Deploy DevGuard with Docker Compose

Run DevGuard locally using Docker Compose for testing and evaluation.

Prerequisites

  • Docker and Docker Compose installed

Deployment Steps

Download required files

curl -LO https://raw.githubusercontent.com/l3montree-dev/devguard/refs/heads/main/docker-compose-try-it.yaml \
&& curl -LO https://raw.githubusercontent.com/l3montree-dev/devguard/refs/heads/main/initdb.sql \
&& curl -LO https://raw.githubusercontent.com/l3montree-dev/devguard/refs/heads/main/.kratos/identity.schema.json \
&& curl -L -o kratos.yml https://raw.githubusercontent.com/l3montree-dev/devguard/refs/heads/main/.kratos/kratos.example.yml \
&& mkdir -p kratos \
&& mv kratos.yml kratos/kratos.yml \
&& mv identity.schema.json kratos/identity.schema.json

Start the containers

docker-compose -f docker-compose-try-it.yaml up

Access DevGuard

Open http://localhost:3000 in your browser.

Important Notes

Email verification: No SMTP server is configured by default. During registration, skip email verification by clicking "Back".

To enable email delivery, you can additionally append the COURIER_SMTP_CONNECTION_URI environment-variable to the kratos service:

services:
    kratos:
        environment:
            # Add your username and password in the url
            - COURIER_SMTP_CONNECTION_URI=smtp://user:password@smtp.example.com:587/?skip_ssl_verify=false

Vulnerability database: The API downloads the latest vulnerability database on first start. This may take several minutes. Vulnerability data and scan results won't be complete until the download finishes.

Adapting for Production

If you must use Docker Compose in production, change all default passwords:

  1. POSTGRES_PASSWORD in the postgresql service
  2. Database password in initdb.sql
  3. DSN in both kratos and kratos-migrate services
  4. Remove --dev flag from the kratos command
# Example password locations in docker-compose-try-it.yaml
services:
    postgresql:
        environment:
            # Change to your password
            POSTGRES_PASSWORD: change-me-definitely-when-not-testing 

    #...

    kratos-migrate:
        environment:
            # Add your password in url
            - DSN=postgres://kratos:change-me-definitely-when-not-testing@postgresql:5432/kratos?sslmode=disable # Change to your password

    #...

    kratos:
        environment:
            # Add your password in url
            - DSN=postgres://kratos:change-me-definitely-when-not-testing@postgresql:5432/kratos?sslmode=disable
        # Remove --dev flag from command
        command: serve -c /etc/config/kratos/kratos.yml --dev --watch-courier

Next Steps