Self-Hosting

When you self-host TofuPilot, you run the dashboard, deployer, and Postgres in your own infrastructure. Docker Compose deploys them on a single host or in Kubernetes, with one organization per instance.

Configure

Set domains, SSL, authentication providers, and the Git provider for your self-hosted instance via the .env file.

Deploy

Run the deploy script, create the first admin account, and start uploading Runs to your self-hosted instance.

Operations

Manage your self-hosted instance: license, updates, reconfiguration, backups, and uninstall.

When to self-host

The managed cloud at tofupilot.app is updated continuously, and most teams should start there. You self-host when you need data on-premises or have to comply with specific IT policies.

Register your instance

Self-hosted instances run free for as long as you need them. For upgrade options, see Pricing.

Follow these steps to register a new instance:

Sign in to TofuPilot Orbit.
Under Self-Hosting, click + to create a new instance.
Copy the deploy command, which contains your license key.

The license key authenticates your instance and unlocks access to the Docker image.

System requirements

TofuPilot runs on any standard Linux server. The minimums below cover small fleets, and you can scale up as your run volume grows.

Resource	Minimum
OS	Ubuntu 20.04+ or Debian (64-bit, x86_64)
Docker	Standard (root) Docker Engine with the Compose plugin
CPU	2+ cores
RAM	4 GB
Storage	40 GB+ (scale with runs, attachments, and build artifacts)
Privileges	Sudo access
Network	Ports 80 and 443 open

Every other service runs inside Docker and is not exposed.

Use standard (root) Docker, not rootless. The deployments build worker runs a privileged container that rootless Docker cannot start. If you do not need the build pipeline, rootless Docker runs the rest of the stack (including realtime) fine.

You also need three subdomains pointing at the server — one each for the app, file storage, and realtime WebSocket. See Domains.