remote-commands/#installation-via-homebrew","title":"Installation via Homebrew","text":"To install, simply run the following command:
brew install dokku/repo/dokku\n
"},{"location":"deployment/remote-commands/#manual-installation","title":"Manual installation","text":"To install manually, simply clone the Dokku repository down and add the dokku
alias pointing at the script:
git clone git@github.com:dokku/dokku.git ~/.dokku\n\n# optional: make sure that the dokku_client.sh version matches your Dokku version\ncd ~/.dokku\ngit checkout <tag/branch>\n\n# add the following to either your\n# .bashrc, .bash_profile, or .profile file\nalias dokku='$HOME/.dokku/contrib/dokku_client.sh'\n
Alternatively, if using another shell such as zsh, create an alias command which invokes the script using bash:
# zsh: add the following to either .zshenv or .zshrc\nalias dokku='bash $HOME/.dokku/contrib/dokku_client.sh'\n\n# fish: add the following to ~/.config/fish/config.fish\nalias dokku 'bash $HOME/.dokku/contrib/dokku_client.sh'\n\n# csh: add the following to .cshrc\nalias dokku 'bash $HOME/.dokku/contrib/dokku_client.sh'\n
"},{"location":"deployment/remote-commands/#usage","title":"Usage","text":"All commands have the application name automatically set via the --app
flag on the remote server, and thus the app name does not need to be specified manually for core plugins.
The client supports several environment variables:
DOKKU_HOST
(default: dokku
git remote): Used to interact with a specific remote server. Can be overridden via the --remote
flag.DOKKU_PORT
(default: 22
): Used to specify a port to connect to the Dokku server on.It also supports several flags (all flags unspecified here are passed as is to the server):
--app
: Override the remote app in use.--trace
: Enable trace mode.--remote
: Override the remote server.--global
: Unsets the \"app\" value. May not be supported for the specified command.In addition, the following commands have special local side-effects:
apps:create
:--app
flag is specified or detected from a dokku
git remote, a random name is generated and used for the app.dokku
git remote is set if not already set.apps:destroy
:dokku
git remote if set.While many users will only ever push to a single dokku remote from a given repository, it may be useful to point the same repository at multiple remotes, especially in the case of pre-production environments. This can be done via the remote
commands. These commands are only available within the official remote client, and are not server-side commands.
To see your currently configured remote, run dokku remote
. This will respect the --remote
flag.
To list all available remotes, run dokku remote:list
. This is equivalent to running git remote
.
To add a remote, run dokku remote:add $REMOTE_NAME dokku@dokku.me:$APP_NAME
, replacing $REMOTE_NAME
with your desired remote name, the $APP_NAME
with your desired app name and the host dokku.me
with your Dokku host. This is equivalent to running git remote add $REMOTE_NAME dokku@dokku.me:$APP_NAME
.
To remove a remote, run dokku remote:remove $REMOTE_NAME
. This is equivalent to running git remote remove $REMOTE_NAME
.
By default, the remote in use is dokku
. To change the remote the client uses by default, run dokku remote:set $REMOTE_NAME
, where $REMOTE_NAME
is the name of your desired remote. This will not check the value specified, so that remote must be available or errors will occur when running normal client commands. Note that specifying --remote
when running dokku commands will override this configuration value.
To clear the configured remote, run dokku remote:unset
. The client will unset the configured remote, and will default back to dokku
, or the value of --remote
if specified.
Please refer to the community clients list for more details.
"},{"location":"deployment/user-management/","title":"User Management","text":"New
Introduced in 0.7.0
ssh-keys:add <name> [/path/to/key] # Add a new public key by pipe or path\nssh-keys:list [--format text|json] [<name>] # List of all authorized Dokku public ssh keys\nssh-keys:remove [--fingerprint fingerprint|<name>] # Remove SSH public key by name\n
When pushing to Dokku, SSH key-based authorization is the preferred authentication method, for ease of use and increased security.
Users in Dokku are managed via the ~/dokku/.ssh/authorized_keys
file. It is highly recommended that you follow the steps below to manage users on a Dokku server.
Info
Users of older versions of Dokku may use the sshcommand
binary to manage keys instead of the ssh-keys
plugin. Please refer to the Dokku documentation for your version for more details.
You can use the ssh-keys:list
command to show all configured SSH keys.
dokku ssh-keys:list\n
SHA256:ABC123ABC123+abc123abc123Zabc123abcZ123abc NAME=\"admin\" SSHCOMMAND_ALLOWED_KEYS=\"no-agent-forwarding,no-user-rc,no-X11-forwarding,no-port-forwarding\"\n
The output contains the following information:
KEY_NAME
.SSHCOMMAND_ALLOWED_KEYS
name.New
Introduced in 0.20.2
The keys for a specific user may be listed by specifying a second argument to the ssh-keys:list
command:
dokku ssh-keys:list admin\n
New
Introduced in 0.22.3
The output format may be specified via the --format
flag. Supported values include json
and text
.
dokku ssh-keys:list --format json\n
This can additionally be used to filter to keys for a particular user:
dokku ssh-keys:list --format json admin\n
"},{"location":"deployment/user-management/#adding-ssh-keys","title":"Adding SSH keys","text":"You can add your public key to Dokku with the ssh-keys:add
command. The path specified must contain your desired public ssh key contents and must exist on the server. Any special characters - such as ~
- are interpreted under the dokku
user context. The output will be the fingerprint of the SSH key:
dokku ssh-keys:add KEY_NAME path/to/id_rsa.pub\n
SHA256:ABC123ABC123+abc123abc123Zabc123abcZ123abc\n
KEY_NAME
is the name you want to use to refer to this particular key. Including the word admin
in the name will grant the user privileges to add additional keys remotely.
Info
KEY_NAME
is a unique name which is used to identify public keys. Attempting to re-use a key name will result in an error. The SSH (Git) user is always dokku
, as this is the system user that the dokku
binary uses to perform all its actions.
Alternatively, you may pipe the contents of your ssh key via cat
or echo
into the ssh-keys:add
command instead of specifying a path to the ssh key:
echo \"$CONTENTS_OF_YOUR_PUBLIC_SSH_KEY_HERE\" | dokku ssh-keys:add KEY_NAME\n
SHA256:ABC123ABC123+abc123abc123Zabc123abcZ123abc\n
cat path/to/id_rsa.pub | dokku ssh-keys:add KEY_NAME\n
SHA256:ABC123ABC123+abc123abc123Zabc123abcZ123abc\n
Admin users and root can add keys remotely by specifying the dokku
bin on their ssh
command:
cat ~/.ssh/id_rsa.pub | ssh root@dokku.me dokku ssh-keys:add KEY_NAME\n
If you are using the Vagrant installation, you can also use the make vagrant-acl-add
target to add your public key to Dokku (it will use your host username as the USER
):
cat ~/.ssh/id_rsa.pub | make vagrant-acl-add\n
"},{"location":"deployment/user-management/#removing-ssh-keys","title":"Removing SSH keys","text":"As key names are unique, they can be used to remove a public SSH key.
dokku ssh-keys:remove KEY_NAME\n
An SSH Key can also be removed by fingerprint.
dokku ssh-keys:remove --fingerprint FINGERPRINT\n
"},{"location":"deployment/user-management/#scoping-commands-to-specific-users","title":"Scoping commands to specific users","text":"Support for scoping commands to specific users can be added through plugins that take advantage of the user-auth plugin trigger to handle command authorization. See also the list of community-provided plugins.
"},{"location":"deployment/user-management/#granting-other-unix-user-accounts-dokku-access","title":"Granting other Unix user accounts Dokku access","text":"Any Unix user account which belongs to the sudo
Unix group can run Dokku. However, you may want to give them Dokku access but not full sudo privileges.
To allow other Unix user accounts to be able to run Dokku commands, without giving them full sudo access, modify your sudoers configuration.
Use visudo /etc/sudoers.d/dokku-users
, or visudo /etc/sudoers
to add the following line:
%dokku ALL=(ALL:ALL) NOPASSWD:SETENV: /usr/bin/dokku\n
"},{"location":"deployment/zero-downtime-deploys/","title":"Zero Downtime Deploy Checks","text":"New
Introduced in 0.5.0
checks:disable <app> [process-type(s)] Disable zero-downtime deployment for all processes (or comma-separated process-type list) ***WARNING: this will cause downtime during deployments***\nchecks:enable <app> [process-type(s)] Enable zero-downtime deployment for all processes (or comma-separated process-type list)\nchecks:report [<app>] [<flag>] Displays a checks report for one or more apps\nchecks:run <app> [process-type(s)] Runs zero-downtime checks for all processes (or comma-separated process-type list)\nchecks:set [--global|<app>] <key> <value> Set or clear a logs property for an app\nchecks:skip <app> [process-type(s)] Skip zero-downtime checks for all processes (or comma-separated process-type list)\n
By default, Dokku will wait 10
seconds after starting each container before assuming it is up and proceeding with the deploy. Once this has occurred for all containers started by an application, traffic will be switched to point to your new containers. Dokku will also wait a further 60
seconds after the deploy is complete before terminating old containers in order to give time for long running connections to terminate. In either case, you may have more than one container running for a given application.
You may both create user-defined checks for web processes using the healthchecks
key in the app.json
file, as well as customize any and all parts of this experience using the checks plugin.
Info
Web checks are performed via curl
on Dokku host. Some application code - such as the Django framework - checks for specific hostnames or header values, these checks will fail. To avoid this:
After a successful deploy, the grace period given to old containers before they are stopped/terminated is determined by the value of wait-to-retire
. This is useful for ensuring completion of long-running HTTP connections.
dokku checks:set node-js-app wait-to-retire 30\n
Defaults to 60
.
config
plugin","text":"There are certain settings that can be configured via environment variables:
DOKKU_DEFAULT_CHECKS_WAIT
: (default: 10
) If no user-defined checks are specified - or if the process being checked is not a web
process - this is the period of time Dokku will wait before checking that a container is still running.DOKKU_DOCKER_STOP_TIMEOUT
: (default: 10
) Configurable grace period given to the docker stop
command. If a container has not stopped by this time, a kill -9
signal or equivalent is sent in order to force-terminate the container. Both the ps:stop
and apps:destroy
commands also respect this value. If not specified, the Docker defaults for the docker stop
command will be used.The following settings may also be specified in the app.json
file, though are available as environment variables in order to ease application reuse.
DOKKU_CHECKS_WAIT
: (default: 5
) Wait this many seconds for the container to start before running checks.DOKKU_CHECKS_TIMEOUT
: (default: 30
) Wait this many seconds for each response before marking it as a failure.DOKKU_CHECKS_ATTEMPTS
: (default: 5
) Number of retries for to run for a specific check before marking it as a failureInfo
Note that checks:disable
will now (as of 0.6.0) cause downtime for that process-type during deployments. Previously, it acted as checks:skip
currently does.
You can choose to skip checks completely on a per-application/per-process basis. Skipping checks will avoid the default 10 second waiting period entirely, as well as any other user-defined checks.
ShellOutput# process type specification is optional\ndokku checks:skip node-js-app worker,web\n
-----> Skipping zero downtime for app's (node-js-app) proctypes (worker,web)\n-----> Unsetting node-js-app\n-----> Unsetting DOKKU_CHECKS_DISABLED\n-----> Setting config vars\n DOKKU_CHECKS_SKIPPED: worker,web\n
Zero downtime checks can also be disabled completely. This will stop old containers before new ones start, which may result in broken connections and downtime if your application fails to boot properly.
ShellOutputdokku checks:disable node-js-app worker\n
-----> Disabling zero downtime for app's (node-js-app) proctypes (worker)\n-----> Setting config vars\n DOKKU_CHECKS_DISABLED: worker\n-----> Setting config vars\n DOKKU_CHECKS_SKIPPED: web\n
"},{"location":"deployment/zero-downtime-deploys/#displaying-checks-reports-for-an-app","title":"Displaying checks reports for an app","text":"New
Introduced in 0.8.1
You can get a report about the app's checks status using the checks:report
command:
dokku checks:report\n
=====> node-js-app checks information\n Checks disabled list: none\n Checks skipped list: none\n Checks computed wait to retire: 60\n Checks global wait to retire: 60\n Checks wait to retire:\n=====> python-app checks information\n Checks disabled list: none\n Checks skipped list: none\n Checks computed wait to retire: 60\n Checks global wait to retire: 60\n Checks wait to retire:\n=====> ruby-app checks information\n Checks disabled list: _all_\n Checks skipped list: none\n Checks computed wait to retire: 60\n Checks global wait to retire: 60\n Checks wait to retire:\n
You can run the command for a specific app also.
ShellOutputdokku checks:report node-js-app\n
=====> node-js-app checks information\n Checks disabled list: none\n Checks skipped list: none\n Checks computed wait to retire: 60\n Checks global wait to retire: 60\n Checks wait to retire:\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku checks:report node-js-app --checks-disabled-list\n
"},{"location":"deployment/zero-downtime-deploys/#customizing-checks","title":"Customizing checks","text":"New
Introduced in 0.31.0
If your application needs a longer period to boot up - perhaps to load data into memory, or because of slow boot time - you may also use Dokku's checks
functionality to more precisely check whether an application can serve traffic or not.
Healthchecks are run against all process from your application's Procfile
. When no healthcheck is defined, Dokku will fallback to a process uptime check.
One or more healthchecks can be defined in the app.json
file - see the deployment task documentation for more information on how this is extracted - under the healthchecks.web
path:
{\n \"healthchecks\": {\n \"web\": [\n {\n \"type\": \"startup\",\n \"name\": \"web check\",\n \"description\": \"Checking if the app responds to the /health/ready endpoint\",\n \"path\": \"/health/ready\",\n \"attempts\": 3\n }\n ]\n }\n}\n
A healthcheck entry takes the following properties:
attempts
: (default: 3
) Number of retry attempts to perform on failure.command
: (default ''
- empty string) Command to execute within container.content
: (default: ''
- empty string) Content to search in http path check output.initialDelay
: (default: 0, unit: seconds) Number of seconds to wait after a container has started before triggering the healthcheck.name
: (default: autogenerated) The name of the healthcheck. If unspecified, it will be autogenerated from the rest of the healthcheck information.path
: (default: /
- for http checks): An http path to check.port
: (default: 5000
): Port to run healthcheck against.timeout
: (default: 5
seconds): Number of seconds to wait before timing out a healthcheck.type
: (default: \"\"
- none): Type of the healthcheck. Options: liveness, readiness, startup.uptime
: (default: \"\"
- none): Amount of time the container must be alive before the container is considered healthy. Any restarts will cause this to check to fail, and this check does not respect retries.wait
: (default: 5
seconds): Number of seconds to wait between healthcheck attempts.Warning
Healthchecks are implemented by specific scheduler plugins, and not all plugins support all options. Please consult the scheduler documentation for further details on what is supported.
See the docker-container-healthchecker documentation for more details on how healthchecks are interpreted.
"},{"location":"deployment/zero-downtime-deploys/#manually-invoking-checks","title":"Manually invoking checks","text":"Checks can also be manually invoked via the checks:run
command. This can be used to check the status of an application via cron to provide integration with external healthchecking software.
Checks are run against a specific application:
ShellOutputdokku checks:run APP\n
-----> Running pre-flight checks\n-----> Running checks for app (APP.web.1)\n For more efficient zero downtime deployments, create a file CHECKS.\n See https://dokku.com/docs/deployment/zero-downtime-deploys/ for examples\n CHECKS file not found in container: Running simple container check...\n-----> Waiting for 10 seconds ...\n-----> Default container check successful!\n-----> Running checks for app (APP.web.2)\n For more efficient zero downtime deployments, create a file CHECKS.\n See https://dokku.com/docs/deployment/zero-downtime-deploys/ for examples\n CHECKS file not found in container: Running simple container check...\n-----> Waiting for 10 seconds ...\n-----> Default container check successful!\n-----> Running checks for app (APP.worker.1)\n For more efficient zero downtime deployments, create a file CHECKS.\n See https://dokku.com/docs/deployment/zero-downtime-deploys/ for examples\n CHECKS file not found in container: Running simple container check...\n-----> Waiting for 10 seconds ...\n-----> Default container check successful!\n
Checks can be scoped to a particular process type:
ShellOutputdokku checks:run node-js-app worker\n
-----> Running pre-flight checks\n-----> Running checks for app (APP.worker.1)\n For more efficient zero downtime deployments, create a file CHECKS.\n See https://dokku.com/docs/deployment/zero-downtime-deploys/ for examples\n CHECKS file not found in container: Running simple container check...\n-----> Waiting for 10 seconds ...\n-----> Default container check successful!\n
An app process ID may also be specified:
ShellOutputdokku checks:run node-js-app web.2\n
-----> Running pre-flight checks\n-----> Running checks for app (APP.web.2)\n For more efficient zero downtime deployments, create a file CHECKS.\n See https://dokku.com/docs/deployment/zero-downtime-deploys/ for examples\n CHECKS file not found in container: Running simple container check...\n-----> Waiting for 10 seconds ...\n-----> Default container check successful!\n
Non-existent process types will result in an error:
ShellOutputdokku checks:run node-js-app non-existent\n
-----> Running pre-flight checks\nInvalid process type specified (APP.non-existent)\n
Non-existent process IDs will also result in an error
ShellOutputdokku checks:run node-js-app web.3\n
-----> Running pre-flight checks\nInvalid container id specified (APP.web.3)\n
"},{"location":"deployment/builders/builder-management/","title":"Builder Management","text":"New
Introduced in 0.24.0
builder:report [<app>] [<flag>] # Displays a builder report for one or more apps\nbuilder:set <app> <key> (<value>) # Set or clear a builder property for an app\n
Builders are a way of customizing how an app is built from a source, allowing users flexibility in how artifacts are created for later scheduling.
"},{"location":"deployment/builders/builder-management/#usage","title":"Usage","text":""},{"location":"deployment/builders/builder-management/#builder-selection","title":"Builder selection","text":"Dokku supports the following built-in builders:
builder-dockerfile
: Builds apps using a Dockerfile
via docker build
. See the dockerfile builder documentation for more information on how this builder functions.builder-herokuish
: Builds apps with Heroku's v2a Buildpack specification via gliderlabs/herokuish
. See the herokuish builder documentation for more information on how this builder functions.builder-lambda
: Builds AWS Lambda functions in an environment simulating AWS Lambda runtimes via lambda-builder. See the lambda builder documentation for more information on how this builder functions.builder-null
: Does nothing during the build phase. See the null builder documentation for more information on how this builder functions.builder-pack
: Builds apps with Cloud Native Buildpacks via the pack-cli
tool. See the cloud native buildpacks builder documentation for more information on how this builder functions.Builders run a detection script against a source code repository, and the first detected builder will be used to build the app artifact. The exception to this is when a Dockerfile
is detected and the app is also able to use either herokuish
or pack-cli
for building, in which case one of the latter will be chosen.
If desired, the builder can be specified via the builder:set
command by specifying a value for selected
. The selected builder will always be used.
dokku builder:set node-js-app selected dockerfile\n
The default value may be set by passing an empty value for the option:
dokku builder:set node-js-app selected\n
The selected
property can also be set globally. The global default is an empty string, and auto-detection will be performed when no value is set per-app or globally.
dokku builder:set --global selected herokuish\n
Warning
Selecting a global builder will result in all applications using that builder unless a manual override is selected.
The default value may be set by passing an empty value for the option.
dokku builder:set --global selected\n
"},{"location":"deployment/builders/builder-management/#changing-the-build-directory","title":"Changing the build directory","text":"Warning
Please keep in mind that setting a custom build directory will result in loss of any changes to the top-level directory, such as the git.keep-git-dir
property.
When deploying a monorepo, it may be desirable to specify the specific build directory to use for a given app. This can be done via the builder:set
command. If a value is specified and that directory does not exist within the repository, the build will fail.
dokku builder:set node-js-app build-dir app2\n
The default value may be set by passing an empty value for the option:
dokku builder:set node-js-app build-dir\n
The build-dir
property can also be set globally. The global default is empty string, and the global value is used when no app-specific value is set.
dokku builder:set --global build-dir app2\n
The default value may be set by passing an empty value for the option.
dokku builder:set --global build-dir\n
"},{"location":"deployment/builders/builder-management/#displaying-builder-reports-for-an-app","title":"Displaying builder reports for an app","text":"You can get a report about the app's builder status using the builder:report
command:
dokku builder:report\n
=====> node-js-app builder information\n Builder build dir: custom\n Builder computed build dir: custom\n Builder computed selected: herokuish\n Builder global build dir:\n Builder global selected: herokuish\n Builder selected: herokuish\n=====> python-sample builder information\n Builder build dir:\n Builder computed build dir:\n Builder computed selected: dockerfile\n Builder global build dir:\n Builder global selected: herokuish\n Builder selected: dockerfile\n=====> ruby-sample builder information\n Builder build dir:\n Builder computed build dir:\n Builder computed selected: herokuish\n Builder global build dir:\n Builder global selected: herokuish\n Builder selected:\n
You can run the command for a specific app also.
ShellOutputdokku builder:report node-js-app\n
=====> node-js-app builder information\n Builder selected: herokuish\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku builder:report node-js-app --builder-selected\n
"},{"location":"deployment/builders/builder-management/#custom-builders","title":"Custom builders","text":"To create a custom builder, the following triggers must be implemented:
builder-build
:BUILDER_TYPE
APP
SOURCECODE_WORK_DIR
common#get_app_image_name $APP
.builder-detect
:APP
SOURCECODE_WORK_DIR
builder-
prefix) to use to build the app.builder-release
:BUILDER_TYPE
APP
IMAGE_AG
Custom plugins names must have the prefix builder-
or builder overriding via builder:set
may not function as expected.
Builders can use any tools available on the system to build the docker image, and may even be used to schedule building off-server. The only current requirement is that the image must exist on the server at the end of the builder-build
command, though this requirement may be relaxed in a future release.
For a simple example of how to implement this trigger, see builder-pack
, which utilizes a cli tool - pack-cli
- to generate an OCI image that is compatible with Docker and can be scheduled by the official scheduling plugins.
New
Introduced in 0.22.0
builder-pack:report [<app>] [<flag>] # Displays a builder-pack report for one or more apps\nbuilder-pack:set <app> <key> (<value>) # Set or clear a builder-pack property for an app\n
buildpacks:set-property [--global|<app>] <key> <value> # Set or clear a buildpacks property for an app\n
Cloud Native Buildpacks are an evolution over the Buildpacks technology provided by the Herokuish builder. See the herokuish buildpacks documentation for more information on how to clear buildpack build cache for an application.
Warning
This functionality uses the pack
cli from the Cloud Native Buildpacks project to build apps. As the integration is experimental in Dokku, it is likely to change over time.
The pack
cli tool is not included by default with Dokku or as a dependency. It must also be installed as shown on this page.
Builds will proceed with the pack
cli for the app from then on.
As this functionality is highly experimental, there are a number of caveats. Please note that not all issues are listed below.
buildpacks
plugin.pack
cli invocations.web
.repo:purge-cache
currently has no effect.repo
plugin.pack
is not currently included with Dokku, nor is it added as a package dependency.This builder will be auto-detected in either the following cases:
The DOKKU_CNB_EXPERIMENTAL
app environment variable is set to 1
.
dokku config:set --no-restart node-js-app DOKKU_CNB_EXPERIMENTAL=1\n
A project.toml
file exists in the root of the app repository.
pack-cli
and used to describe how the app is built.The builder can also be specified via the builder:set
command:
dokku builder:set node-js-app selected pack\n
Info
Dokku will only select the dockerfile
builder if both the herokuish
and pack
builders are not detected and a Dockerfile exists. See the dockerfile builder documentation for more information on how that builder functions.
project.toml
location","text":"The project.toml
is expected to be found in a specific directory, depending on the deploy approach:
WORKDIR
of the Docker image for deploys resulting from git:from-image
and git:load-image
commands.git:from-archive
, git:sync
).Sometimes it may be desirable to set a different path for a given app, e.g. when deploying from a monorepo. This can be done via the projecttoml-path
property:
dokku builder-pack:set node-js-app projecttoml-path .dokku/project.toml\n
The value is the path to the desired file relative to the base search directory, and will never be treated as absolute paths in any context. If that file does not exist within the repository, Dokku will continue the build process as if the repository has no project.toml
.
The default value may be set by passing an empty value for the option:
dokku builder-pack:set node-js-app projecttoml-path\n
The projecttoml-path
property can also be set globally. The global default is project.toml
, and the global value is used when no app-specific value is set.
dokku builder-pack:set --global projecttoml-path project2.toml\n
The default value may be set by passing an empty value for the option.
dokku builder-pack:set --global projecttoml-path\n
"},{"location":"deployment/builders/cloud-native-buildpacks/#displaying-builder-pack-reports-for-an-app","title":"Displaying builder-pack reports for an app","text":"New
Introduced in 0.25.0
You can get a report about the app's storage status using the builder-pack:report
command:
dokku builder-pack:report\n
=====> node-js-app builder-pack information\n Builder pack computed projecttoml path: project2.toml\n Builder pack global projecttoml path: project.toml\n Builder pack projecttoml path: project2.toml\n=====> python-sample builder-pack information\n Builder pack computed projecttoml path: project.toml\n Builder pack global projecttoml path: project.toml\n Builder pack projecttoml path:\n=====> ruby-sample builder-pack information\n Builder pack computed projecttoml path: project.toml\n Builder pack global projecttoml path: project.json\n Builder pack projecttoml path:\n
You can run the command for a specific app also.
ShellOutputdokku builder-pack:report node-js-app\n
=====> node-js-app builder-pack information\n Builder pack computed projecttoml path: project2.toml\n Builder pack global projecttoml path: project.toml\n Builder pack projecttoml path: project2.toml\n
You can pass flags which will output only the value of the specific information you want. For example:
ShellOutputdokku builder-pack:report node-js-app --builder-pack-projecttoml-path\n
project2.toml\n
"},{"location":"deployment/builders/cloud-native-buildpacks/#customizing-the-buildpack-stack-builder","title":"Customizing the Buildpack stack builder","text":"New
Introduced in 0.23.0
The default stack builder in use by CNB buildpacks in Dokku is based on heroku/builder:24
. Users may desire to switch the stack builder to a custom version, either to update the operating system or to customize packages included with the stack builder. This can be performed via the buildpacks:set-property
command.
dokku buildpacks:set-property node-js-app stack paketobuildpacks/build:base-cnb\n
The specified stack builder can also be unset by omitting the name of the stack builder when calling buildpacks:set-property
.
dokku buildpacks:set-property node-js-app stack\n
A change in the stack builder value will execute the post-stack-set
trigger.
Finally, stack builders can be set or unset globally as a fallback. This will take precedence over a globally set DOKKU_CNB_BUILDER
environment variable (heroku/builder:24
by default).
# set globally\ndokku buildpacks:set-property --global stack paketobuildpacks/build:base-cnb\n\n# unset globally\ndokku buildpacks:set-property --global stack\n
"},{"location":"deployment/builders/cloud-native-buildpacks/#specifying-commands-via-procfile","title":"Specifying commands via Procfile","text":"See the Procfile documentation for more information on how to specify different processes for your app.
"},{"location":"deployment/builders/dockerfiles/","title":"Dockerfile Deployment","text":"New
Introduced in 0.3.15
builder-dockerfile:report [<app>] [<flag>] # Displays a builder-dockerfile report for one or more apps\nbuilder-dockerfile:set <app> <key> (<value>) # Set or clear a builder-dockerfile property for an app\n
While Dokku normally defaults to using Heroku buildpacks for deployment, you can also use Docker's native Dockerfile
system to define a container.
Info
Dockerfile support is considered a power user feature. By using Dockerfile-based deployment, you agree that you will not have the same comfort as that enjoyed by buildpack users, and Dokku features may work differently. Differences between the two systems will be documented here.
"},{"location":"deployment/builders/dockerfiles/#usage","title":"Usage","text":""},{"location":"deployment/builders/dockerfiles/#detection","title":"Detection","text":"This builder will be auto-detected in the following case:
Dockerfile
exists in the root of the app repository.Dokku will only select the dockerfile
builder if both the herokuish
and pack
builders are not detected and a Dockerfile exists. For more information on how those are detected, see the following links:
If an application was previously deployed via buildpacks and ports were customized, the following commands should be run prior to a deploy to ensure the Dockerfile ports are respected:
dokku ports:clear node-js-app\n
"},{"location":"deployment/builders/dockerfiles/#changing-the-dockerfile-location","title":"Changing the Dockerfile
location","text":"Info
The previous method to perform this - via docker-options:add
- should be removed in favor of the builder-dockerfile:set
command outlined here.
The Dockerfile
is expected to be found in a specific directory, depending on the deploy approach:
WORKDIR
of the Docker image for deploys resulting from git:from-image
and git:load-image
commands.git:from-archive
, git:sync
).Sometimes it may be desirable to set a different path for a given app, e.g. when deploying from a monorepo. This can be done via the dockerfile-path
property:
dokku builder-dockerfile:set node-js-app dockerfile-path .dokku/Dockerfile\n
The value is the path to the desired file relative to the base search directory, and will never be treated as absolute paths in any context. If that file does not exist within the repository, the build will fail.
The default value may be set by passing an empty value for the option:
dokku builder-dockerfile:set node-js-app dockerfile-path\n
The dockerfile-path
property can also be set globally. The global default is Dockerfile
, and the global value is used when no app-specific value is set.
dokku builder-dockerfile:set --global dockerfile-path Dockerfile2\n
The default value may be set by passing an empty value for the option.
dokku builder-dockerfile:set --global dockerfile-path\n
"},{"location":"deployment/builders/dockerfiles/#displaying-builder-dockerfile-reports-for-an-app","title":"Displaying builder-dockerfile reports for an app","text":"New
Introduced in 0.25.0
You can get a report about the app's storage status using the builder-dockerfile:report
command:
dokku builder-dockerfile:report\n
=====> node-js-app builder-dockerfile information\n Builder dockerfile computed dockerfile path: Dockerfile2\n Builder dockerfile global dockerfile path: Dockerfile\n Builder dockerfile dockerfile path: Dockerfile2\n=====> python-sample builder-dockerfile information\n Builder dockerfile computed dockerfile path: Dockerfile\n Builder dockerfile global dockerfile path: Dockerfile\n Builder dockerfile dockerfile path:\n=====> ruby-sample builder-dockerfile information\n Builder dockerfile computed dockerfile path: Dockerfile\n Builder dockerfile global dockerfile path: Dockerfile\n Builder dockerfile dockerfile path:\n
You can run the command for a specific app also.
ShellOutputdokku builder-dockerfile:report node-js-app\n
=====> node-js-app builder-dockerfile information\n Builder dockerfile computed dockerfile path: Dockerfile2\n Builder dockerfile global dockerfile path: Dockerfile\n Builder dockerfile dockerfile path: Dockerfile2\n
You can pass flags which will output only the value of the specific information you want. For example:
ShellOutputdokku builder-dockerfile:report node-js-app --builder-dockerfile-dockerfile-path\n
Dockerfile2\n
"},{"location":"deployment/builders/dockerfiles/#build-time-configuration-variables","title":"Build-time configuration variables","text":"For security reasons - and as per Docker recommendations - Dockerfile-based deploys have variables available only during runtime.
For users that require customization in the build
phase, you may use build arguments via the docker-options plugin. All environment variables set by the config
plugin are automatically exported during a docker build, and thus --build-arg
only requires setting a key without a value.
dokku docker-options:add node-js-app build '--build-arg NODE_ENV'\n
Once set, the Dockerfile usage would be as follows:
FROM ubuntu:24.04\n\n# set the argument default\nARG NODE_ENV=production\n\n# use the argument\nRUN echo $NODE_ENV\n
You may also set the argument as an environment variable
FROM ubuntu:24.04\n\n# set the argument default\nARG NODE_ENV=production\n\n# assign it to an environment variable\n# we can wrap the variable in brackets\nENV NODE_ENV ${NODE_ENV}\n\n# or omit them completely\n\n# use the argument\nRUN echo $NODE_ENV\n
"},{"location":"deployment/builders/dockerfiles/#building-images-with-docker-buildkit","title":"Building images with Docker BuildKit","text":"If your Dockerfile is using Docker Engine's BuildKit (not to be confused with buildpacks), then the DOCKER_BUILDKIT=1
environment variable needs to be set (unless you're using Docker Engine v24 or higher, which uses BuildKit by default). Additionally, complete build log output can be forced via BUILDKIT_PROGRESS=plain
. Both of these environment variables can be set as follows:
echo \"export DOCKER_BUILDKIT=1\" | sudo tee -a /etc/default/dokku\necho \"export BUILDKIT_PROGRESS=plain\" | sudo tee -a /etc/default/dokku\n
"},{"location":"deployment/builders/dockerfiles/#buildkit-directory-caching","title":"BuildKit directory caching","text":"BuildKit implements the RUN --mount
option, enabling mount directory caches for RUN
directives. The following is an example that mounts debian packaging related directories, which can speed up fetching of remote package data.
FROM debian:latest\nRUN --mount=target=/var/lib/apt/lists,type=cache \\\n --mount=target=/var/cache/apt,type=cache \\\n apt-get update \\\n && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \\\n git\n
Mount cache targets may vary depending on the tool in use, and users are encouraged to investigate the directories that apply for their language and framework.
You would adjust the cache directory for whatever application cache you have, e.g. /root/.pnpm-store/v3
for pnpm, $HOME/.m2
for maven, or /root/.cache
for golang.
By default no arguments are passed to docker run
when deploying the container and the CMD
or ENTRYPOINT
defined in the Dockerfile
are executed. You can take advantage of docker ability of overriding the CMD
or passing parameters to your ENTRYPOINT
setting $DOKKU_DOCKERFILE_START_CMD
. Let's say for example you are deploying a base Node.js image, with the following ENTRYPOINT
:
ENTRYPOINT [\"node\"]\n
You can do:
dokku config:set node-js-app DOKKU_DOCKERFILE_START_CMD=\"--harmony server.js\"\n
To tell Docker what to run.
Setting $DOKKU_DOCKERFILE_CACHE_BUILD
to true
or false
will enable or disable Docker's image layer cache. Lastly, for more granular build control, you may also pass any docker build
option to docker
, by setting $DOKKU_DOCKER_BUILD_OPTS
.
New
Introduced in 0.5.0
See the Procfile documentation for more information on how to specify different processes for your app.
"},{"location":"deployment/builders/dockerfiles/#exposed-ports","title":"Exposed ports","text":"See the port management documentation for more information on how Dokku exposes ports for applications and how you can configure these for your app.
"},{"location":"deployment/builders/herokuish-buildpacks/","title":"Herokuish Buildpacks","text":"New
Subcommands introduced in 0.15.0
buildpacks:add [--index 1] <app> <buildpack> # Add new app buildpack while inserting into list of buildpacks if necessary\nbuildpacks:clear <app> # Clear all buildpacks set on the app\nbuildpacks:list <app> # List all buildpacks for an app\nbuildpacks:remove <app> <buildpack> # Remove a buildpack set on the app\nbuildpacks:report [<app>] [<flag>] # Displays a buildpack report for one or more apps\nbuildpacks:set [--index 1] <app> <buildpack> # Set new app buildpack at a given position defaulting to the first buildpack if no index is specified\nbuildpacks:set-property [--global|<app>] <key> <value> # Set or clear a buildpacks property for an app\n
builder-herokuish:report [<app>] [<flag>] # Displays a builder-herokuish report for one or more apps\nbuilder-herokuish:set <app> <key> (<value>) # Set or clear a builder-herokuish property for an app\n
Warning
If using the buildpacks
plugin, be sure to unset any BUILDPACK_URL
and remove any such entries from a committed .env
file. A specified BUILDPACK_URL
will always override a .buildpacks
file or the buildpacks plugin.
Dokku normally defaults to using Heroku buildpacks for deployment, though this may be overridden by committing a valid Dockerfile
to the root of your repository and pushing the repository to your Dokku installation. To avoid this automatic Dockerfile
deployment detection, you may do one of the following:
BUILDPACK_URL
environment variabledokku config:set
or via a committed .env
file in the root of the repository. See the environment variable documentation for more details..buildpacks
file in the root of your repository..buildpacks
file or managed via the buildpacks
plugin commands.This page will cover usage of the buildpacks
plugin.
This builder will be auto-detected in either the following cases:
BUILDPACK_URL
app environment variable is set.dokku config:set
or via a committed .env
file in the root of the repository. See the environment variable documentation for more details..buildpacks
file exists in the root of the app repository..buildpacks
file or managed via the buildpacks
plugin commands.The builder can also be specified via the builder:set
command:
dokku builder:set node-js-app selected herokuish\n
Info
Dokku will only select the dockerfile
builder if both the herokuish
and pack
builders are not detected and a Dockerfile exists. See the dockerfile builder documentation for more information on how that builder functions.
The buildpacks:list
command can be used to show buildpacks that have been set for an app. This will omit any auto-detected buildpacks.
# running for an app with no buildpacks specified\ndokku buildpacks:list node-js-app\n
-----> test buildpack urls\n
# running for an app with two buildpacks specified\ndokku buildpacks:list node-js-app\n
-----> test buildpack urls\n https://github.com/heroku/heroku-buildpack-python.git\n https://github.com/heroku/heroku-buildpack-nodejs.git\n
"},{"location":"deployment/builders/herokuish-buildpacks/#adding-custom-buildpacks","title":"Adding custom buildpacks","text":"Info
Please check the documentation for your particular buildpack as you may need to include configuration files (such as a Procfile) in your project root.
To add a custom buildpack, use the buildpacks:add
command:
dokku buildpacks:add node-js-app https://github.com/heroku/heroku-buildpack-nodejs.git\n
When no buildpacks are currently specified, the specified buildpack will be the only one executed for detection and compilation.
Multiple buildpacks may be specified by using the buildpacks:add
command multiple times.
dokku buildpacks:add node-js-app https://github.com/heroku/heroku-buildpack-ruby.git\ndokku buildpacks:add node-js-app https://github.com/heroku/heroku-buildpack-nodejs.git\n
Buildpacks are executed in order, may be inserted at a specified index via the --index
flag. This flag is specified starting at a 1-index value.
# will add the golang buildpack at the second position, bumping all proceeding ones by 1 position\ndokku buildpacks:add --index 2 node-js-app https://github.com/heroku/heroku-buildpack-golang.git\n
"},{"location":"deployment/builders/herokuish-buildpacks/#overwriting-a-buildpack-position","title":"Overwriting a buildpack position","text":"In some cases, it may be necessary to swap out a given buildpack. Rather than needing to re-specify each buildpack, the buildpacks:set
command can be used to overwrite a buildpack at a given position.
dokku buildpacks:set node-js-app https://github.com/heroku/heroku-buildpack-ruby.git\n
By default, this will overwrite the first buildpack specified. To specify an index, the --index
flag may be used. This flag is specified starting at a 1-index value, and defaults to 1
.
# the following are equivalent commands\ndokku buildpacks:set node-js-app https://github.com/heroku/heroku-buildpack-ruby.git\ndokku buildpacks:set --index 1 node-js-app https://github.com/heroku/heroku-buildpack-ruby.git\n
If the index specified is larger than the number of buildpacks currently configured, the buildpack will be appended to the end of the list.
dokku buildpacks:set --index 99 node-js-app https://github.com/heroku/heroku-buildpack-ruby.git\n
"},{"location":"deployment/builders/herokuish-buildpacks/#removing-a-buildpack","title":"Removing a buildpack","text":"Info
At least one of a buildpack or index must be specified
A single buildpack can be removed by name via the buildpacks:remove
command.
dokku buildpacks:remove node-js-app https://github.com/heroku/heroku-buildpack-ruby.git\n
Buildpacks can also be removed by index via the --index
flag. This flag is specified starting at a 1-index value.
dokku buildpacks:remove node-js-app --index 1\n
"},{"location":"deployment/builders/herokuish-buildpacks/#clearing-all-buildpacks","title":"Clearing all buildpacks","text":"Info
This does not affect automatically detected buildpacks, nor does it impact any specified BUILDPACK_URL
environment variable.
The buildpacks:clear
command can be used to clear all configured buildpacks for a specified app.
dokku buildpacks:clear node-js-app\n
"},{"location":"deployment/builders/herokuish-buildpacks/#customizing-the-buildpack-stack-builder","title":"Customizing the Buildpack stack builder","text":"New
Introduced in 0.23.0
The default stack builder in use by Herokuish buildpacks in Dokku is based on gliderlabs/herokuish:latest
. Typically, this is installed via an OS package which pulls the requisite Docker image. Users may desire to switch the stack builder to a custom version, either to update the operating system or to customize packages included with the stack builder. This can be performed via the buildpacks:set-property
command.
dokku buildpacks:set-property node-js-app stack gliderlabs/herokuish:latest\n
The specified stack builder can also be unset by omitting the name of the stack builder when calling buildpacks:set-property
.
dokku buildpacks:set-property node-js-app stack\n
A change in the stack builder value will execute the post-stack-set
trigger.
Finally, stack builders can be set or unset globally as a fallback. This will take precedence over a globally set DOKKU_IMAGE
environment variable (gliderlabs/herokuish:latest-24
by default).
# set globally\ndokku buildpacks:set-property --global stack gliderlabs/herokuish:latest\n\n# unset globally\ndokku buildpacks:set-property --global stack\n
"},{"location":"deployment/builders/herokuish-buildpacks/#allowing-herokuish-for-non-amd64-platforms","title":"Allowing herokuish for non-amd64 platforms","text":"New
Introduced in 0.29.0
By default, the builder-herokuish plugin is not enabled for non-amd64 platforms, and attempting to use it is blocked. This is because the majority of buildpacks are not cross-platform compatible, and thus building apps will either be considerably slower - due to emulating the amd64 platform - or won't work - due to building amd64 packages on arm64 platforms.
To force-enable herokuish on non-amd64 platforms, the allowed
property can be set via builder-herokuish:set
. The default value depends on the host platform architecture (true
on amd64, false
otherwise).
dokku builder-herokuish:set node-js-app allowed true\n
The default value may be set by passing an empty value for the option:
dokku builder-herokuish:set node-js-app allowed\n
The allowed
property can also be set globally. The global default is platform-dependent, and the global value is used when no app-specific value is set.
dokku builder-herokuish:set --global allowed true\n
The default value may be set by passing an empty value for the option.
dokku builder-herokuish:set --global allowed\n
"},{"location":"deployment/builders/herokuish-buildpacks/#displaying-buildpack-reports-for-an-app","title":"Displaying buildpack reports for an app","text":"You can get a report about the app's buildpacks status using the buildpacks:report
command:
dokku buildpacks:report\n
=====> node-js-app buildpacks information\n Buildpacks computed stack: gliderlabs/herokuish:v0.7.0-22\n Buildpacks global stack: gliderlabs/herokuish:latest-24\n Buildpacks list: https://github.com/heroku/heroku-buildpack-nodejs.git\n Buildpacks stack: gliderlabs/herokuish:v0.7.0-20\n=====> python-sample buildpacks information\n Buildpacks computed stack: gliderlabs/herokuish:latest-24\n Buildpacks global stack: gliderlabs/herokuish:latest-24\n Buildpacks list: https://github.com/heroku/heroku-buildpack-nodejs.git,https://github.com/heroku/heroku-buildpack-python.git\n Buildpacks stack:\n=====> ruby-sample buildpacks information\n Buildpacks computed stack: gliderlabs/herokuish:latest-24\n Buildpacks global stack: gliderlabs/herokuish:latest-24\n Buildpacks list:\n Buildpacks stack:\n
You can run the command for a specific app also.
ShellOutputdokku buildpacks:report node-js-app\n
=====> node-js-app buildpacks information\n Buildpacks list: https://github.com/heroku/heroku-buildpack-nodejs.git\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku buildpacks:report node-js-app --buildpacks-list\n
"},{"location":"deployment/builders/herokuish-buildpacks/#displaying-builder-herokuish-reports-for-an-app","title":"Displaying builder-herokuish reports for an app","text":"New
Introduced in 0.29.0
You can get a report about the app's storage status using the builder-herokuish:report
command:
dokku builder-herokuish:report\n
=====> node-js-app builder-herokuish information\n Builder herokuish computed allowed: false\n Builder herokuish global allowed: true\n Builder herokuish allowed: false\n=====> python-sample builder-herokuish information\n Builder herokuish computed allowed: true\n Builder herokuish global allowed: true\n Builder herokuish allowed:\n=====> ruby-sample builder-herokuish information\n Builder herokuish computed allowed: true\n Builder herokuish global allowed: true\n Builder herokuish allowed:\n
You can run the command for a specific app also.
ShellOutputdokku builder-herokuish:report node-js-app\n
=====> node-js-app builder-herokuish information\n Builder herokuish computed allowed: false\n Builder herokuish global allowed: true\n Builder herokuish allowed: false\n
You can pass flags which will output only the value of the specific information you want. For example:
ShellOutputdokku builder-herokuish:report node-js-app --builder-herokuish-allowed\n
false\n
"},{"location":"deployment/builders/herokuish-buildpacks/#errata","title":"Errata","text":""},{"location":"deployment/builders/herokuish-buildpacks/#switching-from-dockerfile-deployments","title":"Switching from Dockerfile deployments","text":"If an application was previously deployed via Dockerfile, the following commands should be run before a buildpack deploy will succeed:
dokku ports:clear node-js-app\n
"},{"location":"deployment/builders/herokuish-buildpacks/#using-a-specific-buildpack-version","title":"Using a specific buildpack version","text":"Info
Always remember to pin your buildpack versions when using the multi-buildpacks method, or you may find deploys changing your deployed environment.
By default, Dokku uses the gliderlabs/herokuish project, which pins all of it's vendored buildpacks. There may be occasions where the pinned version results in a broken deploy, or does not have a particular feature that is required to build your project. To use a more recent version of a given buildpack, the buildpack may be specified without a Git commit SHA like so:
# using the latest nodejs buildpack\ndokku buildpacks:set node-js-app https://github.com/heroku/heroku-buildpack-nodejs\n
This will use the latest commit on the master
branch of the specified buildpack. To pin to a newer version of a buildpack, a sha may also be specified by using the form REPOSITORY_URL#COMMIT_SHA
, where COMMIT_SHA
is any tree-ish git object - usually a git tag.
# using v87 of the nodejs buildpack\ndokku buildpacks:set node-js-app https://github.com/heroku/heroku-buildpack-nodejs#v87\n
"},{"location":"deployment/builders/herokuish-buildpacks/#curl-build-timeouts","title":"curl
build timeouts","text":"Certain buildpacks may time out in retrieving dependencies via curl
. This can happen when your network connection is poor or if there is significant network congestion. You may see a message similar to gzip: stdin: unexpected end of file
after a curl
command.
If you see output similar this when deploying , you may need to override the curl
timeouts to increase the length of time allotted to those tasks. You can do so via the config
plugin:
dokku config:set --global CURL_TIMEOUT=1200\ndokku config:set --global CURL_CONNECT_TIMEOUT=180\n
"},{"location":"deployment/builders/herokuish-buildpacks/#clearing-buildpack-cache","title":"Clearing buildpack cache","text":"See the repository management documentation for more information on how to clear buildpack build cache for an application.
"},{"location":"deployment/builders/herokuish-buildpacks/#specifying-commands-via-procfile","title":"Specifying commands via Procfile","text":"See the Procfile documentation for more information on how to specify different processes for your app.
"},{"location":"deployment/builders/lambda/","title":"Lambda Builder","text":"New
Introduced in 0.28.0
builder-lambda:report [<app>] [<flag>] # Displays a builder-lambda report for one or more apps\nbuilder-lambda:set <app> <key> (<value>) # Set or clear a builder-lambda property for an app\n
The lambda
builder builds AWS Lambda functions in an environment simulating AWS Lambda runtimes via lambda-builder. Apps built via this builder can run natively in Dokku and may also have their artifacts scheduled to Lambda via an appropriate scheduler.
This builder will be auto-detected in the following case:
lambda.yml
exists in the root of the app repository.The builder may also be selected via the builder:set
command
dokku builder:set node-js-app selected lambda\n
"},{"location":"deployment/builders/lambda/#supported-languages","title":"Supported languages","text":"The lambda
builder plugin supports the following AWS runtime languages on Amazon Linux 2:
See the lambda-builder documentation for more information on how specific languages are detected.
"},{"location":"deployment/builders/lambda/#customizing-the-build-environment","title":"Customizing the build environment","text":"The lambda
builder plugin delegates all build logic to lambda-builder, including language detection and build/runtime environment specification. The lambda-builder tool supports a lambda.yml
file format for customizing how apps are built. Please see the readme for lambda-builder for more information on different options.
lambda.yml
location","text":"The lambda.yml
is expected to be found in a specific directory, depending on the deploy approach:
WORKDIR
of the Docker image for deploys resulting from git:from-image
and git:load-image
commands.git:from-archive
, git:sync
).Sometimes it may be desirable to set a different path for a given app, e.g. when deploying from a monorepo. This can be done via the lambdayml-path
property:
dokku builder-lambda:set node-js-app lambdayml-path .dokku/lambda.yml\n
The value is the path to the desired file relative to the base search directory, and will never be treated as absolute paths in any context. If that file does not exist within the repository, the build will fail.
The default value may be set by passing an empty value for the option:
dokku builder-lambda:set node-js-app lambdayml-path\n
The lambdayml-path
property can also be set globally. The global default is lambda.yml
, and the global value is used when no app-specific value is set.
dokku builder-lambda:set --global lambdayml-path lambda2.yml\n
The default value may be set by passing an empty value for the option.
dokku builder-lambda:set --global lambdayml-path\n
"},{"location":"deployment/builders/lambda/#displaying-builder-lambda-reports-for-an-app","title":"Displaying builder-lambda reports for an app","text":"You can get a report about the app's storage status using the builder-lambda:report
command:
dokku builder-lambda:report\n
=====> node-js-app builder-lambda information\n Builder lambda computed lambdayml path: lambda2.yml\n Builder lambda global lambdayml path: lambda.yml\n Builder lambda lambdayml path: lambda2.yml\n=====> python-sample builder-lambda information\n Builder lambda computed lambdayml path: lambda.yml\n Builder lambda global lambdayml path: lambda.yml\n Builder lambda lambdayml path:\n=====> ruby-sample builder-lambda information\n Builder lambda computed lambdayml path: lambda.yml\n Builder lambda global lambdayml path: lambda.yml\n Builder lambda lambdayml path:\n
You can run the command for a specific app also.
ShellOutputdokku builder-lambda:report node-js-app\n
=====> node-js-app builder-lambda information\n Builder lambda computed lambdayml path: lambda2.yml\n Builder lambda global lambdayml path: lambda.yml\n Builder lambda lambdayml path: lambda2.yml\n
You can pass flags which will output only the value of the specific information you want. For example:
ShellOutputdokku builder-lambda:report node-js-app --builder-lambda-lambdayml-path\n
lambda2.yml\n
"},{"location":"deployment/builders/nixpacks/","title":"Nixpacks","text":"New
Introduced in 0.32.0
The nixpacks
builder builds apps via Nixpacks, a buildpack alternative.
The nixpacks
cli tool is not included by default with Dokku or as a dependency. It must also be installed as shown on this page.
Builds will proceed with the nixpacks
cli for the app from then on.
This builder will be auto-detected in the following case:
nixpacks.toml
exists in the root of the app repository.The builder may also be selected via the builder:set
command
dokku builder:set node-js-app selected nixpacks\n
"},{"location":"deployment/builders/nixpacks/#supported-languages","title":"Supported languages","text":"See the upstream nixpacks documentation for further information on what languages and frameworks are supported.
"},{"location":"deployment/builders/nixpacks/#build-time-configuration-variables","title":"Build-time configuration variables","text":"For security reasons - and as per Docker recommendations - nixpacks-based deploys have variables available only during runtime.
For users that require customization in the build
phase, you may use build arguments via the docker-options plugin. All environment variables set by the config
plugin are automatically exported within the nixpacks build environment, and thus --env
only requires setting a key without a value.
dokku docker-options:add node-js-app build '--env NODE_ENV'\n
Alternatively, a full value may be provided in the form of --env KEY=VALUE
:
dokku docker-options:add node-js-app build '--env NODE_ENV=production'\n
"},{"location":"deployment/builders/nixpacks/#changing-the-nixpackstoml-location","title":"Changing the nixpacks.toml
location","text":"The nixpacks.toml
is expected to be found in a specific directory, depending on the deploy approach:
WORKDIR
of the Docker image for deploys resulting from git:from-image
and git:load-image
commands.git:from-archive
, git:sync
).Sometimes it may be desirable to set a different path for a given app, e.g. when deploying from a monorepo. This can be done via the nixpackstoml-path
property:
dokku builder-nixpacks:set node-js-app nixpackstoml-path .dokku/nixpacks.toml\n
The value is the path to the desired file relative to the base search directory, and will never be treated as absolute paths in any context. If that file does not exist within the repository, the build will fail.
The default value may be set by passing an empty value for the option:
dokku builder-nixpacks:set node-js-app nixpackstoml-path\n
The nixpackstoml-path
property can also be set globally. The global default is nixpacks.toml
, and the global value is used when no app-specific value is set.
dokku builder-nixpacks:set --global nixpackstoml-path nixpacks2.toml\n
The default value may be set by passing an empty value for the option.
dokku builder-nixpacks:set --global nixpackstoml-path\n
"},{"location":"deployment/builders/nixpacks/#disabling-cache","title":"Disabling cache","text":"Cache is enabled by default, but can be disabled by setting the no-cache
property to true
:
dokku builder-nixpacks:set node-js-app no-cache true\n
The default value may be set by passing an empty value for the option:
dokku builder-nixpacks:set node-js-app no-cache\n
The no-cache
property can also be set globally. The global default is false
, and the global value is used when no app-specific value is set.
dokku builder-nixpacks:set --global no-cache true\n
The default value may be set by passing an empty value for the option.
dokku builder-nixpacks:set --global no-cache\n
"},{"location":"deployment/builders/nixpacks/#displaying-builder-nixpacks-reports-for-an-app","title":"Displaying builder-nixpacks reports for an app","text":"You can get a report about the app's storage status using the builder-nixpacks:report
command:
dokku builder-nixpacks:report\n
=====> node-js-app builder-nixpacks information\n Builder-nixpacks computed nixpackstoml path: nixpacks2.toml\n Builder-nixpacks global nixpackstoml path: nixpacks.toml\n Builder-nixpacks nixpackstoml path: nixpacks2.toml\n Builder-nixpacks computed no cache: true\n Builder-nixpacks global no cache: false\n Builder-nixpacks no cache: true\n=====> python-sample builder-nixpacks information\n Builder-nixpacks computed nixpackstoml path: nixpacks.toml\n Builder-nixpacks global nixpackstoml path: nixpacks.toml\n Builder-nixpacks nixpackstoml path:\n Builder-nixpacks computed no cache: false\n Builder-nixpacks global no cache: false\n Builder-nixpacks no cache:\n=====> ruby-sample builder-nixpacks information\n Builder-nixpacks computed nixpackstoml path: nixpacks.toml\n Builder-nixpacks global nixpackstoml path: nixpacks.toml\n Builder-nixpacks nixpackstoml path:\n Builder-nixpacks computed no cache: false\n Builder-nixpacks global no cache: false\n Builder-nixpacks no cache:\n
You can run the command for a specific app also.
ShellOutputdokku builder-nixpacks:report node-js-app\n
=====> node-js-app builder-nixpacks information\n Builder-nixpacks computed nixpackstoml path: nixpacks2.toml\n Builder-nixpacks global nixpackstoml path: nixpacks.toml\n Builder-nixpacks nixpackstoml path: nixpacks2.toml\n Builder-nixpacks computed no cache: true\n Builder-nixpacks global no cache: false\n Builder-nixpacks no cache: true\n
You can pass flags which will output only the value of the specific information you want. For example:
ShellOutputdokku builder-nixpacks:report node-js-app --builder-nixpacks-no-cache\n
true\n
"},{"location":"deployment/builders/null/","title":"Null Builder","text":"New
Introduced in 0.25.0
The null
builder does nothing, and is useful for routing to services not managed by Dokku. It should not be used in normal operation. Please see the network documentation for more information on the aforementioned use case.
This builder is never auto-detected. The builder must be specified via the builder:set
command:
dokku builder:set node-js-app selected null\n
"},{"location":"deployment/continuous-integration/generic/","title":"Generic CI/CD Integration","text":"In cases where there is no direct or documented integration available, the Dokku project provides an Official Docker Image for use in Continuous Integration/Continuous Deployment (CI/CD) systems.
Assuming a Docker image can be run as a CI task with environment variables injected, the following CI systems will have their variables automatically detected:
The simplest usage of the image is as follows.
# where the `.env` file contains `GIT_REMOTE_URL` and `SSH_PRIVATE_KEY`\n\ndocker run --rm -v=\"$PWD:/app\" --env-file=.env dokku/ci-docker-image dokku-deploy\n
For more configuration examples and further documentation, see the ci-docker-image readme.
"},{"location":"deployment/continuous-integration/github-actions/","title":"GitHub Actions","text":"The Dokku project has an official GitHub Action available on the GitHub Marketplace. The simplest usage example is as follows:
---\nname: 'deploy'\n\non:\n push:\n branches:\n - master\n\njobs:\n deploy:\n runs-on: ubuntu-24.04\n steps:\n - name: Cloning repo\n uses: actions/checkout@v3\n with:\n fetch-depth: 0\n\n - name: Push to dokku\n uses: dokku/github-action@master\n with:\n git_remote_url: 'ssh://dokku@dokku.me:22/appname'\n ssh_private_key: ${{ secrets.SSH_PRIVATE_KEY }}\n
For further usage documentation and other advanced examples, see the entry on the GitHub Marketplace.
"},{"location":"deployment/continuous-integration/gitlab-ci/","title":"GitLab CI","text":"GitLab CI can be used to automatically deploy a Dokku application via the official the dokku/ci-docker-image. The simplest example is as follows:
---\nimage: dokku/ci-docker-image\n\nstages:\n - deploy\n\nvariables:\n GIT_DEPTH: 0\n\ndeploy:\n stage: deploy\n only:\n - master\n variables:\n GIT_REMOTE_URL: ssh://dokku@dokku.me:22/appname\n script: \n - dokku-deploy\n after_script: \n - dokku-unlock\n
For further usage documentation and other advanced examples, see Dokku's gitlab-ci repository.
"},{"location":"deployment/methods/archive/","title":"Tar and Zip Archives","text":""},{"location":"deployment/methods/archive/#initializing-an-app-repository-from-an-archive-file","title":"Initializing an app repository from an archive file","text":"New
Introduced in 0.24.0
A Dokku app repository can be initialized or updated from the contents of an archive file via the git:from-archive
command. This is an excellent way of tracking changes when deploying pre-built binary archives, such as java jars or go binaries. This can also be useful when deploying directly from a GitHub repository at a specific commit.
dokku git:from-archive node-js-app https://github.com/dokku/smoke-test-app/releases/download/2.0.0/smoke-test-app.tar\n
In the above example, Dokku will build the app as if the repository contained the extracted contents of the specified archive file.
Triggering a build with the same archive file multiple times will result in Dokku exiting 0
early as there will be no changes detected.
The git:from-archive
command can optionally take a git user.name
and user.email
argument (in that order) to customize the author. If the arguments are left empty, they will fallback to Dokku
and automated@dokku.sh
, respectively.
dokku git:from-archive node-js-app https://github.com/dokku/smoke-test-app/releases/download/2.0.0/smoke-test-app.tar \"Camila\" \"camila@example.com\"\n
The default archive type is always set to .tar
. To use a different archive type, specify the --archive-type
flag. Failure to do so will result in a failure to extract the archive.
dokku git:from-archive --archive-type zip node-js-app https://github.com/dokku/smoke-test-app/archive/2.0.0.zip \"Camila\" \"camila@example.com\"\n
Finally, if the archive url is specified as --
, the archive will be fetched from stdin.
curl -sSL https://github.com/dokku/smoke-test-app/releases/download/2.0.0/smoke-test-app.tar | dokku git:from-archive node-js-app --\n
"},{"location":"deployment/methods/git/","title":"Git Deployment","text":"New
Subcommands introduced in 0.12.0
git:allow-host <host> # Adds a host to known_hosts\ngit:auth <host> [<username> <password>] # Configures netrc authentication for a given git server\ngit:from-archive [--archive-type ARCHIVE_TYPE] <app> <archive-url> [<git-username> <git-email>] # Updates an app's git repository with a given archive file\ngit:from-image [--build-dir DIRECTORY] <app> <docker-image> [<git-username> <git-email>] # Updates an app's git repository with a given docker image\ngit:generate-deploy-key # Generates a deploy ssh key\ngit:load-image [--build-dir DIRECTORY] <app> <docker-image> [<git-username> <git-email>] # Updates an app's git repository with a docker image loaded from stdin\ngit:sync [--build|build-if-changes] <app> <repository> [<git-ref>] # Clone or fetch an app from remote git repo\ngit:initialize <app> # Initialize a git repository for an app\ngit:public-key # Outputs the dokku public deploy key\ngit:report [<app>] [<flag>] # Displays a git report for one or more apps\ngit:set <app> <key> (<value>) # Set or clear a git property for an app\ngit:status <app> # Show the working tree status for an app\n
Git-based deployment has been the traditional method of deploying applications in Dokku. As of v0.12.0, Dokku introduces a few ways to customize the experience of deploying via git push
. A Git-based deployment currently supports building applications via:
Warning
Pushing from a shallow clone is not currently supported and may have undefined behavior. Please unshallow your local repository before pushing to a Dokku app to avoid potential errors in the deployment process.
"},{"location":"deployment/methods/git/#initializing-an-application","title":"Initializing an application","text":"When an application is created via git push
, Dokku will create the proper pre-receive
hook in order to execute the build pipeline. In certain cases - such as when fronting deploys with the git-http-backend
- this may not be correctly created. As an alternative, the git:initialize
command can be used to trigger this creation:
# on the Dokku host\n\n# overrides any existing pre-receive hook\ndokku git:initialize node-js-app\n
In order for the above command to succeed, the application must already exist.
Warning
If the pre-receive
hook was customized in any way, this will overwrite that hook with the current defaults for Dokku.
By default, Dokku will deploy code pushed to the master
branch. In order to quickly deploy a different local branch, the following Git command can be used:
# on the local machine\n\n# where `SOME_BRANCH_NAME` is the name of the branch\ngit push dokku SOME_BRANCH_NAME:master\n
In 0.12.0
, the correct way to change the deploy branch is to use the git:set
Dokku command.
# on the Dokku host\n\n# override for all applications\ndokku git:set --global deploy-branch SOME_BRANCH_NAME\n\n# override for a specific app\n# where `SOME_BRANCH_NAME` is the name of the branch\ndokku git:set node-js-app deploy-branch SOME_BRANCH_NAME\n
As of 0.22.1, Dokku will also respect the first pushed branch as the primary branch, and automatically set the deploy-branch
value at that time.
Pushing multiple branches can also be supported by creating a receive-branch plugin trigger in a custom plugin.
"},{"location":"deployment/methods/git/#configuring-the-git_rev-environment-variable","title":"Configuring theGIT_REV
environment variable","text":"New
Introduced in 0.12.0
Application deployments will include a special GIT_REV
environment variable containing the current deployment sha being deployed. For rebuilds, this SHA will remain the same.
To configure the name of the GIT_REV
environment variable, run the git:set
command as follows:
# on the Dokku host\n\n# override for a specific app\ndokku git:set node-js-app rev-env-var DOKKU_GIT_REV\n
This behavior can be disabled entirely on a per-app basis by setting the rev-env-var
value to an empty string:
# on the Dokku host\n\n# override for a specific app\ndokku git:set node-js-app rev-env-var \"\"\n
"},{"location":"deployment/methods/git/#keeping-the-git-directory","title":"Keeping the .git
directory","text":"By default, Dokku will remove the contents of the .git
before triggering a build for a given app. This is generally a safe default as shipping the entire source code history of your app in the deployed image artifact is unnecessary as it increases bloat and potentially can leak information if there are any security issues with your app code.
To enable the .git
directory, run the git:set
command as follows:
# on the Dokku host\n\n# keep the .git directory during builds\ndokku git:set node-js-app keep-git-dir true\n
The default behavior is to delete this directory and it's contents. To revert to the default behavior, the keep-git-dir
value can be set to either an empty string or false
.
# on the Dokku host\n\n# delete the .git directory during builds (default)\ndokku git:set node-js-app keep-git-dir false\n\n# delete the .git directory during builds (default)\ndokku git:set node-js-app keep-git-dir \"\"\n
Please keep in mind that setting keep-git-dir
to true
may result in unstaged changes shown within the built container due to the build process generating application changes within the built app directory.
New
Introduced in 0.23.0
A Dokku app repository can be initialized or updated from a remote git repository via the git:sync
command. This command will either clone or fetch updates from a remote repository and has undefined behavior if the history cannot be fast-fowarded to the referenced repository reference. Any repository that can be cloned by the dokku
user can be specified.
Info
The application must exist before the repository can be initialized
dokku git:sync node-js-app https://github.com/heroku/node-js-getting-started.git\n
The git:sync
command optionally takes an optional third parameter containing a git reference, which may be a branch, tag, or specific commit.
# specify a branch\ndokku git:sync node-js-app https://github.com/heroku/node-js-getting-started.git main\n\n# specify a tag\ndokku git:sync node-js-app https://github.com/heroku/node-js-getting-started.git 1\n\n# specify a commit\ndokku git:sync node-js-app https://github.com/heroku/node-js-getting-started.git 97e6c72491c7531507bfc5413903e0e00e31e1b0\n
By default, this command does not trigger an application build. To do so during a git:sync
, specify the --build
flag.
dokku git:sync --build node-js-app https://github.com/heroku/node-js-getting-started.git\n
When running git:sync
without a reference, it may be useful to only build when there are changes. To do so, specify the --build-if-changes
flag.
dokku git:sync --build-if-changes node-js-app https://github.com/heroku/node-js-getting-started.git\n
"},{"location":"deployment/methods/git/#initializing-from-private-repositories","title":"Initializing from private repositories","text":"New
Introduced in 0.24.0
Initializing from a private repository requires one of the following:
id_rsa.pub
file) configured on the remote server, with the associated private key (id_rsa
) in the Dokku server's /home/dokku/.ssh/
directory..netrc
entry.Dokku provides the git:auth
command which can be used to configure a netrc
entry for the remote server. This command can be used to add or remove configuration for any remote server.
# add credentials for github.com\ndokku git:auth github.com username personal-access-token\n\n# remove credentials for github.com\ndokku git:auth github.com\n
For syncing to a private repository stored on a remote Git product such as GitHub or GitLab, Dokku's recommendation is to use a personal access token on a bot user where possible. Please see your service's documentation for information regarding the recommended best practices.
"},{"location":"deployment/methods/git/#allowing-remote-repository-hosts","title":"Allowing remote repository hosts","text":"By default, the Dokku host may not have access to a server containing the remote repository. This can be initialized via the git:allow-host
command.
dokku git:allow-host github.com\n
Note that this command is currently not idempotent and may add duplicate entries to the ~dokku/.ssh/known_hosts
file.
New
Introduced in 0.33.0
While most repositories can be authenticated to via the git:auth
command, some users may prefer to use an ssh key. This can be generated via the git:generate-deploy-key
command, which generates a passwordless ed25519 key-pair.
dokku git:generate-deploy-key\n
Generating public/private ed25519 key pair.\nYour identification has been saved in /home/dokku/.ssh/id_ed25519\nYour public key has been saved in /home/dokku/.ssh/id_ed25519.pub\nThe key fingerprint is:\nSHA256:PvlvVfbpYvkmA87rTfLUq07e3GarRN1BcLqDSjod+p8 dokku@ubuntu\nThe key's randomart image is:\n+--[ED25519 256]--+\n| ..o |\n| + |\n| . . |\n| . o =|\n| So . + ++|\n| .=.o.. +..|\n| ++oo..*o. |\n| oo o%*oo=|\n| .+E=BOOo|\n+----[SHA256]-----+\n
"},{"location":"deployment/methods/git/#verifying-the-cloning-public-key","title":"Verifying the cloning public key","text":"In order to clone a remote repository, the remote server should have the Dokku host's public key configured. This plugin does not currently create this key, but if can be shown via the git:public-key
command.
dokku git:public-key\n
If there is no key, an error message is shown that displays the command that can be run on the Dokku server to generate a new public/private ssh key pair.
"},{"location":"deployment/methods/image/","title":"Docker Image Deployment","text":""},{"location":"deployment/methods/image/#initializing-an-app-repository-from-a-docker-image","title":"Initializing an app repository from a docker image","text":"New
Introduced in 0.24.0
A Dokku app repository can be initialized or updated from a Docker image via the git:from-image
command. This command will either initialize the app repository or update it to include the specified Docker image via a FROM
stanza. This is an excellent way of tracking changes when deploying only a given docker image, especially if deploying an image from a remote CI/CD pipeline.
dokku git:from-image node-js-app my-registry/node-js-getting-started:latest\n
In the above example, Dokku will build the app as if the repository contained only a Dockerfile
with the following content:
FROM my-registry/node-js-getting-started:latest\n
If the specified image already exists on the Dokku host, it will not be pulled again, though this behavior may be changed using build phase docker-options.
Triggering a build with the same arguments multiple times will result in Dokku exiting 0
early as there will be no changes detected. If the image tag is reused but the underlying image is different, it is recommended to use the image digest instead of the tag. This can be retrieved via the following command:
# for images pushed to a remote registry\ndocker inspect --format='{{index .RepoDigests 0}}' $IMAGE_NAME\n\n# for images built locally and not pushed to a registry\n# use when the previous command output is empty\ndocker images --no-trunc --quiet $IMAGE_NAME\n
The resulting git:from-image
call would then be:
# where the image sha is: sha256:9d187c3025d03c033dcc71e3a284fee53be88cc4c0356a19242758bc80cab673\ndokku git:from-image node-js-app my-registry/node-js-getting-started@sha256:9d187c3025d03c033dcc71e3a284fee53be88cc4c0356a19242758bc80cab673\n
The git:from-image
command can optionally take a git user.name
and user.email
argument (in that order) to customize the author. If the arguments are left empty, they will fallback to Dokku
and automated@dokku.sh
, respectively.
dokku git:from-image node-js-app my-registry/node-js-getting-started:latest \"Camila\" \"camila@example.com\"\n
If the image is a private image that requires a docker login to access, the registry:login
command should be used to log into the registry. See the registry documentation for more details on this process.
Finally, certain images may require a custom build context in order for ONBUILD ADD
and ONBUILD COPY
statements to succeed. A custom build context can be specified via the --build-dir
flag. All files in the specified build-dir
will be copied into the repository for use within the docker build
process. The build context must be specified on each deploy, and is not otherwise persisted between builds.
dokku git:from-image --build-dir path/to/build node-js-app domy-registrykku/node-js-getting-started:latest \"Camila\" \"camila@example.com\"\n
See the dockerfile documentation to learn about the different ways to configure Dockerfile-based deploys.
"},{"location":"deployment/methods/image/#initializing-an-app-repository-from-a-remote-image-without-a-registry","title":"Initializing an app repository from a remote image without a registry","text":"New
Introduced in 0.30.0
A Dokku app repository can be initialized or updated from the contents of an image archive tar file via the git:load-image
command. This method can be used when a Docker Registry is unavailable to act as an intermediary for storing an image, such as when building an image in CI and deploying directly from that image.
docker image save my-registry/node-js-getting-started:latest | ssh dokku@dokku.me git:load-image node-js-app my-registry/node-js-getting-started:latest\n
In the above example, we are saving the image to a tar file via docker image save
, streaming that to the Dokku host, and then running git:load-image
on the incoming stream. Dokku will build the app as if the repository contained only a Dockerfile
with the following content:
FROM my-registry/node-js-getting-started:latest\n
When deploying an app via git:load-image
, it is highly recommended to use a unique image tag when building the image. Not doing so will result in Dokku exiting 0
early as there will be no changes detected. If the image tag is reused but the underlying image is different, it is recommended to use the image digest instead of the tag. This can be retrieved via the following command:
# for images pushed to a remote registry\ndocker inspect --format='{{index .RepoDigests 0}}' $IMAGE_NAME\n\n# for images built locally and not pushed to a registry\n# use when the previous command output is empty\ndocker images --no-trunc --quiet $IMAGE_NAME\n
The resulting git:load-image
call would then be:
# where the image sha is: sha256:9d187c3025d03c033dcc71e3a284fee53be88cc4c0356a19242758bc80cab673\ndocker image save my-registry/node-js-getting-started:latest | ssh dokku@dokku.me git:load-image node-js-app my-registry/node-js-getting-started@sha256:9d187c3025d03c033dcc71e3a284fee53be88cc4c0356a19242758bc80cab673\n
The git:load-image
command can optionally take a git user.name
and user.email
argument (in that order) to customize the author. If the arguments are left empty, they will fallback to Dokku
and automated@dokku.sh
, respectively.
docker image save my-registry/node-js-getting-started:latest | ssh dokku@dokku.me git:load-image node-js-app my-registry/node-js-getting-started:latest \"Camila\" \"camila@example.com\"\n
Finally, certain images may require a custom build context in order for ONBUILD ADD
and ONBUILD COPY
statements to succeed. A custom build context can be specified via the --build-dir
flag. All files in the specified build-dir
will be copied into the repository for use within the docker build
process. The build context must be specified on each deploy, and is not otherwise persisted between builds.
docker image save my-registry/node-js-getting-started:latest | ssh dokku@dokku.me git:load-image --build-dir path/to/build node-js-app my-registry/node-js-getting-started:latest \"Camila\" \"camila@example.com\"\n
See the dockerfile documentation to learn about the different ways to configure Dockerfile-based deploys.
"},{"location":"deployment/schedulers/docker-local/","title":"Docker Local Scheduler","text":"New
Subcommands introduced in 0.12.12
scheduler-docker-local:report [<app>] [<flag>] # Displays a scheduler-docker-local report for one or more apps\nscheduler-docker-local:set <app> <key> (<value>) # Set or clear a scheduler-docker-local property for an app\n
New
Introduced in 0.12.0
Dokku natively includes functionality to manage application lifecycles for a single server using the scheduler-docker-local
plugin. It is the default scheduler, but as with all schedulers, it is set on a per-application basis. The scheduler can currently be overridden by running the following command:
dokku scheduler:set node-js-app selected docker-local\n
As it is the default, unsetting the selected
scheduler property is also a valid way to reset the scheduler.
dokku scheduler:set node-js-app selected\n
"},{"location":"deployment/schedulers/docker-local/#usage","title":"Usage","text":""},{"location":"deployment/schedulers/docker-local/#deploying-amd64-images-on-arm64","title":"Deploying amd64 images on arm64","text":"New
Introduced in 0.33.0
Many builders only produce amd64-compatible images. The docker-local scheduler will automatically detect these and run them via the --platform=linux/amd64
on arm64 deploy targets.
The scheduler-docker-local
injects an init process by default via the --init
. For some apps - such as those where the built docker image uses S6 as the init - this may be undesirable and cause issues with process starts. You may disable this by running the following scheduler-docker-local:set
command for your application:
dokku scheduler-docker-local:set node-js-app init-process false\n
Once set, you may re-enable it by setting a blank value for init-process
:
dokku scheduler-docker-local:set node-js-app init-process\n
All image containers with the label org.opencontainers.image.vendor=linuxserver.io
will have the automatic init process injection force-disabled without further intervention.
New
Introduced in 0.25.5
By default, Dokku deploys an app's processes one-by-one in order, with the web
process being deployed first. Deployment parallelism may be achieved by setting the parallel-schedule-count
property, which defaults to 1
. Increasing this number increases the number of process types that may be deployed in parallel (with the web process being the exception).
# Increase parallelism from 1 process type at a time to 4 process types at a time.\ndokku scheduler-docker-local:set node-js-app parallel-schedule-count 4\n
Once set, you may reset it by setting a blank value for parallel-schedule-count
:
dokku scheduler-docker-local:set node-js-app parallel-schedule-count\n
If the value of parallel-schedule-count
is increased and a given process type fails to schedule successfully, then any in-flight process types will continue to be processed, while all process types that have not been scheduled will be skipped before the deployment finally fails.
Container scheduling output is shown in the order it is received, and thus may be out of order in case of output to stderr.
Note that increasing the value of parallel-schedule-count
may significantly impact CPU utilization on your host as your app containers - and their respective processes - start up. Setting a value higher than the number of available CPUs is discouraged. It is recommended that users carefully set this value so as not to overburden their server.
New
Introduced in 0.26.0
By default, Dokku will deploy one instance of a given process type at a time. This can be increased by customizing the app.json
formation
key to include a max_parallel
key for the given process type.
The formation
key should be specified as follows in the app.json
file:
{\n \"formation\": {\n \"web\": {\n \"max_parallel\": 1\n },\n \"worker\": {\n \"max_parallel\": 4\n }\n }\n}\n
Omitting or removing the entry will result in parallelism for that process type to return to 1 entry at a time. This can be combined with the parallel-schedule-count
property to speed up deployments.
Note that increasing the value of max_parallel
may significantly impact CPU utilization on your host as your app containers - and their respective processes - start up. Setting a value higher than the number of available CPUs is discouraged. It is recommended that users carefully set this value so as not to overburden their server.
See the app.json location documentation for more information on where to place your app.json
file.
The following sections describe implemented scheduler functionality for the docker-local
scheduler.
This plugin implements various functionality through plugn
triggers to integrate with Docker for running apps on a single server. The following functionality is supported by the scheduler-docker-local
plugin.
apps:clone
apps:destroy
apps:rename
deploy
enter
logs
ps:inspect
ps:stop
run
App logs for the logs
command are fetched from running containers via the docker
cli. To persist logs across deployments, consider using Dokku's vector integration to ship logs to another service or a third-party platform.
The docker-local
scheduler supports a minimal list of resource limits and reservations. The following properties are supported:
--cpus
), is specified in number of CPUs a process can access.--memory
) should be specified with a suffix of b
(bytes), k
(kilobytes), m
(megabytes), g
(gigabytes). Default unit is m
(megabytes).--memory-swap
) should be specified with a suffix of b
(bytes), k
(kilobytes), m
(megabytes), g
(gigabytes)--gpus
), is specified in number of Nvidia GPUs a process can access.--memory-reservation
) should be specified with a suffix of b
(bytes), k
(kilobytes), m
(megabytes), g
(gigabytes). Default unit is m
(megabytes).New
Introduced in 0.33.0
scheduler-k3s:annotations:set <app|--global> <property> (<value>) [--process-type PROCESS_TYPE] <--resource-type RESOURCE_TYPE>, Set or clear an annotation for a given app/process-type/resource-type combination\nscheduler-k3s:autoscaling-auth:set <app|--global> <trigger> [<--metadata key=value>...], Set or clear a scheduler-k3s autoscaling keda trigger authentication resource for an app\nscheduler-k3s:autoscaling-auth:report <app|--global> [--format stdout|json] [--include-metadata] # Displays a scheduler-k3s autoscaling auth report for an app\nscheduler-k3s:cluster-add [ssh://user@host:port] # Adds a server node to a Dokku-managed cluster\nscheduler-k3s:cluster-list # Lists all nodes in a Dokku-managed cluster\nscheduler-k3s:cluster-remove [node-id] # Removes client node to a Dokku-managed cluster\nscheduler-k3s:initialize # Initializes a cluster\nscheduler-k3s:labels:set <app|--global> <property> (<value>) [--process-type PROCESS_TYPE] <--resource-type RESOURCE_TYPE>, Set or clear a label for a given app/process-type/resource-type combination\nscheduler-k3s:report [<app>] [<flag>] # Displays a scheduler-k3s report for one or more apps\nscheduler-k3s:set [<app>|--global] <key> (<value>) # Set or clear a scheduler-k3s property for an app or the scheduler\nscheduler-k3s:show-kubeconfig # Displays the kubeconfig for remote usage\nscheduler-k3s:uninstall # Uninstalls k3s from the Dokku server\n
Note
The k3s plugin replaces the external scheduler-kubernetes plugin. Users can continue to use the external plugin as necessary, but all future development will occur on the official core k3s plugin.
For multi-server support, Dokku provides the ability for users to setup a K3s cluster. As with all schedulers, it is set on a per-app basis. The scheduler can currently be overridden by running the following command:
dokku scheduler:set node-js-app selected k3s\n
As it is the default, unsetting the selected
scheduler property is also a valid way to reset the scheduler.
dokku scheduler:set node-js-app k3s\n
"},{"location":"deployment/schedulers/k3s/#usage","title":"Usage","text":"Info
[!IMPORTANT] The k3s plugin requires usage of a docker registry to store deployed image artifacts. See the registry documentation for more details on how to configure a registry.
"},{"location":"deployment/schedulers/k3s/#initializing-a-cluster","title":"Initializing a cluster","text":"Warning
This command must be run as root
Clusters can be initialized via the scheduler-k3s:initialize
command. This will start a k3s cluster on the Dokku node itself.
dokku scheduler-k3s:initialize\n
By default, the k3s installation can run both app and system workloads. For clusters where app workloads are run on distinct worker nodes, initialize the cluster with the --taint-scheduling
flag, which will allow only Critical cluster components on the k3s control-plane nodes.
dokku scheduler-k3s:initialize --taint-scheduling\n
By default, Dokku will attempt to auto-detect the IP address of the server. In cases where the auto-detected IP address is incorrect, an override may be specified via the --server-ip
flag:
dokku scheduler-k3s:initialize --server-ip 192.168.20.15\n
Dokku's k3s integration natively uses nginx
as it's ingress load balancer via ingress-nginx. Properties set by the nginx
plugin will be respected, either by turning them into annotations or creating a custom server/location snippet that the ingress-nginx
project can use.
Dokku can also use Traefik on cluster initialization via the Traefik's CRDs. To change the ingress, set the --ingress-class
flag:
dokku scheduler-k3s:initialize --ingress-class traefik\n
"},{"location":"deployment/schedulers/k3s/#adding-nodes-to-the-cluster","title":"Adding nodes to the cluster","text":"Warning
The dokku
user must be able to ssh onto the server in order to connect nodes to the cluster. The remote user must be root or have sudo enabled, or the install will fail.
Nodes that run app workloads can be added via the scheduler-k3s:cluster-add
command. This will ssh onto the specified server, install k3s, and join it to the current Dokku node in worker mode. Workers are typically used to run app workloads.
dokku scheduler-k3s:cluster-add ssh://root@worker-1.example.com\n
If the server isn't in the known_hosts
file, the connection will fail. This can be bypassed by setting the --insecure-allow-unknown-hosts
flag:
dokku scheduler-k3s:cluster-add --insecure-allow-unknown-hosts ssh://root@worker-1.example.com\n
By default, Dokku will attempt to auto-detect the IP address of the Dokku server for the remote server to connect to. In cases where the auto-detected IP address is incorrect, an override may be specified via the --server-ip
flag:
dokku scheduler-k3s:cluster-add --server-ip 192.168.20.15 ssh://root@worker-1.example.com\n
"},{"location":"deployment/schedulers/k3s/#adding-a-server-node","title":"Adding a server node","text":"Note
Only the initial Dokku server will be properly configured for push deployment, and should be considered your git remote. Additional server nodes are for ensuring high-availability of the K3s etcd state. Ensure this server is properly backed up and restorable or deployments will not work.
Server nodes are typically used to replicate the cluster state, and it is recommended to have an odd number of nodes spread across several availability zones (datacenters in close proximity within a region). This allows for higher availability in the event of a cluster failure. Server nodes run control-plane services such as the traefik load balancer and the etcd backing store.
Server nodes can also be added with the scheduler-k3s:cluster-add
command by specifying --role server
. This will ssh onto the specified server, install k3s, and join it to the current Dokku node in server mode.
dokku scheduler-k3s:cluster-add --role server ssh://root@server-1.example.com\n
Server nodes allow any workloads to be scheduled on them by default, in addition to the control-plane, etcd, and the scheduler itself. To avoid app workloads being scheduled on your control-plane, use the --taint-scheduling
flag:
dokku scheduler-k3s:cluster-add --role server --taint-scheduling ssh://root@server-1.example.com\n
If the server isn't in the known_hosts
file, the connection will fail. This can be bypassed by setting the --insecure-allow-unknown-hosts
flag:
dokku scheduler-k3s:cluster-add --role server --insecure-allow-unknown-hosts ssh://root@server-1.example.com\n
By default, Dokku will attempt to auto-detect the IP address of the Dokku server for the remote server to connect to. In cases where the auto-detected IP address is incorrect, an override may be specified via the --server-ip
flag:
dokku scheduler-k3s:cluster-add --role server --server-ip 192.168.20.15 ssh://root@server-1.example.com\n
"},{"location":"deployment/schedulers/k3s/#changing-the-network-interface","title":"Changing the network interface","text":"When attaching an worker or server node, the K3s plugin will look at the IP associated with the eth0
interface and use that to connect the new node to the cluster. To change this, set the network-interface
property to the appropriate value.
dokku scheduler-k3s:set --global network-interface eth1\n
"},{"location":"deployment/schedulers/k3s/#changing-deploy-timeouts","title":"Changing deploy timeouts","text":"By default, app deploys will timeout after 300s. To customize this value, set the deploy-timeout
property via scheduler-k3s:set
:
dokku scheduler-k3s:set node-js-app deploy-timeout 60s\n
The default value may be set by passing an empty value for the option:
dokku scheduler-k3s:set node-js-app deploy-timeout\n
The deploy-timeout
property can also be set globally. The global default is 300s
.
dokku scheduler-k3s:set --global deploy-timeout 60s\n
The default value may be set by passing an empty value for the option.
dokku scheduler-k3s:set --global deploy-timeout\n
"},{"location":"deployment/schedulers/k3s/#customizing-the-namespace","title":"Customizing the namespace","text":"By default, app deploys will run against the default
Kubernetes namespace. To customize this value, set the namespace
property via scheduler-k3s:set
:
dokku scheduler-k3s:set node-js-app namespace lollipop\n
The default value may be set by passing an empty value for the option:
dokku scheduler-k3s:set node-js-app namespace\n
The namespace
property can also be set globally. The global default is default
.
dokku scheduler-k3s:set --global namespace 60s\n
The default value may be set by passing an empty value for the option.
dokku scheduler-k3s:set --global namespace\n
"},{"location":"deployment/schedulers/k3s/#enabling-rollback-on-failure","title":"Enabling rollback on failure","text":"By default, app deploys do not rollback on failure. To enable this functionality, set the rollback-on-failure
property via scheduler-k3s:set
:
dokku scheduler-k3s:set node-js-app rollback-on-failure true\n
The default value may be set by passing an empty value for the option:
dokku scheduler-k3s:set node-js-app rollback-on-failure\n
The rollback-on-failure
property can also be set globally. The global default is false
.
dokku scheduler-k3s:set --global rollback-on-failure false\n
The default value may be set by passing an empty value for the option.
dokku scheduler-k3s:set --global rollback-on-failure\n
"},{"location":"deployment/schedulers/k3s/#using-image-pull-secrets","title":"Using image pull secrets","text":"When authenticating against a registry via registry:login
, the scheduler-k3s plugin will authenticate all servers in the cluster against the registry specified. If desired, an image pull secret can be used instead. To customize this value, set the image-pull-secrets
property via scheduler-k3s:set
:
dokku scheduler-k3s:set node-js-app image-pull-secrets lollipop\n
The default value may be set by passing an empty value for the option:
dokku scheduler-k3s:set node-js-app image-pull-secrets\n
The image-pull-secrets
property can also be set globally. The global default is empty string, and k3s will use Dokku's locally configured ~/.docker/config.json
for any private registry pulls.
dokku scheduler-k3s:set --global image-pull-secrets 60s\n
The default value may be set by passing an empty value for the option.
dokku scheduler-k3s:set --global image-pull-secrets\n
"},{"location":"deployment/schedulers/k3s/#ssl-certificates","title":"SSL Certificates","text":""},{"location":"deployment/schedulers/k3s/#enabling-letsencrypt-integration","title":"Enabling letsencrypt integration","text":"By default, letsencrypt is disabled and https port mappings are ignored. To enable, set the letsencrypt-email-prod
or letsencrypt-email-stag
property with the --global
flag:
# set the value for prod\ndokku scheduler-k3s:set --global letsencrypt-email-prod automated@dokku.sh\n\n# set the value for stag\ndokku scheduler-k3s:set --global letsencrypt-email-stag automated@dokku.sh\n
After enabling and rebuilding, all apps with an http:80
port mapping will have a corresponding https:443
added and ssl will be automatically enabled. All http requests will then be redirected to https.
The letsencrypt integration is set to the production letsencrypt server by default. This can be changed on an app-level by setting the letsencrypt-server
property with the scheduler-k3s:set
command
dokku scheduler-k3s:set node-js-app letsencrypt-server staging\n
The default value may be set by passing an empty value for the option:
dokku scheduler-k3s:set node-js-app letsencrypt-server\n
The image-pull-secrets
property can also be set globally. The global default is production
.
dokku scheduler-k3s:set --global letsencrypt-server staging\n
The default value may be set by passing an empty value for the option.
dokku scheduler-k3s:set --global letsencrypt-server staging\n
"},{"location":"deployment/schedulers/k3s/#customizing-annotations-and-labels","title":"Customizing Annotations and Labels","text":"Note
The cron ID is used as the process type if your app deploys any cron tasks
"},{"location":"deployment/schedulers/k3s/#setting-annotations","title":"Setting Annotations","text":"Dokku injects certain annotations into each created resource by default, but it may be necessary to inject others for tighter integration with third-party tools. The scheduler-k3s:annotations:set
command can be used to perform this task. The command takes an app name and a required --resource-type
flag.
dokku scheduler-k3s:annotations:set node-js-app annotation.key annotation.value --resource-type deployment\n
If not specified, the annotation will be applied to all processes within an app, though it may be further scoped to a specific process type via the --process-type
flag.
dokku scheduler-k3s:annotations:set node-js-app annotation.key annotation.value --resource-type deployment --process-type web\n
The following resource types are supported:
certificate
cronjob
deployment
ingress
job
pod
secret
service
serviceaccount
traefik_ingressroute
traefik_middleware
To unset an annotation, pass an empty value:
dokku scheduler-k3s:annotations:set node-js-app annotation.key --resource-type deployment\ndokku scheduler-k3s:annotations:set node-js-app annotation.key --resource-type deployment --process-type web\n
"},{"location":"deployment/schedulers/k3s/#setting-labels","title":"Setting Labels","text":"Dokku injects certain labels into each created resource by default, but it may be necessary to inject others for tighter integration with third-party tools. The scheduler-k3s:labels:set
command can be used to perform this task. The command takes an app name and a required --resource-type
flag.
dokku scheduler-k3s:labels:set node-js-app label.key label.value --resource-type deployment\n
If not specified, the label will be applied to all processes within an app, though it may be further scoped to a specific process type via the --process-type
flag.
dokku scheduler-k3s:labels:set node-js-app label.key label.value --resource-type deployment --process-type web\n
The following resource types are supported:
certificate
cronjob
deployment
ingress
job
pod
secret
service
serviceaccount
traefik_ingressroute
traefik_middleware
To unset an label, pass an empty value:
dokku scheduler-k3s:annotations:set node-js-app label.key --resource-type deployment\ndokku scheduler-k3s:labels:set node-js-app label.key --resource-type deployment --process-type web\n
"},{"location":"deployment/schedulers/k3s/#autoscaling","title":"Autoscaling","text":""},{"location":"deployment/schedulers/k3s/#workload-autoscaling","title":"Workload Autoscaling","text":"New
Introduced in 0.33.8 Users with older installations will need to manually install Keda.
Autoscaling in k3s is managed by Keda, which integrates with a variety of external metric providers to allow for autoscaling application workloads.
To enable autoscaling, use the app.json
formation.$PROCESS_TYPE.autoscaling
key to manage rules. In addition to the existing configuration used for process management, each process type in the formation.$PROCESS_TYPE.autoscaling
key can have the following keys:
min_quantity
: The minimum number of instances the application can run. If not specified, the quantity
specified for the app is used.max_quantity
: The maximum number of instances the application can run. If not specified, the higher value of quantity
and the min_quantity
is used.polling_interval_seconds
: (default: 30) The interval to wait for polling each of the configured triggerscooldown_seconds
: (default: 300) The number of seconds to wait in between each scaling eventtriggers
: A list of autoscaling triggers.Autoscaling triggers are passed as is to Keda, and should match the configuration keda uses for a given scaler. Below is an example for datadog:
{\n \"formation\": {\n \"web\": {\n \"autoscaling\": {\n \"min_quantity\": 1,\n \"max_quantity\": 10,\n \"triggers\": [\n {\n \"name\": \"name-for-trigger\",\n \"type\": \"datadog\",\n \"metadata\": {\n \"query\": \"per_second(sum:http.requests{service:myservice1}).rollup(max, 300))/180,per_second(sum:http.backlog{service:myservice1}).rollup(max, 300)/30\",\n \"queryValue\": \"1\",\n \"queryAggregator\": \"max\"\n }\n }\n ]\n }\n }\n }\n}\n
Each value in the metadata
stanza can use the following interpolated strings:
DOKKU_DEPLOYMENT_NAME
: The name of the deployment being scaledDOKKU_PROCESS_TYPE
: The name of the process being scaledDOKKU_APP_NAME
: The name of the app being scaledMost Keda triggers require some form of authentication to query for data. In the Kubernetes API, they are represented by TriggerAuthentication
and ClusterTriggerAuthentication
resources. Dokku can manage these via the scheduler-k3s:autoscaling-auth
commands, and includes generated resources with each helm release generated by a deploy.
If no app-specific authentication is provided for a given trigger type, Dokku will fallback to any globally defined ClusterTriggerAuthentication
resources. Autoscaling triggers within an app all share the same TriggerAuthentication
resources, while ClusterTriggerAuthentication
resources can be shared across all apps deployed by Dokku within a given cluster.
Users can specify custom authentication resources directly via the Kubernetes api or use the scheduler-k3s:autoscaling-auth:set
command to create the resources in the Kubernetes cluster.
dokku scheduler-k3s:autoscaling-auth:set $APP $TRIGGER --metadata apiKey=some-api-key --metadata appKey=some-app-key\n
For example, the following will configure the authentication for all datadog triggers on the specified app:
dokku scheduler-k3s:autoscaling-auth:set node-js-app datadog --metadata apiKey=1234567890 --metadata appKey=asdfghjkl --metadata datadogSite=us5.datadoghq.com\n
After execution, Dokku will include the following resources for each specified trigger with the helm release generated on subsequent app deploys:
Secret
: an Opaque Secret
resource storing the authentication credentialsTriggerAuthentication
: A TriggerAuthentication
resource that references the secret for use by triggersIf the --global
flag is specified instead of an app name, a custom helm chart is created on the fly with the above resources.
To remove a configured authenticatin resource, run the scheduler-k3s:autoscaling-auth:set
command with no metadata specified. Subsequent deploys will not include these resources.
dokku scheduler-k3s:autoscaling-auth:set $APP $TRIGGER_TYPE\n
"},{"location":"deployment/schedulers/k3s/#displaying-an-authentication-resource-report","title":"Displaying an Authentication Resource report","text":"To see a list of authentication resources managed by Dokku, run the scheduler-k3s:autoscaling-auth:report
command.
dokku scheduler-k3s:autoscaling-auth:report node-js-app\n
====> $APP autoscaling-auth report\n datadog: configured\n
By default, the report will not display configured metadata - making it safe to include in Dokku report output. To include metadata and their values, add the --include-metadata
flag:
dokku scheduler-k3s:autoscaling-auth:report node-js-app --include-metadata\n
====> node-js-app autoscaling-auth report\n Datadog: configured\n Datadog apiKey: 1234567890\n Datadog appKey: asdfghjkl\n Datadog datadogSite: us5.datadoghq.com\n
"},{"location":"deployment/schedulers/k3s/#using-kubectl-remotely","title":"Using kubectl remotely","text":"Warning
Certain ports must be open for interacting with the remote kubernets api. Refer to the K3s networking documentation for the required open ports between servers prior to running the command.
By default, Dokku assumes that all it controls all actions on the cluster, and thus does not expose the kubectl
binary for administrators. To interact with kubectl, you will need to retrieve the kubeconfig
for the cluster and configure your client to use that configuration.
dokku scheduler-k3s:show-kubeconfig\n
"},{"location":"deployment/schedulers/k3s/#interacting-with-an-external-kubernetes-cluster","title":"Interacting with an external Kubernetes cluster","text":"While the k3s scheduler plugin is designed to work with a Dokku-managed k3s cluster, Dokku can be configured to interact with any Kubernetes cluster by setting the global kubeconfig-path
to a path to a custom kubeconfig on the Dokku server. This property is only available at a global level.
dokku scheduler-k3s:set --global kubeconfig-path /path/to/custom/kubeconfig\n
To set the default value, omit the value from the scheduler-k3s:set
call:
dokku scheduler-k3s:set --global kubeconfig-path\n
The default value for the kubeconfig-path
is the k3s kubeconfig located at /etc/rancher/k3s/k3s.yaml
.
When interacting with a custom Kubeconfig, the kube-context
property can be set to specify a specific context within the kubeconfig to use. This property is available only at the global leve.
dokku scheduler-k3s:set --global kube-context lollipop\n
To set the default value, omit the value from the scheduler-k3s:set
call:
dokku scheduler-k3s:set --global kube-context\n
The default value for the kube-context
is an empty string, and will result in Dokku using the current context within the kubeconfig.
The following sections describe implemented and unimplemented scheduler functionality for the k3s
scheduler.
This plugin implements various functionality through plugn
triggers to integrate with Docker for running apps on a single server. The following functionality is supported by the scheduler-k3s
plugin.
apps:clone
apps:destroy
apps:rename
cron
enter
deploy
liveness
, readiness
, and startup
healthchecksapp.json
are ignored in favor of the container port on the port mapping detectedlogs
ps:stop
run
scheduler-post-run
trigger is not always triggeredrun:detached
run:list
run:logs
ps:inspect
The following Dokku functionality is not implemented at this time.
vector
log integrationApp logs for the logs
command are fetched by Dokku from running containers via the kubectl
cli. Persisting logs via Vector is not implemented at this time. Users may choose to configure the Vector Kubernetes integration directly by following this guide.
The k3s
scheduler supports a minimal list of resource limits and reservations:
b
(bytes), Ki
(kilobytes), Mi
(megabytes), Gi
(gigabytes). Default unit is Mi
(megabytes).If unspecified for any task, the default reservation will be .1
CPU and 128Mi
RAM, with no limit set for either CPU or RAM. This is to avoid issues with overscheduling pods on a cluster. To avoid issues, set more specific values for at least resource reservations. If unbounded utilization is desired, set CPU and Memory to 0m
and 0Mi
, respectively.
Note
Cron tasks retrieve resource limits based on the computed cron task ID.
"},{"location":"deployment/schedulers/kubernetes/","title":"Kubernetes Scheduler","text":"Warning
Deprecation notice: This scheduler has been replaced with the k3s scheduler plugin and is no longer under active development.
The Kubernetes Scheduler Plugin is available free as an external plugin. Please see the plugin's issue tracker for more information on the status of the plugin.
For users that require additional functionality, please refer to the Sponsoring Documentation.
"},{"location":"deployment/schedulers/kubernetes/#scheduler-interface","title":"Scheduler Interface","text":"The following sections describe implemented scheduler functionality for the kubernetes
scheduler.
This plugin implements various functionality through plugn
triggers to integrate with kubectl
for running apps on a Kubernetes cluster. The following functionality is supported by the scheduler-kubernetes
plugin.
apps:destroy
deploy
: partial, does not implement failed deploy log capturelogs
: partial, does not implement failure logsps:stop
App logs for the logs
command are fetched from running pods via the kubectl
cli. To persist logs across deployments, consider using Vector or a similar tool to ship logs to another service or a third-party platform.
Warning
This scheduler is not in Dokku core and thus functionality may change over time as the API stabilizes.
The Nomad Scheduler Plugin is available free as an external plugin. Please see the plugin's issue tracker for more information on the status of the plugin.
For users that require additional functionality, please refer to the Sponsoring Documentation.
"},{"location":"deployment/schedulers/nomad/#scheduler-interface","title":"Scheduler Interface","text":"The following sections describe implemented scheduler functionality for the nomad
scheduler.
This plugin implements various functionality through plugn
triggers to integrate with the nomad
cli for running apps on a Nomad cluster. The following functionality is supported by the scheduler-nomad
plugin.
apps:destroy
deploy
ps:stop
Warning
Fetching app logs for the logs
command is currently not implemented. Please consider using Vector or a similar tool to ship logs to another service or a third-party platform.
New
Introduced in 0.25.0
The null
scheduler does nothing, and is useful for routing to services not managed by Dokku. It should not be used in normal operation. Please see the network documentation for more information on the aforementioned use case.
This scheduler is never auto-detected. The scheduler must be specified via the scheduler:set
command:
dokku scheduler:set node-js-app selected null\n
"},{"location":"deployment/schedulers/scheduler-management/","title":"Scheduler Management","text":"New
Introduced in 0.26.0
scheduler:report [<app>] [<flag>] # Displays a scheduler report for one or more apps\nscheduler:set <app> <key> (<value>) # Set or clear a scheduler property for an app\n
Schedulers are a way of customizing how an app image is deployed, and can be used to interact with non-local systems such as Kubernetes and Nomad.
"},{"location":"deployment/schedulers/scheduler-management/#usage","title":"Usage","text":""},{"location":"deployment/schedulers/scheduler-management/#scheduler-selection","title":"Scheduler selection","text":"Dokku supports the following built-in schedulers:
scheduler-docker-local
: Schedules apps against the local docker socket and runs containers directly on the Dokku host. See the docker-local scheduler documentation for more information on how this scheduler functions.scheduler-null
: Does nothing during the scheduler phase. See the null scheduler documentation for more information on how this scheduler functions.If desired, the scheduler can be specified via the scheduler:set
command by speifying a value for selected
. The selected scheduler will always be used.
dokku scheduler:set node-js-app selected docker-local\n
The default value may be set by passing an empty value for the option:
dokku scheduler:set node-js-app selected\n
The selected
property can also be set globally. The global default is an empty string, and auto-detection will be performed when no value is set per-app or globally.
dokku scheduler:set --global selected docker-local\n
The default value may be set by passing an empty value for the option.
dokku scheduler:set --global selected\n
"},{"location":"deployment/schedulers/scheduler-management/#displaying-scheduler-reports-for-an-app","title":"Displaying scheduler reports for an app","text":"You can get a report about the app's scheduler status using the scheduler:report
command:
dokku scheduler:report\n
=====> node-js-app scheduler information\n Scheduler computed selected: herokuish\n Scheduler global selected: herokuish\n Scheduler selected: herokuish\n=====> python-sample scheduler information\n Scheduler computed selected: dockerfile\n Scheduler global selected: herokuish\n Scheduler selected: dockerfile\n=====> ruby-sample scheduler information\n Scheduler computed selected: herokuish\n Scheduler global selected: herokuish\n Scheduler selected:\n
You can run the command for a specific app also.
ShellOutputdokku scheduler:report node-js-app\n
=====> node-js-app scheduler information\n Scheduler selected: herokuish\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku scheduler:report node-js-app --scheduler-selected\n
"},{"location":"deployment/schedulers/scheduler-management/#implementing-a-scheduler","title":"Implementing a Scheduler","text":"Custom plugins names must have the prefix scheduler-
or scheduler overriding via scheduler:set
may not function as expected.
At this time, the following dokku commands are used to implement a complete scheduler.
apps:destroy
: stops the app processes on the schedulerapps:rename
: handles app renamingapps:clone
: handles app cloningcron
: generates cron tasks for the appdeploy
: deploys app proceses and checks the status of a deployenter
: enters a running containerlogs
: fetches app logsrun
: starts one-off run containers (detached and non-detached) as well as listing run processesrun:list
: lists running containersrun:logs
: fetches running container logsps:stop
: stops app processesps:inspect
: outputs inspect output for processes in an appSchedulers may decide to omit some functionality here, or use plugin triggers to supplement config with information from other plugins. Additionally, a scheduler may implement other triggers in order handle any extra processes needed during a deploy.
Schedulers can use any tools available on the system to build the docker image, and may even be used to interact with off-server systems. The only current requirement is that the scheduler must have access to the image built in the build phase. If this is not the case, the registry plugin can be used to push the image to a registry that the scheduler software can access.
Deployment tasks are currently executed directly on the primary Dokku server.
"},{"location":"development/plugin-creation/","title":"Plugin creation","text":"A plugin can be a simple implementation of triggers or can implement a command structure of its own. Dokku has no restrictions on the language in which a plugin is implemented; it only cares that the plugin implements the appropriate commands or triggers for the API. NOTE: any file that implements triggers or uses the command API must be executable.
"},{"location":"development/plugin-creation/#plugin-overview","title":"Plugin Overview","text":"When creating custom plugins:
dokku-<name>
convention (e.g. dokku-mariadb
)When developing a plugin, the install
trigger must be implemented such that it outputs the built executable(s) using a directory structure that implements the plugin's desired command and/or triggers the API. See the smoke-test-plugin for an example.
There are 3 main integration points: commands
, subcommands/default
, and subcommands/<command-name>
.
commands
","text":"Primarily used to supply the plugin's usage/help output. (i.e. plugin help).
"},{"location":"development/plugin-creation/#subcommandsdefault","title":"subcommands/default
","text":"Implements the plugin's default command behavior. (i.e. dokku plugin
).
subcommands/<command-name>
","text":"Implements the additional command interface and will translate to dokku plugin:cmd
on the command line. (i.e. dokku plugin:install
).
plugin.toml
","text":"The plugin.toml
file is used to describe the plugin in help output, and helps users understand the purpose of the plugin. This must have a description and a version. The version should be bumped at every plugin release.
[plugin]\ndescription = \"dokku example plugin\"\nversion = \"0.1.0\"\n[plugin.config]\n
"},{"location":"development/plugin-creation/#files-should-be-executable","title":"Files should be executable","text":"Commands, subcommands, triggers and source shell scripts should all be executable. On a Unix-like machine, the following command can be used to make them executable:
chmod +x path/to/file\n
Non-executable commands, subcommands, and triggers will be ignored.
"},{"location":"development/plugin-creation/#use-the-pipefail-bash-option","title":"Use thepipefail
bash option","text":"Consider whether to include the set -eo pipefail
option. Look at the following example:
IMAGE=$(docker images | grep \"user/repo\" | awk '{print $3}')\nif [[ -z $IMAGE ]]; then\n dokku_log_fail \"user/repo image not found... Did you run 'dokku plugin:install'?\"\nfi\n
If user/repo
doesn't exist, Dokku exits just before the awk
command and the dokku_log_fail
message will never go to STDOUT
. printed with echo. The set -e
option should be used in this case.
Here is the help
entry for set
:
help set\nOptions:\n -e Exit immediately if a command exits with a non-zero status.\n -o option-name\n pipefail the return value of a pipeline is the status of\n the last command to exit with a non-zero status,\n or zero if no command exited with a non-zero status\n
"},{"location":"development/plugin-creation/#support-trace-mode","title":"Support trace mode","text":"Trace mode is useful for getting debugging output from plugins when the --trace
flag is specified or dokku trace:on
is triggered. This should be done at the top of each shell script:
#!/usr/bin/env bash\nset -eo pipefail\n[[ $DOKKU_TRACE ]] && set -x\n
In the above example, the third line enables bash's debug mode, which prints command traces before executing command.
"},{"location":"development/plugin-creation/#verify-the-existence-of-dependencies","title":"Verify the existence of dependencies","text":"If a plugin depends on a specific command-line tool, check whether that tool exists before utilizing it. Either command -v
or which
may be used to do so:
# `command -v` example\nif ! command -v \"nginx\" &>/dev/null; then\n dokku_log_fail \"Missing nginx, install it\"\nfi\n\n# `which` example\nif ! which nginx &>/dev/null; then\n dokku_log_fail \"Missing nginx, install it\"\nfi\n
In cases where a dependency should be installed before the plugin can be used at all, use the dependencies
plugin trigger to install the dependency.
For plugins which expose commands, implement a help
command. This may be empty, but should contain a listing of all available commands.
Commas - ,
- are used in the help output for columnizing output. Verify that the plugin conforms to the spec by running dokku help --all
and manually verifying the output.
See the sample plugin below for an example.
"},{"location":"development/plugin-creation/#namespace-commands","title":"Namespace commands","text":"All commands should be namespaced. In cases where a core plugin is overridden, the plugin may utilize the a namespace in use by the core, but generally this should be avoided to reduce confusion as to where the command is implemented.
"},{"location":"development/plugin-creation/#implement-a-proper-catch-all-command","title":"Implement a proper catch-all command","text":"As of 0.3.3, a catch-all should be implemented that exits with a DOKKU_NOT_IMPLEMENTED_EXIT
code. This allows Dokku to output a command not found
message.
See the sample plugin below for an example.
"},{"location":"development/plugin-creation/#set-app-config-without-restarting","title":"Set app config without restarting","text":"In the case that a plugin needs to set app configuration settings and a restart should be avoided (default Heroku-style behavior) these \"internal\" commands provide this functionality:
config_set --no-restart node-js-app KEY1=VALUE1 [KEY2=VALUE2 ...]\nconfig_unset --no-restart node-js-app KEY1 [KEY2 ...]\n
"},{"location":"development/plugin-creation/#expose-functionality-in-a-functions-file","title":"Expose functionality in a functions
file","text":"To allow other plugins access to (some of) a plugin's functionality, functions can expose by including a functions
file in the plugin for others to source. All functions in that file should be considered publicly accessible by other plugins.
Any functions that must be kept private should reside in the plugin's trigger/
or commands/
directories. Other files may also be used to hide private functions; the official convention for hiding private functions is to place them an internal-functions
file.
New
Introduced in 0.4.0
Dokku allows image tagging and deployment of tagged images. This means hard-coding the $IMAGE
as dokku/$APP
is no longer sufficient.
Plugins should use get_running_image_tag()
and get_app_image_name()
as sourced from common/functions
. See the plugin triggers doc for examples.
Info
Note: This is only for plugins that are not pre/post-build-*
plugins
$DOCKER_BIN
instead of docker
directly","text":"New
Introduced in 0.17.5
Certain systems may require a wrapper function around the docker
binary for proper execution. Utilizing the $DOCKER_BIN
environment variable when calling docker for those functions is preferred.
# good\n\"$DOCKER_BIN\" container run -d $IMAGE /bin/bash -e -c \"$COMMAND\"\n\n# bad\ndocker run -d $IMAGE /bin/bash -e -c \"$COMMAND\"\n
"},{"location":"development/plugin-creation/#include-labels-for-all-temporary-containers-and-images","title":"Include labels for all temporary containers and images","text":"New
Introduced in 0.5.0
As of 0.5.0, labels are used to help cleanup intermediate containers with dokku cleanup
. Plugins that create containers and images should add the correct labels to the build
, commit
, and run
docker commands.
Note that where possible, a label com.dokku.app-name=$APP
- where $APP
is the name of the app - should also be included. This enables dokku cleanup APP
to cleanup the specific containers for a given app.
# `docker build` example\n\"$DOCKER_BIN\" image build \"--label=com.dokku.app-name=${APP}\" $DOKKU_GLOBAL_BUILD_ARGS ...\n\n# `docker commit` example\n# Note that the arguments must be set as a local array\n# as arrays cannot be exported in shell\nlocal DOKKU_COMMIT_ARGS=(\"--change\" \"LABEL org.label-schema.schema-version=1.0\" \"--change\" \"LABEL org.label-schema.vendor=dokku\" \"--change\" \"LABEL $DOKKU_CONTAINER_LABEL=\")\n\"$DOCKER_BIN\" container commit --change \"LABEL com.dokku.app-name=$APP\" \"${DOKKU_COMMIT_ARGS[@]}\" ...\n\n# `docker run` example\n\"$DOCKER_BIN\" container run \"--label=com.dokku.app-name=${APP}\" $DOKKU_GLOBAL_RUN_ARGS ...\n
"},{"location":"development/plugin-creation/#copy-files-from-the-built-image-using-copy_from_image","title":"Copy files from the built image using copy_from_image
","text":"Avoid copying files from running containers as these files may change over time. Instead copy files from the image built during the deploy process. This can be done via the copy_from_image
helper function. This will correctly handle various corner cases in copying files from an image.
source \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\n\nlocal TMP_FILE=$(mktemp \"/tmp/dokku-${DOKKU_PID}-${FUNCNAME[0]}.XXXXXX\")\ntrap \"rm -rf '$TMP_FILE' >/dev/null\" RETURN INT TERM EXIT\n\nlocal IMAGE_TAG=\"$(get_running_image_tag \"$APP\")\"\nlocal IMAGE=$(get_deploying_app_image_name \"$APP\" \"$IMAGE_TAG\")\ncopy_from_image \"$IMAGE\" \"file-being-copied\" \"$TMP_FILE\" 2>/dev/null\n
Files are copied from the /app
directory - for images built via buildpacks - or WORKDIR
- for images built via Dockerfile.
dokku
binary directly","text":"New
Introduced in 0.6.0
Plugins should not call the dokku
binary directly from within plugins because clients using the --app
argument are potentially broken when doing so.
Plugins should instead source the functions
file for a given plugin when attempting to call Dokku internal functions. In cases where plugin functions cannot be sourced (eg if a plugin is implemented in Golang), then call the relevant plugin triggers instead.
The below plugin is a dummy dokku hello
plugin.
Each plugin requires a plugin.toml
descriptor file with the following required fields:
[plugin]\ndescription = \"dokku hello plugin\"\nversion = \"0.1.0\"\n[plugin.config]\n
hello/subcommands/default
#!/usr/bin/env bash\nset -eo pipefail\n[[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\n\ncmd-hello-default() {\n declare desc=\"prints Hello \\$APP\"\n declare cmd=\"hello\"\n [[ \"$1\" == \"$cmd\" ]] && shift 1\n # Support --app/$DOKKU_APP_NAME flag\n # Use the following lines to reorder args into \"$cmd $DOKKU_APP_NAME $@\"\"\n [[ -n $DOKKU_APP_NAME ]] && set -- $DOKKU_APP_NAME $@\n set -- $cmd $@\n #\n declare APP=\"$1\"\n\n [[ -z \"$APP\" ]] && dokku_log_fail \"Please specify an app to run the command on\"\n verify_app_name \"$APP\"\n\n echo \"Hello $APP\"\n}\n\ncmd-hello-default \"$@\"\n
hello/subcommands/world
#!/usr/bin/env bash\nset -eo pipefail\n[[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\n\ncmd-hello-world() {\n declare desc=\"prints Hello world\"\n declare cmd=\"hello:world\"\n [[ \"$1\" == \"$cmd\" ]] && shift 1\n\n echo \"Hello world\"\n}\n\ncmd-hello-world \"$@\"\n
hello/commands
#!/usr/bin/env bash\nset -eo pipefail\n[[ $DOKKU_TRACE ]] && set -x\n\ncase \"$1\" in\n help | hello:help)\n help_content_func () {\n declare desc=\"return help_content string\"\n cat<<help_content\n hello <app>, Says \"Hello <app>\"\n hello:world, Says \"Hello world\"\nhelp_content\n }\n\n if [[ $1 = \"hello:help\" ]] ; then\n echo -e 'Usage: dokku hello[:world] [<app>]'\n echo ''\n echo 'Say Hello World.'\n echo ''\n echo 'Example:'\n echo ''\n echo '$ dokku hello:world'\n echo 'Hello world'\n echo ''\n echo 'Additional commands:'\n help_content_func | sort | column -c2 -t -s,\n else\n help_content_func\n fi\n ;;\n\n *)\n exit $DOKKU_NOT_IMPLEMENTED_EXIT\n ;;\n\nesac\n
"},{"location":"development/plugin-triggers/","title":"Plugin triggers","text":"Plugin triggers (formerly pluginhooks) are a good way to jack into existing Dokku infrastructure. You can use them to modify the output of various Dokku commands or override internal configuration.
Plugin triggers are simply scripts that are executed by the system. You can use any language you want, so long as the script:
For instance, if you wanted to write a plugin trigger in PHP, you would need to have php
installed and available on the CLI prior to plugin trigger invocation.
The following is an example for the nginx-hostname
plugin trigger. It reverses the hostname that is provided to nginx during deploys. If you created an executable file named nginx-hostname
with the following code in your plugin trigger, it would be invoked by Dokku during the normal app deployment process:
#!/usr/bin/env bash\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nAPP=\"$1\"; SUBDOMAIN=\"$2\"; VHOST=\"$3\"\n\nNEW_SUBDOMAIN=`echo $SUBDOMAIN | rev`\necho \"$NEW_SUBDOMAIN.$VHOST\"\n
"},{"location":"development/plugin-triggers/#available-plugin-triggers","title":"Available plugin triggers","text":"There are a number of plugin-related triggers. These can be optionally implemented by plugins and allow integration into the standard Dokku setup/teardown process.
The following plugin triggers describe those available to a Dokku installation. As well, there is an example for each trigger that you can use as templates for your own plugin development.
Info
The example plugin trigger code is not guaranteed to be implemented as in within dokku, and are merely simplified examples. Please look at the Dokku source for larger, more in-depth examples.
"},{"location":"development/plugin-triggers/#app-create","title":"app-create
","text":"$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#app-destroy","title":"app-destroy
","text":"$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#app-exists","title":"app-exists
","text":"$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#app-list","title":"app-list
","text":"false
.$FILTER
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#app-json-process-deploy-parallelism","title":"app-json-process-deploy-parallelism
","text":"dokku deploy
$APP $PROCESS_TYPE
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#app-json-get-content","title":"app-json-get-content
","text":"$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#app-maybe-create","title":"app-maybe-create
","text":"$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#app-restart","title":"app-restart
","text":"dokku config:clear
, dokku config:set
, dokku config:unset
$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#app-urls","title":"app-urls
","text":"dokku deploy
, dokku url
, and dokku urls
$APP $URL_TYPE
#!/usr/bin/env bash\n# Sets the domain to `internal.tld`\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nAPP=\"$1\"; URL_TYPE=\"$2\"\ncase \"$URL_TYPE\" in\n url)\n echo \"https://internal.tld/${APP}/\"\n ;;\n urls)\n echo \"https://internal.tld/${APP}/\"\n echo \"http://internal.tld/${APP}/\"\n ;;\nesac\n
"},{"location":"development/plugin-triggers/#builder-build","title":"builder-build
","text":"dokku deploy
$BUILDER_TYPE
$APP
$SOURCECODE_WORK_DIR
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#builder-create-dokku-image","title":"builder-create-dokku-image
","text":"dokku deploy
$BUILDER_TYPE
$APP
$SOURCECODE_WORK_DIR
$DOKKU_IMAGE
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#builder-detect","title":"builder-detect
","text":"herokuish
builder in favor of a custom one. Dockerfile gets lowest builder precedence.dokku deploy
$APP
$SOURCECODE_WORK_DIR
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nAPP=\"$1\"; SOURCECODE_WORK_DIR=\"$2\"\n\nif [[ -f \"$SOURCECODE_WORK_DIR/project.toml\" ]]; then\n echo -n \"pack\"\nfi\n
"},{"location":"development/plugin-triggers/#builder-dokku-image","title":"builder-dokku-image
","text":"dokku deploy
$BUILDER_TYPE
$APP
$SOURCECODE_WORK_DIR
$DOKKU_IMAGE
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#builder-get-property","title":"builder-get-property
","text":"$APP $KEY
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nAPP=\"$1\"; PROPERTY=\"$2\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#builder-herokuish-allowed","title":"builder-herokuish-allowed
","text":"$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#builder-image-is-cnb","title":"builder-image-is-cnb
","text":"$APP
$IMAGE_TAG
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#builder-image-is-herokuish","title":"builder-image-is-herokuish
","text":"$APP
$IMAGE_TAG
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#builder-release","title":"builder-release
","text":"dokku deploy
$BUILDER_TYPE
$APP
$IMAGE_TAG
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#buildpack-stack-name","title":"buildpack-stack-name
","text":"$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#caddy-template-source","title":"caddy-template-source
","text":"$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#certs-exists","title":"certs-exists
","text":"true
if certs exists for the app, false
otherwise$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#certs-force","title":"certs-force
","text":"true
if a cert should be simulated for the app, no output otherwise$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#check-deploy","title":"check-deploy
","text":"dokku deploy
$APP $CONTAINER_ID $PROC_TYPE $PORT $IP
#!/usr/bin/env bash\n# Disables deploys of containers based on whether the\n# `DOKKU_DISABLE_DEPLOY` env var is set to `true` for an app\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_AVAILABLE_PATH/config/functions\"\n\nAPP=\"$1\"; CONTAINER_ID=\"$2\"; PROC_TYPE=\"$3\"; PORT=\"$4\" ; IP=\"$5\"\n\neval \"$(config_export app $APP)\"\nDOKKU_DISABLE_DEPLOY=\"${DOKKU_DISABLE_DEPLOY:-false}\"\n\nif [[ \"$DOKKU_DISABLE_DEPLOY\" = \"true\" ]]; then\n echo -e \"\\033[31m\\033[1mDeploys disabled, sorry.\\033[0m\"\n exit 1\nfi\n
"},{"location":"development/plugin-triggers/#checks-get-property","title":"checks-get-property
","text":"$APP $KEY
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nAPP=\"$1\"; PROPERTY=\"$2\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#commands-help-and-commands-plugin_namehelp","title":"commands help
and commands <PLUGIN_NAME>:help
","text":"help
command in your commands
file to take advantage of this plugin trigger. commands help
is used by dokku help
to aggregate all plugins abbreviated help
output. Implementing <PLUGIN_NAME>:help
in your commands
file gives users looking for help, a more detailed output. 'commands help' must be implemented inside the commands
plugin file. It's recommended that PLUGIN_NAME:help
be added to the commands file to ensure consistency among community plugins and give you a new avenue to share rich help content with your user.dokku help
and commands <PLUGIN_NAME>:help
#!/usr/bin/env bash\n# Outputs help for the derp plugin\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\ncase \"$1\" in\n help | hello:help)\n help_content_func () {\n declare desc=\"return help_content string\"\n cat<<help_content\n hello <app>, Says \"Hello <app>\"\n hello:world, Says \"Hello world\"\nhelp_content\n }\n\n if [[ $1 = \"hello:help\" ]] ; then\n echo -e 'Usage: dokku hello[:world] [<app>]'\n echo ''\n echo 'Say Hello World.'\n echo ''\n echo 'Example:'\n echo ''\n echo '$ dokku hello:world'\n echo 'Hello world'\n echo ''\n echo 'Additional commands:'\n help_content_func | sort | column -c2 -t -s,\n else\n help_content_func\n fi\n ;;\n\n *)\n exit $DOKKU_NOT_IMPLEMENTED_EXIT\n ;;\n\nesac\n
"},{"location":"development/plugin-triggers/#config-export","title":"config-export
","text":"$APP $GLOBAL $MERGED $FORMAT
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#config-get","title":"config-get
","text":"$APP $KEY
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#config-get-global","title":"config-get-global
","text":"$KEY
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#core-post-deploy","title":"core-post-deploy
","text":"Info
To avoid issues with community plugins, this plugin trigger should be used only for core plugins. Please avoid using this trigger in your own plugins.
dokku deploy
$APP $INTERNAL_PORT $INTERNAL_IP_ADDRESS $IMAGE_TAG
#!/usr/bin/env bash\n# Notify an external service that a successful deploy has occurred.\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\ncurl \"http://httpstat.us/200\"\n
"},{"location":"development/plugin-triggers/#core-post-extract","title":"core-post-extract
","text":"Info
To avoid issues with community plugins, this plugin trigger should be used only for core plugins. Please avoid using this trigger in your own plugins.
receive-app
plugin trigger$APP
$TMP_WORK_DIR
$REV
#!/usr/bin/env bash\n# Adds a clock process to an app's Procfile\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nAPP=\"$1\"\nTMP_WORK_DIR=\"$2\"\nREV=\"$3\" # optional, may not be sent for tar-based builds\n\npushd \"$TMP_WORK_DIR\" >/dev/null\ntouch Procfile\necho \"clock: some-command\" >> Procfile\npopd &>/dev/null\n
"},{"location":"development/plugin-triggers/#cron-get-property","title":"cron-get-property
","text":"$APP $KEY
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nAPP=\"$1\"; PROPERTY=\"$2\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#cron-entries","title":"cron-entries
","text":"$SCHEDULE;$FULL_COMMAND;$ARBITRARY_DATA
. Individual implementations of cron writing can decide whether and how to include these cron entries. The ARBITRARY_DATA
includes the log file path for the basic docker-local
cron implementation.$DOKKU_SCHEDULER
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\n\nDOKKU_SCHEDULER=\"$1\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#cron-write","title":"cron-write
","text":"#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#dependencies","title":"dependencies
","text":"dokku plugin:install-dependencies
#!/usr/bin/env bash\n# Installs nginx for the current plugin\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nexport DEBIAN_FRONTEND=noninteractive\n\ncase \"$DOKKU_DISTRO\" in\n debian|raspbian|ubuntu)\n apt-get -qq -y --no-install-recommends install nginx\n ;;\n *)\n echo \"Installation on $DOKKU_DISTRO not supported\" 1>&2\n ;;\nesac\n
"},{"location":"development/plugin-triggers/#deploy","title":"deploy
","text":"dokku deploy
$APP [$IMAGE_TAG] [$PROC_TYPE]
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\n\nAPP=\"$1\" IMAGE_TAG=\"$2\" PROC_TYPE=\"$3\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#deployed-app-image-repo","title":"deployed-app-image-repo
","text":"dokku/$APP
internal function dokku_deploy_cmd() (deploy phase)
$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nAPP=\"$1\"\n# change the repo from dokku/APP to dokkupaas/APP\necho \"dokkupaas/$APP\"\n
"},{"location":"development/plugin-triggers/#deployed-app-image-tag","title":"deployed-app-image-tag
","text":"internal function dokku_deploy_cmd() (deploy phase)
$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# customize the tag version\necho 'not-latest'\n
"},{"location":"development/plugin-triggers/#deployed-app-repository","title":"deployed-app-repository
","text":"internal function dokku_deploy_cmd() (deploy phase)
$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\necho 'derp.dkr.ecr.us-east-1.amazonaws.com'\n
"},{"location":"development/plugin-triggers/#deploy-source-set","title":"deploy-source-set
","text":"git:from-archive
, git:from-image
, git:load-image
, git:sync
, and all git push commands$APP $SOURCE_TYPE $METADATA
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#docker-args-build","title":"docker-args-build
","text":"Warning
Deprecated, please use docker-args-process-build
instead
internal function dokku_build() (build phase)
$APP $IMAGE_SOURCE_TYPE
#!/usr/bin/env bash\n# Sets a docker build-arg called CACHEBUST which can be used\n# to bust cache at any arbitrary point in a Dockerfile build\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nSTDIN=$(cat)\nAPP=\"$1\"; IMAGE_SOURCE_TYPE=\"$2\"\noutput=\"\"\n\nif [[ \"$IMAGE_SOURCE_TYPE\" == \"dockerfile\" ]]; then\n output=\" --build-arg CACHEBUST=$(date +%s)\"\nfi\necho -n \"$STDIN$output\"\n
"},{"location":"development/plugin-triggers/#docker-args-deploy","title":"docker-args-deploy
","text":"Warning
Deprecated, please use docker-args-process-deploy
instead
dokku deploy
$APP $IMAGE_TAG [$PROC_TYPE $CONTAINER_INDEX]
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nAPP=\"$1\"; IMAGE_TAG=\"$2\"; IMAGE=$(get_app_image_name $APP $IMAGE_TAG)\n\n# TODO\n
"},{"location":"development/plugin-triggers/#docker-args-process-build","title":"docker-args-process-build
","text":"$PROC_TYPE
may be set to magic _all_
process type to signify global docker deploy options.dokku ps:rebuild
$APP $IMAGE_SOURCE_TYPE
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\n\nAPP=\"$1\"; IMAGE_SOURCE_TYPE=\"$2\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#docker-args-process-deploy","title":"docker-args-process-deploy
","text":"$PROC_TYPE
may be set to magic _all_
process type to signify global docker deploy options.dokku deploy
$APP $IMAGE_SOURCE_TYPE $IMAGE_TAG [$PROC_TYPE $CONTAINER_INDEX]
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nAPP=\"$1\"; $IMAGE_SOURCE_TYPE=\"$2\" IMAGE_TAG=\"$3\"; PROC_TYPE=\"$4\"; CONTAINER_INDEX=\"$5\"; IMAGE=$(get_app_image_name $APP $IMAGE_TAG)\n\n# TODO\n
"},{"location":"development/plugin-triggers/#docker-args-process-run","title":"docker-args-process-run
","text":"$PROC_TYPE
may be set to magic _all_
process type to signify global docker run options.dokku run
$APP $IMAGE_SOURCE_TYPE $IMAGE_TAG
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nAPP=\"$1\"; IMAGE_SOURCE_TYPE=\"$3\"; IMAGE_TAG=\"$2\"; IMAGE=$(get_app_image_name $APP $IMAGE_TAG)\n\n# TODO\n
"},{"location":"development/plugin-triggers/#docker-args-run","title":"docker-args-run
","text":"Warning
Deprecated, please use docker-args-process-run
instead
dokku run
$APP $IMAGE_TAG
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nAPP=\"$1\"; IMAGE_TAG=\"$2\"; IMAGE=$(get_app_image_name $APP $IMAGE_TAG)\n\n# TODO\n
"},{"location":"development/plugin-triggers/#domains-add","title":"domains-add
","text":"$APP
$DOMAIN
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#domains-disable","title":"domains-disable
","text":"$APP
$RESTART_APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#domains-enable","title":"domains-enable
","text":"$APP
$RESTART_APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#domains-list","title":"domains-list
","text":"$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#domains-urls","title":"domains-urls
","text":"$APP $URL_TYPE
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#domains-vhost-enabled","title":"domains-vhost-enabled
","text":"$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#git-deploy-branch","title":"git-deploy-branch
","text":"$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#git-get-property","title":"git-get-property
","text":"$APP $KEY
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nAPP=\"$1\"; PROPERTY=\"$2\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#git-from-archive","title":"git-from-archive
","text":"git:from-archive
$APP $ARCHIVE_URL $ARCHIVE_TYPE $USER_NAME $USER_EMAIL
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#git-from-directory","title":"git-from-directory
","text":"git:from-image
and git:from-archive
$APP $SOURCECODE_WORK_DIR $USER_NAME $USER_EMAIL
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#git-from-image","title":"git-from-image
","text":"git:from-image
$APP $DOCKER_IMAGE $BUILD_DIR $USER_NAME $USER_EMAIL
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#git-has-code","title":"git-has-code
","text":"$APP $BRANCH_NAME
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#git-post-pull","title":"git-post-pull
","text":"dokku git-upload-pack
$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#git-pre-pull","title":"git-pre-pull
","text":"dokku git-upload-pack
$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
Warning
The git-pre-pull
trigger should not be used for authentication since it does not get called for commands that use git-upload-archive
such as git archive
. Instead, use the user-auth
trigger.
git-revision
","text":"$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#install","title":"install
","text":"dokku plugin:install
.#!/usr/bin/env bash\n# Sets the hostname of the Dokku server\n# based on the output of `hostname -f`\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nif [[ ! -f \"$DOKKU_ROOT/VHOST\" ]]; then\n hostname -f > $DOKKU_ROOT/VHOST\nfi\n
"},{"location":"development/plugin-triggers/#haproxy-template-source","title":"haproxy-template-source
","text":"$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#logs-get-property","title":"logs-get-property
","text":"$APP $KEY
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nAPP=\"$1\"; PROPERTY=\"$2\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#network-build-config","title":"network-build-config
","text":"internally triggered by proxy-build-config within proxy implementations
$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#network-clear-config","title":"network-clear-config
","text":"internally triggered within proxy implementations
$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#network-config-exists","title":"network-config-exists
","text":"internally triggered by core-post-deploy within proxy implementations
$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#network-get-ipaddr","title":"network-get-ipaddr
","text":"internally triggered by a deploy
$APP $PROC_TYPE $CONTAINER_ID
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#network-get-listeners","title":"network-get-listeners
","text":"internally triggered by a deploy
$APP $PROCESS_TYPE
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#network-get-property","title":"network-get-property
","text":"internally triggered by a deploy
$APP $KEY
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#network-get-static-listeners","title":"network-get-static-listeners
","text":"internally triggered by proxy-build-config
$APP $PROCESS_TYPE
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#network-write-ipaddr","title":"network-write-ipaddr
","text":"internally triggered by a deploy
$APP $PROC_TYPE $CONTAINER_INDEX $IP_ADDRESS
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#network-write-port","title":"network-write-port
","text":"internally triggered by a deploy
$APP $PROC_TYPE $CONTAINER_INDEX $PORT
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#nginx-app-template-source","title":"nginx-app-template-source
","text":"sigil
template that should be used to generate a given nginx configuration file.nginx-vhosts#build-config
$APP $TEMPLATE_TYPE
TEMPLATE_TYPE
argument can be one of: [app-config, hsts-config, validate-config]
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\n\nAPP=\"$1\"\nTEMPLATE_TYPE=\"$2\"\ncase \"$TEMPLATE_TYPE\" in\n app-config)\n echo \"$(cd \"$(dirname \"${BASH_SOURCE[0]}\")\" && pwd)/app.conf.sigil\";;\n hsts-config)\n echo \"$(cd \"$(dirname \"${BASH_SOURCE[0]}\")\" && pwd)/hsts.conf.sigil\";;\n validate-config)\n echo \"$(cd \"$(dirname \"${BASH_SOURCE[0]}\")\" && pwd)/validate.conf.sigil\";;\n *)\n dokku_log_fail \"Invalid template type: ${TEMPLATE_TYPE}\"\nesac\n
The default templates are viewable here: plugins/nginx-vhosts/templates/
"},{"location":"development/plugin-triggers/#nginx-dokku-template-source","title":"nginx-dokku-template-source
","text":"sigil
template that should be used to generate the dokku.conf
nginx configuration file.nginx-vhosts#install
sigil
template can make use of the following variables: $.DOKKU_ROOT $.NGINX_ROOT
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\necho \"$(cd \"$(dirname \"${BASH_SOURCE[0]}\")\" && pwd)/dokku.conf.sigil\"\n
The default template is viewable here: plugins/nginx-vhosts/templates/dokku.conf.sigil
"},{"location":"development/plugin-triggers/#nginx-hostname","title":"nginx-hostname
","text":"dokku domains:setup
$APP $SUBDOMAIN $VHOST
#!/usr/bin/env bash\n# Reverses the hostname for the app\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nAPP=\"$1\"; SUBDOMAIN=\"$2\"; VHOST=\"$3\"\n\nNEW_SUBDOMAIN=`echo $SUBDOMAIN | rev`\necho \"$NEW_SUBDOMAIN.$VHOST\"\n
"},{"location":"development/plugin-triggers/#nginx-pre-reload","title":"nginx-pre-reload
","text":"Warning
The arguments INTERNAL_PORT and INTERNAL_IP_ADDRESS are no longer sufficient to retrieve all app listeners. Please run plugn trigger network-get-listeners APP
within any implementation of nginx-pre-reload
in order to retrieve all application listeners.
dokku proxy:build-config
$APP $INTERNAL_PORT $INTERNAL_IP_ADDRESS
#!/usr/bin/env bash\n# Runs a check against all nginx conf files\n# to ensure they are valid\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nnginx -t\n
"},{"location":"development/plugin-triggers/#openresty-template-source","title":"openresty-template-source
","text":"$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#ports-clear","title":"ports-clear
","text":"$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#ports-configure","title":"ports-configure
","text":"internally triggered by proxy plugins
$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#ports-get","title":"ports-get
","text":"$APP $FORMAT
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#ports-get-available","title":"ports-get-available
","text":"$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#ports-get-property","title":"ports-get-property
","text":"$APP $KEY
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nAPP=\"$1\"; PROPERTY=\"$2\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#ports-set-detected","title":"ports-set-detected
","text":"$APP [$PORT_MAPPING...]
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-app-clone","title":"post-app-clone
","text":"dokku apps:clone
$OLD_APP_NAME $NEW_APP_NAME
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-app-clone-setup","title":"post-app-clone-setup
","text":"dokku apps:clone
$OLD_APP_NAME $NEW_APP_NAME
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-app-rename","title":"post-app-rename
","text":"dokku apps:rename
$OLD_APP_NAME $NEW_APP_NAME
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-app-rename-setup","title":"post-app-rename-setup
","text":"dokku apps:rename
$OLD_APP_NAME $NEW_APP_NAME
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-build","title":"post-build
","text":"internal function dokku_build() (build phase)
$BUILDER_TYPE $APP $SOURCECODE_WORK_DIR
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-build-buildpack","title":"post-build-buildpack
","text":"Warning
Deprecated, please use post-build
instead
internal function dokku_build() (build phase)
$APP
$SOURCECODE_WORK_DIR
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-build-dockerfile","title":"post-build-dockerfile
","text":"Warning
Deprecated, please use post-build
instead
internal function dokku_build() (build phase)
$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-build-lambda","title":"post-build-lambda
","text":"Warning
Deprecated, please use post-build
instead
internal function dokku_build() (build phase)
$APP
$SOURCECODE_WORK_DIR
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-build-pack","title":"post-build-pack
","text":"Warning
Deprecated, please use post-build
instead
internal function dokku_build() (build phase)
$APP
$SOURCECODE_WORK_DIR
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-certs-remove","title":"post-certs-remove
","text":"dokku certs:remove
$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nAPP=\"$1\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-certs-update","title":"post-certs-update
","text":"dokku certs:add
, dokku certs:update
$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nAPP=\"$1\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-config-update","title":"post-config-update
","text":"set
or unset
.dokku config:set
, dokku config:unset
$APP
set|unset
key1=VALUE1 key2=VALUE2
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-container-create","title":"post-container-create
","text":"dokku run
, dokku ps:rebuild
, dokku deploy
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-create","title":"post-create
","text":"dokku apps:create
$APP
#!/usr/bin/env bash\n# Runs a command to ensure that an app\n# has a postgres database when it is starting\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nAPP=\"$1\";\nPOSTGRES=\"$1\"\n\ndokku postgres:create $POSTGRES\ndokku postgres:link $POSTGRES $APP\n
"},{"location":"development/plugin-triggers/#post-delete","title":"post-delete
","text":"dokku apps:destroy
$APP $IMAGE_TAG
#!/usr/bin/env bash\n# Runs a command to ensure that an app's\n# postgres installation is removed\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nAPP=\"$1\";\n\ndokku postgres:destroy $APP\n
"},{"location":"development/plugin-triggers/#post-deploy","title":"post-deploy
","text":"Info
Please see core-post-deploy if contributing a core plugin with the post-deploy
hook.
core-post-deploy
. Deployment Tasks are also invoked by this plugin trigger.dokku deploy
$APP $INTERNAL_PORT $INTERNAL_IP_ADDRESS $IMAGE_TAG
#!/usr/bin/env bash\n# Notify an external service that a successful deploy has occurred.\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\ncurl \"http://httpstat.us/200\"\n
"},{"location":"development/plugin-triggers/#post-domains-update","title":"post-domains-update
","text":"dokku domains:add
, dokku domains:clear
, dokku domains:remove
, dokku domains:set
$APP
action name
domains
#!/usr/bin/env bash\n# Reloads haproxy for our imaginary haproxy plugin\n# that replaces the nginx-vhosts plugin\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nsudo service haproxy reload\n
"},{"location":"development/plugin-triggers/#post-extract","title":"post-extract
","text":"receive-app
plugin trigger$APP
$TMP_WORK_DIR
$REV
#!/usr/bin/env bash\n# Adds a clock process to an app's Procfile\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nAPP=\"$1\"\nTMP_WORK_DIR=\"$2\"\nREV=\"$3\" # optional, may not be sent for tar-based builds\n\npushd \"$TMP_WORK_DIR\" >/dev/null\ntouch Procfile\necho \"clock: some-command\" >> Procfile\npopd &>/dev/null\n
"},{"location":"development/plugin-triggers/#post-proxy-ports-update","title":"post-proxy-ports-update
","text":"dokku ports:add
, dokku ports:clear
, dokku ports:remove
$APP
action name
#!/usr/bin/env bash\n# Rebuilds haproxy config for our imaginary haproxy plugin\n# that replaces the nginx-vhosts plugin\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nsource \"$PLUGIN_AVAILABLE_PATH/haproxy/functions\"\nAPP=\"$1\"\n\nhaproxy-build-config \"$APP\"\n
"},{"location":"development/plugin-triggers/#post-registry-login","title":"post-registry-login
","text":"dokku registry:login
$DOCKER_REGISTRY_SERVER $DOCKER_REGISTRY_USER
#!/usr/bin/env bash\n\n# the DOCKER_REGISTRY_PASS env var is also set\necho \"$DOCKER_REGISTRY_PASS\"\n
"},{"location":"development/plugin-triggers/#post-release-builder","title":"post-release-builder
","text":"Warning
Image mutation in this trigger may result in an invalid run state, and is heavily discouraged.
$BUILDER_TYPE $APP $IMAGE
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nBUILDER_TYPE=\"$1\"; APP=\"$2\"; IMAGE=$3\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-stack-set-todo","title":"post-stack-set
TODO","text":"$APP
$VALUE
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-stop","title":"post-stop
","text":"dokku ps:stop
$APP
#!/usr/bin/env bash\n# Marks an app as manually stopped\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nAPP=\"$1\";\n\ndokku config:set --no-restart $APP MANUALLY_STOPPED=1\n
"},{"location":"development/plugin-triggers/#pre-build","title":"pre-build
","text":"internal function dokku_build() (build phase)
$BUILDER_TYPE $APP $SOURCECODE_WORK_DIR
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#pre-build-buildpack","title":"pre-build-buildpack
","text":"Warning
Deprecated, please use pre-build
instead
internal function dokku_build() (build phase)
$APP
$SOURCECODE_WORK_DIR
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#pre-build-dockerfile","title":"pre-build-dockerfile
","text":"Warning
Deprecated, please use pre-build
instead
internal function dokku_build() (build phase)
$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#pre-build-lambda","title":"pre-build-lambda
","text":"Warning
Deprecated, please use pre-build
instead
internal function dokku_build() (build phase)
$APP
$SOURCECODE_WORK_DIR
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#pre-build-pack","title":"pre-build-pack
","text":"Warning
Deprecated, please use pre-build
instead
internal function dokku_build() (build phase)
$APP
$SOURCECODE_WORK_DIR
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#pre-delete","title":"pre-delete
","text":"dokku apps:destroy
$APP $IMAGE_TAG
#!/usr/bin/env bash\n# Clears out the gulp asset build cache for apps\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\n\nAPP=\"$1\"; GULP_CACHE_DIR=\"$DOKKU_ROOT/$APP/gulp\"; IMAGE=$(get_app_image_name $APP $IMAGE_TAG)\n\nif [[ -d $GULP_CACHE_DIR ]]; then\n docker run \"${DOCKER_COMMIT_LABEL_ARGS[@]}\" --rm -v \"$GULP_CACHE_DIR:/gulp\" \"$IMAGE\" find /gulp -depth -mindepth 1 -maxdepth 1 -exec rm -Rf {} \\; || true\nfi\n
"},{"location":"development/plugin-triggers/#pre-deploy","title":"pre-deploy
","text":"Warning
Deprecated, please use pre-release-builder
instead
dokku deploy
$APP $IMAGE_TAG
#!/usr/bin/env bash\n# Runs gulp in our container\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nAPP=\"$1\"; IMAGE_TAG=\"$2\"; IMAGE=$(get_app_image_name $APP $IMAGE_TAG)\n\ndokku_log_info1 \"Running gulp\"\nCID=$(docker run \"${DOCKER_COMMIT_LABEL_ARGS[@]}\" -d $IMAGE /bin/bash -c \"cd /app && gulp default\")\ntest $(docker wait $CID) -eq 0\nDOCKER_COMMIT_LABEL_ARGS=(\"--change\" \"LABEL org.label-schema.schema-version=1.0\" \"--change\" \"LABEL org.label-schema.vendor=dokku\" \"--change\" \"LABEL com.dokku.app-name=$APP\")\ndocker commit \"${DOCKER_COMMIT_LABEL_ARGS[@]}\" $CID $IMAGE >/dev/null\n
"},{"location":"development/plugin-triggers/#pre-disable-vhost","title":"pre-disable-vhost
","text":"dokku domains:disable
$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nAPP=\"$1\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#pre-enable-vhost","title":"pre-enable-vhost
","text":"dokku domains:enable
$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nAPP=\"$1\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#pre-receive-app","title":"pre-receive-app
","text":"IMAGE_SOURCE_TYPE
can be any of [herokuish, dockerfile]
dokku git-hook
, dokku tar-build-locked
$APP $IMAGE_SOURCE_TYPE $TMP_WORK_DIR $REV
#!/usr/bin/env bash\n# Adds a file called `dokku-is-awesome` to the repository\n# the contents will be the app name\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nAPP=\"$1\"; IMAGE_SOURCE_TYPE=\"$2\"; TMP_WORK_DIR=\"$3\"; REV=\"$4\"\n\necho \"$APP\" > \"$TMP_WORK_DIR/dokku-is-awesome\"\n
"},{"location":"development/plugin-triggers/#pre-release-builder","title":"pre-release-builder
","text":"internal function dokku_release() (release phase)
$BUILDER_TYPE $APP $IMAGE
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nBUILDER_TYPE=\"$1\"; APP=\"$2\"; IMAGE_TAG=\"$3\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#pre-release-buildpack","title":"pre-release-buildpack
","text":"Warning
Deprecated, please use pre-release-builder
instead
internal function dokku_release() (release phase)
$APP $IMAGE_TAG
#!/usr/bin/env bash\n# Installs the graphicsmagick package into the container\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nAPP=\"$1\"; IMAGE_TAG=\"$2\"; IMAGE=$(get_app_image_name $APP $IMAGE_TAG)\n\ndokku_log_info1 \"Installing GraphicsMagick...\"\n\nCMD=\"cat > gm && \\\n dpkg -s graphicsmagick &>/dev/null || \\\n (apt-get update -qq && apt-get -qq -y --no-install-recommends install graphicsmagick && apt-get clean)\"\n\nCID=$(docker run $DOKKU_GLOBAL_RUN_ARGS -i -a stdin $IMAGE /bin/bash -c \"$CMD\")\ntest $(docker wait $CID) -eq 0\nDOCKER_COMMIT_LABEL_ARGS=(\"--change\" \"LABEL org.label-schema.schema-version=1.0\" \"--change\" \"LABEL org.label-schema.vendor=dokku\" \"--change\" \"LABEL com.dokku.app-name=$APP\")\ndocker commit \"${DOCKER_COMMIT_LABEL_ARGS[@]}\" $CID $IMAGE >/dev/null\n
"},{"location":"development/plugin-triggers/#pre-release-lambda","title":"pre-release-lambda
","text":"Warning
Deprecated, please use pre-release-builder
instead
internal function dokku_release() (release phase)
$APP $IMAGE_TAG
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nAPP=\"$1\"; IMAGE_TAG=\"$2\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#pre-release-pack","title":"pre-release-pack
","text":"Warning
Deprecated, please use pre-release-builder
instead
internal function dokku_release() (release phase)
$APP $IMAGE_TAG
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nAPP=\"$1\"; IMAGE_TAG=\"$2\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#pre-release-dockerfile","title":"pre-release-dockerfile
","text":"Warning
Deprecated, please use pre-release-builder
instead
internal function dokku_release() (release phase)
$APP $IMAGE_TAG
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nAPP=\"$1\"; IMAGE_TAG=\"$2\"; IMAGE=$(get_app_image_name $APP $IMAGE_TAG)\n\n# TODO\n
"},{"location":"development/plugin-triggers/#pre-restore","title":"pre-restore
","text":"dokku ps:restore
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#pre-start","title":"pre-start
","text":"dokku ps:start
$APP
#!/usr/bin/env bash\n# Notifies an example url that an app is starting\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nAPP=\"$1\";\n\ncurl \"https://dokku.me/starting/${APP}\" || true\n
"},{"location":"development/plugin-triggers/#procfile-get-command","title":"procfile-get-command
","text":"internally
$APP $PROCESS_TYPE $PORT
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#procfile-exists","title":"procfile-exists
","text":"internally
$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#proxy-build-config","title":"proxy-build-config
","text":"internally triggered by ps:restore
$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#proxy-clear-config","title":"proxy-clear-config
","text":"internally triggered by apps:rename
$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#proxy-disable","title":"proxy-disable
","text":"internally triggered by ps:restore
$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#proxy-enable","title":"proxy-enable
","text":"internally triggered by ps:restore
$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#proxy-is-enabled","title":"proxy-is-enabled
","text":"$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#proxy-type","title":"proxy-type
","text":"$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#ps-can-scale","title":"ps-can-scale
","text":"ps:scale
$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#ps-current-scale","title":"ps-current-scale
","text":"$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#ps-set-scale","title":"ps-set-scale
","text":"$APP $SKIP_DEPLOY $CLEAR_EXISTING [$PROCESS_TUPLE...]
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#receive-app","title":"receive-app
","text":"dokku git-hook
, dokku ps:rebuild
$APP $REV
($REV
may not be included in cases where a repository is not pushed)#!/usr/bin/env bash\n# For our imaginary mercurial plugin, triggers a rebuild\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nAPP=\"$1\"; REV=\"$2\"\n\ndokku hg-build $APP $REV\n
"},{"location":"development/plugin-triggers/#receive-branch","title":"receive-branch
","text":"dokku git-hook
, dokku ps:rebuild
$APP $REV $REFNAME
#!/bin/bash\n# Gives Dokku the ability to support multiple branches for a given service\n# Allowing you to have multiple staging environments on a per-branch basis\n\nreference_app=$1\nrefname=$3\nnewrev=$2\nAPP=${refname/*\\//}.$reference_app\n\nif [[ ! -d \"$DOKKU_ROOT/$APP\" ]]; then\n REFERENCE_REPO=\"$DOKKU_ROOT/$reference_app\"\n git clone --bare --shared --reference \"$REFERENCE_REPO\" \"$REFERENCE_REPO\" \"$DOKKU_ROOT/$APP\" >/dev/null\nfi\nplugn trigger receive-app $APP $newrev\n
"},{"location":"development/plugin-triggers/#release-and-deploy","title":"release-and-deploy
","text":"$APP $IMAGE_TAG
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nAPP=\"$1\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#report","title":"report
","text":"dokku report
$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nAPP=\"$1\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#resource-get-property","title":"resource-get-property
","text":"$APP
$PROC_TYPE
$RESOURCE_TYPE
$PROPERTY
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nAPP=\"$1\"; PROC_TYPE=\"$2\" RESOURCE_TYPE=\"$3\" PROPERTY=\"$4\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#retire-container-failed","title":"retire-container-failed
","text":"dokku deploy
$APP
#!/usr/bin/env bash\n# Send an email when a container failed to retire\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nAPP=\"$1\"; HOSTNAME=$(hostname -s)\n\nmail -s \"$APP containers on $HOSTNAME failed to retire\" ops@dokku.me\n
"},{"location":"development/plugin-triggers/#scheduler-app-status","title":"scheduler-app-status
","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
dokku ps:report
$DOKKU_SCHEDULER $APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-deploy","title":"scheduler-deploy
","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
dokku deploy
$DOKKU_SCHEDULER $APP $IMAGE_TAG
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\"; IMAGE_TAG=\"$3\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-detect","title":"scheduler-detect
","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
dokku deploy
$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nAPP=\"$1\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-enter","title":"scheduler-enter
","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
dokku enter
$DOKKU_SCHEDULER $APP $@
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\"; ARGS=\"$@\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-inspect","title":"scheduler-inspect
","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
dokku ps:inspect
$DOKKU_SCHEDULER $APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-is-deployed","title":"scheduler-is-deployed
","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
$DOKKU_SCHEDULER $APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-logs","title":"scheduler-logs
","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
dokku logs:failed
$DOKKU_SCHEDULER $APP $PROCESS_TYPE $TAIL $PRETTY_PRINT $NUM
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\"; PROCESS_TYPE=\"$3\"; TAIL=\"$4\"; PRETTY_PRINT=\"$5\"; NUM=\"$6\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-logs-failed","title":"scheduler-logs-failed
","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
dokku logs:failed
$DOKKU_SCHEDULER $APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-pre-restore","title":"scheduler-pre-restore
","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
dokku ps:restore
$DOKU_SCHEDULER $APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-post-delete","title":"scheduler-post-delete
","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
dokku apps:destroy
$DOKKU_SCHEDULER $APP $IMAGE_TAG
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\"; IMAGE_TAG=\"$3\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-post-deploy-process","title":"scheduler-post-deploy-process
","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
$APP $PROCESS_TYPE
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nAPP=\"$1\"; PROCESS_TYPE=\"$2\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-post-run","title":"scheduler-post-run
","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
dokku run
invocation is calleddokku run
$DOKKU_SCHEDULER $APP $CONTAINER_ID
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\"; CONTAINER_ID=\"$3\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-register-retired","title":"scheduler-register-retired
","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
internally
$APP $CONTAINER_ID
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nAPP=\"$1\";\nCONTAINER_ID=\"$2\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-retire","title":"scheduler-retire
","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
dokku run
$DOKKU_SCHEDULER $APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-run","title":"scheduler-run
","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
dokku run
$DOKKU_SCHEDULER $APP ...ARGS
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\"; ARGS=\"${@:3}\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-run-list","title":"scheduler-run-list
","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
dokku run
$DOKKU_SCHEDULER $APP $FORMAT
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\"; FORMAT=\"$3\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-run-logs","title":"scheduler-run-logs
","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
dokku run
$DOKKU_SCHEDULER $APP $CONTAINER $TAIL $PRETTY_PRINT $NUM
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\"; CONTAINER=\"$3\"; TAIL=\"$4\"; PRETTY_PRINT=\"$5\"; NUM=\"$6\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-run-stop","title":"scheduler-run-stop
","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
dokku run:stop
$DOKKU_SCHEDULER $APP $CONTAINER_NAME
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\"; CONTAINER_NAME=\"$3\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-stop","title":"scheduler-stop
","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
dokku apps:destroy, dokku ps:stop
$DOKKU_SCHEDULER $APP $REMOVE_CONTAINERS
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\"; REMOVE_CONTAINERS=\"$3\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#storage-list","title":"storage-list
","text":"dokku storage:list
and dokku deploy
$APP $PHASE $FORMAT
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nAPP=\"$1\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#traefik-template-source","title":"traefik-template-source
","text":"$APP
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#uninstall","title":"uninstall
","text":"dokku plugin:uninstall
$PLUGIN
#!/usr/bin/env bash\n# Cleanup up extra containers created\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nPLUGIN=\"$1\"\n\n[[ \"$PLUGIN\" = \"my-plugin\" ]] && docker rmi -f \"${PLUGIN_IMAGE_DEPENDENCY}\"\n
To avoid uninstalling other plugins make sure to check the plugin name like shown in the example.
"},{"location":"development/plugin-triggers/#update","title":"update
","text":"dokku plugin:update
.#!/usr/bin/env bash\n# Update the herokuish image from git source\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\ncd /root/dokku\nsudo BUILD_STACK=true make install\n
"},{"location":"development/plugin-triggers/#user-auth","title":"user-auth
","text":"This is a special plugin trigger that is executed on every command run. As Dokku sometimes internally invokes the dokku
command, special care should be taken to properly handle internal command redirects.
Note that the trigger should exit as follows:
0
to continue running as normal1
to halt execution of the commandThe SSH_USER
is the original ssh user. If you are running remote commands, this user will typically be dokku
, and as such should not be trusted when checking permissions. If you are connected via ssh as a different user who then invokes dokku
, the value of this variable will be that user's name (root
, myuser
, etc.).
The SSH_NAME
is the NAME
variable set via the sshcommand acl-add
command. For reference, the following command can be run as the root user to specify a specific NAME
for a given ssh key:
sshcommand acl-add dokku NAME < $PATH_TO_SSH_KEY\n
Note that the NAME
value is set at the first ssh key match. If an ssh key is set in the /home/dokku/.ssh/authorized_keys
multiple times, the first match will decide the value.
dokku
$SSH_USER $SSH_NAME $DOKKU_COMMAND
#!/usr/bin/env bash\n# Allow root/admin users to do everything\n# Deny plugin access to default users\n# Allow access to all other commands\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nSSH_USER=$1\nSSH_NAME=$2\nshift 2\n[[ \"$SSH_USER\" == \"root\" ]] && exit 0\n[[ \"$SSH_NAME\" == \"admin\" ]] && exit 0\n[[ \"$SSH_NAME\" == \"default\" && $1 == plugin:* ]] && exit 1\nexit 0\n
"},{"location":"development/plugin-triggers/#user-auth-app","title":"user-auth-app
","text":"This is a special plugin trigger that is executed when listing apps or checking if an app exists. All Dokku commands should check if an app exists at least once before interacting with them so as not to circumvent the check.
Note that the trigger should exit 0
, and each non-empty line on stdout is captured as a valid app name.
The SSH_USER
is the original ssh user. If you are running remote commands, this user will typically be dokku
, and as such should not be trusted when checking permissions. If you are connected via ssh as a different user who then invokes dokku
, the value of this variable will be that user's name (root
, myuser
, etc.).
The SSH_NAME
is the NAME
variable set via the sshcommand acl-add
command. For reference, the following command can be run as the root user to specify a specific NAME
for a given ssh key:
sshcommand acl-add dokku NAME < $PATH_TO_SSH_KEY\n
Note that the NAME
value is set at the first ssh key match. If an ssh key is set in the /home/dokku/.ssh/authorized_keys
multiple times, the first match will decide the value.
dokku
$SSH_USER $SSH_NAME $DOKKU_COMMAND
#!/usr/bin/env bash\n# hide any apps with the prefix \"admin\"\n# if the logged in user (SSH_USER) or SSH_NAME is not `root`\n\nmain() {\n declare SSH_USER=\"$1\" SSH_NAME=\"$2\" ARGS=(\"${@:3}\")\n\n for arg in \"${ARGS[@]}\"; do\n if [[ \"$arg\" == admin-* ]] && [[ \"$SSH_USER\" != \"root\" ]] && [[ \"$SSH_NAME\" != \"root\" ]]; then\n continue\n fi\n\n echo \"${arg}\"\n done\n}\n\nmain \"$@\"\n
"},{"location":"development/plugin-triggers/#vector-template-source","title":"vector-template-source
","text":"#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/release-process/","title":"Release Process","text":"Dokku is released in intervals at most three weeks apart, though may be released much quicker.
To propose a release, the following tasks need to be performed:
export PACKAGECLOUD_TOKEN=SOME_TOKEN\n# supports major/minor/patch/betafish\ncontrib/release-dokku\n
Info
If you are a maintainer and need the PACKAGECLOUD_TOKEN in order to make a release, please contact @josegonzalez to get this information.
As well, the Arch Linux package description must be updated via vagrant up build-arch
(needs to be done after the tag is pushed to GitHub, because it is based on that)
Dokku follows semver standards. As we are not yet at a stable release, breaking changes will require only a minor release, while all other changes only require a patch release. Once we hit stable, breaking changes will require a major release.
At the moment, tags need not be signed, though that may change in the future.
"},{"location":"development/release-process/#arch-linux-packages","title":"Arch Linux Packages","text":"Arch Linux packages are not really build, because all that is needed for an Arch User Repo (AUR) package is the description of how to build the package. To make this process as easy as possible there is a vagrant box called build-arch
that updates the version of this build description (a file called PKGBUILD
), then runs some helper scripts to fill all additional information and does test if the package could be build. Then only those changes need to be pushed to the AUR repo and an updated version of the package is ready for usage for our Arch Linux users. For detailed information see the section below.
The workflow looks like this:
# having dokku-arch in ../dokku-arch\nvagrant up build-arch\n# wait for \"==> build-arch: ==> Finished making: dokku 0.35.0-2 (Mon Feb 22 23:20:37 CET 2016)\"\ncd ../dokku-arch\ngit add PKGBUILD .SRCINFO\ngit commit -m 'Update to dokku 0.9.9'\ngit push aur master\n
Info
If you are a maintainer and need access to the AUR repositories in order to make a release, please contact @morrisjobke or @josegonzalez to get this co-maintainership.
"},{"location":"development/release-process/#detailed-information-for-arch-linux-packages","title":"Detailed information for Arch Linux packages","text":"All of the information to build the Arch Linux package is in the AUR git repository (see dokku AUR page). The release of a AUR package only consists of pushing the package information into the AUR git repo. Then users could use that information to build the package on their machines.
To update the package clone the repository and adjust the files in the repository. Then a helper script - updpkgsums
- to update the SHA sum could be called (check against the original SHA sum). Another helper script - mksrcinfo
- needs to be called to update the meta information of the package in a file called .SRCINFO
. The next step builds the package locally for verification - makepkg
. As last step commit your changes and push the commit.
depends
attribute in PKGBUILD
package()
method in PKGBUILD
dokku.install
PKGBUILD
could be found in the Arch Linux wikiThat is the usual workflow:
updpkgsums # update sha sums - compare them with the original ones\nmksrcinfo # update package metadata for AUR\nmakepkg # test package builds\ngit add PKGBUILD .SRCINFO\ngit commit -m 'Update to dokku 0.9.9'\ngit push\n
Info
If there is something unclear simply ask @morrisjobke for help.
"},{"location":"development/testing/","title":"Running Tests","text":"Dokku has a full test suite to assist in quick iterating development. These tests include a linter using shellcheck, functional unit tests using the Bats testing framework, and a deployment suite of example apps that use the most popular languages and frameworks.
We maintain the Dokku test harness within the tests
directory:
tests/unit/*.bats
: Bats teststests/apps/
: Example applications that can be used for testsAll pull requests have tests run against them on GitHub Actions, a continuous integration platform that provides Docker support for Ubuntu Jammy 22.04.
If you wish to skip tests for a particular commit, e.g. documentation changes, you may add the [ci skip]
designator to your commit message. Commits that should be tested but have the above designator will not be merged.
While we do provide official packages for a variety of platforms, as our test suite currently runs on Ubuntu Jammy 22.04, we only provide official installation support for that platform and the supported LTS releases of Ubuntu (currently 20.04, 22.04, and 24.04).
"},{"location":"development/testing/#local-test-execution","title":"Local Test Execution","text":""},{"location":"development/testing/#vagrant-vm","title":"Vagrant VM","text":"vagrant ssh\nsudo su -\ncd ~/dokku\nmake ci-dependencies setup-deploy-tests\n
After making changes to your local Dokku clone, don't forget to update the Vagrant Dokku install.
# update vagrant dokku install from local git clone\nmake copyfiles\n\n# build a specific plugin\nmake go-build-plugin copyplugin PLUGIN_NAME=apps\n
"},{"location":"development/testing/#vscode-dev-container","title":"VSCode Dev Container","text":"make ci-dependencies setup-deploy-tests\n
After making changes to your local Dokku clone, don't forget to update the Vagrant Dokku install.
# update vagrant dokku install from local git clone\nmake copyfiles\n\n# build a specific plugin\nmake go-build-plugin copyplugin PLUGIN_NAME=apps\n
"},{"location":"development/testing/#executing-tests","title":"Executing tests","text":"Execute the entire test suite (linter, bats tests, and app deployment tests):
make test\n
Run the linter
make lint\n
Execute all bats tests
make unit-tests\n
Execute all app deployment tests
make deploy-tests\n
"},{"location":"development/testing/#executing-app-tests","title":"Executing App Tests","text":"You may run a specific app deployment tests with a target similar to:
make deploy-test-nodejs-express\n
For a full list of test make targets check out tests.mk
in the root of the Dokku repository.
When working on a particular plugin, it may be useful to run only a particular test suite. This can be done by specifying the test suite path:
bats tests/unit/apps_1.bats\n
It is also possible to target multiple test suites at a time.
bats tests/unit/apps_1.bats tests/unit/certs.bats\n
"},{"location":"development/testing/#executing-a-single-test","title":"Executing a single test","text":"In order to increase testing velocity, a wrapper script around Bats is available that can be used to run a single test case within a suite.
Tests within a suite may be listed by specifying the suite as a parameter to bats
.
bats tests/unit/apps_1.bats\n
A single test can be specified via the --filter
argument. The tests are selected via regex match, and all matches are executed.
bats --filter list tests/unit/apps_1.bats\n
"},{"location":"enterprise/pro/","title":"Dokku Pro","text":"Dokku Pro is a commercial offering that provides a familiar Web UI for all common tasks performed by developers. End users can expect an interface that provides various complex cli commands in an intuitive, app-centric manner, quickly speeding up tasks that might otherwise be difficult for new and old users to perform. Additionally, it provides a way to perform these tasks remotely via a json api, enabling easier, audited remote management of servers. Finally, Dokku Pro provides an alternative, https-based method for deploying code which can be used in environments that lockdown ssh access to servers.
"},{"location":"enterprise/pro/#purchasing","title":"Purchasing","text":"Dokku Pro may be purchased online by clicking the following purchase link:
Dokku Pro Purchase Link
Info
Currently, the server must be able to contact the public internet to validate the license, or it will fail to start. For offline support, inquire for enterprise offline licensing.
"},{"location":"enterprise/pro/#installation","title":"Installation","text":"Dokku Pro is shipped as Debian and RPM packages, and depends on the following files:
/etc/default/dokku-pro
: Configures certain environment variables for usage by the dokku-pro binary/etc/dokku-pro/license.key
: Contains the downloaded license key/var/lib/dokku/data/pro/db
: Contains the local dokku-pro databasePlease refer to the purchase email for details on configuring Dokku Pro.
"},{"location":"enterprise/pro/#features-and-development","title":"Features and Development","text":"Dokku Pro has the following functionality:
While each release is fairly feature complete, individual features and documentation will expand over time. Feature development follows a monthly release cadence, with individual bug fixes released on an as needed basis.
"},{"location":"getting-started/advanced-installation/","title":"Advanced installation","text":""},{"location":"getting-started/advanced-installation/#installing-via-other-methods","title":"Installing via other methods","text":"For various reasons, certain hosting providers may have other steps that should be preferred to the above. If hosted on any of the following popular hosts, please follow the linked to instructions:
As well, you may wish to customize your installation in some other fashion. or experiment with Vagrant. The guides below should get you started:
You can always install Dokku straight from the latest - potentially unstable - master
branch via the following Bash command:
# using a branch results in installing from source\nwget -NP . https://dokku.com/install/master/bootstrap.sh;\nsudo DOKKU_BRANCH=master bash bootstrap.sh\n
"},{"location":"getting-started/advanced-installation/#development","title":"Development","text":"If you plan on developing Dokku, the easiest way to install from your own repository is cloning the repository and calling the install script. Example:
git clone https://github.com/yourusername/dokku.git\ncd dokku\nsudo make install\n
The Makefile
allows source URLs to be overridden to include customizations from your own repositories. The DOCKER_URL
, PLUGN_URL
, SSHCOMMAND_URL
and STACK_URL
environment variables may be set to override the defaults (see the Makefile
for how these apply). Example:
sudo SSHCOMMAND_URL=https://raw.githubusercontent.com/yourusername/sshcommand/master/sshcommand make install\n
"},{"location":"getting-started/advanced-installation/#bootstrap-a-server-from-your-own-repository","title":"Bootstrap a server from your own repository","text":"The bootstrap script allows the Dokku repository URL to be overridden to bootstrap a host from your own clone of Dokku using the DOKKU_REPO
environment variable. Example:
wget -NP . https://dokku.com/install/master/bootstrap.sh;\nchmod +x bootstrap.sh\nsudo DOKKU_REPO=https://github.com/yourusername/dokku.git DOKKU_BRANCH=master ./bootstrap.sh\n
"},{"location":"getting-started/advanced-installation/#custom-herokuish-build","title":"Custom Herokuish build","text":"Dokku ships with a pre-built version of the Herokuish component by default. If you want to build your own version you can specify that with an environment variable.
git clone https://github.com/dokku/dokku.git\ncd dokku\nsudo BUILD_STACK=true STACK_URL=https://github.com/gliderlabs/herokuish.git make install\n
"},{"location":"getting-started/advanced-installation/#skipping-herokuish-installation","title":"Skipping Herokuish installation","text":"The Herokuish package is recommended but not required if not using Heroku buildpacks for deployment. Debian-based OS users can run the bootstrap installer via sudo DOKKU_NO_INSTALL_RECOMMENDS=\" --no-install-recommends \" bash bootstrap.sh
to skip the dependency. Please note that this will also skip installation of other recommended dependencies.
Once Dokku is installed, you'll want to configure the virtualhost setup as well as the push user. If you do not, your installation will be considered incomplete and you will not be able to deploy applications.
For Debian, unattended installation is described Debian installation guide.
Set up a domain using your preferred vendor and a wildcard domain pointing to the host running Dokku. You can manage this global domain using the domains plugin.
Follow the user management documentation in order to add SSH keys for users to Dokku, or to give other Unix accounts access to Dokku.
"},{"location":"getting-started/advanced-installation/#vms-with-less-than-1-gb-of-memory","title":"VMs with less than 1 GB of memory","text":"Having less than 1 GB of system memory available for Dokku and its containers may result in unexpected errors, such as ! [remote rejected] master -> master (pre-receive hook declined)
during installation of NPM dependencies.
To work around this issue, it might suffice to augment the Linux swap file size to a maximum of twice the physical memory size.
To resize the swap file of a 512 MB machine to 1 GB, follow these steps while in SSH within your machine:
cd /var\ntouch swap.img\nchmod 600 swap.img\n\ndd if=/dev/zero of=/var/swap.img bs=1024k count=1000\nmkswap /var/swap.img\nswapon /var/swap.img\nfree\n\necho \"/var/swap.img none swap sw 0 0\" >> /etc/fstab\n
Reference
"},{"location":"getting-started/troubleshooting/","title":"Troubleshooting","text":"New
Introduced in 0.17.0
trace:on # Enables trace mode\ntrace:off # Disables trace mode\n
"},{"location":"getting-started/troubleshooting/#trace-mode","title":"Trace Mode","text":"By default, Dokku will constrain the amount of output displayed for any given command run. The verbosity of output can be increased by enabling trace mode. Trace mode will turn on the set -x
flag for bash plugins, while other plugins are free to respect the environment variable DOKKU_TRACE
and log differently as approprate. Trace mode can be useful to see where plugins are running commands that would otherwise be unexpected.
To enable trace mode, run trace:on
dokku trace:on\n
-----> Enabling trace mode\n
Trace mode can be disabled with trace:off
dokku trace:off\n
-----> Disabling trace mode\n
"},{"location":"getting-started/troubleshooting/#common-problems","title":"Common Problems","text":""},{"location":"getting-started/troubleshooting/#i-deployed-my-app-but-i-am-getting-the-default-nginx-page","title":"I deployed my app but I am getting the default nginx page","text":"Most of the time it's caused by some defaults newer versions of nginx set. To make sure that's the issue you're having run the following:
nginx -t\n## nginx: [emerg] could not build the server_names_hash, you should increase server_names_hash_bucket_size: 32\n
If you get a similar error just edit /etc/nginx/nginx.conf
and add the following line to your http
section:
http {\n (... existing content ...)\n server_names_hash_bucket_size 64;\n (...)\n}\n
Note that the server_names_hash_bucket_size
setting defines the maximum domain name length. A value of 64 would allow domains with up to 64 characters. Set it to 128 if you need longer ones.
Save the file and try stopping nginx and starting it again:
dokku nginx:stop\ndokku nginx:start\n
Using the EXPOSE
directive in a Dockerfile may be another reason why you might see the default site. When the EXPOSE
directive is in use and a proxy plugin is enabled (the default), the proxy plugin will listen to requests on the ports specified in the EXPOSE
stanza.
For example, if you have an EXPOSE
directive like so:
EXPOSE 8000\n
The port mapping will be http:8000:8000
.
To avoid this issue, either of the following can be done:
EXPOSE
directive: This will require respecting the $PORT
environment variable (automatically set by Dokku). Once that change is deployed, the port mapping should be cleared via the dokku ports:clear $APP
command (where $APP
is your app name).80
to your app's exposed port via dokku ports:set $APP http:80:$EXPOSED_PORT
can also fix the issue. This will also allow certificate management and the letsencrypt plugin to work correctly.See the port management documentation for more information on how Dokku exposes ports for applications and how you can configure these for your app.
"},{"location":"getting-started/troubleshooting/#i-want-to-deploy-my-app-but-while-pushing-i-get-the-following-error","title":"I want to deploy my app, but while pushing I get the following error","text":"The following error may be emitted from a deploy:
! [remote rejected] master -> master (pre-receive hook declined)\n
The remote rejected
error does not give enough information. Anything could have failed. Enable trace mode and begin debugging. If this does not help you, create a gist containing the full log, and create an issue.
One the reasons why you may get this error is because the command that is run in the container exited (without errors). For example, (in Procfile) when you define a new worker container to run Delayed Job and use the bin/delayed_job start command. This command deamonizes the process and exists. The container thinks it's done so it closes itself. The error you get is the one above. To fix the above problem for Delayed Job, you must define the worker to user rake jobs:work, which doesn't deamonize the process.
"},{"location":"getting-started/troubleshooting/#i-get-the-aforementioned-error-in-the-build-phase-after-turning-on-dokku-tracing","title":"I get the aforementioned error in the build phase (after turning on Dokku tracing)","text":"Most errors that happen in this phase are due to transient network issues (either locally or remotely) buildpack bugs.
Find the failed phase's container image (077581956a92
in this example).
docker ps -a | grep build\n## 94d9515e6d93 077581956a92 \"/build\" 29 minutes ago Exited (0) 25 minutes ago cocky_bell\n
Start a new container with the failed image and poke around (i.e. ensure you can access the internet from within the container or attempt the failed command, if known).
docker run -ti 077581956a92 /bin/bash\ncurl -s -S icanhazip.com\n## 192.168.0.1\ncurl http://s3pository.heroku.com/node/v0.10.30/node-v0.10.30-linux-x64.tar.gz -o node-v0.10.30-linux-x64.tar.gz\ntar tzf node-v0.10.30-linux-x64.tar.gz\n## ...\n
Sometimes (especially on DigitalOcean) deploying again seems to get past these seemingly transient issues. Additionally we've seen issues if changing networks that have different DNS resolvers. In this case, you can run the following to update your resolv.conf
.
resolvconf -u\n
Please see #841 and #649.
"},{"location":"getting-started/troubleshooting/#after-adding-an-ssh-key-i-am-told-i-cannot-read-from-the-remote-repository-on-push","title":"After adding an SSH key, I am told I cannot read from the remote repository on push","text":"Connection closed by <host> port 22\nfatal: Could not read from remote repository.\n\nPlease make sure you have the correct access rights\nand the repository exists.\n
Certain systems may have access to the dokku
user via SSH disabled. Please check that the dokku
user is allowed access to the system in the file /etc/security/access.conf
. As Dokku does not manage this file, please consult your Operating System's documentation for more information.
Sometimes the following error message may be shown on push
fatal: 'NAME' does not appear to be a git repository\nfatal: Could not read from remote repository.\n
You get asked for a password because your SSH secret key can't be found. This may happen if the private key corresponding to the public key you added with sshcommand acl-add
is not located in the default location ~/.ssh/id_rsa
.
You have to point SSH to the correct secret key for your domain name. Add the following to your ~/.ssh/config
:
Host DOKKU_HOSTNAME\n IdentityFile \"~/.ssh/KEYNAME\"\n
Also see issue #116.
"},{"location":"getting-started/troubleshooting/#i-successfully-deployed-my-application-with-no-deployment-errors-and-receiving-bad-gateway-when-attempting-to-access-the-application","title":"I successfully deployed my application with no deployment errors and receiving Bad Gateway when attempting to access the application","text":"In many cases the application will require the a process.env.PORT
port opposed to a specified port.
When specifying your port you may want to use something similar to:
var port = process.env.PORT || 3000\n
Please see #282.
Additionally, your application should listen/bind to all interfaces (0.0.0.0
). Many frameworks default to listening on 127.0.0.1
.
Please see #5798.
"},{"location":"getting-started/troubleshooting/#deployment-fails-because-of-slow-internet-connection-messages-shows-gzip-stdin-unexpected-end-of-file","title":"Deployment fails because of slow internet connection, messages showsgzip: stdin: unexpected end of file
","text":"If you see output similar this when deploying:
Command: 'set -o pipefail; curl --fail --retry 3 --retry-delay 1 --connect-timeout 3 --max-time 30 https://s3-external-1.amazonaws.com/heroku-buildpack-ruby/ruby-2.0.0-p451-default-cache.tgz -s -o - | tar zxf -' failed unexpectedly:\n !\n ! gzip: stdin: unexpected end of file\n ! tar: Unexpected EOF in archive\n ! tar: Unexpected EOF in archive\n ! tar: Error is not recoverable: exiting now\n
it might that the cURL command that is supposed to fetch the buildpack (anything in the low megabyte file size range) takes too long to finish, due to slowish connection. To overwrite the default values (connection timeout: 90 seconds, total maximum time for operation: 600 seconds), set the following environment variables:
dokku config:set --global CURL_TIMEOUT=1200\ndokku config:set --global CURL_CONNECT_TIMEOUT=180\n
Please see #509.
Another reason for this error (although it may respond immediately ruling out a timeout issue) may be because you've set the config setting SSL_CERT_FILE
. Using a config setting with this key interferes with the buildpack's ability to download its dependencies, so you must rename the config setting to something else, e.g. MY_APP_SSL_CERT_FILE
.
Killed
message","text":"This generally occurs when the server runs out of memory. You can either add more RAM to your server or setup swap space. The follow script will create 2 GB of swap space.
sudo install -o root -g root -m 0600 /dev/null /swapfile\ndd if=/dev/zero of=/swapfile bs=1k count=2048k\nmkswap /swapfile\nswapon /swapfile\necho \"/swapfile swap swap auto 0 0\" | sudo tee -a /etc/fstab\nsudo sysctl -w vm.swappiness=10\necho vm.swappiness = 10 | sudo tee -a /etc/sysctl.conf\n
"},{"location":"getting-started/troubleshooting/#i-successfully-deployed-my-application-with-no-deployment-errors-but-im-receiving-connection-timeout-when-attempting-to-access-the-application","title":"I successfully deployed my application with no deployment errors but I'm receiving Connection Timeout when attempting to access the application","text":"This can occur if Dokku is running on a system with a firewall like UFW enabled (some OS versions like Ubuntu have this enabled by default). You can check if this is your case by running the following script:
sudo ufw status\n
If the previous script returned Status: active
and a list of ports, UFW is enabled and is probably the cause of the symptom described above. To disable it, run:
sudo ufw disable\n
"},{"location":"getting-started/troubleshooting/#i-cant-connect-to-my-application-because-the-server-is-sending-an-invalid-response-or-cant-provide-a-secure-connection","title":"I can't connect to my application because the server is sending an invalid response, or can't provide a secure connection","text":"This isn't usually an issue with Dokku, but rather an app config problem. This can happen when your application is configured to enforce secure connections/HSTS, but you don't have SSL set up for the app.
In Rails at least, if your application.rb
or environmnents/production.rb
include the line configure.force_ssl = true
which includes HSTS, try commenting that out and redeploying.
If this solves the issue temporarily, longer term you should consider configuring SSL.
"},{"location":"getting-started/troubleshooting/#my-application-deploys-properly-but-wont-load-in-browser-connection-refused","title":"My application deploys properly, but won't load in browser \"connection refused\"","text":"This could be a result of a bad proxy configuration (http:5000:5000
may be incorrect). Run dokku ports:report node-js-app
to check if your app has the correct proxy configuration. It should show something like the following.
=====> node-js-app ports information\n Port map: http:80:5000 https:443:5000\n
Set dokku ports:set node-js-app http:80:5000
to get proxy correctly configured for http endpoint.
Sometimes nginx does something funky and cant actually reload for whatever reason.
# Validate the configuration\n$ sudo nginx -t\nnginx: the configuration file /etc/nginx/nginx.conf syntax is ok\nnginx: configuration file /etc/nginx/nginx.conf test is successful\n\n$ sudo service nginx restart\n\n# Re-enable Letsencrypt\n
Example: existing AppA (https) and AppB(https), deployed NEW (non-https) then noticed right away NEW's subdomain showed AppB's content and cert but under its own subdomain (cert miss-match of course). AppB still works. AppA also changed to show AppB content and cert.. Other apps were unaffected.
Consider caddy and traefik support via docker containers if this continues to be an issue.
"},{"location":"getting-started/uninstalling/","title":"Uninstalling","text":"While we hate to see you go, if you need to uninstall Dokku, the following may help you out:
"},{"location":"getting-started/uninstalling/#arch-uninstallation","title":"Arch Uninstallation","text":"# purge dokku from your system\nyay -Rsn dokku\n
"},{"location":"getting-started/uninstalling/#debian-uninstallation","title":"Debian Uninstallation","text":"# purge dokku from your system\napt-get purge dokku herokuish\n\n# remove any dependencies that are no longer necessary\napt-get autoremove\n
"},{"location":"getting-started/uninstalling/#makefile-uninstallation","title":"Makefile Uninstallation","text":"This is a manual deletion process, and as it is not a recommended installation method, there is currently no automated uninstallation.
All service plugins should be unlinked from applications, stopped, and destroyed.
All applications should be stopped, and all docker containers and images deleted:
# stop all applications\ndokku ps:stop --all\n\n# cleanup containers and images\ndokku cleanup\n
The following user/group must be deleted:
dokku
dokku
The following directories must be deleted:
~dokku
/var/lib/dokku
/var/log/dokku
If you\u2019re stuck, there are a number of places you can get help:
"},{"location":"getting-started/where-to-get-help/#the-official-dokku-website","title":"The Official Dokku Website","text":"The Official Dokku website is always a great place to visit. It features links to oft-used developer tools, community plugins, and guides on using Dokku.
"},{"location":"getting-started/where-to-get-help/#monitored-locations","title":"Monitored Locations","text":"The Code Of Conduct applies to all actively monitored Dokku discussion areas. Please be mindful of your neighbors on the internet.
"},{"location":"getting-started/where-to-get-help/#forums","title":"Forums","text":"GitHub Discussions is a new way for the Dokku community to interact with each other! This is a place to ask questions to the community or discuss potential feature requests before filing issues.
"},{"location":"getting-started/where-to-get-help/#the-slack-channel","title":"The Slack Channel","text":"#dokku
channel)If you\u2019re stumped, give us a holler in the Dokku Slack channel. Someone from the development team is usually there, especially during the daylight hours for North and South American users. We\u2019d love to hear from you, whether you need some help, want to find users in your area, or would like to donate our brand new sports car.
Chat is synced to Discord and IRC.
"},{"location":"getting-started/where-to-get-help/#discord","title":"Discord","text":"We provide a Dokku Discord that folks can use to ask questions or comments about the project. Someone from the development team is usually there, especially during the daylight hours for North and South American users. Feel free to join us online!
Chat is synced to IRC and Slack.
"},{"location":"getting-started/where-to-get-help/#unmonitored-locations","title":"Unmonitored Locations","text":"You may find help on these locations, but they are not actively monitored by the development team. The Code of Conduct still applies.
"},{"location":"getting-started/where-to-get-help/#stack-overflow","title":"Stack Overflow","text":"Tag your questions with dokku
to enable existing users of Stack Overflow to find your questions.
This location isn't as well monitored as Slack, and loses history. Chat is synced to Discord and Slack
"},{"location":"getting-started/install/azure/","title":"Microsoft Azure Installation Notes","text":"If you don't already have one generate an SSH key pair.
Go to the Dokku on Azure deployment page and click Deploy to Azure.
You'll be prompted to enter a few parameters, including a unique storage account name and a unique name for the subdomain used for your public IP address. For the sshKeyData
parameter, copy and paste the contents of the public key file you just created. After a few minutes the Dokku instance will be deployed.
Once the installation is complete, you should configure an ssh key and set your global domain.
# usually your key is already available under the current user's `~/.ssh/authorized_keys` file\ncat ~/.ssh/authorized_keys | dokku ssh-keys:add admin\n\n# you can use any domain you already have access to\n# this domain should have an A record or CNAME pointing at your server's IP\ndokku domains:set-global dokku.me\n\n# you can also use the ip of your server\ndokku domains:set-global 10.0.0.2\n\n# finally, you can use sslip.io to get subdomain support\n# as you would with a regular domain name\n# this would be done by appending `.sslip.io` to your ip address\ndokku domains:set-global 10.0.0.2.sslip.io\n
See the user management and domains documentation for more information.
"},{"location":"getting-started/install/debian/","title":"Debian Package Installation Notes","text":"As of 0.3.18, Dokku defaults to being installed via Debian package. While certain hosts may require extra work to get running, you may optionally wish to automate the installation of Dokku without the use of our bootstrap.sh
Bash script. The following are the steps run by said script:
# install docker\nwget -nv -O - https://get.docker.com/ | sh\n\n# install dokku\nwget -qO- https://packagecloud.io/dokku/dokku/gpgkey | sudo tee /etc/apt/trusted.gpg.d/dokku.asc\n# programmatically determine distro and codename\nDISTRO=\"$(awk -F= '$1==\"ID\" { print tolower($2) ;}' /etc/os-release)\"\nOS_ID=\"$(awk -F= '$1==\"VERSION_CODENAME\" { print tolower($2) ;}' /etc/os-release)\"\necho \"deb https://packagecloud.io/dokku/dokku/${DISTRO}/ ${OS_ID} main\" | sudo tee /etc/apt/sources.list.d/dokku.list\nsudo apt-get update -qq >/dev/null\nsudo apt-get -qq -y install dokku\nsudo dokku plugin:install-dependencies --core\n
"},{"location":"getting-started/install/debian/#unattended-installation","title":"Unattended installation","text":"In case you want to perform an unattended installation of Dokku, this is made possible through debconf, which allows you to configure a package before installing it.
You can set any of the below options through the debconf-set-selections
command, for example to enable vhost-based deployments:
echo \"dokku dokku/vhost_enable boolean true\" | sudo debconf-set-selections\n
After setting the desired options, proceed with the installation as described above.
"},{"location":"getting-started/install/debian/#debconf-options","title":"debconf options","text":"Name Type Default Description dokku/vhost_enable boolean false Use vhost-based deployments (e.g.[yourapp].dokku.me
) dokku/hostname string dokku.me Hostname, used as vhost domain and for showing app URL after deploy dokku/skip_key_file boolean false Don't check for the existence of the dokku/key_file. Warning: Setting this to true, will require you to manually add an SSH key later on. dokku/key_file string /root/.ssh/id_rsa.pub Path on disk to an SSH key to add to the Dokku user (Will be ignored on dpkg-reconfigure
) dokku/nginx_enable boolean true Enable nginx-vhosts plugin"},{"location":"getting-started/install/digitalocean/","title":"DigitalOcean Droplet Installation Notes","text":"DigitalOcean offers a pre-installed Dokku image. You can run this image on any sized Droplet, although larger Droplets will allow you to run larger applications.
Info
Please disable IPv6. There are known issues with IPv6 on DigitalOcean and Docker. If you would like to run Dokku on an IPv6 DigitalOcean Droplet, please consult this guide.
cat $HOME/.ssh/id_rsa.pub
.ssh root@$SERVER_IP
, where $SERVER_IP
is your server's IP address.rm /etc/nginx/sites-enabled/default
If you added more than one key, use the dokku ssh-keys:add
to add an ssh key to the dokku user:
echo \"$CONTENTS_OF_YOUR_PUBLIC_SSH_KEY_HERE\" | dokku ssh-keys:add KEY_NAME\n
Ensure your server has a correct global hostname via dokku domains:set-global
# replace dokku.me with a hostname pointed at your server\ndokku domains:set-global dokku.me\n
Pull the dokku/dokku image:
docker pull dokku/dokku:0.35.0\n
Next, run the image.
docker container run -d \\\n --env DOKKU_HOSTNAME=dokku.me \\\n --env DOKKU_HOST_ROOT=/var/lib/dokku/home/dokku \\\n --env DOKKU_LIB_HOST_ROOT=/var/lib/dokku/var/lib/dokku \\\n --name dokku \\\n --publish 3022:22 \\\n --publish 8080:80 \\\n --publish 8443:443 \\\n --volume /var/lib/dokku:/mnt/dokku \\\n --volume /var/run/docker.sock:/var/run/docker.sock \\\n dokku/dokku:0.35.0\n
Alternatively, you can use docker-compose.yml
:
services:\n dokku:\n image: dokku/dokku:0.35.0\n container_name: dokku\n network_mode: bridge\n ports:\n - \"3022:22\"\n - \"8080:80\"\n - \"8443:443\"\n volumes:\n - \"/var/lib/dokku:/mnt/dokku\"\n - \"/var/run/docker.sock:/var/run/docker.sock\"\n environment:\n DOKKU_HOSTNAME: dokku.me\n DOKKU_HOST_ROOT: /var/lib/dokku/home/dokku\n DOKKU_LIB_HOST_ROOT: /var/lib/dokku/var/lib/dokku\n restart: unless-stopped\n
The above command will start a new docker container that is ready when a message similar to Runit started as PID 12345
appears.
Dokku is run in the following configuration:
dokku.me
on boot./var/lib/dokku
directory./home/dokku
.Application repositories, plugin config, as well as plugin data are persisted to disk within the specified host directory for /var/lib/dokku
.
Other docker container options can also be used when running Dokku, though the specific outcome will depend upon the specified options. For example, the Dokku container's nginx port can be bound to a specific host ip by specifying --publish $HOST_IP:8080:80
, where $HOST_IP
is the IP desired. Please see the docker container run documentation for further explanation for various docker arguments.
To install custom plugins, create a plugin-list
file in the host's /var/lib/dokku
directory. The plugins listed herein will be automatically installed by Dokku on container boot. This file should be the following format:
plugin_name: repository_url\n
An example for installing the postgres and redis plugins follows:
postgres: https://github.com/dokku/dokku-postgres.git\nredis: https://github.com/dokku/dokku-redis.git\n
"},{"location":"getting-started/install/docker/#prior-to-dokku-start","title":"Prior to Dokku start","text":"The alternative is to build a custom docker image via a custom Dockerfile. This Dockerfile can run any plugin:install
command. Note that the version installed at that time will be the one that persists. Below is an example Dockerfile showing this method.
FROM dokku/dokku:0.35.0\nRUN dokku plugin:install https://github.com/dokku/dokku-postgres.git postgres\nRUN dokku plugin:install https://github.com/dokku/dokku-redis.git redis\n
"},{"location":"getting-started/install/docker/#ssh-key-management","title":"SSH Key Management","text":"To initialize ssh-keys within the container, use docker exec
to enter the container:
docker exec -it dokku bash\n
Next, run the appropriate ssh-keys commands:
echo \"$CONTENTS_OF_YOUR_PUBLIC_SSH_KEY_HERE\" | dokku ssh-keys:add KEY_NAME\n
Please see the user management documentation for more information.
"},{"location":"getting-started/install/docker/#pushing-applications","title":"Pushing Applications","text":"When exposing the Dokku container's SSH port (22) on 3022, something similar to the following will need to be setup within the user's ~/.ssh/config
:
Host dokku.docker\n HostName 127.0.0.1\n Port 3022\n
In the above example, the hostname 127.0.0.1
is being aliased to dokku.docker
, while the port is being overridden to 3022
. All SSH commands - including git pushes - for the hostname dokku.docker
will be transparently sent to 127.0.0.1:3022
.
Cloud-init script can be used to automate installation of Dokku on Dreamhost (or any other OpenStack-compatible cloud with minimal changes).
A new server instance can be created on DreamHost Cloud from the command line using OpenStack client or from the web UI and with the same command use a cloud-init script to install Dokku. Install the OpenStack CLI, download the DreamHost Cloud credentials file before proceeding and make sure your public SSH key is added to the cloud.
source openrc.sh # Set the environment variables for DreamHost Cloud\n
This allows OpenStack client to connect to DreamHost API endpoints. The command below creates a new server instance named my-dokku-instance
based on Ubuntu 24.04, with 2 GB RAM and 1 CPU (the flavor called supersonic
), opening network port access to HTTP and SSH (the default
security group), and the name of the chosen SSH key. This key will be automatically added to the new server in the authorized_keys
for the default SSH user (ubuntu
), and it will be reused by Dokku.
openstack server create \\\n --image Ubuntu-24.04 \\\n --flavor gp1.supersonic \\\n --security-group default \\\n --key-name $YOUR_SSH_KEYNAME \\\n --user-data dokku-cloudinit.sh \\\n my-dokku-instance\n
The content of dokku-cloudinit.sh script contains instructions to add Docker and Dokku's apt repositories and install Dokku with the proper debconf options set. Don't forget to add the FQDN for your application server:
#cloud-config\n\napt:\n sources:\n source_dokku: \n source: 'deb https://packagecloud.io/dokku/dokku/ubuntu/ $RELEASE main'\n key: |\n -----BEGIN PGP PUBLIC KEY BLOCK-----\n Version: GnuPG v1.4.11 (GNU/Linux)\n\n mQINBFu7hksBEADJfS1wB4JJmVcJ3FYoY/F3DmEsg2/NSj/TleB7hkdFPGTaOEef\n c6SrK6bkQas8CzCZXskg3FFUFyxJwP0yQFosJ7nQCXbuaCzkGyOaob/2D4lqniKu\n lyFvZuN0Evh2SoJYB6Idiy3rG58/KMQxJ/73HjcrOPxwpcfIE+rfey0fo6HOcSz7\n AS3pXMbe0VoVOt8107i9qg6PizpaPugbSOP98aq2o0sPkjvKVzPsBvXWe9lDTreI\n X+00Z6WXjcDxmKTGvCkcJ6jk0L5r66Y6TNlJeYwFb0o7PbY7YeJSEJxw9eNozZpY\n EYvHCzHvsv7c8s+s5MeHDvvF5qsvt5qPPfw3zwLT01g1YTQpZdSDKn72YhrQUGJM\n j/W8ro8Ij9BYhYQMIdy+RPNQrBdKjj75kW1NLCGLlE89+6PYzlQwDFLdl9eZlUdM\n rvxbDPM99MRBBq30xfIS6YctHr40mEqZEi6OUoImaj5bbA1H3XHVH2JsWo1ttQYo\n 5qOGGhNi7/nyI9zxVo9r97lgGLztyl6ILZt8kxnWIx1QnPmSMuUNqYfuUuKAPs1q\n +bisBLvylnFvQSqnpEuPwUS1UDby4CzVBzshTsuykCQRiwdU9tcjzZUlKKKTRLhj\n CZCNxv1Ovgl+3m/4R5L7YOBYGCmVW0/GvlrxPLGCjZa1O8/3nih5+cv5TwARAQAB\n tGhodHRwczovL3BhY2thZ2VjbG91ZC5pby9kb2trdS9kb2trdSAoaHR0cHM6Ly9w\n YWNrYWdlY2xvdWQuaW8vZG9jcyNncGdfc2lnbmluZykgPHN1cHBvcnRAcGFja2Fn\n ZWNsb3VkLmlvPokCOAQTAQIAIgUCW7uGSwIbLwYLCQgHAwIGFQgCCQoLBBYCAwEC\n HgECF4AACgkQ8f9oUSiLMxUN3Q/+LeoFr8p3zSp9tRcCuMXfbc7rnJ/UgJiO53jW\n 8LsXH1h5dWeh2H5VqzGjDJ3SORisAWdOMu1SWkw4mvBZQQL12iwAMZmIDmbWU73c\n PplwGUQ4sltNxtiAVdntWC1vwSceY6/AQZwE2k60RYzg5bR2KAyZR9yGssGsekFO\n zOuMiTswzEYoZaJla+cduAXZzGf8NZgbzhXKhyfjVodRTyNR0dhoeMwNBlH0WWzW\n owwNOaJQ1LwDUkjrfRpkT53RJ5olRYa5ONDxuZEvmFy57bqXJh5U13m9FNWEtmF2\n NySFltZYEL6BZQn5qehF4kqqJ0JSVsHEyEC7sU9yr93khTGjWQfcGaITZXPNyXTC\n py/J1TeOEOz2VyvglPx/JL4dTfPg5uZCTWRXzLJDAbW26BcyFI4OyPjFly6FLj0o\n nMUuEzdCmNpHCKWkeyXajxtYd4EMo+UHGYC7jrpsAxRib0pdHUwnOG0MeNIUtPm/\n yW8i5St9PnX2y2qSaAoVURAI3irApn4Wc+hgRjo22l/B6ZudMAtASD5Ie8pXHNS0\n dlsgiv3sTZachMKU+usoIgejIb0MuBhBwVJ93A4YguEqNgZg0Cz4MUpWNma6zLIN\n Ko+3khp3z2Y/jWfNTKs41sz++png1iqjnvXjGIjKtgcFJyH+AwZzkh5LjRiahM/I\n OO/xTaO5Ag0EW7uGSwEQAL39qC95IFVNobRvecddeL26kHPgd0JS4fjB5r01pMFR\n 3fojnEwGTLzRJVR4iTfzOiAG1XKGYmEb15NkEgEcvaLaojSsaaAHv++BqL2qXHJa\n sfsgjKqxCAKyJps5wCEIzF1xfxHB/5BIyKenXZw9K/zlZzsfqzyehLAarZ4oMQEN\n u/dG3TlXCf/oSBHDttLTcRTGs1I8FEaA9O0ZeV+2S/WuT0kFa6s1tRUMMWHWzMmR\n 2a+vLCE3OMWtlRk6sfhfccf4rIzjj3xyieEGKznkOycu8JOqTBRmGMl3wRS2XI7c\n PFiV1MGRV5uhJ6a0D6DDAddL13TaXMfsZB0KkFHh8bKvAxJA9opHhl+X2NrdwsLz\n crCWF+QdoPX494j2aWnwSOXXtW9c2b6cpDfUoGVD79IYEzL0n6dgBPwCKLcmxotF\n Tv+H3Yy0DBn8BaQ0ZHbEgudwr73vxMgbYStGfu/bQEulcLA0vfTRGBRhzlZLE8k6\n +fXK23R4T/3kdyJovHdnK6aIN6oFTnVM5pyLrxmUkLCaPEbnoxVtA9zOeiGhqjYT\n pLgZMG95HgoscBlOh8BpuM2E3MSPV6XYjEKtvDpWy/i/oCPhd/PcY/qVxzj6dANU\n gQE/8hdf6Q//SvUxZaVrVwnmWkIZshGDJj/EM8VGhKzEoZF8Xmr/aibyN3CLoSMl\n ABEBAAGJBD4EGAECAAkFAlu7hksCGy4CKQkQ8f9oUSiLMxXBXSAEGQECAAYFAlu7\n hksACgkQ+ytqpCHNGT+1Vg//Z0ZiIoQQCLXmbAPdA79HVLCzsvkKQ3/RlqIR7Nq1\n JzgqPxg8drRo5+Ri+VrsIJt3AYH/lGm1UuSeycM6NrNWBpqL5FLjrMmbILQp9GMf\n bCZLXocOwDvrfpdBuEK+AS8SuLeiZtl8DcOe9Xtv3LSxXre0hsiIZpTRIjP+qkj8\n W7oZqUxwo1Wcnff+0snf6hPiTps/IB1utzSjxXVe86/89BWvLt/mT1o81h5mclgk\n l1eit6BvZsO/iicLB5KbyA7DVjAnxngze0+cCUAIVbqQbZhAVw5oZbKeXedbGuxr\n eRLWx+h5IBbtn+JwWngzueHyc3fY5b6ann06f6y6BF5+XmPRIXakYh4moJxSRQCA\n GVKGEubH/Y1Vyq8QIX7V6PGpS39mQkoYXEztvEtyZiV3J+SyObYZVTs9d5/rhoE2\n wXQIFTOdyHi52K2VfT3JU7rWOw5/SWuOQyyDdWgxEJuU6bUeOViOwHVkZDzwBX3Y\n 1to5cgY6dNQARplEgZZjRja4uc06u2d7Bk2CfqO4LvjV5UlPm838Ga+kGzBpp86X\n 5JBbZz9lPGf+GY7ZcROQp6ONui8P08+7EaTVtILTE0rd5g8umOnWBo1zteMv50As\n jyIPW20kUuJMdz3V+TNag5aCMW7qnO4zwildlQZmL54+xQDuRXK8P5JlKml6gnK+\n 4SLvUA/8CALEMqxNlb06ZJc1GCU/mcQYXfkNosHaNYpORjziDnH1LBQ7AnhIhhMy\n FwcuxpG9bABwQfoQE84Kx3zVU0xEoCGr549Kf5p7ZcqGwn3WzSql+qR/NcPRV9Dp\n tb4iSXoTUeutR1SeVn/TI2aOWez3UyIztnam+p32e4BNuyByFRmo2e8dP1RqCg6b\n 0KwuxDDE0k3zJCpjsWROrtBVQ9Zt9rsfG5kFxJ6Qi90uJP71f8rFDUuKmxJazDf3\n g3GHEGovUrOJO5JpvCcfCyT9mfOPxUSAKGBHj8NPY84vjqGaA9qqt54D8YT57TjR\n 5oWd8Iwex4XFHAoj59q04KmramVgP5q8VKFrxwVOhYmK6SNmvW9dEI3Y16bu9KF7\n CJnPq/mQXEI+a/G6hZgZ8eYxOV2812WcORppezALreHJeN1HogxI972G0kalKhNC\n p3315BKJdw/p6/j/qIob2EZOdqBsdHRKBgBVXVbaCnzgh1kKLEvJnVDio+zjEPDr\n lR9wQbcHRbu+ZqRSEbH0of/4rx0CdCPGKSDafviKPDXnvls85tWV/lMtNxamqYvv\n V0DUeTWQDmfiyWCgqXTiRA9U4ZFgFNWmirh38UmV7VtSlYaRos8fEQTfmN20fqTk\n 9mVAREENSiAuc4P93l8TtrN1bAqXaTX5oz+lepqWmHWvY+RiNiw=\n =laU4\n -----END PGP PUBLIC KEY BLOCK-----\n source_docker: \n source: 'deb [arch=amd64] https://download.docker.com/linux/ubuntu $RELEASE stable'\n key: |\n -----BEGIN PGP PUBLIC KEY BLOCK-----\n\n mQINBFit2ioBEADhWpZ8/wvZ6hUTiXOwQHXMAlaFHcPH9hAtr4F1y2+OYdbtMuth\n lqqwp028AqyY+PRfVMtSYMbjuQuu5byyKR01BbqYhuS3jtqQmljZ/bJvXqnmiVXh\n 38UuLa+z077PxyxQhu5BbqntTPQMfiyqEiU+BKbq2WmANUKQf+1AmZY/IruOXbnq\n L4C1+gJ8vfmXQt99npCaxEjaNRVYfOS8QcixNzHUYnb6emjlANyEVlZzeqo7XKl7\n UrwV5inawTSzWNvtjEjj4nJL8NsLwscpLPQUhTQ+7BbQXAwAmeHCUTQIvvWXqw0N\n cmhh4HgeQscQHYgOJjjDVfoY5MucvglbIgCqfzAHW9jxmRL4qbMZj+b1XoePEtht\n ku4bIQN1X5P07fNWzlgaRL5Z4POXDDZTlIQ/El58j9kp4bnWRCJW0lya+f8ocodo\n vZZ+Doi+fy4D5ZGrL4XEcIQP/Lv5uFyf+kQtl/94VFYVJOleAv8W92KdgDkhTcTD\n G7c0tIkVEKNUq48b3aQ64NOZQW7fVjfoKwEZdOqPE72Pa45jrZzvUFxSpdiNk2tZ\n XYukHjlxxEgBdC/J3cMMNRE1F4NCA3ApfV1Y7/hTeOnmDuDYwr9/obA8t016Yljj\n q5rdkywPf4JF8mXUW5eCN1vAFHxeg9ZWemhBtQmGxXnw9M+z6hWwc6ahmwARAQAB\n tCtEb2NrZXIgUmVsZWFzZSAoQ0UgZGViKSA8ZG9ja2VyQGRvY2tlci5jb20+iQI3\n BBMBCgAhBQJYrefAAhsvBQsJCAcDBRUKCQgLBRYCAwEAAh4BAheAAAoJEI2BgDwO\n v82IsskP/iQZo68flDQmNvn8X5XTd6RRaUH33kXYXquT6NkHJciS7E2gTJmqvMqd\n tI4mNYHCSEYxI5qrcYV5YqX9P6+Ko+vozo4nseUQLPH/ATQ4qL0Zok+1jkag3Lgk\n jonyUf9bwtWxFp05HC3GMHPhhcUSexCxQLQvnFWXD2sWLKivHp2fT8QbRGeZ+d3m\n 6fqcd5Fu7pxsqm0EUDK5NL+nPIgYhN+auTrhgzhK1CShfGccM/wfRlei9Utz6p9P\n XRKIlWnXtT4qNGZNTN0tR+NLG/6Bqd8OYBaFAUcue/w1VW6JQ2VGYZHnZu9S8LMc\n FYBa5Ig9PxwGQOgq6RDKDbV+PqTQT5EFMeR1mrjckk4DQJjbxeMZbiNMG5kGECA8\n g383P3elhn03WGbEEa4MNc3Z4+7c236QI3xWJfNPdUbXRaAwhy/6rTSFbzwKB0Jm\n ebwzQfwjQY6f55MiI/RqDCyuPj3r3jyVRkK86pQKBAJwFHyqj9KaKXMZjfVnowLh\n 9svIGfNbGHpucATqREvUHuQbNnqkCx8VVhtYkhDb9fEP2xBu5VvHbR+3nfVhMut5\n G34Ct5RS7Jt6LIfFdtcn8CaSas/l1HbiGeRgc70X/9aYx/V/CEJv0lIe8gP6uDoW\n FPIZ7d6vH+Vro6xuWEGiuMaiznap2KhZmpkgfupyFmplh0s6knymuQINBFit2ioB\n EADneL9S9m4vhU3blaRjVUUyJ7b/qTjcSylvCH5XUE6R2k+ckEZjfAMZPLpO+/tF\n M2JIJMD4SifKuS3xck9KtZGCufGmcwiLQRzeHF7vJUKrLD5RTkNi23ydvWZgPjtx\n Q+DTT1Zcn7BrQFY6FgnRoUVIxwtdw1bMY/89rsFgS5wwuMESd3Q2RYgb7EOFOpnu\n w6da7WakWf4IhnF5nsNYGDVaIHzpiqCl+uTbf1epCjrOlIzkZ3Z3Yk5CM/TiFzPk\n z2lLz89cpD8U+NtCsfagWWfjd2U3jDapgH+7nQnCEWpROtzaKHG6lA3pXdix5zG8\n eRc6/0IbUSWvfjKxLLPfNeCS2pCL3IeEI5nothEEYdQH6szpLog79xB9dVnJyKJb\n VfxXnseoYqVrRz2VVbUI5Blwm6B40E3eGVfUQWiux54DspyVMMk41Mx7QJ3iynIa\n 1N4ZAqVMAEruyXTRTxc9XW0tYhDMA/1GYvz0EmFpm8LzTHA6sFVtPm/ZlNCX6P1X\n zJwrv7DSQKD6GGlBQUX+OeEJ8tTkkf8QTJSPUdh8P8YxDFS5EOGAvhhpMBYD42kQ\n pqXjEC+XcycTvGI7impgv9PDY1RCC1zkBjKPa120rNhv/hkVk/YhuGoajoHyy4h7\n ZQopdcMtpN2dgmhEegny9JCSwxfQmQ0zK0g7m6SHiKMwjwARAQABiQQ+BBgBCAAJ\n BQJYrdoqAhsCAikJEI2BgDwOv82IwV0gBBkBCAAGBQJYrdoqAAoJEH6gqcPyc/zY\n 1WAP/2wJ+R0gE6qsce3rjaIz58PJmc8goKrir5hnElWhPgbq7cYIsW5qiFyLhkdp\n YcMmhD9mRiPpQn6Ya2w3e3B8zfIVKipbMBnke/ytZ9M7qHmDCcjoiSmwEXN3wKYI\n mD9VHONsl/CG1rU9Isw1jtB5g1YxuBA7M/m36XN6x2u+NtNMDB9P56yc4gfsZVES\n KA9v+yY2/l45L8d/WUkUi0YXomn6hyBGI7JrBLq0CX37GEYP6O9rrKipfz73XfO7\n JIGzOKZlljb/D9RX/g7nRbCn+3EtH7xnk+TK/50euEKw8SMUg147sJTcpQmv6UzZ\n cM4JgL0HbHVCojV4C/plELwMddALOFeYQzTif6sMRPf+3DSj8frbInjChC3yOLy0\n 6br92KFom17EIj2CAcoeq7UPhi2oouYBwPxh5ytdehJkoo+sN7RIWua6P2WSmon5\n U888cSylXC0+ADFdgLX9K2zrDVYUG1vo8CX0vzxFBaHwN6Px26fhIT1/hYUHQR1z\n VfNDcyQmXqkOnZvvoMfz/Q0s9BhFJ/zU6AgQbIZE/hm1spsfgvtsD1frZfygXJ9f\n irP+MSAI80xHSf91qSRZOj4Pl3ZJNbq4yYxv0b1pkMqeGdjdCYhLU+LZ4wbQmpCk\n SVe2prlLureigXtmZfkqevRz7FrIZiu9ky8wnCAPwC7/zmS18rgP/17bOtL4/iIz\n QhxAAoAMWVrGyJivSkjhSGx1uCojsWfsTAm11P7jsruIL61ZzMUVE2aM3Pmj5G+W\n 9AcZ58Em+1WsVnAXdUR//bMmhyr8wL/G1YO1V3JEJTRdxsSxdYa4deGBBY/Adpsw\n 24jxhOJR+lsJpqIUeb999+R8euDhRHG9eFO7DRu6weatUJ6suupoDTRWtr/4yGqe\n dKxV3qQhNLSnaAzqW/1nA3iUB4k7kCaKZxhdhDbClf9P37qaRW467BLCVO/coL3y\n Vm50dwdrNtKpMBh3ZpbB1uJvgi9mXtyBOMJ3v8RZeDzFiG8HdCtg9RvIt/AIFoHR\n H3S+U79NT6i0KPzLImDfs8T7RlpyuMc4Ufs8ggyg9v3Ae6cN3eQyxcK3w0cbBwsh\n /nQNfsA6uu+9H7NhbehBMhYnpNZyrHzCmzyXkauwRAqoCbGCNykTRwsur9gS41TQ\n M8ssD1jFheOJf3hODnkKU+HKjvMROl1DK7zdmLdNzA1cvtZH/nCC9KPj1z8QC47S\n xx+dTZSx4ONAhwbS/LN3PoKtn8LPjY9NP9uDWI+TWYquS2U+KHDrBDlsgozDbs/O\n jCxcpDzNmXpWQHEtHU7649OXHP7UeNST1mCUCH5qdank0V1iejF6/CfTFU4MfcrG\n YT90qFF93M3v01BbxP+EIY2/9tiIPbrd\n =0YYh\n -----END PGP PUBLIC KEY BLOCK-----\n\n debconf_selections:\n vhost: dokku dokku/vhost_enable boolean true\n # set the domain name of the new Dokku server\n hostname: dokku dokku/hostname string $YOUR_FULL_QUALIFIED_DOMAIN\n # this copies over the public SSH key assigned to the server\n key: dokku dokku/key_file string /home/ubuntu/.ssh/authorized_keys\n\npackages:\n - dokku\npackage_update: true\npackage_upgrade: true\npackage_reboot_if_required: true\n
Shortly after running the create command you will get a confirmation that the instance has been created, and after about a minute it should be ready to login. Check the IP of the instance through the web UI or by running:
nova list\n
SSH with the ubuntu
username and the public key previously added. Keep in mind that if you logged in quick enough Dokku might still be installing in the background, and not be ready. The installation takes a few minutes.
Download and install VirtualBox.
Download and install Vagrant.
Clone Dokku.
git clone https://github.com/dokku/dokku.git\n
Create VM.
# Optional ENV arguments:\n# - `BOX_NAME`\n# - `BOX_URI`\n# - `BOX_MEMORY`\n# - `DOKKU_DOMAIN`\n# - `DOKKU_IP`\n# - `FORWARDED_PORT`.\ncd path/to/dokku\n\n# for most users\nvagrant up\n\n# windows users must instead use the following in an elevated command prompt\nvagrant up dokku-windows\n
Setup SSH Config in ~/.ssh/config
.
Host dokku.me\n Port 22\n
For users that have customized the IP address of their VM - either in a custom Vagrantfile
or via the DOKKU_IP
environment variable - and are not using 10.0.0.2
for the Vagrant IP, you'll need to instead use the output of vagrant ssh-config dokku
for your ~/.ssh/config
entry.
Connect to the server via vagrant ssh
and add your ssh key to the install. Additionally, set the global domain name to dokku.me
.
# usually your key is already available under the current user's `~/.ssh/authorized_keys` file\ncat ~/.ssh/authorized_keys | dokku ssh-keys:add admin\n\n# you can use any domain you already have access to\ndokku domains:set-global dokku.me\n
Please note, the dokku.me
domain is setup to point to 10.0.0.2
along with all subdomains (i.e. yourapp.dokku.me
). If you change the DOKKU_IP
in your Vagrant setup you'll need to update your /etc/hosts
file to point your reconfigured IP address.
You are now ready to deploy an app or install plugins.
"},{"location":"getting-started/installation/","title":"Getting Started with Dokku","text":""},{"location":"getting-started/installation/#what-is-dokku","title":"What is Dokku?","text":"Dokku is an extensible, open source Platform as a Service that runs on a single server of your choice. Dokku supports building apps on the fly from a git push
via either Dockerfile or by auto-detecting the language with Buildpacks, and then starts containers based on your built image. Using technologies such as nginx and cron, Web processes are automatically routed to, while background processes and automated cron tasks are also managed by Dokku.
To start using Dokku, you'll need a system that meets the following minimum requirements:
x86_64
), commonly used for Intel cloud serversarm64
), commonly used for Raspberry PI and AWS GravitonTo avoid memory pressure during builds or runtime of your applications, we suggest the following:
Finally, we recommend attaching at least one domain name to your server. This is not required, but using a domain name will make app access easier. When connecting a domain, either a single domain or a wildcard may be associated to the server's IP.
*.domain.tld
A Record): will allow access to apps via $APP.domain.tld
.domain.tld
A or CNAME Record): will result in apps being accessed via domain.tld:$RANDOM_PORT
.Please see the dns documentation and domains documentation for more details.
"},{"location":"getting-started/installation/#installing-the-latest-stable-version","title":"Installing the latest stable version","text":"This is the simple method of installing Dokku. For alternative methods of installation, see the advanced install guide.
"},{"location":"getting-started/installation/#1-install-dokku","title":"1. Install Dokku","text":"To install the latest stable version of Dokku, you can run the following shell commands:
# for debian systems, installs Dokku via apt-get\nwget -NP . https://dokku.com/install/v0.35.0/bootstrap.sh\nsudo DOKKU_TAG=v0.35.0 bash bootstrap.sh\n
The installation process takes about 5-10 minutes, depending upon internet connection speed.
"},{"location":"getting-started/installation/#2-setup-ssh-key-and-virtualhost-settings","title":"2. Setup SSH key and Virtualhost Settings","text":"Once the installation is complete, you should configure an ssh key and set your global domain.
# usually your key is already available under the current user's `~/.ssh/authorized_keys` file\ncat ~/.ssh/authorized_keys | dokku ssh-keys:add admin\n\n# you can use any domain you already have access to\n# this domain should have an A record or CNAME pointing at your server's IP\ndokku domains:set-global dokku.me\n\n# you can also use the ip of your server\ndokku domains:set-global 10.0.0.2\n\n# finally, you can use sslip.io to get subdomain support\n# as you would with a regular domain name\n# this would be done by appending `.sslip.io` to your ip address\ndokku domains:set-global 10.0.0.2.sslip.io\n
See the user management and domains documentation for more information.
"},{"location":"getting-started/installation/#3-deploy-your-first-application","title":"3. Deploy your first application","text":"At this point, you should be able to deploy to the Dokku installation.
"},{"location":"getting-started/upgrading/","title":"Upgrading","text":"If your version of Dokku is pre 0.3.0 (check with dokku version
), we recommend a fresh install on a new server.
For any security related updates, please follow our Twitter account. As Dokku does not run any daemons, the security risk introduced by our software is minimal.
Your operating system may occasionally provide security updates. We recommend setting unattended upgrades for your operating system. Here are some helpful links:
Docker releases updates periodically to their engine. We recommend reading their release notes and upgrading accordingly. Please see the Docker documentation for more details.
"},{"location":"getting-started/upgrading/#migration-guides","title":"Migration Guides","text":"Before upgrading, check the migration guides to get comfortable with new features and prepare your deployment to be upgraded.
If you'll be updating docker or the herokuish package simultaneously, it's recommended that you stop all applications before upgrading and rebuild afterwards. This is not required if the upgrade only impacts the dokku
package.
Why do we recommend stopping all apps?
docker
: Containers may be randomly reset during the upgrade process, resulting in requests being sent to the wrong containers. Acknowledging and scheduling downtime thus becomes much more important.herokuish
: While not required, it may be useful to take advantage of the latest base image. Herokuish changes do not cause issues unless the base OS changes, which may happen in minor or major releases.# for 0.22.0 and newer versions, use\ndokku ps:stop --all\n\n# for versions between 0.11.4 and 0.21.4, use\ndokku ps:stopall\n\n# for versions between 0.8.1 and 0.11.3, use\ndokku --quiet apps:list | xargs -L1 dokku ps:stop\n\n# for versions older than 0.8.1, use\ndokku --quiet apps | xargs -L1 dokku ps:stop\n
"},{"location":"getting-started/upgrading/#upgrading_1","title":"Upgrading","text":"Info
[!IMPORTANT] Unless specified, the bootstrap.sh
script installs Dokku via a Debian package (.deb
). Using either the dokku-update
or apt
methods are enough to perform an upgrade of Dokku.
Please read the migration guides for each version in between your currently installed version of Dokku and the version you are upgrading to in order to ensure minimal downtime.
"},{"location":"getting-started/upgrading/#upgrading-using-dokku-update","title":"Upgrading usingdokku-update
","text":"Warning
The dokku-update
package currently does not support upgrading to a specific version of Dokku. If this is required by a particular migration guide, use the apt
method for upgrading.
We provide a helpful binary called dokku-update
. This is a recommended package that:
This binary is available on Debian and RPM-based systems from our package repositories under the name dokku-update
. When installing from source, this is available from a separate Github repository at dokku/dokku-update.
apt
","text":"If Dokku was installed in a Debian or Ubuntu system, via apt-get install dokku
or bootstrap.sh
, you can upgrade with apt-get
:
# update your local apt cache\nsudo apt-get update\n\n# update dokku and its dependencies\nsudo apt-get --no-install-recommends install dokku herokuish sshcommand plugn gliderlabs-sigil dokku-update dokku-event-listener\n\n# or just upgrade every package:\nsudo apt-get upgrade\n
To upgrade to a specific version of Dokku, specify it on the apt-get
call:
# specify the version _without_ the `v` prefix\nsudo apt-get dokku=$VERSION\n
"},{"location":"getting-started/upgrading/#upgrading-from-source","title":"Upgrading from source","text":"Info
[!CAUTION] Dokku is not normally installed from source. Executing a source upgrade when the installation was performed via apt package may result in an inoperable system and will require manual work to get Dokku in a working state.
If you installed Dokku from source (less common), upgrade with:
cd ~/dokku\ngit pull --tags origin master\n\n# continue to install from source\nsudo DOKKU_BRANCH=master make install\n\n# upgrade to debian package-based installation\nsudo make install\n
To upgrade Herokuish from source, upgrade with:
cd /tmp\ngit clone https://github.com/gliderlabs/herokuish.git\ncd herokuish\nCIRCLECI=true IMAGE_NAME=gliderlabs/herokuish BUILD_TAG=latest make build/docker\n
"},{"location":"getting-started/upgrading/#after-upgrading","title":"After upgrading","text":"After upgrading, you should rebuild the applications to take advantage of any new buildpacks that were released:
dokku ps:rebuild --all\n
"},{"location":"networking/dns/","title":"DNS Configuration","text":"Note
This is a work in progress.
"},{"location":"networking/dns/#dns-versions","title":"DNS Versions","text":"There are many different DNS servers 'in the wild'. Some of the popular ones on Linux are BIND, dnsmasq, and pdns. Windows has its own built-in DNS server as well as Unbound, Posadis, and more. A full list of DNS packages can be found on Wikipedia under Comparison of DNS Server Software. In addition to the various DNS packages, there are tens of thousands of Managed DNS Providers out that all have different DNS interfaces.
"},{"location":"networking/dns/#focus","title":"Focus","text":"Because there are so many different DNS server packages out there as well as a tremendous number of Managed DNS Providers, we will focus on the concepts of DNS as well as providing examples in the 'BIND' format so you can adapt the information to your own server package or managed DNS provider.
"},{"location":"networking/dns/#assumptions","title":"Assumptions","text":"Please remember that DNS relies heavily on caching. Changes you make to DNS could take anywhere from a few seconds to a few days to propagate. If you tried surfing to example.tld, then changed the IP address in DNS, it could be a while before your computer picks up on the changes.
"},{"location":"networking/dns/#getting-started","title":"Getting started","text":"For the examples, we will use the domain name example.tld
and the IP address 127.0.0.1
.
Dokku uses DNS to differentiate between apps on your dokku-powered server. If you are using the domain example.tld
, and you have two apps node-js-app1
and node-js-app2
, Dokku will make them available at node-js-app1.example.tld
and node-js-app2.example.tld
.
To get started, you need to know the IP address of your Dokku server. Connect to it and run ifconfig
or ip addr
to see the IP address.
Now you have to make a decision about your domain. Do you want everything and anything at example.tld
to go to your Dokku server, or would you rather use a 'sub domain' for your Dokku server?
In other words, do you want your applications on your Dokku server accessible via node-js-app.example.tld
or via node-js-app.myserver.example.tld
?
Using a sub-domain is easy. When you set up your server, you probably gave it a name like myserver.example.tld
.
Go in to your Managed DNS provider and create an A
record named myserver
and put in the IP address you got from your server a few moments ago.
Hopefully your managed DNS provider also supports wildcards. Create a second A
record named *.myserver
along with the IP address you got from your server a few moments ago.
If you are using BIND, your zone file will look similar to this:
$ORIGIN example.tld\n$TTL 5m\n\nmyserver IN A 127.0.0.1\n*.myserver IN A 127.0.0.1\n
You can verify your changes in Linux by trying one or more of the following commands:
host myserver.example.tld
dig -t A myserver.example.tld
nslookup myserver.example.tld
Now is a good time to remind you that the answers you get MAY BE CACHED.
If everything is working correctly, you should also be able to query for any other name under myserver.example.tld
and get back the IP address of your server. Try:
host test.myserver.example.tld
host xyzzy.myserver.example.tld
If they all return your IP address, you have set DNS up properly for dokku. You should also be able to ssh root@myserver.example.tld
and access your server.
Proceed with the setup instructions in the installation documentation
"},{"location":"networking/dns/#using-the-root-of-your-domain-node-js-appexampletld","title":"Using the root of your domain (node-js-app.example.tld)","text":"This section is a work in progress. It is incomplete.
Using the 'root' of your domain is nearly identical to the previous example.
example.tld
, still needs A
record.New
Introduced in 0.11.0, Enhanced in 0.20.0
network:create <network> # Creates an attachable docker network\nnetwork:destroy <network> # Destroys a docker network\nnetwork:exists <network> # Checks if a docker network exists\nnetwork:info <network> # Outputs information about a docker network\nnetwork:list # Lists all docker networks\nnetwork:report [<app>] [<flag>] # Displays a network report for one or more apps\nnetwork:rebuild <app> # Rebuilds network settings for an app\nnetwork:rebuildall # Rebuild network settings for all apps\nnetwork:set <app> <key> (<value>) # Set or clear a network property for an app\n
The Network plugin allows developers to abstract the concept of container network management, allowing developers to both change what networks a given container is attached to as well as rebuild the configuration on the fly.
"},{"location":"networking/network/#usage","title":"Usage","text":""},{"location":"networking/network/#listing-networks","title":"Listing networks","text":"New
Introduced in 0.20.0, Requires Docker 1.21+
You can easily list all available networks using the network:list
command:
dokku network:list\n
=====> Networks\nbridge\nhost\nnone\ntest-network\n
Note that you can easily hide extra output from Dokku commands by using the --quiet
flag, which makes it easier to parse on the command line.
dokku --quiet network:list\n
bridge\nhost\nnone\ntest-network\n
"},{"location":"networking/network/#creating-a-network","title":"Creating a network","text":"New
Introduced in 0.20.0, Requires Docker 1.21+
Docker networks can be created via the network:create
command. Executing this command will create an attachable bridge
network. This can be used to route requests between containers without going through any public network.
dokku network:create test-network\n
-----> Creating network test-network\n
Specifying other additional flags or other types of networks can be created directly via the docker
command.
New
Introduced in 0.20.0, Requires Docker 1.21+
A Docker network without any associated containers may be destroyed via the network:destroy
command. Docker will refuse to destroy networks that have containers attached.
dokku network:destroy test-network\n
! WARNING: Potentially Destructive Action\n ! This command will destroy network test.\n ! To proceed, type \"test\"\n-----> Destroying network test\n
Info
test
As the command is destructive, it will default to asking for confirmation before executing the removal of the network. This may be avoided by providing the --force
flag:
dokku --force network:destroy test-network\n
-----> Destroying network test\n
"},{"location":"networking/network/#checking-if-a-network-exists","title":"Checking if a network exists","text":"New
Introduced in 0.20.0, Requires Docker 1.21+
For CI/CD pipelines, it may be useful to see if an network exists before creating a new network. You can do so via the network:exists
command:
dokku network:exists nonexistent-network\n
Network does not exist\n
The network:exists
command will return non-zero if the network does not exist, and zero if it does.
New
Introduced in 0.20.0, Requires Docker 1.21+
Network information can be retrieved via the network:info
command. This is a slightly different version of the docker network
command.
dokku network:info test-network\n
// TODO\n
"},{"location":"networking/network/#routing-an-app-to-a-known-ipport-combination","title":"Routing an app to a known ip:port combination","text":"In some cases, it may be necessary to route an app to an existing $IP:$PORT
combination. This is particularly the case for internal admin tools or services that aren't run by Dokku but have a web ui that would benefit from being exposed by Dokku. This can be done by using a proxy application and routing requests through that.
# for a service listening on:\n# - ip address: 127.0.0.1\n# - port: 8080\n\n# create the app\ndokku apps:create local-app\n\n# add an extra host that maps host.docker.internal to the docker gateway\ndokku docker-options:add local-app deploy \"--add-host=host.docker.internal:host-gateway\"\n\n# set the SERVICE_HOST to the mapped hostname\ndokku config:set local-app SERVICE_HOST=host.docker.internal\n\n# set the SERVICE_PORT to the port combination for your app\ndokku config:set local-app SERVICE_PORT=8080\n\n# set the domains desired\ndokku domains:set local-app local-app.dokku.me\n\n# deploy the service-proxy image\ndokku git:from-image local-app dokku/service-proxy:latest\n
Only a single $IP:$PORT
combination can be routed to for a given app, and that $IP:$PORT
combination must be accessible to the service proxy on initial deploy, or the service proxy won't start.
New
Introduced in 0.20.0, Requires Docker 1.21+
Apps will default to being associated with the default bridge
network or a network specified by the initial-network
network property. Additionally, an app can be attached to attachable
networks by changing the attach-post-create
or attach-post-deploy
network properties when using the docker-local scheduler. A change in these values will require an app deploy or rebuild.
# associates the network after a container is created but before it is started\n# commonly used for cross-app networking\ndokku network:set node-js-app attach-post-create test-network\n\n# associates the network after the deploy is successful but before the proxy is updated\n# used for cross-app networking when healthchecks must be invoked first\ndokku network:set node-js-app attach-post-deploy other-test-network\n\n# associates the network at container creation\n# typically blocks access to services and external routing\ndokku network:set node-js-app initial-network global-network\n
Multiple networks can also be specified for the attach-post-create
and attach-post-deploy
phases.
# one or more networks can be specified\ndokku network:set node-js-app attach-post-create test-network test-network-2\n
Setting the attach
network property to an empty value will de-associate the container with the network.
dokku network:set node-js-app attach-post-create\ndokku network:set node-js-app attach-post-deploy\ndokku network:set node-js-app initial-network\n
The network properties can also be set globally. The global default value is an empty string, and the global value is used when no app-specific value is set.
dokku network:set --global attach-post-create global-create-network\ndokku network:set --global attach-post-deploy global-deploy-network\ndokku network:set --global initial-network global-network\n
The default value may be set by passing an empty value for the option.
dokku network:set --global attach-post-create\ndokku network:set --global attach-post-deploy\ndokku network:set --global initial-network\n
"},{"location":"networking/network/#network-aliases","title":"Network Aliases","text":"Note
This feature is only available when an app has been attached to a network other than the default bridge
network.
When a container created for a deployment is being attached to a network - regardless of which network property was used - a network alias of the pattern APP.PROC_TYPE
will be added to all containers. This can be used to load-balance requests between containers. For an application named node-js-app
with a process type of web, the network alias - or resolvable DNS record within the network - will be:
node-js-app.web\n
The fully-qualified URL for the resource will depend upon the PORT
being listened to by the application. Applications built via buildpacks will have their PORT
environment variable set to 5000
, and as such internal network requests for the above example should point to the following:
http://node-js-app.web:5000\n
Dockerfile-based applications may listen on other ports. For more information on how ports are specified for applications, please refer to the port management documentation.
"},{"location":"networking/network/#specifying-a-custom-tld","title":"Specifying a custom TLD","text":"When attaching applications to networks, a custom TLD can be specified via the network:set
command. This TLD is suffixed to the network alias for the application/process-type combination for all networks to which the application is attached, and cannot be customized per network. The default value is an empty string.
To specify a TLD of svc.cluster.local
for your application, run the following command:
# replace node-js-app with your application name\ndokku network:set node-js-app tld svc.cluster.local\n
With an application named node-js-app
and a process-type named web
, the above command will turn the network alias into:
node-js-app.web.svc.cluster.local\n
Note that this has no impact on container port handling, and users must still specify the container port when making internal network requests.
The default value may be set by passing an empty value for the option:
dokku network:set node-js-app tld\n
The tld
property can also be set globally. The global default is emty string, and the global value is used when no app-specific value is set.
dokku network:set --global tld svc.cluster.local\n
The default value may be set by passing an empty value for the option.
dokku network:set --global tld\n
"},{"location":"networking/network/#when-to-attach-containers-to-a-network","title":"When to attach containers to a network","text":"Containers can be attached to a network for a variety of reasons:
Whatever the reason, the semantics of the two network hooks are important and are outlined before.
attach-post-create
:build
: Intermediate containers created during the build process.deploy
: Deployed app containers.run
: Containers created by the run
command.created
but not running
attach-post-deploy
deploy
: Deployed app containers.running
initial-network
:build
: Intermediate containers created during the build process.deploy
: Deployed app containers.run
: Containers created by the run
command.created
initial-network
.Warning
If the attachment fails during the running
container state, this may result in your application failing to respond to proxied requests once older containers are removed.
There are cases where you may need to rebuild the network configuration for an app, such as on app boot or container restart. In these cases, you can use the network:rebuild
command:
dokku network:rebuild node-js-app\n
Info
This command will exit a non-zero number that depends on the number of containers for which configuration could not be built
"},{"location":"networking/network/#rebuilding-all-network-settings","title":"Rebuilding all network settings","text":"In some cases, a docker upgrade may reset container IPs or Ports. In both cases, you can quickly rewrite those files by using the network:rebuildall
command:
dokku network:rebuildall\n
Info
This command will exit a non-zero number that depends on the number of containers for which configuration could not be built
"},{"location":"networking/network/#container-network-interface-binding","title":"Container network interface binding","text":"Info
This functionality does not control the --network
docker flag. Please use the docker-options plugin to manage this flag.
By default, an app will only bind to the internal interface. This behavior can be modified per app by changing the bind-all-interfaces
network property.
# bind to the default docker interface (`docker0`) with a random internal ip\n# this is the default behavior\ndokku network:set node-js-app bind-all-interfaces false\n\n# bind to all interfaces (`0.0.0.0`) on a random port for each upstream port\n# this will make the app container directly accessible by other hosts on your network\n# ports are randomized for every deploy, e.g. `0.0.0.0:32771->5000/tcp`.\ndokku network:set node-js-app bind-all-interfaces true\n
By way of example, in the default case, each container is bound to the docker interface:
ShellOutputdocker ps\n
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES\n1b88d8aec3d1 dokku/node-js-app:latest \"/bin/bash -c '/star About a minute ago Up About a minute node-js-app.web.1\n
As such, the container's IP address will be an internal IP, and thus it is only accessible on the host itself:
ShellOutputdocker inspect --format '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' node-js-app.web.1\n
172.17.0.6\n
However, you can disable the internal proxying via the network:set
command so that it will listen on the host's IP address:
dokku network:set node-js-app bind-all-interfaces true\n\n# container bound to all interfaces\ndocker ps\n
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES\nd6499edb0edb dokku/node-js-app:latest \"/bin/bash -c '/star About a minute ago Up About a minute 0.0.0.0:49153->5000/tcp node-js-app.web.1\n
The bind-all-interfaces
property can also be set globally. The global default is false
, and the global value is used when no app-specific value is set.
dokku network:set --global bind-all-interfaces true\n
The default value may be set by passing an empty value for the option.
dokku network:set --global bind-all-interfaces\n
"},{"location":"networking/network/#displaying-network-reports-for-an-app","title":"Displaying network reports for an app","text":"You can get a report about the app's network status using the network:report
command:
dokku network:report\n
=====> node-js-app network information\n Network attach post create:\n Network attach post deploy:\n Network bind all interfaces: false\n Network computed attach post create:\n Network computed attach post deploy:\n Network computed bind all interfaces:false\n Network computed initial network:\n Network computed tld:\n Network global attach post create:\n Network global attach post deploy:\n Network global bind all interfaces:false\n Network global initial network:\n Network global tld:\n Network initial network:\n Network tld:\n Network web listeners: 172.17.0.1:5000\n=====> python-sample network information\n Network attach post create:\n Network attach post deploy:\n Network bind all interfaces: false\n Network computed attach post create:\n Network computed attach post deploy:\n Network computed bind all interfaces:false\n Network computed initial network:\n Network computed tld:\n Network global attach post create:\n Network global attach post deploy:\n Network global bind all interfaces:false\n Network global initial network:\n Network global tld:\n Network initial network:\n Network tld:\n Network web listeners: 172.17.0.2:5000\n=====> ruby-sample network information\n Network attach post create:\n Network attach post deploy:\n Network bind all interfaces: false\n Network computed attach post create:\n Network computed attach post deploy:\n Network computed bind all interfaces:false\n Network computed initial network:\n Network computed tld:\n Network global attach post create:\n Network global attach post deploy:\n Network global bind all interfaces:false\n Network global initial network:\n Network global tld:\n Network initial network:\n Network tld:\n Network web listeners:\n
You can run the command for a specific app also.
ShellOutputdokku network:report node-js-app\n
=====> node-js-app network information\n Network attach post create:\n Network attach post deploy:\n Network bind all interfaces: false\n Network computed attach post create:\n Network computed attach post deploy:\n Network computed bind all interfaces:false\n Network computed initial network:\n Network computed tld:\n Network global attach post create:\n Network global attach post deploy:\n Network global bind all interfaces:false\n Network global initial network:\n Network global tld:\n Network initial network:\n Network tld:\n Network web listeners: 172.17.0.1:5000\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku network:report node-js-app --network-bind-all-interfaces\n
"},{"location":"networking/port-management/","title":"Port Management","text":"New
Introduced in 0.31.0, replaces the previous proxy:ports*
commands
ports:list <app> # List port mappings for an app\nports:add <app> <scheme>:<host-port>:<container-port> [<scheme>:<host-port>:<container-port>...] # Add port mappings to an app\nports:clear <app> # Clear all port mappings for an app\nports:remove <app> <host-port> [<host-port>|<scheme>:<host-port>:<container-port>...] # Remove specific port mappings from an app\nports:set <app> <scheme>:<host-port>:<container-port> [<scheme>:<host-port>:<container-port>...] # Set port mappings for an app\n
"},{"location":"networking/port-management/#usage","title":"Usage","text":"Warning
Mapping alternative ports may conflict with the active firewall installed on your server or hosting provider. Such software includes - but is not limited to - AWS Security Groups, iptables, and UFW. Please consult the documentation for those softwares as applicable.
Users should also avoid setting the PORT
environment variable. Dokku will use port mappings to set this value. Overriding this manually may cause issues in application routing.
You can now configure host -> container
port mappings with the ports:*
commands. This mapping is currently supported by the built-in nginx-vhosts plugin.
By default, buildpack apps and dockerfile apps without explicitly exposed ports (i.e. using the EXPOSE
directive) will be configured with a listener on port 80
(and additionally a listener on 443 if ssl is enabled) that will proxy to the application container on port 5000
. Dockerfile apps with explicitly exposed ports will be configured with a listener on each exposed port and will proxy to that same port of the deployed application container.
Note
This default behavior will not be automatically changed on subsequent pushes and must be manipulated with the ports:*
commands detailed below.
The proxy port scheme is as follows:
SCHEME:HOST_PORT:CONTAINER_PORT
The scheme metadata can be used by proxy implementations in order to properly handle proxying of requests. For example, the built-in nginx-vhosts
proxy implementation supports the http
, https
, grpc
and grpcs
schemes. For the grpc
and grpcs
see nginx blog post on grpc.
Developers of proxy implementations are encouraged to use whatever schemes make the most sense, and ignore configurations which they do not support. For instance, a udp
proxy implementation can safely ignore http
and https
port mappings.
To change the proxy implementation in use for an application, use the proxy:set
command:
# no validation will be performed against\n# the specified proxy implementation\ndokku proxy:set node-js-app nginx\n
"},{"location":"networking/port-management/#listing-port-mappings","title":"Listing port mappings","text":"To inspect the port mapping for a given application, use the ports:list
command:
dokku ports:list node-js-app\n
-----> Port mappings for node-js-app\n-----> scheme host port container port\nhttp 80 5000\n
The above application is listening on the host's port 80
, which we can test via curl:
curl http://node-js-app.dokku.me\n
Hello World!\n
"},{"location":"networking/port-management/#adding-a-custom-port-mapping","title":"Adding a custom port mapping","text":"There are cases where we may wish for the service to be listening on more than one port, such as port 8080. Normally, this would not be possible:
ShellOutputcurl http://node-js-app.dokku.me:8080\n
curl: (7) Failed to connect to node-js-app.dokku.me port 8080: Connection refused\n
However, we can use the ports:add
command to add a second external port mapping - 8080
- to our application's port 5000
.
dokku ports:add node-js-app http:8080:5000\n
-----> Configuring node-js-app.dokku.me...(using built-in template)\n-----> Creating http nginx.conf\n Reloading nginx\n
We can now test that port 80 still responds properly:
ShellOutputcurl http://node-js-app.dokku.me\n
Hello World!\n
And our new listening port of 8080
also works:
curl http://node-js-app.dokku.me:8080\n
Hello World!\n
"},{"location":"networking/port-management/#setting-all-port-mappings-at-once","title":"Setting all port mappings at once","text":"Port mappings can also be force set using the ports:set
command.
dokku ports:set node-js-app http:8080:5000\n
-----> Configuring node-js-app.dokku.me...(using built-in template)\n-----> Creating http nginx.conf\n Reloading nginx\n
"},{"location":"networking/port-management/#removing-a-port-mapping","title":"Removing a port mapping","text":"A port mapping can be removed using the ports:remove
command if it no longer necessary:
dokku ports:remove node-js-app http:80:5000\n
Ports may also be removed by specifying only the host-port
value. This effectively acts as a wildcard and removes all mappings for that particular host port.
dokku ports:remove node-js-app http:80\n
"},{"location":"networking/port-management/#port-management-by-deployment-method","title":"Port management by Deployment Method","text":"Warning
If you set a port map but do not have a global domain set, Dokku will reset that map upon first deployment.
"},{"location":"networking/port-management/#buildpacks","title":"Buildpacks","text":"For buildpack deployments, your application must respect the PORT
environment variable. We will typically set this to port 5000
, but this is not guaranteed. If you do not respect the PORT
environment variable, your containers may start but your services will not be accessible outside of that container.
Info
Changed as of 0.5.0
Dokku's default proxy implementation - nginx - supports HTTP and GRPC request proxying. At this time, we do not support proxying plain TCP or UDP ports. UDP ports can be exposed by disabling the nginx proxy with dokku proxy:disable myapp
and manually exposing the ports via the docker-options
plugin. For example, dokku docker-options:add myapp deploy \"-p 2456:2456/udp\"
. If you would like to investigate alternative proxy methods, please refer to our proxy management documentation.
Dokku will extract all tcp ports exposed using the EXPOSE
directive (one port per line) and setup nginx to proxy the same port numbers to listen publicly. If you would like to change the exposed port, you should do so within your Dockerfile
.
For example, if the Dokku installation is configured with the domain dokku.me
and an application named node-js-app
is deployed with following Dockerfile:
FROM ubuntu:24.04\nEXPOSE 1234\nCMD python3 -m SimpleHTTPServer 1234\n
The application would be exposed to the user at node-js-app.dokku.me:1234
. If this is not desired, the following application configuration may be applied:
# add a port mapping to port 80\ndokku ports:add node-js-app http:80:1234\n\n# remove the incorrect port mapping\ndokku ports:remove node-js-app http:1234:1234\n
"},{"location":"networking/port-management/#applications-not-using-expose","title":"Applications not using EXPOSE","text":"Any application that does not use an EXPOSE
directive will result in Dokku defaulting to port 5000
. This behavior mimics the behavior of a Buildpack deploy. If your application does not support the PORT
environment variable, then you will either need to:
PORT
environment variable.EXPOSE
directive in your Dockerfile.You can get a report about the app's ports status using the ports:report
command:
dokku ports:report\n
=====> node-js-app ports information\n Port map detected: http:80:5000\n Port map: http:80:5000 https:443:5000\n=====> python-sample ports information\n Port map detected: http:80:5000\n Port map: http:80:5000\n=====> ruby-sample ports information\n Port map detected: http:80:5000\n Port map: http:80:5000\n
You can run the command for a specific app also.
ShellOutputdokku ports:report node-js-app\n
=====> node-js-app ports information\n Port map detected: http:80:5000\n Port map: http:80:5000 https:443:5000\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku ports:report node-js-app --ports-map\n
"},{"location":"networking/proxy-management/","title":"Proxy Management","text":"New
Introduced in 0.5.0, Enhanced in 0.6.0
proxy:build-config [--parallel count] [--all|<app>] # (Re)builds config for given app\nproxy:clear-config [--all|<app>] # Clears config for given app\nproxy:disable [--parallel count] [--all|<app>] # Disable proxy for app\nproxy:enable [--parallel count] [--all|<app>] # Enable proxy for app\nproxy:report [<app>] [<flag>] # Displays a proxy report for one or more apps\nproxy:set [<app>|--global] <proxy-type> # Set proxy type for app\n
In Dokku 0.5.0, port proxying was decoupled from the nginx-vhosts
plugin into the proxy plugin. Dokku 0.6.0 introduced the ability to map host ports to specific container ports. This allows other proxy software - such as HAProxy or Caddy - to be used in place of nginx.
The default proxy shipped with Dokku is nginx
. It can be changed via the proxy:set
command.
dokku proxy:set node-js-app caddy\n
-----> Setting config vars\n DOKKU_APP_PROXY_TYPE: caddy\n
The proxy may also be set on a global basis. This is usually preferred as running multiple proxy implementations may cause port collision issues.
ShellOutputdokku proxy:set --global caddy\n
-----> Setting config vars\n DOKKU_PROXY_TYPE: caddy\n
Changing the proxy does not stop or start any given proxy implementation. Please see the documentation for your proxy implementation for details on how to perform a change.
"},{"location":"networking/proxy-management/#regenerating-proxy-config","title":"Regenerating proxy config","text":"In certain cases, your app proxy configs may drift from the correct config for your app. You may regenerate the config at any point via the proxy:build-config
command. This command will trigger a rebuild for the configured proxy implementation (default: nginx) for a given app. The command may fail if there are no current web listeners for your app.
dokku proxy:build-config node-js-app\n
All apps may have their proxy config rebuilt by using the --all
flag.
dokku proxy:build-config --all\n
By default, rebuilding proxy configs for all apps happens serially. The parallelism may be controlled by the --parallel
flag.
dokku proxy:build-config --all --parallel 2\n
Finally, the number of parallel workers may be automatically set to the number of CPUs available by setting the --parallel
flag to -1
dokku proxy:build-config --all --parallel -1\n
"},{"location":"networking/proxy-management/#clearing-the-generated-proxy-config","title":"Clearing the generated proxy config","text":"New
Introduced in 0.27.0
Generated proxy configurations can also be cleared using the proxy:clear-config
command.
dokku proxy:clear-config node-js-app\n
All apps may have their proxy config cleared by using the --all
flag.
dokku proxy:clear-config --all\n
Clearing a proxy configuration has different effects depending on the proxy plugin in use. Consul the documentation for your proxy implementation for further details.
"},{"location":"networking/proxy-management/#displaying-proxy-reports-for-an-app","title":"Displaying proxy reports for an app","text":"New
Introduced in 0.8.1
You can get a report about the app's proxy status using the proxy:report
command:
dokku proxy:report\n
=====> node-js-app proxy information\n Proxy enabled: true\n Proxy type: nginx\n=====> python-sample proxy information\n Proxy enabled: true\n Proxy type: nginx\n=====> ruby-sample proxy information\n Proxy enabled: true\n Proxy type: nginx\n
You can run the command for a specific app also.
ShellOutputdokku proxy:report node-js-app\n
=====> node-js-app proxy information\n Proxy enabled: true\n Proxy type: nginx\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku proxy:report node-js-app --proxy-type\n
"},{"location":"networking/proxy-management/#proxy-port-scheme","title":"Proxy Port Scheme","text":"See the port scheme documentation for more information on the port mapping scheme used by dokku.
"},{"location":"networking/proxy-management/#proxy-port-mapping","title":"Proxy port mapping","text":"See the port management documentation for more information on how port mappings are managed for an application.
"},{"location":"networking/proxy-management/#container-network-interface-binding","title":"Container network interface binding","text":"Info
Changed as of 0.11.0
From Dokku versions 0.5.0
until 0.11.0
, enabling or disabling an application's proxy would also control whether or not the application was bound to all interfaces - e.g. 0.0.0.0
. As of 0.11.0
, this is now controlled by the network plugin. Please see the network documentation for more information.
Custom plugins names must have the suffix -vhosts
or scheduler overriding via proxy:set
may not function as expected.
At this time, the following dokku commands are used to interact with a complete proxy implementation.
domains:add
: Adds a given domain to an app.post-domains-update
domains:clear
: Clears out an app's associated domains.post-domains-update
domains:disable
: Disables domains for an app.pre-disable-vhost
domains:enable
: Enables domains for an app.pre-enable-vhost
domains:remove
: Removes a domain from an app.post-domains-update
domains:set
: Sets all domains for a given app.post-domains-update
proxy:build-config
: Builds - or rebuilds - external proxy configuration.proxy-build-config
proxy:clear-config
: Clears out external proxy configuration.proxy-clear-config
proxy:disable
: Disables the proxy configuration for an app.proxy-disable
proxy:enable
: Enables the proxy configuration for an app.proxy-enable
ports:add
: Adds one or more port mappings to an apppost-proxy-ports-update
ports:clear
: Clears out all port mappings for an app.post-proxy-ports-update
ports:remove
: Removes one or more port mappings from an app.post-proxy-ports-update
ports:set
: Sets all port mappings for an app.post-proxy-ports-update
Proxy implementations may decide to omit some functionality here, or use plugin triggers to supplement config with information from other plugins.
Individual proxy implementations may trigger app rebuilds, depending on how proxy metadata is exposed for the proxy implementation.
Finally, proxy implementations may install extra software needed for the proxy itself in whatever manner deemed fit. Proxy software can run on the host itself or within a running Docker container with either exposed ports or host networking.
"},{"location":"networking/proxies/caddy/","title":"Caddy Proxy","text":"New
Introduced in 0.28.0
Dokku provides integration with the Caddy proxy service by utilizing the Docker label-based integration implemented by Caddy.
caddy:report [<app>] [<flag>] # Displays a caddy report for one or more apps\ncaddy:logs [--num num] [--tail] # Display caddy log output\ncaddy:set <app> <property> (<value>) # Set or clear an caddy property for an app\ncaddy:show-config <app> # Display caddy compose config\ncaddy:start # Starts the caddy server\ncaddy:stop # Stops the caddy server\n
"},{"location":"networking/proxies/caddy/#requirements","title":"Requirements","text":"Using the caddy
plugin integration requires the docker-compose-plugin
for Docker. See this document from the Docker documentation for more information on the installation process for the docker-compose-plugin
.
Warning
As using multiple proxy plugins on a single Dokku installation can lead to issues routing requests to apps, doing so should be avoided. As the default proxy implementation is nginx, users are encouraged to stop the nginx service before switching to Caddy.
The Caddy plugin has specific rules for routing requests:
web
containers have Caddy labels injected by the plugin.http:80
and https:443
port mappings are supported.http:80
mapping is found, the first http
port mapping is used for http requests.https:443
mapping is found, the first https
port mapping is used for https requests.https
mapping is found, the container port from http:80
will be used for https requests.To use the Caddy plugin, use the proxy:set
command for the app in question:
dokku proxy:set node-js-app caddy\n
This will enable the docker label-based Caddy integration. All future deploys will inject the correct labels for Caddy to read and route requests to containers. Due to the docker label-based integration used by Caddy, a single deploy or rebuild will be required before requests will route successfully.
dokku ps:rebuild node-js-app\n
Any changes to domains or port mappings will also require either a deploy or rebuild.
"},{"location":"networking/proxies/caddy/#starting-caddy-container","title":"Starting Caddy container","text":"Caddy can be started via the caddy:start
command. This will start a Caddy container via the docker compose up
command.
dokku caddy:start\n
"},{"location":"networking/proxies/caddy/#stopping-the-caddy-container","title":"Stopping the Caddy container","text":"Caddy may be stopped via the caddy:stop
command.
dokku caddy:stop\n
The Caddy container will be stopped and removed from the system. If the container is not running, this command will do nothing.
"},{"location":"networking/proxies/caddy/#showing-the-caddy-compose-config","title":"Showing the Caddy compose config","text":"For debugging purposes, it may be useful to show the Caddy compose config. This can be achieved via the caddy:show-config
command.
dokku caddy:show-config\n
"},{"location":"networking/proxies/caddy/#customizing-the-caddy-container-image","title":"Customizing the Caddy container image","text":"While the default Caddy image is hardcoded, users may specify an alternative by setting the image
property with the --global
flag:
dokku caddy:set --global image lucaslorentz/caddy-docker-proxy:2.7\n
"},{"location":"networking/proxies/caddy/#checking-the-caddy-containers-logs","title":"Checking the Caddy container's logs","text":"It may be necessary to check the Caddy container's logs to ensure that Caddy is operating as expected. This can be performed with the caddy:logs
command.
dokku caddy:logs\n
This command also supports the following modifiers:
--num NUM # the number of lines to display\n--tail # continually stream logs\n
You can use these modifiers as follows:
dokku caddy:logs --tail --num 10\n
The above command will show logs continually from the caddy container, with an initial history of 10 log lines
"},{"location":"networking/proxies/caddy/#changing-the-caddy-log-level","title":"Changing the Caddy log level","text":"Caddy log output is set to ERROR
by default. It may be changed by setting the log-level
property with the --global
flag:
dokku caddy:set --global log-level DEBUG\n
After modifying, the Caddy container will need to be restarted.
"},{"location":"networking/proxies/caddy/#ssl-configuration","title":"SSL Configuration","text":"The caddy plugin only supports automatic ssl certificates from it's letsencrypt integration. Managed certificates provided by the certs
plugin are ignored.
By default, letsencrypt is disabled and https port mappings are ignored. To enable, set the letsencrypt-email
property with the --global
flag:
dokku caddy:set --global letsencrypt-email automated@dokku.sh\n
After enabling, the Caddy container will need to be restarted and apps will need to be rebuilt. All http requests will then be redirected to https.
"},{"location":"networking/proxies/caddy/#customizing-the-letsencrypt-server","title":"Customizing the letsencrypt server","text":"The letsencrypt integration is set to the production letsencrypt server by default. To change this, set the letsencrypt-server
property with the --global
flag:
dokku caddy:set --global letsencrypt-server https://acme-staging-v02.api.letsencrypt.org/directory\n
After enabling, the Caddy container will need to be restarted and apps will need to be rebuilt to retrieve certificates from the new server.
"},{"location":"networking/proxies/caddy/#using-caddys-internal-tls-server","title":"Using Caddy's Internal TLS server","text":"To switch to Caddy's internal TLS server for certificate provisioning, set the tls-internal
property. This can only be set on a per-app basis.
dokku caddy:set node-js-app tls-internal true\n
"},{"location":"networking/proxies/caddy/#displaying-caddy-reports-for-an-app","title":"Displaying Caddy reports for an app","text":"You can get a report about the app's Caddy config using the caddy:report
command:
dokku caddy:report\n
=====> node-js-app caddy information\n Caddy image: lucaslorentz/caddy-docker-proxy:2.7\n Caddy letsencrypt email:\n Caddy letsencrypt server:\n Caddy log level: ERROR\n Caddy polling interval: 5s\n Caddy tls internal: false\n=====> python-app caddy information\n Caddy image: lucaslorentz/caddy-docker-proxy:2.7\n Caddy letsencrypt email:\n Caddy letsencrypt server:\n Caddy log level: ERROR\n Caddy polling interval: 5s\n Caddy tls internal: false\n=====> ruby-app caddy information\n Caddy image: lucaslorentz/caddy-docker-proxy:2.7\n Caddy letsencrypt email:\n Caddy letsencrypt server:\n Caddy log level: ERROR\n Caddy polling interval: 5s\n Caddy tls internal: false\n
You can run the command for a specific app also.
ShellOutputdokku caddy:report node-js-app\n
=====> node-js-app caddy information\n Caddy image: lucaslorentz/caddy-docker-proxy:2.7\n Caddy letsencrypt email:\n Caddy letsencrypt server:\n Caddy log level: ERROR\n Caddy polling interval: 5s\n Caddy tls internal: false\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku caddy:report node-js-app --caddy-image\n
"},{"location":"networking/proxies/haproxy/","title":"Haproxy Proxy","text":"New
Introduced in 0.28.0
Dokku provides integration with the Haproxy proxy service by utilizing the Docker label-based integration implemented by EasyHaproxy.
haproxy:report [<app>] [<flag>] # Displays a haproxy report for one or more apps\nhaproxy:logs [--num num] [--tail] # Display haproxy log output\nhaproxy:set <app> <property> (<value>) # Set or clear an haproxy property for an app\nhaproxy:show-config <app> # Display haproxy compose config\nhaproxy:start # Starts the haproxy server\nhaproxy:stop # Stops the haproxy server\n
"},{"location":"networking/proxies/haproxy/#requirements","title":"Requirements","text":"Using the haproxy
plugin integration requires the docker-compose-plugin
for Docker. See this document from the Docker documentation for more information on the installation process for the docker-compose-plugin
.
Warning
As using multiple proxy plugins on a single Dokku installation can lead to issues routing requests to apps, doing so should be avoided. As the default proxy implementation is nginx, users are encouraged to stop the nginx service before switching to Haproxy.
The Haproxy plugin has specific rules for routing requests:
web
containers have Haproxy labels injected by the plugin.http:80
and https:443
port mappings are supported at this time.To use the Haproxy plugin, use the proxy:set
command for the app in question:
dokku proxy:set node-js-app haproxy\n
This will enable the docker label-based Haproxy integration. All future deploys will inject the correct labels for Haproxy to read and route requests to containers. Due to the docker label-based integration used by Haproxy, a single deploy or rebuild will be required before requests will route successfully.
dokku ps:rebuild node-js-app\n
Any changes to domains or port mappings will also require either a deploy or rebuild.
"},{"location":"networking/proxies/haproxy/#starting-haproxy-container","title":"Starting Haproxy container","text":"Haproxy can be started via the haproxy:start
command. This will start a Haproxy container via the docker compose up
command.
dokku haproxy:start\n
"},{"location":"networking/proxies/haproxy/#stopping-the-haproxy-container","title":"Stopping the Haproxy container","text":"Haproxy may be stopped via the haproxy:stop
command.
dokku haproxy:stop\n
The Haproxy container will be stopped and removed from the system. If the container is not running, this command will do nothing.
"},{"location":"networking/proxies/haproxy/#showing-the-haproxy-compose-config","title":"Showing the Haproxy compose config","text":"For debugging purposes, it may be useful to show the Haproxy compose config. This can be achieved via the haproxy:show-config
command.
dokku haproxy:show-config\n
"},{"location":"networking/proxies/haproxy/#customizing-the-haproxy-container-image","title":"Customizing the Haproxy container image","text":"While the default Haproxy image is hardcoded, users may specify an alternative by setting the image
property with the --global
flag:
dokku haproxy:set --global image byjg/easy-haproxy:4.0.0\n
"},{"location":"networking/proxies/haproxy/#checking-the-haproxy-containers-logs","title":"Checking the Haproxy container's logs","text":"It may be necessary to check the Haproxy container's logs to ensure that Haproxy is operating as expected. This can be performed with the haproxy:logs
command.
dokku haproxy:logs\n
This command also supports the following modifiers:
--num NUM # the number of lines to display\n--tail # continually stream logs\n
You can use these modifiers as follows:
dokku haproxy:logs --tail --num 10\n
The above command will show logs continually from the vector container, with an initial history of 10 log lines
"},{"location":"networking/proxies/haproxy/#changing-the-haproxy-log-level","title":"Changing the Haproxy log level","text":"Haproxy log output is set to ERROR
by default. It may be changed by setting the log-level
property with the --global
flag:
dokku haproxy:set --global log-level DEBUG\n
After modifying, the Haproxy container will need to be restarted.
"},{"location":"networking/proxies/haproxy/#ssl-configuration","title":"SSL Configuration","text":"The haproxy plugin only supports automatic ssl certificates from it's letsencrypt integration. Managed certificates provided by the certs
plugin are ignored.
By default, letsencrypt is disabled and https port mappings are ignored. To enable, set the letsencrypt-email
property with the --global
flag:
dokku haproxy:set --global letsencrypt-email automated@dokku.sh\n
After enabling, the Haproxy container will need to be restarted and apps will need to be rebuilt. All http requests will then be redirected to https.
"},{"location":"networking/proxies/haproxy/#customizing-the-letsencrypt-server","title":"Customizing the letsencrypt server","text":"The letsencrypt integration is set to the production letsencrypt server by default. To change this, set the letsencrypt-server
property with the --global
flag:
dokku haproxy:set --global letsencrypt-server https://acme-staging-v02.api.letsencrypt.org/directory\n
After enabling, the Haproxy container will need to be restarted and apps will need to be rebuilt to retrieve certificates from the new server.
"},{"location":"networking/proxies/haproxy/#displaying-haproxy-reports-for-an-app","title":"Displaying Haproxy reports for an app","text":"You can get a report about the app's Haproxy config using the haproxy:report
command:
dokku haproxy:report\n
=====> node-js-app haproxy information\n Haproxy image: byjg/easy-haproxy:4.0.0\n=====> python-app haproxy information\n Haproxy image: byjg/easy-haproxy:4.0.0\n=====> ruby-app haproxy information\n Haproxy image: byjg/easy-haproxy:4.0.0\n
You can run the command for a specific app also.
ShellOutputdokku haproxy:report node-js-app\n
=====> node-js-app haproxy information\n Haproxy image: byjg/easy-haproxy:4.0.0\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku haproxy:report node-js-app --haproxy-image\n
"},{"location":"networking/proxies/nginx/","title":"Nginx Proxy","text":"Dokku uses nginx as its server for routing requests to specific applications. By default, access and error logs are written for each app to /var/log/nginx/${APP}-access.log
and /var/log/nginx/${APP}-error.log
respectively
nginx:access-logs <app> [-t] # Show the nginx access logs for an application (-t follows)\nnginx:error-logs <app> [-t] # Show the nginx error logs for an application (-t follows)\nnginx:report [<app>] [<flag>] # Displays a nginx report for one or more apps\nnginx:set <app> <property> (<value>) # Set or clear an nginx property for an app\nnginx:show-config <app> # Display app nginx config\nnginx:start # Starts the nginx server\nnginx:stop # Stops the nginx server\nnginx:validate-config [<app>] [--clean] # Validates and optionally cleans up invalid nginx configurations\n
"},{"location":"networking/proxies/nginx/#usage","title":"Usage","text":"Warning
As using multiple proxy plugins on a single Dokku installation can lead to issues routing requests to apps, doing so should be avoided.
"},{"location":"networking/proxies/nginx/#request-proxying","title":"Request Proxying","text":"By default, the web
process is the only process proxied by the nginx proxy implementation. Proxying to other process types may be handled by a custom nginx.conf.sigil
file, as generally described below
Nginx will proxy the requests in a round-robin balancing fashion to the different deployed (scaled) containers running the web
proctype. This way, the host's resources can be fully leveraged for single-threaded applications (e.g. dokku ps:scale node-js-app web=4
on a 4-core machine).
Note
Due to how the plugin is implemented, if an app successfully starts up web
containers but fails to deploy some other containers, nginx may eventually stop routing requests. Users should revert their code in these cases, or manually trigger dokku proxy:build-config $APP
in order to ensure requests route to the new web containers.
New
Introduced in 0.28.0
The nginx server can be started via nginx:start
.
dokku nginx:start\n
"},{"location":"networking/proxies/nginx/#stopping-nginx","title":"Stopping nginx","text":"New
Introduced in 0.28.0
The nginx server can be stopped via nginx:stop
.
dokku nginx:stop\n
"},{"location":"networking/proxies/nginx/#checking-access-logs","title":"Checking access logs","text":"Note
Changing this value globally or on a per-app basis will require rebuilding the nginx config via the proxy:build-config
command.
You may check nginx access logs via the nginx:access-logs
command. This assumes that app access logs are being stored in /var/log/nginx/$APP-access.log
, as is the default in the generated nginx.conf
.
dokku nginx:access-logs node-js-app\n
You may also follow the logs by specifying the -t
flag.
dokku nginx:access-logs node-js-app -t\n
"},{"location":"networking/proxies/nginx/#checking-error-logs","title":"Checking error logs","text":"You may check nginx error logs via the nginx:error-logs
command. This assumes that app error logs are being stored in /var/log/nginx/$APP-error.log
, as is the default in the generated nginx.conf
.
dokku nginx:error-logs node-js-app\n
You may also follow the logs by specifying the -t
flag.
dokku nginx:error-logs node-js-app -t\n
"},{"location":"networking/proxies/nginx/#showing-the-nginx-config","title":"Showing the nginx config","text":"For debugging purposes, it may be useful to show the nginx config. This can be achieved via the nginx:show-config
command.
dokku nginx:show-config node-js-app\n
"},{"location":"networking/proxies/nginx/#validating-nginx-configs","title":"Validating nginx configs","text":"It may be desired to validate an nginx config outside of the deployment process. To do so, run the nginx:validate-config
command. With no arguments, this will validate all app nginx configs, one at a time. A minimal wrapper nginx config is generated for each app's nginx config, upon which nginx -t
will be run.
dokku nginx:validate-config\n
As app nginx configs are actually executed within a shared context, it is possible for an individual config to be invalid when being validated standalone but also be valid within the global server context. As such, the exit code for the nginx:validate-config
command is the exit code of nginx -t
against the server's real nginx config.
The nginx:validate-config
command also takes an optional --clean
flag. If specified, invalid nginx configs will be removed.
Warning
Invalid app nginx config's will be removed even if the config is valid in the global server context.
dokku nginx:validate-config --clean\n
The --clean
flag may also be specified for a given app:
dokku nginx:validate-config node-js-app --clean\n
"},{"location":"networking/proxies/nginx/#custom-error-pages","title":"Custom Error Pages","text":"By default, Dokku provides custom error pages for the following three categories of errors:
These are provided as an alternative to the generic Nginx error page, are shared for all applications, and their contents are located on disk at /var/lib/dokku/data/nginx-vhosts/dokku-errors
. To customize them for a specific app, create a custom nginx.conf.sigil
as described above and change the paths to point elsewhere.
By default, Dokku will route any received request with an unknown HOST header value to the lexicographically first site in the nginx config stack. This means that accessing the dokku server via its IP address or a bogus domain name may return a seemingly random website.
Warning
Some versions of Nginx may create a default site when installed. This site is simply a static page which says \"Welcome to Nginx\", and if this default site is enabled, Nginx will not route any requests with an unknown HOST header to Dokku. If you want Dokku to receive all requests, run the following commands:
rm /etc/nginx/sites-enabled/default\ndokku nginx:stop\ndokku nginx:start\n
If services should only be accessed via their domain name, you may want to disable the default site by adding the following configuration to the global nginx configuration.
Create the file at /etc/nginx/conf.d/00-default-vhost.conf
:
server {\n listen 80 default_server;\n listen [::]:80 default_server;\n\n # If services hosted by dokku are available via HTTPS, it is recommended\n # to also uncomment the following section.\n #\n # Please note that in order to let this work, you need an SSL certificate. However\n # it does not need to be valid. Users of Debian-based distributions can install the\n # `ssl-cert` package with `sudo apt install ssl-cert` to automatically generate\n # a self-signed certificate that is stored at `/etc/ssl/certs/ssl-cert-snakeoil.pem`.\n #\n #listen 443 ssl;\n #listen [::]:443 ssl;\n #ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem;\n #ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key;\n\n server_name _;\n access_log off;\n return 444;\n}\n
Make sure to reload nginx after creating this file by running systemctl reload nginx.service
.
This will catch all unknown HOST header values and close the connection without responding. You can replace the return 444;
with return 410;
which will cause nginx to respond with an error page.
The configuration file must be loaded before /etc/nginx/conf.d/dokku.conf
, so it can not be arranged as a vhost in /etc/nginx/sites-enabled
that is only processed afterwards.
Alternatively, you may push an app to your Dokku host with a name like \"00-default\". As long as it lists first in ls /home/dokku/*/nginx.conf | head
, it will be used as the default nginx vhost.
New
Introduced in 0.5.0
Dokku uses a templating library by the name of sigil to generate nginx configuration for each app. This may be overridden by committing the default configuration template to a file named nginx.conf.sigil
.
The nginx.conf.sigil
is expected to be found in a specific directory, depending on the deploy approach:
WORKDIR
of the Docker image for deploys resulting from git:from-image
and git:load-image
commands.git:from-archive
, git:sync
).Sometimes it may be desirable to set a different path for a given app, e.g. when deploying from a monorepo. This can be done via the nginx-conf-sigil-path
property:
dokku nginx:set node-js-app nginx-conf-sigil-path .dokku/nginx.conf.sigil\n
The value is the path to the desired file relative to the base search directory, and will never be treated as absolute paths in any context. If that file does not exist within the repository, Dokku will continue the build process as if the repository has no nginx.conf.sigil
.
The default value may be set by passing an empty value for the option:
dokku nginx:set node-js-app nginx-conf-sigil-path\n
The nginx-conf-sigil-path
property can also be set globally. The global default is nginx.conf.sigil
, and the global value is used when no app-specific value is set.
dokku nginx:set --global nginx-conf-sigil-path nginx.conf.sigil\n
The default value may be set by passing an empty value for the option.
dokku nginx:set --global nginx-conf-sigil-path\n
Info
The default template may change with new releases of Dokku. Please refer to the appropriate template file version for your Dokku version, and make sure to look out for changes when you upgrade.
"},{"location":"networking/proxies/nginx/#disabling-custom-nginx-config","title":"Disabling custom nginx config","text":"Note
Changing this value globally or on a per-app basis will require rebuilding the nginx config via the proxy:build-config
command.
While enabled by default, using a custom nginx config can be disabled via nginx:set
. This may be useful in cases where you do not want to allow users to override any higher-level customization of app nginx config.
# enable fetching custom config (default)\ndokku nginx:set node-js-app disable-custom-config false\n\n# disable fetching custom config\ndokku nginx:set node-js-app disable-custom-config true\n
Unsetting this value is the same as enabling custom nginx config usage.
"},{"location":"networking/proxies/nginx/#available-template-variables","title":"Available template variables","text":"{{ .APP }} Application name\n{{ .APP_SSL_PATH }} Path to SSL certificate and key\n{{ .DOKKU_ROOT }} Global Dokku root directory (ex: app dir would be `{{ .DOKKU_ROOT }}/{{ .APP }}`)\n{{ .PROXY_PORT }} Non-SSL nginx listener port (same as `DOKKU_PROXY_PORT` config var)\n{{ .PROXY_SSL_PORT }} SSL nginx listener port (same as `DOKKU_PROXY_SSL_PORT` config var)\n{{ .NOSSL_SERVER_NAME }} List of non-SSL VHOSTS\n{{ .PROXY_PORT_MAP }} List of port mappings (same as the `map` ports property)\n{{ .PROXY_UPSTREAM_PORTS }} List of configured upstream ports (derived from the `map` ports property)\n{{ .SSL_INUSE }} Boolean set when an app is SSL-enabled\n{{ .SSL_SERVER_NAME }} List of SSL VHOSTS\n
Finally, each process type has it's network listeners - a list of IP:PORT pairs for the respective app containers - exposed via an .DOKKU_APP_${PROCESS_TYPE}_LISTENERS
variable - the PROCESS_TYPE
will be upper-cased with hyphens transformed into underscores. Users can use the new variables to expose non-web processes via the nginx proxy.
Note
Application environment variables are available for use in custom templates. To do so, use the form of {{ var \"FOO\" }}
to access a variable named FOO
.
The default nginx.conf template will include everything from your apps nginx.conf.d/
subdirectory in the main server {}
block (see above):
include {{ .DOKKU_ROOT }}/{{ .APP }}/nginx.conf.d/*.conf;\n
That means you can put additional configuration in separate files. To increase the client request header timeout, the following can be performed:
mkdir /home/dokku/node-js-app/nginx.conf.d/\necho 'client_header_timeout 50s;' > /home/dokku/node-js-app/nginx.conf.d/timeout.conf\nchown dokku:dokku /home/dokku/node-js-app/nginx.conf.d/upload.conf\nservice nginx reload\n
The example above uses additional configuration files directly on the Dokku host. Unlike the nginx.conf.sigil
file, these additional files will not be copied over from your application repo, and thus need to be placed in the /home/dokku/node-js-app/nginx.conf.d/
directory manually.
For PHP Buildpack users, you will also need to provide a Procfile
and an accompanying nginx.conf
file to customize the nginx config within the container. The following are example contents for your Procfile
web: vendor/bin/heroku-php-nginx -C nginx.conf -i php.ini php/\n
Your nginx.conf
file - not to be confused with Dokku's nginx.conf.sigil
- would also need to be configured as shown in this example:
client_header_timeout 50s;\nlocation / {\n index index.php;\n try_files $uri $uri/ /index.php$is_args$args;\n}\n
Please adjust the Procfile
and nginx.conf
file as appropriate.
The nginx plugin exposes a variety of properties configurable via the nginx:set
command. The properties are used to configure the generated nginx.conf
file from the nginx.conf.sigil
template. The value precedence is app-specific, then global, and finally the Dokku default.
The nginx:set command takes an app name or the --global
flag.
# set a property for the node-js-app\ndokku nginx:set node-js-app property-name some-value\n\n# set a property globally\ndokku nginx:set --global property-name some-value\n
Additionally, setting an empty value will result in reverting the value back to it's default. For app-specific values, this means that Dokku will revert to the globally specified (or global default) value.
# default the value back to the global value for node-js-app\ndokku nginx:set node-js-app property-name\n\n# use the dokku default as the global value\ndokku nginx:set --global property-name\n
Changing these value globally or on a per-app basis will require rebuilding the nginx config via the proxy:build-config
command.
Warning
Validation is not performed against the values, and they are used as is within Dokku.
Property Default Type Explanation access-log-format empty string string Name of custom log format to use (log format must be specified elsewhere) access-log-path${NGINX_LOG_ROOT}/${APP}-access.log
string Log path for nginx access logs (set to off
to disable) bind-address-ipv4 0.0.0.0
string Default IPv4 address to bind to bind-address-ipv6 [::]
string Default IPv6 address to bind to client-max-body-size 1m
string Size (with units) of client request body (usually modified for file uploads) error-log-path ${NGINX_LOG_ROOT}/${APP}-error.log
string Log path for nginx error logs (set to off
to disable) hsts true
boolean Enables or disables HSTS for your application hsts-include-subdomains true
boolean Forces the browser to apply the HSTS policy to all app subdomains hsts-max-age 15724800
integer Time in seconds to cache HSTS configuration hsts-preload false
boolean Tells the browser to include the domain in their HSTS preload lists nginx-conf-sigil-path nginx.conf.sigil
string Path in the repository to the nginx.conf.sigil
file proxy-buffer-size 8k
(# is os pagesize) string Size of the buffer used for reading the first part of proxied server response proxy-buffering on
string Enables or disables buffering of responses from the proxied server proxy-buffers 8 8k
string Number and size of the buffers used for reading the proxied server response, for a single connection proxy-busy-buffers-size 16k
string Limits the total size of buffers that can be busy sending a response to the client while the response is not yet fully read. proxy-read-timeout 60s
string Timeout (with units) for reading response from your backend server underscore-in-headers off
string Enables or disables the use of underscores in client request header fields. x-forwarded-for-value $remote_addr
string Used for specifying the header value to set for the X-Forwarded-For
header x-forwarded-port-value $server_port
string Used for specifying the header value to set for the X-Forwarded-Port
header x-forwarded-proto-value $scheme
string Used for specifying the header value to set for the X-Forwarded-Proto
header x-forwarded-ssl empty string string Less commonly used alternative to X-Forwarded-Proto
(valid values: on
or off
)"},{"location":"networking/proxies/nginx/#binding-to-specific-addresses","title":"Binding to specific addresses","text":"Note
Users with apps that contain a custom nginx.conf.sigil
file will need to modify the files to respect the new NGINX_BIND_ADDRESS_IPV4
and NGINX_BIND_ADDRESS_IPV6
variables.
Properties:
bind-address-ipv4
bind-address-ipv6
This is useful in cases where the proxying should be internal to a network or if there are multiple network interfaces that should respond with different content.
"},{"location":"networking/proxies/nginx/#hsts-header","title":"HSTS Header","text":"Warning
if you enable the header and a subsequent deploy of your application results in an HTTP deploy (for whatever reason), the way the header works means that a browser will not attempt to request the HTTP version of your site if the HTTPS version fails until the max-age is reached.
Properties:
hsts
hsts-include-subdomains
hsts-max-age
hsts-preload
If SSL certificates are present, HSTS will be automatically enabled.
"},{"location":"networking/proxies/nginx/#running-behind-another-proxy-configuring-x-forwarded-headers","title":"Running behind another proxy \u2014 configuringX-Forwarded-*
headers","text":"Warning
These values should only be modified if there is an intermediate Load balancer or CDN between the user and the Dokku server hosting your application.
Properties:
x-forwarded-for-value
x-forwarded-port-value
x-forwarded-proto-value
x-forwarded-ssl
Dokku's default Nginx configuration passes the de-facto standard HTTP headers X-Forwarded-For
, X-Forwarded-Proto
, and X-Forwarded-Port
to your application. These headers indicate the IP address of the original client making the request, the protocol of the original request (HTTP or HTTPS), and the port number of the original request, respectively.
If you have another HTTP proxy sitting in between the end user and your server (for example, a load balancer, or a CDN), then the values of these headers will contain information about (e.g. the IP address of) the closest proxy, and not the end user.
To fix this, assuming that the other proxy also passes X-Forwarded-*
headers, which in turn contain information about the end user, you can tell Nginx include those values in the X-Forwarded-*
headers that it sends to your application. You can do this via nginx:set
, like so:
dokku nginx:set node-js-app x-forwarded-for-value '$http_x_forwarded_for'\ndokku nginx:set node-js-app x-forwarded-port-value '$http_x_forwarded_port'\ndokku nginx:set node-js-app x-forwarded-proto-value '$http_x_forwarded_proto'\n
However, note that you should only do this if:
X-Forwarded-*
headers.Otherwise, if it's possible for clients to make HTTP requests directly against your server, bypassing the other proxy, or if the other proxy is not configured to set these headers, then a client can basically pass any arbitrary values for these headers (which your app then presumably reads) and thereby fake an IP address, for example.
There's also the X-Forwarded-Ssl
header which a less common alternative to X-Forwarded-Proto
\u2014 and because of that, isn't included in Dokku's default Nginx configuration. It can be turned on
if need be:
# force-setting value to `on`\ndokku nginx:set node-js-app x-forwarded-ssl on\n
"},{"location":"networking/proxies/nginx/#changing-log-path","title":"Changing log path","text":"Warning
The defaults should not be changed without verifying that the paths will be writeable by nginx.
Properties:
access-log-path
error-log-path
These setting can be useful for enabling or disabling logging by setting the values to off
.
dokku nginx:set node-js-app access-log-path off\ndokku nginx:set node-js-app error-log-path off\n
"},{"location":"networking/proxies/nginx/#changing-log-format","title":"Changing log format","text":"Properties:
acccess-log-format
Prior to changing the log-format, log formats should be specified at a file such as /etc/nginx/conf.d/00-log-formats.conf
. This will ensure they are available within your app's nginx context. For instance, the following may be added to the above file. It only needs to be specified once to be used for all apps.
# /etc/nginx/conf.d/00-log-formats.conf\n# escape=json was added in nginx 1.11.8\nlog_format json_combined escape=json\n '{'\n '\"time_local\":\"$time_local\",'\n '\"remote_addr\":\"$remote_addr\",'\n '\"remote_user\":\"$remote_user\",'\n '\"request\":\"$request\",'\n '\"status\":\"$status\",'\n '\"body_bytes_sent\":\"$body_bytes_sent\",'\n '\"request_time\":\"$request_time\",'\n '\"http_referrer\":\"$http_referer\",'\n '\"http_user_agent\":\"$http_user_agent\"'\n '}';\n
"},{"location":"networking/proxies/nginx/#specifying-a-read-timeout","title":"Specifying a read timeout","text":"Note
All numeric values must have a trailing time value specified (s
for seconds, m
for minutes).
Properties:
proxy-read-timeout
Note
All numerical values must have a trailing size unit specified (k
for kilobytes, m
for megabytes).
Properties:
client-max-body-size
This property is commonly used to increase the max file upload size.
Changing this value when using the PHP buildpack (or any other buildpack that uses an intermediary server) will require changing the value in the server config shipped with that buildpack. Consult your buildpack documentation for further details.
"},{"location":"networking/proxies/nginx/#other","title":"Other","text":""},{"location":"networking/proxies/nginx/#domains-plugin","title":"Domains plugin","text":"See the domain configuration documentation for more information on how to configure domains for your app.
"},{"location":"networking/proxies/nginx/#customizing-hostnames","title":"Customizing hostnames","text":"See the customizing hostnames documentation for more information on how to configure domains for your app.
"},{"location":"networking/proxies/nginx/#disabling-vhosts","title":"Disabling VHOSTS","text":"See the disabling vhosts documentation for more information on how to disable domain usage for your app.
"},{"location":"networking/proxies/nginx/#ssl-configuration","title":"SSL Configuration","text":"See the ssl documentation for more information on how to configure SSL certificates for your application.
"},{"location":"networking/proxies/nginx/#disabling-nginx","title":"Disabling Nginx","text":"See the proxy documentation for more information on how to disable nginx as the proxy implementation for your app.
"},{"location":"networking/proxies/nginx/#managing-proxy-port-mappings","title":"Managing Proxy Port mappings","text":"See the ports documentation for more information on how to manage ports proxied for your app.
"},{"location":"networking/proxies/nginx/#regenerating-nginx-config","title":"Regenerating nginx config","text":"See the proxy documentation for more information on how to rebuild the nginx proxy configuration for your app.
"},{"location":"networking/proxies/openresty/","title":"OpenResty Proxy","text":"New
Introduced in 0.31.0
Dokku can provide integration with the OpenResty proxy service by utilizing the Docker label-based integration implemented by openresty-docker-proxy.
openresty:report [<app>] [<flag>] # Displays a openresty report for one or more apps\nopenresty:logs [--num num] [--tail] # Display openresty log output\nopenresty:set <app> <property> (<value>) # Set or clear an openresty property for an app\nopenresty:show-config <app> # Display openresty compose config\nopenresty:start # Starts the openresty server\nopenresty:stop # Stops the openresty server\n
"},{"location":"networking/proxies/openresty/#requirements","title":"Requirements","text":"Using the openresty
plugin integration requires the docker-compose-plugin
for Docker. See this document from the Docker documentation for more information on the installation process for the docker-compose-plugin
.
Warning
As using multiple proxy plugins on a single Dokku installation can lead to issues routing requests to apps, doing so should be avoided. As the default proxy implementation is nginx, users are encouraged to stop the nginx service before switching to OpenResty.
The OpenResty plugin has specific rules for routing requests:
web
containers have OpenResty labels injected by the plugin.http:80
and https:443
port mappings are supported at this time.To use the OpenResty plugin, use the proxy:set
command for the app in question:
dokku proxy:set node-js-app openresty\n
This will enable the docker label-based OpenResty integration. All future deploys will inject the correct labels for OpenResty to read and route requests to containers. Due to the docker label-based integration used by OpenResty, a single deploy or rebuild will be required before requests will route successfully.
dokku ps:rebuild node-js-app\n
Any changes to domains or port mappings will also require either a deploy or rebuild.
"},{"location":"networking/proxies/openresty/#starting-openresty-container","title":"Starting OpenResty container","text":"OpenResty can be started via the openresty:start
command. This will start a OpenResty container via the docker compose up
command.
dokku openresty:start\n
"},{"location":"networking/proxies/openresty/#stopping-the-openresty-container","title":"Stopping the OpenResty container","text":"OpenResty may be stopped via the openresty:stop
command.
dokku openresty:stop\n
The OpenResty container will be stopped and removed from the system. If the container is not running, this command will do nothing.
"},{"location":"networking/proxies/openresty/#showing-the-openresty-compose-config","title":"Showing the OpenResty compose config","text":"For debugging purposes, it may be useful to show the OpenResty compose config. This can be achieved via the openresty:show-config
command.
dokku openresty:show-config\n
"},{"location":"networking/proxies/openresty/#customizing-the-openresty-container-image","title":"Customizing the OpenResty container image","text":"While the default OpenResty image is hardcoded, users may specify an alternative by setting the image
property with the --global
flag:
dokku openresty:set --global image dokku/openresty-docker-proxy:0.5.6\n
"},{"location":"networking/proxies/openresty/#checking-the-openresty-containers-logs","title":"Checking the OpenResty container's logs","text":"It may be necessary to check the OpenResty container's logs to ensure that OpenResty is operating as expected. This can be performed with the openresty:logs
command.
dokku openresty:logs\n
This command also supports the following modifiers:
--num NUM # the number of lines to display\n--tail # continually stream logs\n
You can use these modifiers as follows:
dokku openresty:logs --tail --num 10\n
The above command will show logs continually from the openresty container, with an initial history of 10 log lines
"},{"location":"networking/proxies/openresty/#customizing-openresty-settings-for-an-app","title":"Customizing Openresty Settings for an app","text":""},{"location":"networking/proxies/openresty/#openresty-properties","title":"OpenResty Properties","text":"The OpenResty plugin supports all properties supported by the nginx:set
command via openresty:set
. At this time, please consult the nginx documentation for more information on what properties are available.
Please note that the oldest running container will be used for OpenResty configuration, and thus newer config may not apply until older app containers are retired during/after a deploy, depending on your zero-downtime settings.
"},{"location":"networking/proxies/openresty/#custom-openresty-templates","title":"Custom OpenResty Templates","text":"At this time, the OpenResty plugin does not allow complete customization of the template used to manage an app's vhost. Apps will use a template provided by the OpenResty container to proxy requests. See the next section for documentation on how to configure portions of the template.
"},{"location":"networking/proxies/openresty/#injecting-custom-snippets-into-the-openresty-config","title":"Injecting custom snippets into the OpenResty config","text":"The OpenResty plugin allows users to specify templates in their repository for auto-injection into the OpenResty config. Please note that this configuration should be validated prior to deployment or may cause outages in your OpenResty proxy layer.
The following folders within an app repository may have *.conf
files that will be automatically injected into the OpenResty config.
openresty/http-includes/
: Injected in the server
block serving http(s) requests for the app.openresty/http-location-includes/
: Injected in the location
block that proxies to the app in the app's respective server
block.The OpenResty plugin only supports automatic ssl certificates from it's letsencrypt integration. Managed certificates provided by the certs
plugin are ignored.
By default, letsencrypt is disabled and https port mappings are ignored. To enable, set the letsencrypt-email
property with the --global
flag:
dokku openresty:set --global letsencrypt-email automated@dokku.sh\n
After enabling, the OpenResty container will need to be restarted and apps will need to be rebuilt. All http requests will then be redirected to https.
"},{"location":"networking/proxies/openresty/#customizing-the-letsencrypt-server","title":"Customizing the letsencrypt server","text":"The letsencrypt integration is set to the production letsencrypt server by default. To change this, set the letsencrypt-server
property with the --global
flag:
dokku openresty:set --global letsencrypt-server https://acme-staging-v02.api.letsencrypt.org/directory\n
After enabling, the OpenResty container will need to be restarted and apps will need to be rebuilt to retrieve certificates from the new server.
"},{"location":"networking/proxies/openresty/#limiting-letsencrypt-to-certain-domains","title":"Limiting letsencrypt to certain domains","text":"Warning
Changing this value may cause OpenResty to fail to start if the value is not valid. Caution should be exercised when changing this value from the defaults.
In cases where your server's IP may have invalid domains pointing at it, limiting letsencrypt to certain allowed domains may be desirable to reduce spam requests on the Letsencrypt servers. The default is to allow all domains to have certificates retrieved, but this can be limited by specifying the allowed-letsencrypt-domains-func-base64
global property.
The default internal value for allowed-letsencrypt-domains-func-base64
is the base64 representation of return true
, and is meant to be the body of a lua function that return a boolean value.
value=\"$(echo 'return true' | base64 -w 0)\"\ndokku openresty:set --global allowed-letsencrypt-domains-func-base64 $value\n
As this is a global value, once changed, OpenResty should be stopped and started again for the value to take effect:
dokku openresty:stop\ndokku openresty:start\n
A more complex example would be to limit provisioning of certificates to domains in a specific list. The body of the lua function has access to a variable domain
, and we can use it like so:
body='allowed_domains = {\"domain.com\", \"extra-domain.com\"}\n\nfor index, value in ipairs(allowed_domains) do\n if value == domain then\n return true\n end\nend\n\nreturn false\n'\nvalue=\"$(echo \"$body\" | base64 -w 0)\"\ndokku openresty:set --global allowed-letsencrypt-domains-func-base64 $value\n
To reset the value to the default, simply specify a blank value prior to restarting OpenResty:
dokku openresty:set --global allowed-letsencrypt-domains-func-base64\n
"},{"location":"networking/proxies/openresty/#displaying-openresty-reports-for-an-app","title":"Displaying OpenResty reports for an app","text":"You can get a report about the app's OpenResty config using the openresty:report
command:
dokku openresty:report\n
=====> node-js-app openresty information\n Openresty image: dokku/openresty-docker-proxy:0.5.6\n Openresty letsencrypt email: automated@dokku.sh\n=====> python-app openresty information\n Openresty image: dokku/openresty-docker-proxy:0.5.6\n Openresty letsencrypt email: automated@dokku.sh\n=====> ruby-app openresty information\n Openresty image: dokku/openresty-docker-proxy:0.5.6\n Openresty letsencrypt email: automated@dokku.sh\n
You can run the command for a specific app also.
ShellOutputdokku openresty:report node-js-app\n
=====> node-js-app openresty information\n Openresty image: dokku/openresty-docker-proxy:0.5.6\n Openresty letsencrypt email: automated@dokku.sh\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku openresty:report node-js-app --openresty-letsencrypt-email\n
"},{"location":"networking/proxies/traefik/","title":"Traefik Proxy","text":"New
Introduced in 0.28.0
Dokku provides integration with the Traefik proxy service by utilizing the Docker label-based integration implemented by Traefik.
traefik:report [<app>] [<flag>] # Displays a traefik report for one or more apps\ntraefik:logs [--num num] [--tail] # Display traefik log output\ntraefik:set <app> <property> (<value>) # Set or clear an traefik property for an app\ntraefik:show-config <app> # Display traefik compose config\ntraefik:start # Starts the traefik server\ntraefik:stop # Stops the traefik server\n
"},{"location":"networking/proxies/traefik/#requirements","title":"Requirements","text":"Using the traefik
plugin integration requires the docker-compose-plugin
for Docker. See this document from the Docker documentation for more information on the installation process for the docker-compose-plugin
.
Warning
As using multiple proxy plugins on a single Dokku installation can lead to issues routing requests to apps, doing so should be avoided. As the default proxy implementation is nginx, users are encouraged to stop the nginx service before switching to Traefik.
The Traefik plugin has specific rules for routing requests:
web
containers have Traefik labels injected by the plugin.http:80
and https:443
port mappings are supported.http:80
mapping is found, the first http
port mapping is used for http requests.https:443
mapping is found, the first https
port mapping is used for https requests.https
mapping is found, the container port from http:80
will be used for https requests.To use the Traefik plugin, use the proxy:set
command for the app in question:
dokku proxy:set node-js-app traefik\n
This will enable the docker label-based Traefik integration. All future deploys will inject the correct labels for Traefik to read and route requests to containers. Due to the docker label-based integration used by Traefik, a single deploy or rebuild will be required before requests will route successfully.
dokku ps:rebuild node-js-app\n
Any changes to domains or port mappings will also require either a deploy or rebuild.
"},{"location":"networking/proxies/traefik/#starting-traefik-container","title":"Starting Traefik container","text":"Traefik can be started via the traefik:start
command. This will start a Traefik container via the docker compose up
command.
dokku traefik:start\n
"},{"location":"networking/proxies/traefik/#stopping-the-traefik-container","title":"Stopping the Traefik container","text":"Traefik may be stopped via the traefik:stop
command.
dokku traefik:stop\n
The Traefik container will be stopped and removed from the system. If the container is not running, this command will do nothing.
"},{"location":"networking/proxies/traefik/#changing-the-traefik-entrypoint-names","title":"Changing the Traefik entrypoint names","text":"When you use a self-hosted Traefik instance, your entrypoint names might be different from the default http
and https
Use traefik:set
to set both http-entry-point
and https-entry-point
to custom values
dokku traefik:set --global http-entry-point web\ndokku traefik:set --global https-entry-point websecure\n
"},{"location":"networking/proxies/traefik/#showing-the-traefik-compose-config","title":"Showing the Traefik compose config","text":"For debugging purposes, it may be useful to show the Traefik compose config. This can be achieved via the traefik:show-config
command.
dokku traefik:show-config\n
"},{"location":"networking/proxies/traefik/#customizing-the-traefik-container-image","title":"Customizing the Traefik container image","text":"While the default Traefik image is hardcoded, users may specify an alternative by setting the image
property with the --global
flag:
dokku traefik:set --global image traefik:v2.8\n
"},{"location":"networking/proxies/traefik/#checking-the-traefik-containers-logs","title":"Checking the Traefik container's logs","text":"It may be necessary to check the Traefik container's logs to ensure that Traefik is operating as expected. This can be performed with the traefik:logs
command.
dokku traefik:logs\n
This command also supports the following modifiers:
--num NUM # the number of lines to display\n--tail # continually stream logs\n
You can use these modifiers as follows:
dokku traefik:logs --tail --num 10\n
The above command will show logs continually from the traefik container, with an initial history of 10 log lines
"},{"location":"networking/proxies/traefik/#changing-the-traefik-log-level","title":"Changing the Traefik log level","text":"Traefik log output is set to ERROR
by default. It may be changed by setting the log-level
property with the --global
flag:
dokku traefik:set --global log-level DEBUG\n
After modifying, the Traefik container will need to be restarted.
"},{"location":"networking/proxies/traefik/#ssl-configuration","title":"SSL Configuration","text":"The traefik plugin only supports automatic ssl certificates from it's letsencrypt integration. Managed certificates provided by the certs
plugin are ignored.
By default, letsencrypt is disabled and https port mappings are ignored. To enable, set the letsencrypt-email
property with the --global
flag:
dokku traefik:set --global letsencrypt-email automated@dokku.sh\n
After enabling, apps will need to be rebuilt and the Traefik container will need to be restarted. All http requests will then be redirected to https.
"},{"location":"networking/proxies/traefik/#customizing-the-letsencrypt-server","title":"Customizing the letsencrypt server","text":"The letsencrypt integration is set to the production letsencrypt server by default. To change this, set the letsencrypt-server
property with the --global
flag:
dokku traefik:set --global letsencrypt-server https://acme-staging-v02.api.letsencrypt.org/directory\n
After enabling, the Traefik container will need to be restarted and apps will need to be rebuilt to retrieve certificates from the new server.
"},{"location":"networking/proxies/traefik/#api-access","title":"API Access","text":"Traefik exposes an API and Dashboard, which Dokku disables by default for security reasons. It can be exposed and customized as described below.
"},{"location":"networking/proxies/traefik/#enabling-the-api","title":"Enabling the api","text":"Warning
Users enabling the dashboard should also enable api basic auth.
By default, the api is disabled. To enable, set the api-enabled
property with the --global
flag:
dokku traefik:set --global api-enabled true\n
After enabling, the Traefik container will need to be restarted.
"},{"location":"networking/proxies/traefik/#enabling-the-dashboard","title":"Enabling the dashboard","text":"Warning
Users enabling the dashboard should also enable api basic auth.
By default, the dashboard is disabled. To enable, set the dashboard-enabled
property with the --global
flag:
dokku traefik:set --global dashboard-enabled true\n
After enabling, the Traefik container will need to be restarted.
"},{"location":"networking/proxies/traefik/#enabling-api-basic-auth","title":"Enabling api basic auth","text":"Users enabling either the api or dashboard are encouraged to enable basic auth. This will apply only to the api/dashboard, and not to apps. To enable, set the basic-auth-username
and basic-auth-password
properties with the --global
flag:. Both must be set or basic auth will not be enabled.
dokku traefik:set --global basic-auth-username username\ndokku traefik:set --global basic-auth-password password\n
After enabling, the Traefik container will need to be restarted.
"},{"location":"networking/proxies/traefik/#customizing-the-api-hostname","title":"Customizing the api hostname","text":"The hostname used for the api and dashboard is set to traefik.dokku.me
by default. It can be customized by setting the api-vhost
property with the --global
flag:
dokku traefik:set --global api-vhost lb.dokku.me\n
After enabling, the Traefik container will need to be restarted.
"},{"location":"networking/proxies/traefik/#displaying-traefik-reports-for-an-app","title":"Displaying Traefik reports for an app","text":"You can get a report about the app's Traefik config using the traefik:report
command:
dokku traefik:report\n
=====> node-js-app traefik information\n Traefik api enabled: false\n Traefik api vhost: traefik.dokku.me\n Traefik basic auth password: password\n Traefik basic auth username: user\n Traefik dashboard enabled: false\n Traefik image: traefik:v2.8\n Traefik letsencrypt email:\n Traefik letsencrypt server:\n Traefik log level: ERROR\n=====> python-app traefik information\n Traefik api enabled: false\n Traefik api vhost: traefik.dokku.me\n Traefik basic auth password: password\n Traefik basic auth username: user\n Traefik dashboard enabled: false\n Traefik image: traefik:v2.8\n Traefik letsencrypt email:\n Traefik letsencrypt server:\n Traefik log level: ERROR\n=====> ruby-app traefik information\n Traefik api enabled: false\n Traefik api vhost: traefik.dokku.me\n Traefik basic auth password: password\n Traefik basic auth username: user\n Traefik dashboard enabled: false\n Traefik image: traefik:v2.8\n Traefik letsencrypt email:\n Traefik letsencrypt server:\n Traefik log level: ERROR\n
You can run the command for a specific app also.
ShellOutputdokku traefik:report node-js-app\n
=====> node-js-app traefik information\n Traefik api enabled: false\n Traefik api vhost: traefik.dokku.me\n Traefik basic auth password: password\n Traefik basic auth username: user\n Traefik dashboard enabled: false\n Traefik image: traefik:v2.8\n Traefik letsencrypt email:\n Traefik letsencrypt server:\n Traefik log level: ERROR\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku traefik:report node-js-app --traefik-api-enabled\n
"},{"location":"processes/entering-containers/","title":"Entering containers","text":"New
Introduced in 0.4.0
enter <app> [<container-type> || --container-id <container-id>] # Connect to a specific app container\n
"},{"location":"processes/entering-containers/#usage","title":"Usage","text":"The enter
command can be used to enter a running container. The following variations of the command exist:
# enter the web process\ndokku enter node-js-app web\n\n# enter the first web process\ndokku enter node-js-app web.1\n\n# enter a process for an app by container ID\ndokku enter node-js-app --container-id ID\n
The container-type
argument can be one either:
Procfile
, the name of a process type in your Procfile
.Procfile
, the word web
.If the specified process type is scaled up to more than one container, then the first container will be automatically selected. this can be overridden by specifying an integer index denoting the desired container, where the first container's index is 1
.
Additionally, the enter
command can be executed with no <container-type>
. If only a single <container-type>
is defined in the app's Procfile, executing enter
will drop the terminal into the only running container. This behavior is not supported when specifying a custom command; as described below.
By default, dokku enter
will run a /bin/bash
, but can also be used to run custom commands:
# just echo hi\ndokku enter node-js-app web echo hi\n\n# run a long-running command, as one might for a cron task\ndokku enter node-js-app web python script/background-worker.py\n
"},{"location":"processes/one-off-tasks/","title":"One-off Tasks","text":"run [-e|--env KEY=VALUE] [--no-tty] <app> <cmd> # Run a command in a new container using the current app image\nrun:detached [-e|-env KEY=VALUE] [--force-tty] <app> <cmd> # Run a command in a new detached container using the current app image\nrun:list [--format json|stdout] [<app>] # List all run containers for an app\nrun:logs <app|--container CONTAINER> [-h] [-t] [-n num] [-q] # Display recent log output for run containers\nrun:stop <app|--container CONTAINER> # Stops all run containers for an app or a specified run container\n
Sometimes it is necessary to run a one-off command under an app. Dokku makes it easy to run a fresh container via the run
command.
The run
command can be used to run a one-off process for a specific command. This will start a new container and run the desired command within that container. The container image will be the same container image as was used to start the currently deployed app.
New
Introduced in 0.25.0, this container will be removed after the process exits.
# runs `ls -lah` in the `/app` directory of the app `node-js-app`\ndokku run node-js-app ls -lah\n\n# optionally, run can be passed custom environment variables\ndokku run --env \"NODE_ENV=development\" --env \"PATH=/custom/path\" node-js-app npm run mytask\n
One off containers are removed at the end of process execution.
"},{"location":"processes/one-off-tasks/#running-procfile-commands","title":"Running Procfile commands","text":"The run
command can also be used to run a command defined in the app Procfile
:
console: bundle exec racksh\n
# runs `bundle exec racksh` in the `/app` directory of the app `my-app`\ndokku run my-app console\n
"},{"location":"processes/one-off-tasks/#specifying-container-labels","title":"Specifying container labels","text":"Containers may have specific labels attached. In order to avoid issues with dokku internals, do not use any labels beginning with either com.dokku
or org.label-schema
.
dokku --label=com.example.test-label=value run node-js-app ls -lah\n
"},{"location":"processes/one-off-tasks/#disabling-tty","title":"Disabling TTY","text":"New
Introduced in 0.25.0
One-off containers default to interactive mode where possible. To disable this behavior, specify the --no-tty
flag:
dokku run --no-tty node-js-app ls -lah\n
"},{"location":"processes/one-off-tasks/#running-a-detached-container","title":"Running a detached container","text":"New
Introduced in 0.25.0
Finally, a container can be run in \"detached\" mode via the run:detached
Dokku command. Running a process in detached mode will immediately return a CONTAINER_ID
. Detached containers are run without a tty and are also removed at the end of process execution.
dokku run:detached node-js-app ls -lah\n# returns the ID of the new container\n
To start a detached container with a tty, specify the --force-tty
flag. Containers will still exit upon command termination, but can be attached to as long as they are running.
dokku run:detached --force-tty node-js-app bash\n
"},{"location":"processes/one-off-tasks/#displaying-one-off-container-logs","title":"Displaying one-off container logs","text":"You can easily get logs of all one-off containers for an app using the logs
command:
dokku run:logs node-js-app\n
Logs are pulled via integration with the scheduler for the specified application via \"live tailing\". As such, logs from previously running deployments are usually not available. Users that desire to see logs from previous deployments for debugging purposes should persist those logs to external services. Please see Dokku's vector integration for more information on how to persist logs across deployments to ship logs to another service or a third-party platform.
"},{"location":"processes/one-off-tasks/#behavioral-modifiers","title":"Behavioral modifiers","text":"Dokku also supports certain command-line arguments that augment the run:log
command's behavior.
--container NAME # the name of a specific container to show logs for\n-n, --num NUM # the number of lines to display\n-t, --tail # continually stream logs\n-q, --quiet # display raw logs without colors, time and names\n
You can use these modifiers as follows:
dokku run:logs -t --container node-js-app.run.1234\n
The above command will show logs continually from the node-js-app.run.1234
one-off run process.
New
Introduced in 0.25.0
One-off containers for a given app can be listed via the run:list
command:
dokku run:list node-js-app\n
=====> node-js-app run containers\nNAMES COMMAND CREATED\nnode-js-app.run.28689 \"/exec sleep 15\" 2 seconds ago\n
Info
The COMMAND
displayed will be what Docker executes and may not exactly match the command specified by a dokku run
command.
The output can also be shown in json format:
ShellOutputdokku run:list node-js-app --format json\n
[\n {\n \"name\": \"node-js-app.run.28689\",\n \"state\": \"running\",\n \"command\": \"\\\"/exec 'sleep 15'\\\"\",\n \"created_at\": \"2022-08-03 05:47:44 +0000 UTC\"\n }\n]\n
"},{"location":"processes/one-off-tasks/#stopping-a-one-off-container","title":"Stopping a one-off container","text":"New
Introduced in 0.29.0
Run containers for an app can be stopped via the run:stop
command. The output will be the container id.
# start a container\n# the output will be something like: node-js-app.run.2313\ndokku run node-js-app sleep 300\n\n# stop the container\ndokku run:stop --container node-js-app.run.2313\n
node-js-app.run.2313\n
All containers for a given app can be stopped by specifying the app name.
ShellOutputdokku run:stop node-js-app\n
node-js-app.run.2313\nnode-js-app.run.574\n
"},{"location":"processes/process-management/","title":"Process Management","text":"New
Introduced in 0.3.14, Enhanced in 0.7.0
ps:inspect <app> # Displays a sanitized version of docker inspect for an app\nps:rebuild [--parallel count] [--all|<app>] # Rebuilds an app from source\nps:report [<app>] [<flag>] # Displays a process report for one or more apps\nps:restart [--parallel count] [--all|<app>] [<process-name>] # Restart an app\nps:restore [<app>] # Start previously running apps e.g. after reboot\nps:scale [--skip-deploy] <app> <proc>=<count> [<proc>=<count>...] # Get/Set how many instances of a given process to run\nps:set <app> <key> <value> # Set or clear a ps property for an app\nps:start [--parallel count] [--all|<app>] # Start an app\nps:stop [--parallel count] [--all|<app>] # Stop an app\n
"},{"location":"processes/process-management/#usage","title":"Usage","text":""},{"location":"processes/process-management/#inspecting-app-containers","title":"Inspecting app containers","text":"New
Introduced in 0.13.0
A common administrative task to perform is calling docker inspect
on the containers that are running for an app. This can be an error-prone task to perform, and may also reveal sensitive environment variables if not done correctly. Dokku provides a wrapper around this command via the ps:inspect
command:
dokku ps:inspect node-js-app\n
This command will gather all the running container IDs for your app and call docker inspect
, sanitizing the output data so it can be copy-pasted elsewhere safely.
It may be useful to rebuild an app at will, such as for commands that do not rebuild an app or when skipping a rebuild after setting multiple config values. For these use cases, the ps:rebuild
function can be used.
dokku ps:rebuild node-js-app\n
All apps may be rebuilt by using the --all
flag.
dokku ps:rebuild --all\n
By default, rebuilding all apps happens serially. The parallelism may be controlled by the --parallel
flag.
dokku ps:rebuild --all --parallel 2\n
Finally, the number of parallel workers may be automatically set to the number of CPUs available by setting the --parallel
flag to -1
dokku ps:rebuild --all --parallel -1\n
A missing linked container will result in failure to boot apps. Services should all be started for apps being rebuilt.
"},{"location":"processes/process-management/#restarting-apps","title":"Restarting apps","text":"An app may be restarted using the ps:restart
command.
dokku ps:restart node-js-app\n
A single process type - such as web
or worker
- may also be specified. This does not support specifying a given instance of a process type, and only supports restarting all instances of that process type.
dokku ps:restart node-js-app web\n
All apps may be restarted by using the --all
flag. This flag is incompatible with specifying a process type.
dokku ps:restart --all\n
By default, restarting all apps happens serially. The parallelism may be controlled by the --parallel
flag.
dokku ps:restart --all --parallel 2\n
Finally, the number of parallel workers may be automatically set to the number of CPUs available by setting the --parallel
flag to -1
dokku ps:restart --all --parallel -1\n
A missing linked container will result in failure to boot apps. Services should all be started for apps being rebuilt.
"},{"location":"processes/process-management/#displaying-existing-scale-properties","title":"Displaying existing scale properties","text":"Issuing the ps:scale
command with no arguments will output the current scaling properties for an app.
dokku ps:scale node-js-app\n
-----> Scaling for python\nproctype: qty\n--------: ---\nweb: 1\n
"},{"location":"processes/process-management/#defining-processes","title":"Defining Processes","text":""},{"location":"processes/process-management/#procfile","title":"Procfile","text":"Note
Dokku supports the Procfile format as defined in this document under \"Strict Mode\" parsing rules.
Apps can define processes to run by using a Procfile
. A Procfile
is a simple text file that can be used to specify multiple commands, each of which is subject to process scaling. In the case where the built image sets a default command to run - either through usage of CMD
for Dockerfile-based builds, a default process for buildpack-based builds, or any other method for the builder in use - the Procfile
will take precedence.
If the file exists, it should not be empty, as doing so may result in a failed deploy.
The syntax for declaring a Procfile
is as follows. Note that the format is one process type per line, with no duplicate process types.
<process type>: <command>\n
If, for example, you have multiple queue workers and wish to scale them separately, the following would be a valid way to work around the requirement of not duplicating process types:
worker: env QUEUE=* bundle exec rake resque:work\nimportantworker: env QUEUE=important bundle exec rake resque:work\n
If the app build declares an ENTRYPOINT
, the command defined in the Procfile
is passed as an argument to that entrypoint. This is the case for all Dockerfile-based, Docker Image, and Cloud Native Buildpack deployments.
The web
process type holds some significance in that it is the only process type that is automatically scaled to 1
on the initial application deploy. See the web process scaling documentation for more details around scaling individual processes.
See the Procfile location documentation for more information on where to place your Procfile
file.
web
process","text":"For initial app deploys, Dokku will default to starting a single web
process for each app. This process may be defined within the Procfile
or as the CMD
(for Dockerfile or Docker image deploys). Scaling of the web
process - and all other processes - may be managed via ps:scale
or the formation
key in the app.json
file either before or after the initial deploy.
There are also a few other exceptions for the web
process.
web
process (others may be handled via a custom nginx.conf.sigil
).web
process may be bound to an external port.release
process","text":"The Procfile
also supports a special release
command which acts in a similar way to the Heroku Release Phase. See the Release deployment task documentation for more information on how Dokku handles this process type.
Procfile
location","text":"The Procfile
is expected to be found in a specific directory, depending on the deploy approach:
WORKDIR
of the Docker image for deploys resulting from git:from-image
and git:load-image
commands.git:from-archive
, git:sync
).Sometimes it may be desirable to set a different path for a given app, e.g. when deploying from a monorepo. This can be done via the procfile-path
property:
dokku ps:set node-js-app procfile-path .dokku/Procfile\n
The value is the path to the desired file relative to the base search directory, and will never be treated as absolute paths in any context. If that file does not exist within the repository, Dokku will continue the build process as if the repository has no Procfile
.
The default value may be set by passing an empty value for the option:
dokku ps:set node-js-app procfile-path\n
The procfile-path
property can also be set globally. The global default is Procfile
, and the global value is used when no app-specific value is set.
dokku ps:set --global procfile-path global-Procfile\n
The default value may be set by passing an empty value for the option.
dokku ps:set --global procfile-path\n
"},{"location":"processes/process-management/#scaling-apps","title":"Scaling apps","text":""},{"location":"processes/process-management/#via-cli","title":"Via CLI","text":"Info
This functionality is disabled if the formation is managed via the formation
key of app.json
.
Dokku can also manage scaling itself via the ps:scale
command. This command can be used to scale multiple process types at the same time.
dokku ps:scale node-js-app web=1\n
Multiple process types can be scaled at once:
dokku ps:scale node-js-app web=1 worker=1\n
If desired, the corresponding deploy will be skipped by using the --skip-deploy
flag:
dokku ps:scale --skip-deploy node-js-app web=1\n
"},{"location":"processes/process-management/#manually-managing-process-scaling","title":"Manually managing process scaling","text":"Info
Using a formation
key in an app.json
file with any quantity
specified disables the ability to use ps:scale
for scaling. All processes not specified in the app.json
will have their process count set to zero.
Users can also configure scaling within the codebase itself to manage process scaling. The formation
key should be specified as follows in the app.json
file:
{\n \"formation\": {\n \"web\": {\n \"quantity\": 1\n },\n \"worker\": {\n \"quantity\": 4\n }\n }\n}\n
Removing the formation
key or removing the app.json
file from your repository will result in Dokku respecting the ps:scale
command for setting scale values. The values set via the app.json
file from a previous deploy will be respected.
See the app.json location documentation for more information on where to place your app.json
file.
Deployed apps can be stopped using the ps:stop
command. This turns off all running containers for an app, and will result in a 502 Bad Gateway response for the default nginx proxy implementation.
dokku ps:stop node-js-app\n
All apps may be stopped by using the --all
flag.
dokku ps:stop --all\n
By default, stopping all apps happens serially. The parallelism may be controlled by the --parallel
flag.
dokku ps:stop --all --parallel 2\n
Finally, the number of parallel workers may be automatically set to the number of CPUs available by setting the --parallel
flag to -1
dokku ps:stop --all --parallel -1\n
"},{"location":"processes/process-management/#starting-apps","title":"Starting apps","text":"All stopped containers can be started using the ps:start
command. This is similar to running ps:restart
, except no action will be taken if the app containers are running.
dokku ps:start node-js-app\n
All apps may be started by using the --all
flag.
dokku ps:start --all\n
By default, starting all apps happens serially. The parallelism may be controlled by the --parallel
flag.
dokku ps:start --all --parallel 2\n
Finally, the number of parallel workers may be automatically set to the number of CPUs available by setting the --parallel
flag to -1
dokku ps:start --all --parallel -1\n
"},{"location":"processes/process-management/#restart-policies","title":"Restart policies","text":"New
Introduced in 0.7.0, Command Changed in 0.22.0
By default, Dokku will automatically restart containers that exit with a non-zero status up to 10 times via the on-failure Docker restart policy.
"},{"location":"processes/process-management/#setting-the-restart-policy","title":"Setting the restart policy","text":"Info
A change in the restart policy must be followed by a ps:rebuild
call.
You can configure this via the ps:set
command:
# always restart an exited container\ndokku ps:set node-js-app restart-policy always\n\n# never restart an exited container\ndokku ps:set node-js-app restart-policy no\n\n# only restart it on Docker restart if it was not manually stopped\ndokku ps:set node-js-app restart-policy unless-stopped\n\n# restart only on non-zero exit status\ndokku ps:set node-js-app restart-policy on-failure\n\n# restart only on non-zero exit status up to 20 times\ndokku ps:set node-js-app restart-policy on-failure:20\n
Restart policies have no bearing on server reboot, and Dokku will always attempt to restart your apps at that point unless they were manually stopped.
Dokku also runs dokku-event-listener
in the background via the system's init service. This monitors container state, performing the following actions:
New
Introduced in 0.12.0
You can get a report about the deployed apps using the ps:report
command:
dokku ps:report\n
=====> node-js-app ps information\n Deployed: false\n Processes: 0\n Ps can scale: true\n Ps computed procfile path: Procfile2\n Ps global procfile path: Procfile\n Ps restart policy: on-failure:10\n Ps procfile path: Procfile2\n Restore: true\n Running: false\n=====> python-sample ps information\n Deployed: false\n Processes: 0\n Ps can scale: true\n Ps computed procfile path: Procfile\n Ps global procfile path: Procfile\n Ps restart policy: on-failure:10\n Ps procfile path:\n Restore: true\n Running: false\n=====> ruby-sample ps information\n Deployed: false\n Processes: 0\n Ps can scale: true\n Ps computed procfile path: Procfile\n Ps global procfile path: Procfile\n Ps restart policy: on-failure:10\n Ps procfile path:\n Restore: true\n Running: false\n
You can run the command for a specific app also.
ShellOutputdokku ps:report node-js-app\n
=====> node-js-app ps information\n Deployed: false\n Processes: 0\n Ps can scale: true\n Ps restart policy: on-failure:10\n Restore: true\n Running: false\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku ps:report node-js-app --deployed\n
"},{"location":"processes/process-management/#restoring-apps-after-a-server-reboot","title":"Restoring apps after a server reboot","text":"When a server reboots or Docker is restarted/upgraded, Docker may or may not start old app containers automatically, and may in some cases re-assign container IP addresses. To combat this issue, Dokku uses an init process that triggers dokku ps:restore
after the Docker daemon is detected as starting. When triggered, the dokku ps:restore
command will serially (one by one) run the following for each:
During this time, requests may route to the incorrect app if the assigned IPs correspond to those for other apps. While dokku makes all efforts to avoid this, there may be a few minutes where urls may route to the wrong app. To avoid this, either use a custom proxy plugin or wait a few minutes until the restoration process is complete.
"},{"location":"processes/scheduled-cron-tasks/","title":"Scheduled Cron Tasks","text":"New
Introduced in 0.23.0
cron:list <app> [--format json|stdout] # List scheduled cron tasks for an app\ncron:report [<app>] [<flag>] # Display report about an app\ncron:run <app> <cron_id> [--detach] # Run a cron task on the fly\ncron:set [--global|<app>] <key> <value> # Set or clear a cron property for an app\n
"},{"location":"processes/scheduled-cron-tasks/#usage","title":"Usage","text":""},{"location":"processes/scheduled-cron-tasks/#dokku-managed-cron","title":"Dokku Managed Cron","text":"Dokku automates scheduled dokku run
commands via it's app.json
cron integration.
The app.json
file for a given app can define a special cron
key that contains a list of commands to run on given schedules. The following is a simple example app.json
that effectively runs the command dokku run $APP npm run send-email
once a day:
{\n \"cron\": [\n {\n \"command\": \"npm run send-email\",\n \"schedule\": \"@daily\"\n }\n ]\n}\n
A cron entry takes the following properties:
command
: A command to be run within the built app image. Specified commands can also be Procfile
entries.schedule
: A cron-compatible scheduling definition upon which to run the command. Seconds are generally not supported.Zero or more cron commands can be specified per app. Cron entries are validated after the build artifact is created but before the app is deployed, and the cron schedule is updated during the post-deploy phase.
See the app.json location documentation for more information on where to place your app.json
file.
When running scheduled cron tasks, there are a few items to be aware of:
PATH
and SHELL
environment variables are specified in the cron template.MAILTO
value can be set via the cron:set
command.run
container, and thus inherit any docker-options specified for run
containers. Resources are never shared between scheduled tasks.docker-local
scheduler.docker-local
scheduler are written to a single crontab file owned by the dokku
user. The dokku
user's crontab should be considered reserved for this purpose.By default, cron tasks complete and do not perform any reporting. Users can specify a value for MAILTO
via the global mailto
cron property by using the cron:set
command.
dokku cron:set --global mailto example@example.com\n
All output for individual cron runs will be sent to the specified email.
Cron emails can be disabled by running the cron:set
command for the global mailto
property with no value.
dokku cron:set --global mailto\n
"},{"location":"processes/scheduled-cron-tasks/#listing-cron-tasks","title":"Listing Cron tasks","text":"Cron tasks for an app can be listed via the cron:list
command. This command takes an app
argument.
dokku cron:list node-js-app\n
ID Schedule Command\ncGhwPT09cGhwIHRlc3QucGhwPT09QGRhaWx5 @daily node index.js\ncGhwPT09dHJ1ZT09PSogKiAqICogKg== * * * * * true\n
The output can also be displayed in json format:
ShellOutputdokku cron:list node-js-app --format json\n
[{\"id\":\"cGhwPT09cGhwIHRlc3QucGhwPT09QGRhaWx5\",\"app\":\"node-js-app\",\"command\":\"node index.js\",\"schedule\":\"@daily\"}]\n
"},{"location":"processes/scheduled-cron-tasks/#executing-a-cron-task-on-the-fly","title":"Executing a cron task on the fly","text":"Cron tasks can be invoked via the cron:run
command. This command takes an app
argument and a cron id
(retrievable from cron:list
output).
dokku cron:run node-js-app cGhwPT09cGhwIHRlc3QucGhwPT09QGRhaWx5\n
By default, the task is run in an attached container - as supported by the scheduler. To run in a background detached container, specify the --detach
flag:
dokku cron:run node-js-app cGhwPT09cGhwIHRlc3QucGhwPT09QGRhaWx5 --detach\n
All one-off cron executions have their containers terminated after invocation.
"},{"location":"processes/scheduled-cron-tasks/#displaying-reports","title":"Displaying reports","text":"You can get a report about the cron configuration for apps using the cron:report
command:
dokku cron:report\n
=====> node-js-app cron information\n Cron task count: 2\n=====> python-sample cron information\n Cron task count: 0\n=====> ruby-sample cron information\n Cron task count: 10\n
You can run the command for a specific app also.
ShellOutputdokku cron:report node-js-app\n
=====> node-js-app cron information\n Cron task count: 2\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku cron:report node-js-app --cron-task-count\n
"},{"location":"processes/scheduled-cron-tasks/#self-managed-cron","title":"Self Managed Cron","text":"Warning
Self-managed cron tasks should be considered advanced usage. While the instructions are available, users are highly encouraged to use the built-in scheduled cron task support unless absolutely necessary.
Some installations may require more fine-grained control over cron usage. The following are advanced instructions for configuring cron.
"},{"location":"processes/scheduled-cron-tasks/#using-run-for-cron-tasks","title":"Usingrun
for cron tasks","text":"You can always use a one-off container to run an app task:
dokku run node-js-app some-command\n
For tasks that should not be interrupted, run is the preferred method of handling cron tasks, as the container will continue running even during a deploy or scaling event. The trade-off is that there will be an increase in memory usage if there are multiple concurrent tasks running.
"},{"location":"processes/scheduled-cron-tasks/#using-enter-for-cron-tasks","title":"Usingenter
for cron tasks","text":"Your Procfile can have the following entry:
cron: sleep infinity\n
With the cron
process scaled to 1
:
dokku ps:scale node-js-app cron=1\n
You can now run all your commands in that container:
dokku enter node-js-app cron some-command\n
Note that you can also run multiple commands at the same time to reduce memory usage, though that may result in polluting the container environment.
For tasks that will properly resume, you should use the above method, as running tasks will be interrupted during deploys and scaling events, and subsequent commands will always run with the latest container. Note that if you scale the cron container down, this may interrupt proper running of the task.
"},{"location":"processes/scheduled-cron-tasks/#general-cron-recommendations","title":"General cron recommendations","text":"Regularly scheduled tasks can be a bit of a pain with Dokku. The following are general recommendations to follow to help ensure successful task runs.
dokku
user in your cron entry.dokku
binary will attempt to execute with sudo
, and your cron run with fail with sudo: no tty present and no askpass program specified
.MAILTO
environment variable to ship cron emails to yourself.PATH
environment variable or specify the full path to binaries on the host.SHELL
environment variable to specify Bash when running commands./etc/cron.d/APP
.The following is a sample cronfile that you can use for your apps:
# server cron jobs\nMAILTO=\"mail@dokku.me\"\nPATH=/usr/local/bin:/usr/bin:/bin\nSHELL=/bin/bash\n\n# m h dom mon dow username command\n# * * * * * dokku command to be executed\n# - - - - -\n# | | | | |\n# | | | | +----- day of week (0 - 6) (Sunday=0)\n# | | | +------- month (1 - 12)\n# | | +--------- day of month (1 - 31)\n# | +----------- hour (0 - 23)\n# +----------- min (0 - 59)\n\n### HIGH TRAFFIC TIME IS B/W 00:00 - 04:00 AND 14:00 - 23:59\n### RUN YOUR TASKS FROM 04:00 - 14:00\n### KEEP SORTED IN TIME ORDER\n\n### PLACE ALL CRON TASKS BELOW\n\n# removes unresponsive users from the subscriber list to decrease bounce rates\n0 0 * * * dokku dokku run node-js-app some-command\n\n# sends out our email alerts to users\n0 1 * * * dokku dokku ps:scale node-js-app cron=1 && dokku enter node-js-app cron some-other-command && dokku ps:scale node-js-app cron=0\n\n### PLACE ALL CRON TASKS ABOVE, DO NOT REMOVE THE WHITESPACE AFTER THIS LINE\n
"}]}
\ No newline at end of file