Introduced in 0.3.17
-Pass container options to the docker run command during Dokku's build, deploy and run phases
docker-options:add <app> <phase(s)> OPTION # Add Docker option to app for phase (comma-separated phase list)
-docker-options:clear <app> [<phase(s)>...] # Clear a docker options from application
+docker-options:clear <app> [<phase(s)>...] # Clear a docker options from app
docker-options:remove <app> <phase(s)> OPTION # Remove Docker option from app for phase (comma-separated phase list)
docker-options:report [<app>] [<flag>] # Displays a docker options report for one or more apps
The docker-options plugin allows users to specify custom container options for containers created by Dokku at various phases.
Dokku deploys your app in multiple "phases" and the docker-options plugin allows you to pass arguments to their underlying docker container:
build: The build phase is used to provide container options that are available during the build process for use by the various builders.dockerfile builder does not support mounted volumes.deploy: The deploy phase is used to provide container options that are set on deployed process types. This covers every process type specified in an app Procfile as well as any default processes your app may deploy.deploy phase is usually the correct phase to add options forrun: The run phase is used to provide container options to one-off containers created by dokku run, dokku run:detached, and any cron tasks specified in your app.json.Info
-When specifying multiple phases, they must be comma-separated without spaces in between each phase, like so:
- +[!IMPORTANT]
+The run phase does not correspond 1-to-1 to docker run or docker container run commands. Specifying a container option at the run phase will only be invoked on containers created by the run plugin and cron tasks. Please be sure to specify options at the correct phase for your use-case.
Dokku deploys your application in multiple "phases" and the docker-options plugin allows you to pass arguments to their underlying docker container:
build: the container that executes the appropriate buildpackdeploy: the container that executes your running/deployed applicationrun: the container that executes any arbitrary command via dokku runManipulation of docker options will not restart running containers. This enables multiple options to be set/unset before final application. As such, changing an app's docker options must be followed by a dokku ps:rebuild in order to take effect.
Adding or removing docker-options will not apply to any running containers, and only applies to containers created after the options have been modified. As such, changing an app's docker options must be followed by a dokku ps:rebuild or a deploy in order to take effect.
More information on supported Docker options can be found here.
Container options configured via the docker-options plugin are not used to modify the process a container runs. Container options are the [OPTIONS] portion of the following, where [CONTAINER_COMMAND] and [ARG] are the process and the arguments passed to it that are launched in the created container: docker run [OPTIONS] [CONTAINER_COMMAND] [ARG...]. Please see the documentation for customizing the run command or use a Procfile to modify the command used by a Dockerfile-based container.
Add some options for the deployed/running app and when executing dokku run:
# Mount a host volume in a Docker container: "-v /host/path:/container/path"
-dokku docker-options:add node-js-app deploy "-v /var/log/node-js-app:/app/logs"
-dokku docker-options:add node-js-app run "-v /var/log/node-js-app:/app/logs"
+Mounting volumes and host directories¶
+Docker supports volume and host directory mounting via the -v or --volume flags. In order to simplify usage, Dokku provides a storage plugin as an abstraction to interact with persistent storage. In most cases, the Dokku project recommends using the persistent storage plugin over directly manipulating docker options at different phases. See the persistent storage documentation for more information on how to attach persistent storage to your app.
+Commands¶
+Add Docker options¶
+To add a docker option to an app, use the docker-options:add command. This takes an app name, a comma-separated list of phases, and the docker-option to add.
+
-
-Note
-When mounting a host directory in a Dokku app you should first create that directory as user dokku and then mount the directory under /app in the container using docker-options as above. Otherwise the app will lack write permission in the directory.
-
-Remove a Docker option¶
-dokku docker-options:remove node-js-app run "-v /var/log/node-js-app:/app/logs"
+Multiple phases can be specified by using a comma when specifying phases:
+
+The docker-options:add does not support setting multiple options in a single call. To specify multiple options, call docker-options:add multiple times.
+dokku docker-options:add node-js-app deploy "--ulimit nofile=12"
+dokku docker-options:add node-js-app deploy "--shm-size 256m"
+
+Remove a Docker option¶
+To remove docker options from an app, use the docker-options:remove command. This takes an app name, a comma-separated list of phases, and the docker-option to remove.
+
+Multiple phases can be specified by using a comma when specifying phases:
+
+The docker-options:remove does not support setting multiple options in a single call. To specify multiple options, call docker-options:remove multiple times.
+dokku docker-options:remove node-js-app deploy "--ulimit nofile=12"
+dokku docker-options:remove node-js-app deploy "--shm-size 256m"
-Clear all Docker options for an app¶
+Clear all Docker options for an app¶
Docker options can be removed for a specific app using the docker-options:clear command.
-
-
@@ -3759,25 +3874,25 @@ Clear all Docker options for an app
-
-
-
-Displaying docker-options reports for an app¶
+Displaying docker-options reports for an app¶
New
Introduced in 0.8.1
@@ -3786,22 +3901,22 @@ Displaying docker-options
-
-=====> node-js-app docker options information
- Docker options build:
- Docker options deploy: -v /var/log/node-js-app:/app/logs
- Docker options run: -v /var/log/node-js-app:/app/logs
-=====> python-sample docker options information
- Docker options build:
- Docker options deploy:
- Docker options run:
-=====> ruby-sample docker options information
- Docker options build:
- Docker options deploy:
- Docker options run:
+=====> node-js-app docker options information
+ Docker options build:
+ Docker options deploy: --ulimit nofile=12 --shm-size 256m
+ Docker options run: --ulimit nofile=12 --shm-size 256m
+=====> python-sample docker options information
+ Docker options build:
+ Docker options deploy:
+ Docker options run:
+=====> ruby-sample docker options information
+ Docker options build:
+ Docker options deploy:
+ Docker options run:
@@ -3810,20 +3925,20 @@ Displaying docker-options
-
You can pass flags which will output only the value of the specific information you want. For example:
-dokku docker-options:report node-js-app --docker-options-build
+
diff --git a/docs/search/search_index.json b/docs/search/search_index.json
index 80066a2fb..b13e2d032 100644
--- a/docs/search/search_index.json
+++ b/docs/search/search_index.json
@@ -1 +1 @@
-{"config":{"lang":["en"],"separator":"[\\s\\-]+","pipeline":["stopWordFilter"]},"docs":[{"location":"advanced-usage/backup-recovery/","title":"Backup and Recovery","text":"Info
The backup plugin was deprecated in 0.4.x, below are backup recommendations for 0.5.x and later.
The best plan for disaster recovery is to always keep multiple (remote) copies of your local repo, static assets and periodic database dumps. Backups should be regularly tested for data integrity and completeness.
"},{"location":"advanced-usage/backup-recovery/#tldr","title":"TLDR","text":"Warning
This method has many caveats. Please read this entire document before assuming these backups work as expected, and test your backups on a regular basis.
"},{"location":"advanced-usage/backup-recovery/#creating-a-backup","title":"Creating a backup","text":"To create a backup, run the following command at a time when not executing any Dokku commands or app deployments:
export BACKUP_TIME=$(date +%Y-%m-%d-%H-%M)\nsudo mkdir -p /var/lib/dokku/services\nsudo chown dokku:dokku /var/lib/dokku/services\nmkdir -p /tmp/dokku-backups/\nsudo tar -czvf \"/tmp/dokku-backups/${BACKUP_TIME}.tar.gz\" /home/dokku /var/lib/dokku/config /var/lib/dokku/data /var/lib/dokku/services /var/lib/dokku/plugins\n
This will create a point-in-time backup of your entire Dokku installation in the /tmp/dokku-backups directory. This backup may be moved offsite to another location via rsync, sftp, or some other protocol.
It is recommended that backups are regularly cleaned from the originating server and tested as necessary.
"},{"location":"advanced-usage/backup-recovery/#restoring-a-backup","title":"Restoring a backup","text":"To extract the backup onto another server, copy the backup to the server and extract it using the following command.
sudo tar -xzvf path/to/dokku/backup.tar.gz -C /\n
At this point, all datastores should be individually started and checked for data integrity. Once this is complete, individual apps can be rebuilt. Please consult the process management documentation for more information on how to rebuild apps.
"},{"location":"advanced-usage/backup-recovery/#caveats","title":"Caveats","text":""},{"location":"advanced-usage/backup-recovery/#app-config","title":"App config","text":"Application config is largely held in a small number of places:
/var/lib/dokku/config: Properties set and managed by plugins/var/lib/dokku/data: Files generated or extracted by various plugins/home/dokku: Certain parts of Dokku core store data in this location
Compressing these directories when no Dokku commands are running is enough to ensure a complete backup of the system.
"},{"location":"advanced-usage/backup-recovery/#code-repositories","title":"Code Repositories","text":"Because Dokku is git based, rebuilding a deployed app is as easy as pushing from git. You can push to a new server by updating the dokku remote in you local app's repo.
git remote rm dokku\ngit remote add dokku dokku@[dokku.me:dokku.me]\ngit push dokku [master]\n
"},{"location":"advanced-usage/backup-recovery/#docker-networks","title":"Docker Networks","text":"Docker networks generated by Dokku should be recreated. Running dokku network:report will output all networks in use by various apps, which can then be used to recreate them via dokku network:create $NETWORK.
Networks created by tools other than Dokku may be created as they initially were.
"},{"location":"advanced-usage/backup-recovery/#docker-image-and-tar-based-apps","title":"Docker Image and Tar-based Apps","text":"These apps may fail to rebuild via the normal ps:rebuild method. Redeploy these apps by running the original commands used to deploy them
"},{"location":"advanced-usage/backup-recovery/#datastores","title":"Datastores","text":"Info
Please note that point-in-time backups of the /var/lib/dokku/services directory may contain partially written data due to how various datastores work. Consult the official datastore documentation for the best documentation surrounding proper backup and restore procedures.
Some plugins, like the official dokku-postgres plugin, have built-in commands that allow non-volatile data be exported and imported.
For dokku-postgres, use:
dokku postgres:export [db_name] > [db_name].dump\ndokku postgres:import [db_name] < [db_name].dump\n
Additionally, data for official datastores is located in the /var/lib/dokku/services directory. If the directory is restored and the plugin is available, a dokku $SERVICE:start may be enough to restart the service with the underlying data, so long as the datastore version does not change and the underlying data is not corrupt. If this is the case, it may be necessary to re-import all the data onto a fresh version of the datastore service.
"},{"location":"advanced-usage/backup-recovery/#plugins","title":"Plugins","text":"The plugin directory is contained at the /var/lib/dokku/plugins directory. Core plugins will automatically be included in new installs, but custom plugins may not. The aforementioned tar creation command will back all plugins up, and the tar extract command will restore the plugins.
Note that restoring a plugin will not trigger any install or dependencies triggers. You will need to run these manually. See the plugin management documentation for more information on how to trigger these two hooks.
"},{"location":"advanced-usage/backup-recovery/#volumes-and-static-assets","title":"Volumes and Static Assets","text":"Dokku doesn't enforce a 300mb limit on apps, but it's best practice to keep binary assets outside of git. Since containers are considered volatile in Dokku, external stores like s3 or storage mounts should be used for non-volatile items like user uploads. The Dokku storage core plugin can be used to mount local directories / volumes inside the docker container.
System administrators are highly encouraged to store persistent data in app-specific subdirectories of the path /var/lib/dokku/data/storage. This will help ensure restores of the aforementioned primary Dokku directories will restore service to all apps.
See the persistent storage documentation for more information on how to attach persistent storage to your app.
"},{"location":"advanced-usage/backup-recovery/#recovering-app-code","title":"Recovering app code","text":"In case of an emergency when your git repo and backups are completely lost, you can recover the last pushed copy from your remote Dokku server (assuming you still have the ssh key).
mkdir [app-name] ; cd !$\ngit init && git remote add dokku dokku@[dokku.me:app-name]\ngit pull dokku/master && git checkout dokku/master\n
"},{"location":"advanced-usage/deployment-tasks/","title":"Deployment Tasks","text":"New
Introduced in 0.5.0
"},{"location":"advanced-usage/deployment-tasks/#usage","title":"Usage","text":""},{"location":"advanced-usage/deployment-tasks/#overview","title":"Overview","text":"Sometimes you need to run a command on deployment time, but before an app is completely deployed. Common use cases include:
- Checking a database is initialized
- Running database migrations
- Any commands required to set up the server (e.g. something like a Django
collectstatic)
To support this, Dokku provides support for a special release command within your app's Procfile, as well as a special scripts.dokku key inside of your app's app.json file. Be aware that all commands are run within the context of the built docker image - no commands affect the host unless there are volume mounts attached to your app.
Each \"phase\" has different expectations and limitations:
app.json: scripts.dokku.predeploy - When to use: This should be used if your app does not support arbitrary build commands and you need to make changes to the built image.
- Are changes committed to the image at this phase: Yes
- Example use-cases
- Bundling assets in a slightly different way
- Installing a custom package from source or copying a binary into place
app.json: scripts.dokku.postdeploy - When to use: This should be used in conjunction with external systems to signal the completion of your deploy.
- Are changes committed to the image at this phase: No
- Example use-cases
- Notifying slack that your app is deployed
- Coordinating traffic routing with a central load balancer
app.json: scripts.postdeploy - When to use: This should be used when you wish to run a command once, after the app is created and not on subsequent deploys to the app.
- Are changes committed to the image at this phase: No
- Example use-cases
- Setting up OAuth clients and DNS
- Loading seed/test data into the app\u2019s test database
Procfile: release - When to use: This should be used in conjunction with external systems to signal the completion of your app image build.
- Are changes committed to the image at this phase: No
- Example use-cases
- Sending CSS, JS, and other assets from your app\u2019s slug to a CDN or S3 bucket
- Priming or invalidating cache stores
- Running database migrations
Additionally, if using a Dockerfile with an ENTRYPOINT, the deployment task is passed to that entrypoint as is. The exceptions are if the entrypoint is one of the following:
[\"/tini\", \"--\"][\"/bin/tini\", \"--\"][\"/usr/bin/tini\", \"--\"][\"/usr/local/bin/tini\", \"--\"]
Please keep the above in mind when utilizing deployment tasks.
Info
To execute commands on the host during a release phase, see the plugin creation documentation docs for more information on building your own custom plugin.
"},{"location":"advanced-usage/deployment-tasks/#changing-the-appjson-location","title":"Changing the app.json location","text":"The app.json is expected to be found in a specific directory, depending on the deploy approach:
- The
WORKDIR of the Docker image for deploys resulting from git:from-image and git:load-image commands. - The root of the source code tree for all other deploys (git push,
git:from-archive, git:sync).
Sometimes it may be desirable to set a different path for a given app, e.g. when deploying from a monorepo. This can be done via the appjson-path property:
dokku app-json:set node-js-app appjson-path .dokku/app.json\n
The value is the path to the desired file relative to the base search directory, and will never be treated as absolute paths in any context. If that file does not exist within the repository, Dokku will continue the build process as if the repository has no app.json.
The default value may be set by passing an empty value for the option:
dokku app-json:set node-js-app appjson-path\n
The appjson-path property can also be set globally. The global default is app.json, and the global value is used when no app-specific value is set.
dokku app-json:set --global appjson-path global-app.json\n
The default value may be set by passing an empty value for the option.
dokku app-json:set --global appjson-path\n
"},{"location":"advanced-usage/deployment-tasks/#displaying-app-json-reports-for-an-app","title":"Displaying app-json reports for an app","text":"New
Introduced in 0.25.0
You can get a report about the app's storage status using the app-json:report command:
ShellOutput dokku app-json:report\n
=====> node-js-app app-json information\n App-json computed appjson path: app2.json\n App-json global appjson path: app.json\n App-json appjson path: app2.json\n=====> python-sample app-json information\n App-json computed appjson path: app.json\n App-json global appjson path: app.json\n App-json appjson path:\n=====> ruby-sample app-json information\n App-json computed appjson path: app.json\n App-json global appjson path: app.json\n App-json appjson path:\n
You can run the command for a specific app also.
ShellOutput dokku app-json:report node-js-app\n
=====> node-js-app app-json information\n App-json computed appjson path: app2.json\n App-json global appjson path: app.json\n App-json appjson path: app2.json\n
You can pass flags which will output only the value of the specific information you want. For example:
ShellOutput dokku app-json:report node-js-app --app-json-appjson-path\n
app2.json\n
"},{"location":"advanced-usage/deployment-tasks/#deployment-tasks_1","title":"Deployment tasks","text":""},{"location":"advanced-usage/deployment-tasks/#appjson-deployment-tasks","title":"app.json deployment tasks","text":"Dokku provides limited support for the app.json manifest from Heroku (documentation available here). The keys available for use with Deployment Tasks are:
scripts.dokku.predeploy: This is run after an app's docker image is built, but before any containers are scheduled. Changes made to your image are committed at this phase.scripts.dokku.postdeploy: This is run after an app's containers are scheduled. Changes made to your image are not committed at this phase.scripts.postdeploy: This is run after an app's containers are scheduled. Changes made to your image are not committed at this phase.
Warning
Any failed app.json deployment task will fail the deploy. In the case of either phase, a failure will not affect any running containers.
The following is an example app.json file. Please note that only the scripts.dokku.predeploy and scripts.dokku.postdeploy tasks are supported by Dokku at this time. All other fields will be ignored and can be omitted.
{\n \"scripts\": {\n \"dokku\": {\n \"predeploy\": \"touch /app/predeploy.test\",\n \"postdeploy\": \"curl https://some.external.api.service.com/deployment?state=success\"\n },\n \"postdeploy\": \"curl https://some.external.api.service.com/created?state=success\"\n }\n}\n
"},{"location":"advanced-usage/deployment-tasks/#procfile-release-command","title":"Procfile Release command","text":"New
Introduced in 0.14.0
The Procfile also supports a special release command which acts in a similar way to the Heroku Release Phase. This command is executed after an app's docker image is built, but before any containers are scheduled. This is also run after any command executed by scripts.dokku.predeploy.
To use the release command, simply add a release stanza to your Procfile.
release: curl https://some.external.api.service.com/deployment?state=built\n
Unlike the scripts.dokku.predeploy command, changes made during by the release command are not persisted to disk.
Warning
scaling the release command up will likely result in unspecified issues within your deployment, and is highly discouraged.
"},{"location":"advanced-usage/docker-options/","title":"Docker Container Options","text":"New
Introduced in 0.3.17
Pass container options to the docker run command during Dokku's build, deploy and run phases
docker-options:add <app> <phase(s)> OPTION # Add Docker option to app for phase (comma-separated phase list)\ndocker-options:clear <app> [<phase(s)>...] # Clear a docker options from application\ndocker-options:remove <app> <phase(s)> OPTION # Remove Docker option from app for phase (comma-separated phase list)\ndocker-options:report [<app>] [<flag>] # Displays a docker options report for one or more apps\n
Info
When specifying multiple phases, they must be comma-separated without spaces in between each phase, like so:
dokku docker-options:add node-js-app deploy,run \"-v /var/log/node-js-app:/app/logs\"\n
"},{"location":"advanced-usage/docker-options/#about-dokku-phases","title":"About Dokku phases","text":"Dokku deploys your application in multiple \"phases\" and the docker-options plugin allows you to pass arguments to their underlying docker container:
build: the container that executes the appropriate buildpackdeploy: the container that executes your running/deployed applicationrun: the container that executes any arbitrary command via dokku run
Manipulation of docker options will not restart running containers. This enables multiple options to be set/unset before final application. As such, changing an app's docker options must be followed by a dokku ps:rebuild in order to take effect.
More information on supported Docker options can be found here.
Container options configured via the docker-options plugin are not used to modify the process a container runs. Container options are the [OPTIONS] portion of the following, where [CONTAINER_COMMAND] and [ARG] are the process and the arguments passed to it that are launched in the created container: docker run [OPTIONS] [CONTAINER_COMMAND] [ARG...]. Please see the documentation for customizing the run command or use a Procfile to modify the command used by a Dockerfile-based container.
"},{"location":"advanced-usage/docker-options/#examples","title":"Examples","text":""},{"location":"advanced-usage/docker-options/#add-docker-options","title":"Add Docker options","text":"Add some options for the deployed/running app and when executing dokku run:
# Mount a host volume in a Docker container: \"-v /host/path:/container/path\"\ndokku docker-options:add node-js-app deploy \"-v /var/log/node-js-app:/app/logs\"\ndokku docker-options:add node-js-app run \"-v /var/log/node-js-app:/app/logs\"\n
Note
When mounting a host directory in a Dokku app you should first create that directory as user dokku and then mount the directory under /app in the container using docker-options as above. Otherwise the app will lack write permission in the directory.
"},{"location":"advanced-usage/docker-options/#remove-a-docker-option","title":"Remove a Docker option","text":"dokku docker-options:remove node-js-app run \"-v /var/log/node-js-app:/app/logs\"\n
"},{"location":"advanced-usage/docker-options/#clear-all-docker-options-for-an-app","title":"Clear all Docker options for an app","text":"Docker options can be removed for a specific app using the docker-options:clear command.
ShellOutput dokku docker-options:clear node-js-app\n
-----> Clearing docker-options for node-js-app on all phases\n
One or more valid phases can also be specified. Phases are comma delimited, and specifying an invalid phase will result in an error.
ShellOutputShellOutput dokku docker-options:clear node-js-app run\n
-----> Clearing docker-options for node-js-app on phase run\n
dokku docker-options:clear node-js-app build,run\n
-----> Clearing docker-options for node-js-app on phase build\n-----> Clearing docker-options for node-js-app on phase run\n
"},{"location":"advanced-usage/docker-options/#displaying-docker-options-reports-for-an-app","title":"Displaying docker-options reports for an app","text":"New
Introduced in 0.8.1
You can get a report about the app's docker-options status using the docker-options:report command:
ShellOutput dokku docker-options:report\n
=====> node-js-app docker options information\n Docker options build:\n Docker options deploy: -v /var/log/node-js-app:/app/logs\n Docker options run: -v /var/log/node-js-app:/app/logs\n=====> python-sample docker options information\n Docker options build:\n Docker options deploy:\n Docker options run:\n=====> ruby-sample docker options information\n Docker options build:\n Docker options deploy:\n Docker options run:\n
You can run the command for a specific app also.
ShellOutput dokku docker-options:report node-js-app\n
=====> node-js-app docker options information\n Docker options build:\n Docker options deploy: -v /var/log/node-js-app:/app/logs\n Docker options run: -v /var/log/node-js-app:/app/logs\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku docker-options:report node-js-app --docker-options-build\n
"},{"location":"advanced-usage/event-logs/","title":"Dokku Event Logs","text":"New
Introduced in 0.3.21
Docker provides an events command to show system's real time events. Likewise, Dokku can record events as syslog entries and also provides a plugin to display the last ones.
events [-t] # Show the last events (-t follows)\nevents:list # List logged events\nevents:on # Enable events logger\nevents:off # Disable events logger\n
"},{"location":"advanced-usage/event-logs/#usage","title":"Usage","text":"Enable the plugin:
ShellOutput dokku events:on\n
Enabling dokku events logger\n
Dokku will then write log entries to /var/log/syslog as well as a Dokku-specific logs sub-directory /var/log/dokku/events.log, which can be easily displayed with the command dokku events:
ShellOutput dokku events\n
Jul 3 16:09:48 dokku.me dokku[127630]: INVOKED: pre-release-buildpack( pythonapp )\nJul 3 16:10:02 dokku.me dokku[128095]: INVOKED: docker-args-run( rubyapp )\nJul 3 16:10:02 dokku.me dokku[128114]: INVOKED: docker-args-run( nhl )\nJul 3 16:10:03 dokku.me dokku[128195]: INVOKED: pre-deploy( pythonapp )\nJul 3 16:10:23 dokku.me dokku[129253]: INVOKED: docker-args-deploy( pythonapp )\nJul 3 16:10:24 dokku.me dokku[129451]: INVOKED: check-deploy( pythonapp 6274ced0d4be11af4490cd18abaf77cdd593f025133f403d984e80d86a39acec web 5000 10.0.16.80 )\nJul 3 16:10:35 dokku.me dokku[129561]: INVOKED: docker-args-deploy( pythonapp )\nJul 3 16:10:36 dokku.me dokku[129760]: INVOKED: check-deploy( pythonapp ac88a56ee4161ff37e4b92d1498c3eadc91f0aa7c8b81b44fc077e2a51d54cc0 worker )\nJul 3 16:10:46 dokku.me dokku[129851]: INVOKED: post-deploy( pythonapp )\nJul 3 16:10:46 dokku.me dokku[129945]: INVOKED: nginx-pre-reload( pythonapp )\nJul 3 16:15:02 dokku.me dokku[130397]: INVOKED: docker-args-run( goapp )\nJul 3 16:21:02 dokku.me dokku[130796]: INVOKED: docker-args-run( rubyapp )\nJul 3 16:30:02 dokku.me dokku[131384]: INVOKED: docker-args-run( rubyapp )\n
You can list all events that are currently being recorded via dokku events:list:
ShellOutput dokku events:list\n
=====> Events currently logged\ncheck-deploy\ndependencies\ndocker-args-build\ndocker-args-deploy\ndocker-args-run\ngit-post-pull\ngit-pre-pull\nnginx-hostname\nnginx-pre-reload\npost-build-buildpack\npost-build-dockerfile\npost-delete\npost-deploy\npost-domains-update\npre-build-buildpack\npre-build-dockerfile\npre-delete\npre-deploy\npre-release-buildpack\npre-release-dockerfile\nreceive-app\nupdate\n
"},{"location":"advanced-usage/persistent-storage/","title":"Persistent Storage","text":"New
Introduced in 0.5.0
The preferred method to mount external containers to a Dokku managed container, is to use the Dokku storage plugin.
storage:ensure-directory [--chown option] <directory> # Creates a persistent storage directory in the recommended storage path\nstorage:list <app> [--format text|json] # List bind mounts for app's container(s) (host:container)\nstorage:mount <app> <host-dir:container-dir> # Create a new bind mount\nstorage:report [<app>] [<flag>] # Displays a checks report for one or more apps\nstorage:unmount <app> <host-dir:container-dir> # Remove an existing bind mount\n
Info
The storage plugin is compatible with storage mounts created with the docker-options. The storage plugin will only list mounts from the deploy/run phase.
The storage plugin supports the following mount points:
- explicit paths that exist on the host
- docker volumes
"},{"location":"advanced-usage/persistent-storage/#usage","title":"Usage","text":""},{"location":"advanced-usage/persistent-storage/#listing-persistent-storage","title":"Listing persistent storage","text":"Persistent storage bind mounts are specified on a per-app basis, and can be listed with the storage:list command:
ShellOutput dokku storage:list node-js-app\n
-----> node-js-app volume bind-mounts:\n /var/lib/dokku/data/storage/node-js-app:/app/storage\n
The output format can also be set to json for programmatic access:
ShellOutput dokku storage:list node-js-app --format json\n
[\n {\n \"host_path\": \"/var/lib/dokku/data/storage/node-js-app\",\n \"container_path\": \"/app/storage\",\n \"volume_options\": \"\"\n }\n]\n
"},{"location":"advanced-usage/persistent-storage/#creating-storage-directories","title":"Creating storage directories","text":"New
Introduced in 0.25.5
A storage directory can be created with the storage:ensure-directory command. This command will create a subdirectory in the recommended /var/lib/dokku/data/storage path - created during Dokku installation - and prepare it for use with an app.
ShellOutput dokku storage:ensure-directory node-js-app\n
-----> Ensuring /var/lib/dokku/data/storage/node-js-app exists\n Setting directory ownership to 32767:32767\n Directory ready for mounting\n
By default, permissions are set for usage with Herokuish buildpacks. These permissions can be changed via the --chown option according to the following table:
--chown herokuish (default): Use 32767:32767 as the folder permissions. - This is used for apps deployed with Buildpacks via Herokuish.
--chown heroku: Use 1000:1000 as the folder permissions. - This is used for apps deployed with Cloud Native Buildpacks using the
heroku/builder builder.
--chown packeto: Use 2000:2000 as the folder permissions. - This is used for apps deployed with Cloud Native Buildpacks using the
cloudfoundry/cnb or packeto builders.
--chown root: Use 0:0 as the folder permissions. - This is used for containers that run their processes as root, as is typical for most Dockerfile or Docker image deploys.
--chown false: Skips the chown call.
Users deploying via Dockerfile will want to specify --chown false and manually chown the created directory if the user and/or group id of the runnning process in the deployed container do not correspond to any of the above options.
Warning
Failing to set the correct directory ownership may result in issues in persisting files written to the mounted storage directory.
"},{"location":"advanced-usage/persistent-storage/#mounting-storage-into-apps","title":"Mounting storage into apps","text":"Dokku supports mounting both explicit host paths as well as docker volumes via the storage:mount command. This takes two arguments, an app name and a host-path:container-path or docker-volume:container-path combination.
# mount the directory into your container's /app/storage directory, relative to the container root (/)\n# explicit host paths _must_ exist prior to usage.\ndokku storage:mount node-js-app /var/lib/dokku/data/storage/node-js-app:/app/storage\n\n# mount the docker volume into your container's /app/storage directory, relative to the container root (/)\n# docker volumes _must_ exist prior to usage.\ndokku storage:mount node-js-app some-docker-volume:/app/storage\n
In the first example, Dokku will then mount the shared contents of /var/lib/dokku/data/storage/node-js-app to /app/storage inside the container. The mount point is not relative to your app's working directory, and is instead relative to the root (/) of the container. Mounts are only available for containers created via run and by the deploy process, and not during the build process. In addition, the host path is never auto-created by either Dokku or Docker, and should be an explicit path, not one relative to the current working directory.
Info
If the /storage path within the container had pre-existing content, the container files will be over-written. This may be an issue for users that create assets at build time but then mount a directory at the same place during runtime. Files are not merged.
Once persistent storage is mounted, the app requires a restart. See the process scaling documentation for more information.
dokku ps:restart app-name\n
"},{"location":"advanced-usage/persistent-storage/#unmounting-storage","title":"Unmounting storage","text":"If an app no longer requires a mounted volume or directory, the storage:unmount command can be called. This takes the same arguments as the storage:mount command, an app name and a host-path:container-path or docker-volume:container-path combination.
# unmount the directory from your container's /app/storage directory, relative to the container root (/)\ndokku storage:unmount node-js-app /var/lib/dokku/data/storage/node-js-app:/app/storage\n\n# unmount the docker volume from your container's /app/storage directory, relative to the container root (/)\ndokku storage:unmount node-js-app some-docker-volume:/app/storage\n
Once persistent storage is unmounted, the app requires a restart. See the process scaling documentation for more information.
dokku ps:restart app-name\n
"},{"location":"advanced-usage/persistent-storage/#displaying-storage-reports-for-an-app","title":"Displaying storage reports for an app","text":"New
Introduced in 0.8.1
You can get a report about the app's storage status using the storage:report command:
ShellOutput dokku storage:report\n
=====> node-js-app storage information\n Storage build mounts:\n Storage deploy mounts: -v /var/lib/dokku/data/storage/node-js-app:/app/storage\n Storage run mounts: -v /var/lib/dokku/data/storage/node-js-app:/app/storage\n=====> python-sample storage information\n Storage build mounts:\n Storage deploy mounts:\n Storage run mounts:\n=====> ruby-sample storage information\n Storage build mounts:\n Storage deploy mounts:\n Storage run mounts:\n
You can run the command for a specific app also.
ShellOutput dokku storage:report node-js-app\n
=====> node-js-app storage information\n Storage build mounts:\n Storage deploy mounts: -v /var/lib/dokku/data/storage/node-js-app:/app/storage\n Storage run mounts: -v /var/lib/dokku/data/storage/node-js-app:/app/storage\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku storage:report node-js-app --storage-deploy-mounts\n
"},{"location":"advanced-usage/persistent-storage/#use-cases","title":"Use Cases","text":""},{"location":"advanced-usage/persistent-storage/#sharing-storage-across-deploys","title":"Sharing storage across deploys","text":"Dokku is powered by Docker containers, which recommends in their best practices that containers be treated as ephemeral. In order to manage persistent storage for web apps, like user uploads or large binary assets like images, a directory outside the container should be mounted.
"},{"location":"advanced-usage/persistent-storage/#shared-storage-between-containers","title":"Shared storage between containers","text":"When scaling your app, you may require a common location to access shared assets between containers, a storage mount can be used in this situation.
"},{"location":"advanced-usage/persistent-storage/#shared-storage-across-environments","title":"Shared storage across environments","text":"Your app may be used in a cluster that requires containers or resources not running on the same host access your data. Mounting a shared file service (like S3FS or EFS) inside your container will give you great flexibility.
"},{"location":"advanced-usage/persistent-storage/#backing-up","title":"Backing up","text":"Your app may have services that are running in memory and need to be backed up locally (like a key store). Mount a non ephemeral storage mount will allow backups that are not lost when the app is shut down.
"},{"location":"advanced-usage/persistent-storage/#build-phase","title":"Build phase","text":"By default, Dokku will only bind storage mounts during the deploy and run phases. Under certain conditions, one might want to bind a storage mount during the build phase. This can be accomplished by using the docker-options plugin directly.
dokku docker-options:add node-js-app build \"-v /tmp/python-test:/opt/test\"\n
You cannot use mounted volumes during the build phase of a Dockerfile deploy. This is because Docker does not support volumes when executing docker build.
Warning
This can cause data loss if you bind a mount under /app in buildpack apps as herokuish will attempt to remove the original app path during the build phase.
"},{"location":"advanced-usage/persistent-storage/#app-user-and-persistent-storage-file-ownership-buildpack-apps-only","title":"App User and Persistent Storage file ownership (buildpack apps only)","text":"New
Introduced in 0.7.1
By default, Dokku will execute your buildpack app processes as the herokuishuser user. You may override this by setting the DOKKU_APP_USER config variable.
Note
this user must exist in your herokuish image.
Additionally, the default docker-local scheduler that comes with Dokku will ensure your storage mounts are owned by either herokuishuser or the overridden value you have set in DOKKU_APP_USER. See the docker-local scheduler documentation docs for more information.
"},{"location":"advanced-usage/plugin-management/","title":"Plugin Management","text":"New
Introduced in 0.4.0
plugin:disable <name> # Disable an installed plugin (third-party only)\nplugin:enable <name> # Enable a previously disabled plugin\nplugin:install [--core|--git-url] [--committish branch|commit|tag] [--name custom-plugin-name] # Optionally download git-url (and pin to the specified branch/commit/tag) & run install trigger for active plugins (or only core ones)\nplugin:installed <name> # Checks if a plugin is installed\nplugin:install-dependencies [--core] # Run install-dependencies trigger for active plugins (or only core ones)\nplugin:list # Print active plugins\nplugin:trigger <args...>. # Trigger an arbitrary plugin hook\nplugin:uninstall <name> # Uninstall a plugin (third-party only)\nplugin:update [name [branch|commit|tag]] # Optionally update named plugin from git (and pin to the specified branch/commit/tag) & run update trigger for active plugins\n
# for 0.3.x\ncd /var/lib/dokku/plugins\ngit clone <git url>\ndokku plugins-install\n
Info
These commands require root permissions as the install and install-dependencies plugin triggers may utilize commands such as apt-get. For non-core plugins, please inspect those plugins before running the following command as root user.
"},{"location":"advanced-usage/plugin-management/#usage","title":"Usage","text":""},{"location":"advanced-usage/plugin-management/#listing-plugins","title":"Listing Plugins","text":"Installed plugins can be listed via the plugin:list command:
ShellOutput dokku plugin:list\n
plugn: dev\n 00_dokku-standard 0.35.4 enabled dokku core standard plugin\n 20_events 0.35.4 enabled dokku core events logging plugin\n app-json 0.35.4 enabled dokku core app-json plugin\n apps 0.35.4 enabled dokku core apps plugin\n build-env 0.35.4 enabled dokku core build-env plugin\n buildpacks 0.35.4 enabled dokku core buildpacks plugin\n certs 0.35.4 enabled dokku core certificate management plugin\n checks 0.35.4 enabled dokku core checks plugin\n common 0.35.4 enabled dokku core common plugin\n config 0.35.4 enabled dokku core config plugin\n docker-options 0.35.4 enabled dokku core docker-options plugin\n domains 0.35.4 enabled dokku core domains plugin\n enter 0.35.4 enabled dokku core enter plugin\n git 0.35.4 enabled dokku core git plugin\n logs 0.35.4 enabled dokku core logs plugin\n network 0.35.4 enabled dokku core network plugin\n nginx-vhosts 0.35.4 enabled dokku core nginx-vhosts plugin\n plugin 0.35.4 enabled dokku core plugin plugin\n proxy 0.35.4 enabled dokku core proxy plugin\n ps 0.35.4 enabled dokku core ps plugin\n repo 0.35.4 enabled dokku core repo plugin\n resource 0.35.4 enabled dokku core resource plugin\n scheduler-docker-local 0.35.4 enabled dokku core scheduler-docker-local plugin\n shell 0.35.4 enabled dokku core shell plugin\n ssh-keys 0.35.4 enabled dokku core ssh-keys plugin\n storage 0.35.4 enabled dokku core storage plugin\n tags 0.35.4 enabled dokku core tags plugin\n tar 0.35.4 enabled dokku core tar plugin\n trace 0.35.4 enabled dokku core trace plugin\n
Warning
All plugin commands other than plugin:list and plugin:help require sudo access and must be run directly from the Dokku server.
"},{"location":"advanced-usage/plugin-management/#checking-if-a-plugin-is-installed","title":"Checking if a plugin is installed","text":"You can check if a plugin has been installed via the plugin:installed command:
dokku plugin:installed postgres\n
"},{"location":"advanced-usage/plugin-management/#installing-a-plugin","title":"Installing a plugin","text":"Note
Plugins installed in this method within a docker-based installation of Dokku do not persist across installs. Please see the plugin installation section of the docker-based installation docs for further details.
Installing a plugin is easy as well using the plugin:install command. This command will also trigger the install pluginhook on all existing plugins.
The most common usage is to install a plugin from a url. This url may be any of the following:
git: For git+ssh based plugin repository clones.ssh: For git+ssh based plugin repository clones.file: For copying plugins from a path on disk.https: For http based plugin repository clones.
Additionally, any urls with the extensions .tar.gz or .tgz are treated as Gzipped Tarballs for installation purposes and will be downloaded and extracted into place.
ShellOutput dokku plugin:install https://github.com/dokku/dokku-postgres.git\n
-----> Cloning plugin repo https://github.com/dokku/dokku-postgres.git to /var/lib/dokku/plugins/available/postgres\nCloning into 'postgres'...\nremote: Counting objects: 646, done.\nremote: Total 646 (delta 0), reused 0 (delta 0), pack-reused 646\nReceiving objects: 100% (646/646), 134.24 KiB | 0 bytes/s, done.\nResolving deltas: 100% (406/406), done.\nChecking connectivity... done.\n-----> Plugin postgres enabled\n
For git-based plugin installation, a commit SHA-like object may be specified (tag/branch/commit sha) via the --committish argument and Dokku will attempt to install the specified commit object.
# where 2.0.0 is a potential git tag\ndokku plugin:install https://github.com/dokku/dokku-postgres.git --committish 2.0.0\n
Plugin names are interpolated based on the repository name minus the dokku- prefix. If the plugin being installed has a name other than what matches the repository name - or another name is desired - the --name flag can be used to override this interpolation.
dokku plugin:install https://github.com/dokku/smoke-test-plugin.git --name smoke-test-plugin\n
The --core flag may also be indicated as the sole argument, though it is only for installation of core plugins, and thus not useful for end-user installations.
dokku plugin:install --core\n
Finally, all flags may be omitted to trigger the install procedures for both core and third-party plugins:
dokku plugin:install\n
"},{"location":"advanced-usage/plugin-management/#installing-plugin-dependencies","title":"Installing plugin dependencies","text":"In some cases, plugins will have system-level dependencies. These are not automatically installed via plugin:install, and must be separately via the plugin:install-dependencies command. This will run through all the dependencies trigger for all plugins.
dokku plugin:install-dependencies\n
This command may also target just core plugins via the --core flag. This is usually only useful for source-based installs of Dokku.
dokku plugin:install-dependencies --core\n
"},{"location":"advanced-usage/plugin-management/#updating-a-plugin","title":"Updating a plugin","text":"An installed, third-party plugin can be updated can updated via the plugin:update command. This should be done after any upgrades of Dokku as there may be changes in the internal api that require an update of how the plugin interfaces with Dokku.
Please note that this command is only valid for plugin installs that were backed by a git-repository.
ShellOutput dokku plugin:update postgres\n
Plugin (postgres) updated\n
An optional commit SHA-like object may be specified.
dokku plugin:update postgres 2.0.0\n
Any future invocation of plugin:update will respect the previously specified SHA-like object. To follow a particular branch again, specify that branch:
dokku plugin:update postgres main\n
"},{"location":"advanced-usage/plugin-management/#uninstalling-a-plugin","title":"Uninstalling a plugin","text":"Third party plugins can be uninstalled using the plugin:uninstall command:
ShellOutput dokku plugin:uninstall postgres\n
-----> Plugin postgres uninstalled\n
"},{"location":"advanced-usage/plugin-management/#disabling-a-plugin","title":"Disabling a plugin","text":"Disabling a plugin can also be useful for debugging whether a third-party plugin is causing issues in a Dokku installation. Another common use case is for disabling core functionality for replacement with a third-party plugin.
ShellOutput dokku plugin:disable postgres\n
-----> Plugin postgres disabled\n
"},{"location":"advanced-usage/plugin-management/#enabling-a-plugin","title":"Enabling a plugin","text":"Disabled plugins can be re-enabled via the plugin:enable command.
ShellOutput dokku plugin:enable postgres\n
-----> Plugin postgres enabled\n
"},{"location":"advanced-usage/plugin-management/#triggering-a-plugin-trigger","title":"Triggering a plugin trigger","text":"The plugin:trigger can be used to call any internal plugin trigger. This may have unintended consequences, and thus should only be called for development or debugging purposes.
dokku plugin:trigger some-internal-trigger args-go-here\n
"},{"location":"advanced-usage/registry-management/","title":"Registry Management","text":"New
Introduced in 0.25.0
registry:login [--password-stdin] <server> <username> [<password>] # Login to a docker registry\nregistry:report [<app>] [<flag>] # Displays a registry report for one or more apps\nregistry:set <app> <key> (<value>) # Set or clear a registry property for an app\n
The registry plugin enables interacting with remote registries, which is useful when either deploying images via git:from-image or when interacting with custom schedulers to deploy built image artifacts.
"},{"location":"advanced-usage/registry-management/#usage","title":"Usage","text":""},{"location":"advanced-usage/registry-management/#logging-into-a-registry","title":"Logging into a registry","text":"The registry:login command can be used to log into a docker registry. The following are examples for logging into various common registries:
# hub.docker.com\ndokku registry:login docker.io $USERNAME $PASSWORD\n\n# digitalocean\n# the username and password are both defined as the same api token\ndokku registry:login registry.digitalocean.com $DIGITALOCEAN_API_TOKEN $DIGITALOCEAN_API_TOKEN\n\n# github container registry\n# see the following link for information on retrieving a personal access token\n# https://docs.github.com/en/packages/guides/pushing-and-pulling-docker-images#authenticating-to-github-container-registry\ndokku registry:login ghcr.io $USERNAME $REGISTRY_PAT_TOKEN\n\n# quay\n# a robot user may be used to login\ndokku registry:login quay.io $USERNAME $PASSWORD\n
For security reasons, the password may also be specified as stdin by specifying the --password-stdin flag. This is supported regardless of the registry being logged into.
echo \"$PASSWORD\" | dokku registry:login --password-stdin docker.io $USERNAME\n
For certain Docker registries - such as Amazon ECR or Google's GCR registries - users may instead wish to use a docker credential helper to automatically authenticate against a server; please see the documentation regarding the credential helper in question for further setup instructions.
"},{"location":"advanced-usage/registry-management/#setting-a-remote-server","title":"Setting a remote server","text":"To specify a remote server registry for pushes, set the server property via the registry:set command. The default value for this property is empty string. Setting the value to docker.io or hub.docker.com will result in the computed value being empty string (as that is the default, implicit registry), while any non-zero length value will have a / appended to it if there is not one already.
dokku registry:set node-js-app server docker.io\n
This property can be set for a single app or globally via the --global flag. When set globally, the app-specific value will always overide the global value. The default global value for this property is empty string.
dokku registry:set --global server docker.io\n
Setting the property value to an empty string will reset the value to the system default. Resetting the value can be done per app or globally.
# per-app\ndokku registry:set node-js-app server\n\n# globally\ndokku registry:set --global server\n
The following are the values that should be used for common remote servers:
- Amazon Elastic Container Registry:
- value:
$AWS_ACCOUNT_ID.dkr.ecr.$AWS_REGION.amazonaws.com/ - notes: The
$AWS_ACCOUNT_ID and $AWS_REGION should match the values for your account and region, respectively. Additionally, an IAM profile that allows push access to the repository specified by image-repo should be attached to your Dokku server.
- Azure Container Registry:
- value
$REGISTRY_NAME.azurecr.io/ - notes: The
$AKS_REGISTRY_NAME should match the name of the registry created on your account.
- Docker Hub:
- value:
docker.io/ - notes: Requires owning the namespace used in the
image-repo value.
- Digitalocean:
- value:
registry.digitalocean.com/ - notes: Requires setting the correct
image-repo value for your registry.
- Github Container Registry:
- value:
ghcr.io/ - notes: Requires that the authenticated user has access to the namespace used in the
image-repo value.
- Quay.io:
- value:
quay.io/
"},{"location":"advanced-usage/registry-management/#specifying-an-image-repository-name","title":"Specifying an image repository name","text":"By default, Dokku uses the value dokku/$APP_NAME as the image repository that is pushed and deployed. For certain registries, the dokku namespace may not be available to your user. In these cases, the value can be set by changing the value of the image-repo property via the registry:set command.
dokku registry:set node-js-app image-repo my-awesome-prefix/node-js-app\n
Setting the property value to an empty string will reset the value to the system default. Resetting the value has to be done per-app.
# per-app\ndokku registry:set node-js-app image-repo\n
"},{"location":"advanced-usage/registry-management/#templating-the-image-repository-name","title":"Templating the image repository name","text":"Instead of setting the image repository name on a per-app basis, it can be set via a template globally with the image-repo-template property:
dokku registry:set --global image-repo-template \"my-awesome-prefix/{{ .AppName }}\"\n
Dokku uses a Golang template and has access to the AppName variable as shown above.
"},{"location":"advanced-usage/registry-management/#pushing-images-on-build","title":"Pushing images on build","text":"To push the image on release, set the push-on-release property to true via the registry:set command. The default value for this property is false. Setting the property to true will result in the image being tagged with an ID that is incremented with every release. This tag will be what is used for running app code.
dokku registry:set node-js-app push-on-release true\n
This property can be set for a single app or globally via the --global flag. When set globally, the app-specific value will always overide the global value. The default global value for this property is false.
dokku registry:set --global push-on-release true\n
Setting the property value to an empty string will reset the value to the system default. Resetting the value can be done per app or globally.
# per-app\ndokku registry:set node-js-app push-on-release\n\n# globally\ndokku registry:set --global push-on-release\n
"},{"location":"advanced-usage/registry-management/#push-extra-tags","title":"Push extra tags","text":"To push the image on release with extra tags, set the push-extra-tags to a comma-separated list of tags via the registry:set command. The default value for this property is empty. Setting the property will result in the image being tagged with extra tags every release.
The push-extra-tags can be set to a single tag too.
# multiple-tags\ndokku registry:set node-js-app push-extra-tags foo,bar\n
# single tag\ndokku registry:set node-js-app push-extra-tags foo\n
This property can be set for a single app or globally via the --global flag. When set globally, the app-specific value will always overide the global value. The default global value for this property is false.
dokku registry:set --global push-extra-tags foo,bar\n
Setting the property value to an empty string will reset the value to the system default. Resetting the value can be done per app or globally.
# per-app\ndokku registry:set node-js-app push-extra-tags\n\n# globally\ndokku registry:set --global push-extra-tags\n
"},{"location":"advanced-usage/repository-management/","title":"Repository Management","text":"New
Introduced in 0.6.0
repo:gc <app> # Runs 'git gc --aggressive' against the application's repo\nrepo:purge-cache <app> # Deletes the contents of the build cache stored in the repository\n
The repository plugin is meant to allow users to perform management commands against a repository.
"},{"location":"advanced-usage/repository-management/#usage","title":"Usage","text":""},{"location":"advanced-usage/repository-management/#git-garbage-collection","title":"Git Garbage Collection","text":"This will run a git gc --aggressive against the applications repo. This is performed on the Dokku host, and not within an application container.
ShellOutput dokku repo:gc node-js-app\n
Counting objects: 396, done.\nDelta compression using up to 2 threads.\nCompressing objects: 100% (365/365), done.\nWriting objects: 100% (396/396), done.\nTotal 396 (delta 79), reused 315 (delta 0)\n
"},{"location":"advanced-usage/repository-management/#clearing-application-cache","title":"Clearing Application cache","text":"Building containers with buildpacks currently results in a persistent cache directory between deploys. If you need to clear this cache directory for any reason, you may do so by running the following shell command:
dokku repo:purge-cache node-js-app\n
"},{"location":"advanced-usage/resource-management/","title":"Resource Management","text":"New
Introduced in 0.15.0
resource:limit [--process-type <process-type>] [RESOURCE_OPTS...] <app> # Limit resources for a given app/process-type combination\nresource:limit-clear [--process-type <process-type>] <app> # Limit resources for a given app/process-type combination\nresource:report [<app>] [<flag>] # Displays a resource report for one or more apps\nresource:reserve [--process-type <process-type>] [RESOURCE_OPTS...] <app> # Reserve resources for a given app/process-type combination\nresource:reserve-clear [--process-type <process-type>] <app> # Reserve resources for a given app/process-type combination\n
The resource plugin is meant to allow users to limit or reserve resources for a given app/process-type combination.
"},{"location":"advanced-usage/resource-management/#usage","title":"Usage","text":"By default, Dokku allows unlimited resource access to apps deployed on a server. In some cases, it may be desirable to limit this on a per-app or per-process-type basis. The resource plugin allows management of both resource \"limits\" and resource \"reservations\", where each resource request type has specific meaning to the scheduler in use for a given app.
Warning
The meaning of a values and it's units are specific to the scheduler in use for a given app. If a value is incorrect for a scheduler, this may result in containers failing to start correctly. If a scheduler does not support a given resource type combination, it will be ignored. All resource commands require an app rebuild or deploy in order to take effect.
Valid resource options include:
--cpu--memory--memory-swap--network--network-ingress--network-egress--nvidia-gpu
See the Supported Resource Management Properties section of the docker local scheduler documentation for more information on how each resource limit maps to Docker.
Resource limits and reservations are applied only during the run and deploy phases of an application, and will not impact the build phase of an application.
"},{"location":"advanced-usage/resource-management/#resource-limits","title":"Resource Limits","text":"When specified and supported, a resource limit will ensure that your app does not go over the specified value. If this occurs, the underlying scheduler may either cap resource utilization, or it may decide to terminate and reschedule your process.
Resource limits may be set via the resource:limit command:
ShellOutput dokku resource:limit --memory 100 node-js-app\n
=====> Setting resource limits for node-js-app\n memory: 100\n
Multiple resources can be limited in a single call:
ShellOutput dokku resource:limit --cpu 100 --memory 100 node-js-app\n
=====> Setting resource limits for node-js-app\n cpu: 100\n memory: 100\n
Resources can also be limited on a per-process type basis. If specified, this will override any generic limits set for the app.
ShellOutput dokku resource:limit --cpu 100 --memory 100 --process-type worker node-js-app\n
=====> Setting resource limits for node-js-app (worker)\n cpu: 100\n memory: 100\n
A resource value can be individually cleared by setting the value to the special value clear.
ShellOutput dokku resource:limit --cpu clear node-js-app\n
=====> Setting resource limits for node-js-app\n cpu: cleared\n
"},{"location":"advanced-usage/resource-management/#displaying-resource-limits","title":"Displaying Resource Limits","text":"Running the resource:limit command without any flags will display the currently configured default app limits.
ShellOutput dokku resource:limit node-js-app\n
=====> resource limits node-js-app information [defaults]\n cpu:\n memory:\n memory-swap: 100\n network: 100\n network-ingress:\n network-egress:\n nvidia-gpu:\n
This may also be combined with the --process-type flag to see app limits on a process-type level. Note that the displayed values are not merged with the defaults.
ShellOutput dokku resource:limit --process-type web node-js-app\n
=====> resource limits node-js-app information (web)\n cpu: 100\n memory: 100\n memory-swap:\n network:\n network-ingress:\n network-egress:\n nvidia-gpu:\n
"},{"location":"advanced-usage/resource-management/#clearing-resource-limits","title":"Clearing Resource Limits","text":"In cases where the values are incorrect - or there is no desire to limit resources - resource limits may be cleared using the resource:limit-clear command.
ShellOutput dokku resource:limit-clear node-js-app\n
-----> Clearing resource limit for node-js-app\n
Defaults can also be cleared by leaving the app unspecified.
ShellOutput dokku resource:limit-clear\n
-----> Clearing default resource limits\n
"},{"location":"advanced-usage/resource-management/#resource-reservations","title":"Resource Reservations","text":"When specified and supported, a resource reservation will ensure that your server has at least the specified resources before placing a given app's process. If there a resource exhaustion, future rebuilds and deploys may fail.
Resource reservations may be set via the resource:reserve command:
ShellOutput dokku resource:reserve --memory 100 node-js-app\n
=====> Setting resource reservation for node-js-app\n memory: 100\n
Multiple resources can be limited in a single call:
ShellOutput dokku resource:reserve --cpu 100 --memory 100 node-js-app\n
=====> Setting resource reservation for node-js-app\n cpu: 100\n memory: 100\n
Resources can also be limited on a per-process type basis. If specified, this will override any generic limits set for the app.
ShellOutput dokku resource:reserve --cpu 100 --memory 100 --process-type worker node-js-app\n
=====> Setting resource reservation for node-js-app (worker)\n cpu: 100\n memory: 100\n
A resource value can be individually cleared by setting the value to the special value clear.
ShellOutput dokku resource:reserve --cpu clear node-js-app\n
=====> Setting resource reservation for node-js-app\n cpu: cleared\n
"},{"location":"advanced-usage/resource-management/#displaying-resource-reservations","title":"Displaying Resource Reservations","text":"Running the resource:reserve command without any flags will display the currently configured default app reservations.
ShellOutput dokku resource:reserve node-js-app\n
=====> resource reservation node-js-app information [defaults]\n cpu: 100\n memory: 100\n memory-swap:\n network:\n network-ingress:\n network-egress:\n nvidia-gpu:\n
This may also be combined with the --process-type flag to see app reservations on a process-type level. Note that the displayed values are not merged with the defaults.
ShellOutput dokku resource:reserve --process-type web node-js-app\n
=====> resource reservation node-js-app information (web)\n cpu: 100\n memory: 100\n memory-swap:\n network:\n network-ingress:\n network-egress:\n nvidia-gpu:\n
"},{"location":"advanced-usage/resource-management/#clearing-resource-reservations","title":"Clearing Resource Reservations","text":"In cases where the values are incorrect - or there is no desire to reserve resources - resource reservations may be cleared using the resource:reserve-clear command.
ShellOutput dokku resource:reserve-clear node-js-app\n
-----> Clearing resource reservation for node-js-app\n
Defaults can also be cleared by leaving the app unspecified.
ShellOutput dokku resource:reserve-clear\n
-----> Clearing default resource reservation\n
"},{"location":"advanced-usage/resource-management/#displaying-resource-reports-for-an-app","title":"Displaying resource reports for an app","text":"You can get a report about the app's resource status using the resource:report command:
ShellOutput dokku resource:report\n
=====> node-js-app resource information\n web limit cpu:\n web limit memory: 1024\n web limit memory swap: 0\n web limit network: 10\n web limit network ingress:\n web limit network egress:\n web limit nvidia gpu:\n web reservation cpu:\n web reservation memory: 512\n web reservation memory swap:\n web reservation network: 8\n web reservation network ingress:\n web reservation network egress:\n web reservation nvidia gpu:\n=====> python-sample resource information\n web limit cpu:\n web limit memory:\n web limit memory swap:\n web limit network:\n web limit network ingress:\n web limit network egress:\n web limit nvidia gpu:\n web reservation cpu:\n web reservation memory:\n web reservation memory swap:\n web reservation network:\n web reservation network ingress:\n web reservation network egress:\n web reservation nvidia gpu:\n=====> ruby-sample resource information\n web limit cpu:\n web limit memory:\n web limit memory swap:\n web limit network:\n web limit network ingress:\n web limit network egress:\n web limit nvidia gpu:\n web reservation cpu:\n web reservation memory:\n web reservation memory swap:\n web reservation network:\n web reservation network ingress:\n web reservation network egress:\n web reservation nvidia gpu:\n
You can run the command for a specific app also.
ShellOutput dokku resource:report node-js-app\n
=====> node-js-app resource information\n web limit cpu:\n web limit memory: 1024\n web limit memory swap: 0\n web limit network: 10\n web limit network ingress:\n web limit network egress:\n web limit nvidia gpu:\n web reservation cpu:\n web reservation memory: 512\n web reservation memory swap:\n web reservation network: 8\n web reservation network ingress:\n web reservation network egress:\n web reservation nvidia gpu:\n
You can pass flags which will output only the value of the specific information you want. For example:
ShellOutput # Note the periods in the flag name\ndokku resource:report node-js-app --resource-web.limit.memory\n
1024\n
"},{"location":"appendices/0.10.0-migration-guide/","title":"0.10.0 Migration Guide","text":""},{"location":"appendices/0.10.0-migration-guide/#pci-compliance","title":"PCI Compliance","text":"By default, Dokku will ship a PCI Compliant nginx configuration. For developers whose users are on older browsers or mobile devices, you may need to ship a custom nginx.conf.sigil to enable ciphers for older browsers.
See the nginx customization docs for more details.
"},{"location":"appendices/0.10.0-migration-guide/#nginx-error-pages","title":"Nginx Error Pages","text":"We now ship with nicer error pages by default. You are free to customize your Dokku installation via a custom nginx.conf.sigil to change what error pages are displayed in different circumstances.
See the nginx customization docs for more details.
"},{"location":"appendices/0.20.0-migration-guide/","title":"0.20.0 Migration Guide","text":""},{"location":"appendices/0.20.0-migration-guide/#removals","title":"Removals","text":""},{"location":"appendices/0.20.0-migration-guide/#command-removals","title":"Command removals","text":"The following commands were previously deprecated and were removed in this release.
apps: Use apps:list instead.certs: Use certs:report instead.certs:info: Use certs:report instead.checks: Use checks:report instead.docker-options: Use docker-options:report instead.domains: Use domains:report instead.plugin: Use plugin:list instead.proxy: Use proxy:report instead.trace: Use trace:on or trace:off instead.ps: Use enter with a container ID instead to run ps auxww within a container.
The refactor of the proxy plugin removes the following functions from being sourced in plugins:
proxy#get_app_proxy_port_map()proxy#list_app_proxy_ports()proxy#filter_app_proxy_ports()proxy#add_proxy_ports()proxy#remove_proxy_ports()proxy#set_proxy_ports()
The informal policy is to allow removal of functions within a functions file if they are not used in OSS plugins. Should you be affected by any such removals, please file an issue to expose the functionality via a plugin trigger.
"},{"location":"appendices/0.20.0-migration-guide/#function-renames","title":"Function renames","text":" tar#tar_in_cmd was renamed to tar#cmd-tar-in. Users should avoid using cmd-* commands directly, and instead file an issue to have them exposed via a plugin trigger.tar#tar_from_cmd was renamed to tar#cmd-tar-from. Users should avoid using cmd-* commands directly, and instead file an issue to have them exposed via a plugin trigger.
"},{"location":"appendices/0.20.0-migration-guide/#remove-support-for-unsupported-operating-systems","title":"Remove support for Unsupported Operating Systems","text":"Dokku will no longer distribute packages for Ubuntu versions that have reached either End of Life or End of Standard Support (for LTS releases). This currently includes the following releases:
- Ubuntu 14.04 (trusty)
- Ubuntu 14.10 (utopic)
- Ubuntu 15.04 (vivid)
- Ubuntu 15.10 (wily)
- Ubuntu 16.10 (yakkety)
- Ubuntu 17.04 (zesty)
- Ubuntu 17.10 (artful)
Dokku will no longer distribute packages for Debian versions that are not stable or oldstable. This currently includes the following releases:
- Debian 7 (wheezy)
- Debian 8 (jessie)
"},{"location":"appendices/0.20.0-migration-guide/#removed-app-report-flags","title":"Removed App report flags","text":"The --git-sha flag was moved from the apps:report command to the git:report command.
"},{"location":"appendices/0.20.0-migration-guide/#app-report-output","title":"App report output","text":"When an app is not deployed, the apps:report command no longer shows the message not deployed. Please use the --deployed flag on ps:report instead to see if the app has been deployed.
"},{"location":"appendices/0.20.0-migration-guide/#changes","title":"Changes","text":""},{"location":"appendices/0.20.0-migration-guide/#app-report-flags","title":"App report flags","text":"The following changes on the apps:report command were made in this release:
- The
--deploy-source flag was renamed to --app-deploy-source. - The
--locked flag was renamed to --app-locked.
"},{"location":"appendices/0.20.0-migration-guide/#network-report-flags","title":"Network report flags","text":"The following changes on the network:report command were made in this release:
- The
--network-listeners flag was renamed to --network-web-listeners.
"},{"location":"appendices/0.20.0-migration-guide/#plugin-triggers","title":"Plugin Triggers","text":" - The
network-get-port trigger was incorrectly documented to have the isHerokuishContainer argument as the third argument. The code has been fixed to respect the documentation. - The
network-get-listeners trigger now takes an additional processType argument. If not specified, it defaults to web. This default will be removed in an upcoming release.
"},{"location":"appendices/0.20.0-migration-guide/#deprecations","title":"Deprecations","text":" nginx:show-conf has been deprecated in favor of nginx:show-config.proxy#is_app_proxy_enabled() is deprecated in favor of plugn trigger proxy-is-enabled.proxy#get_app_proxy_type() is deprecated in favor of plugn trigger proxy-type.apps#apps_create() is deprecated in favor of plugn trigger app-create.apps#apps_destroy() is deprecated in favor of plugn trigger app-destroy.apps#apps_exists() is deprecated in favor of plugn trigger app-exists.apps#apps_maybe_create() is deprecated in favor of plugn trigger app-maybe-create.plugin trigger network-get-listeners usage without a second processType argument is deprecated..NGINX_PORT variable usage within nginx.conf.sigil templates is deprecated in favor of .PROXY_PORT..NGINX_SSL_PORT variable usage within nginx.conf.sigil templates is deprecated in favor of .PROXY_SSL_PORT..DOKKU_APP_LISTENERS variable usage within nginx.conf.sigil templates is deprecated in favor of .DOKKU_APP_WEB_LISTENERS.
"},{"location":"appendices/0.21.0-migration-guide/","title":"0.21.0 Migration Guide","text":""},{"location":"appendices/0.21.0-migration-guide/#changes","title":"Changes","text":"The tls name is no longer a reserved app name, and can be used by applications. This was previously a reserved app name due to it's use as a place for global SSL certificate files; Dokku has not supported global SSL certificates for many releases, and thus there is no need to reserve the name.
"},{"location":"appendices/0.21.0-migration-guide/#deprecations","title":"Deprecations","text":" git#git_deploy_branch() is deprecated in favor of plugn trigger git-deploy-branch.- The
config command is deprecated in favor of config:show. - Usage of this command in conjunction with either the
--export or --shell flag is deprecated in favor of config:export --format with the correct format value (exports or shell, respectively).
- The
nginx:build-config command is deprecated in favor of proxy:build-config.
"},{"location":"appendices/0.21.0-migration-guide/#removals","title":"Removals","text":"The apps:destroy command no longer takes a second argument force. Instead, this can be passed as the --force flag, either globally or as a flag to the command itself.
The proxy:enable and proxy:disable no longer restart apps when setting the DOKKU_DISABLE_PROXY environment variable. A future release will disable usage of DOKKU_DISABLE_PROXY altogether.
"},{"location":"appendices/0.22.0-migration-guide/","title":"0.22.0 Migration Guide","text":""},{"location":"appendices/0.22.0-migration-guide/#deprecations","title":"Deprecations","text":" - Calling
logs:failed without either a <name> or the --all flag is deprecated.
"},{"location":"appendices/0.22.0-migration-guide/#changes","title":"Changes","text":" - Underscores are no longer valid characters in app names. Please rename applications before upgrading.
- Process type names specified in Procfile may no longer use characters not valid in DNS Label Names (RFC 1123).
- The minimum Docker version is now 17.05.0.
- The
common.GetDeployingAppImageName() function now returns an error as the second return argument instead of calling common.LogFail() internally. - Setting
DOKKU_DISABLE_ANSI_PREFIX_REMOVAL is deprecated; Dokku 0.23.0 will avoid removing the remote: ansi prefix entirely. No warning will be added in this release.
"},{"location":"appendices/0.22.0-migration-guide/#removals","title":"Removals","text":"The ps command has had a few removals as a result of a rewrite to Golang:
- The
ps:set-restart-policy command has been removed in favor the ps:set command. - The
ps:restart-policy command has been removed in favor of the ps:report command. - The
ps:rebuildall command has been removed in favor of calling the ps:rebuild with the --all flag instead of an app name. - The
ps:restartall command has been removed in favor of calling the ps:restart with the --all flag instead of an app name. - The
ps:stopall command has been removed in favor of calling the ps:stop with the --all flag instead of an app name. - The
ps:startall command has been removed in favor of calling the ps:start with the --all flag instead of an app name. - The
DOKKU_PROCFILE file is no longer located in the git directory for a given app on the server. It's location is currently not exposed. - The
procfile-get-command plugin trigger no longer takes a procfile path as the final argument. - All
ps functions have been removed. Please us a trigger as appropriate or file a PR to have a new trigger/wrapper function added.
"},{"location":"appendices/0.23.0-migration-guide/","title":"0.23.0 Migration Guide","text":""},{"location":"appendices/0.23.0-migration-guide/#changes","title":"Changes","text":" - The
plugin:list command no longer outputs the version for the plugn binary. - Users building docker images that run Dokku will need to use a new sudoer wrapper for the
docker-image-labeler binary to work correctly. A reference version has been placed in the docker skeleton directory. This should only impact platform developers, and users of our Docker image will already have the file available. - The
dokku user's cron is now in use by Dokku itself. Customizations will be overwritten. Users are encouraged to use a cron entry in /etc/cron.d/dokku to avoid this issue. - As of 0.23.0, Dokku will now inject the
max-size log driver option for applications. This is restricted to app-configured log driver values empty, local or json-file in 0.23.1 to increase setup compatibility. Users who configure alternative log drivers at the system level will need to either set the global max-size property to unlimited or switch to the built-in vector logging support.
"},{"location":"appendices/0.24.0-migration-guide/","title":"0.24.0 Migration Guide","text":""},{"location":"appendices/0.24.0-migration-guide/#changes","title":"Changes","text":" - The commands
proxy:enable, proxy:disable and proxy:build-config now support the --all flag in addition to general parallelism. - The
builder-cnb plugin has been renamed builder-pack, and all related plugin triggers have had the suffix -cnb changed to -pack.
"},{"location":"appendices/0.24.0-migration-guide/#deprecations","title":"Deprecations","text":" - The 1.0.0 release of Dokku will no longer select buildpack builders over dockerfile builders if both builders match. Instead, Dokku will choose the first builder that responds to the
builder-detect trigger. Users that wish to use a specific builder may set a builder using the builder:set command, which will force Dokku to use the specified builder regardless of what might be auto-detected. - The
tags plugin is deprecated in favor of the git:from-image command. It will be removed in the next minor release, and is considered unmaintained. Users are highly encouraged to switch their workflows to git:from-image. - The
tar plugin is deprecated in favor of the git:from-archive command. It will be removed in the next minor release, and is considered unmaintained. Users are highly encouraged to switch their workflows to git:from-archive.
"},{"location":"appendices/0.25.0-migration-guide/","title":"0.25.0 Migration Guide","text":""},{"location":"appendices/0.25.0-migration-guide/#registry-plugin","title":"Registry Plugin","text":"The dokku-registry plugin is now built-in. This comes with a few changes:
- Builder plugins should call
post-release-builder at the end of the build. - The
push and pull command are not implemented. Users wishing to deploy a remote image should use git:from-image. Image pushing is not available at this time. - At this time, remote docker repositories are not automatically created for AWS, and users must create those repositories for their applications as necessary. This may be implemented in the future.
- Docker images are only pushed when configured to do so. See the registry management documentation for more details.
Before upgrading, uninstall the registry plugin via dokku plugin:uninstall registry. Not doing so will cause issues with Dokku.
"},{"location":"appendices/0.25.0-migration-guide/#other","title":"Other","text":""},{"location":"appendices/0.25.0-migration-guide/#changes","title":"Changes","text":" - The network plugin can now set an
initial-network for all containers on creation. This is a replacement for specifying the --network flag via the docker-options plugin. Please see the network documentation for more information. - The
dokku run command now always removes the ephemeral container on exit. Users that need a persistent container should instead specify a console process type in their Procfile specifying an available shell (usually either bash or sh) and scale that container appropriately. - The
pre-deploy plugin trigger is now called internally by Dokku. Scheduler plugins should avoid calling this trigger, as any image changes introduced by subsequent trigger calls will be ignored. - The default image used for Herokuish Buildpack builds is now
gliderlabs/herokuish:latest-20, and is based on both the heroku-20 stack as well as Ubuntu 20.04. Users that wish to stick with the old, heroku-18/Ubuntu 18.04 builder may specify gliderlabs/herokuish:latest-18 as their builder image. Please see the herokuish buildpack deployment documentation for more information on how to specify a custom buildpack stack builder. - This change does not impact any users of Cloud Native Buildpacks.
- We fixed an issue that required extracting Procfiles at the beginning of a deploy. Due to this change, a
Dockerfile app contains a Procfile that does not specify a web process will fail to start. Usage of a Procfile with only a release command should be replaced with a scripts.dokku.postdeploy deployment task in the app.json file. The alternative is to define the web process in the Procfile. See the deployment task documentation for more information.
"},{"location":"appendices/0.25.0-migration-guide/#deprecations","title":"Deprecations","text":" - In previous versions of Dokku, the only way to specify a custom
Dockerfile was to use the docker-options plugin to set the --file flag for a docker build. As of 0.25.0, the builder-dockerfile:set command should be used instead, as outlined in the docs here. Usage of the old method should be migrated to the new method. - The
--rm and --rm-container flags may be specified but no longer have any effect on dokku run. - The
--detach flag is deprecated in favor of the run:detached command. - The
DOKKU_SCALE file is deprecated. Please see the process management documentation for more information on it's replacement with the formation key of the app.json file. - The hooks
post-release-buildpack, post-release-dockerfile, and post-release-pack are deprecated in favor of post-release-builder. See the plugin triggers documentation for more details.
"},{"location":"appendices/0.25.0-migration-guide/#removals","title":"Removals","text":" - As of April 2021, Ubuntu 16.04 is no longer an LTS release, and support has been removed. Packages may still install on older versions of Ubuntu, but are no longer tested, and therefore no support will be provided.
- The web installer has been removed. Users are now required to setup Dokku via cli commands. This change was made to combat potential security issues where users ignored the web installer, allowing unauthorized users to add their keys to the host.
- The
scheduler-docker-cleanup plugin trigger has been removed from the scheduler interface, and is no longer invoked.
"},{"location":"appendices/0.26.0-migration-guide/","title":"0.26.0 Migration Guide","text":""},{"location":"appendices/0.26.0-migration-guide/#removals","title":"Removals","text":" - The
tags plugin - deprecated in 0.24.0 - was removed. Users are highly encouraged to switch their workflows to git:from-image. - The
tar plugin - deprecated in 0.24.0 - was removed. Users are highly encouraged to switch their workflows to git:from-archive.
"},{"location":"appendices/0.26.0-migration-guide/#changes","title":"Changes","text":" - The
scheduler plugin now controls the scheduler in use for deploys. Apps will have their DOKKU_SCHEDULER environment variables migrated to the scheduler plugin, after which that value will be removed from said app. Please see the scheduler documentation for more information. - The
deploy-source metadata from apps:report is now no longer computed on the fly, but hydrated at deploy time via the deploy-source-set trigger. This value may be empty until your next deploy. - Additionally, the
deploy-source trigger has now been removed.
"},{"location":"appendices/0.27.0-migration-guide/","title":"0.27.0 Migration Guide","text":""},{"location":"appendices/0.27.0-migration-guide/#changes","title":"Changes","text":" -
Renaming an application will now only rename domains that are associated with global domains. As an example:
dokku domains:set-global dokku.me\ndokku apps:create node-js-app\ndokku domains:set node-js-app node-js-app.dokku.me node-js-app.dokku.com\ndokku apps:rename node-js-app other-name\ndokku domains:report node-js-app --domains-app-vhosts\n# output: other-name.dokku.me node-js-app.dokku.com\n
"},{"location":"appendices/0.28.0-migration-guide/","title":"0.28.0 Migration Guide","text":""},{"location":"appendices/0.28.0-migration-guide/#removals","title":"Removals","text":"Support for the following operating systems has been removed:
- CentOS 7
- Debian 9 (Stretch)
- Fedora
- OpenSuse
Dokku will no longer provide packages for RPM based systems. Debian 9 users may use new Debian packages, though support is not guaranteed.
All users are encouraged to install Dokku via the Docker-based installation method, or switch to a supported operating system.
"},{"location":"appendices/0.28.0-migration-guide/#deprecations","title":"Deprecations","text":"Ubuntu 18.04 is now a deprecated installation target. The operating system will be considered EOL by Canonical in April 2023. Users are encouraged to upgrade to Ubuntu 22.04 or consider switching their instllation method to the Docker-based installation method to avoid any disruption in usage.
"},{"location":"appendices/0.28.0-migration-guide/#additions","title":"Additions","text":"New in 0.28.0 are the Caddy, Haproxy and Traefik plugins. As community plugins wrapping these proxies exist, users should:
- Recommended: Uninstall the community plugin in question and switch all config to the new plugins.
- Upgrade the community plugin to a version that does not use the
proxy:set value of caddy, haproxy or traefik.
"},{"location":"appendices/0.29.0-migration-guide/","title":"0.29.0 Migration Guide","text":""},{"location":"appendices/0.29.0-migration-guide/#changes","title":"Changes","text":" - The output of
run:detached now uses the container name - eg. node-js-app.run.1 - vs the container id. - The ID of
cron tasks is now base36-encoded instead of base64-encoded. - The
nginx.conf.sigil is now extracted when source code is extracted for a build and not from the built image. Users can specify alternative paths via the nginx-conf-sigil-path property of the nginx plugin. See the nginx documentation for more information on how to configure the nginx.conf.sigil path for your application. - For deploys via
git:from-image, the nginx.conf.sigil file will be extracted from the source image, respecting the value of nginx-conf-sigil-path.
- The
Procfile is now extracted when source code is extracted for a build and not from the built image. Users can specify alternative paths via the procfile-path property of the ps plugin. See the process management documentation for more information on how to configure the Procfile path for your application. - For deploys via
git:from-image, the Procfile file will be extracted from the source image, respecting the value of procfile-path.
- The existing
pre-restore hook has been renamed to scheduler-pre-restore. There is a new pre-restore hook that is triggered within the ps:restore command prior to restoring any apps. - Nginx init commands are now performed via systemctl on Ubuntu systems when
/usr/bin/systemctl is available.
"},{"location":"appendices/0.29.0-migration-guide/#removals","title":"Removals","text":" - The
DOKKU_WAIT_TO_RETIRE environment variable has been migrated to a checks property named wait-to-retire and will be ignored if set as an environment variable. - The
domains-setup trigger has been removed. Initial app domains will now be automatically setup during app creation. - The
URLS file containing generated urls for an app is no longer generated or referenced. Users should retrieve app urls via the new domains-urls plugin trigger. - The common function
get_app_urls has been removed. Users should retrieve app urls via the new domains-urls plugin trigger.
"},{"location":"appendices/0.30.0-migration-guide/","title":"0.30.0 Migration Guide","text":"Info
Important: Due to the removal of DOKKU_SCALE support, users with a version older than 0.25.x are heavily encouraged to upgrade to 0.29.x prior to 0.30.x. Not doing so will result in all app containers stopping on rebuild due to having no scale settings.
"},{"location":"appendices/0.30.0-migration-guide/#deprecations","title":"Deprecations","text":" - Support for Ubuntu 18.04 has been deprecated. Please upgrade your host OS in advance of the End Of Life in April 2023.
"},{"location":"appendices/0.30.0-migration-guide/#changes","title":"Changes","text":" - The
app.json file is now extracted from the source code instead of the built image. For deploys via git:from-image, the file is extracted from the built image.
"},{"location":"appendices/0.30.0-migration-guide/#removals","title":"Removals","text":" - Support for SPDY has been removed. No major browser supports it as of 2021. Custom
nginx.conf.sigil templates referencing spdy-related variables will continue to build until the 1.0.0 release. - Support for the
DOKKU_SCALE file - deprecated in 0.25.0 - has been removed in favor of the formation key in the app.json file. Please see the process management documentation for more information on how to use the formation key of the app.json file. - The deprecated
--detach global flag for dokku run was removed. Please see the one-off tasks documentation for more information on running detached containers. - The following deprecated trigger have been removed in favor of the
post-release-builder trigger. See the plugin triggers documentation for more details. post-release-buildpackpost-release-dockerfilepost-release-pack
- The ability to call
logs:failed without specifying an app or --all flag has been removed. This was deprecated in 0.22.0. Please see the logs:failed. - The following app shell functions - deprecated since 0.20.0 - have been removed in favor of their plugin trigger equivalents. Sourcing the
app/functions file will fail going forward. apps#apps_create() is removed in favor of plugn trigger app-create.apps#apps_destroy() is removed in favor of plugn trigger app-destroy.apps#apps_exists() is removed in favor of plugn trigger app-exists.apps#apps_maybe_create() is removed in favor of plugn trigger app-maybe-create.
- The following common shell functions have been removed:
common#is_container_running() (deprecated since 0.12.6) is removed in favor of common#is_container_status().common#is_app_running() (deprecated since 0.22.0) is removed in favor of ps#fn-ps-is-app-running().
- The global
--rm-container and --rm flags - deprecated since 0.25.0 - have been removed. - The following git shell functions have been removed:
git#use_git_worktree() (deprecated since 0.23.7) has been removed. There is no alternative as the function has been made internal.git#git_deploy_branch()(deprecated since 0.21.0) has been removed in favor of plugn trigger git-deploy-branch.
- The following nginx commands - deprecated since 0.20.0 - have been removed:
nginx:show-conf has been removed in favor of nginx:show-config.nginx:validate has been removed in favor of nginx:validate-config.nginx:build-config - deprecated since 0.21.0 - has been removed in favor of proxy:build-config.
- The following proxy functions - deprecated since 0.20.0 - have been removed in favor of their plugin trigger equivalents. Sourcing the
proxy/functions file will fail going forward. proxy#is_app_proxy_enabled() is removed in favor of plugn trigger proxy-is-enabled.proxy#get_app_proxy_type() is removed in favor of plugn trigger proxy-type.
"},{"location":"appendices/0.31.0-migration-guide/","title":"0.31.0 Migration Guide","text":""},{"location":"appendices/0.31.0-migration-guide/#changes","title":"Changes","text":" - Herokuish build cache is now mounted from a docker volume - eg.
cache-node-js-app - instead of the local filesystem. All existing app cache will be cleared upon upgrading past 0.29.0. - The
vector container integration now mounts config to /etc/vector instead of the path /etc/vector/vector.json, allowing users the ability to provide extra configuration for Vector Sinks. To take advantage of the new functionality, the vector container should be stopped (via dokku logs:vector-stop) and then started (via dokku logs:vector-start). - The
traefik integration now mounts config to /data instead of the path /acme.json, fixing permissions issues under certain architectures. To take advantage of the new functionality, the traefik container should be stopped (via dokku traefik:stop) and then started (via dokku traefik:start). - Users no longer need to clear the
source-image git property when transitioning from image-based deploys (git:from-image and git:load-image) to other deployment methods (git push, git:from-archive, git:sync). - For deploys via the
git:from-image and git:load-image commands, the CHECKS file is now extracted from the configured WORKDIR property of the image. For all other deploys - git push, git:from-archive, git:sync - will have the CHECKS extracted directly from the source code. The filename in both cases is CHECKS and cannot be modified. - Port mappings are now auto-detected during the build process. Users may override detected port mappings via the
ports plugin. A default port mapping of http:80:5000 will be used if none is otherwise specified. - Users building docker images that run Dokku will need to use a new sudoer wrapper for the
docker-container-healthchecker binary to work correctly. A reference version has been placed in the docker skeleton directory. This should only impact platform developers, and users of our Docker image will already have the file available. - The default image used for Herokuish Buildpack builds is now
gliderlabs/herokuish:latest-22, and is based on both the heroku-22 stack as well as Ubuntu 22.04. Users that wish to stick with the old, heroku-20/Ubuntu 20.04 builder may specify gliderlabs/herokuish:latest-20 as their builder image. Please see the herokuish buildpack deployment documentation for more information on how to specify a custom buildpack stack builder. - The default image used for Cloud Native Buildpack builds is now
heroku/builder:22, and is based on both the heroku-22 stack as well as Ubuntu 22.04. Users that wish to stick with the old, heroku-20/Ubuntu 20.04 builder may specify heroku/buildpacks:20 as their builder image. Please see the herokuish buildpack deployment documentation for more information on how to specify a custom buildpack stack builder.
"},{"location":"appendices/0.31.0-migration-guide/#deprecations","title":"Deprecations","text":" - The
proxy:ports* commands have been replaced with the new ports plugin. Users will be able to use the old proxy:ports* commands for a single minor release, and they will be removed in the next minor release. - The
common#get_available_port() function has been deprecated and will be removed in the next release. Users should avoid interacting with this function and instead use the ports-get-available plugin trigger for fetching an available port. - The
proxy-configure-ports plugin trigger has been deprecated and will be removed in the next release. Users should instead trigger the ports-configure plugin trigger. - The
common#get_dockerfile_exposed_ports() function is deprecated and will be removed in the next release. There is no replacement for this as it's only use in Dokku core was in the builder-dockerfile plugin. - The
common#get_exposed_ports_from_image() function is deprecated and will be removed in the next release. There is no replacement for this as it's only use in Dokku core was during the build process. - The environment variable
DOKKU_PROXY_PORT_MAP has been migrated to the properties system. Direct changes to the value will be ignored, and users should interact with port maps via the ports plugin. - The
CHECKS file is deprecated in favor of defining healthchecks in the app.json file. The docker-container-healthchecker tool can be used to generate healthcheck entries in app.json format from existing CHECKS files. See the zero-downtime deploy documentation for more information on how the new zero downtime check format works. - ARM support is now deprecated, and will be removed in the next minor release. ARM releases are not tested in CI and do not get testing locally. Users of ARM installations on platforms such as the Raspberry PI should consider migrating to ARM64. ARM64 will continue to be supported by Dokku, and there are no plans to remove support for ARM64.
"},{"location":"appendices/0.31.0-migration-guide/#un-deprecations","title":"Un-Deprecations","text":" - The bare
apps and config cli aliases are no longer deprecated. This better follows Heroku's output and is more useful to users. The subcommands will be treated as the primary, documented versions, while the aliases are there for convenience.
"},{"location":"appendices/0.31.0-migration-guide/#removals","title":"Removals","text":" - The variable
RAW_TCP_PORTS is no longer exposed for nginx.conf.sigil templating. - The environment variable
DOKKU_DOCKERFILE_PORTS is no longer in use. Users wishing to change port mappings should instead use the ports plugin. - The
common#get_app_raw_tcp_ports() function has been removed in the next release. Users should instead use the ports-get plugin trigger for fetching ports for an app. - The plugin trigger
network-compute-ports has been removed. It's only use was in the scheduler-docker-local plugin, for exposing ports. It's functionality is now implemented via the ports plugin. - The plugin trigger
network-get-port has been removed. It's only use was in the scheduler-docker-local plugin, for recording ports. It's functionality is now implemented via the ports plugin.
"},{"location":"appendices/0.32.0-migration-guide/","title":"0.32.0 Migration Guide","text":""},{"location":"appendices/0.32.0-migration-guide/#deprecations","title":"Deprecations","text":" - The following
pre-build-* plugin triggers have been deprecated and will be removed in the next release. Users should instead trigger the pre-build plugin trigger. - pre-build-buildpack
- pre-build-dockerfile
- pre-build-lambda
- pre-build-pack
- The following
pre-release-* plugin triggers have been deprecated and will be removed in the next release. Users should instead trigger the pre-release-builder plugin trigger. - pre-release-buildpack
- pre-release-dockerfile
- pre-release-lambda
- pre-release-pack
- The following
post-build-* plugin triggers have been deprecated and will be removed in the next release. Users should instead trigger the post-build plugin trigger. - post-build-buildpack
- post-build-dockerfile
- post-build-lambda
- post-build-pack
- The
CHECKS file was deprecated in the previous release in favor of defining healthchecks in the app.json file. It's support and auto-migration to healthchecks in the app.json file will be removed in the next release. See the zero-downtime deploy documentation for more information on how the new zero downtime check format works.
"},{"location":"appendices/0.32.0-migration-guide/#removals","title":"Removals","text":" - ARM support has been removed. Users of ARM installations on platforms such as the Raspberry PI should consider migrating to ARM64. ARM64 will continue to be supported by Dokku, and there are no plans to remove support for ARM64.
- The following proxy-port related code has been removed. It is replaced by the
ports plugin and it's related plugin triggers. proxy:ports-* commandsproxy-configure-ports plugin triggercommon#get_available_port()common#get_dockerfile_exposed_ports()common#get_exposed_ports_from_image()
"},{"location":"appendices/0.33.0-migration-guide/","title":"0.33.0 Migration Guide","text":"Dokku 0.33.0 did not introduce any refactors, removals, or deprecations, and focused solely on system improvements.
"},{"location":"appendices/0.34.0-migration-guide/","title":"0.34.0 Migration Guide","text":""},{"location":"appendices/0.34.0-migration-guide/#removals","title":"Removals","text":" - The
disable-chown property of the scheduler-docker-local plugin has been removed. Mounted paths will no longer have file permissions changed during the pre-deploy phase. Files baked into the container image for herokuish builds will always be owned by the correct user. - The
git:unlock command has been removed. It was previously used to \"unlock\" a temporary directory that already existed. The directory the git:unlock command used to cleanup is now properly removed on exit of the git:from-image command. - The k3s plugin no longer supports port mappings other than
https:443 and http:80. If no matching port map is specified, Dokku will use expose the app on the first port mapping, with priority given to https mappings over http. - Golang functions to invoke plugin triggers named
PlugnTrigger* have been removed in favor of CallPlugnTrigger.
"},{"location":"appendices/0.34.0-migration-guide/#changes","title":"Changes","text":" - The k3s scheduler now creates an Ingress object per domain instead of one per port mapping. This will cause a short amount of downtime during the next app deploy after upgrading to 0.34.0
- App lock files have been removed from the
/home/dokku directory and moved into the data/apps directory. - Logs are now rotated via
copytruncate instead of create in logrotate. -
The k3s scheduler now defaults to nginx as it's default proxy implementation. The traefik proxy implementation is still available, though users will need to set the global ingress-class k3s property to traefik via the following command:
dokku scheduler-k3s:set --global ingress-class traefik\n
"},{"location":"appendices/0.34.0-migration-guide/#deprecations","title":"Deprecations","text":"The pre-deploy plugin trigger is deprecated as of 0.34.4. It is currently invoked during the post-release-builder plugin trigger, where image mutation is heavily discouraged. Users should instead move any trigger usage to the pre-release-builder plugin trigger. The pre-deploy plugin trigger will be removed in a future release.
"},{"location":"appendices/0.35.0-migration-guide/","title":"0.35.0 Migration Guide","text":""},{"location":"appendices/0.35.0-migration-guide/#changes","title":"Changes","text":" - The provided
dokku/dokku:latest Docker image now runs Ubuntu 24.04 Noble. Users that install custom packages within their docker-based installations should be sure to check package compatibility with Ubuntu 24.04. - The default image used for Cloud Native Buildpack builds is now
heroku/builder:24, and is based on both the heroku-24 stack as well as Ubuntu 24.04. Users that wish to stick with the old, heroku-22/Ubuntu 22.04 builder may specify heroku/buildpacks:22 as their builder image. Please see the cloud native buildpack deployment documentation for more information on how to specify a custom buildpack stack builder. - The default image used for Herokuish Buildpack builds is now
gliderlabs/herokuish:latest-24, and is based on both the heroku-24 stack as well as Ubuntu 24.04. Users that wish to stick with the old, heroku-22/Ubuntu 22.04 builder may specify gliderlabs/herokuish:latest-22 as their builder image. Please see the herokuish buildpack deployment documentation for more information on how to specify a custom buildpack stack builder. - The
vector image used by Dokku for enhanced logging support has been upgraded from 0.39.x to 0.41.x. To take advantage of the new image, execute the following commands: dokku logs:vector-stop\ndokku logs:vector-start\n
- The
openresty image used by Dokku for proxying via openresty has been upgraded from 0.8.0 to 0.9.0. To take advantage of the new image, execute the following commands: dokku openresty:stop\ndokku openresty:start\n
"},{"location":"appendices/0.5.0-migration-guide/","title":"0.5.0 Migration Guide","text":""},{"location":"appendices/0.5.0-migration-guide/#nginx-vhosts-plugin","title":"nginx-vhosts plugin","text":" - The nginx-vhosts template language is now sigil
- No need to escape literal
$ characters (or other \"bash-isms\") - Template variables are represented as {{ .VARIABLE_NAME }}
- A detailed list of template variables can be found here
- A custom nginx-vhosts template must be named
nginx.conf.sigil - The default path for this custom template is the root of your repo (i.e.
/app in the container or WORKDIR if defined in a dockerfile app) - Dokku no longer looks for this file in
/home/dokku/node-js-app on the Dokku server - Check out an example template here
- Support for server-wide SSL certs have been dropped in favor of using the
certs plugin dokku certs:add node-js-app < certs.tar
- All domains for an SSL-enabled app will be redirected to https by default
- This can be overridden with a custom template
- Replaced \"magic\"
NO_VHOST variable with domains:enable/disable - Simplified zero downtime control
checks:enable/disable
"},{"location":"appendices/0.5.0-migration-guide/#dockerfile-apps-with-exposed-ports","title":"Dockerfile apps with exposed ports","text":" - Dockerfiles with
EXPOSE clauses will get all tcp ports proxied by default - Note that nginx will proxy the same port numbers to listen publicly
- UDP ports can be exposed by disabling the nginx proxy with
dokku proxy:disable node-js-app
"},{"location":"appendices/0.6.0-migration-guide/","title":"0.6.0 Migration Guide","text":""},{"location":"appendices/0.6.0-migration-guide/#zero-downtime-deployment","title":"Zero-downtime deployment","text":" - You can now actually disable zero-downtime deployments per-app and per-process-type
- Some config variables have been moved around
DOKKU_CHECKS_ENABLED has been migrated to DOKKU_CHECKS_SKIPPEDDOKKU_CHECKS_DISABLED is now a thing- The values for the above can be a comma-separated list of process-types or the literal string
_all_
- See the updated
checks docs for more info
"},{"location":"appendices/0.6.0-migration-guide/#proxy-port-mapping","title":"Proxy port mapping","text":" - You can now configure host -> container proxy port mappings
- The UI is handled by the proxy interface plugin by setting the
DOKKU_PROXY_PORT_MAP config variable in the format of scheme:host-port:container-port. The default nginx-vhosts proxy plugin supports both the http and https schemes.
- Default port mappings
- buildpack apps will be set to
http:80:5000 and will also include https:443:5000 if SSL is enabled. - dockerfile apps with explicitly exposed ports (i.e. using the
EXPOSE directive) will be configured with a listener on each exposed port that proxies to the same port of the deployed application container. - You may override this behavior with the
proxy:ports-* commands or by directly setting DOKKU_PROXY_PORT_MAP with the config:set command - dockerfile apps without explicitly exposed ports will behave the same as a buildpack app
- NOTE: These defaults are not automatically changed on subsequent pushes and must be manipulated with the aforementioned commands
"},{"location":"appendices/0.6.0-migration-guide/#calling-the-dokku-binary","title":"Calling the dokku binary","text":" - Plugins should not call the
dokku binary directly. Clients using the --app argument are potentially broken, amongst others, when doing so. Instead, please source the functions file for a given plugin when attempting to call Dokku internal functions. As a result, the following Dokku commands are no longer publicly exposed: dokku builddokku receivedokku releasedokku tar:builddokku tar:build-lockeddokku git:builddokku git:build-locked
"},{"location":"appendices/0.7.0-migration-guide/","title":"0.7.0 Migration Guide","text":""},{"location":"appendices/0.7.0-migration-guide/#persistent-storage","title":"Persistent Storage","text":"We should now properly handle file ownership for mounted directories. This was enhanced in 0.7.1. See the persistent storage documentation for more details.
"},{"location":"appendices/0.7.0-migration-guide/#restart-policies","title":"Restart Policies","text":"If you previously managed container restart policies via docker-options, these can now be managed natively via the built-in ps plugin. There is no migration necessary. See the restart policy documentation for more details.
"},{"location":"appendices/0.7.0-migration-guide/#ssh-keys","title":"SSH Keys","text":"Dokku now has an ssh-keys plugin that can be used to manage ssh keys for the dokku user on the host operating system. See the user management documentation for more details.
"},{"location":"appendices/0.8.0-migration-guide/","title":"0.8.0 Migration Guide","text":""},{"location":"appendices/0.8.0-migration-guide/#domain-management","title":"Domain Management","text":"You can now set global and app domains via domains:set and domains:set-global. See the domains documentation for more details.
"},{"location":"appendices/0.8.0-migration-guide/#plugin-uninstallation","title":"Plugin Uninstallation","text":"A new uninstall plugin trigger was introduced. This functionality may be in use for newer plugins, so be aware that older Dokku versions may require manual cleanup.
See the uninstall trigger documentation for implementation instructions.
"},{"location":"appendices/0.8.0-migration-guide/#deployment-tasks","title":"Deployment Tasks","text":"Should a pre or post deployment task fail, we now fail the entire deploy.
"},{"location":"appendices/0.8.0-migration-guide/#nginx-http2-support","title":"Nginx HTTP2 Support","text":"Due to bugs in Nginx, the minimum version for HTTP2 is now 1.11.5.
"},{"location":"appendices/0.9.0-migration-guide/","title":"0.9.0 Migration Guide","text":""},{"location":"appendices/0.9.0-migration-guide/#golang-migration","title":"Golang Migration","text":"There is an ongoing migration to rewrite Dokku in Golang. The reasons are beyond the scope of this document, but this may impact any patches you have for Dokku. As of 0.9.0, only the repo plugin is in Golang.
The following shall remain true, regardless of the state of our rewrite:
- You will be able to write custom plugins in any language.
- You will be able to enable or disable core plugins.
plugn will continue to be used for executing plugin triggers.- We will provide bash wrappers that can be sourced to execute core functionality that is implemented in golang.
"},{"location":"community/clients/","title":"Clients","text":"Given the constraints, running Dokku commands remotely via SSH is fine. For certain configurations, the extra complication of manually invoking ssh can be a burden.
The easiest way to interact with Dokku remotely is by using the official client. Documented below are the various clients that you may wish to use.
"},{"location":"community/clients/#official-client","title":"Official Client","text":"See the remote commands documentation for more information on how to install and use the official client.
"},{"location":"community/clients/#nodejs-dokku-toolbelt","title":"(nodejs) dokku-toolbelt","text":"Dokku-toolbelt is a node-based cli wrapper that proxies requests to the Dokku command running on remote hosts. You can install it via the following shell command (assuming you have nodejs and npm installed):
npm install -g dokku-toolbelt\n
See documentation here for more information.
"},{"location":"community/clients/#ruby-dokku-cli","title":"(ruby) Dokku CLI","text":"Dokku CLI is a rubygem that acts as a client for your Dokku installation. You can install it via the following shell command (assuming you have ruby and rubygems installed):
gem install dokku-cli\n
See documentation here for more information.
"},{"location":"community/clients/#ruby-dokkuclient","title":"(ruby) DokkuClient","text":"DokkuClient is another rubygem that acts as a client for your Dokku installation with built-in support for certain external plugins. You can install it via the following shell command (assuming you have ruby and rubygems installed):
gem install dokku_client\n
See documentation here for more information.
"},{"location":"community/clients/#ruby-dokkufy","title":"(ruby) Dokkufy","text":"Dokkufy is a rubygem that handles automation of certain tasks, such as Dokku setup, plugin installation, etc. You can install it via the following shell command (assuming you have ruby and rubygems installed):
gem install dokkufy\n
See documentation here for more information.
"},{"location":"community/clients/#ruby-dockland","title":"(ruby) Dockland","text":"Dockland is a rubygem that acts as a client for your Dokku installation. You can install it via the following shell command (assuming you have ruby and rubygems installed):
gem install dockland\n
See documentation here for more information.
"},{"location":"community/plugins/","title":"Plugins","text":"Dokku itself is built out of plugins and uses plugn for its plugin system. In essence a plugin is a collection of scripts that will be run based on naming convention.
Let's take a quick look at the current Dokku nginx plugin that's shipped with Dokku by default.
nginx-vhosts/\n\u251c\u2500\u2500 plugin.toml # plugin metadata\n\u251c\u2500\u2500 commands # contains additional commands\n\u251c\u2500\u2500 install # runs on Dokku installation\n\u2514\u2500\u2500 post-deploy # runs after an app is deployed\n
"},{"location":"community/plugins/#installing-a-plugin","title":"Installing a plugin","text":"See the plugin management documentation.
"},{"location":"community/plugins/#creating-your-own-plugin","title":"Creating your own plugin","text":"See the full documentation.
"},{"location":"community/plugins/#official-plugins","title":"Official Plugins","text":"The following plugins are available and provided by Dokku maintainers. Please file issues against their respective issue trackers.
Plugin Author Compatibility Clickhouse dokku 0.4.0+ Copy Files to Image dokku 0.4.0+ CouchDB dokku 0.4.0+ Cron Restart dokku 0.30.0+ Elasticsearch dokku 0.4.0+ Grafana/Graphite/Statsd dokku 0.4.0+ HTTP Auth dokku 0.4.0+ Let's Encrypt dokku 0.4.0+ Maintenance mode dokku 0.4.0+ MariaDB dokku 0.4.0+ Meilisearch dokku 0.4.0+ Memcached dokku 0.4.0+ Mongo dokku 0.4.0+ MySQL dokku 0.4.0+ Nats dokku 0.4.0+ Omnisci dokku 0.4.0+ Postgres dokku 0.4.0+ Pushpin dokku 0.4.0+ RabbitMQ dokku 0.4.0+ Redirect dokku 0.4.0+ Redis dokku 0.4.0+ Registry dokku 0.12.0+ RethinkDB dokku 0.4.0+ Scheduler Kubernetes dokku 0.4.0+ Scheduler Nomad dokku 0.4.0+ Solr dokku 0.4.0+ SSH Hostkeys dokku 0.4.0+ Typesense dokku 0.4.0+"},{"location":"community/plugins/#community-plugins","title":"Community plugins","text":"Warning
The following plugins have been supplied by our community and may not have been tested by Dokku maintainers.
"},{"location":"community/plugins/#datastores","title":"Datastores","text":""},{"location":"community/plugins/#relational","title":"Relational","text":"Plugin Author Compatibility MariaDB kloadut 0.3.x MariaDB (single container) ohardy 0.3.x MariaDB (single container) krisrang 0.3.26+ PostgreSQL jlachowski 0.3.x PostgreSQL (single container) ohardy 0.3.x PostgreSQL (single container) flink 0.3.26+ Edgedb ignisda 0.27.0+"},{"location":"community/plugins/#newsql","title":"NewSQL","text":"Plugin Author Compatibility Surrealdb ignisda 0.27.0+"},{"location":"community/plugins/#caching","title":"Caching","text":"Plugin Author Compatibility Nginx Cache aluxian 0.5.0+ Redis (single container) ohardy 0.3.x Varnish zenedith Varnish cache between nginx and application with base configuration"},{"location":"community/plugins/#queuing","title":"Queuing","text":"Plugin Author Compatibility RabbitMQ jlachowski 0.3.x RabbitMQ (single container) jlachowski 0.3.x ElasticMQ (SQS compatible) cu12 0.5.0+ VerneMQ (MQTT Broker) mrname 0.4.0+"},{"location":"community/plugins/#other","title":"Other","text":"Plugin Author Compatibility etcd basgys 0.4.x FakeSNS cu12 0.5.0+ InfluxDB basgys 0.4.x RethinkDB stuartpb 0.3.x Headless Chrome lazyatom 0.8.1+"},{"location":"community/plugins/#plugins-implementing-new-dokku-functionality","title":"Plugins Implementing New Dokku Functionality","text":"Plugin Author Compatibility App name as env cjblomqvist 0.3.x APT dokku-community 0.18.x+ Auto Sync1 fomojola 0.8.1+ Deploy Webhook2 fomojola 0.8.1+ Docker auto persist volumes flink 0.4.0+ Docker Direct josegonzalez 0.4.0+ Dokku Clone crisward 0.4.0+ Dokku Copy App Config Files josegonzalez 0.4.0+ Dokku Require3 crisward 0.4.0+ Global Certificates josegonzalez 0.5.0+ Graduate (Environment Management) benjamin-dobell 0.4.0+ Host post-build command hook baikunz 0.4.0+ Host pre-build command hook fteychene 0.4.0+ Hostname michaelshobbs 0.4.0+ Hostname michaelshobbs 0.4.0+ HTTP Auth Secure Apps matto1990 0.4.0+ Image Size Limit Tashows Litestream4 AxelTheGerman 0.27.0+ Monit (Health Checks) mbreit 0.8.0+ Monit cjblomqvist 0.3.x Multicast DNS (mDNS) calyhre 0.33.0+ Nuke Containers josegonzalez 0.4.0+ Proctype Filter michaelshobbs 0.4.0+ robots.txt candlewaster 0.4.x Tor michaelshobbs 0.4.0+ UFW josegonzalez 0.3.x User Access mainto 0.4.0+ User ACL maciej \u0142ebkowski 0.4.0+ 1 Adds the ability to sync an application repo with a remote GitHub repo (useful for automated rebuilds without needing a git push from an external system
2 Adds the ability to invoke a post-deploy webhook with the IP, port and app name, all with a single config:set).
3 Extends app.json support to include creating volumes and creating / linking databases on push
4 Adds SQLite replication to external object storage via Litestream
"},{"location":"community/plugins/#other-plugins","title":"Other Plugins","text":"Plugin Author Compatibility Chef cookbook nickcharlton Discourse badsyntax 0.21.4+ Tailscale andrew-womeldorf 0.34.4+ Wordpress dokku-community 0.4.0+"},{"location":"community/plugins/#deprecated-plugins","title":"Deprecated Plugins","text":"The following plugins have been removed as their functionality is now in Dokku Core.
Plugin Author In Dokku Since Airbrake deploy flink v0.5.0 (deployment tasks) App User michaelshobbs v0.7.1 (herokuish 0.3.18) Bower/Grunt thrashr888 v0.5.0 (deployment tasks and .buildpacks) Bower/Gulp gdi2290 v0.5.0 (deployment tasks and .buildpacks) Bower install alexanderbeletsky v0.5.0 (deployment tasks and .buildpacks) Bower/Gulp jagandecapri v0.5.0 (deployment tasks and .buildpacks) Builders: bower, compass, gulp, grunt ignlg v0.5.0 (deployment tasks and .buildpacks) Custom Domains neam v0.3.10 (domains plugin) Debug josegonzalez v0.3.9 (trace command) Dockerfile custom path mimischi v0.25.0 (monorepo support) Docker Options dyson v0.3.17 (docker-options plugin) Dokku Name alex-sherwin v0.4.2 (named containers plugin) Events Logger alessio v0.3.21 (events plugin) Fonts ollej v0.5.0 (deployment tasks) git rev-parse HEAD in env cjblomqvist v0.12.0 (enhanced core git plugin) Host Port binding stuartpb v0.3.17 (docker-options plugin) Link Containers rlaneve v0.3.17 (docker-options plugin) List Containers josegonzalez v0.3.14 (ps plugin) Logspout michaelshobbs v0.22.6 (vector log shipping) Long Timeout investtools v0.21.0 (proxy-read-timeout nginx setting) Monorepo iamale v0.25.0 (monorepo builder support) Multi-Buildpack pauldub v0.4.0 (herokuish) Multiple Domains1 wmluke v0.3.10 (domains plugin) Multi Dockerfile artofrawr v0.25.0 (monorepo support) Named-containers flink v0.4.2 (named-containers plugin) Nginx Trust Proxy kingsquare v0.23.0 (nginx x-forwarded-* properties) Node ademuk v0.5.0 (deployment tasks and .buildpacks) Node pnegahdar v0.5.0 (deployment tasks and .buildpacks) Nginx-Alt mikexstudios v0.3.10 (domains plugin) Persistent Storage dyson v0.3.17 (docker-options plugin) Pre-Deploy Tasks michaelshobbs v0.5.0 (deployment tasks) PrimeCache darkpixel v0.3.0 (zero downtime deploys) Rollbar iloveitaly v0.5.0 (deployment tasks) Syslog michaelshobbs v0.22.6 (vector log shipping) Haproxy tcp load balancer 256dpi v0.28.0 (haproxt plugin) Process Manager: Circus apmorton v0.3.14/0.7.0 (ps/restart policy plugin) Process Manager: Forego flink v0.3.14/0.7.0 (ps plugin) Process Manager: Forego iskandar v0.3.14/0.7.0 (ps plugin) Process Manager: Logging Supervisord sehrope v0.3.14/0.7.0 (ps plugin) Process Manager: Shoreman statianzo v0.3.14/0.7.0 (ps plugin) Process Manager: Supervisord statianzo v0.3.14/0.7.0 (ps plugin) Rebuild application scottatron v0.3.14 (ps plugin) Reset mtime mixxorz Docker 1.8+ SSH Deployment Keys dokku v0.33.0 (git plugin) Supply env vars to buildpacks2 cameron-martin v0.3.9 (build-env plugin) Slack Notifications ribot v0.5.0 (deployment tasks) Telegram Notifications m0rth1um v0.5.0 (deployment tasks) user-env-compile2 motin v0.3.9 (build-env plugin) user-env-compile2 musicglue v0.3.9 (build-env plugin) Volume (persistent storage) ohardy v0.5.0 (storage plugin) Webhooks nickstenning v0.5.0 (deployment tasks) Wkhtmltopdf mbriskar v0.5.0 (deployment tasks) 1 Conflicts with VHOSTS Custom Configuration 2 Similar to the heroku-labs feature
"},{"location":"community/plugins/#unmaintained-plugins","title":"Unmaintained Plugins","text":"The following plugins are no longer maintained by their developers.
Plugin Author Compatibility app-url mikecsh Works with 0.2.0 Chef cookbooks fgrehm CouchDB (multi containers) flink 0.4.0+ CouchDB raceHub Compatible with 0.2.0 Dokku Copy App Config Files alexkruegger Compatible with 0.3.17+ Dokku Registry agco-adm 0.4.0+ Elasticsearch robv Not compatible with >= 0.3.0 (still uses /home/git) Elasticsearch1 blag Compatible with 0.2.0 Graphite/statsd jlachowski < 0.4.0 HipChat Notifications cef Memcached flink 0.4.0+ MongoDB (single container) jeffutter MySQL hughfletcher Neo4j aomitayo PostGIS fermuch PostgreSQL (single container) jeffutter This plugin creates a single postgresql container that all your apps can use. Thus only one instance of postgresql running (good for servers without a ton of memory). Redis luxifer Redis sekjun9878 0.3.26+ RiakCS (single container) jeffutter Incompatible with 0.2.0 1 Forked from jezdez/dokku-elasticsearch-plugin: uses Elasticsearch 1.2 (instead of 0.90), doesn't depend on dokku-link, runs as elasticsearch user instead of root, and turns off multicast autodiscovery for use in a VPS environment.
"},{"location":"configuration/domains/","title":"Domain Configuration","text":"New
Introduced in 0.3.10
domains:add <app> <domain> [<domain> ...] # Add domains to app\ndomains:add-global <domain> [<domain> ...] # Add global domain names\ndomains:clear <app> # Clear all domains for app\ndomains:clear-global # Clear global domain names\ndomains:disable <app> # Disable VHOST support\ndomains:enable <app> # Enable VHOST support\ndomains:remove <app> <domain> [<domain> ...] # Remove domains from app\ndomains:remove-global <domain> [<domain> ...] # Remove global domain names\ndomains:report [<app>|--global] [<flag>] # Displays a domains report for one or more apps\ndomains:set <app> <domain> [<domain> ...] # Set domains for app\ndomains:set-global <domain> [<domain> ...] # Set global domain names\n
Info
Adding a domain before deploying an application will result in port mappings being set. This may cause issues for applications that use non-standard ports, as those will not be automatically detected. Please refer to the proxy documentation for information as to how to reconfigure the mappings.
"},{"location":"configuration/domains/#customizing-hostnames","title":"Customizing hostnames","text":"Applications typically have the following structure for their hostname:
scheme://subdomain.domain.tld\n
The subdomain is inferred from the pushed application name, while the domain.tld is set during initial dokku configuration. It can then be modified with dokku domains:add-global and dokku domains:remove-global. This value is used as a default TLD for all applications on a host.
If an FQDN such as dokku.org is used as the application name, the global virtualhost will be ignored and the resulting vhost URL for that application will be dokku.org.
You can optionally override this in a plugin by implementing the nginx-hostname plugin trigger. If the nginx-hostname plugin has no output, the normal hostname algorithm will be executed. See the plugin trigger documentation for more information.
"},{"location":"configuration/domains/#disabling-vhosts","title":"Disabling VHOSTS","text":"If desired, it is possible to disable vhosts with the domains plugin.
dokku domains:disable node-js-app\n
On subsequent deploys, the nginx virtualhost will be discarded. This is useful when deploying internal-facing services that should not be publicly routeable. As of 0.4.0, nginx will still be configured to proxy your app on some random high port. This allows internal services to maintain the same port between deployments. You may change this port by setting DOKKU_PROXY_PORT and/or DOKKU_PROXY_SSL_PORT (for services configured to use SSL.)
The domains plugin allows you to specify custom domains for applications. This plugin is aware of any ssl certificates that are imported via certs:add. Be aware that disabling domains (with domains:disable) will override any custom domains.
# where `node-js-app` is the name of your app\n\n# add a domain to an app\ndokku domains:add node-js-app dokku.me\n\n# list custom domains for app\ndokku domains:report node-js-app\n\n# clear all custom domains for app\ndokku domains:clear node-js-app\n\n# remove a custom domain from app\ndokku domains:remove node-js-app dokku.me\n\n# set all custom domains for app\ndokku domains:set node-js-app dokku.me dokku.org\n
"},{"location":"configuration/domains/#displaying-domains-reports-for-an-app","title":"Displaying domains reports for an app","text":"New
Introduced in 0.8.1
You can get a report about the app's domains status using the domains:report command:
ShellOutput dokku domains:report\n
=====> node-js-app domains information\n Domains app enabled: true\n Domains app vhosts: node-js-app.dokku.org\n Domains global enabled: true\n Domains global vhosts: dokku.org\n=====> python-app domains information\n Domains app enabled: true\n Domains app vhosts: python-app.dokku.org\n Domains global enabled: true\n Domains global vhosts: dokku.org\n=====> ruby-app domains information\n Domains app enabled: true\n Domains app vhosts: ruby-app.dokku.org\n Domains global enabled: true\n Domains global vhosts: dokku.org\n
You can run the command for a specific app also.
ShellOutput dokku domains:report node-js-app\n
=====> node-js-app domains information\n Domains app enabled: true\n Domains app vhosts: node-js-app.dokku.org\n Domains global enabled: true\n Domains global vhosts: dokku.org\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku domains:report node-js-app --domains-app-enabled\n
"},{"location":"configuration/domains/#default-site","title":"Default site","text":"This is specific to your proxy plugin of choice. See the nginx documentation for more information on how to configure this for the default nginx proxy implementation.
"},{"location":"configuration/environment-variables/","title":"Environment Variables","text":"Typically an application will require some configuration to run properly. Dokku supports application configuration via environment variables. Environment variables may contain private data, such as passwords or API keys, so it is not recommended to store them in your application's repository.
The config plugin provides the following commands to manage your variables:
config:show (<app>|--global) Pretty-print an app or global environment\nconfig:bundle (<app>|--global) [--merged] Bundle environment into tarfile\nconfig:clear (<app>|--global) Clears environment variables\nconfig:export (<app>|--global) [--envfile] Export a global or app environment\nconfig:get (<app>|--global) KEY Display a global or app-specific config value\nconfig:keys (<app>|--global) [--merged] Show keys set in environment\nconfig:set [--encoded] [--no-restart] (<app>|--global) KEY1=VALUE1 [KEY2=VALUE2 ...] Set one or more config vars\nconfig:unset [--no-restart] (<app>|--global) KEY1 [KEY2 ...] Unset one or more config vars\n
Info
For security reasons - and as per docker recommendations - Dockerfile-based deploys have variables available only during runtime, as noted in this issue. Consider using build arguments to expose variables during build-time for Dockerfile apps.
Environment variables are available both at run time and during the application build/compilation step for buildpack-based deploys.
For buildpack deploys, Dokku will create a /app/.env file that can be used for legacy buildpacks. Note that this is not updated when config:set or config:unset is called, and is only written during a deploy or ps:rebuild. Developers are encouraged to instead read from the application environment directly, as the proper values will be available then.
Note
Global ENV files are sourced before app-specific ENV files. This means that app-specific variables will take precedence over global variables. Configuring your global ENV file is manual, and should be considered potentially dangerous as configuration applies to all applications.
You can set multiple environment variables at once:
dokku config:set node-js-app ENV=prod COMPILE_ASSETS=1\n
Whitespace and special characters get tricky. If you are using dokku locally you don't need to do any special escaping. If you are using dokku over ssh you will need to backslash-escape spaces:
dokku config:set node-js-app KEY=\"VAL\\ WITH\\ SPACES\"\n
Dokku can also read base64 encoded values. That's the easiest way to set a value with newlines or spaces. To set a value with newlines you need to base64 encode it first and pass the --encoded flag:
dokku config:set --encoded node-js-app KEY=\"$(base64 ~/.ssh/id_rsa)\"\n
When setting or unsetting environment variables, you may wish to avoid an application restart. This is useful when developing plugins or when setting multiple environment variables in a scripted manner. To do so, use the --no-restart flag:
dokku config:set --no-restart node-js-app ENV=prod\n
If you wish to have the variables output in an eval-compatible form, you can use the config:export command
dokku config:export node-js-app\n# outputs variables in the form:\n#\n# export ENV='prod'\n# export COMPILE_ASSETS='1'\n\n# source in all the node-js-app app environment variables\neval $(dokku config:export node-js-app)\n
You can control the format of the exported variables with the --format flag. --format=shell will output the variables in a single-line for usage in command-line utilities:
dokku config:export --format shell node-js-app\n\n# outputs variables in the form:\n#\n# ENV='prod' COMPILE_ASSETS='1'\n
"},{"location":"configuration/environment-variables/#special-config-variables","title":"Special Config Variables","text":"The following config variables have special meanings and can be set in a variety of ways. Unless specified via global app config, the values may not be passed into applications. Usage of these values within applications should be considered unsafe, as they are an internal configuration values that may be moved to the internal properties system in the future.
Warning
This list is not exhaustive, and may vary from version to version.
Name Default How to modify Description DOKKU_ROOT ~dokku /etc/environment The root directory where dokku will store application repositories, as well as certain configuration files. DOKKU_IMAGE gliderlabs/herokuish /etc/environment ~dokku/.dokkurc ~dokku/.dokkurc/* The default image to use when building herokuish containers. Deprecated in favor of using buildpacks:set-property DOKKU_LIB_ROOT /var/lib/dokku /etc/environment ~dokku/.dokkurc ~dokku/.dokkurc/* The directory where plugins, certain data, and general configuration is stored. PLUGIN_PATH $DOKKU_LIB_ROOT/plugins\" /etc/environment ~dokku/.dokkurc ~dokku/.dokkurc/* The top-level directory where plugins are stored. PLUGIN_AVAILABLE_PATH $PLUGIN_PATH/available\" /etc/environment ~dokku/.dokkurc ~dokku/.dokkurc/* The directory that holds all available plugins, including core. PLUGIN_ENABLED_PATH $PLUGIN_PATH/enabled\" /etc/environment ~dokku/.dokkurc ~dokku/.dokkurc/* The directory that holds all enabled plugins, including core. PLUGIN_CORE_PATH $DOKKU_LIB_ROOT/core-plugins\" /etc/environment ~dokku/.dokkurc ~dokku/.dokkurc/* The directory that stores all core plugins. PLUGIN_CORE_AVAILABLE_PATH $PLUGIN_CORE_PATH/available\" /etc/environment ~dokku/.dokkurc ~dokku/.dokkurc/* The directory that stores all available core plugins. PLUGIN_CORE_ENABLED_PATH $PLUGIN_CORE_PATH/enabled\" /etc/environment ~dokku/.dokkurc ~dokku/.dokkurc/* The directory that stores all enabled core plugins. DOKKU_LOGS_DIR /var/log/dokku /etc/environment ~dokku/.dokkurc ~dokku/.dokkurc/* Where dokku logs should be written to. DOKKU_LOGS_HOST_DIR $DOKKU_LOGS_DIR /etc/environment ~dokku/.dokkurc ~dokku/.dokkurc/* A path on the host that will be mounted into the vector logging container. DOKKU_EVENTS_LOGFILE $DOKKU_LOGS_DIR/events.log /etc/environment ~dokku/.dokkurc ~dokku/.dokkurc/* Where the events log file is written to. DOKKU_APP_NAME none --app APP flag Name of application to work on. Respected by core plugins. DOKKU_APPS_FORCE_DELETE none --force flag Whether to force delete an application. Also used by other plugins for destructive actions. DOKKU_CHECKS_URL https://dokku.com/docs/deployment/zero-downtime-deploys/ /etc/environment ~dokku/.dokkurc ~dokku/.dokkurc/* Url displayed during deployment when no CHECKS file exists. DOKKU_QUIET_OUTPUT none --quiet flag Silences certain header output for dokku commands. DOKKU_RM_CONTAINER none dokku config:set Deprecated: Whether to keep dokku run containers around or not. DOKKU_TRACE none dokku trace:on dokku trace:off --trace flag Turn on very verbose debugging. DOKKU_APP_PROXY_TYPE nginx dokku proxy:set DOKKU_APP_RESTORE 1 dokku config:set dokku ps:stop DOKKU_APP_SHELL /bin/bash dokku config:set Allows users to change the default shell used by Dokku for dokku enter and execution of deployment tasks. DOKKU_APP_TYPE herokuish Auto-detected by using buildpacks or dockerfile DOKKU_CHECKS_DISABLED none dokku checks:disable DOKKU_CHECKS_ENABLED none dokku checks:enable DOKKU_CHECKS_SKIPPED none dokku checks:skip DOKKU_CHECKS_WAIT 5 dokku config:set Wait this many seconds for the container to start before running checks. DOKKU_CHECKS_TIMEOUT 30 dokku config:set Wait this many seconds for each response before marking it as a failure. DOKKU_CHECKS_ATTEMPTS 5 dokku config:set Number of retries for to run for a specific check before marking it as a failure DOKKU_DEFAULT_CHECKS_WAIT 10 dokku config:set If no user-defined checks are specified - or if the process being checked is not a web process - this is the period of time Dokku will wait before checking that a container is still running. DOKKU_DISABLE_PROXY none dokku proxy:disable dokku proxy:enable Disables the proxy in front of your application, resulting in publicly routing the docker container. DOKKU_DISABLE_ANSI_PREFIX_REMOVAL none dokku config:set /etc/environment ~dokku/.dokkurc ~dokku/.dokkurc/* Disables removal of the ANSI prefix during deploys. Can be used in cases where the client deployer does not understand ansi escape codes. DOKKU_DISABLE_APP_AUTOCREATION none dokku config:set Disables automatic creation of a non-existent app on deploy. DOKKU_DOCKER_STOP_TIMEOUT 10 dokku config:set Configurable grace period given to the docker stop command. If a container has not stopped by this time, a kill -9 signal or equivalent is sent in order to force-terminate the container. Both the ps:stop and apps:destroy commands also respect this value. If not specified, the docker defaults for the docker stop command will be used. DOKKU_DOCKERFILE_CACHE_BUILD none dokku config:set DOKKU_DOCKERFILE_START_CMD none dokku config:set DOKKU_PARALLEL_ARGUMENTS. none dokku config:set Allows passing custom arguments to parallel for ps:*all commands DOKKU_PROXY_PORT automatically assigned /etc/environment ~dokku/.dokkurc ~dokku/.dokkurc/* dokku config:set DOKKU_PROXY_SSL_PORT automatically assigned /etc/environment ~dokku/.dokkurc ~dokku/.dokkurc/* dokku config:set DOKKU_SKIP_ALL_CHECKS none dokku config:set DOKKU_SKIP_CLEANUP /etc/environment ~dokku/.dokkurc ~dokku/.dokkurc/* When a deploy is triggered, if this is set to a non-empty value, then old docker containers and images will not be removed. DOKKU_SKIP_DEFAULT_CHECKS dokku config:set DOKKU_SKIP_DEPLOY dokku config:set DOKKU_START_CMD none dokku config:set Command to run instead of /start $PROC_TYPE DOKKU_SYSTEM_GROUP dokku /etc/environment ~dokku/.dokkurc ~dokku/.dokkurc/* System group to chown files as. DOKKU_SYSTEM_USER dokku /etc/environment ~dokku/.dokkurc ~dokku/.dokkurc/* System user to chown files as."},{"location":"configuration/ssl/","title":"SSL Configuration","text":"New
Introduced in 0.4.0
Dokku supports SSL/TLS certificate inspection and CSR/Self-signed certificate generation via the certs plugin. Note that whenever SSL/TLS support is enabled SPDY is also enabled.
certs:add <app> CRT KEY # Add an ssl endpoint to an app. Can also import from a tarball on stdin.\ncerts:generate <app> DOMAIN # Generate a key and certificate signing request (and self-signed certificate)\ncerts:remove <app> # Remove an SSL Endpoint from an app.\ncerts:report [<app>] [<flag>] # Displays an ssl report for one or more apps\ncerts:show <app> <crt|key> # Show the server.crt or server.key on stdout\ncerts:update <app> CRT KEY # Update an SSL Endpoint on an app. Can also import from a tarball on stdin\n
# for 0.3.x\ndokku nginx:import-ssl <app> < certs.tar\n
Info
Adding an ssl certificate before deploying an application will result in port mappings being updated. This may cause issues for applications that use non-standard ports, as those may not be automatically detected. Please refer to the proxy documentation for information as to how to reconfigure the mappings.
"},{"location":"configuration/ssl/#per-application-certificate-management","title":"Per-application certificate management","text":"Dokku provides built-in support for managing SSL certificates on a per-application basis. SSL is managed via nginx outside of application containers, and as such can be updated on-the-fly without rebuilding containers. At this time, applications only support a single SSL certificate at a time. To support multiple domains for a single application, wildcard certificate usage is encouraged.
"},{"location":"configuration/ssl/#certificate-setting","title":"Certificate setting","text":"The certs:add command can be used to push a tar containing a certificate .crt and .key file to a single application. The command should correctly handle cases where the .crt and .key are not named properly or are nested in a subdirectory of said tar file. You can import it as follows:
tar cvf cert-key.tar server.crt server.key\ndokku certs:add node-js-app < cert-key.tar\n
Note
If your .crt file came alongside a .ca-bundle, you'll want to concatenate those into a single .crt file before adding it to the .tar.
cat yourdomain_com.crt yourdomain_com.ca-bundle > server.crt\n
"},{"location":"configuration/ssl/#ssl-and-multiple-domains","title":"SSL and Multiple Domains","text":"When an SSL certificate is associated to an application, the certificate will be associated with all domains currently associated with said application. Your certificate should be associated with all of those domains, otherwise accessing the application will result in SSL errors. If you wish to remove one of the domains from the application, refer to the domain configuration documentation.
Note that with the default nginx template, requests will be redirected to the https version of the domain. If this is not the desired state of request resolution, you may customize the nginx template in use. For more details, see the nginx documentation.
"},{"location":"configuration/ssl/#certificate-generation","title":"Certificate generation","text":"Note
Using this method will create a self-signed certificate, which is only recommended for development or staging use, not production environments.
The certs:generate command will walk you through the correct openssl commands to create a key, csr and a self-signed cert for a given app/domain. We automatically put the self-signed cert in place as well as add the specified domain to the application configuration.
If you decide to obtain a CA signed certificate, you can import that certificate using the aforementioned dokku certs:add command.
"},{"location":"configuration/ssl/#certificate-removal","title":"Certificate removal","text":"The certs:remove command only works on app-specific certificates. It will rm the app-specific tls directory, rebuild the nginx configuration, and reload nginx.
"},{"location":"configuration/ssl/#showing-the-certificate","title":"Showing the certificate","text":"The certs:show command can be used to show your configured certs for an app. The show command can be used for example to export Let's Encrypt certificates after they've been generated. You can export it as follows:
dokku certs:show node-js-app crt > server.crt\ndokku certs:show node-js-app key > server.key\n
"},{"location":"configuration/ssl/#displaying-certificate-reports-for-an-app","title":"Displaying certificate reports for an app","text":"New
Introduced in 0.8.1
You can get a report about the apps ssl status using the certs:report command:
ShellOutput dokku certs:report\n
=====> node-js-app\n Ssl dir: /home/dokku/node-js-app/tls\n Ssl enabled: true\n Ssl hostnames: *.node-js-app.org node-js-app.org\n Ssl expires at: Oct 5 23:59:59 2019 GMT\n Ssl issuer: C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Domain Validation Secure Server CA\n Ssl starts at: Oct 5 00:00:00 2016 GMT\n Ssl subject: OU=Domain Control Validated; OU=PositiveSSL Wildcard; CN=*.node-js-app.org\n Ssl verified: self signed.\n=====> python-app\n Ssl dir: /home/dokku/python-app/tls\n Ssl enabled: false\n Ssl hostnames:\n Ssl expires at:\n Ssl issuer:\n Ssl starts at:\n Ssl subject:\n Ssl verified:\n
You can run the command for a specific app also.
ShellOutput dokku certs:report node-js-app\n
=====> node-js-app ssl information\n Ssl dir: /home/dokku/node-js-app/tls\n Ssl enabled: true\n Ssl hostnames: *.dokku.org dokku.org\n Ssl expires at: Oct 5 23:59:59 2019 GMT\n Ssl issuer: C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Domain Validation Secure Server CA\n Ssl starts at: Oct 5 00:00:00 2016 GMT\n Ssl subject: OU=Domain Control Validated; OU=PositiveSSL Wildcard; CN=*.dokku.org\n Ssl verified: self signed.\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku certs:report node-js-app --ssl-enabled\n
"},{"location":"configuration/ssl/#hsts-header","title":"HSTS Header","text":"The HSTS header is an HTTP header that can inform browsers that all requests to a given site should be made via HTTPS. Dokku enables this header by default for HTTPS requests.
See the NGINX HSTS documentation for more information on how the HSTS configuration can be managed for your application.
"},{"location":"configuration/ssl/#http2-support","title":"HTTP/2 support","text":"Certain versions of nginx have bugs that prevent HTTP/2 from properly responding to all clients, thus causing applications to be unavailable. For HTTP/2 to be enabled in your applications' nginx configs, you need to have installed nginx 1.11.5 or higher. See issue 2435 for more details.
"},{"location":"configuration/ssl/#ssl-port-exposure","title":"SSL Port Exposure","text":"When your app is served from port 80 then the /home/dokku/APP/nginx.conf file will automatically be updated to instruct nginx to respond to ssl on port 443 as a new cert is added. If your app uses a non-standard port (perhaps you have a dockerfile deploy exposing port 99999) you may need to manually expose an ssl port via dokku ports:add <APP> https:443:99999.
"},{"location":"configuration/ssl/#other","title":"Other","text":""},{"location":"configuration/ssl/#running-behind-a-proxy-x-forwarded-ssl-etc","title":"Running behind a proxy (X-Forwarded-Ssl, etc.)","text":"See the running behind another proxy documentation for more information on how to configure your Nginx config when your server is running behind a proxy (e.g. load balancer, etc.).
"},{"location":"deployment/application-deployment/","title":"Deploying an Application","text":"Note
This walkthrough uses the hostname dokku.me in commands. When deploying to your own server, you should substitute the domain dokku.me for the domain name or IP address associated with your server. Users of the Vagrant VM included with Dokku can use dokku.me which points to the IP of the VM.
"},{"location":"deployment/application-deployment/#deploy-tutorial","title":"Deploy tutorial","text":"Once you have configured Dokku with at least one user, you can deploy applications using git push. To quickly see Dokku deployment in action, try using the Heroku Ruby on Rails \"Getting Started\" app.
# from your local machine\ngit clone https://github.com/heroku/ruby-getting-started\n
"},{"location":"deployment/application-deployment/#create-the-app","title":"Create the app","text":"SSH into the Dokku host and create the application as follows:
# on the Dokku host\ndokku apps:create ruby-getting-started\n
"},{"location":"deployment/application-deployment/#create-the-backing-services","title":"Create the backing services","text":"Dokku by default does not provide datastores (e.g. MySQL, PostgreSQL) on a newly created app. You can add datastore support by installing plugins, and the Dokku project provides official plugins for common datastores.
The Getting Started app requires a PostgreSQL service, so install the plugin and create the related service as follows:
# on the Dokku host\n# install the postgres plugin\n# plugin installation requires root, hence the user change\nsudo dokku plugin:install https://github.com/dokku/dokku-postgres.git\n\n# create a postgres service with the name railsdatabase\ndokku postgres:create railsdatabase\n
Each service may take a few moments to create.
"},{"location":"deployment/application-deployment/#linking-backing-services-to-applications","title":"Linking backing services to applications","text":"Once the services have been created, you then set the DATABASE_URL environment variable by linking the service, as follows:
# on the Dokku host\n# each official datastore offers a `link` method to link a service to any application\ndokku postgres:link railsdatabase ruby-getting-started\n
Dokku supports linking a single service to multiple applications as well as linking only one service per application.
"},{"location":"deployment/application-deployment/#deploy-the-app","title":"Deploy the app","text":"Warning
Your app should respect the PORT environment variable, otherwise it may not respond to web requests. You can find more information in the port management documentation.**
Now you can deploy the ruby-getting-started app to your Dokku server. All you have to do is add a remote to name the app. Applications are created on-the-fly on the Dokku server.
# from your local machine\n# the remote username *must* be dokku or pushes will fail\ncd ruby-getting-started\ngit remote add dokku dokku@dokku.me:ruby-getting-started\ngit push dokku main\n
Note
Some tools may not support the short-upstream syntax referenced above, and you may need to prefix the upstream with the scheme ssh:// like so: ssh://dokku@dokku.me:ruby-getting-started Please see the Git documentation for more details.
Note
Your private key should be registered with ssh-agent in your local development environment. If you get a permission denied error when pushing, you can register your private key as follows: ssh-add -k ~/<your private key>.
After running git push dokku main, you should have output similar to this in your terminal:
Counting objects: 231, done.\nDelta compression using up to 8 threads.\nCompressing objects: 100% (162/162), done.\nWriting objects: 100% (231/231), 36.96 KiB | 0 bytes/s, done.\nTotal 231 (delta 93), reused 147 (delta 53)\n-----> Cleaning up...\n-----> Building ruby-getting-started from herokuish...\n-----> Adding BUILD_ENV to build environment...\n-----> Ruby app detected\n-----> Compiling Ruby/Rails\n-----> Using Ruby version: ruby-2.2.1\n-----> Installing dependencies using 1.9.7\n Running: bundle install --without development:test --path vendor/bundle --binstubs vendor/bundle/bin -j4 --deployment\n Fetching gem metadata from https://rubygems.org/...........\n Fetching version metadata from https://rubygems.org/...\n Fetching dependency metadata from https://rubygems.org/..\n Using rake 10.4.2\n\n...\n\n=====> Application deployed:\n http://ruby-getting-started.dokku.me\n
Once the deploy is complete, the application's web URL will be generated as above.
Dokku supports deploying applications in a few ways:
- Heroku buildpacks via Herokuish: See the herokuish buildpacks documentation to learn about the different ways to specify a buildpack.
- This is the default method used by Dokku.
- Dockerfile: See the dockerfile documentation to learn about the different ways to configure Dockerfile-based deploys.
- Docker Image: See the docker image documentation to learn about how to deploy a Docker Image.
"},{"location":"deployment/application-deployment/#setting-up-ssl","title":"Setting up SSL","text":"Info
While SSL certificates can be imported, automated SSL via Letsencrypt requires that all domains on an app correctly point at your server's public ip address. Please keep this in mind when using Letsencrypt.
For many users, responding to requests via https will be desirable. Dokku has a complete ssl plugin built in that can be used to import SSL certificates (below is a short example, please refer to the ssl documentation for more information):
dokku certs:add ruby-getting-started server.crt server.key\n
As an alternative, the Dokku project offers an optional letsencrypt plugin that can be used to automate SSL certificate retrieval and renewal.
# on the Dokku host\n# install the letsencrypt plugin\n# plugin installation requires root, hence the user change\nsudo dokku plugin:install https://github.com/dokku/dokku-letsencrypt.git\n\n# set global email for letsencrypt\ndokku letsencrypt:set --global email your-email@your.domain.com\n\n# set a custom domain that you own for your application\ndokku domains:set ruby-getting-started ruby-getting-started.your.domain.com\n\n# enable letsencrypt\ndokku letsencrypt:enable ruby-getting-started\n\n# enable auto-renewal\ndokku letsencrypt:cron-job --add\n
"},{"location":"deployment/application-deployment/#skipping-deployment","title":"Skipping deployment","text":"If you only want to rebuild and tag a container, you can skip the deployment phase by setting $DOKKU_SKIP_DEPLOY to true by running:
# on the Dokku host\ndokku config:set ruby-getting-started DOKKU_SKIP_DEPLOY=true\n
"},{"location":"deployment/application-deployment/#redeploying-or-restarting","title":"Redeploying or restarting","text":"If you need to redeploy or restart your app:
# on the Dokku host\ndokku ps:rebuild ruby-getting-started\n
See the process scaling documentation for more information on how to manage your app processes.
"},{"location":"deployment/application-deployment/#deploying-with-private-git-submodules","title":"Deploying with private Git submodules","text":"Dokku uses Git locally (i.e. not a Docker image) to build its own copy of your app repo, including submodules, as the dokku user. This means that in order to deploy private Git submodules, you need to put your deploy key in /home/dokku/.ssh/ and potentially add github.com (or your VCS host key) into /home/dokku/.ssh/known_hosts. You can use the following test to confirm your setup is correct:
# on the Dokku host\nsu - dokku\nssh-keyscan -t rsa github.com >> ~/.ssh/known_hosts\nssh -T git@github.com\n
Warning
if the buildpack or Dockerfile build process require SSH key access for other reasons, the above may not always apply.
"},{"location":"deployment/application-deployment/#deploying-to-subdomains","title":"Deploying to subdomains","text":"If you do not enter a fully qualified domain name when pushing your app, Dokku deploys the app to <remotename>.yourdomain.tld as follows:
ShellOutput # from your local machine\n# the remote username *must* be dokku or pushes will fail\n# the below example assumes your app server domain or IP is dokku.me. Push in the form of: dokku@{serveripordomain}:{dokkuappname}\ngit remote add dokku dokku@dokku.me:ruby-getting-started\ngit push dokku main\n
remote: -----> Application deployed:\nremote: http://ruby-getting-started.dokku.me\n
You can also specify the fully qualified name as follows:
ShellOutput # from your local machine\n# the remote username *must* be dokku or pushes will fail\ngit remote add dokku dokku@dokku.me:app.dokku.me\ngit push dokku main\n
remote: -----> Application deployed:\nremote: http://app.dokku.me\n
This is useful when you want to deploy to the root domain:
ShellOutput # from your local machine\n# the remote username *must* be dokku or pushes will fail\ngit remote add dokku dokku@dokku.me:dokku.me\ngit push dokku main\n
... deployment ...\n\nremote: -----> Application deployed:\nremote: http://dokku.me\n
"},{"location":"deployment/application-deployment/#dokkudocker-container-management-compatibility","title":"Dokku/Docker container management compatibility","text":"Dokku is, at its core, a Docker container manager. Thus, it does not necessarily play well with other out-of-band processes interacting with the Docker daemon.
Prior to every deployment, Dokku will execute a cleanup function. As of 0.5.x, the cleanup removes all containers with the dokku label where the status is either dead or exited (previous versions would remove all dead or exited containers). The cleanup function also removes all images with dangling status.
"},{"location":"deployment/application-deployment/#adding-deploy-users","title":"Adding deploy users","text":"See the user management documentation for more information on how to manage users with access to your Dokku server.
"},{"location":"deployment/application-deployment/#default-vhost","title":"Default vhost","text":"See the domains documentation for more information on how to manage the default site.
"},{"location":"deployment/application-deployment/#deploying-non-master-branch","title":"Deploying non-master branch","text":"See the Git documentation for more information on deploying a non-master branch to your application.
"},{"location":"deployment/application-deployment/#dockerfile-deployment","title":"Dockerfile deployment","text":"See the Dockerfile documentation for information Dokku's Dockerfile support.
"},{"location":"deployment/application-deployment/#image-tagging","title":"Image tagging","text":"See the image tagging documentation for more information on how Docker images can be tagged and deployed for a given application.
"},{"location":"deployment/application-deployment/#specifying-a-custom-buildpack","title":"Specifying a custom buildpack","text":"See the herokuish buildpack documentation for more information on how to specify a set of custom buildpacks for your application.
"},{"location":"deployment/application-deployment/#removing-a-deployed-app","title":"Removing a deployed app","text":"See the application management documentation for more information on how to remove an application from your Dokku server.
"},{"location":"deployment/application-deployment/#renaming-a-deployed-app","title":"Renaming a deployed app","text":"See the application management documentation for more information on how an application can be renamed and the impact of doing so upon the application and associated resources.
"},{"location":"deployment/application-deployment/#zero-downtime-deploy","title":"Zero downtime deploy","text":"See the zero-downtime deploy documentation for more information on how Dokku enables zero-downtime deploys.
"},{"location":"deployment/application-management/","title":"Application Management","text":"New
Introduced in 0.3.1
apps:clone <old-app> <new-app> # Clones an app\napps:create <app> # Create a new app\napps:destroy <app> # Permanently destroy an app\napps:exists <app> # Checks if an app exists\napps:list # List your apps\napps:lock <app> # Locks an app for deployment\napps:locked <app> # Checks if an app is locked for deployment\napps:rename <old-app> <new-app> # Rename an app\napps:report [<app>] [<flag>] # Display report about an app\napps:unlock <app> # Unlocks an app for deployment\n
"},{"location":"deployment/application-management/#usage","title":"Usage","text":""},{"location":"deployment/application-management/#listing-applications","title":"Listing applications","text":"New
Introduced in 0.8.1. Use the apps command for older versions.
You can easily list all available applications using the apps:list command:
ShellOutput dokku apps:list\n
=====> My Apps\nnode-js-app\npython-app\n
Note that you can easily hide extra output from Dokku commands by using the --quiet flag, which makes it easier to parse on the command line.
ShellOutput dokku --quiet apps:list\n
node-js-app\npython-app\n
"},{"location":"deployment/application-management/#checking-if-an-application-exists","title":"Checking if an application exists","text":"For CI/CD pipelines, it may be useful to see if an application exists before creating a \"review\" application for a specific branch. You can do so via the apps:exists command:
ShellOutput dokku apps:exists node-js-app\n
App does not exist\n
The apps:exists command will return non-zero if the application does not exist, and zero if it does.
"},{"location":"deployment/application-management/#manually-creating-an-application","title":"Manually creating an application","text":"A common pattern for deploying applications to Dokku is to configure an application before deploying it. You can do so via the apps:create command:
ShellOutput dokku apps:create node-js-app\n
Creating node-js-app... done\n
Once created, you can configure the application as normal, and deploy the application whenever ready. This is useful for cases where you may wish to do any of the following kinds of tasks:
- Configure domain names and SSL certificates.
- Create and link datastores.
- Set environment variables.
"},{"location":"deployment/application-management/#removing-a-deployed-app","title":"Removing a deployed app","text":"In some cases, you may need to destroy an application, whether it is because the application is temporary or because it was misconfigured. In these cases, you can use the apps:destroy command. Performing any destructive actions in Dokku requires confirmation, and this command will ask for the name of the application being deleted before doing so.
ShellOutput dokku apps:destroy node-js-app\n
! WARNING: Potentially Destructive Action\n ! This command will destroy node-js-app (including all add-ons).\n ! To proceed, type \"node-js-app\"\n\nDestroying node-js-app (including all add-ons)\n
Info
node-js-app
This will prompt you to verify the application's name before destroying it. You may also use the --force flag to circumvent this verification process:
ShellOutput dokku --force apps:destroy node-js-app\n
Destroying node-js-app (including all add-ons)\n
The --force flag can also be specified on the command vs globally:
ShellOutput dokku apps:destroy --force node-js-app\n
Destroying node-js-app (including all add-ons)\n
Destroying an application will unlink all linked services and destroy any config related to the application. Note that linked services will retain their data for later use (or removal).
"},{"location":"deployment/application-management/#renaming-a-deployed-app","title":"Renaming a deployed app","text":"New
Introduced in 0.4.7
You can rename a deployed app using the apps:rename command. Note that the application must have been deployed at least once, or the rename will not complete successfully:
ShellOutput dokku apps:rename node-js-app io-js-app\n
Destroying node-js-app (including all add-ons)\n-----> Cleaning up...\n-----> Building io-js-app from herokuish...\n-----> Adding BUILD_ENV to build environment...\n-----> Node.js app detected\n\n-----> Creating runtime environment\n\n...\n\n=====> Application deployed:\n http://io-js-app.ci.dokku.me\n\nRenaming node-js-app to io-js-app... done\n
This will copy all of your app's contents into a new app directory with the name of your choice, delete your old app, then rebuild the new version of the app and deploy it. All of your config variables, including database urls, will be preserved.
By default, Dokku will deploy the renamed app, though you can skip the deploy by using the --skip-deploy flag:
dokku apps:rename --skip-deploy node-js-app io-js-app\n
Remember to also change your git remote on your local machine in order to make git push dokku main work again. For this you can use git remote set-url.
git remote set-url dokku dokku@dokku.me:io-js-app\n
"},{"location":"deployment/application-management/#cloning-an-existing-app","title":"Cloning an existing app","text":"New
Introduced in 0.11.5
You can clone an existing app using the apps:clone command. Note that the application must have been deployed at least once, or cloning will not complete successfully:
ShellOutput dokku apps:clone node-js-app io-js-app\n
Cloning node-js-app to io-js-app... done\n
This will copy all of your app's contents into a new app directory with the name of your choice and then rebuild the new version of the app and deploy it with the following caveats:
- All of your environment variables, including database urls, will be preserved.
- Custom domains are not applied to the new app.
- SSL certificates will not be copied to the new app.
- Port mappings with the scheme
https and host-port 443 will be skipped.
Warning
If you have exposed specific ports via docker-options plugin, or performed anything that cannot be done against multiple applications, apps:clone may result in errors.
By default, Dokku will deploy this new app, though you can skip the deploy by using the --skip-deploy flag:
dokku apps:clone --skip-deploy node-js-app io-js-app\n
Finally, if the application already exists, you may wish to ignore errors resulting from attempting to clone over it. To do so, you can use the --ignore-existing flag. A warning will be emitted, but the command will return 0.
dokku apps:clone --ignore-existing node-js-app io-js-app\n
"},{"location":"deployment/application-management/#locking-app-deploys","title":"Locking app deploys","text":"New
Introduced in 0.11.6
If you wish to disable deploying for a period of time, this can be done via deploy locks. Normally, deploy locks exist only for the duration of a deploy so as to avoid deploys from colliding, but a deploy lock can be created by running the apps:lock command.
ShellOutput dokku apps:lock node-js-app\n
-----> Deploy lock created\n
"},{"location":"deployment/application-management/#unlocking-app-deploys","title":"Unlocking app deploys","text":"New
Introduced in 0.11.6
In some cases, it may be necessary to remove an existing deploy lock. This can be performed via the apps:unlock command.
Warning
Removing the deploy lock will not stop in progress deploys. At this time, in progress deploys will need to be manually terminated by someone with server access.
ShellOutput dokku apps:unlock node-js-app\n
! A deploy may be in progress.\n ! Removing the app lock will not stop in progress deploys.\n-----> Deploy lock removed.\n
"},{"location":"deployment/application-management/#checking-lock-status","title":"Checking lock status","text":"New
Introduced in 0.13.0
In some cases, you may wish to inspect the state of an app lock. To do so, you can issue an apps:lock command. This will exit non-zero if there is no app lock in place.
ShellOutput dokku apps:locked node-js-app\n
Deploy lock does not exist\n
"},{"location":"deployment/application-management/#displaying-reports-for-an-app","title":"Displaying reports for an app","text":"New
Introduced in 0.8.1
You can get a report about the deployed apps using the apps:report command:
ShellOutput dokku apps:report\n
=====> node-js-app app information\n App created at: 1635126111\n App dir: /home/dokku/node-js-app\n App deploy source: git\n App deploy source metadata: cd7b8afccb202f222e7dc7b427553e71ba5ddafd\n App locked: false\n=====> python-sample app information\n App created at: 1635126000\n App dir: /home/dokku/python-sample\n App deploy source:\n App deploy source metadata:\n App locked: false\n=====> ruby-sample app information\n App created at: 1635122462\n App dir: /home/dokku/ruby-sample\n App deploy source: git\n App deploy source metadata: c60921ea2799ca108276414b95ea197f16798d51\n App locked: false\n
You can run the command for a specific app also.
ShellOutput dokku apps:report node-js-app\n
=====> node-js-app app information\n App dir: /home/dokku/node-js-app\n App deploy source: git\n App deploy source metadata: cd7b8afccb202f222e7dc7b427553e71ba5ddafd\n App locked: false\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku apps:report node-js-app --app-dir\n
"},{"location":"deployment/logs/","title":"Log Management","text":"logs <app> [-h|--help] [-t|--tail] [-n|--num num] [-q|--quiet] [-p|--ps process] # Display recent log output\nlogs:failed --all|<app> # Shows the last failed deploy logs\nlogs:report [<app>] [<flag>] # Displays a logs report for one or more apps\nlogs:set [--global|<app>] <key> <value> # Set or clear a logs property for an app\nlogs:vector-logs [--num num] [--tail] # Display vector log output\nlogs:vector-start # Start the vector logging container\nlogs:vector-stop # Stop the vector logging container\n
"},{"location":"deployment/logs/#usage","title":"Usage","text":""},{"location":"deployment/logs/#application-logs","title":"Application logs","text":"You can easily get logs of an app using the logs command:
dokku logs node-js-app\n
Logs are pulled via integration with the scheduler for the specified application via \"live tailing\". As such, logs from previously running deployments are usually not available. Users that desire to see logs from previous deployments for debugging purposes should persist those logs to external services. Please see Dokku's vector integration for more information on how to persist logs across deployments to ship logs to another service or a third-party platform.
"},{"location":"deployment/logs/#behavioral-modifiers","title":"Behavioral modifiers","text":"Dokku also supports certain command-line arguments that augment the log command's behavior.
-n, --num NUM # the number of lines to display\n-p, --ps PS # only display logs from the given process\n-t, --tail # continually stream logs\n-q, --quiet # display raw logs without colors, time and names\n
You can use these modifiers as follows:
dokku logs node-js-app -t -p web\n
The above command will show logs continually from the web process.
"},{"location":"deployment/logs/#failed-deploy-logs","title":"Failed deploy logs","text":"Warning
The default docker-local scheduler will \"store\" these until the next deploy or until the old containers are garbage collected - whichever runs first. If you require the logs beyond this point in time, please ship the logs to a centralized log server.
In some cases, it may be useful to retrieve the logs from a previously failed deploy.
You can retrieve these logs by using the logs:failed command.
dokku logs:failed node-js-app\n
You may also fetch all failed app logs by using the --all flag.
dokku logs:failed --all\n
"},{"location":"deployment/logs/#docker-log-retention","title":"Docker Log Retention","text":"Docker log retention can be specified via the logs:set command by specifying a value for max-size. Log retention is set via injected docker options for all applications, but is also available via the logs-get-property trigger for alternative schedulers.
dokku logs:set node-js-app max-size 20m\n
The default value may be set by passing an empty value for the option:
dokku logs:set node-js-app max-size\n
Valid values include any integer number followed by a unit of measure (k, m, or g) or the string unlimited. Setting to unlimited will result in Dokku omitting the log option.
The max-size property can also be set globally. The global default is 10m, and the global value is used when no app-specific value is set.
dokku logs:set --global max-size 20m\n
The default value may be set by passing an empty value for the option.
dokku logs:set --global max-size\n
"},{"location":"deployment/logs/#vector-logging-shipping","title":"Vector Logging Shipping","text":"New
Introduced in 0.22.6
Vector is an open-source, lightweight and ultra-fast tool for building observability pipelines. Dokku integrates with it for shipping container logs for the docker-local scheduler. Users may configure log-shipping on a per-app or global basis, neither of which interfere with the dokku logs commands.
"},{"location":"deployment/logs/#starting-the-vector-container","title":"Starting the Vector container","text":"Warning
While the default vector image may be updated over time, this will not impact running vector containers. Users are encouraged to view any Dokku and Vector changelogs to ensure their system will continue running as expected.
Vector may be started via the logs:vector-start command.
dokku logs:vector-start\n
This will start a new container named vector with Dokku's vector config mounted and ready for use. If a running container already exists, this command will do nothing. Additionally, if a container exists but is not running, this command will attempt to start the container.
While the default vector image is hardcoded, users may specify an alternative via the --vector-image flag:
dokku logs:vector-start --vector-image timberio/vector:latest-debian\n
The vector container will be started with the following volume mounts:
/var/lib/dokku/data/logs/vector.json:/etc/vector/vector.json/var/run/docker.sock:/var/run/docker.sock/var/log/dokku/apps:/var/log/dokku/apps
The final volume mount - /var/log/dokku/apps - may be used for users that wish to ship logs to a file on disk that may be later logrotated. This directory is owned by the dokku user and group, with permissions set to 0755. At this time, log-rotation is not configured for this directory.
"},{"location":"deployment/logs/#stopping-the-vector-container","title":"Stopping the Vector container","text":"Vector may be stopped via the logs:vector-stop command.
dokku logs:vector-stop\n
The vector container will be stopped and removed from the system. If the container is not running, this command will do nothing.
"},{"location":"deployment/logs/#checking-vectors-logs","title":"Checking Vector's Logs","text":"It may be necessary to check the vector container's logs to ensure that vector is operating as expected. This can be performed with the logs:vector-logs command.
dokku logs:vector-logs\n
This command also supports the following modifiers:
--num NUM # the number of lines to display\n--tail # continually stream logs\n
You can use these modifiers as follows:
dokku logs:vector-logs --tail --num 10\n
The above command will show logs continually from the vector container, with an initial history of 10 log lines
"},{"location":"deployment/logs/#changing-the-vector-image","title":"Changing the vector image","text":"Dokku integrates with a Vector docker image version that is known to be compatible with the documentation. In some cases, it may be useful to specify an alternative image version. To do so, set the global vector-image property.
dokku logs:set --global vector-image timberio/vector:0.35.X-debian\n
Once set, the vector container will need to be stopped and then started. Note that specifying the --vector-image flag on the logs:vector-start will override the setting.
dokku logs:vector-stop\ndokku logs:vector-start\n
Setting this to an empty string will reset the version to the version currently compatible with the Dokku installation.
dokku logs:set --global vector-image\n
"},{"location":"deployment/logs/#configuring-a-log-sink","title":"Configuring a log sink","text":"Vector uses the concept of log \"sinks\" to send logs to a given endpoint. Log sinks may be configured globally or on a per-app basis by specifying a vector-sink in DSN form with the logs:set command. Specifying a sink value will reload any running vector container.
# setting the sink value in quotes is encouraged to avoid\n# issues with ampersand encoding in shell commands\ndokku logs:set node-js-app vector-sink \"console://?encoding[codec]=json\"\n
A sink may be removed by setting an empty value, which will also reload the running vector container.
dokku logs:set node-js-app vector-sink\n
Only one sink may be specified on a per-app basis at a given time.
Log sinks can also be specified globally by specifying the --global flag to logs:set with no app name specified:
dokku logs:set --global vector-sink \"console://?encoding[codec]=json\"\n
As with app-specific sink settings, the global value may also be cleared by setting no value.
dokku logs:set --global vector-sink\n
"},{"location":"deployment/logs/#log-sink-dsn-format","title":"Log Sink DSN Format","text":"The DSN form of a sink is as follows:
SINK_TYPE://?SINK_OPTIONS\n
Valid values for SINK_TYPE include all log vector log sinks, while SINK_OPTIONS is a query-string form for the sink's options. The following is a short description on how to set various values:
bool: form: key=boolstring: form: key=stringint: form: key=int[string]: form: key[]=string[int]: form: key[]=inttable: form: option[key]=value
For some sinks - such as the http sink - it may be useful to use special characters such as &. These characters must be url escaped as per RFC 3986.
# the following command will set the `http` sink with a uri config value\n# for a uri config value: https://loggerservice.com:1234/?token=abc1234&type=vector\n# the url quoted version: https%3A//loggerservice.com%3A1234/%3Ftoken%3Dabc1234%26type%3Dvector\ndokku logs:set test vector-sink \"http://?uri=https%3A//loggerservice.com%3A1234/%3Ftoken%3Dabc1234%26type%3Dvector\"\n
Please read the sink documentation for your sink of choice to configure the sink as desired.
"},{"location":"deployment/remote-commands/","title":"Remote Commands","text":"Dokku commands can be run over SSH. Anywhere you would run dokku <command>, just run ssh -t dokku@dokku.me <command> The -t is used to request a pty. It is highly recommended to do so. To avoid the need to type the -t option each time, create/modify a section in the .ssh/config on the client side, as follows:
Host dokku.me\n RequestTTY yes\n
"},{"location":"deployment/remote-commands/#behavioral-modifiers","title":"Behavioral modifiers","text":"Dokku also supports certain command line arguments that augment its behavior. If using these over SSH, you must use the form ssh -t dokku@dokku.me -- <command> to avoid SSH interpreting Dokku arguments for itself.
--quiet suppress output headers\n--trace enable DOKKU_TRACE for current execution only\n--force force flag. currently used in apps:destroy and other \":destroy\" commands\n
"},{"location":"deployment/remote-commands/#official-client","title":"Official Client","text":"You may optionally use the official client when connecting to the Dokku server.
Of all methods, this is the most official method of interacting with your Dokku installation. It is a bash script that interacts with a remote Dokku installation via ssh. It is available in contrib/dokku_client.sh in the root of the Dokku repository.
It can be installed either via the Homebrew package manager (macOS only), or manually.
"},{"location":"deployment/remote-commands/#installation-via-homebrew","title":"Installation via Homebrew","text":"To install, simply run the following command:
brew install dokku/repo/dokku\n
"},{"location":"deployment/remote-commands/#manual-installation","title":"Manual installation","text":"To install manually, simply clone the Dokku repository down and add the dokku alias pointing at the script:
git clone git@github.com:dokku/dokku.git ~/.dokku\n\n# optional: make sure that the dokku_client.sh version matches your Dokku version\ncd ~/.dokku\ngit checkout <tag/branch>\n\n# add the following to either your\n# .bashrc, .bash_profile, or .profile file\nalias dokku='$HOME/.dokku/contrib/dokku_client.sh'\n
Alternatively, if using another shell such as zsh, create an alias command which invokes the script using bash:
# zsh: add the following to either .zshenv or .zshrc\nalias dokku='bash $HOME/.dokku/contrib/dokku_client.sh'\n\n# fish: add the following to ~/.config/fish/config.fish\nalias dokku 'bash $HOME/.dokku/contrib/dokku_client.sh'\n\n# csh: add the following to .cshrc\nalias dokku 'bash $HOME/.dokku/contrib/dokku_client.sh'\n
"},{"location":"deployment/remote-commands/#usage","title":"Usage","text":"All commands have the application name automatically set via the --app flag on the remote server, and thus the app name does not need to be specified manually for core plugins.
The client supports several environment variables:
DOKKU_HOST (default: dokku git remote): Used to interact with a specific remote server. Can be overridden via the --remote flag.DOKKU_PORT (default: 22): Used to specify a port to connect to the Dokku server on.
It also supports several flags (all flags unspecified here are passed as is to the server):
--app: Override the remote app in use.--trace: Enable trace mode.--remote: Override the remote server.--global: Unsets the \"app\" value. May not be supported for the specified command.
In addition, the following commands have special local side-effects:
apps:create: - If no local
--app flag is specified or detected from a dokku git remote, a random name is generated and used for the app. - The
dokku git remote is set if not already set.
apps:destroy: - Removes the local
dokku git remote if set.
"},{"location":"deployment/remote-commands/#specifying-a-remote","title":"Specifying a remote","text":"While many users will only ever push to a single dokku remote from a given repository, it may be useful to point the same repository at multiple remotes, especially in the case of pre-production environments. This can be done via the remote commands. These commands are only available within the official remote client, and are not server-side commands.
To see your currently configured remote, run dokku remote. This will respect the --remote flag.
To list all available remotes, run dokku remote:list. This is equivalent to running git remote.
To add a remote, run dokku remote:add $REMOTE_NAME dokku@dokku.me:$APP_NAME, replacing $REMOTE_NAME with your desired remote name, the $APP_NAME with your desired app name and the host dokku.me with your Dokku host. This is equivalent to running git remote add $REMOTE_NAME dokku@dokku.me:$APP_NAME.
To remove a remote, run dokku remote:remove $REMOTE_NAME. This is equivalent to running git remote remove $REMOTE_NAME.
By default, the remote in use is dokku. To change the remote the client uses by default, run dokku remote:set $REMOTE_NAME, where $REMOTE_NAME is the name of your desired remote. This will not check the value specified, so that remote must be available or errors will occur when running normal client commands. Note that specifying --remote when running dokku commands will override this configuration value.
To clear the configured remote, run dokku remote:unset. The client will unset the configured remote, and will default back to dokku, or the value of --remote if specified.
"},{"location":"deployment/remote-commands/#unofficial-clients","title":"Unofficial Clients","text":"Please refer to the community clients list for more details.
"},{"location":"deployment/user-management/","title":"User Management","text":"New
Introduced in 0.7.0
ssh-keys:add <name> [/path/to/key] # Add a new public key by pipe or path\nssh-keys:list [--format text|json] [<name>] # List of all authorized Dokku public ssh keys\nssh-keys:remove [--fingerprint fingerprint|<name>] # Remove SSH public key by name\n
When pushing to Dokku, SSH key-based authorization is the preferred authentication method, for ease of use and increased security.
Users in Dokku are managed via the ~/dokku/.ssh/authorized_keys file. It is highly recommended that you follow the steps below to manage users on a Dokku server.
Info
Users of older versions of Dokku may use the sshcommand binary to manage keys instead of the ssh-keys plugin. Please refer to the Dokku documentation for your version for more details.
"},{"location":"deployment/user-management/#usage","title":"Usage","text":""},{"location":"deployment/user-management/#listing-ssh-keys","title":"Listing SSH keys","text":"You can use the ssh-keys:list command to show all configured SSH keys.
ShellOutput dokku ssh-keys:list\n
SHA256:ABC123ABC123+abc123abc123Zabc123abcZ123abc NAME=\"admin\" SSHCOMMAND_ALLOWED_KEYS=\"no-agent-forwarding,no-user-rc,no-X11-forwarding,no-port-forwarding\"\n
The output contains the following information:
- SSH Key Fingerprint.
- The
KEY_NAME. - A comma separated list of SSH options under the
SSHCOMMAND_ALLOWED_KEYS name.
New
Introduced in 0.20.2
The keys for a specific user may be listed by specifying a second argument to the ssh-keys:list command:
dokku ssh-keys:list admin\n
New
Introduced in 0.22.3
The output format may be specified via the --format flag. Supported values include json and text.
dokku ssh-keys:list --format json\n
This can additionally be used to filter to keys for a particular user:
dokku ssh-keys:list --format json admin\n
"},{"location":"deployment/user-management/#adding-ssh-keys","title":"Adding SSH keys","text":"You can add your public key to Dokku with the ssh-keys:add command. The path specified must contain your desired public ssh key contents and must exist on the server. Any special characters - such as ~ - are interpreted under the dokku user context. The output will be the fingerprint of the SSH key:
ShellOutput dokku ssh-keys:add KEY_NAME path/to/id_rsa.pub\n
SHA256:ABC123ABC123+abc123abc123Zabc123abcZ123abc\n
KEY_NAME is the name you want to use to refer to this particular key. Including the word admin in the name will grant the user privileges to add additional keys remotely.
Info
KEY_NAME is a unique name which is used to identify public keys. Attempting to re-use a key name will result in an error. The SSH (Git) user is always dokku, as this is the system user that the dokku binary uses to perform all its actions.
Alternatively, you may pipe the contents of your ssh key via cat or echo into the ssh-keys:add command instead of specifying a path to the ssh key:
ShellOutputShellOutput echo \"$CONTENTS_OF_YOUR_PUBLIC_SSH_KEY_HERE\" | dokku ssh-keys:add KEY_NAME\n
SHA256:ABC123ABC123+abc123abc123Zabc123abcZ123abc\n
cat path/to/id_rsa.pub | dokku ssh-keys:add KEY_NAME\n
SHA256:ABC123ABC123+abc123abc123Zabc123abcZ123abc\n
Admin users and root can add keys remotely by specifying the dokku bin on their ssh command:
cat ~/.ssh/id_rsa.pub | ssh root@dokku.me dokku ssh-keys:add KEY_NAME\n
If you are using the Vagrant installation, you can also use the make vagrant-acl-add target to add your public key to Dokku (it will use your host username as the USER):
cat ~/.ssh/id_rsa.pub | make vagrant-acl-add\n
"},{"location":"deployment/user-management/#removing-ssh-keys","title":"Removing SSH keys","text":"As key names are unique, they can be used to remove a public SSH key.
dokku ssh-keys:remove KEY_NAME\n
An SSH Key can also be removed by fingerprint.
dokku ssh-keys:remove --fingerprint FINGERPRINT\n
"},{"location":"deployment/user-management/#scoping-commands-to-specific-users","title":"Scoping commands to specific users","text":"Support for scoping commands to specific users can be added through plugins that take advantage of the user-auth plugin trigger to handle command authorization. See also the list of community-provided plugins.
"},{"location":"deployment/user-management/#granting-other-unix-user-accounts-dokku-access","title":"Granting other Unix user accounts Dokku access","text":"Any Unix user account which belongs to the sudo Unix group can run Dokku. However, you may want to give them Dokku access but not full sudo privileges.
To allow other Unix user accounts to be able to run Dokku commands, without giving them full sudo access, modify your sudoers configuration.
Use visudo /etc/sudoers.d/dokku-users, or visudo /etc/sudoers to add the following line:
%dokku ALL=(ALL:ALL) NOPASSWD:SETENV: /usr/bin/dokku\n
"},{"location":"deployment/zero-downtime-deploys/","title":"Zero Downtime Deploy Checks","text":"New
Introduced in 0.5.0
checks:disable <app> [process-type(s)] Disable zero-downtime deployment for all processes (or comma-separated process-type list) ***WARNING: this will cause downtime during deployments***\nchecks:enable <app> [process-type(s)] Enable zero-downtime deployment for all processes (or comma-separated process-type list)\nchecks:report [<app>] [<flag>] Displays a checks report for one or more apps\nchecks:run <app> [process-type(s)] Runs zero-downtime checks for all processes (or comma-separated process-type list)\nchecks:set [--global|<app>] <key> <value> Set or clear a logs property for an app\nchecks:skip <app> [process-type(s)] Skip zero-downtime checks for all processes (or comma-separated process-type list)\n
By default, Dokku will wait 10 seconds after starting each container before assuming it is up and proceeding with the deploy. Once this has occurred for all containers started by an application, traffic will be switched to point to your new containers. Dokku will also wait a further 60 seconds after the deploy is complete before terminating old containers in order to give time for long running connections to terminate. In either case, you may have more than one container running for a given application.
You may both create user-defined checks for web processes using the healthchecks key in the app.json file, as well as customize any and all parts of this experience using the checks plugin.
Info
Web checks are performed via curl on Dokku host. Some application code - such as the Django framework - checks for specific hostnames or header values, these checks will fail. To avoid this:
- Remove such checks from your code: Modify your application to remove the hostname check completely.
- Allow checks from all hostnames: Modify your application to accept a dynamically provided hostname.
- Specify the domain within the check: See below for further documentation.
"},{"location":"deployment/zero-downtime-deploys/#configuring-checks-settings","title":"Configuring checks settings","text":""},{"location":"deployment/zero-downtime-deploys/#wait-to-retire","title":"wait-to-retire","text":"After a successful deploy, the grace period given to old containers before they are stopped/terminated is determined by the value of wait-to-retire. This is useful for ensuring completion of long-running HTTP connections.
dokku checks:set node-js-app wait-to-retire 30\n
Defaults to 60.
"},{"location":"deployment/zero-downtime-deploys/#configuring-check-settings-using-the-config-plugin","title":"Configuring check settings using the config plugin","text":"There are certain settings that can be configured via environment variables:
DOKKU_DEFAULT_CHECKS_WAIT: (default: 10) If no user-defined checks are specified - or if the process being checked is not a web process - this is the period of time Dokku will wait before checking that a container is still running.DOKKU_DOCKER_STOP_TIMEOUT: (default: 10) Configurable grace period given to the docker stop command. If a container has not stopped by this time, a kill -9 signal or equivalent is sent in order to force-terminate the container. Both the ps:stop and apps:destroy commands also respect this value. If not specified, the Docker defaults for the docker stop command will be used.
The following settings may also be specified in the app.json file, though are available as environment variables in order to ease application reuse.
DOKKU_CHECKS_WAIT: (default: 5) Wait this many seconds for the container to start before running checks.DOKKU_CHECKS_TIMEOUT: (default: 30) Wait this many seconds for each response before marking it as a failure.DOKKU_CHECKS_ATTEMPTS: (default: 5) Number of retries for to run for a specific check before marking it as a failure
"},{"location":"deployment/zero-downtime-deploys/#skipping-and-disabling-checks","title":"Skipping and Disabling Checks","text":"Info
Note that checks:disable will now (as of 0.6.0) cause downtime for that process-type during deployments. Previously, it acted as checks:skip currently does.
You can choose to skip checks completely on a per-application/per-process basis. Skipping checks will avoid the default 10 second waiting period entirely, as well as any other user-defined checks.
ShellOutput # process type specification is optional\ndokku checks:skip node-js-app worker,web\n
-----> Skipping zero downtime for app's (node-js-app) proctypes (worker,web)\n-----> Unsetting node-js-app\n-----> Unsetting DOKKU_CHECKS_DISABLED\n-----> Setting config vars\n DOKKU_CHECKS_SKIPPED: worker,web\n
Zero downtime checks can also be disabled completely. This will stop old containers before new ones start, which may result in broken connections and downtime if your application fails to boot properly.
ShellOutput dokku checks:disable node-js-app worker\n
-----> Disabling zero downtime for app's (node-js-app) proctypes (worker)\n-----> Setting config vars\n DOKKU_CHECKS_DISABLED: worker\n-----> Setting config vars\n DOKKU_CHECKS_SKIPPED: web\n
"},{"location":"deployment/zero-downtime-deploys/#displaying-checks-reports-for-an-app","title":"Displaying checks reports for an app","text":"New
Introduced in 0.8.1
You can get a report about the app's checks status using the checks:report command:
ShellOutput dokku checks:report\n
=====> node-js-app checks information\n Checks disabled list: none\n Checks skipped list: none\n Checks computed wait to retire: 60\n Checks global wait to retire: 60\n Checks wait to retire:\n=====> python-app checks information\n Checks disabled list: none\n Checks skipped list: none\n Checks computed wait to retire: 60\n Checks global wait to retire: 60\n Checks wait to retire:\n=====> ruby-app checks information\n Checks disabled list: _all_\n Checks skipped list: none\n Checks computed wait to retire: 60\n Checks global wait to retire: 60\n Checks wait to retire:\n
You can run the command for a specific app also.
ShellOutput dokku checks:report node-js-app\n
=====> node-js-app checks information\n Checks disabled list: none\n Checks skipped list: none\n Checks computed wait to retire: 60\n Checks global wait to retire: 60\n Checks wait to retire:\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku checks:report node-js-app --checks-disabled-list\n
"},{"location":"deployment/zero-downtime-deploys/#customizing-checks","title":"Customizing checks","text":"New
Introduced in 0.31.0
If your application needs a longer period to boot up - perhaps to load data into memory, or because of slow boot time - you may also use Dokku's checks functionality to more precisely check whether an application can serve traffic or not.
Healthchecks are run against all process from your application's Procfile. When no healthcheck is defined, Dokku will fallback to a process uptime check.
One or more healthchecks can be defined in the app.json file - see the deployment task documentation for more information on how this is extracted - under the healthchecks.web path:
{\n \"healthchecks\": {\n \"web\": [\n {\n \"type\": \"startup\",\n \"name\": \"web check\",\n \"description\": \"Checking if the app responds to the /health/ready endpoint\",\n \"path\": \"/health/ready\",\n \"attempts\": 3\n }\n ]\n }\n}\n
A healthcheck entry takes the following properties:
attempts: (default: 3) Number of retry attempts to perform on failure.command: (default '' - empty string) Command to execute within container.content: (default: '' - empty string) Content to search in http path check output.initialDelay: (default: 0, unit: seconds) Number of seconds to wait after a container has started before triggering the healthcheck.name: (default: autogenerated) The name of the healthcheck. If unspecified, it will be autogenerated from the rest of the healthcheck information.path: (default: / - for http checks): An http path to check.port: (default: 5000): Port to run healthcheck against.timeout: (default: 5 seconds): Number of seconds to wait before timing out a healthcheck.type: (default: \"\" - none): Type of the healthcheck. Options: liveness, readiness, startup.uptime: (default: \"\" - none): Amount of time the container must be alive before the container is considered healthy. Any restarts will cause this to check to fail, and this check does not respect retries.wait: (default: 5 seconds): Number of seconds to wait between healthcheck attempts.
Warning
Healthchecks are implemented by specific scheduler plugins, and not all plugins support all options. Please consult the scheduler documentation for further details on what is supported.
See the docker-container-healthchecker documentation for more details on how healthchecks are interpreted.
"},{"location":"deployment/zero-downtime-deploys/#manually-invoking-checks","title":"Manually invoking checks","text":"Checks can also be manually invoked via the checks:run command. This can be used to check the status of an application via cron to provide integration with external healthchecking software.
Checks are run against a specific application:
ShellOutput dokku checks:run APP\n
-----> Running pre-flight checks\n-----> Running checks for app (APP.web.1)\n For more efficient zero downtime deployments, create a file CHECKS.\n See https://dokku.com/docs/deployment/zero-downtime-deploys/ for examples\n CHECKS file not found in container: Running simple container check...\n-----> Waiting for 10 seconds ...\n-----> Default container check successful!\n-----> Running checks for app (APP.web.2)\n For more efficient zero downtime deployments, create a file CHECKS.\n See https://dokku.com/docs/deployment/zero-downtime-deploys/ for examples\n CHECKS file not found in container: Running simple container check...\n-----> Waiting for 10 seconds ...\n-----> Default container check successful!\n-----> Running checks for app (APP.worker.1)\n For more efficient zero downtime deployments, create a file CHECKS.\n See https://dokku.com/docs/deployment/zero-downtime-deploys/ for examples\n CHECKS file not found in container: Running simple container check...\n-----> Waiting for 10 seconds ...\n-----> Default container check successful!\n
Checks can be scoped to a particular process type:
ShellOutput dokku checks:run node-js-app worker\n
-----> Running pre-flight checks\n-----> Running checks for app (APP.worker.1)\n For more efficient zero downtime deployments, create a file CHECKS.\n See https://dokku.com/docs/deployment/zero-downtime-deploys/ for examples\n CHECKS file not found in container: Running simple container check...\n-----> Waiting for 10 seconds ...\n-----> Default container check successful!\n
An app process ID may also be specified:
ShellOutput dokku checks:run node-js-app web.2\n
-----> Running pre-flight checks\n-----> Running checks for app (APP.web.2)\n For more efficient zero downtime deployments, create a file CHECKS.\n See https://dokku.com/docs/deployment/zero-downtime-deploys/ for examples\n CHECKS file not found in container: Running simple container check...\n-----> Waiting for 10 seconds ...\n-----> Default container check successful!\n
Non-existent process types will result in an error:
ShellOutput dokku checks:run node-js-app non-existent\n
-----> Running pre-flight checks\nInvalid process type specified (APP.non-existent)\n
Non-existent process IDs will also result in an error
ShellOutput dokku checks:run node-js-app web.3\n
-----> Running pre-flight checks\nInvalid container id specified (APP.web.3)\n
"},{"location":"deployment/builders/builder-management/","title":"Builder Management","text":"New
Introduced in 0.24.0
builder:report [<app>] [<flag>] # Displays a builder report for one or more apps\nbuilder:set <app> <key> (<value>) # Set or clear a builder property for an app\n
Builders are a way of customizing how an app is built from a source, allowing users flexibility in how artifacts are created for later scheduling.
"},{"location":"deployment/builders/builder-management/#usage","title":"Usage","text":""},{"location":"deployment/builders/builder-management/#builder-selection","title":"Builder selection","text":"Dokku supports the following built-in builders:
builder-dockerfile: Builds apps using a Dockerfile via docker build. See the dockerfile builder documentation for more information on how this builder functions.builder-herokuish: Builds apps with Heroku's v2a Buildpack specification via gliderlabs/herokuish. See the herokuish builder documentation for more information on how this builder functions.builder-lambda: Builds AWS Lambda functions in an environment simulating AWS Lambda runtimes via lambda-builder. See the lambda builder documentation for more information on how this builder functions.builder-null: Does nothing during the build phase. See the null builder documentation for more information on how this builder functions.builder-pack: Builds apps with Cloud Native Buildpacks via the pack-cli tool. See the cloud native buildpacks builder documentation for more information on how this builder functions.
Builders run a detection script against a source code repository, and the first detected builder will be used to build the app artifact. The exception to this is when a Dockerfile is detected and the app is also able to use either herokuish or pack-cli for building, in which case one of the latter will be chosen.
"},{"location":"deployment/builders/builder-management/#overriding-the-auto-selected-builder","title":"Overriding the auto-selected builder","text":"If desired, the builder can be specified via the builder:set command by specifying a value for selected. The selected builder will always be used.
dokku builder:set node-js-app selected dockerfile\n
The default value may be set by passing an empty value for the option:
dokku builder:set node-js-app selected\n
The selected property can also be set globally. The global default is an empty string, and auto-detection will be performed when no value is set per-app or globally.
dokku builder:set --global selected herokuish\n
Warning
Selecting a global builder will result in all applications using that builder unless a manual override is selected.
The default value may be set by passing an empty value for the option.
dokku builder:set --global selected\n
"},{"location":"deployment/builders/builder-management/#changing-the-build-directory","title":"Changing the build directory","text":"Warning
Please keep in mind that setting a custom build directory will result in loss of any changes to the top-level directory, such as the git.keep-git-dir property.
When deploying a monorepo, it may be desirable to specify the specific build directory to use for a given app. This can be done via the builder:set command. If a value is specified and that directory does not exist within the repository, the build will fail.
dokku builder:set node-js-app build-dir app2\n
The default value may be set by passing an empty value for the option:
dokku builder:set node-js-app build-dir\n
The build-dir property can also be set globally. The global default is empty string, and the global value is used when no app-specific value is set.
dokku builder:set --global build-dir app2\n
The default value may be set by passing an empty value for the option.
dokku builder:set --global build-dir\n
"},{"location":"deployment/builders/builder-management/#displaying-builder-reports-for-an-app","title":"Displaying builder reports for an app","text":"You can get a report about the app's builder status using the builder:report command:
ShellOutput dokku builder:report\n
=====> node-js-app builder information\n Builder build dir: custom\n Builder computed build dir: custom\n Builder computed selected: herokuish\n Builder global build dir:\n Builder global selected: herokuish\n Builder selected: herokuish\n=====> python-sample builder information\n Builder build dir:\n Builder computed build dir:\n Builder computed selected: dockerfile\n Builder global build dir:\n Builder global selected: herokuish\n Builder selected: dockerfile\n=====> ruby-sample builder information\n Builder build dir:\n Builder computed build dir:\n Builder computed selected: herokuish\n Builder global build dir:\n Builder global selected: herokuish\n Builder selected:\n
You can run the command for a specific app also.
ShellOutput dokku builder:report node-js-app\n
=====> node-js-app builder information\n Builder selected: herokuish\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku builder:report node-js-app --builder-selected\n
"},{"location":"deployment/builders/builder-management/#custom-builders","title":"Custom builders","text":"To create a custom builder, the following triggers must be implemented:
builder-build: - arguments:
BUILDER_TYPE APP SOURCECODE_WORK_DIR - description: Creates a docker image named with the output of
common#get_app_image_name $APP.
builder-detect: - arguments:
APP SOURCECODE_WORK_DIR - description: Outputs the name of the builder (without the
builder- prefix) to use to build the app.
builder-release: - arguments:
BUILDER_TYPE APP IMAGE_AG - description: A post-build, pre-release trigger that can be used to post-process the image. Usually simply tags and labels the image appropriately.
Custom plugins names must have the prefix builder- or builder overriding via builder:set may not function as expected.
Builders can use any tools available on the system to build the docker image, and may even be used to schedule building off-server. The only current requirement is that the image must exist on the server at the end of the builder-build command, though this requirement may be relaxed in a future release.
For a simple example of how to implement this trigger, see builder-pack, which utilizes a cli tool - pack-cli - to generate an OCI image that is compatible with Docker and can be scheduled by the official scheduling plugins.
"},{"location":"deployment/builders/cloud-native-buildpacks/","title":"Cloud Native Buildpacks","text":"New
Introduced in 0.22.0
builder-pack:report [<app>] [<flag>] # Displays a builder-pack report for one or more apps\nbuilder-pack:set <app> <key> (<value>) # Set or clear a builder-pack property for an app\n
buildpacks:set-property [--global|<app>] <key> <value> # Set or clear a buildpacks property for an app\n
Cloud Native Buildpacks are an evolution over the Buildpacks technology provided by the Herokuish builder. See the herokuish buildpacks documentation for more information on how to clear buildpack build cache for an application.
Warning
This functionality uses the pack cli from the Cloud Native Buildpacks project to build apps. As the integration is experimental in Dokku, it is likely to change over time.
"},{"location":"deployment/builders/cloud-native-buildpacks/#usage","title":"Usage","text":""},{"location":"deployment/builders/cloud-native-buildpacks/#requirements","title":"Requirements","text":"The pack cli tool is not included by default with Dokku or as a dependency. It must also be installed as shown on this page.
Builds will proceed with the pack cli for the app from then on.
"},{"location":"deployment/builders/cloud-native-buildpacks/#caveats","title":"Caveats","text":"As this functionality is highly experimental, there are a number of caveats. Please note that not all issues are listed below.
- Specifying specific buildpacks is not currently possible.
- A future release will add support for specifying buildpacks via the
buildpacks plugin.
- There is currently no way to specify extra arguments for
pack cli invocations. - A future release will add support for injecting extra arguments during the build process.
- The default process type is
web. - Build cache is stored in Docker volumes instead of on disk. As such,
repo:purge-cache currently has no effect. - A future version will add integration with the
repo plugin.
pack is not currently included with Dokku, nor is it added as a package dependency. - A future version will include it as a package dependency.
"},{"location":"deployment/builders/cloud-native-buildpacks/#detection","title":"Detection","text":"This builder will be auto-detected in either the following cases:
-
The DOKKU_CNB_EXPERIMENTAL app environment variable is set to 1.
dokku config:set --no-restart node-js-app DOKKU_CNB_EXPERIMENTAL=1\n
-
A project.toml file exists in the root of the app repository.
- This file is consumed by
pack-cli and used to describe how the app is built.
The builder can also be specified via the builder:set command:
dokku builder:set node-js-app selected pack\n
Info
Dokku will only select the dockerfile builder if both the herokuish and pack builders are not detected and a Dockerfile exists. See the dockerfile builder documentation for more information on how that builder functions.
"},{"location":"deployment/builders/cloud-native-buildpacks/#changing-the-projecttoml-location","title":"Changing the project.toml location","text":"The project.toml is expected to be found in a specific directory, depending on the deploy approach:
- The
WORKDIR of the Docker image for deploys resulting from git:from-image and git:load-image commands. - The root of the source code tree for all other deploys (git push,
git:from-archive, git:sync).
Sometimes it may be desirable to set a different path for a given app, e.g. when deploying from a monorepo. This can be done via the projecttoml-path property:
dokku builder-pack:set node-js-app projecttoml-path .dokku/project.toml\n
The value is the path to the desired file relative to the base search directory, and will never be treated as absolute paths in any context. If that file does not exist within the repository, Dokku will continue the build process as if the repository has no project.toml.
The default value may be set by passing an empty value for the option:
dokku builder-pack:set node-js-app projecttoml-path\n
The projecttoml-path property can also be set globally. The global default is project.toml, and the global value is used when no app-specific value is set.
dokku builder-pack:set --global projecttoml-path project2.toml\n
The default value may be set by passing an empty value for the option.
dokku builder-pack:set --global projecttoml-path\n
"},{"location":"deployment/builders/cloud-native-buildpacks/#displaying-builder-pack-reports-for-an-app","title":"Displaying builder-pack reports for an app","text":"New
Introduced in 0.25.0
You can get a report about the app's storage status using the builder-pack:report command:
ShellOutput dokku builder-pack:report\n
=====> node-js-app builder-pack information\n Builder pack computed projecttoml path: project2.toml\n Builder pack global projecttoml path: project.toml\n Builder pack projecttoml path: project2.toml\n=====> python-sample builder-pack information\n Builder pack computed projecttoml path: project.toml\n Builder pack global projecttoml path: project.toml\n Builder pack projecttoml path:\n=====> ruby-sample builder-pack information\n Builder pack computed projecttoml path: project.toml\n Builder pack global projecttoml path: project.json\n Builder pack projecttoml path:\n
You can run the command for a specific app also.
ShellOutput dokku builder-pack:report node-js-app\n
=====> node-js-app builder-pack information\n Builder pack computed projecttoml path: project2.toml\n Builder pack global projecttoml path: project.toml\n Builder pack projecttoml path: project2.toml\n
You can pass flags which will output only the value of the specific information you want. For example:
ShellOutput dokku builder-pack:report node-js-app --builder-pack-projecttoml-path\n
project2.toml\n
"},{"location":"deployment/builders/cloud-native-buildpacks/#customizing-the-buildpack-stack-builder","title":"Customizing the Buildpack stack builder","text":"New
Introduced in 0.23.0
The default stack builder in use by CNB buildpacks in Dokku is based on heroku/builder:24. Users may desire to switch the stack builder to a custom version, either to update the operating system or to customize packages included with the stack builder. This can be performed via the buildpacks:set-property command.
dokku buildpacks:set-property node-js-app stack paketobuildpacks/build:base-cnb\n
The specified stack builder can also be unset by omitting the name of the stack builder when calling buildpacks:set-property.
dokku buildpacks:set-property node-js-app stack\n
A change in the stack builder value will execute the post-stack-set trigger.
Finally, stack builders can be set or unset globally as a fallback. This will take precedence over a globally set DOKKU_CNB_BUILDER environment variable (heroku/builder:24 by default).
# set globally\ndokku buildpacks:set-property --global stack paketobuildpacks/build:base-cnb\n\n# unset globally\ndokku buildpacks:set-property --global stack\n
"},{"location":"deployment/builders/cloud-native-buildpacks/#specifying-commands-via-procfile","title":"Specifying commands via Procfile","text":"See the Procfile documentation for more information on how to specify different processes for your app.
"},{"location":"deployment/builders/dockerfiles/","title":"Dockerfile Deployment","text":"New
Introduced in 0.3.15
builder-dockerfile:report [<app>] [<flag>] # Displays a builder-dockerfile report for one or more apps\nbuilder-dockerfile:set <app> <key> (<value>) # Set or clear a builder-dockerfile property for an app\n
While Dokku normally defaults to using Heroku buildpacks for deployment, you can also use Docker's native Dockerfile system to define a container.
Info
Dockerfile support is considered a power user feature. By using Dockerfile-based deployment, you agree that you will not have the same comfort as that enjoyed by buildpack users, and Dokku features may work differently. Differences between the two systems will be documented here.
"},{"location":"deployment/builders/dockerfiles/#usage","title":"Usage","text":""},{"location":"deployment/builders/dockerfiles/#detection","title":"Detection","text":"This builder will be auto-detected in the following case:
- A
Dockerfile exists in the root of the app repository.
Dokku will only select the dockerfile builder if both the herokuish and pack builders are not detected and a Dockerfile exists. For more information on how those are detected, see the following links:
- Cloud Native Buildpacks documentation
- Herokuish documentation
"},{"location":"deployment/builders/dockerfiles/#switching-from-buildpack-deployments","title":"Switching from buildpack deployments","text":"If an application was previously deployed via buildpacks and ports were customized, the following commands should be run prior to a deploy to ensure the Dockerfile ports are respected:
dokku ports:clear node-js-app\n
"},{"location":"deployment/builders/dockerfiles/#changing-the-dockerfile-location","title":"Changing the Dockerfile location","text":"Info
The previous method to perform this - via docker-options:add - should be removed in favor of the builder-dockerfile:set command outlined here.
The Dockerfile is expected to be found in a specific directory, depending on the deploy approach:
- The
WORKDIR of the Docker image for deploys resulting from git:from-image and git:load-image commands. - The root of the source code tree for all other deploys (git push,
git:from-archive, git:sync).
Sometimes it may be desirable to set a different path for a given app, e.g. when deploying from a monorepo. This can be done via the dockerfile-path property:
dokku builder-dockerfile:set node-js-app dockerfile-path .dokku/Dockerfile\n
The value is the path to the desired file relative to the base search directory, and will never be treated as absolute paths in any context. If that file does not exist within the repository, the build will fail.
The default value may be set by passing an empty value for the option:
dokku builder-dockerfile:set node-js-app dockerfile-path\n
The dockerfile-path property can also be set globally. The global default is Dockerfile, and the global value is used when no app-specific value is set.
dokku builder-dockerfile:set --global dockerfile-path Dockerfile2\n
The default value may be set by passing an empty value for the option.
dokku builder-dockerfile:set --global dockerfile-path\n
"},{"location":"deployment/builders/dockerfiles/#displaying-builder-dockerfile-reports-for-an-app","title":"Displaying builder-dockerfile reports for an app","text":"New
Introduced in 0.25.0
You can get a report about the app's storage status using the builder-dockerfile:report command:
ShellOutput dokku builder-dockerfile:report\n
=====> node-js-app builder-dockerfile information\n Builder dockerfile computed dockerfile path: Dockerfile2\n Builder dockerfile global dockerfile path: Dockerfile\n Builder dockerfile dockerfile path: Dockerfile2\n=====> python-sample builder-dockerfile information\n Builder dockerfile computed dockerfile path: Dockerfile\n Builder dockerfile global dockerfile path: Dockerfile\n Builder dockerfile dockerfile path:\n=====> ruby-sample builder-dockerfile information\n Builder dockerfile computed dockerfile path: Dockerfile\n Builder dockerfile global dockerfile path: Dockerfile\n Builder dockerfile dockerfile path:\n
You can run the command for a specific app also.
ShellOutput dokku builder-dockerfile:report node-js-app\n
=====> node-js-app builder-dockerfile information\n Builder dockerfile computed dockerfile path: Dockerfile2\n Builder dockerfile global dockerfile path: Dockerfile\n Builder dockerfile dockerfile path: Dockerfile2\n
You can pass flags which will output only the value of the specific information you want. For example:
ShellOutput dokku builder-dockerfile:report node-js-app --builder-dockerfile-dockerfile-path\n
Dockerfile2\n
"},{"location":"deployment/builders/dockerfiles/#build-time-configuration-variables","title":"Build-time configuration variables","text":"For security reasons - and as per Docker recommendations - Dockerfile-based deploys have variables available only during runtime.
For users that require customization in the build phase, you may use build arguments via the docker-options plugin. All environment variables set by the config plugin are automatically exported during a docker build, and thus --build-arg only requires setting a key without a value.
dokku docker-options:add node-js-app build '--build-arg NODE_ENV'\n
Once set, the Dockerfile usage would be as follows:
FROM ubuntu:24.04\n\n# set the argument default\nARG NODE_ENV=production\n\n# use the argument\nRUN echo $NODE_ENV\n
You may also set the argument as an environment variable
FROM ubuntu:24.04\n\n# set the argument default\nARG NODE_ENV=production\n\n# assign it to an environment variable\n# we can wrap the variable in brackets\nENV NODE_ENV ${NODE_ENV}\n\n# or omit them completely\n\n# use the argument\nRUN echo $NODE_ENV\n
"},{"location":"deployment/builders/dockerfiles/#building-images-with-docker-buildkit","title":"Building images with Docker BuildKit","text":"If your Dockerfile is using Docker Engine's BuildKit (not to be confused with buildpacks), then the DOCKER_BUILDKIT=1 environment variable needs to be set (unless you're using Docker Engine v24 or higher, which uses BuildKit by default). Additionally, complete build log output can be forced via BUILDKIT_PROGRESS=plain. Both of these environment variables can be set as follows:
echo \"export DOCKER_BUILDKIT=1\" | sudo tee -a /etc/default/dokku\necho \"export BUILDKIT_PROGRESS=plain\" | sudo tee -a /etc/default/dokku\n
"},{"location":"deployment/builders/dockerfiles/#buildkit-directory-caching","title":"BuildKit directory caching","text":"BuildKit implements the RUN --mount option, enabling mount directory caches for RUN directives. The following is an example that mounts debian packaging related directories, which can speed up fetching of remote package data.
FROM debian:latest\nRUN --mount=target=/var/lib/apt/lists,type=cache \\\n --mount=target=/var/cache/apt,type=cache \\\n apt-get update \\\n && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \\\n git\n
Mount cache targets may vary depending on the tool in use, and users are encouraged to investigate the directories that apply for their language and framework.
You would adjust the cache directory for whatever application cache you have, e.g. /root/.pnpm-store/v3 for pnpm, $HOME/.m2 for maven, or /root/.cache for golang.
"},{"location":"deployment/builders/dockerfiles/#customizing-the-run-command","title":"Customizing the run command","text":"By default no arguments are passed to docker run when deploying the container and the CMD or ENTRYPOINT defined in the Dockerfile are executed. You can take advantage of docker ability of overriding the CMD or passing parameters to your ENTRYPOINT setting $DOKKU_DOCKERFILE_START_CMD. Let's say for example you are deploying a base Node.js image, with the following ENTRYPOINT:
ENTRYPOINT [\"node\"]\n
You can do:
dokku config:set node-js-app DOKKU_DOCKERFILE_START_CMD=\"--harmony server.js\"\n
To tell Docker what to run.
Setting $DOKKU_DOCKERFILE_CACHE_BUILD to true or false will enable or disable Docker's image layer cache. Lastly, for more granular build control, you may also pass any docker build option to docker, by setting $DOKKU_DOCKER_BUILD_OPTS.
"},{"location":"deployment/builders/dockerfiles/#procfiles-and-multiple-processes","title":"Procfiles and multiple processes","text":"New
Introduced in 0.5.0
See the Procfile documentation for more information on how to specify different processes for your app.
"},{"location":"deployment/builders/dockerfiles/#exposed-ports","title":"Exposed ports","text":"See the port management documentation for more information on how Dokku exposes ports for applications and how you can configure these for your app.
"},{"location":"deployment/builders/herokuish-buildpacks/","title":"Herokuish Buildpacks","text":"New
Subcommands introduced in 0.15.0
buildpacks:add [--index 1] <app> <buildpack> # Add new app buildpack while inserting into list of buildpacks if necessary\nbuildpacks:clear <app> # Clear all buildpacks set on the app\nbuildpacks:list <app> # List all buildpacks for an app\nbuildpacks:remove <app> <buildpack> # Remove a buildpack set on the app\nbuildpacks:report [<app>] [<flag>] # Displays a buildpack report for one or more apps\nbuildpacks:set [--index 1] <app> <buildpack> # Set new app buildpack at a given position defaulting to the first buildpack if no index is specified\nbuildpacks:set-property [--global|<app>] <key> <value> # Set or clear a buildpacks property for an app\n
builder-herokuish:report [<app>] [<flag>] # Displays a builder-herokuish report for one or more apps\nbuilder-herokuish:set <app> <key> (<value>) # Set or clear a builder-herokuish property for an app\n
Warning
If using the buildpacks plugin, be sure to unset any BUILDPACK_URL and remove any such entries from a committed .env file. A specified BUILDPACK_URL will always override a .buildpacks file or the buildpacks plugin.
Dokku normally defaults to using Heroku buildpacks for deployment, though this may be overridden by committing a valid Dockerfile to the root of your repository and pushing the repository to your Dokku installation. To avoid this automatic Dockerfile deployment detection, you may do one of the following:
- Set a
BUILDPACK_URL environment variable - This can be done via
dokku config:set or via a committed .env file in the root of the repository. See the environment variable documentation for more details.
- Create a
.buildpacks file in the root of your repository. - This can be via a committed
.buildpacks file or managed via the buildpacks plugin commands.
This page will cover usage of the buildpacks plugin.
"},{"location":"deployment/builders/herokuish-buildpacks/#usage","title":"Usage","text":""},{"location":"deployment/builders/herokuish-buildpacks/#detection","title":"Detection","text":"This builder will be auto-detected in either the following cases:
- The
BUILDPACK_URL app environment variable is set. - This can be done via
dokku config:set or via a committed .env file in the root of the repository. See the environment variable documentation for more details.
- A
.buildpacks file exists in the root of the app repository. - This can be via a committed
.buildpacks file or managed via the buildpacks plugin commands.
The builder can also be specified via the builder:set command:
dokku builder:set node-js-app selected herokuish\n
Info
Dokku will only select the dockerfile builder if both the herokuish and pack builders are not detected and a Dockerfile exists. See the dockerfile builder documentation for more information on how that builder functions.
"},{"location":"deployment/builders/herokuish-buildpacks/#listing-buildpacks-in-use","title":"Listing Buildpacks in Use","text":"The buildpacks:list command can be used to show buildpacks that have been set for an app. This will omit any auto-detected buildpacks.
ShellOutputShellOutput # running for an app with no buildpacks specified\ndokku buildpacks:list node-js-app\n
-----> test buildpack urls\n
# running for an app with two buildpacks specified\ndokku buildpacks:list node-js-app\n
-----> test buildpack urls\n https://github.com/heroku/heroku-buildpack-python.git\n https://github.com/heroku/heroku-buildpack-nodejs.git\n
"},{"location":"deployment/builders/herokuish-buildpacks/#adding-custom-buildpacks","title":"Adding custom buildpacks","text":"Info
Please check the documentation for your particular buildpack as you may need to include configuration files (such as a Procfile) in your project root.
To add a custom buildpack, use the buildpacks:add command:
dokku buildpacks:add node-js-app https://github.com/heroku/heroku-buildpack-nodejs.git\n
When no buildpacks are currently specified, the specified buildpack will be the only one executed for detection and compilation.
Multiple buildpacks may be specified by using the buildpacks:add command multiple times.
dokku buildpacks:add node-js-app https://github.com/heroku/heroku-buildpack-ruby.git\ndokku buildpacks:add node-js-app https://github.com/heroku/heroku-buildpack-nodejs.git\n
Buildpacks are executed in order, may be inserted at a specified index via the --index flag. This flag is specified starting at a 1-index value.
# will add the golang buildpack at the second position, bumping all proceeding ones by 1 position\ndokku buildpacks:add --index 2 node-js-app https://github.com/heroku/heroku-buildpack-golang.git\n
"},{"location":"deployment/builders/herokuish-buildpacks/#overwriting-a-buildpack-position","title":"Overwriting a buildpack position","text":"In some cases, it may be necessary to swap out a given buildpack. Rather than needing to re-specify each buildpack, the buildpacks:set command can be used to overwrite a buildpack at a given position.
dokku buildpacks:set node-js-app https://github.com/heroku/heroku-buildpack-ruby.git\n
By default, this will overwrite the first buildpack specified. To specify an index, the --index flag may be used. This flag is specified starting at a 1-index value, and defaults to 1.
# the following are equivalent commands\ndokku buildpacks:set node-js-app https://github.com/heroku/heroku-buildpack-ruby.git\ndokku buildpacks:set --index 1 node-js-app https://github.com/heroku/heroku-buildpack-ruby.git\n
If the index specified is larger than the number of buildpacks currently configured, the buildpack will be appended to the end of the list.
dokku buildpacks:set --index 99 node-js-app https://github.com/heroku/heroku-buildpack-ruby.git\n
"},{"location":"deployment/builders/herokuish-buildpacks/#removing-a-buildpack","title":"Removing a buildpack","text":"Info
At least one of a buildpack or index must be specified
A single buildpack can be removed by name via the buildpacks:remove command.
dokku buildpacks:remove node-js-app https://github.com/heroku/heroku-buildpack-ruby.git\n
Buildpacks can also be removed by index via the --index flag. This flag is specified starting at a 1-index value.
dokku buildpacks:remove node-js-app --index 1\n
"},{"location":"deployment/builders/herokuish-buildpacks/#clearing-all-buildpacks","title":"Clearing all buildpacks","text":"Info
This does not affect automatically detected buildpacks, nor does it impact any specified BUILDPACK_URL environment variable.
The buildpacks:clear command can be used to clear all configured buildpacks for a specified app.
dokku buildpacks:clear node-js-app\n
"},{"location":"deployment/builders/herokuish-buildpacks/#customizing-the-buildpack-stack-builder","title":"Customizing the Buildpack stack builder","text":"New
Introduced in 0.23.0
The default stack builder in use by Herokuish buildpacks in Dokku is based on gliderlabs/herokuish:latest. Typically, this is installed via an OS package which pulls the requisite Docker image. Users may desire to switch the stack builder to a custom version, either to update the operating system or to customize packages included with the stack builder. This can be performed via the buildpacks:set-property command.
dokku buildpacks:set-property node-js-app stack gliderlabs/herokuish:latest\n
The specified stack builder can also be unset by omitting the name of the stack builder when calling buildpacks:set-property.
dokku buildpacks:set-property node-js-app stack\n
A change in the stack builder value will execute the post-stack-set trigger.
Finally, stack builders can be set or unset globally as a fallback. This will take precedence over a globally set DOKKU_IMAGE environment variable (gliderlabs/herokuish:latest-24 by default).
# set globally\ndokku buildpacks:set-property --global stack gliderlabs/herokuish:latest\n\n# unset globally\ndokku buildpacks:set-property --global stack\n
"},{"location":"deployment/builders/herokuish-buildpacks/#allowing-herokuish-for-non-amd64-platforms","title":"Allowing herokuish for non-amd64 platforms","text":"New
Introduced in 0.29.0
By default, the builder-herokuish plugin is not enabled for non-amd64 platforms, and attempting to use it is blocked. This is because the majority of buildpacks are not cross-platform compatible, and thus building apps will either be considerably slower - due to emulating the amd64 platform - or won't work - due to building amd64 packages on arm64 platforms.
To force-enable herokuish on non-amd64 platforms, the allowed property can be set via builder-herokuish:set. The default value depends on the host platform architecture (true on amd64, false otherwise).
dokku builder-herokuish:set node-js-app allowed true\n
The default value may be set by passing an empty value for the option:
dokku builder-herokuish:set node-js-app allowed\n
The allowed property can also be set globally. The global default is platform-dependent, and the global value is used when no app-specific value is set.
dokku builder-herokuish:set --global allowed true\n
The default value may be set by passing an empty value for the option.
dokku builder-herokuish:set --global allowed\n
"},{"location":"deployment/builders/herokuish-buildpacks/#displaying-buildpack-reports-for-an-app","title":"Displaying buildpack reports for an app","text":"You can get a report about the app's buildpacks status using the buildpacks:report command:
ShellOutput dokku buildpacks:report\n
=====> node-js-app buildpacks information\n Buildpacks computed stack: gliderlabs/herokuish:v0.7.0-22\n Buildpacks global stack: gliderlabs/herokuish:latest-24\n Buildpacks list: https://github.com/heroku/heroku-buildpack-nodejs.git\n Buildpacks stack: gliderlabs/herokuish:v0.7.0-20\n=====> python-sample buildpacks information\n Buildpacks computed stack: gliderlabs/herokuish:latest-24\n Buildpacks global stack: gliderlabs/herokuish:latest-24\n Buildpacks list: https://github.com/heroku/heroku-buildpack-nodejs.git,https://github.com/heroku/heroku-buildpack-python.git\n Buildpacks stack:\n=====> ruby-sample buildpacks information\n Buildpacks computed stack: gliderlabs/herokuish:latest-24\n Buildpacks global stack: gliderlabs/herokuish:latest-24\n Buildpacks list:\n Buildpacks stack:\n
You can run the command for a specific app also.
ShellOutput dokku buildpacks:report node-js-app\n
=====> node-js-app buildpacks information\n Buildpacks list: https://github.com/heroku/heroku-buildpack-nodejs.git\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku buildpacks:report node-js-app --buildpacks-list\n
"},{"location":"deployment/builders/herokuish-buildpacks/#displaying-builder-herokuish-reports-for-an-app","title":"Displaying builder-herokuish reports for an app","text":"New
Introduced in 0.29.0
You can get a report about the app's storage status using the builder-herokuish:report command:
ShellOutput dokku builder-herokuish:report\n
=====> node-js-app builder-herokuish information\n Builder herokuish computed allowed: false\n Builder herokuish global allowed: true\n Builder herokuish allowed: false\n=====> python-sample builder-herokuish information\n Builder herokuish computed allowed: true\n Builder herokuish global allowed: true\n Builder herokuish allowed:\n=====> ruby-sample builder-herokuish information\n Builder herokuish computed allowed: true\n Builder herokuish global allowed: true\n Builder herokuish allowed:\n
You can run the command for a specific app also.
ShellOutput dokku builder-herokuish:report node-js-app\n
=====> node-js-app builder-herokuish information\n Builder herokuish computed allowed: false\n Builder herokuish global allowed: true\n Builder herokuish allowed: false\n
You can pass flags which will output only the value of the specific information you want. For example:
ShellOutput dokku builder-herokuish:report node-js-app --builder-herokuish-allowed\n
false\n
"},{"location":"deployment/builders/herokuish-buildpacks/#errata","title":"Errata","text":""},{"location":"deployment/builders/herokuish-buildpacks/#switching-from-dockerfile-deployments","title":"Switching from Dockerfile deployments","text":"If an application was previously deployed via Dockerfile, the following commands should be run before a buildpack deploy will succeed:
dokku ports:clear node-js-app\n
"},{"location":"deployment/builders/herokuish-buildpacks/#using-a-specific-buildpack-version","title":"Using a specific buildpack version","text":"Info
Always remember to pin your buildpack versions when using the multi-buildpacks method, or you may find deploys changing your deployed environment.
By default, Dokku uses the gliderlabs/herokuish project, which pins all of it's vendored buildpacks. There may be occasions where the pinned version results in a broken deploy, or does not have a particular feature that is required to build your project. To use a more recent version of a given buildpack, the buildpack may be specified without a Git commit SHA like so:
# using the latest nodejs buildpack\ndokku buildpacks:set node-js-app https://github.com/heroku/heroku-buildpack-nodejs\n
This will use the latest commit on the master branch of the specified buildpack. To pin to a newer version of a buildpack, a sha may also be specified by using the form REPOSITORY_URL#COMMIT_SHA, where COMMIT_SHA is any tree-ish git object - usually a git tag.
# using v87 of the nodejs buildpack\ndokku buildpacks:set node-js-app https://github.com/heroku/heroku-buildpack-nodejs#v87\n
"},{"location":"deployment/builders/herokuish-buildpacks/#curl-build-timeouts","title":"curl build timeouts","text":"Certain buildpacks may time out in retrieving dependencies via curl. This can happen when your network connection is poor or if there is significant network congestion. You may see a message similar to gzip: stdin: unexpected end of file after a curl command.
If you see output similar this when deploying , you may need to override the curl timeouts to increase the length of time allotted to those tasks. You can do so via the config plugin:
dokku config:set --global CURL_TIMEOUT=1200\ndokku config:set --global CURL_CONNECT_TIMEOUT=180\n
"},{"location":"deployment/builders/herokuish-buildpacks/#clearing-buildpack-cache","title":"Clearing buildpack cache","text":"See the repository management documentation for more information on how to clear buildpack build cache for an application.
"},{"location":"deployment/builders/herokuish-buildpacks/#specifying-commands-via-procfile","title":"Specifying commands via Procfile","text":"See the Procfile documentation for more information on how to specify different processes for your app.
"},{"location":"deployment/builders/lambda/","title":"Lambda Builder","text":"New
Introduced in 0.28.0
builder-lambda:report [<app>] [<flag>] # Displays a builder-lambda report for one or more apps\nbuilder-lambda:set <app> <key> (<value>) # Set or clear a builder-lambda property for an app\n
The lambda builder builds AWS Lambda functions in an environment simulating AWS Lambda runtimes via lambda-builder. Apps built via this builder can run natively in Dokku and may also have their artifacts scheduled to Lambda via an appropriate scheduler.
"},{"location":"deployment/builders/lambda/#usage","title":"Usage","text":""},{"location":"deployment/builders/lambda/#detection","title":"Detection","text":"This builder will be auto-detected in the following case:
- A
lambda.yml exists in the root of the app repository.
The builder may also be selected via the builder:set command
dokku builder:set node-js-app selected lambda\n
"},{"location":"deployment/builders/lambda/#supported-languages","title":"Supported languages","text":"The lambda builder plugin supports the following AWS runtime languages on Amazon Linux 2:
- dotnet
- go (builder is based on AL1)
- nodejs
- python
- ruby
See the lambda-builder documentation for more information on how specific languages are detected.
"},{"location":"deployment/builders/lambda/#customizing-the-build-environment","title":"Customizing the build environment","text":"The lambda builder plugin delegates all build logic to lambda-builder, including language detection and build/runtime environment specification. The lambda-builder tool supports a lambda.yml file format for customizing how apps are built. Please see the readme for lambda-builder for more information on different options.
"},{"location":"deployment/builders/lambda/#changing-the-lambdayml-location","title":"Changing the lambda.yml location","text":"The lambda.yml is expected to be found in a specific directory, depending on the deploy approach:
- The
WORKDIR of the Docker image for deploys resulting from git:from-image and git:load-image commands. - The root of the source code tree for all other deploys (git push,
git:from-archive, git:sync).
Sometimes it may be desirable to set a different path for a given app, e.g. when deploying from a monorepo. This can be done via the lambdayml-path property:
dokku builder-lambda:set node-js-app lambdayml-path .dokku/lambda.yml\n
The value is the path to the desired file relative to the base search directory, and will never be treated as absolute paths in any context. If that file does not exist within the repository, the build will fail.
The default value may be set by passing an empty value for the option:
dokku builder-lambda:set node-js-app lambdayml-path\n
The lambdayml-path property can also be set globally. The global default is lambda.yml, and the global value is used when no app-specific value is set.
dokku builder-lambda:set --global lambdayml-path lambda2.yml\n
The default value may be set by passing an empty value for the option.
dokku builder-lambda:set --global lambdayml-path\n
"},{"location":"deployment/builders/lambda/#displaying-builder-lambda-reports-for-an-app","title":"Displaying builder-lambda reports for an app","text":"You can get a report about the app's storage status using the builder-lambda:report command:
ShellOutput dokku builder-lambda:report\n
=====> node-js-app builder-lambda information\n Builder lambda computed lambdayml path: lambda2.yml\n Builder lambda global lambdayml path: lambda.yml\n Builder lambda lambdayml path: lambda2.yml\n=====> python-sample builder-lambda information\n Builder lambda computed lambdayml path: lambda.yml\n Builder lambda global lambdayml path: lambda.yml\n Builder lambda lambdayml path:\n=====> ruby-sample builder-lambda information\n Builder lambda computed lambdayml path: lambda.yml\n Builder lambda global lambdayml path: lambda.yml\n Builder lambda lambdayml path:\n
You can run the command for a specific app also.
ShellOutput dokku builder-lambda:report node-js-app\n
=====> node-js-app builder-lambda information\n Builder lambda computed lambdayml path: lambda2.yml\n Builder lambda global lambdayml path: lambda.yml\n Builder lambda lambdayml path: lambda2.yml\n
You can pass flags which will output only the value of the specific information you want. For example:
ShellOutput dokku builder-lambda:report node-js-app --builder-lambda-lambdayml-path\n
lambda2.yml\n
"},{"location":"deployment/builders/nixpacks/","title":"Nixpacks","text":"New
Introduced in 0.32.0
The nixpacks builder builds apps via Nixpacks, a buildpack alternative.
"},{"location":"deployment/builders/nixpacks/#usage","title":"Usage","text":""},{"location":"deployment/builders/nixpacks/#requirements","title":"Requirements","text":"The nixpacks cli tool is not included by default with Dokku or as a dependency. It must also be installed as shown on this page.
Builds will proceed with the nixpacks cli for the app from then on.
"},{"location":"deployment/builders/nixpacks/#detection","title":"Detection","text":"This builder will be auto-detected in the following case:
- A
nixpacks.toml exists in the root of the app repository.
The builder may also be selected via the builder:set command
dokku builder:set node-js-app selected nixpacks\n
"},{"location":"deployment/builders/nixpacks/#supported-languages","title":"Supported languages","text":"See the upstream nixpacks documentation for further information on what languages and frameworks are supported.
"},{"location":"deployment/builders/nixpacks/#build-time-configuration-variables","title":"Build-time configuration variables","text":"For security reasons - and as per Docker recommendations - nixpacks-based deploys have variables available only during runtime.
For users that require customization in the build phase, you may use build arguments via the docker-options plugin. All environment variables set by the config plugin are automatically exported within the nixpacks build environment, and thus --env only requires setting a key without a value.
dokku docker-options:add node-js-app build '--env NODE_ENV'\n
Alternatively, a full value may be provided in the form of --env KEY=VALUE:
dokku docker-options:add node-js-app build '--env NODE_ENV=production'\n
"},{"location":"deployment/builders/nixpacks/#changing-the-nixpackstoml-location","title":"Changing the nixpacks.toml location","text":"The nixpacks.toml is expected to be found in a specific directory, depending on the deploy approach:
- The
WORKDIR of the Docker image for deploys resulting from git:from-image and git:load-image commands. - The root of the source code tree for all other deploys (git push,
git:from-archive, git:sync).
Sometimes it may be desirable to set a different path for a given app, e.g. when deploying from a monorepo. This can be done via the nixpackstoml-path property:
dokku builder-nixpacks:set node-js-app nixpackstoml-path .dokku/nixpacks.toml\n
The value is the path to the desired file relative to the base search directory, and will never be treated as absolute paths in any context. If that file does not exist within the repository, the build will fail.
The default value may be set by passing an empty value for the option:
dokku builder-nixpacks:set node-js-app nixpackstoml-path\n
The nixpackstoml-path property can also be set globally. The global default is nixpacks.toml, and the global value is used when no app-specific value is set.
dokku builder-nixpacks:set --global nixpackstoml-path nixpacks2.toml\n
The default value may be set by passing an empty value for the option.
dokku builder-nixpacks:set --global nixpackstoml-path\n
"},{"location":"deployment/builders/nixpacks/#disabling-cache","title":"Disabling cache","text":"Cache is enabled by default, but can be disabled by setting the no-cache property to true:
dokku builder-nixpacks:set node-js-app no-cache true\n
The default value may be set by passing an empty value for the option:
dokku builder-nixpacks:set node-js-app no-cache\n
The no-cache property can also be set globally. The global default is false, and the global value is used when no app-specific value is set.
dokku builder-nixpacks:set --global no-cache true\n
The default value may be set by passing an empty value for the option.
dokku builder-nixpacks:set --global no-cache\n
"},{"location":"deployment/builders/nixpacks/#displaying-builder-nixpacks-reports-for-an-app","title":"Displaying builder-nixpacks reports for an app","text":"You can get a report about the app's storage status using the builder-nixpacks:report command:
ShellOutput dokku builder-nixpacks:report\n
=====> node-js-app builder-nixpacks information\n Builder-nixpacks computed nixpackstoml path: nixpacks2.toml\n Builder-nixpacks global nixpackstoml path: nixpacks.toml\n Builder-nixpacks nixpackstoml path: nixpacks2.toml\n Builder-nixpacks computed no cache: true\n Builder-nixpacks global no cache: false\n Builder-nixpacks no cache: true\n=====> python-sample builder-nixpacks information\n Builder-nixpacks computed nixpackstoml path: nixpacks.toml\n Builder-nixpacks global nixpackstoml path: nixpacks.toml\n Builder-nixpacks nixpackstoml path:\n Builder-nixpacks computed no cache: false\n Builder-nixpacks global no cache: false\n Builder-nixpacks no cache:\n=====> ruby-sample builder-nixpacks information\n Builder-nixpacks computed nixpackstoml path: nixpacks.toml\n Builder-nixpacks global nixpackstoml path: nixpacks.toml\n Builder-nixpacks nixpackstoml path:\n Builder-nixpacks computed no cache: false\n Builder-nixpacks global no cache: false\n Builder-nixpacks no cache:\n
You can run the command for a specific app also.
ShellOutput dokku builder-nixpacks:report node-js-app\n
=====> node-js-app builder-nixpacks information\n Builder-nixpacks computed nixpackstoml path: nixpacks2.toml\n Builder-nixpacks global nixpackstoml path: nixpacks.toml\n Builder-nixpacks nixpackstoml path: nixpacks2.toml\n Builder-nixpacks computed no cache: true\n Builder-nixpacks global no cache: false\n Builder-nixpacks no cache: true\n
You can pass flags which will output only the value of the specific information you want. For example:
ShellOutput dokku builder-nixpacks:report node-js-app --builder-nixpacks-no-cache\n
true\n
"},{"location":"deployment/builders/null/","title":"Null Builder","text":"New
Introduced in 0.25.0
The null builder does nothing, and is useful for routing to services not managed by Dokku. It should not be used in normal operation. Please see the network documentation for more information on the aforementioned use case.
"},{"location":"deployment/builders/null/#usage","title":"Usage","text":""},{"location":"deployment/builders/null/#detection","title":"Detection","text":"This builder is never auto-detected. The builder must be specified via the builder:set command:
dokku builder:set node-js-app selected null\n
"},{"location":"deployment/continuous-integration/generic/","title":"Generic CI/CD Integration","text":"In cases where there is no direct or documented integration available, the Dokku project provides an Official Docker Image for use in Continuous Integration/Continuous Deployment (CI/CD) systems.
Assuming a Docker image can be run as a CI task with environment variables injected, the following CI systems will have their variables automatically detected:
- circleci
- cloudbees
- drone
- github actions
- gitlab-ci
- semaphoreci
- travisci
"},{"location":"deployment/continuous-integration/generic/#simple-usage","title":"Simple Usage","text":"The simplest usage of the image is as follows.
# where the `.env` file contains `GIT_REMOTE_URL` and `SSH_PRIVATE_KEY`\n\ndocker run --rm -v=\"$PWD:/app\" --env-file=.env dokku/ci-docker-image dokku-deploy\n
For more configuration examples and further documentation, see the ci-docker-image readme.
"},{"location":"deployment/continuous-integration/github-actions/","title":"GitHub Actions","text":"The Dokku project has an official GitHub Action available on the GitHub Marketplace. The simplest usage example is as follows:
---\nname: 'deploy'\n\non:\n push:\n branches:\n - master\n\njobs:\n deploy:\n runs-on: ubuntu-24.04\n steps:\n - name: Cloning repo\n uses: actions/checkout@v3\n with:\n fetch-depth: 0\n\n - name: Push to dokku\n uses: dokku/github-action@master\n with:\n git_remote_url: 'ssh://dokku@dokku.me:22/appname'\n ssh_private_key: ${{ secrets.SSH_PRIVATE_KEY }}\n
For further usage documentation and other advanced examples, see the entry on the GitHub Marketplace.
"},{"location":"deployment/continuous-integration/gitlab-ci/","title":"GitLab CI","text":"GitLab CI can be used to automatically deploy a Dokku application via the official the dokku/ci-docker-image. The simplest example is as follows:
---\nimage: dokku/ci-docker-image\n\nstages:\n - deploy\n\nvariables:\n GIT_DEPTH: 0\n\ndeploy:\n stage: deploy\n only:\n - master\n variables:\n GIT_REMOTE_URL: ssh://dokku@dokku.me:22/appname\n script: \n - dokku-deploy\n after_script: \n - dokku-unlock\n
For further usage documentation and other advanced examples, see Dokku's gitlab-ci repository.
"},{"location":"deployment/methods/archive/","title":"Tar and Zip Archives","text":""},{"location":"deployment/methods/archive/#initializing-an-app-repository-from-an-archive-file","title":"Initializing an app repository from an archive file","text":"New
Introduced in 0.24.0
A Dokku app repository can be initialized or updated from the contents of an archive file via the git:from-archive command. This is an excellent way of tracking changes when deploying pre-built binary archives, such as java jars or go binaries. This can also be useful when deploying directly from a GitHub repository at a specific commit.
dokku git:from-archive node-js-app https://github.com/dokku/smoke-test-app/releases/download/2.0.0/smoke-test-app.tar\n
In the above example, Dokku will build the app as if the repository contained the extracted contents of the specified archive file.
Triggering a build with the same archive file multiple times will result in Dokku exiting 0 early as there will be no changes detected.
The git:from-archive command can optionally take a git user.name and user.email argument (in that order) to customize the author. If the arguments are left empty, they will fallback to Dokku and automated@dokku.sh, respectively.
dokku git:from-archive node-js-app https://github.com/dokku/smoke-test-app/releases/download/2.0.0/smoke-test-app.tar \"Camila\" \"camila@example.com\"\n
The default archive type is always set to .tar. To use a different archive type, specify the --archive-type flag. Failure to do so will result in a failure to extract the archive.
dokku git:from-archive --archive-type zip node-js-app https://github.com/dokku/smoke-test-app/archive/2.0.0.zip \"Camila\" \"camila@example.com\"\n
Finally, if the archive url is specified as --, the archive will be fetched from stdin.
curl -sSL https://github.com/dokku/smoke-test-app/releases/download/2.0.0/smoke-test-app.tar | dokku git:from-archive node-js-app --\n
"},{"location":"deployment/methods/git/","title":"Git Deployment","text":"New
Subcommands introduced in 0.12.0
git:allow-host <host> # Adds a host to known_hosts\ngit:auth <host> [<username> <password>] # Configures netrc authentication for a given git server\ngit:from-archive [--archive-type ARCHIVE_TYPE] <app> <archive-url> [<git-username> <git-email>] # Updates an app's git repository with a given archive file\ngit:from-image [--build-dir DIRECTORY] <app> <docker-image> [<git-username> <git-email>] # Updates an app's git repository with a given docker image\ngit:generate-deploy-key # Generates a deploy ssh key\ngit:load-image [--build-dir DIRECTORY] <app> <docker-image> [<git-username> <git-email>] # Updates an app's git repository with a docker image loaded from stdin\ngit:sync [--build|build-if-changes] <app> <repository> [<git-ref>] # Clone or fetch an app from remote git repo\ngit:initialize <app> # Initialize a git repository for an app\ngit:public-key # Outputs the dokku public deploy key\ngit:report [<app>] [<flag>] # Displays a git report for one or more apps\ngit:set <app> <key> (<value>) # Set or clear a git property for an app\ngit:status <app> # Show the working tree status for an app\n
Git-based deployment has been the traditional method of deploying applications in Dokku. As of v0.12.0, Dokku introduces a few ways to customize the experience of deploying via git push. A Git-based deployment currently supports building applications via:
- Cloud Native Buildpacks
- Herokuish Buildpack
- Dockerfiles
"},{"location":"deployment/methods/git/#usage","title":"Usage","text":"Warning
Pushing from a shallow clone is not currently supported and may have undefined behavior. Please unshallow your local repository before pushing to a Dokku app to avoid potential errors in the deployment process.
"},{"location":"deployment/methods/git/#initializing-an-application","title":"Initializing an application","text":"When an application is created via git push, Dokku will create the proper pre-receive hook in order to execute the build pipeline. In certain cases - such as when fronting deploys with the git-http-backend - this may not be correctly created. As an alternative, the git:initialize command can be used to trigger this creation:
# on the Dokku host\n\n# overrides any existing pre-receive hook\ndokku git:initialize node-js-app\n
In order for the above command to succeed, the application must already exist.
Warning
If the pre-receive hook was customized in any way, this will overwrite that hook with the current defaults for Dokku.
"},{"location":"deployment/methods/git/#changing-the-deploy-branch","title":"Changing the deploy branch","text":"By default, Dokku will deploy code pushed to the master branch. In order to quickly deploy a different local branch, the following Git command can be used:
# on the local machine\n\n# where `SOME_BRANCH_NAME` is the name of the branch\ngit push dokku SOME_BRANCH_NAME:master\n
In 0.12.0, the correct way to change the deploy branch is to use the git:set Dokku command.
# on the Dokku host\n\n# override for all applications\ndokku git:set --global deploy-branch SOME_BRANCH_NAME\n\n# override for a specific app\n# where `SOME_BRANCH_NAME` is the name of the branch\ndokku git:set node-js-app deploy-branch SOME_BRANCH_NAME\n
As of 0.22.1, Dokku will also respect the first pushed branch as the primary branch, and automatically set the deploy-branch value at that time.
Pushing multiple branches can also be supported by creating a receive-branch plugin trigger in a custom plugin.
"},{"location":"deployment/methods/git/#configuring-the-git_rev-environment-variable","title":"Configuring the GIT_REV environment variable","text":"New
Introduced in 0.12.0
Application deployments will include a special GIT_REV environment variable containing the current deployment sha being deployed. For rebuilds, this SHA will remain the same.
To configure the name of the GIT_REV environment variable, run the git:set command as follows:
# on the Dokku host\n\n# override for a specific app\ndokku git:set node-js-app rev-env-var DOKKU_GIT_REV\n
This behavior can be disabled entirely on a per-app basis by setting the rev-env-var value to an empty string:
# on the Dokku host\n\n# override for a specific app\ndokku git:set node-js-app rev-env-var \"\"\n
"},{"location":"deployment/methods/git/#keeping-the-git-directory","title":"Keeping the .git directory","text":"By default, Dokku will remove the contents of the .git before triggering a build for a given app. This is generally a safe default as shipping the entire source code history of your app in the deployed image artifact is unnecessary as it increases bloat and potentially can leak information if there are any security issues with your app code.
To enable the .git directory, run the git:set command as follows:
# on the Dokku host\n\n# keep the .git directory during builds\ndokku git:set node-js-app keep-git-dir true\n
The default behavior is to delete this directory and it's contents. To revert to the default behavior, the keep-git-dir value can be set to either an empty string or false.
# on the Dokku host\n\n# delete the .git directory during builds (default)\ndokku git:set node-js-app keep-git-dir false\n\n# delete the .git directory during builds (default)\ndokku git:set node-js-app keep-git-dir \"\"\n
Please keep in mind that setting keep-git-dir to true may result in unstaged changes shown within the built container due to the build process generating application changes within the built app directory.
"},{"location":"deployment/methods/git/#initializing-an-app-repository-from-a-remote-repository","title":"Initializing an app repository from a remote repository","text":"New
Introduced in 0.23.0
A Dokku app repository can be initialized or updated from a remote git repository via the git:sync command. This command will either clone or fetch updates from a remote repository and has undefined behavior if the history cannot be fast-fowarded to the referenced repository reference. Any repository that can be cloned by the dokku user can be specified.
Info
The application must exist before the repository can be initialized
dokku git:sync node-js-app https://github.com/heroku/node-js-getting-started.git\n
The git:sync command optionally takes an optional third parameter containing a git reference, which may be a branch, tag, or specific commit.
# specify a branch\ndokku git:sync node-js-app https://github.com/heroku/node-js-getting-started.git main\n\n# specify a tag\ndokku git:sync node-js-app https://github.com/heroku/node-js-getting-started.git 1\n\n# specify a commit\ndokku git:sync node-js-app https://github.com/heroku/node-js-getting-started.git 97e6c72491c7531507bfc5413903e0e00e31e1b0\n
By default, this command does not trigger an application build. To do so during a git:sync, specify the --build flag.
dokku git:sync --build node-js-app https://github.com/heroku/node-js-getting-started.git\n
When running git:sync without a reference, it may be useful to only build when there are changes. To do so, specify the --build-if-changes flag.
dokku git:sync --build-if-changes node-js-app https://github.com/heroku/node-js-getting-started.git\n
"},{"location":"deployment/methods/git/#initializing-from-private-repositories","title":"Initializing from private repositories","text":"New
Introduced in 0.24.0
Initializing from a private repository requires one of the following:
- A Public SSH Key (
id_rsa.pub file) configured on the remote server, with the associated private key (id_rsa) in the Dokku server's /home/dokku/.ssh/ directory. - A configured
.netrc entry.
Dokku provides the git:auth command which can be used to configure a netrc entry for the remote server. This command can be used to add or remove configuration for any remote server.
# add credentials for github.com\ndokku git:auth github.com username personal-access-token\n\n# remove credentials for github.com\ndokku git:auth github.com\n
For syncing to a private repository stored on a remote Git product such as GitHub or GitLab, Dokku's recommendation is to use a personal access token on a bot user where possible. Please see your service's documentation for information regarding the recommended best practices.
"},{"location":"deployment/methods/git/#allowing-remote-repository-hosts","title":"Allowing remote repository hosts","text":"By default, the Dokku host may not have access to a server containing the remote repository. This can be initialized via the git:allow-host command.
dokku git:allow-host github.com\n
Note that this command is currently not idempotent and may add duplicate entries to the ~dokku/.ssh/known_hosts file.
"},{"location":"deployment/methods/git/#creating-a-cloning-ssh-key-pair","title":"Creating a cloning ssh key pair","text":"New
Introduced in 0.33.0
While most repositories can be authenticated to via the git:auth command, some users may prefer to use an ssh key. This can be generated via the git:generate-deploy-key command, which generates a passwordless ed25519 key-pair.
ShellOutput dokku git:generate-deploy-key\n
Generating public/private ed25519 key pair.\nYour identification has been saved in /home/dokku/.ssh/id_ed25519\nYour public key has been saved in /home/dokku/.ssh/id_ed25519.pub\nThe key fingerprint is:\nSHA256:PvlvVfbpYvkmA87rTfLUq07e3GarRN1BcLqDSjod+p8 dokku@ubuntu\nThe key's randomart image is:\n+--[ED25519 256]--+\n| ..o |\n| + |\n| . . |\n| . o =|\n| So . + ++|\n| .=.o.. +..|\n| ++oo..*o. |\n| oo o%*oo=|\n| .+E=BOOo|\n+----[SHA256]-----+\n
"},{"location":"deployment/methods/git/#verifying-the-cloning-public-key","title":"Verifying the cloning public key","text":"In order to clone a remote repository, the remote server should have the Dokku host's public key configured. This plugin does not currently create this key, but if can be shown via the git:public-key command.
dokku git:public-key\n
If there is no key, an error message is shown that displays the command that can be run on the Dokku server to generate a new public/private ssh key pair.
"},{"location":"deployment/methods/image/","title":"Docker Image Deployment","text":""},{"location":"deployment/methods/image/#initializing-an-app-repository-from-a-docker-image","title":"Initializing an app repository from a docker image","text":"New
Introduced in 0.24.0
A Dokku app repository can be initialized or updated from a Docker image via the git:from-image command. This command will either initialize the app repository or update it to include the specified Docker image via a FROM stanza. This is an excellent way of tracking changes when deploying only a given docker image, especially if deploying an image from a remote CI/CD pipeline.
dokku git:from-image node-js-app my-registry/node-js-getting-started:latest\n
In the above example, Dokku will build the app as if the repository contained only a Dockerfile with the following content:
FROM my-registry/node-js-getting-started:latest\n
If the specified image already exists on the Dokku host, it will not be pulled again, though this behavior may be changed using build phase docker-options.
Triggering a build with the same arguments multiple times will result in Dokku exiting 0 early as there will be no changes detected. If the image tag is reused but the underlying image is different, it is recommended to use the image digest instead of the tag. This can be retrieved via the following command:
# for images pushed to a remote registry\ndocker inspect --format='{{index .RepoDigests 0}}' $IMAGE_NAME\n\n# for images built locally and not pushed to a registry\n# use when the previous command output is empty\ndocker images --no-trunc --quiet $IMAGE_NAME\n
The resulting git:from-image call would then be:
# where the image sha is: sha256:9d187c3025d03c033dcc71e3a284fee53be88cc4c0356a19242758bc80cab673\ndokku git:from-image node-js-app my-registry/node-js-getting-started@sha256:9d187c3025d03c033dcc71e3a284fee53be88cc4c0356a19242758bc80cab673\n
The git:from-image command can optionally take a git user.name and user.email argument (in that order) to customize the author. If the arguments are left empty, they will fallback to Dokku and automated@dokku.sh, respectively.
dokku git:from-image node-js-app my-registry/node-js-getting-started:latest \"Camila\" \"camila@example.com\"\n
If the image is a private image that requires a docker login to access, the registry:login command should be used to log into the registry. See the registry documentation for more details on this process.
Finally, certain images may require a custom build context in order for ONBUILD ADD and ONBUILD COPY statements to succeed. A custom build context can be specified via the --build-dir flag. All files in the specified build-dir will be copied into the repository for use within the docker build process. The build context must be specified on each deploy, and is not otherwise persisted between builds.
dokku git:from-image --build-dir path/to/build node-js-app domy-registrykku/node-js-getting-started:latest \"Camila\" \"camila@example.com\"\n
See the dockerfile documentation to learn about the different ways to configure Dockerfile-based deploys.
"},{"location":"deployment/methods/image/#initializing-an-app-repository-from-a-remote-image-without-a-registry","title":"Initializing an app repository from a remote image without a registry","text":"New
Introduced in 0.30.0
A Dokku app repository can be initialized or updated from the contents of an image archive tar file via the git:load-image command. This method can be used when a Docker Registry is unavailable to act as an intermediary for storing an image, such as when building an image in CI and deploying directly from that image.
docker image save my-registry/node-js-getting-started:latest | ssh dokku@dokku.me git:load-image node-js-app my-registry/node-js-getting-started:latest\n
In the above example, we are saving the image to a tar file via docker image save, streaming that to the Dokku host, and then running git:load-image on the incoming stream. Dokku will build the app as if the repository contained only a Dockerfile with the following content:
FROM my-registry/node-js-getting-started:latest\n
When deploying an app via git:load-image, it is highly recommended to use a unique image tag when building the image. Not doing so will result in Dokku exiting 0 early as there will be no changes detected. If the image tag is reused but the underlying image is different, it is recommended to use the image digest instead of the tag. This can be retrieved via the following command:
# for images pushed to a remote registry\ndocker inspect --format='{{index .RepoDigests 0}}' $IMAGE_NAME\n\n# for images built locally and not pushed to a registry\n# use when the previous command output is empty\ndocker images --no-trunc --quiet $IMAGE_NAME\n
The resulting git:load-image call would then be:
# where the image sha is: sha256:9d187c3025d03c033dcc71e3a284fee53be88cc4c0356a19242758bc80cab673\ndocker image save my-registry/node-js-getting-started:latest | ssh dokku@dokku.me git:load-image node-js-app my-registry/node-js-getting-started@sha256:9d187c3025d03c033dcc71e3a284fee53be88cc4c0356a19242758bc80cab673\n
The git:load-image command can optionally take a git user.name and user.email argument (in that order) to customize the author. If the arguments are left empty, they will fallback to Dokku and automated@dokku.sh, respectively.
docker image save my-registry/node-js-getting-started:latest | ssh dokku@dokku.me git:load-image node-js-app my-registry/node-js-getting-started:latest \"Camila\" \"camila@example.com\"\n
Finally, certain images may require a custom build context in order for ONBUILD ADD and ONBUILD COPY statements to succeed. A custom build context can be specified via the --build-dir flag. All files in the specified build-dir will be copied into the repository for use within the docker build process. The build context must be specified on each deploy, and is not otherwise persisted between builds.
docker image save my-registry/node-js-getting-started:latest | ssh dokku@dokku.me git:load-image --build-dir path/to/build node-js-app my-registry/node-js-getting-started:latest \"Camila\" \"camila@example.com\"\n
See the dockerfile documentation to learn about the different ways to configure Dockerfile-based deploys.
"},{"location":"deployment/schedulers/docker-local/","title":"Docker Local Scheduler","text":"New
Subcommands introduced in 0.12.12
scheduler-docker-local:report [<app>] [<flag>] # Displays a scheduler-docker-local report for one or more apps\nscheduler-docker-local:set <app> <key> (<value>) # Set or clear a scheduler-docker-local property for an app\n
New
Introduced in 0.12.0
Dokku natively includes functionality to manage application lifecycles for a single server using the scheduler-docker-local plugin. It is the default scheduler, but as with all schedulers, it is set on a per-application basis. The scheduler can currently be overridden by running the following command:
dokku scheduler:set node-js-app selected docker-local\n
As it is the default, unsetting the selected scheduler property is also a valid way to reset the scheduler.
dokku scheduler:set node-js-app selected\n
"},{"location":"deployment/schedulers/docker-local/#usage","title":"Usage","text":""},{"location":"deployment/schedulers/docker-local/#deploying-amd64-images-on-arm64","title":"Deploying amd64 images on arm64","text":"New
Introduced in 0.33.0
Many builders only produce amd64-compatible images. The docker-local scheduler will automatically detect these and run them via the --platform=linux/amd64 on arm64 deploy targets.
"},{"location":"deployment/schedulers/docker-local/#disabling-the-init-process","title":"Disabling the init process","text":"The scheduler-docker-local injects an init process by default via the --init. For some apps - such as those where the built docker image uses S6 as the init - this may be undesirable and cause issues with process starts. You may disable this by running the following scheduler-docker-local:set command for your application:
dokku scheduler-docker-local:set node-js-app init-process false\n
Once set, you may re-enable it by setting a blank value for init-process:
dokku scheduler-docker-local:set node-js-app init-process\n
All image containers with the label org.opencontainers.image.vendor=linuxserver.io will have the automatic init process injection force-disabled without further intervention.
"},{"location":"deployment/schedulers/docker-local/#deploying-process-types-in-parallel","title":"Deploying Process Types in Parallel","text":"New
Introduced in 0.25.5
By default, Dokku deploys an app's processes one-by-one in order, with the web process being deployed first. Deployment parallelism may be achieved by setting the parallel-schedule-count property, which defaults to 1. Increasing this number increases the number of process types that may be deployed in parallel (with the web process being the exception).
# Increase parallelism from 1 process type at a time to 4 process types at a time.\ndokku scheduler-docker-local:set node-js-app parallel-schedule-count 4\n
Once set, you may reset it by setting a blank value for parallel-schedule-count:
dokku scheduler-docker-local:set node-js-app parallel-schedule-count\n
If the value of parallel-schedule-count is increased and a given process type fails to schedule successfully, then any in-flight process types will continue to be processed, while all process types that have not been scheduled will be skipped before the deployment finally fails.
Container scheduling output is shown in the order it is received, and thus may be out of order in case of output to stderr.
Note that increasing the value of parallel-schedule-count may significantly impact CPU utilization on your host as your app containers - and their respective processes - start up. Setting a value higher than the number of available CPUs is discouraged. It is recommended that users carefully set this value so as not to overburden their server.
"},{"location":"deployment/schedulers/docker-local/#increasing-parallelism-within-a-process-deploy","title":"Increasing parallelism within a process deploy","text":"New
Introduced in 0.26.0
By default, Dokku will deploy one instance of a given process type at a time. This can be increased by customizing the app.json formation key to include a max_parallel key for the given process type.
The formation key should be specified as follows in the app.json file:
{\n \"formation\": {\n \"web\": {\n \"max_parallel\": 1\n },\n \"worker\": {\n \"max_parallel\": 4\n }\n }\n}\n
Omitting or removing the entry will result in parallelism for that process type to return to 1 entry at a time. This can be combined with the parallel-schedule-count property to speed up deployments.
Note that increasing the value of max_parallel may significantly impact CPU utilization on your host as your app containers - and their respective processes - start up. Setting a value higher than the number of available CPUs is discouraged. It is recommended that users carefully set this value so as not to overburden their server.
See the app.json location documentation for more information on where to place your app.json file.
"},{"location":"deployment/schedulers/docker-local/#scheduler-interface","title":"Scheduler Interface","text":"The following sections describe implemented scheduler functionality for the docker-local scheduler.
"},{"location":"deployment/schedulers/docker-local/#implemented-commands-and-triggers","title":"Implemented Commands and Triggers","text":"This plugin implements various functionality through plugn triggers to integrate with Docker for running apps on a single server. The following functionality is supported by the scheduler-docker-local plugin.
apps:cloneapps:destroyapps:renamedeployenterlogsps:inspectps:stoprun
"},{"location":"deployment/schedulers/docker-local/#logging-support","title":"Logging support","text":"App logs for the logs command are fetched from running containers via the docker cli. To persist logs across deployments, consider using Dokku's vector integration to ship logs to another service or a third-party platform.
"},{"location":"deployment/schedulers/docker-local/#supported-resource-management-properties","title":"Supported Resource Management Properties","text":"The docker-local scheduler supports a minimal list of resource limits and reservations. The following properties are supported:
"},{"location":"deployment/schedulers/docker-local/#resource-limits","title":"Resource Limits","text":" - cpu: (docker option:
--cpus), is specified in number of CPUs a process can access. - See the \"CPU\" section of the Docker Runtime Options documentation for more information.
- memory: (docker option:
--memory) should be specified with a suffix of b (bytes), k (kilobytes), m (megabytes), g (gigabytes). Default unit is m (megabytes). - See the \"Memory\" section of the Docker Runtime Options documentation for more information.
- memory-swap: (docker option:
--memory-swap) should be specified with a suffix of b (bytes), k (kilobytes), m (megabytes), g (gigabytes) - See the \"Memory\" section of the Docker Runtime Options documentation for more information.
- nvidia-gpus: (docker option:
--gpus), is specified in number of Nvidia GPUs a process can access. - See the \"GPU\" section of the Docker Runtime Options documentation for more information.
"},{"location":"deployment/schedulers/docker-local/#resource-reservations","title":"Resource Reservations","text":" - memory: (docker option:
--memory-reservation) should be specified with a suffix of b (bytes), k (kilobytes), m (megabytes), g (gigabytes). Default unit is m (megabytes). - See the \"Memory\" section of the Docker Runtime Options documentation for more information.
"},{"location":"deployment/schedulers/k3s/","title":"K3s Scheduler","text":"New
Introduced in 0.33.0
scheduler-k3s:annotations:set <app|--global> <property> (<value>) [--process-type PROCESS_TYPE] <--resource-type RESOURCE_TYPE>, Set or clear an annotation for a given app/process-type/resource-type combination\nscheduler-k3s:autoscaling-auth:set <app|--global> <trigger> [<--metadata key=value>...], Set or clear a scheduler-k3s autoscaling keda trigger authentication resource for an app\nscheduler-k3s:autoscaling-auth:report <app|--global> [--format stdout|json] [--include-metadata] # Displays a scheduler-k3s autoscaling auth report for an app\nscheduler-k3s:cluster-add [ssh://user@host:port] # Adds a server node to a Dokku-managed cluster\nscheduler-k3s:cluster-list # Lists all nodes in a Dokku-managed cluster\nscheduler-k3s:cluster-remove [node-id] # Removes client node to a Dokku-managed cluster\nscheduler-k3s:initialize # Initializes a cluster\nscheduler-k3s:labels:set <app|--global> <property> (<value>) [--process-type PROCESS_TYPE] <--resource-type RESOURCE_TYPE>, Set or clear a label for a given app/process-type/resource-type combination\nscheduler-k3s:report [<app>] [<flag>] # Displays a scheduler-k3s report for one or more apps\nscheduler-k3s:set [<app>|--global] <key> (<value>) # Set or clear a scheduler-k3s property for an app or the scheduler\nscheduler-k3s:show-kubeconfig # Displays the kubeconfig for remote usage\nscheduler-k3s:uninstall # Uninstalls k3s from the Dokku server\n
Note
The k3s plugin replaces the external scheduler-kubernetes plugin. Users can continue to use the external plugin as necessary, but all future development will occur on the official core k3s plugin.
For multi-server support, Dokku provides the ability for users to setup a K3s cluster. As with all schedulers, it is set on a per-app basis. The scheduler can currently be overridden by running the following command:
dokku scheduler:set node-js-app selected k3s\n
As it is the default, unsetting the selected scheduler property is also a valid way to reset the scheduler.
dokku scheduler:set node-js-app k3s\n
"},{"location":"deployment/schedulers/k3s/#usage","title":"Usage","text":"Info
[!IMPORTANT] The k3s plugin requires usage of a docker registry to store deployed image artifacts. See the registry documentation for more details on how to configure a registry.
"},{"location":"deployment/schedulers/k3s/#initializing-a-cluster","title":"Initializing a cluster","text":"Warning
This command must be run as root
Clusters can be initialized via the scheduler-k3s:initialize command. This will start a k3s cluster on the Dokku node itself.
dokku scheduler-k3s:initialize\n
By default, the k3s installation can run both app and system workloads. For clusters where app workloads are run on distinct worker nodes, initialize the cluster with the --taint-scheduling flag, which will allow only Critical cluster components on the k3s control-plane nodes.
dokku scheduler-k3s:initialize --taint-scheduling\n
By default, Dokku will attempt to auto-detect the IP address of the server. In cases where the auto-detected IP address is incorrect, an override may be specified via the --server-ip flag:
dokku scheduler-k3s:initialize --server-ip 192.168.20.15\n
Dokku's k3s integration natively uses nginx as it's ingress load balancer via ingress-nginx. Properties set by the nginx plugin will be respected, either by turning them into annotations or creating a custom server/location snippet that the ingress-nginx project can use.
Dokku can also use Traefik on cluster initialization via the Traefik's CRDs. To change the ingress, set the --ingress-class flag:
dokku scheduler-k3s:initialize --ingress-class traefik\n
"},{"location":"deployment/schedulers/k3s/#adding-nodes-to-the-cluster","title":"Adding nodes to the cluster","text":"Warning
The dokku user must be able to ssh onto the server in order to connect nodes to the cluster. The remote user must be root or have sudo enabled, or the install will fail.
"},{"location":"deployment/schedulers/k3s/#adding-a-worker-node","title":"Adding a worker node","text":"Nodes that run app workloads can be added via the scheduler-k3s:cluster-add command. This will ssh onto the specified server, install k3s, and join it to the current Dokku node in worker mode. Workers are typically used to run app workloads.
dokku scheduler-k3s:cluster-add ssh://root@worker-1.example.com\n
If the server isn't in the known_hosts file, the connection will fail. This can be bypassed by setting the --insecure-allow-unknown-hosts flag:
dokku scheduler-k3s:cluster-add --insecure-allow-unknown-hosts ssh://root@worker-1.example.com\n
By default, Dokku will attempt to auto-detect the IP address of the Dokku server for the remote server to connect to. In cases where the auto-detected IP address is incorrect, an override may be specified via the --server-ip flag:
dokku scheduler-k3s:cluster-add --server-ip 192.168.20.15 ssh://root@worker-1.example.com\n
"},{"location":"deployment/schedulers/k3s/#adding-a-server-node","title":"Adding a server node","text":"Note
Only the initial Dokku server will be properly configured for push deployment, and should be considered your git remote. Additional server nodes are for ensuring high-availability of the K3s etcd state. Ensure this server is properly backed up and restorable or deployments will not work.
Server nodes are typically used to replicate the cluster state, and it is recommended to have an odd number of nodes spread across several availability zones (datacenters in close proximity within a region). This allows for higher availability in the event of a cluster failure. Server nodes run control-plane services such as the traefik load balancer and the etcd backing store.
Server nodes can also be added with the scheduler-k3s:cluster-add command by specifying --role server. This will ssh onto the specified server, install k3s, and join it to the current Dokku node in server mode.
dokku scheduler-k3s:cluster-add --role server ssh://root@server-1.example.com\n
Server nodes allow any workloads to be scheduled on them by default, in addition to the control-plane, etcd, and the scheduler itself. To avoid app workloads being scheduled on your control-plane, use the --taint-scheduling flag:
dokku scheduler-k3s:cluster-add --role server --taint-scheduling ssh://root@server-1.example.com\n
If the server isn't in the known_hosts file, the connection will fail. This can be bypassed by setting the --insecure-allow-unknown-hosts flag:
dokku scheduler-k3s:cluster-add --role server --insecure-allow-unknown-hosts ssh://root@server-1.example.com\n
By default, Dokku will attempt to auto-detect the IP address of the Dokku server for the remote server to connect to. In cases where the auto-detected IP address is incorrect, an override may be specified via the --server-ip flag:
dokku scheduler-k3s:cluster-add --role server --server-ip 192.168.20.15 ssh://root@server-1.example.com\n
"},{"location":"deployment/schedulers/k3s/#changing-the-network-interface","title":"Changing the network interface","text":"When attaching an worker or server node, the K3s plugin will look at the IP associated with the eth0 interface and use that to connect the new node to the cluster. To change this, set the network-interface property to the appropriate value.
dokku scheduler-k3s:set --global network-interface eth1\n
"},{"location":"deployment/schedulers/k3s/#changing-deploy-timeouts","title":"Changing deploy timeouts","text":"By default, app deploys will timeout after 300s. To customize this value, set the deploy-timeout property via scheduler-k3s:set:
dokku scheduler-k3s:set node-js-app deploy-timeout 60s\n
The default value may be set by passing an empty value for the option:
dokku scheduler-k3s:set node-js-app deploy-timeout\n
The deploy-timeout property can also be set globally. The global default is 300s.
dokku scheduler-k3s:set --global deploy-timeout 60s\n
The default value may be set by passing an empty value for the option.
dokku scheduler-k3s:set --global deploy-timeout\n
"},{"location":"deployment/schedulers/k3s/#customizing-the-namespace","title":"Customizing the namespace","text":"By default, app deploys will run against the default Kubernetes namespace. To customize this value, set the namespace property via scheduler-k3s:set:
dokku scheduler-k3s:set node-js-app namespace lollipop\n
The default value may be set by passing an empty value for the option:
dokku scheduler-k3s:set node-js-app namespace\n
The namespace property can also be set globally. The global default is default.
dokku scheduler-k3s:set --global namespace 60s\n
The default value may be set by passing an empty value for the option.
dokku scheduler-k3s:set --global namespace\n
"},{"location":"deployment/schedulers/k3s/#enabling-rollback-on-failure","title":"Enabling rollback on failure","text":"By default, app deploys do not rollback on failure. To enable this functionality, set the rollback-on-failure property via scheduler-k3s:set:
dokku scheduler-k3s:set node-js-app rollback-on-failure true\n
The default value may be set by passing an empty value for the option:
dokku scheduler-k3s:set node-js-app rollback-on-failure\n
The rollback-on-failure property can also be set globally. The global default is false.
dokku scheduler-k3s:set --global rollback-on-failure false\n
The default value may be set by passing an empty value for the option.
dokku scheduler-k3s:set --global rollback-on-failure\n
"},{"location":"deployment/schedulers/k3s/#using-image-pull-secrets","title":"Using image pull secrets","text":"When authenticating against a registry via registry:login, the scheduler-k3s plugin will authenticate all servers in the cluster against the registry specified. If desired, an image pull secret can be used instead. To customize this value, set the image-pull-secrets property via scheduler-k3s:set:
dokku scheduler-k3s:set node-js-app image-pull-secrets lollipop\n
The default value may be set by passing an empty value for the option:
dokku scheduler-k3s:set node-js-app image-pull-secrets\n
The image-pull-secrets property can also be set globally. The global default is empty string, and k3s will use Dokku's locally configured ~/.docker/config.json for any private registry pulls.
dokku scheduler-k3s:set --global image-pull-secrets 60s\n
The default value may be set by passing an empty value for the option.
dokku scheduler-k3s:set --global image-pull-secrets\n
"},{"location":"deployment/schedulers/k3s/#ssl-certificates","title":"SSL Certificates","text":""},{"location":"deployment/schedulers/k3s/#enabling-letsencrypt-integration","title":"Enabling letsencrypt integration","text":"By default, letsencrypt is disabled and https port mappings are ignored. To enable, set the letsencrypt-email-prod or letsencrypt-email-stag property with the --global flag:
# set the value for prod\ndokku scheduler-k3s:set --global letsencrypt-email-prod automated@dokku.sh\n\n# set the value for stag\ndokku scheduler-k3s:set --global letsencrypt-email-stag automated@dokku.sh\n
After enabling and rebuilding, all apps with an http:80 port mapping will have a corresponding https:443 added and ssl will be automatically enabled. All http requests will then be redirected to https.
"},{"location":"deployment/schedulers/k3s/#customizing-the-letsencrypt-server","title":"Customizing the letsencrypt server","text":"The letsencrypt integration is set to the production letsencrypt server by default. This can be changed on an app-level by setting the letsencrypt-server property with the scheduler-k3s:set command
dokku scheduler-k3s:set node-js-app letsencrypt-server staging\n
The default value may be set by passing an empty value for the option:
dokku scheduler-k3s:set node-js-app letsencrypt-server\n
The image-pull-secrets property can also be set globally. The global default is production.
dokku scheduler-k3s:set --global letsencrypt-server staging\n
The default value may be set by passing an empty value for the option.
dokku scheduler-k3s:set --global letsencrypt-server staging\n
"},{"location":"deployment/schedulers/k3s/#customizing-annotations-and-labels","title":"Customizing Annotations and Labels","text":"Note
The cron ID is used as the process type if your app deploys any cron tasks
"},{"location":"deployment/schedulers/k3s/#setting-annotations","title":"Setting Annotations","text":"Dokku injects certain annotations into each created resource by default, but it may be necessary to inject others for tighter integration with third-party tools. The scheduler-k3s:annotations:set command can be used to perform this task. The command takes an app name and a required --resource-type flag.
dokku scheduler-k3s:annotations:set node-js-app annotation.key annotation.value --resource-type deployment\n
If not specified, the annotation will be applied to all processes within an app, though it may be further scoped to a specific process type via the --process-type flag.
dokku scheduler-k3s:annotations:set node-js-app annotation.key annotation.value --resource-type deployment --process-type web\n
The following resource types are supported:
certificatecronjobdeploymentingressjobpodsecretserviceserviceaccounttraefik_ingressroutetraefik_middleware
"},{"location":"deployment/schedulers/k3s/#removing-an-annotation","title":"Removing an annotation","text":"To unset an annotation, pass an empty value:
dokku scheduler-k3s:annotations:set node-js-app annotation.key --resource-type deployment\ndokku scheduler-k3s:annotations:set node-js-app annotation.key --resource-type deployment --process-type web\n
"},{"location":"deployment/schedulers/k3s/#setting-labels","title":"Setting Labels","text":"Dokku injects certain labels into each created resource by default, but it may be necessary to inject others for tighter integration with third-party tools. The scheduler-k3s:labels:set command can be used to perform this task. The command takes an app name and a required --resource-type flag.
dokku scheduler-k3s:labels:set node-js-app label.key label.value --resource-type deployment\n
If not specified, the label will be applied to all processes within an app, though it may be further scoped to a specific process type via the --process-type flag.
dokku scheduler-k3s:labels:set node-js-app label.key label.value --resource-type deployment --process-type web\n
The following resource types are supported:
certificatecronjobdeploymentingressjobpodsecretserviceserviceaccounttraefik_ingressroutetraefik_middleware
"},{"location":"deployment/schedulers/k3s/#removing-a-label","title":"Removing a label","text":"To unset an label, pass an empty value:
dokku scheduler-k3s:annotations:set node-js-app label.key --resource-type deployment\ndokku scheduler-k3s:labels:set node-js-app label.key --resource-type deployment --process-type web\n
"},{"location":"deployment/schedulers/k3s/#autoscaling","title":"Autoscaling","text":""},{"location":"deployment/schedulers/k3s/#workload-autoscaling","title":"Workload Autoscaling","text":"New
Introduced in 0.33.8 Users with older installations will need to manually install Keda.
Autoscaling in k3s is managed by Keda, which integrates with a variety of external metric providers to allow for autoscaling application workloads.
To enable autoscaling, use the app.json formation.$PROCESS_TYPE.autoscaling key to manage rules. In addition to the existing configuration used for process management, each process type in the formation.$PROCESS_TYPE.autoscaling key can have the following keys:
min_quantity: The minimum number of instances the application can run. If not specified, the quantity specified for the app is used.max_quantity: The maximum number of instances the application can run. If not specified, the higher value of quantity and the min_quantity is used.polling_interval_seconds: (default: 30) The interval to wait for polling each of the configured triggerscooldown_seconds: (default: 300) The number of seconds to wait in between each scaling eventtriggers: A list of autoscaling triggers.
Autoscaling triggers are passed as is to Keda, and should match the configuration keda uses for a given scaler. Below is an example for datadog:
{\n \"formation\": {\n \"web\": {\n \"autoscaling\": {\n \"min_quantity\": 1,\n \"max_quantity\": 10,\n \"triggers\": [\n {\n \"name\": \"name-for-trigger\",\n \"type\": \"datadog\",\n \"metadata\": {\n \"query\": \"per_second(sum:http.requests{service:myservice1}).rollup(max, 300))/180,per_second(sum:http.backlog{service:myservice1}).rollup(max, 300)/30\",\n \"queryValue\": \"1\",\n \"queryAggregator\": \"max\"\n }\n }\n ]\n }\n }\n }\n}\n
Each value in the metadata stanza can use the following interpolated strings:
DOKKU_DEPLOYMENT_NAME: The name of the deployment being scaledDOKKU_PROCESS_TYPE: The name of the process being scaledDOKKU_APP_NAME: The name of the app being scaled
"},{"location":"deployment/schedulers/k3s/#workload-autoscaling-authentication","title":"Workload Autoscaling Authentication","text":"Most Keda triggers require some form of authentication to query for data. In the Kubernetes API, they are represented by TriggerAuthentication and ClusterTriggerAuthentication resources. Dokku can manage these via the scheduler-k3s:autoscaling-auth commands, and includes generated resources with each helm release generated by a deploy.
If no app-specific authentication is provided for a given trigger type, Dokku will fallback to any globally defined ClusterTriggerAuthentication resources. Autoscaling triggers within an app all share the same TriggerAuthentication resources, while ClusterTriggerAuthentication resources can be shared across all apps deployed by Dokku within a given cluster.
"},{"location":"deployment/schedulers/k3s/#creating-authentication-resources","title":"Creating Authentication Resources","text":"Users can specify custom authentication resources directly via the Kubernetes api or use the scheduler-k3s:autoscaling-auth:set command to create the resources in the Kubernetes cluster.
dokku scheduler-k3s:autoscaling-auth:set $APP $TRIGGER --metadata apiKey=some-api-key --metadata appKey=some-app-key\n
For example, the following will configure the authentication for all datadog triggers on the specified app:
dokku scheduler-k3s:autoscaling-auth:set node-js-app datadog --metadata apiKey=1234567890 --metadata appKey=asdfghjkl --metadata datadogSite=us5.datadoghq.com\n
After execution, Dokku will include the following resources for each specified trigger with the helm release generated on subsequent app deploys:
Secret: an Opaque Secret resource storing the authentication credentialsTriggerAuthentication: A TriggerAuthentication resource that references the secret for use by triggers
If the --global flag is specified instead of an app name, a custom helm chart is created on the fly with the above resources.
"},{"location":"deployment/schedulers/k3s/#removing-authentication-resources","title":"Removing Authentication Resources","text":"To remove a configured authenticatin resource, run the scheduler-k3s:autoscaling-auth:set command with no metadata specified. Subsequent deploys will not include these resources.
dokku scheduler-k3s:autoscaling-auth:set $APP $TRIGGER_TYPE\n
"},{"location":"deployment/schedulers/k3s/#displaying-an-authentication-resource-report","title":"Displaying an Authentication Resource report","text":"To see a list of authentication resources managed by Dokku, run the scheduler-k3s:autoscaling-auth:report command.
ShellOutput dokku scheduler-k3s:autoscaling-auth:report node-js-app\n
====> $APP autoscaling-auth report\n datadog: configured\n
By default, the report will not display configured metadata - making it safe to include in Dokku report output. To include metadata and their values, add the --include-metadata flag:
ShellOutput dokku scheduler-k3s:autoscaling-auth:report node-js-app --include-metadata\n
====> node-js-app autoscaling-auth report\n Datadog: configured\n Datadog apiKey: 1234567890\n Datadog appKey: asdfghjkl\n Datadog datadogSite: us5.datadoghq.com\n
"},{"location":"deployment/schedulers/k3s/#using-kubectl-remotely","title":"Using kubectl remotely","text":"Warning
Certain ports must be open for interacting with the remote kubernets api. Refer to the K3s networking documentation for the required open ports between servers prior to running the command.
By default, Dokku assumes that all it controls all actions on the cluster, and thus does not expose the kubectl binary for administrators. To interact with kubectl, you will need to retrieve the kubeconfig for the cluster and configure your client to use that configuration.
dokku scheduler-k3s:show-kubeconfig\n
"},{"location":"deployment/schedulers/k3s/#interacting-with-an-external-kubernetes-cluster","title":"Interacting with an external Kubernetes cluster","text":"While the k3s scheduler plugin is designed to work with a Dokku-managed k3s cluster, Dokku can be configured to interact with any Kubernetes cluster by setting the global kubeconfig-path to a path to a custom kubeconfig on the Dokku server. This property is only available at a global level.
dokku scheduler-k3s:set --global kubeconfig-path /path/to/custom/kubeconfig\n
To set the default value, omit the value from the scheduler-k3s:set call:
dokku scheduler-k3s:set --global kubeconfig-path\n
The default value for the kubeconfig-path is the k3s kubeconfig located at /etc/rancher/k3s/k3s.yaml.
"},{"location":"deployment/schedulers/k3s/#customizing-the-kubernetes-context","title":"Customizing the Kubernetes context","text":"When interacting with a custom Kubeconfig, the kube-context property can be set to specify a specific context within the kubeconfig to use. This property is available only at the global leve.
dokku scheduler-k3s:set --global kube-context lollipop\n
To set the default value, omit the value from the scheduler-k3s:set call:
dokku scheduler-k3s:set --global kube-context\n
The default value for the kube-context is an empty string, and will result in Dokku using the current context within the kubeconfig.
"},{"location":"deployment/schedulers/k3s/#scheduler-interface","title":"Scheduler Interface","text":"The following sections describe implemented and unimplemented scheduler functionality for the k3s scheduler.
"},{"location":"deployment/schedulers/k3s/#implemented-commands-and-triggers","title":"Implemented Commands and Triggers","text":"This plugin implements various functionality through plugn triggers to integrate with Docker for running apps on a single server. The following functionality is supported by the scheduler-k3s plugin.
apps:cloneapps:destroyapps:renamecronenterdeploy- healthchecks
- Due to Kubernetes limitations, only a single healthcheck is supported for each of the
liveness, readiness, and startup healthchecks - Due to Kubernetes limitations, content checks are not supported
- Ports specified in the
app.json are ignored in favor of the container port on the port mapping detected
logsps:stoprun - The
scheduler-post-run trigger is not always triggered
run:detachedrun:list
"},{"location":"deployment/schedulers/k3s/#unimplemented-command-functionality","title":"Unimplemented command functionality","text":" run:logsps:inspect
The following Dokku functionality is not implemented at this time.
vector log integration- persistent storage
"},{"location":"deployment/schedulers/k3s/#logging-support","title":"Logging support","text":"App logs for the logs command are fetched by Dokku from running containers via the kubectl cli. Persisting logs via Vector is not implemented at this time. Users may choose to configure the Vector Kubernetes integration directly by following this guide.
"},{"location":"deployment/schedulers/k3s/#supported-resource-management-properties","title":"Supported Resource Management Properties","text":"The k3s scheduler supports a minimal list of resource limits and reservations:
- cpu: is specified in number of CPUs a process can access.
- memory: should be specified with a suffix of
b (bytes), Ki (kilobytes), Mi (megabytes), Gi (gigabytes). Default unit is Mi (megabytes).
If unspecified for any task, the default reservation will be .1 CPU and 128Mi RAM, with no limit set for either CPU or RAM. This is to avoid issues with overscheduling pods on a cluster. To avoid issues, set more specific values for at least resource reservations. If unbounded utilization is desired, set CPU and Memory to 0m and 0Mi, respectively.
Note
Cron tasks retrieve resource limits based on the computed cron task ID.
"},{"location":"deployment/schedulers/kubernetes/","title":"Kubernetes Scheduler","text":"Warning
Deprecation notice: This scheduler has been replaced with the k3s scheduler plugin and is no longer under active development.
The Kubernetes Scheduler Plugin is available free as an external plugin. Please see the plugin's issue tracker for more information on the status of the plugin.
For users that require additional functionality, please refer to the Sponsoring Documentation.
"},{"location":"deployment/schedulers/kubernetes/#scheduler-interface","title":"Scheduler Interface","text":"The following sections describe implemented scheduler functionality for the kubernetes scheduler.
"},{"location":"deployment/schedulers/kubernetes/#implemented-commands-and-triggers","title":"Implemented Commands and Triggers","text":"This plugin implements various functionality through plugn triggers to integrate with kubectl for running apps on a Kubernetes cluster. The following functionality is supported by the scheduler-kubernetes plugin.
apps:destroydeploy: partial, does not implement failed deploy log capturelogs: partial, does not implement failure logsps:stop
"},{"location":"deployment/schedulers/kubernetes/#logging-support","title":"Logging support","text":"App logs for the logs command are fetched from running pods via the kubectl cli. To persist logs across deployments, consider using Vector or a similar tool to ship logs to another service or a third-party platform.
"},{"location":"deployment/schedulers/nomad/","title":"Nomad Scheduler","text":"Warning
This scheduler is not in Dokku core and thus functionality may change over time as the API stabilizes.
The Nomad Scheduler Plugin is available free as an external plugin. Please see the plugin's issue tracker for more information on the status of the plugin.
For users that require additional functionality, please refer to the Sponsoring Documentation.
"},{"location":"deployment/schedulers/nomad/#scheduler-interface","title":"Scheduler Interface","text":"The following sections describe implemented scheduler functionality for the nomad scheduler.
"},{"location":"deployment/schedulers/nomad/#implemented-commands-and-triggers","title":"Implemented Commands and Triggers","text":"This plugin implements various functionality through plugn triggers to integrate with the nomad cli for running apps on a Nomad cluster. The following functionality is supported by the scheduler-nomad plugin.
apps:destroydeployps:stop
"},{"location":"deployment/schedulers/nomad/#logging-support","title":"Logging support","text":"Warning
Fetching app logs for the logs command is currently not implemented. Please consider using Vector or a similar tool to ship logs to another service or a third-party platform.
"},{"location":"deployment/schedulers/null/","title":"Null Scheduler","text":"New
Introduced in 0.25.0
The null scheduler does nothing, and is useful for routing to services not managed by Dokku. It should not be used in normal operation. Please see the network documentation for more information on the aforementioned use case.
"},{"location":"deployment/schedulers/null/#usage","title":"Usage","text":""},{"location":"deployment/schedulers/null/#detection","title":"Detection","text":"This scheduler is never auto-detected. The scheduler must be specified via the scheduler:set command:
dokku scheduler:set node-js-app selected null\n
"},{"location":"deployment/schedulers/scheduler-management/","title":"Scheduler Management","text":"New
Introduced in 0.26.0
scheduler:report [<app>] [<flag>] # Displays a scheduler report for one or more apps\nscheduler:set <app> <key> (<value>) # Set or clear a scheduler property for an app\n
Schedulers are a way of customizing how an app image is deployed, and can be used to interact with non-local systems such as Kubernetes and Nomad.
"},{"location":"deployment/schedulers/scheduler-management/#usage","title":"Usage","text":""},{"location":"deployment/schedulers/scheduler-management/#scheduler-selection","title":"Scheduler selection","text":"Dokku supports the following built-in schedulers:
scheduler-docker-local: Schedules apps against the local docker socket and runs containers directly on the Dokku host. See the docker-local scheduler documentation for more information on how this scheduler functions.scheduler-null: Does nothing during the scheduler phase. See the null scheduler documentation for more information on how this scheduler functions.
"},{"location":"deployment/schedulers/scheduler-management/#overriding-the-auto-selected-scheduler","title":"Overriding the auto-selected scheduler","text":"If desired, the scheduler can be specified via the scheduler:set command by speifying a value for selected. The selected scheduler will always be used.
dokku scheduler:set node-js-app selected docker-local\n
The default value may be set by passing an empty value for the option:
dokku scheduler:set node-js-app selected\n
The selected property can also be set globally. The global default is an empty string, and auto-detection will be performed when no value is set per-app or globally.
dokku scheduler:set --global selected docker-local\n
The default value may be set by passing an empty value for the option.
dokku scheduler:set --global selected\n
"},{"location":"deployment/schedulers/scheduler-management/#displaying-scheduler-reports-for-an-app","title":"Displaying scheduler reports for an app","text":"You can get a report about the app's scheduler status using the scheduler:report command:
ShellOutput dokku scheduler:report\n
=====> node-js-app scheduler information\n Scheduler computed selected: herokuish\n Scheduler global selected: herokuish\n Scheduler selected: herokuish\n=====> python-sample scheduler information\n Scheduler computed selected: dockerfile\n Scheduler global selected: herokuish\n Scheduler selected: dockerfile\n=====> ruby-sample scheduler information\n Scheduler computed selected: herokuish\n Scheduler global selected: herokuish\n Scheduler selected:\n
You can run the command for a specific app also.
ShellOutput dokku scheduler:report node-js-app\n
=====> node-js-app scheduler information\n Scheduler selected: herokuish\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku scheduler:report node-js-app --scheduler-selected\n
"},{"location":"deployment/schedulers/scheduler-management/#implementing-a-scheduler","title":"Implementing a Scheduler","text":"Custom plugins names must have the prefix scheduler- or scheduler overriding via scheduler:set may not function as expected.
At this time, the following dokku commands are used to implement a complete scheduler.
apps:destroy: stops the app processes on the scheduler - triggers: post-delete, scheduler-register-retired, scheduler-retire
apps:rename: handles app renaming - triggers: post-app-rename-setup
apps:clone: handles app cloning - triggers: post-app-clone-setup
cron: generates cron tasks for the app - triggers: cron-write
deploy: deploys app proceses and checks the status of a deploy - triggers: scheduler-app-status, scheduler-deploy, scheduler-is-deployed, scheduler-logs-failed
enter: enters a running container - triggers: scheduler-enter
logs: fetches app logs - triggers: scheduler-logs
run: starts one-off run containers (detached and non-detached) as well as listing run processes - triggers: scheduler-run, scheduler-run-list
run:list: lists running containers - triggers: scheduler-run-list
run:logs: fetches running container logs - triggers: scheduler-run-logs
ps:stop: stops app processes - triggers: scheduler-stop
ps:inspect: outputs inspect output for processes in an app - triggers: scheduler-inspect
Schedulers may decide to omit some functionality here, or use plugin triggers to supplement config with information from other plugins. Additionally, a scheduler may implement other triggers in order handle any extra processes needed during a deploy.
Schedulers can use any tools available on the system to build the docker image, and may even be used to interact with off-server systems. The only current requirement is that the scheduler must have access to the image built in the build phase. If this is not the case, the registry plugin can be used to push the image to a registry that the scheduler software can access.
Deployment tasks are currently executed directly on the primary Dokku server.
"},{"location":"development/plugin-creation/","title":"Plugin creation","text":"A plugin can be a simple implementation of triggers or can implement a command structure of its own. Dokku has no restrictions on the language in which a plugin is implemented; it only cares that the plugin implements the appropriate commands or triggers for the API. NOTE: any file that implements triggers or uses the command API must be executable.
"},{"location":"development/plugin-creation/#plugin-overview","title":"Plugin Overview","text":"When creating custom plugins:
- Take a look at the plugins shipped with Dokku and hack away!
- Check out the list of triggers the plugin can implement
- Upload the plugin to GitHub with a repository name following the
dokku-<name> convention (e.g. dokku-mariadb) - Edit this page and add a link to the plugin
- Subscribe to the dokku development blog to be notified about API changes and releases
"},{"location":"development/plugin-creation/#compilable-plugins-golang-java-c-etc","title":"Compilable plugins (Golang, Java(?), C, etc.)","text":"When developing a plugin, the install trigger must be implemented such that it outputs the built executable(s) using a directory structure that implements the plugin's desired command and/or triggers the API. See the smoke-test-plugin for an example.
"},{"location":"development/plugin-creation/#command-api","title":"Command API","text":"There are 3 main integration points: commands, subcommands/default, and subcommands/<command-name>.
"},{"location":"development/plugin-creation/#commands","title":"commands","text":"Primarily used to supply the plugin's usage/help output. (i.e. plugin help).
"},{"location":"development/plugin-creation/#subcommandsdefault","title":"subcommands/default","text":"Implements the plugin's default command behavior. (i.e. dokku plugin).
"},{"location":"development/plugin-creation/#subcommandscommand-name","title":"subcommands/<command-name>","text":"Implements the additional command interface and will translate to dokku plugin:cmd on the command line. (i.e. dokku plugin:install).
"},{"location":"development/plugin-creation/#plugin-building-tips","title":"Plugin Building Tips","text":""},{"location":"development/plugin-creation/#always-create-a-plugintoml","title":"Always create a plugin.toml","text":"The plugin.toml file is used to describe the plugin in help output, and helps users understand the purpose of the plugin. This must have a description and a version. The version should be bumped at every plugin release.
[plugin]\ndescription = \"dokku example plugin\"\nversion = \"0.1.0\"\n[plugin.config]\n
"},{"location":"development/plugin-creation/#files-should-be-executable","title":"Files should be executable","text":"Commands, subcommands, triggers and source shell scripts should all be executable. On a Unix-like machine, the following command can be used to make them executable:
chmod +x path/to/file\n
Non-executable commands, subcommands, and triggers will be ignored.
"},{"location":"development/plugin-creation/#use-the-pipefail-bash-option","title":"Use the pipefail bash option","text":"Consider whether to include the set -eo pipefail option. Look at the following example:
IMAGE=$(docker images | grep \"user/repo\" | awk '{print $3}')\nif [[ -z $IMAGE ]]; then\n dokku_log_fail \"user/repo image not found... Did you run 'dokku plugin:install'?\"\nfi\n
If user/repo doesn't exist, Dokku exits just before the awk command and the dokku_log_fail message will never go to STDOUT. printed with echo. The set -e option should be used in this case.
Here is the help entry for set:
help set\nOptions:\n -e Exit immediately if a command exits with a non-zero status.\n -o option-name\n pipefail the return value of a pipeline is the status of\n the last command to exit with a non-zero status,\n or zero if no command exited with a non-zero status\n
"},{"location":"development/plugin-creation/#support-trace-mode","title":"Support trace mode","text":"Trace mode is useful for getting debugging output from plugins when the --trace flag is specified or dokku trace:on is triggered. This should be done at the top of each shell script:
#!/usr/bin/env bash\nset -eo pipefail\n[[ $DOKKU_TRACE ]] && set -x\n
In the above example, the third line enables bash's debug mode, which prints command traces before executing command.
"},{"location":"development/plugin-creation/#verify-the-existence-of-dependencies","title":"Verify the existence of dependencies","text":"If a plugin depends on a specific command-line tool, check whether that tool exists before utilizing it. Either command -v or which may be used to do so:
# `command -v` example\nif ! command -v \"nginx\" &>/dev/null; then\n dokku_log_fail \"Missing nginx, install it\"\nfi\n\n# `which` example\nif ! which nginx &>/dev/null; then\n dokku_log_fail \"Missing nginx, install it\"\nfi\n
In cases where a dependency should be installed before the plugin can be used at all, use the dependencies plugin trigger to install the dependency.
"},{"location":"development/plugin-creation/#implement-a-help-command","title":"Implement a help command","text":"For plugins which expose commands, implement a help command. This may be empty, but should contain a listing of all available commands.
Commas - , - are used in the help output for columnizing output. Verify that the plugin conforms to the spec by running dokku help --all and manually verifying the output.
See the sample plugin below for an example.
"},{"location":"development/plugin-creation/#namespace-commands","title":"Namespace commands","text":"All commands should be namespaced. In cases where a core plugin is overridden, the plugin may utilize the a namespace in use by the core, but generally this should be avoided to reduce confusion as to where the command is implemented.
"},{"location":"development/plugin-creation/#implement-a-proper-catch-all-command","title":"Implement a proper catch-all command","text":"As of 0.3.3, a catch-all should be implemented that exits with a DOKKU_NOT_IMPLEMENTED_EXIT code. This allows Dokku to output a command not found message.
See the sample plugin below for an example.
"},{"location":"development/plugin-creation/#set-app-config-without-restarting","title":"Set app config without restarting","text":"In the case that a plugin needs to set app configuration settings and a restart should be avoided (default Heroku-style behavior) these \"internal\" commands provide this functionality:
config_set --no-restart node-js-app KEY1=VALUE1 [KEY2=VALUE2 ...]\nconfig_unset --no-restart node-js-app KEY1 [KEY2 ...]\n
"},{"location":"development/plugin-creation/#expose-functionality-in-a-functions-file","title":"Expose functionality in a functions file","text":"To allow other plugins access to (some of) a plugin's functionality, functions can expose by including a functions file in the plugin for others to source. All functions in that file should be considered publicly accessible by other plugins.
Any functions that must be kept private should reside in the plugin's trigger/ or commands/ directories. Other files may also be used to hide private functions; the official convention for hiding private functions is to place them an internal-functions file.
"},{"location":"development/plugin-creation/#use-helper-functions-to-fetch-app-images","title":"Use helper functions to fetch app images","text":"New
Introduced in 0.4.0
Dokku allows image tagging and deployment of tagged images. This means hard-coding the $IMAGE as dokku/$APP is no longer sufficient.
Plugins should use get_running_image_tag() and get_app_image_name() as sourced from common/functions. See the plugin triggers doc for examples.
Info
Note: This is only for plugins that are not pre/post-build-* plugins
"},{"location":"development/plugin-creation/#use-docker_bin-instead-of-docker-directly","title":"Use $DOCKER_BIN instead of docker directly","text":"New
Introduced in 0.17.5
Certain systems may require a wrapper function around the docker binary for proper execution. Utilizing the $DOCKER_BIN environment variable when calling docker for those functions is preferred.
# good\n\"$DOCKER_BIN\" container run -d $IMAGE /bin/bash -e -c \"$COMMAND\"\n\n# bad\ndocker run -d $IMAGE /bin/bash -e -c \"$COMMAND\"\n
"},{"location":"development/plugin-creation/#include-labels-for-all-temporary-containers-and-images","title":"Include labels for all temporary containers and images","text":"New
Introduced in 0.5.0
As of 0.5.0, labels are used to help cleanup intermediate containers with dokku cleanup. Plugins that create containers and images should add the correct labels to the build, commit, and run docker commands.
Note that where possible, a label com.dokku.app-name=$APP - where $APP is the name of the app - should also be included. This enables dokku cleanup APP to cleanup the specific containers for a given app.
# `docker build` example\n\"$DOCKER_BIN\" image build \"--label=com.dokku.app-name=${APP}\" $DOKKU_GLOBAL_BUILD_ARGS ...\n\n# `docker commit` example\n# Note that the arguments must be set as a local array\n# as arrays cannot be exported in shell\nlocal DOKKU_COMMIT_ARGS=(\"--change\" \"LABEL org.label-schema.schema-version=1.0\" \"--change\" \"LABEL org.label-schema.vendor=dokku\" \"--change\" \"LABEL $DOKKU_CONTAINER_LABEL=\")\n\"$DOCKER_BIN\" container commit --change \"LABEL com.dokku.app-name=$APP\" \"${DOKKU_COMMIT_ARGS[@]}\" ...\n\n# `docker run` example\n\"$DOCKER_BIN\" container run \"--label=com.dokku.app-name=${APP}\" $DOKKU_GLOBAL_RUN_ARGS ...\n
"},{"location":"development/plugin-creation/#copy-files-from-the-built-image-using-copy_from_image","title":"Copy files from the built image using copy_from_image","text":"Avoid copying files from running containers as these files may change over time. Instead copy files from the image built during the deploy process. This can be done via the copy_from_image helper function. This will correctly handle various corner cases in copying files from an image.
source \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\n\nlocal TMP_FILE=$(mktemp \"/tmp/dokku-${DOKKU_PID}-${FUNCNAME[0]}.XXXXXX\")\ntrap \"rm -rf '$TMP_FILE' >/dev/null\" RETURN INT TERM EXIT\n\nlocal IMAGE_TAG=\"$(get_running_image_tag \"$APP\")\"\nlocal IMAGE=$(get_deploying_app_image_name \"$APP\" \"$IMAGE_TAG\")\ncopy_from_image \"$IMAGE\" \"file-being-copied\" \"$TMP_FILE\" 2>/dev/null\n
Files are copied from the /app directory - for images built via buildpacks - or WORKDIR - for images built via Dockerfile.
"},{"location":"development/plugin-creation/#avoid-calling-the-dokku-binary-directly","title":"Avoid calling the dokku binary directly","text":"New
Introduced in 0.6.0
Plugins should not call the dokku binary directly from within plugins because clients using the --app argument are potentially broken when doing so.
Plugins should instead source the functions file for a given plugin when attempting to call Dokku internal functions. In cases where plugin functions cannot be sourced (eg if a plugin is implemented in Golang), then call the relevant plugin triggers instead.
"},{"location":"development/plugin-creation/#sample-plugin","title":"Sample plugin","text":"The below plugin is a dummy dokku hello plugin.
Each plugin requires a plugin.toml descriptor file with the following required fields:
[plugin]\ndescription = \"dokku hello plugin\"\nversion = \"0.1.0\"\n[plugin.config]\n
hello/subcommands/default
#!/usr/bin/env bash\nset -eo pipefail\n[[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\n\ncmd-hello-default() {\n declare desc=\"prints Hello \\$APP\"\n declare cmd=\"hello\"\n [[ \"$1\" == \"$cmd\" ]] && shift 1\n # Support --app/$DOKKU_APP_NAME flag\n # Use the following lines to reorder args into \"$cmd $DOKKU_APP_NAME $@\"\"\n [[ -n $DOKKU_APP_NAME ]] && set -- $DOKKU_APP_NAME $@\n set -- $cmd $@\n #\n declare APP=\"$1\"\n\n [[ -z \"$APP\" ]] && dokku_log_fail \"Please specify an app to run the command on\"\n verify_app_name \"$APP\"\n\n echo \"Hello $APP\"\n}\n\ncmd-hello-default \"$@\"\n
hello/subcommands/world
#!/usr/bin/env bash\nset -eo pipefail\n[[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\n\ncmd-hello-world() {\n declare desc=\"prints Hello world\"\n declare cmd=\"hello:world\"\n [[ \"$1\" == \"$cmd\" ]] && shift 1\n\n echo \"Hello world\"\n}\n\ncmd-hello-world \"$@\"\n
hello/commands
#!/usr/bin/env bash\nset -eo pipefail\n[[ $DOKKU_TRACE ]] && set -x\n\ncase \"$1\" in\n help | hello:help)\n help_content_func () {\n declare desc=\"return help_content string\"\n cat<<help_content\n hello <app>, Says \"Hello <app>\"\n hello:world, Says \"Hello world\"\nhelp_content\n }\n\n if [[ $1 = \"hello:help\" ]] ; then\n echo -e 'Usage: dokku hello[:world] [<app>]'\n echo ''\n echo 'Say Hello World.'\n echo ''\n echo 'Example:'\n echo ''\n echo '$ dokku hello:world'\n echo 'Hello world'\n echo ''\n echo 'Additional commands:'\n help_content_func | sort | column -c2 -t -s,\n else\n help_content_func\n fi\n ;;\n\n *)\n exit $DOKKU_NOT_IMPLEMENTED_EXIT\n ;;\n\nesac\n
"},{"location":"development/plugin-triggers/","title":"Plugin triggers","text":"Plugin triggers (formerly pluginhooks) are a good way to jack into existing Dokku infrastructure. You can use them to modify the output of various Dokku commands or override internal configuration.
Plugin triggers are simply scripts that are executed by the system. You can use any language you want, so long as the script:
- Is executable
- Has the proper language requirements installed
For instance, if you wanted to write a plugin trigger in PHP, you would need to have php installed and available on the CLI prior to plugin trigger invocation.
The following is an example for the nginx-hostname plugin trigger. It reverses the hostname that is provided to nginx during deploys. If you created an executable file named nginx-hostname with the following code in your plugin trigger, it would be invoked by Dokku during the normal app deployment process:
#!/usr/bin/env bash\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nAPP=\"$1\"; SUBDOMAIN=\"$2\"; VHOST=\"$3\"\n\nNEW_SUBDOMAIN=`echo $SUBDOMAIN | rev`\necho \"$NEW_SUBDOMAIN.$VHOST\"\n
"},{"location":"development/plugin-triggers/#available-plugin-triggers","title":"Available plugin triggers","text":"There are a number of plugin-related triggers. These can be optionally implemented by plugins and allow integration into the standard Dokku setup/teardown process.
The following plugin triggers describe those available to a Dokku installation. As well, there is an example for each trigger that you can use as templates for your own plugin development.
Info
The example plugin trigger code is not guaranteed to be implemented as in within dokku, and are merely simplified examples. Please look at the Dokku source for larger, more in-depth examples.
"},{"location":"development/plugin-triggers/#app-create","title":"app-create","text":" - Description: Creates an app
- Invoked by:
- Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#app-destroy","title":"app-destroy","text":" - Description: Destroys an app (with confirmation if force isn't specified)
- Invoked by:
- Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#app-exists","title":"app-exists","text":" - Description: Checks if an app exists
- Invoked by:
- Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#app-list","title":"app-list","text":" - Description: Lists all apps in available to the currently logged in user. Optionally disables filtering by user if the first argument is
false. - Invoked by:
- Arguments:
$FILTER - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#app-json-process-deploy-parallelism","title":"app-json-process-deploy-parallelism","text":" - Description: Decides the parallelism to use when deploying a given process type. The default is 1 process entry at a type.
- Invoked by:
dokku deploy - Arguments:
$APP $PROCESS_TYPE - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#app-json-get-content","title":"app-json-get-content","text":" - Description: Outputs the contents of the app-json file, if any
- Invoked by: Deployment checks
- Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#app-maybe-create","title":"app-maybe-create","text":" - Description: Creates an app (gated by whether this is globally enabled or not)
- Invoked by:
- Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#app-restart","title":"app-restart","text":" - Description: Triggers an app restart
- Invoked by:
dokku config:clear, dokku config:set, dokku config:unset - Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#app-urls","title":"app-urls","text":" - Description: Allows you to change the urls Dokku reports for an application. Will override any auto-detected urls.
- Invoked by:
dokku deploy, dokku url, and dokku urls - Arguments:
$APP $URL_TYPE - Example:
#!/usr/bin/env bash\n# Sets the domain to `internal.tld`\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nAPP=\"$1\"; URL_TYPE=\"$2\"\ncase \"$URL_TYPE\" in\n url)\n echo \"https://internal.tld/${APP}/\"\n ;;\n urls)\n echo \"https://internal.tld/${APP}/\"\n echo \"http://internal.tld/${APP}/\"\n ;;\nesac\n
"},{"location":"development/plugin-triggers/#builder-build","title":"builder-build","text":" - Description: Triggers the artifact build process
- Invoked by:
dokku deploy - Arguments:
$BUILDER_TYPE $APP $SOURCECODE_WORK_DIR - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#builder-create-dokku-image","title":"builder-create-dokku-image","text":" - Description: Allows modification of the configured dokku-image
- Invoked by:
dokku deploy - Arguments:
$BUILDER_TYPE $APP $SOURCECODE_WORK_DIR $DOKKU_IMAGE - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#builder-detect","title":"builder-detect","text":" - Description: Allows overriding the auto-detected
herokuish builder in favor of a custom one. Dockerfile gets lowest builder precedence. - Invoked by:
dokku deploy - Arguments:
$APP $SOURCECODE_WORK_DIR - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nAPP=\"$1\"; SOURCECODE_WORK_DIR=\"$2\"\n\nif [[ -f \"$SOURCECODE_WORK_DIR/project.toml\" ]]; then\n echo -n \"pack\"\nfi\n
"},{"location":"development/plugin-triggers/#builder-dokku-image","title":"builder-dokku-image","text":" - Description: Allows modification of the used dokku-image.
- Invoked by:
dokku deploy - Arguments:
$BUILDER_TYPE $APP $SOURCECODE_WORK_DIR $DOKKU_IMAGE - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#builder-get-property","title":"builder-get-property","text":" - Description: Return the value for an app's builder property
- Invoked by:
- Arguments:
$APP $KEY - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nAPP=\"$1\"; PROPERTY=\"$2\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#builder-herokuish-allowed","title":"builder-herokuish-allowed","text":" - Description: Checks if herokuish is allowed to run on non-amd64 hosts
- Invoked by: unit tests
- Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#builder-image-is-cnb","title":"builder-image-is-cnb","text":" - Description: Checks if an image is cnb-based
- Invoked by: unit tests
- Arguments:
$APP $IMAGE_TAG - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#builder-image-is-herokuish","title":"builder-image-is-herokuish","text":" - Description: Checks if an image is herokuish-based
- Invoked by: unit tests
- Arguments:
$APP $IMAGE_TAG - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#builder-release","title":"builder-release","text":" - Description: Triggers the artifact release process
- Invoked by:
dokku deploy - Arguments:
$BUILDER_TYPE $APP $IMAGE_TAG - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#buildpack-stack-name","title":"buildpack-stack-name","text":" - Description: Retrieves the configured buildpack stack for the pack and herokuish builders
- Invoked by: builder-herokuish and builder-pack
- Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#caddy-template-source","title":"caddy-template-source","text":" - Description: Retrieves an alternative template for the caddy compose config
- Invoked by: caddy-vhosts
- Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#certs-exists","title":"certs-exists","text":" - Description: Echos
true if certs exists for the app, false otherwise - Invoked by:
- Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#certs-force","title":"certs-force","text":" - Description: Echos
true if a cert should be simulated for the app, no output otherwise - Invoked by:
- Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#check-deploy","title":"check-deploy","text":" - Description: Allows you to run checks on a deploy before Dokku allows the container to handle requests.
- Invoked by:
dokku deploy - Arguments:
$APP $CONTAINER_ID $PROC_TYPE $PORT $IP - Example:
#!/usr/bin/env bash\n# Disables deploys of containers based on whether the\n# `DOKKU_DISABLE_DEPLOY` env var is set to `true` for an app\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_AVAILABLE_PATH/config/functions\"\n\nAPP=\"$1\"; CONTAINER_ID=\"$2\"; PROC_TYPE=\"$3\"; PORT=\"$4\" ; IP=\"$5\"\n\neval \"$(config_export app $APP)\"\nDOKKU_DISABLE_DEPLOY=\"${DOKKU_DISABLE_DEPLOY:-false}\"\n\nif [[ \"$DOKKU_DISABLE_DEPLOY\" = \"true\" ]]; then\n echo -e \"\\033[31m\\033[1mDeploys disabled, sorry.\\033[0m\"\n exit 1\nfi\n
"},{"location":"development/plugin-triggers/#checks-get-property","title":"checks-get-property","text":" - Description: Return the value for an app's checks property
- Invoked by:
- Arguments:
$APP $KEY - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nAPP=\"$1\"; PROPERTY=\"$2\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#commands-help-and-commands-plugin_namehelp","title":"commands help and commands <PLUGIN_NAME>:help","text":" - Description: Your plugin should implement a
help command in your commands file to take advantage of this plugin trigger. commands help is used by dokku help to aggregate all plugins abbreviated help output. Implementing <PLUGIN_NAME>:help in your commands file gives users looking for help, a more detailed output. 'commands help' must be implemented inside the commands plugin file. It's recommended that PLUGIN_NAME:help be added to the commands file to ensure consistency among community plugins and give you a new avenue to share rich help content with your user. - Invoked by:
dokku help and commands <PLUGIN_NAME>:help - Arguments: None
- Example:
#!/usr/bin/env bash\n# Outputs help for the derp plugin\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\ncase \"$1\" in\n help | hello:help)\n help_content_func () {\n declare desc=\"return help_content string\"\n cat<<help_content\n hello <app>, Says \"Hello <app>\"\n hello:world, Says \"Hello world\"\nhelp_content\n }\n\n if [[ $1 = \"hello:help\" ]] ; then\n echo -e 'Usage: dokku hello[:world] [<app>]'\n echo ''\n echo 'Say Hello World.'\n echo ''\n echo 'Example:'\n echo ''\n echo '$ dokku hello:world'\n echo 'Hello world'\n echo ''\n echo 'Additional commands:'\n help_content_func | sort | column -c2 -t -s,\n else\n help_content_func\n fi\n ;;\n\n *)\n exit $DOKKU_NOT_IMPLEMENTED_EXIT\n ;;\n\nesac\n
"},{"location":"development/plugin-triggers/#config-export","title":"config-export","text":" - Description: Returns the environment variables in a specified format
- Invoked by: app-json plugin
- Arguments:
$APP $GLOBAL $MERGED $FORMAT - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#config-get","title":"config-get","text":" - Description: Fetches the app config value for a key
- Invoked by:
- Arguments:
$APP $KEY - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#config-get-global","title":"config-get-global","text":" - Description: Fetches the global config value for a key
- Invoked by:
- Arguments:
$KEY - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#core-post-deploy","title":"core-post-deploy","text":"Info
To avoid issues with community plugins, this plugin trigger should be used only for core plugins. Please avoid using this trigger in your own plugins.
- Description: Allows running of commands after an app's processes have been scaled up, but before old containers are torn down. Dokku core currently uses this to switch traffic on nginx.
- Invoked by:
dokku deploy - Arguments:
$APP $INTERNAL_PORT $INTERNAL_IP_ADDRESS $IMAGE_TAG - Example:
#!/usr/bin/env bash\n# Notify an external service that a successful deploy has occurred.\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\ncurl \"http://httpstat.us/200\"\n
"},{"location":"development/plugin-triggers/#core-post-extract","title":"core-post-extract","text":"Info
To avoid issues with community plugins, this plugin trigger should be used only for core plugins. Please avoid using this trigger in your own plugins.
- Description: Allows you to modify the contents of an app after it has been extracted from git but before the image source type is detected.
- Invoked by: The
receive-app plugin trigger - Arguments:
$APP $TMP_WORK_DIR $REV - Example:
#!/usr/bin/env bash\n# Adds a clock process to an app's Procfile\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nAPP=\"$1\"\nTMP_WORK_DIR=\"$2\"\nREV=\"$3\" # optional, may not be sent for tar-based builds\n\npushd \"$TMP_WORK_DIR\" >/dev/null\ntouch Procfile\necho \"clock: some-command\" >> Procfile\npopd &>/dev/null\n
"},{"location":"development/plugin-triggers/#cron-get-property","title":"cron-get-property","text":" - Description: Return the value for an app's cron property
- Invoked by:
- Arguments:
$APP $KEY - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nAPP=\"$1\"; PROPERTY=\"$2\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#cron-entries","title":"cron-entries","text":" - Description: Allows injecting cron entries into the written out scheduled cron task list. Each entry is newline delimited, and individual entries come in the form
$SCHEDULE;$FULL_COMMAND;$ARBITRARY_DATA. Individual implementations of cron writing can decide whether and how to include these cron entries. The ARBITRARY_DATA includes the log file path for the basic docker-local cron implementation. - Invoked by:
- Arguments:
$DOKKU_SCHEDULER - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\n\nDOKKU_SCHEDULER=\"$1\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#cron-write","title":"cron-write","text":" - Description: Force triggers writing out cron entries
- Invoked by:
- Arguments:
- Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#dependencies","title":"dependencies","text":" - Description: Used to install system-level dependencies.
- Invoked by:
dokku plugin:install-dependencies - Arguments: None
- Example:
#!/usr/bin/env bash\n# Installs nginx for the current plugin\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nexport DEBIAN_FRONTEND=noninteractive\n\ncase \"$DOKKU_DISTRO\" in\n debian|raspbian|ubuntu)\n apt-get -qq -y --no-install-recommends install nginx\n ;;\n *)\n echo \"Installation on $DOKKU_DISTRO not supported\" 1>&2\n ;;\nesac\n
"},{"location":"development/plugin-triggers/#deploy","title":"deploy","text":" - Description: Triggers a deploy for the given app. Can override the image tag to deploy, as well as specify a single process type to deploy.
- Invoked by:
dokku deploy - Arguments:
$APP [$IMAGE_TAG] [$PROC_TYPE] - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\n\nAPP=\"$1\" IMAGE_TAG=\"$2\" PROC_TYPE=\"$3\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#deployed-app-image-repo","title":"deployed-app-image-repo","text":" - Description: Used to manage the full repo of the image being deployed. Useful for deploying from an external registry where the repository name is not
dokku/$APP - Invoked by:
internal function dokku_deploy_cmd() (deploy phase) - Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nAPP=\"$1\"\n# change the repo from dokku/APP to dokkupaas/APP\necho \"dokkupaas/$APP\"\n
"},{"location":"development/plugin-triggers/#deployed-app-image-tag","title":"deployed-app-image-tag","text":" - Description: Used to manage the tag of the image being deployed. Useful for deploying a specific version of an image, or when deploying from an external registry
- Invoked by:
internal function dokku_deploy_cmd() (deploy phase) - Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# customize the tag version\necho 'not-latest'\n
"},{"location":"development/plugin-triggers/#deployed-app-repository","title":"deployed-app-repository","text":" - Description: Used to manage the remote repository of the image being deployed.
- Invoked by:
internal function dokku_deploy_cmd() (deploy phase) - Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\necho 'derp.dkr.ecr.us-east-1.amazonaws.com'\n
"},{"location":"development/plugin-triggers/#deploy-source-set","title":"deploy-source-set","text":" - Description: Used to set metadata about how the app is being deployed
- Invoked by:
git:from-archive, git:from-image, git:load-image, git:sync, and all git push commands - Arguments:
$APP $SOURCE_TYPE $METADATA - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#docker-args-build","title":"docker-args-build","text":"Warning
Deprecated, please use docker-args-process-build instead
- Description:
- Invoked by:
internal function dokku_build() (build phase) - Arguments:
$APP $IMAGE_SOURCE_TYPE - Example:
#!/usr/bin/env bash\n# Sets a docker build-arg called CACHEBUST which can be used\n# to bust cache at any arbitrary point in a Dockerfile build\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nSTDIN=$(cat)\nAPP=\"$1\"; IMAGE_SOURCE_TYPE=\"$2\"\noutput=\"\"\n\nif [[ \"$IMAGE_SOURCE_TYPE\" == \"dockerfile\" ]]; then\n output=\" --build-arg CACHEBUST=$(date +%s)\"\nfi\necho -n \"$STDIN$output\"\n
"},{"location":"development/plugin-triggers/#docker-args-deploy","title":"docker-args-deploy","text":"Warning
Deprecated, please use docker-args-process-deploy instead
- Description:
- Invoked by:
dokku deploy - Arguments:
$APP $IMAGE_TAG [$PROC_TYPE $CONTAINER_INDEX] - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nAPP=\"$1\"; IMAGE_TAG=\"$2\"; IMAGE=$(get_app_image_name $APP $IMAGE_TAG)\n\n# TODO\n
"},{"location":"development/plugin-triggers/#docker-args-process-build","title":"docker-args-process-build","text":" - Description:
$PROC_TYPE may be set to magic _all_ process type to signify global docker deploy options. - Invoked by:
dokku ps:rebuild - Arguments:
$APP $IMAGE_SOURCE_TYPE - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\n\nAPP=\"$1\"; IMAGE_SOURCE_TYPE=\"$2\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#docker-args-process-deploy","title":"docker-args-process-deploy","text":" - Description:
$PROC_TYPE may be set to magic _all_ process type to signify global docker deploy options. - Invoked by:
dokku deploy - Arguments:
$APP $IMAGE_SOURCE_TYPE $IMAGE_TAG [$PROC_TYPE $CONTAINER_INDEX] - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nAPP=\"$1\"; $IMAGE_SOURCE_TYPE=\"$2\" IMAGE_TAG=\"$3\"; PROC_TYPE=\"$4\"; CONTAINER_INDEX=\"$5\"; IMAGE=$(get_app_image_name $APP $IMAGE_TAG)\n\n# TODO\n
"},{"location":"development/plugin-triggers/#docker-args-process-run","title":"docker-args-process-run","text":" - Description:
$PROC_TYPE may be set to magic _all_ process type to signify global docker run options. - Invoked by:
dokku run - Arguments:
$APP $IMAGE_SOURCE_TYPE $IMAGE_TAG - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nAPP=\"$1\"; IMAGE_SOURCE_TYPE=\"$3\"; IMAGE_TAG=\"$2\"; IMAGE=$(get_app_image_name $APP $IMAGE_TAG)\n\n# TODO\n
"},{"location":"development/plugin-triggers/#docker-args-run","title":"docker-args-run","text":"Warning
Deprecated, please use docker-args-process-run instead
- Description:
- Invoked by:
dokku run - Arguments:
$APP $IMAGE_TAG - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nAPP=\"$1\"; IMAGE_TAG=\"$2\"; IMAGE=$(get_app_image_name $APP $IMAGE_TAG)\n\n# TODO\n
"},{"location":"development/plugin-triggers/#domains-add","title":"domains-add","text":" - Description: Adds a domain to an app
- Invoked by:
- Arguments:
$APP $DOMAIN - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#domains-disable","title":"domains-disable","text":" - Description: Disables domains for an app
- Invoked by:
- Arguments:
$APP $RESTART_APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#domains-enable","title":"domains-enable","text":" - Description: Enables domains for an app
- Invoked by:
- Arguments:
$APP $RESTART_APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#domains-list","title":"domains-list","text":" - Description: Lists all domains for an app
- Invoked by:
- Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#domains-urls","title":"domains-urls","text":" - Description: Gets an app's url(s)
- Invoked by:
- Arguments:
$APP $URL_TYPE - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#domains-vhost-enabled","title":"domains-vhost-enabled","text":" - Description: Checks if a virtual hosts are enabled for an app
- Invoked by:
- Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#git-deploy-branch","title":"git-deploy-branch","text":" - Description: Outputs the deploy branch for an app, inherited or not
- Invoked by:
- Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#git-get-property","title":"git-get-property","text":" - Description: Return the value for an app's git property
- Invoked by:
- Arguments:
$APP $KEY - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nAPP=\"$1\"; PROPERTY=\"$2\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#git-from-archive","title":"git-from-archive","text":" - Description: Updates an app's git repository from an archive and then triggers a build
- Invoked by:
git:from-archive - Arguments:
$APP $ARCHIVE_URL $ARCHIVE_TYPE $USER_NAME $USER_EMAIL - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#git-from-directory","title":"git-from-directory","text":" - Description: Updates an app's git repository from a source directory and then triggers a build
- Invoked by:
git:from-image and git:from-archive - Arguments:
$APP $SOURCECODE_WORK_DIR $USER_NAME $USER_EMAIL - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#git-from-image","title":"git-from-image","text":" - Description: Updates an app's git repository from a docker image and then triggers a build as necessary
- Invoked by:
git:from-image - Arguments:
$APP $DOCKER_IMAGE $BUILD_DIR $USER_NAME $USER_EMAIL - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#git-has-code","title":"git-has-code","text":" - Description: Checks to see if there is code at the specified branch
- Arguments:
$APP $BRANCH_NAME - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#git-post-pull","title":"git-post-pull","text":" - Description:
- Invoked by:
dokku git-upload-pack - Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#git-pre-pull","title":"git-pre-pull","text":" - Description:
- Invoked by:
dokku git-upload-pack - Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
Warning
The git-pre-pull trigger should not be used for authentication since it does not get called for commands that use git-upload-archive such as git archive. Instead, use the user-auth trigger.
"},{"location":"development/plugin-triggers/#git-revision","title":"git-revision","text":" - Description: Allows you to fetch the current git revision for a given application
- Invoked by:
- Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#install","title":"install","text":" - Description: Used to setup any files/configuration for a plugin.
- Invoked by:
dokku plugin:install. - Arguments: None
- Example:
#!/usr/bin/env bash\n# Sets the hostname of the Dokku server\n# based on the output of `hostname -f`\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nif [[ ! -f \"$DOKKU_ROOT/VHOST\" ]]; then\n hostname -f > $DOKKU_ROOT/VHOST\nfi\n
"},{"location":"development/plugin-triggers/#haproxy-template-source","title":"haproxy-template-source","text":" - Description: Retrieves an alternative template for the haproxy compose config
- Invoked by: haproxy-vhosts
- Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#logs-get-property","title":"logs-get-property","text":" - Description: Return the value for an app's log property
- Invoked by:
- Arguments:
$APP $KEY - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nAPP=\"$1\"; PROPERTY=\"$2\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#network-build-config","title":"network-build-config","text":" - Description: Rebuilds network configuration
- Invoked by:
internally triggered by proxy-build-config within proxy implementations - Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#network-clear-config","title":"network-clear-config","text":" - Description: Clears network configuration
- Invoked by:
internally triggered within proxy implementations - Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#network-config-exists","title":"network-config-exists","text":" - Description: Returns whether the network configuration for a given app exists
- Invoked by:
internally triggered by core-post-deploy within proxy implementations - Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#network-get-ipaddr","title":"network-get-ipaddr","text":" - Description: Return the ipaddr for a given app container
- Invoked by:
internally triggered by a deploy - Arguments:
$APP $PROC_TYPE $CONTAINER_ID - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#network-get-listeners","title":"network-get-listeners","text":" - Description: Return the listeners (host:port combinations) for a given app container
- Invoked by:
internally triggered by a deploy - Arguments:
$APP $PROCESS_TYPE - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#network-get-property","title":"network-get-property","text":" - Description: Return the value for an app's network property
- Invoked by:
internally triggered by a deploy - Arguments:
$APP $KEY - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#network-get-static-listeners","title":"network-get-static-listeners","text":" - Description: Return the network value for an app's property
- Invoked by:
internally triggered by proxy-build-config - Arguments:
$APP $PROCESS_TYPE - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#network-write-ipaddr","title":"network-write-ipaddr","text":" - Description: Write the ipaddr for a given app index
- Invoked by:
internally triggered by a deploy - Arguments:
$APP $PROC_TYPE $CONTAINER_INDEX $IP_ADDRESS - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#network-write-port","title":"network-write-port","text":" - Description: Write the port for a given app index
- Invoked by:
internally triggered by a deploy - Arguments:
$APP $PROC_TYPE $CONTAINER_INDEX $PORT - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#nginx-app-template-source","title":"nginx-app-template-source","text":" - Description: Return the path to a
sigil template that should be used to generate a given nginx configuration file. - Invoked by:
nginx-vhosts#build-config - Arguments:
$APP $TEMPLATE_TYPE - The
TEMPLATE_TYPE argument can be one of: [app-config, hsts-config, validate-config]
- Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\n\nAPP=\"$1\"\nTEMPLATE_TYPE=\"$2\"\ncase \"$TEMPLATE_TYPE\" in\n app-config)\n echo \"$(cd \"$(dirname \"${BASH_SOURCE[0]}\")\" && pwd)/app.conf.sigil\";;\n hsts-config)\n echo \"$(cd \"$(dirname \"${BASH_SOURCE[0]}\")\" && pwd)/hsts.conf.sigil\";;\n validate-config)\n echo \"$(cd \"$(dirname \"${BASH_SOURCE[0]}\")\" && pwd)/validate.conf.sigil\";;\n *)\n dokku_log_fail \"Invalid template type: ${TEMPLATE_TYPE}\"\nesac\n
The default templates are viewable here: plugins/nginx-vhosts/templates/
"},{"location":"development/plugin-triggers/#nginx-dokku-template-source","title":"nginx-dokku-template-source","text":" - Description: Return the path to a
sigil template that should be used to generate the dokku.conf nginx configuration file. - Invoked by:
nginx-vhosts#install - Arguments: None, however the
sigil template can make use of the following variables: $.DOKKU_ROOT $.NGINX_ROOT - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\necho \"$(cd \"$(dirname \"${BASH_SOURCE[0]}\")\" && pwd)/dokku.conf.sigil\"\n
The default template is viewable here: plugins/nginx-vhosts/templates/dokku.conf.sigil
"},{"location":"development/plugin-triggers/#nginx-hostname","title":"nginx-hostname","text":" - Description: Allows you to customize the hostname for a given app
- Invoked by:
dokku domains:setup - Arguments:
$APP $SUBDOMAIN $VHOST - Example:
#!/usr/bin/env bash\n# Reverses the hostname for the app\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nAPP=\"$1\"; SUBDOMAIN=\"$2\"; VHOST=\"$3\"\n\nNEW_SUBDOMAIN=`echo $SUBDOMAIN | rev`\necho \"$NEW_SUBDOMAIN.$VHOST\"\n
"},{"location":"development/plugin-triggers/#nginx-pre-reload","title":"nginx-pre-reload","text":"Warning
The arguments INTERNAL_PORT and INTERNAL_IP_ADDRESS are no longer sufficient to retrieve all app listeners. Please run plugn trigger network-get-listeners APP within any implementation of nginx-pre-reload in order to retrieve all application listeners.
- Description: Run before nginx reloads hosts
- Invoked by:
dokku proxy:build-config - Arguments:
$APP $INTERNAL_PORT $INTERNAL_IP_ADDRESS - Example:
#!/usr/bin/env bash\n# Runs a check against all nginx conf files\n# to ensure they are valid\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nnginx -t\n
"},{"location":"development/plugin-triggers/#openresty-template-source","title":"openresty-template-source","text":" - Description: Retrieves an alternative template for the openresty compose config
- Invoked by: openresty-vhosts
- Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#ports-clear","title":"ports-clear","text":" - Description: Clears the ports for a given app without triggering further restarts or rebuilds
- Invoked by: internally
- Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#ports-configure","title":"ports-configure","text":" - Description: Configures the initial proxy ports
- Invoked by:
internally triggered by proxy plugins - Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#ports-get","title":"ports-get","text":" - Description: Returns a list of port mappings, newline delimited
- Invoked by: Various networking plugins
- Arguments:
$APP $FORMAT - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#ports-get-available","title":"ports-get-available","text":" - Description: Prints out an available port greater than 1024
- Invoked by: Various networking plugins
- Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#ports-get-property","title":"ports-get-property","text":" - Description: Return the value for an app's ports property
- Invoked by:
- Arguments:
$APP $KEY - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nAPP=\"$1\"; PROPERTY=\"$2\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#ports-set-detected","title":"ports-set-detected","text":" - Description: Allows builders to specify detected port mappings for a given app
- Invoked by: Builder plugins
- Arguments:
$APP [$PORT_MAPPING...] - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-app-clone","title":"post-app-clone","text":" - Description: Allows you to run commands after an app was cloned.
- Invoked by:
dokku apps:clone - Arguments:
$OLD_APP_NAME $NEW_APP_NAME - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-app-clone-setup","title":"post-app-clone-setup","text":" - Description: Allows you to run commands after an app is setup, and before it is rebuild. This is useful for cleaning up tasks, or ensuring configuration from an old app is copied to the new app
- Invoked by:
dokku apps:clone - Arguments:
$OLD_APP_NAME $NEW_APP_NAME - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-app-rename","title":"post-app-rename","text":" - Description: Allows you to run commands after an app was renamed.
- Invoked by:
dokku apps:rename - Arguments:
$OLD_APP_NAME $NEW_APP_NAME - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-app-rename-setup","title":"post-app-rename-setup","text":" - Description: Allows you to run commands after an app is setup, and before it is rebuild. This is useful for cleaning up tasks, or ensuring configuration from an old app is copied to the new app
- Invoked by:
dokku apps:rename - Arguments:
$OLD_APP_NAME $NEW_APP_NAME - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-build","title":"post-build","text":" - Description: Allows you to run commands after the build image is create for a given app.
- Invoked by:
internal function dokku_build() (build phase) - Arguments:
$BUILDER_TYPE $APP $SOURCECODE_WORK_DIR - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-build-buildpack","title":"post-build-buildpack","text":"Warning
Deprecated, please use post-build instead
- Description: Allows you to run commands after the build image is create for a given app. Only applies to apps using buildpacks.
- Invoked by:
internal function dokku_build() (build phase) - Arguments:
$APP $SOURCECODE_WORK_DIR - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-build-dockerfile","title":"post-build-dockerfile","text":"Warning
Deprecated, please use post-build instead
- Description: Allows you to run commands after the build image is create for a given app. Only applies to apps using a dockerfile.
- Invoked by:
internal function dokku_build() (build phase) - Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-build-lambda","title":"post-build-lambda","text":"Warning
Deprecated, please use post-build instead
- Description: Allows you to run commands after the build image is create for a given app. Only applies to apps using lambda.
- Invoked by:
internal function dokku_build() (build phase) - Arguments:
$APP $SOURCECODE_WORK_DIR - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-build-pack","title":"post-build-pack","text":"Warning
Deprecated, please use post-build instead
- Description: Allows you to run commands after the build image is create for a given app. Only applies to apps using pack.
- Invoked by:
internal function dokku_build() (build phase) - Arguments:
$APP $SOURCECODE_WORK_DIR - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-certs-remove","title":"post-certs-remove","text":" - Description: Allows you to run commands after a cert is removed
- Invoked by:
dokku certs:remove - Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nAPP=\"$1\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-certs-update","title":"post-certs-update","text":" - Description: Allows you to run commands after a cert is added/updated
- Invoked by:
dokku certs:add, dokku certs:update - Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nAPP=\"$1\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-config-update","title":"post-config-update","text":" - Description: Allows you to get notified when one or more configs is added or removed. Action can be
set or unset. - Invoked by:
dokku config:set, dokku config:unset - Arguments:
$APP set|unset key1=VALUE1 key2=VALUE2 - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-container-create","title":"post-container-create","text":" - Description: This trigger should be used to do stuff to containers after they are created but before they are started. They are explicitly for commands that may involve network traffic, and not for commands that are self-contained, such as chown or tar.
- Invoked by:
dokku run, dokku ps:rebuild, dokku deploy - Arguments: \"app|service\" \"$CONTAINER_ID\" \"$APP|$SERVICE\" \"$PHASE\"
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-create","title":"post-create","text":" - Description: Can be used to run commands after an app is created.
- Invoked by:
dokku apps:create - Arguments:
$APP - Example:
#!/usr/bin/env bash\n# Runs a command to ensure that an app\n# has a postgres database when it is starting\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nAPP=\"$1\";\nPOSTGRES=\"$1\"\n\ndokku postgres:create $POSTGRES\ndokku postgres:link $POSTGRES $APP\n
"},{"location":"development/plugin-triggers/#post-delete","title":"post-delete","text":" - Description: Can be used to run commands after an app is deleted.
- Invoked by:
dokku apps:destroy - Arguments:
$APP $IMAGE_TAG - Example:
#!/usr/bin/env bash\n# Runs a command to ensure that an app's\n# postgres installation is removed\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nAPP=\"$1\";\n\ndokku postgres:destroy $APP\n
"},{"location":"development/plugin-triggers/#post-deploy","title":"post-deploy","text":"Info
Please see core-post-deploy if contributing a core plugin with the post-deploy hook.
- Description: Allows running of commands after an app's processes have been scaled up, but before old containers are torn down. Dokku calls this after
core-post-deploy. Deployment Tasks are also invoked by this plugin trigger. - Invoked by:
dokku deploy - Arguments:
$APP $INTERNAL_PORT $INTERNAL_IP_ADDRESS $IMAGE_TAG - Example:
#!/usr/bin/env bash\n# Notify an external service that a successful deploy has occurred.\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\ncurl \"http://httpstat.us/200\"\n
"},{"location":"development/plugin-triggers/#post-domains-update","title":"post-domains-update","text":" - Description: Allows you to run commands once the domain for an app has been updated. It also sends in the command that has been used. This can be \"add\", \"clear\" or \"remove\". The third argument will be the optional list of domains
- Invoked by:
dokku domains:add, dokku domains:clear, dokku domains:remove, dokku domains:set - Arguments:
$APP action name domains - Example:
#!/usr/bin/env bash\n# Reloads haproxy for our imaginary haproxy plugin\n# that replaces the nginx-vhosts plugin\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nsudo service haproxy reload\n
"},{"location":"development/plugin-triggers/#post-extract","title":"post-extract","text":" - Description: Allows you to modify the contents of an app after it has been extracted from git but before the image source type is detected.
- Invoked by: The
receive-app plugin trigger - Arguments:
$APP $TMP_WORK_DIR $REV - Example:
#!/usr/bin/env bash\n# Adds a clock process to an app's Procfile\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nAPP=\"$1\"\nTMP_WORK_DIR=\"$2\"\nREV=\"$3\" # optional, may not be sent for tar-based builds\n\npushd \"$TMP_WORK_DIR\" >/dev/null\ntouch Procfile\necho \"clock: some-command\" >> Procfile\npopd &>/dev/null\n
"},{"location":"development/plugin-triggers/#post-proxy-ports-update","title":"post-proxy-ports-update","text":" - Description: Allows you to run commands once the port mappings for an app have been updated. It also sends the invoking command. This can be \"add\", \"clear\" or \"remove\".
- Invoked by:
dokku ports:add, dokku ports:clear, dokku ports:remove - Arguments:
$APP action name - Example:
#!/usr/bin/env bash\n# Rebuilds haproxy config for our imaginary haproxy plugin\n# that replaces the nginx-vhosts plugin\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nsource \"$PLUGIN_AVAILABLE_PATH/haproxy/functions\"\nAPP=\"$1\"\n\nhaproxy-build-config \"$APP\"\n
"},{"location":"development/plugin-triggers/#post-registry-login","title":"post-registry-login","text":" - Description: Allows running a command after the a registry has been logged into
- Invoked by:
dokku registry:login - Arguments:
$DOCKER_REGISTRY_SERVER $DOCKER_REGISTRY_USER - Example:
#!/usr/bin/env bash\n\n# the DOCKER_REGISTRY_PASS env var is also set\necho \"$DOCKER_REGISTRY_PASS\"\n
"},{"location":"development/plugin-triggers/#post-release-builder","title":"post-release-builder","text":"Warning
Image mutation in this trigger may result in an invalid run state, and is heavily discouraged.
- Description: Invokes a command after the build process is complete.
- Invoked by: builder plugins
- Arguments:
$BUILDER_TYPE $APP $IMAGE - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nBUILDER_TYPE=\"$1\"; APP=\"$2\"; IMAGE=$3\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-stack-set-todo","title":"post-stack-set TODO","text":" - Description: Allows you to run commands after changing the stack
- Invoked by: buildpacks plugin
- Arguments:
$APP $VALUE - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-stop","title":"post-stop","text":" - Description: Can be used to run commands after an app is manually stopped
- Invoked by:
dokku ps:stop - Arguments:
$APP - Example:
#!/usr/bin/env bash\n# Marks an app as manually stopped\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nAPP=\"$1\";\n\ndokku config:set --no-restart $APP MANUALLY_STOPPED=1\n
"},{"location":"development/plugin-triggers/#pre-build","title":"pre-build","text":" - Description: Allows you to run commands before the build image is created for a given app. For instance, this can be useful to add env vars to your container.
- Invoked by:
internal function dokku_build() (build phase) - Arguments:
$BUILDER_TYPE $APP $SOURCECODE_WORK_DIR - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#pre-build-buildpack","title":"pre-build-buildpack","text":"Warning
Deprecated, please use pre-build instead
- Description: Allows you to run commands before the build image is created for a given app. For instance, this can be useful to add env vars to your container. Only applies to apps using buildpacks.
- Invoked by:
internal function dokku_build() (build phase) - Arguments:
$APP $SOURCECODE_WORK_DIR - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#pre-build-dockerfile","title":"pre-build-dockerfile","text":"Warning
Deprecated, please use pre-build instead
- Description: Allows you to run commands before the build image is created for a given app. For instance, this can be useful to add env vars to your container. Only applies to apps using a dockerfile.
- Invoked by:
internal function dokku_build() (build phase) - Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#pre-build-lambda","title":"pre-build-lambda","text":"Warning
Deprecated, please use pre-build instead
- Description: Allows you to run commands before the build image is created for a given app. For instance, this can be useful to add env vars to your container. Only applies to apps using lambda.
- Invoked by:
internal function dokku_build() (build phase) - Arguments:
$APP $SOURCECODE_WORK_DIR - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#pre-build-pack","title":"pre-build-pack","text":"Warning
Deprecated, please use pre-build instead
- Description: Allows you to run commands before the build image is created for a given app. For instance, this can be useful to add env vars to your container. Only applies to apps using pack.
- Invoked by:
internal function dokku_build() (build phase) - Arguments:
$APP $SOURCECODE_WORK_DIR - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#pre-delete","title":"pre-delete","text":" - Description: Can be used to run commands before an app is deleted.
- Invoked by:
dokku apps:destroy - Arguments:
$APP $IMAGE_TAG - Example:
#!/usr/bin/env bash\n# Clears out the gulp asset build cache for apps\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\n\nAPP=\"$1\"; GULP_CACHE_DIR=\"$DOKKU_ROOT/$APP/gulp\"; IMAGE=$(get_app_image_name $APP $IMAGE_TAG)\n\nif [[ -d $GULP_CACHE_DIR ]]; then\n docker run \"${DOCKER_COMMIT_LABEL_ARGS[@]}\" --rm -v \"$GULP_CACHE_DIR:/gulp\" \"$IMAGE\" find /gulp -depth -mindepth 1 -maxdepth 1 -exec rm -Rf {} \\; || true\nfi\n
"},{"location":"development/plugin-triggers/#pre-deploy","title":"pre-deploy","text":"Warning
Deprecated, please use pre-release-builder instead
- Description: Allows the running of code before the app's processes are scaled up and after the docker images are prepared.
- Invoked by:
dokku deploy - Arguments:
$APP $IMAGE_TAG - Example:
#!/usr/bin/env bash\n# Runs gulp in our container\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nAPP=\"$1\"; IMAGE_TAG=\"$2\"; IMAGE=$(get_app_image_name $APP $IMAGE_TAG)\n\ndokku_log_info1 \"Running gulp\"\nCID=$(docker run \"${DOCKER_COMMIT_LABEL_ARGS[@]}\" -d $IMAGE /bin/bash -c \"cd /app && gulp default\")\ntest $(docker wait $CID) -eq 0\nDOCKER_COMMIT_LABEL_ARGS=(\"--change\" \"LABEL org.label-schema.schema-version=1.0\" \"--change\" \"LABEL org.label-schema.vendor=dokku\" \"--change\" \"LABEL com.dokku.app-name=$APP\")\ndocker commit \"${DOCKER_COMMIT_LABEL_ARGS[@]}\" $CID $IMAGE >/dev/null\n
"},{"location":"development/plugin-triggers/#pre-disable-vhost","title":"pre-disable-vhost","text":" - Description: Allows you to run commands before the VHOST feature is disabled
- Invoked by:
dokku domains:disable - Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nAPP=\"$1\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#pre-enable-vhost","title":"pre-enable-vhost","text":" - Description: Allows you to run commands before the VHOST feature is enabled
- Invoked by:
dokku domains:enable - Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nAPP=\"$1\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#pre-receive-app","title":"pre-receive-app","text":" - Description: Allows you to customize the contents of an app directory before they are processed for deployment. The
IMAGE_SOURCE_TYPE can be any of [herokuish, dockerfile] - Invoked by:
dokku git-hook, dokku tar-build-locked - Arguments:
$APP $IMAGE_SOURCE_TYPE $TMP_WORK_DIR $REV - Example:
#!/usr/bin/env bash\n# Adds a file called `dokku-is-awesome` to the repository\n# the contents will be the app name\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nAPP=\"$1\"; IMAGE_SOURCE_TYPE=\"$2\"; TMP_WORK_DIR=\"$3\"; REV=\"$4\"\n\necho \"$APP\" > \"$TMP_WORK_DIR/dokku-is-awesome\"\n
"},{"location":"development/plugin-triggers/#pre-release-builder","title":"pre-release-builder","text":" - Description: Allows you to run commands before environment variables are set for the release step of the deploy.
- Invoked by:
internal function dokku_release() (release phase) - Arguments:
$BUILDER_TYPE $APP $IMAGE - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nBUILDER_TYPE=\"$1\"; APP=\"$2\"; IMAGE_TAG=\"$3\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#pre-release-buildpack","title":"pre-release-buildpack","text":"Warning
Deprecated, please use pre-release-builder instead
- Description: Allows you to run commands before environment variables are set for the release step of the deploy. Only applies to apps using buildpacks.
- Invoked by:
internal function dokku_release() (release phase) - Arguments:
$APP $IMAGE_TAG - Example:
#!/usr/bin/env bash\n# Installs the graphicsmagick package into the container\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nAPP=\"$1\"; IMAGE_TAG=\"$2\"; IMAGE=$(get_app_image_name $APP $IMAGE_TAG)\n\ndokku_log_info1 \"Installing GraphicsMagick...\"\n\nCMD=\"cat > gm && \\\n dpkg -s graphicsmagick &>/dev/null || \\\n (apt-get update -qq && apt-get -qq -y --no-install-recommends install graphicsmagick && apt-get clean)\"\n\nCID=$(docker run $DOKKU_GLOBAL_RUN_ARGS -i -a stdin $IMAGE /bin/bash -c \"$CMD\")\ntest $(docker wait $CID) -eq 0\nDOCKER_COMMIT_LABEL_ARGS=(\"--change\" \"LABEL org.label-schema.schema-version=1.0\" \"--change\" \"LABEL org.label-schema.vendor=dokku\" \"--change\" \"LABEL com.dokku.app-name=$APP\")\ndocker commit \"${DOCKER_COMMIT_LABEL_ARGS[@]}\" $CID $IMAGE >/dev/null\n
"},{"location":"development/plugin-triggers/#pre-release-lambda","title":"pre-release-lambda","text":"Warning
Deprecated, please use pre-release-builder instead
- Description: Allows you to run commands before environment variables are set for the release step of the deploy. Only applies to apps using lambda.
- Invoked by:
internal function dokku_release() (release phase) - Arguments:
$APP $IMAGE_TAG - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nAPP=\"$1\"; IMAGE_TAG=\"$2\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#pre-release-pack","title":"pre-release-pack","text":"Warning
Deprecated, please use pre-release-builder instead
- Description: Allows you to run commands before environment variables are set for the release step of the deploy. Only applies to apps using pack.
- Invoked by:
internal function dokku_release() (release phase) - Arguments:
$APP $IMAGE_TAG - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nAPP=\"$1\"; IMAGE_TAG=\"$2\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#pre-release-dockerfile","title":"pre-release-dockerfile","text":"Warning
Deprecated, please use pre-release-builder instead
- Description: Allows you to run commands before environment variables are set for the release step of the deploy. Only applies to apps using a dockerfile.
- Invoked by:
internal function dokku_release() (release phase) - Arguments:
$APP $IMAGE_TAG - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nAPP=\"$1\"; IMAGE_TAG=\"$2\"; IMAGE=$(get_app_image_name $APP $IMAGE_TAG)\n\n# TODO\n
"},{"location":"development/plugin-triggers/#pre-restore","title":"pre-restore","text":" - Description: Allows you to run commands before all containers are restored
- Invoked by:
dokku ps:restore - Arguments:
- Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#pre-start","title":"pre-start","text":" - Description: Can be used to run commands before an app is started
- Invoked by:
dokku ps:start - Arguments:
$APP - Example:
#!/usr/bin/env bash\n# Notifies an example url that an app is starting\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nAPP=\"$1\";\n\ncurl \"https://dokku.me/starting/${APP}\" || true\n
"},{"location":"development/plugin-triggers/#procfile-get-command","title":"procfile-get-command","text":" - Description: Fetches the command for a specific process type
- Invoked by:
internally - Arguments:
$APP $PROCESS_TYPE $PORT - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#procfile-exists","title":"procfile-exists","text":" - Description: Checks if a procfile exists for the specified app
- Invoked by:
internally - Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#proxy-build-config","title":"proxy-build-config","text":" - Description: Builds the proxy implementation configuration for a given app
- Invoked by:
internally triggered by ps:restore - Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#proxy-clear-config","title":"proxy-clear-config","text":" - Description: Clears the proxy implementation configuration for a given app
- Invoked by:
internally triggered by apps:rename - Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#proxy-disable","title":"proxy-disable","text":" - Description: Disables the configured proxy implementation for an app
- Invoked by:
internally triggered by ps:restore - Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#proxy-enable","title":"proxy-enable","text":" - Description: Enables the configured proxy implementation for an app
- Invoked by:
internally triggered by ps:restore - Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#proxy-is-enabled","title":"proxy-is-enabled","text":" - Description: Checks if there is a proxy enabled for the app
- Invoked by:
- Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#proxy-type","title":"proxy-type","text":" - Description: Returns the proxy type for an app
- Invoked by:
- Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#ps-can-scale","title":"ps-can-scale","text":" - Description: Sets whether or not a user can scale an app with
ps:scale - Invoked by:
- Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#ps-current-scale","title":"ps-current-scale","text":" - Description: Prints out the current scale contents (process-type=quantity) delimited by newlines.
- Invoked by:
- Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#ps-set-scale","title":"ps-set-scale","text":" - Description: Sets the scale for an app based on a specified formation (process-type=quantity). Any unspecified process types will be left as is.
- Invoked by:
- Arguments:
$APP $SKIP_DEPLOY $CLEAR_EXISTING [$PROCESS_TUPLE...] - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#receive-app","title":"receive-app","text":" - Description: Allows you to customize what occurs when an app is received. Normally just triggers an app build.
- Invoked by:
dokku git-hook, dokku ps:rebuild - Arguments:
$APP $REV ($REV may not be included in cases where a repository is not pushed) - Example:
#!/usr/bin/env bash\n# For our imaginary mercurial plugin, triggers a rebuild\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nAPP=\"$1\"; REV=\"$2\"\n\ndokku hg-build $APP $REV\n
"},{"location":"development/plugin-triggers/#receive-branch","title":"receive-branch","text":" - Description: Allows you to customize what occurs when a specific branch is received. Can be used to add support for specific branch names
- Invoked by:
dokku git-hook, dokku ps:rebuild - Arguments:
$APP $REV $REFNAME - Example:
#!/bin/bash\n# Gives Dokku the ability to support multiple branches for a given service\n# Allowing you to have multiple staging environments on a per-branch basis\n\nreference_app=$1\nrefname=$3\nnewrev=$2\nAPP=${refname/*\\//}.$reference_app\n\nif [[ ! -d \"$DOKKU_ROOT/$APP\" ]]; then\n REFERENCE_REPO=\"$DOKKU_ROOT/$reference_app\"\n git clone --bare --shared --reference \"$REFERENCE_REPO\" \"$REFERENCE_REPO\" \"$DOKKU_ROOT/$APP\" >/dev/null\nfi\nplugn trigger receive-app $APP $newrev\n
"},{"location":"development/plugin-triggers/#release-and-deploy","title":"release-and-deploy","text":" - Description: Triggers a release of the image tag and a subsequent deploy
- Invoked by:
- Arguments:
$APP $IMAGE_TAG - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nAPP=\"$1\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#report","title":"report","text":" - Description: Allows you to report on any custom configuration in use by your application
- Invoked by:
dokku report - Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nAPP=\"$1\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#resource-get-property","title":"resource-get-property","text":" - Description: Fetches a given resource property value
- Invoked by:
- Arguments:
$APP $PROC_TYPE $RESOURCE_TYPE $PROPERTY - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nAPP=\"$1\"; PROC_TYPE=\"$2\" RESOURCE_TYPE=\"$3\" PROPERTY=\"$4\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#retire-container-failed","title":"retire-container-failed","text":" - Description: Allows you to run commands if/when retiring old containers has failed
- Invoked by:
dokku deploy - Arguments:
$APP - Example:
#!/usr/bin/env bash\n# Send an email when a container failed to retire\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nAPP=\"$1\"; HOSTNAME=$(hostname -s)\n\nmail -s \"$APP containers on $HOSTNAME failed to retire\" ops@dokku.me\n
"},{"location":"development/plugin-triggers/#scheduler-app-status","title":"scheduler-app-status","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
- Description: Fetch the status of an app
- Invoked by:
dokku ps:report - Arguments:
$DOKKU_SCHEDULER $APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-deploy","title":"scheduler-deploy","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
- Description: Allows you to run scheduler commands when an app is deployed
- Invoked by:
dokku deploy - Arguments:
$DOKKU_SCHEDULER $APP $IMAGE_TAG - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\"; IMAGE_TAG=\"$3\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-detect","title":"scheduler-detect","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
- Description: Allows you to check which scheduler is in use for an app
- Invoked by:
dokku deploy - Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nAPP=\"$1\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-enter","title":"scheduler-enter","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
- Description: Allows you to enter a running container for a given app
- Invoked by:
dokku enter - Arguments:
$DOKKU_SCHEDULER $APP $@ - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\"; ARGS=\"$@\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-inspect","title":"scheduler-inspect","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
- Description: Allows you to run inspect commands for all containers for a given app
- Invoked by:
dokku ps:inspect - Arguments:
$DOKKU_SCHEDULER $APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-is-deployed","title":"scheduler-is-deployed","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
- Description: Allows you to check if the scheduler has deployed the app
- Invoked by: Various plugins
- Arguments:
$DOKKU_SCHEDULER $APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-logs","title":"scheduler-logs","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
- Description: Allows you to run scheduler commands when retrieving container logs
- Invoked by:
dokku logs:failed - Arguments:
$DOKKU_SCHEDULER $APP $PROCESS_TYPE $TAIL $PRETTY_PRINT $NUM - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\"; PROCESS_TYPE=\"$3\"; TAIL=\"$4\"; PRETTY_PRINT=\"$5\"; NUM=\"$6\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-logs-failed","title":"scheduler-logs-failed","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
- Description: Allows you to run scheduler commands when retrieving failed container logs
- Invoked by:
dokku logs:failed - Arguments:
$DOKKU_SCHEDULER $APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-pre-restore","title":"scheduler-pre-restore","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
- Description: Allows you to run commands before an app is restored
- Invoked by:
dokku ps:restore - Arguments:
$DOKU_SCHEDULER $APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-post-delete","title":"scheduler-post-delete","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
- Description: Allows you to run scheduler commands when an app is deleted
- Invoked by:
dokku apps:destroy - Arguments:
$DOKKU_SCHEDULER $APP $IMAGE_TAG - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\"; IMAGE_TAG=\"$3\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-post-deploy-process","title":"scheduler-post-deploy-process","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
- Description: Allows you to run a command after a process has been started
- Invoked by: scheduler-docker-local
- Arguments:
$APP $PROCESS_TYPE - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nAPP=\"$1\"; PROCESS_TYPE=\"$2\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-post-run","title":"scheduler-post-run","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
- Description: Allows you to run scheduler commands after a
dokku run invocation is called - Invoked by:
dokku run - Arguments:
$DOKKU_SCHEDULER $APP $CONTAINER_ID - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\"; CONTAINER_ID=\"$3\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-register-retired","title":"scheduler-register-retired","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
- Description: Allows scheduling retiring a local container and any related images
- Invoked by:
internally - Arguments:
$APP $CONTAINER_ID - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nAPP=\"$1\";\nCONTAINER_ID=\"$2\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-retire","title":"scheduler-retire","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
- Description: Allows you to run scheduler commands when containers should be force retired from the system
- Invoked by:
dokku run - Arguments:
$DOKKU_SCHEDULER $APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-run","title":"scheduler-run","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
- Description: Allows you to run scheduler commands when a command is executed for your app
- Invoked by:
dokku run - Arguments:
$DOKKU_SCHEDULER $APP ...ARGS - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\"; ARGS=\"${@:3}\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-run-list","title":"scheduler-run-list","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
- Description: Lists all run containers for a given app
- Invoked by:
dokku run - Arguments:
$DOKKU_SCHEDULER $APP $FORMAT - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\"; FORMAT=\"$3\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-run-logs","title":"scheduler-run-logs","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
- Description: Allows you to run scheduler commands when retrieving one-off container logs
- Invoked by:
dokku run - Arguments:
$DOKKU_SCHEDULER $APP $CONTAINER $TAIL $PRETTY_PRINT $NUM - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\"; CONTAINER=\"$3\"; TAIL=\"$4\"; PRETTY_PRINT=\"$5\"; NUM=\"$6\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-run-stop","title":"scheduler-run-stop","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
- Description: Allows a scheduler to stop all \"run\" containers or a specified container
- Invoked by:
dokku run:stop - Arguments:
$DOKKU_SCHEDULER $APP $CONTAINER_NAME - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\"; CONTAINER_NAME=\"$3\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-stop","title":"scheduler-stop","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
- Description: Allows you to run scheduler commands when a tag is destroyed
- Invoked by:
dokku apps:destroy, dokku ps:stop - Arguments:
$DOKKU_SCHEDULER $APP $REMOVE_CONTAINERS - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\"; REMOVE_CONTAINERS=\"$3\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#storage-list","title":"storage-list","text":" - Description: Returns a list of storage mounts
- Invoked by:
dokku storage:list and dokku deploy - Arguments:
$APP $PHASE $FORMAT - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nAPP=\"$1\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#traefik-template-source","title":"traefik-template-source","text":" - Description: Retrieves an alternative template for the traefik compose config
- Invoked by: traefik-vhosts
- Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#uninstall","title":"uninstall","text":" - Description: Used to cleanup after itself.
- Invoked by:
dokku plugin:uninstall - Arguments:
$PLUGIN - Example:
#!/usr/bin/env bash\n# Cleanup up extra containers created\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nPLUGIN=\"$1\"\n\n[[ \"$PLUGIN\" = \"my-plugin\" ]] && docker rmi -f \"${PLUGIN_IMAGE_DEPENDENCY}\"\n
To avoid uninstalling other plugins make sure to check the plugin name like shown in the example.
"},{"location":"development/plugin-triggers/#update","title":"update","text":" - Description: Can be used to run plugin updates on a regular interval. You can schedule the invoker in a cron-task to ensure your system gets regular updates.
- Invoked by:
dokku plugin:update. - Arguments: None
- Example:
#!/usr/bin/env bash\n# Update the herokuish image from git source\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\ncd /root/dokku\nsudo BUILD_STACK=true make install\n
"},{"location":"development/plugin-triggers/#user-auth","title":"user-auth","text":"This is a special plugin trigger that is executed on every command run. As Dokku sometimes internally invokes the dokku command, special care should be taken to properly handle internal command redirects.
Note that the trigger should exit as follows:
0 to continue running as normal1 to halt execution of the command
The SSH_USER is the original ssh user. If you are running remote commands, this user will typically be dokku, and as such should not be trusted when checking permissions. If you are connected via ssh as a different user who then invokes dokku, the value of this variable will be that user's name (root, myuser, etc.).
The SSH_NAME is the NAME variable set via the sshcommand acl-add command. For reference, the following command can be run as the root user to specify a specific NAME for a given ssh key:
sshcommand acl-add dokku NAME < $PATH_TO_SSH_KEY\n
Note that the NAME value is set at the first ssh key match. If an ssh key is set in the /home/dokku/.ssh/authorized_keys multiple times, the first match will decide the value.
- Description: Allows you to deny access to a Dokku command by either ssh user or associated ssh-command NAME user.
- Invoked by:
dokku - Arguments:
$SSH_USER $SSH_NAME $DOKKU_COMMAND - Example:
#!/usr/bin/env bash\n# Allow root/admin users to do everything\n# Deny plugin access to default users\n# Allow access to all other commands\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nSSH_USER=$1\nSSH_NAME=$2\nshift 2\n[[ \"$SSH_USER\" == \"root\" ]] && exit 0\n[[ \"$SSH_NAME\" == \"admin\" ]] && exit 0\n[[ \"$SSH_NAME\" == \"default\" && $1 == plugin:* ]] && exit 1\nexit 0\n
"},{"location":"development/plugin-triggers/#user-auth-app","title":"user-auth-app","text":"This is a special plugin trigger that is executed when listing apps or checking if an app exists. All Dokku commands should check if an app exists at least once before interacting with them so as not to circumvent the check.
Note that the trigger should exit 0, and each non-empty line on stdout is captured as a valid app name.
The SSH_USER is the original ssh user. If you are running remote commands, this user will typically be dokku, and as such should not be trusted when checking permissions. If you are connected via ssh as a different user who then invokes dokku, the value of this variable will be that user's name (root, myuser, etc.).
The SSH_NAME is the NAME variable set via the sshcommand acl-add command. For reference, the following command can be run as the root user to specify a specific NAME for a given ssh key:
sshcommand acl-add dokku NAME < $PATH_TO_SSH_KEY\n
Note that the NAME value is set at the first ssh key match. If an ssh key is set in the /home/dokku/.ssh/authorized_keys multiple times, the first match will decide the value.
- Description: Allows you to deny access to a Dokku app by either ssh user or associated ssh-command NAME user.
- Invoked by:
dokku - Arguments:
$SSH_USER $SSH_NAME $DOKKU_COMMAND - Example:
#!/usr/bin/env bash\n# hide any apps with the prefix \"admin\"\n# if the logged in user (SSH_USER) or SSH_NAME is not `root`\n\nmain() {\n declare SSH_USER=\"$1\" SSH_NAME=\"$2\" ARGS=(\"${@:3}\")\n\n for arg in \"${ARGS[@]}\"; do\n if [[ \"$arg\" == admin-* ]] && [[ \"$SSH_USER\" != \"root\" ]] && [[ \"$SSH_NAME\" != \"root\" ]]; then\n continue\n fi\n\n echo \"${arg}\"\n done\n}\n\nmain \"$@\"\n
"},{"location":"development/plugin-triggers/#vector-template-source","title":"vector-template-source","text":" - Description: Retrieves an alternative template for the vector compose config
- Invoked by: caddy-vhosts
- Arguments:
- Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/release-process/","title":"Release Process","text":"Dokku is released in intervals at most three weeks apart, though may be released much quicker.
To propose a release, the following tasks need to be performed:
export PACKAGECLOUD_TOKEN=SOME_TOKEN\n# supports major/minor/patch/betafish\ncontrib/release-dokku\n
Info
If you are a maintainer and need the PACKAGECLOUD_TOKEN in order to make a release, please contact @josegonzalez to get this information.
As well, the Arch Linux package description must be updated via vagrant up build-arch (needs to be done after the tag is pushed to GitHub, because it is based on that)
"},{"location":"development/release-process/#versioning","title":"Versioning","text":"Dokku follows semver standards. As we are not yet at a stable release, breaking changes will require only a minor release, while all other changes only require a patch release. Once we hit stable, breaking changes will require a major release.
At the moment, tags need not be signed, though that may change in the future.
"},{"location":"development/release-process/#arch-linux-packages","title":"Arch Linux Packages","text":"Arch Linux packages are not really build, because all that is needed for an Arch User Repo (AUR) package is the description of how to build the package. To make this process as easy as possible there is a vagrant box called build-arch that updates the version of this build description (a file called PKGBUILD), then runs some helper scripts to fill all additional information and does test if the package could be build. Then only those changes need to be pushed to the AUR repo and an updated version of the package is ready for usage for our Arch Linux users. For detailed information see the section below.
The workflow looks like this:
# having dokku-arch in ../dokku-arch\nvagrant up build-arch\n# wait for \"==> build-arch: ==> Finished making: dokku 0.35.4-2 (Mon Feb 22 23:20:37 CET 2016)\"\ncd ../dokku-arch\ngit add PKGBUILD .SRCINFO\ngit commit -m 'Update to dokku 0.9.9'\ngit push aur master\n
Info
If you are a maintainer and need access to the AUR repositories in order to make a release, please contact @morrisjobke or @josegonzalez to get this co-maintainership.
"},{"location":"development/release-process/#detailed-information-for-arch-linux-packages","title":"Detailed information for Arch Linux packages","text":"All of the information to build the Arch Linux package is in the AUR git repository (see dokku AUR page). The release of a AUR package only consists of pushing the package information into the AUR git repo. Then users could use that information to build the package on their machines.
To update the package clone the repository and adjust the files in the repository. Then a helper script - updpkgsums - to update the SHA sum could be called (check against the original SHA sum). Another helper script - mksrcinfo - needs to be called to update the meta information of the package in a file called .SRCINFO. The next step builds the package locally for verification - makepkg. As last step commit your changes and push the commit.
- dependencies are defined in the
depends attribute in PKGBUILD - build steps during package build time are defined in the
package() method in PKGBUILD - steps that should be executed during install/update/remove time are defined in the file
dokku.install - detailed information about all attributes in
PKGBUILD could be found in the Arch Linux wiki - detailed information about the AUR workflow could be found in the AUR article in the Arch Linux wiki
That is the usual workflow:
updpkgsums # update sha sums - compare them with the original ones\nmksrcinfo # update package metadata for AUR\nmakepkg # test package builds\ngit add PKGBUILD .SRCINFO\ngit commit -m 'Update to dokku 0.9.9'\ngit push\n
Info
If there is something unclear simply ask @morrisjobke for help.
"},{"location":"development/testing/","title":"Running Tests","text":"Dokku has a full test suite to assist in quick iterating development. These tests include a linter using shellcheck, functional unit tests using the Bats testing framework, and a deployment suite of example apps that use the most popular languages and frameworks.
We maintain the Dokku test harness within the tests directory:
tests/unit/*.bats: Bats teststests/apps/: Example applications that can be used for tests
"},{"location":"development/testing/#continuous-integration","title":"Continuous Integration","text":"All pull requests have tests run against them on GitHub Actions, a continuous integration platform that provides Docker support for Ubuntu Noble 24.04.
If you wish to skip tests for a particular commit, e.g. documentation changes, you may add the [ci skip] designator to your commit message. Commits that should be tested but have the above designator will not be merged.
While we do provide official packages for a variety of platforms, as our test suite currently runs on Ubuntu Noble 24.04, we only provide official installation support for that platform and the supported LTS releases of Ubuntu (currently 20.04, 22.04, and 24.04).
"},{"location":"development/testing/#local-test-execution","title":"Local Test Execution","text":""},{"location":"development/testing/#vagrant-vm","title":"Vagrant VM","text":" - Setup Dokku in a Vagrant VM.
- Run the following to setup tests and execute them:
vagrant ssh\nsudo su -\ncd ~/dokku\nmake ci-dependencies setup-deploy-tests\n
After making changes to your local Dokku clone, don't forget to update the Vagrant Dokku install.
# update vagrant dokku install from local git clone\nmake copyfiles\n\n# build a specific plugin\nmake go-build-plugin copyplugin PLUGIN_NAME=apps\n
"},{"location":"development/testing/#vscode-dev-container","title":"VSCode Dev Container","text":" - Open Dokku in a VSCode DevContainer
- Run the following in the VSCode terminal to setup tests and execute them:
make ci-dependencies setup-deploy-tests\n
After making changes to your local Dokku clone, don't forget to update the Vagrant Dokku install.
# update vagrant dokku install from local git clone\nmake copyfiles\n\n# build a specific plugin\nmake go-build-plugin copyplugin PLUGIN_NAME=apps\n
"},{"location":"development/testing/#executing-tests","title":"Executing tests","text":"Execute the entire test suite (linter, bats tests, and app deployment tests):
make test\n
Run the linter
make lint\n
Execute all bats tests
make unit-tests\n
Execute all app deployment tests
make deploy-tests\n
"},{"location":"development/testing/#executing-app-tests","title":"Executing App Tests","text":"You may run a specific app deployment tests with a target similar to:
make deploy-test-nodejs-express\n
For a full list of test make targets check out tests.mk in the root of the Dokku repository.
"},{"location":"development/testing/#executing-a-single-test-suite","title":"Executing a single test suite","text":"When working on a particular plugin, it may be useful to run only a particular test suite. This can be done by specifying the test suite path:
bats tests/unit/apps_1.bats\n
It is also possible to target multiple test suites at a time.
bats tests/unit/apps_1.bats tests/unit/certs.bats\n
"},{"location":"development/testing/#executing-a-single-test","title":"Executing a single test","text":"In order to increase testing velocity, a wrapper script around Bats is available that can be used to run a single test case within a suite.
Tests within a suite may be listed by specifying the suite as a parameter to bats.
bats tests/unit/apps_1.bats\n
A single test can be specified via the --filter argument. The tests are selected via regex match, and all matches are executed.
bats --filter list tests/unit/apps_1.bats\n
"},{"location":"enterprise/pro/","title":"Dokku Pro","text":"Dokku Pro is a commercial offering that provides a familiar Web UI for all common tasks performed by developers. End users can expect an interface that provides various complex cli commands in an intuitive, app-centric manner, quickly speeding up tasks that might otherwise be difficult for new and old users to perform. Additionally, it provides a way to perform these tasks remotely via a json api, enabling easier, audited remote management of servers. Finally, Dokku Pro provides an alternative, https-based method for deploying code which can be used in environments that lockdown ssh access to servers.
"},{"location":"enterprise/pro/#purchasing","title":"Purchasing","text":"Dokku Pro may be purchased online by clicking the following purchase link:
Dokku Pro Purchase Link
Info
Currently, the server must be able to contact the public internet to validate the license, or it will fail to start. For offline support, inquire for enterprise offline licensing.
"},{"location":"enterprise/pro/#installation","title":"Installation","text":"Dokku Pro is shipped as Debian and RPM packages, and depends on the following files:
/etc/default/dokku-pro: Configures certain environment variables for usage by the dokku-pro binary/etc/dokku-pro/license.key: Contains the downloaded license key/var/lib/dokku/data/pro/db: Contains the local dokku-pro database
Please refer to the purchase email for details on configuring Dokku Pro.
"},{"location":"enterprise/pro/#features-and-development","title":"Features and Development","text":"Dokku Pro has the following functionality:
- Shipped as a single binary for ease of use
- JSON-API-compatible API with JWT authentication
- Authenticated HTTP(S) endpoints for git push functionality
- Single Page App (SPA) Web UI exposing app, datastore, and ssh key management
While each release is fairly feature complete, individual features and documentation will expand over time. Feature development follows a monthly release cadence, with individual bug fixes released on an as needed basis.
"},{"location":"getting-started/advanced-installation/","title":"Advanced installation","text":""},{"location":"getting-started/advanced-installation/#installing-via-other-methods","title":"Installing via other methods","text":"For various reasons, certain hosting providers may have other steps that should be preferred to the above. If hosted on any of the following popular hosts, please follow the linked to instructions:
- DigitalOcean Installation Notes
- DreamHost Cloud Installation Notes
- Microsoft Azure Installation Notes
As well, you may wish to customize your installation in some other fashion. or experiment with Vagrant. The guides below should get you started:
- Debian Package Installation Notes
- Docker-based Installation Notes
- Vagrant Installation Notes
- Advanced Install Customization
- Automated deployment via ansible
"},{"location":"getting-started/advanced-installation/#installing-from-source","title":"Installing from Source","text":"You can always install Dokku straight from the latest - potentially unstable - master branch via the following Bash command:
# using a branch results in installing from source\nwget -NP . https://dokku.com/install/master/bootstrap.sh;\nsudo DOKKU_BRANCH=master bash bootstrap.sh\n
"},{"location":"getting-started/advanced-installation/#development","title":"Development","text":"If you plan on developing Dokku, the easiest way to install from your own repository is cloning the repository and calling the install script. Example:
git clone https://github.com/yourusername/dokku.git\ncd dokku\nsudo make install\n
The Makefile allows source URLs to be overridden to include customizations from your own repositories. The DOCKER_URL, PLUGN_URL, SSHCOMMAND_URL and STACK_URL environment variables may be set to override the defaults (see the Makefile for how these apply). Example:
sudo SSHCOMMAND_URL=https://raw.githubusercontent.com/yourusername/sshcommand/master/sshcommand make install\n
"},{"location":"getting-started/advanced-installation/#bootstrap-a-server-from-your-own-repository","title":"Bootstrap a server from your own repository","text":"The bootstrap script allows the Dokku repository URL to be overridden to bootstrap a host from your own clone of Dokku using the DOKKU_REPO environment variable. Example:
wget -NP . https://dokku.com/install/master/bootstrap.sh;\nchmod +x bootstrap.sh\nsudo DOKKU_REPO=https://github.com/yourusername/dokku.git DOKKU_BRANCH=master ./bootstrap.sh\n
"},{"location":"getting-started/advanced-installation/#custom-herokuish-build","title":"Custom Herokuish build","text":"Dokku ships with a pre-built version of the Herokuish component by default. If you want to build your own version you can specify that with an environment variable.
git clone https://github.com/dokku/dokku.git\ncd dokku\nsudo BUILD_STACK=true STACK_URL=https://github.com/gliderlabs/herokuish.git make install\n
"},{"location":"getting-started/advanced-installation/#skipping-herokuish-installation","title":"Skipping Herokuish installation","text":"The Herokuish package is recommended but not required if not using Heroku buildpacks for deployment. Debian-based OS users can run the bootstrap installer via sudo DOKKU_NO_INSTALL_RECOMMENDS=\" --no-install-recommends \" bash bootstrap.sh to skip the dependency. Please note that this will also skip installation of other recommended dependencies.
"},{"location":"getting-started/advanced-installation/#configuring-an-unattended-installation","title":"Configuring an unattended installation","text":"Once Dokku is installed, you'll want to configure the virtualhost setup as well as the push user. If you do not, your installation will be considered incomplete and you will not be able to deploy applications.
For Debian, unattended installation is described Debian installation guide.
Set up a domain using your preferred vendor and a wildcard domain pointing to the host running Dokku. You can manage this global domain using the domains plugin.
Follow the user management documentation in order to add SSH keys for users to Dokku, or to give other Unix accounts access to Dokku.
"},{"location":"getting-started/advanced-installation/#vms-with-less-than-1-gb-of-memory","title":"VMs with less than 1 GB of memory","text":"Having less than 1 GB of system memory available for Dokku and its containers may result in unexpected errors, such as ! [remote rejected] master -> master (pre-receive hook declined) during installation of NPM dependencies.
To work around this issue, it might suffice to augment the Linux swap file size to a maximum of twice the physical memory size.
To resize the swap file of a 512 MB machine to 1 GB, follow these steps while in SSH within your machine:
cd /var\ntouch swap.img\nchmod 600 swap.img\n\ndd if=/dev/zero of=/var/swap.img bs=1024k count=1000\nmkswap /var/swap.img\nswapon /var/swap.img\nfree\n\necho \"/var/swap.img none swap sw 0 0\" >> /etc/fstab\n
Reference
"},{"location":"getting-started/troubleshooting/","title":"Troubleshooting","text":"New
Introduced in 0.17.0
trace:on # Enables trace mode\ntrace:off # Disables trace mode\n
"},{"location":"getting-started/troubleshooting/#trace-mode","title":"Trace Mode","text":"By default, Dokku will constrain the amount of output displayed for any given command run. The verbosity of output can be increased by enabling trace mode. Trace mode will turn on the set -x flag for bash plugins, while other plugins are free to respect the environment variable DOKKU_TRACE and log differently as approprate. Trace mode can be useful to see where plugins are running commands that would otherwise be unexpected.
To enable trace mode, run trace:on
ShellOutput dokku trace:on\n
-----> Enabling trace mode\n
Trace mode can be disabled with trace:off
ShellOutput dokku trace:off\n
-----> Disabling trace mode\n
"},{"location":"getting-started/troubleshooting/#common-problems","title":"Common Problems","text":""},{"location":"getting-started/troubleshooting/#i-deployed-my-app-but-i-am-getting-the-default-nginx-page","title":"I deployed my app but I am getting the default nginx page","text":"Most of the time it's caused by some defaults newer versions of nginx set. To make sure that's the issue you're having run the following:
nginx -t\n## nginx: [emerg] could not build the server_names_hash, you should increase server_names_hash_bucket_size: 32\n
If you get a similar error just edit /etc/nginx/nginx.conf and add the following line to your http section:
http {\n (... existing content ...)\n server_names_hash_bucket_size 64;\n (...)\n}\n
Note that the server_names_hash_bucket_size setting defines the maximum domain name length. A value of 64 would allow domains with up to 64 characters. Set it to 128 if you need longer ones.
Save the file and try stopping nginx and starting it again:
dokku nginx:stop\ndokku nginx:start\n
Using the EXPOSE directive in a Dockerfile may be another reason why you might see the default site. When the EXPOSE directive is in use and a proxy plugin is enabled (the default), the proxy plugin will listen to requests on the ports specified in the EXPOSE stanza.
For example, if you have an EXPOSE directive like so:
EXPOSE 8000\n
The port mapping will be http:8000:8000.
To avoid this issue, either of the following can be done:
- Remove
EXPOSE directive: This will require respecting the $PORT environment variable (automatically set by Dokku). Once that change is deployed, the port mapping should be cleared via the dokku ports:clear $APP command (where $APP is your app name). - Update the port mapping: Updating the port mapping to redirect port
80 to your app's exposed port via dokku ports:set $APP http:80:$EXPOSED_PORT can also fix the issue. This will also allow certificate management and the letsencrypt plugin to work correctly.
See the port management documentation for more information on how Dokku exposes ports for applications and how you can configure these for your app.
"},{"location":"getting-started/troubleshooting/#i-want-to-deploy-my-app-but-while-pushing-i-get-the-following-error","title":"I want to deploy my app, but while pushing I get the following error","text":"The following error may be emitted from a deploy:
! [remote rejected] master -> master (pre-receive hook declined)\n
The remote rejected error does not give enough information. Anything could have failed. Enable trace mode and begin debugging. If this does not help you, create a gist containing the full log, and create an issue.
One the reasons why you may get this error is because the command that is run in the container exited (without errors). For example, (in Procfile) when you define a new worker container to run Delayed Job and use the bin/delayed_job start command. This command deamonizes the process and exists. The container thinks it's done so it closes itself. The error you get is the one above. To fix the above problem for Delayed Job, you must define the worker to user rake jobs:work, which doesn't deamonize the process.
"},{"location":"getting-started/troubleshooting/#i-get-the-aforementioned-error-in-the-build-phase-after-turning-on-dokku-tracing","title":"I get the aforementioned error in the build phase (after turning on Dokku tracing)","text":"Most errors that happen in this phase are due to transient network issues (either locally or remotely) buildpack bugs.
Find the failed phase's container image (077581956a92 in this example).
docker ps -a | grep build\n## 94d9515e6d93 077581956a92 \"/build\" 29 minutes ago Exited (0) 25 minutes ago cocky_bell\n
Start a new container with the failed image and poke around (i.e. ensure you can access the internet from within the container or attempt the failed command, if known).
docker run -ti 077581956a92 /bin/bash\ncurl -s -S icanhazip.com\n## 192.168.0.1\ncurl http://s3pository.heroku.com/node/v0.10.30/node-v0.10.30-linux-x64.tar.gz -o node-v0.10.30-linux-x64.tar.gz\ntar tzf node-v0.10.30-linux-x64.tar.gz\n## ...\n
Sometimes (especially on DigitalOcean) deploying again seems to get past these seemingly transient issues. Additionally we've seen issues if changing networks that have different DNS resolvers. In this case, you can run the following to update your resolv.conf.
resolvconf -u\n
Please see #841 and #649.
"},{"location":"getting-started/troubleshooting/#after-adding-an-ssh-key-i-am-told-i-cannot-read-from-the-remote-repository-on-push","title":"After adding an SSH key, I am told I cannot read from the remote repository on push","text":"Connection closed by <host> port 22\nfatal: Could not read from remote repository.\n\nPlease make sure you have the correct access rights\nand the repository exists.\n
Certain systems may have access to the dokku user via SSH disabled. Please check that the dokku user is allowed access to the system in the file /etc/security/access.conf. As Dokku does not manage this file, please consult your Operating System's documentation for more information.
"},{"location":"getting-started/troubleshooting/#i-want-to-deploy-my-app-but-i-am-getting-asked-for-the-password-of-the-git-user","title":"I want to deploy my app but I am getting asked for the password of the Git user","text":"Sometimes the following error message may be shown on push
fatal: 'NAME' does not appear to be a git repository\nfatal: Could not read from remote repository.\n
You get asked for a password because your SSH secret key can't be found. This may happen if the private key corresponding to the public key you added with sshcommand acl-add is not located in the default location ~/.ssh/id_rsa.
You have to point SSH to the correct secret key for your domain name. Add the following to your ~/.ssh/config:
Host DOKKU_HOSTNAME\n IdentityFile \"~/.ssh/KEYNAME\"\n
Also see issue #116.
"},{"location":"getting-started/troubleshooting/#i-successfully-deployed-my-application-with-no-deployment-errors-and-receiving-bad-gateway-when-attempting-to-access-the-application","title":"I successfully deployed my application with no deployment errors and receiving Bad Gateway when attempting to access the application","text":"In many cases the application will require the a process.env.PORT port opposed to a specified port.
When specifying your port you may want to use something similar to:
var port = process.env.PORT || 3000\n
Please see #282.
Additionally, your application should listen/bind to all interfaces (0.0.0.0). Many frameworks default to listening on 127.0.0.1.
Please see #5798.
"},{"location":"getting-started/troubleshooting/#deployment-fails-because-of-slow-internet-connection-messages-shows-gzip-stdin-unexpected-end-of-file","title":"Deployment fails because of slow internet connection, messages shows gzip: stdin: unexpected end of file","text":"If you see output similar this when deploying:
Command: 'set -o pipefail; curl --fail --retry 3 --retry-delay 1 --connect-timeout 3 --max-time 30 https://s3-external-1.amazonaws.com/heroku-buildpack-ruby/ruby-2.0.0-p451-default-cache.tgz -s -o - | tar zxf -' failed unexpectedly:\n !\n ! gzip: stdin: unexpected end of file\n ! tar: Unexpected EOF in archive\n ! tar: Unexpected EOF in archive\n ! tar: Error is not recoverable: exiting now\n
it might that the cURL command that is supposed to fetch the buildpack (anything in the low megabyte file size range) takes too long to finish, due to slowish connection. To overwrite the default values (connection timeout: 90 seconds, total maximum time for operation: 600 seconds), set the following environment variables:
dokku config:set --global CURL_TIMEOUT=1200\ndokku config:set --global CURL_CONNECT_TIMEOUT=180\n
Please see #509.
Another reason for this error (although it may respond immediately ruling out a timeout issue) may be because you've set the config setting SSL_CERT_FILE. Using a config setting with this key interferes with the buildpack's ability to download its dependencies, so you must rename the config setting to something else, e.g. MY_APP_SSL_CERT_FILE.
"},{"location":"getting-started/troubleshooting/#build-fails-with-killed-message","title":"Build fails with Killed message","text":"This generally occurs when the server runs out of memory. You can either add more RAM to your server or setup swap space. The follow script will create 2 GB of swap space.
sudo install -o root -g root -m 0600 /dev/null /swapfile\ndd if=/dev/zero of=/swapfile bs=1k count=2048k\nmkswap /swapfile\nswapon /swapfile\necho \"/swapfile swap swap auto 0 0\" | sudo tee -a /etc/fstab\nsudo sysctl -w vm.swappiness=10\necho vm.swappiness = 10 | sudo tee -a /etc/sysctl.conf\n
"},{"location":"getting-started/troubleshooting/#i-successfully-deployed-my-application-with-no-deployment-errors-but-im-receiving-connection-timeout-when-attempting-to-access-the-application","title":"I successfully deployed my application with no deployment errors but I'm receiving Connection Timeout when attempting to access the application","text":"This can occur if Dokku is running on a system with a firewall like UFW enabled (some OS versions like Ubuntu have this enabled by default). You can check if this is your case by running the following script:
sudo ufw status\n
If the previous script returned Status: active and a list of ports, UFW is enabled and is probably the cause of the symptom described above. To disable it, run:
sudo ufw disable\n
"},{"location":"getting-started/troubleshooting/#i-cant-connect-to-my-application-because-the-server-is-sending-an-invalid-response-or-cant-provide-a-secure-connection","title":"I can't connect to my application because the server is sending an invalid response, or can't provide a secure connection","text":"This isn't usually an issue with Dokku, but rather an app config problem. This can happen when your application is configured to enforce secure connections/HSTS, but you don't have SSL set up for the app.
In Rails at least, if your application.rb or environmnents/production.rb include the line configure.force_ssl = true which includes HSTS, try commenting that out and redeploying.
If this solves the issue temporarily, longer term you should consider configuring SSL.
"},{"location":"getting-started/troubleshooting/#my-application-deploys-properly-but-wont-load-in-browser-connection-refused","title":"My application deploys properly, but won't load in browser \"connection refused\"","text":"This could be a result of a bad proxy configuration (http:5000:5000 may be incorrect). Run dokku ports:report node-js-app to check if your app has the correct proxy configuration. It should show something like the following.
=====> node-js-app ports information\n Port map: http:80:5000 https:443:5000\n
Set dokku ports:set node-js-app http:80:5000 to get proxy correctly configured for http endpoint.
"},{"location":"getting-started/troubleshooting/#i-deployed-a-new-app-but-now-subdomains-are-miss-routed","title":"I deployed a new app but now subdomains are miss-routed","text":"Sometimes nginx does something funky and cant actually reload for whatever reason.
# Validate the configuration\n$ sudo nginx -t\nnginx: the configuration file /etc/nginx/nginx.conf syntax is ok\nnginx: configuration file /etc/nginx/nginx.conf test is successful\n\n$ sudo service nginx restart\n\n# Re-enable Letsencrypt\n
Example: existing AppA (https) and AppB(https), deployed NEW (non-https) then noticed right away NEW's subdomain showed AppB's content and cert but under its own subdomain (cert miss-match of course). AppB still works. AppA also changed to show AppB content and cert.. Other apps were unaffected.
Consider caddy and traefik support via docker containers if this continues to be an issue.
"},{"location":"getting-started/uninstalling/","title":"Uninstalling","text":"While we hate to see you go, if you need to uninstall Dokku, the following may help you out:
"},{"location":"getting-started/uninstalling/#arch-uninstallation","title":"Arch Uninstallation","text":"# purge dokku from your system\nyay -Rsn dokku\n
"},{"location":"getting-started/uninstalling/#debian-uninstallation","title":"Debian Uninstallation","text":"# purge dokku from your system\napt-get purge dokku herokuish\n\n# remove any dependencies that are no longer necessary\napt-get autoremove\n
"},{"location":"getting-started/uninstalling/#makefile-uninstallation","title":"Makefile Uninstallation","text":"This is a manual deletion process, and as it is not a recommended installation method, there is currently no automated uninstallation.
All service plugins should be unlinked from applications, stopped, and destroyed.
All applications should be stopped, and all docker containers and images deleted:
# stop all applications\ndokku ps:stop --all\n\n# cleanup containers and images\ndokku cleanup\n
The following user/group must be deleted:
- user:
dokku - group:
dokku
The following directories must be deleted:
~dokku/var/lib/dokku/var/log/dokku
"},{"location":"getting-started/where-to-get-help/","title":"Where to Get Help","text":"If you\u2019re stuck, there are a number of places you can get help:
"},{"location":"getting-started/where-to-get-help/#the-official-dokku-website","title":"The Official Dokku Website","text":" - https://dokku.com/docs/getting-started/installation/
The Official Dokku website is always a great place to visit. It features links to oft-used developer tools, community plugins, and guides on using Dokku.
"},{"location":"getting-started/where-to-get-help/#monitored-locations","title":"Monitored Locations","text":"The Code Of Conduct applies to all actively monitored Dokku discussion areas. Please be mindful of your neighbors on the internet.
"},{"location":"getting-started/where-to-get-help/#forums","title":"Forums","text":" - GitHub Discussions
GitHub Discussions is a new way for the Dokku community to interact with each other! This is a place to ask questions to the community or discuss potential feature requests before filing issues.
"},{"location":"getting-started/where-to-get-help/#the-slack-channel","title":"The Slack Channel","text":" - Gliderlabs Slack (Join the
#dokku channel)
If you\u2019re stumped, give us a holler in the Dokku Slack channel. Someone from the development team is usually there, especially during the daylight hours for North and South American users. We\u2019d love to hear from you, whether you need some help, want to find users in your area, or would like to donate our brand new sports car.
Chat is synced to Discord and IRC.
"},{"location":"getting-started/where-to-get-help/#discord","title":"Discord","text":" - Dokku Discord
We provide a Dokku Discord that folks can use to ask questions or comments about the project. Someone from the development team is usually there, especially during the daylight hours for North and South American users. Feel free to join us online!
Chat is synced to IRC and Slack.
"},{"location":"getting-started/where-to-get-help/#unmonitored-locations","title":"Unmonitored Locations","text":"You may find help on these locations, but they are not actively monitored by the development team. The Code of Conduct still applies.
"},{"location":"getting-started/where-to-get-help/#stack-overflow","title":"Stack Overflow","text":" - The Dokku tag on Stack Overflow
Tag your questions with dokku to enable existing users of Stack Overflow to find your questions.
"},{"location":"getting-started/where-to-get-help/#irc-on-liberachat","title":"IRC (on libera.chat)","text":" - irc.libera.chat/#dokku
This location isn't as well monitored as Slack, and loses history. Chat is synced to Discord and Slack
"},{"location":"getting-started/install/azure/","title":"Microsoft Azure Installation Notes","text":" -
If you don't already have one generate an SSH key pair.
-
Go to the Dokku on Azure deployment page and click Deploy to Azure.
-
You'll be prompted to enter a few parameters, including a unique storage account name and a unique name for the subdomain used for your public IP address. For the sshKeyData parameter, copy and paste the contents of the public key file you just created. After a few minutes the Dokku instance will be deployed.
-
Once the installation is complete, you should configure an ssh key and set your global domain.
# usually your key is already available under the current user's `~/.ssh/authorized_keys` file\ncat ~/.ssh/authorized_keys | dokku ssh-keys:add admin\n\n# you can use any domain you already have access to\n# this domain should have an A record or CNAME pointing at your server's IP\ndokku domains:set-global dokku.me\n\n# you can also use the ip of your server\ndokku domains:set-global 10.0.0.2\n\n# finally, you can use sslip.io to get subdomain support\n# as you would with a regular domain name\n# this would be done by appending `.sslip.io` to your ip address\ndokku domains:set-global 10.0.0.2.sslip.io\n
See the user management and domains documentation for more information.
"},{"location":"getting-started/install/debian/","title":"Debian Package Installation Notes","text":"As of 0.3.18, Dokku defaults to being installed via Debian package. While certain hosts may require extra work to get running, you may optionally wish to automate the installation of Dokku without the use of our bootstrap.sh Bash script. The following are the steps run by said script:
# install docker\nwget -nv -O - https://get.docker.com/ | sh\n\n# install dokku\nwget -qO- https://packagecloud.io/dokku/dokku/gpgkey | sudo tee /etc/apt/trusted.gpg.d/dokku.asc\n# programmatically determine distro and codename\nDISTRO=\"$(awk -F= '$1==\"ID\" { print tolower($2) ;}' /etc/os-release)\"\nOS_ID=\"$(awk -F= '$1==\"VERSION_CODENAME\" { print tolower($2) ;}' /etc/os-release)\"\necho \"deb https://packagecloud.io/dokku/dokku/${DISTRO}/ ${OS_ID} main\" | sudo tee /etc/apt/sources.list.d/dokku.list\nsudo apt-get update -qq >/dev/null\nsudo apt-get -qq -y install dokku\nsudo dokku plugin:install-dependencies --core\n
"},{"location":"getting-started/install/debian/#unattended-installation","title":"Unattended installation","text":"In case you want to perform an unattended installation of Dokku, this is made possible through debconf, which allows you to configure a package before installing it.
You can set any of the below options through the debconf-set-selections command, for example to enable vhost-based deployments:
echo \"dokku dokku/vhost_enable boolean true\" | sudo debconf-set-selections\n
After setting the desired options, proceed with the installation as described above.
"},{"location":"getting-started/install/debian/#debconf-options","title":"debconf options","text":"Name Type Default Description dokku/vhost_enable boolean false Use vhost-based deployments (e.g. [yourapp].dokku.me) dokku/hostname string dokku.me Hostname, used as vhost domain and for showing app URL after deploy dokku/skip_key_file boolean false Don't check for the existence of the dokku/key_file. Warning: Setting this to true, will require you to manually add an SSH key later on. dokku/key_file string /root/.ssh/id_rsa.pub Path on disk to an SSH key to add to the Dokku user (Will be ignored on dpkg-reconfigure) dokku/nginx_enable boolean true Enable nginx-vhosts plugin"},{"location":"getting-started/install/digitalocean/","title":"DigitalOcean Droplet Installation Notes","text":"DigitalOcean offers a pre-installed Dokku image. You can run this image on any sized Droplet, although larger Droplets will allow you to run larger applications.
Info
Please disable IPv6. There are known issues with IPv6 on DigitalOcean and Docker. If you would like to run Dokku on an IPv6 DigitalOcean Droplet, please consult this guide.
- Login to your DigitalOcean account.
- Click Create a Droplet.
- Under Choose an image > Marketplace, search latest Dokku release for Ubuntu 24.04 (version numbers may vary).
- Under Choose a size, select your machine spec.
- Under Choose a datacenter region, select your region.
- Add an SSH Key.
- New Keys
- Under Add your SSH keys click New SSH Key (this opens a dialog).
- From your terminal, execute
cat $HOME/.ssh/id_rsa.pub. - Copy the output and paste it into the New SSH Key dialog, provide a name and click Add SSH Key.
- Existing Keys
- Simply add a checkmark next to the existing keys you'd like to add.
- Under Finalize and create, give your Droplet a hostname (not required) and click Create.
- Once created, copy the IP address to your clipboard.
- In a terminal, ssh onto the server by running
ssh root@$SERVER_IP, where $SERVER_IP is your server's IP address. - Remove the default nginx site via
rm /etc/nginx/sites-enabled/default -
If you added more than one key, use the dokku ssh-keys:add to add an ssh key to the dokku user:
echo \"$CONTENTS_OF_YOUR_PUBLIC_SSH_KEY_HERE\" | dokku ssh-keys:add KEY_NAME\n
-
Ensure your server has a correct global hostname via dokku domains:set-global
# replace dokku.me with a hostname pointed at your server\ndokku domains:set-global dokku.me\n
"},{"location":"getting-started/install/docker/","title":"Docker Installation Notes","text":"Pull the dokku/dokku image:
docker pull dokku/dokku:0.35.4\n
Next, run the image.
docker container run -d \\\n --env DOKKU_HOSTNAME=dokku.me \\\n --env DOKKU_HOST_ROOT=/var/lib/dokku/home/dokku \\\n --env DOKKU_LIB_HOST_ROOT=/var/lib/dokku/var/lib/dokku \\\n --name dokku \\\n --publish 3022:22 \\\n --publish 8080:80 \\\n --publish 8443:443 \\\n --volume /var/lib/dokku:/mnt/dokku \\\n --volume /var/run/docker.sock:/var/run/docker.sock \\\n dokku/dokku:0.35.4\n
Alternatively, you can use docker-compose.yml:
services:\n dokku:\n image: dokku/dokku:0.35.4\n container_name: dokku\n network_mode: bridge\n ports:\n - \"3022:22\"\n - \"8080:80\"\n - \"8443:443\"\n volumes:\n - \"/var/lib/dokku:/mnt/dokku\"\n - \"/var/run/docker.sock:/var/run/docker.sock\"\n environment:\n DOKKU_HOSTNAME: dokku.me\n DOKKU_HOST_ROOT: /var/lib/dokku/home/dokku\n DOKKU_LIB_HOST_ROOT: /var/lib/dokku/var/lib/dokku\n restart: unless-stopped\n
The above command will start a new docker container that is ready when a message similar to Runit started as PID 12345 appears.
Dokku is run in the following configuration:
- The global hostname is set to
dokku.me on boot. - The container name is dokku.
- Container SSH port 22 is exposed on the host as 3022.
- Container HTTP port 80 is exposed on the host as 8080.
- Container HTTPS port 443 is exposed on the host as 8443.
- Data within the container is stored on the host within the
/var/lib/dokku directory. - Image build cache is set to the data dir +
/home/dokku. - The docker socket is mounted into container.
Application repositories, plugin config, as well as plugin data are persisted to disk within the specified host directory for /var/lib/dokku.
Other docker container options can also be used when running Dokku, though the specific outcome will depend upon the specified options. For example, the Dokku container's nginx port can be bound to a specific host ip by specifying --publish $HOST_IP:8080:80, where $HOST_IP is the IP desired. Please see the docker container run documentation for further explanation for various docker arguments.
"},{"location":"getting-started/install/docker/#plugin-installation","title":"Plugin Installation","text":""},{"location":"getting-started/install/docker/#on-dokku-start","title":"On Dokku start","text":"To install custom plugins, create a plugin-list file in the host's /var/lib/dokku directory. The plugins listed herein will be automatically installed by Dokku on container boot. This file should be the following format:
plugin_name: repository_url\n
An example for installing the postgres and redis plugins follows:
postgres: https://github.com/dokku/dokku-postgres.git\nredis: https://github.com/dokku/dokku-redis.git\n
"},{"location":"getting-started/install/docker/#prior-to-dokku-start","title":"Prior to Dokku start","text":"The alternative is to build a custom docker image via a custom Dockerfile. This Dockerfile can run any plugin:install command. Note that the version installed at that time will be the one that persists. Below is an example Dockerfile showing this method.
FROM dokku/dokku:0.35.4\nRUN dokku plugin:install https://github.com/dokku/dokku-postgres.git postgres\nRUN dokku plugin:install https://github.com/dokku/dokku-redis.git redis\n
"},{"location":"getting-started/install/docker/#ssh-key-management","title":"SSH Key Management","text":"To initialize ssh-keys within the container, use docker exec to enter the container:
docker exec -it dokku bash\n
Next, run the appropriate ssh-keys commands:
echo \"$CONTENTS_OF_YOUR_PUBLIC_SSH_KEY_HERE\" | dokku ssh-keys:add KEY_NAME\n
Please see the user management documentation for more information.
"},{"location":"getting-started/install/docker/#pushing-applications","title":"Pushing Applications","text":"When exposing the Dokku container's SSH port (22) on 3022, something similar to the following will need to be setup within the user's ~/.ssh/config:
Host dokku.docker\n HostName 127.0.0.1\n Port 3022\n
In the above example, the hostname 127.0.0.1 is being aliased to dokku.docker, while the port is being overridden to 3022. All SSH commands - including git pushes - for the hostname dokku.docker will be transparently sent to 127.0.0.1:3022.
"},{"location":"getting-started/install/dreamhost/","title":"DreamHost Cloud Server Installation Notes","text":"Cloud-init script can be used to automate installation of Dokku on Dreamhost (or any other OpenStack-compatible cloud with minimal changes).
A new server instance can be created on DreamHost Cloud from the command line using OpenStack client or from the web UI and with the same command use a cloud-init script to install Dokku. Install the OpenStack CLI, download the DreamHost Cloud credentials file before proceeding and make sure your public SSH key is added to the cloud.
source openrc.sh # Set the environment variables for DreamHost Cloud\n
This allows OpenStack client to connect to DreamHost API endpoints. The command below creates a new server instance named my-dokku-instance based on Ubuntu 24.04, with 2 GB RAM and 1 CPU (the flavor called supersonic), opening network port access to HTTP and SSH (the default security group), and the name of the chosen SSH key. This key will be automatically added to the new server in the authorized_keys for the default SSH user (ubuntu), and it will be reused by Dokku.
openstack server create \\\n --image Ubuntu-24.04 \\\n --flavor gp1.supersonic \\\n --security-group default \\\n --key-name $YOUR_SSH_KEYNAME \\\n --user-data dokku-cloudinit.sh \\\n my-dokku-instance\n
The content of dokku-cloudinit.sh script contains instructions to add Docker and Dokku's apt repositories and install Dokku with the proper debconf options set. Don't forget to add the FQDN for your application server:
#cloud-config\n\napt:\n sources:\n source_dokku: \n source: 'deb https://packagecloud.io/dokku/dokku/ubuntu/ $RELEASE main'\n key: |\n -----BEGIN PGP PUBLIC KEY BLOCK-----\n Version: GnuPG v1.4.11 (GNU/Linux)\n\n mQINBFu7hksBEADJfS1wB4JJmVcJ3FYoY/F3DmEsg2/NSj/TleB7hkdFPGTaOEef\n c6SrK6bkQas8CzCZXskg3FFUFyxJwP0yQFosJ7nQCXbuaCzkGyOaob/2D4lqniKu\n lyFvZuN0Evh2SoJYB6Idiy3rG58/KMQxJ/73HjcrOPxwpcfIE+rfey0fo6HOcSz7\n AS3pXMbe0VoVOt8107i9qg6PizpaPugbSOP98aq2o0sPkjvKVzPsBvXWe9lDTreI\n X+00Z6WXjcDxmKTGvCkcJ6jk0L5r66Y6TNlJeYwFb0o7PbY7YeJSEJxw9eNozZpY\n EYvHCzHvsv7c8s+s5MeHDvvF5qsvt5qPPfw3zwLT01g1YTQpZdSDKn72YhrQUGJM\n j/W8ro8Ij9BYhYQMIdy+RPNQrBdKjj75kW1NLCGLlE89+6PYzlQwDFLdl9eZlUdM\n rvxbDPM99MRBBq30xfIS6YctHr40mEqZEi6OUoImaj5bbA1H3XHVH2JsWo1ttQYo\n 5qOGGhNi7/nyI9zxVo9r97lgGLztyl6ILZt8kxnWIx1QnPmSMuUNqYfuUuKAPs1q\n +bisBLvylnFvQSqnpEuPwUS1UDby4CzVBzshTsuykCQRiwdU9tcjzZUlKKKTRLhj\n CZCNxv1Ovgl+3m/4R5L7YOBYGCmVW0/GvlrxPLGCjZa1O8/3nih5+cv5TwARAQAB\n tGhodHRwczovL3BhY2thZ2VjbG91ZC5pby9kb2trdS9kb2trdSAoaHR0cHM6Ly9w\n YWNrYWdlY2xvdWQuaW8vZG9jcyNncGdfc2lnbmluZykgPHN1cHBvcnRAcGFja2Fn\n ZWNsb3VkLmlvPokCOAQTAQIAIgUCW7uGSwIbLwYLCQgHAwIGFQgCCQoLBBYCAwEC\n HgECF4AACgkQ8f9oUSiLMxUN3Q/+LeoFr8p3zSp9tRcCuMXfbc7rnJ/UgJiO53jW\n 8LsXH1h5dWeh2H5VqzGjDJ3SORisAWdOMu1SWkw4mvBZQQL12iwAMZmIDmbWU73c\n PplwGUQ4sltNxtiAVdntWC1vwSceY6/AQZwE2k60RYzg5bR2KAyZR9yGssGsekFO\n zOuMiTswzEYoZaJla+cduAXZzGf8NZgbzhXKhyfjVodRTyNR0dhoeMwNBlH0WWzW\n owwNOaJQ1LwDUkjrfRpkT53RJ5olRYa5ONDxuZEvmFy57bqXJh5U13m9FNWEtmF2\n NySFltZYEL6BZQn5qehF4kqqJ0JSVsHEyEC7sU9yr93khTGjWQfcGaITZXPNyXTC\n py/J1TeOEOz2VyvglPx/JL4dTfPg5uZCTWRXzLJDAbW26BcyFI4OyPjFly6FLj0o\n nMUuEzdCmNpHCKWkeyXajxtYd4EMo+UHGYC7jrpsAxRib0pdHUwnOG0MeNIUtPm/\n yW8i5St9PnX2y2qSaAoVURAI3irApn4Wc+hgRjo22l/B6ZudMAtASD5Ie8pXHNS0\n dlsgiv3sTZachMKU+usoIgejIb0MuBhBwVJ93A4YguEqNgZg0Cz4MUpWNma6zLIN\n Ko+3khp3z2Y/jWfNTKs41sz++png1iqjnvXjGIjKtgcFJyH+AwZzkh5LjRiahM/I\n OO/xTaO5Ag0EW7uGSwEQAL39qC95IFVNobRvecddeL26kHPgd0JS4fjB5r01pMFR\n 3fojnEwGTLzRJVR4iTfzOiAG1XKGYmEb15NkEgEcvaLaojSsaaAHv++BqL2qXHJa\n sfsgjKqxCAKyJps5wCEIzF1xfxHB/5BIyKenXZw9K/zlZzsfqzyehLAarZ4oMQEN\n u/dG3TlXCf/oSBHDttLTcRTGs1I8FEaA9O0ZeV+2S/WuT0kFa6s1tRUMMWHWzMmR\n 2a+vLCE3OMWtlRk6sfhfccf4rIzjj3xyieEGKznkOycu8JOqTBRmGMl3wRS2XI7c\n PFiV1MGRV5uhJ6a0D6DDAddL13TaXMfsZB0KkFHh8bKvAxJA9opHhl+X2NrdwsLz\n crCWF+QdoPX494j2aWnwSOXXtW9c2b6cpDfUoGVD79IYEzL0n6dgBPwCKLcmxotF\n Tv+H3Yy0DBn8BaQ0ZHbEgudwr73vxMgbYStGfu/bQEulcLA0vfTRGBRhzlZLE8k6\n +fXK23R4T/3kdyJovHdnK6aIN6oFTnVM5pyLrxmUkLCaPEbnoxVtA9zOeiGhqjYT\n pLgZMG95HgoscBlOh8BpuM2E3MSPV6XYjEKtvDpWy/i/oCPhd/PcY/qVxzj6dANU\n gQE/8hdf6Q//SvUxZaVrVwnmWkIZshGDJj/EM8VGhKzEoZF8Xmr/aibyN3CLoSMl\n ABEBAAGJBD4EGAECAAkFAlu7hksCGy4CKQkQ8f9oUSiLMxXBXSAEGQECAAYFAlu7\n hksACgkQ+ytqpCHNGT+1Vg//Z0ZiIoQQCLXmbAPdA79HVLCzsvkKQ3/RlqIR7Nq1\n JzgqPxg8drRo5+Ri+VrsIJt3AYH/lGm1UuSeycM6NrNWBpqL5FLjrMmbILQp9GMf\n bCZLXocOwDvrfpdBuEK+AS8SuLeiZtl8DcOe9Xtv3LSxXre0hsiIZpTRIjP+qkj8\n W7oZqUxwo1Wcnff+0snf6hPiTps/IB1utzSjxXVe86/89BWvLt/mT1o81h5mclgk\n l1eit6BvZsO/iicLB5KbyA7DVjAnxngze0+cCUAIVbqQbZhAVw5oZbKeXedbGuxr\n eRLWx+h5IBbtn+JwWngzueHyc3fY5b6ann06f6y6BF5+XmPRIXakYh4moJxSRQCA\n GVKGEubH/Y1Vyq8QIX7V6PGpS39mQkoYXEztvEtyZiV3J+SyObYZVTs9d5/rhoE2\n wXQIFTOdyHi52K2VfT3JU7rWOw5/SWuOQyyDdWgxEJuU6bUeOViOwHVkZDzwBX3Y\n 1to5cgY6dNQARplEgZZjRja4uc06u2d7Bk2CfqO4LvjV5UlPm838Ga+kGzBpp86X\n 5JBbZz9lPGf+GY7ZcROQp6ONui8P08+7EaTVtILTE0rd5g8umOnWBo1zteMv50As\n jyIPW20kUuJMdz3V+TNag5aCMW7qnO4zwildlQZmL54+xQDuRXK8P5JlKml6gnK+\n 4SLvUA/8CALEMqxNlb06ZJc1GCU/mcQYXfkNosHaNYpORjziDnH1LBQ7AnhIhhMy\n FwcuxpG9bABwQfoQE84Kx3zVU0xEoCGr549Kf5p7ZcqGwn3WzSql+qR/NcPRV9Dp\n tb4iSXoTUeutR1SeVn/TI2aOWez3UyIztnam+p32e4BNuyByFRmo2e8dP1RqCg6b\n 0KwuxDDE0k3zJCpjsWROrtBVQ9Zt9rsfG5kFxJ6Qi90uJP71f8rFDUuKmxJazDf3\n g3GHEGovUrOJO5JpvCcfCyT9mfOPxUSAKGBHj8NPY84vjqGaA9qqt54D8YT57TjR\n 5oWd8Iwex4XFHAoj59q04KmramVgP5q8VKFrxwVOhYmK6SNmvW9dEI3Y16bu9KF7\n CJnPq/mQXEI+a/G6hZgZ8eYxOV2812WcORppezALreHJeN1HogxI972G0kalKhNC\n p3315BKJdw/p6/j/qIob2EZOdqBsdHRKBgBVXVbaCnzgh1kKLEvJnVDio+zjEPDr\n lR9wQbcHRbu+ZqRSEbH0of/4rx0CdCPGKSDafviKPDXnvls85tWV/lMtNxamqYvv\n V0DUeTWQDmfiyWCgqXTiRA9U4ZFgFNWmirh38UmV7VtSlYaRos8fEQTfmN20fqTk\n 9mVAREENSiAuc4P93l8TtrN1bAqXaTX5oz+lepqWmHWvY+RiNiw=\n =laU4\n -----END PGP PUBLIC KEY BLOCK-----\n source_docker: \n source: 'deb [arch=amd64] https://download.docker.com/linux/ubuntu $RELEASE stable'\n key: |\n -----BEGIN PGP PUBLIC KEY BLOCK-----\n\n mQINBFit2ioBEADhWpZ8/wvZ6hUTiXOwQHXMAlaFHcPH9hAtr4F1y2+OYdbtMuth\n lqqwp028AqyY+PRfVMtSYMbjuQuu5byyKR01BbqYhuS3jtqQmljZ/bJvXqnmiVXh\n 38UuLa+z077PxyxQhu5BbqntTPQMfiyqEiU+BKbq2WmANUKQf+1AmZY/IruOXbnq\n L4C1+gJ8vfmXQt99npCaxEjaNRVYfOS8QcixNzHUYnb6emjlANyEVlZzeqo7XKl7\n UrwV5inawTSzWNvtjEjj4nJL8NsLwscpLPQUhTQ+7BbQXAwAmeHCUTQIvvWXqw0N\n cmhh4HgeQscQHYgOJjjDVfoY5MucvglbIgCqfzAHW9jxmRL4qbMZj+b1XoePEtht\n ku4bIQN1X5P07fNWzlgaRL5Z4POXDDZTlIQ/El58j9kp4bnWRCJW0lya+f8ocodo\n vZZ+Doi+fy4D5ZGrL4XEcIQP/Lv5uFyf+kQtl/94VFYVJOleAv8W92KdgDkhTcTD\n G7c0tIkVEKNUq48b3aQ64NOZQW7fVjfoKwEZdOqPE72Pa45jrZzvUFxSpdiNk2tZ\n XYukHjlxxEgBdC/J3cMMNRE1F4NCA3ApfV1Y7/hTeOnmDuDYwr9/obA8t016Yljj\n q5rdkywPf4JF8mXUW5eCN1vAFHxeg9ZWemhBtQmGxXnw9M+z6hWwc6ahmwARAQAB\n tCtEb2NrZXIgUmVsZWFzZSAoQ0UgZGViKSA8ZG9ja2VyQGRvY2tlci5jb20+iQI3\n BBMBCgAhBQJYrefAAhsvBQsJCAcDBRUKCQgLBRYCAwEAAh4BAheAAAoJEI2BgDwO\n v82IsskP/iQZo68flDQmNvn8X5XTd6RRaUH33kXYXquT6NkHJciS7E2gTJmqvMqd\n tI4mNYHCSEYxI5qrcYV5YqX9P6+Ko+vozo4nseUQLPH/ATQ4qL0Zok+1jkag3Lgk\n jonyUf9bwtWxFp05HC3GMHPhhcUSexCxQLQvnFWXD2sWLKivHp2fT8QbRGeZ+d3m\n 6fqcd5Fu7pxsqm0EUDK5NL+nPIgYhN+auTrhgzhK1CShfGccM/wfRlei9Utz6p9P\n XRKIlWnXtT4qNGZNTN0tR+NLG/6Bqd8OYBaFAUcue/w1VW6JQ2VGYZHnZu9S8LMc\n FYBa5Ig9PxwGQOgq6RDKDbV+PqTQT5EFMeR1mrjckk4DQJjbxeMZbiNMG5kGECA8\n g383P3elhn03WGbEEa4MNc3Z4+7c236QI3xWJfNPdUbXRaAwhy/6rTSFbzwKB0Jm\n ebwzQfwjQY6f55MiI/RqDCyuPj3r3jyVRkK86pQKBAJwFHyqj9KaKXMZjfVnowLh\n 9svIGfNbGHpucATqREvUHuQbNnqkCx8VVhtYkhDb9fEP2xBu5VvHbR+3nfVhMut5\n G34Ct5RS7Jt6LIfFdtcn8CaSas/l1HbiGeRgc70X/9aYx/V/CEJv0lIe8gP6uDoW\n FPIZ7d6vH+Vro6xuWEGiuMaiznap2KhZmpkgfupyFmplh0s6knymuQINBFit2ioB\n EADneL9S9m4vhU3blaRjVUUyJ7b/qTjcSylvCH5XUE6R2k+ckEZjfAMZPLpO+/tF\n M2JIJMD4SifKuS3xck9KtZGCufGmcwiLQRzeHF7vJUKrLD5RTkNi23ydvWZgPjtx\n Q+DTT1Zcn7BrQFY6FgnRoUVIxwtdw1bMY/89rsFgS5wwuMESd3Q2RYgb7EOFOpnu\n w6da7WakWf4IhnF5nsNYGDVaIHzpiqCl+uTbf1epCjrOlIzkZ3Z3Yk5CM/TiFzPk\n z2lLz89cpD8U+NtCsfagWWfjd2U3jDapgH+7nQnCEWpROtzaKHG6lA3pXdix5zG8\n eRc6/0IbUSWvfjKxLLPfNeCS2pCL3IeEI5nothEEYdQH6szpLog79xB9dVnJyKJb\n VfxXnseoYqVrRz2VVbUI5Blwm6B40E3eGVfUQWiux54DspyVMMk41Mx7QJ3iynIa\n 1N4ZAqVMAEruyXTRTxc9XW0tYhDMA/1GYvz0EmFpm8LzTHA6sFVtPm/ZlNCX6P1X\n zJwrv7DSQKD6GGlBQUX+OeEJ8tTkkf8QTJSPUdh8P8YxDFS5EOGAvhhpMBYD42kQ\n pqXjEC+XcycTvGI7impgv9PDY1RCC1zkBjKPa120rNhv/hkVk/YhuGoajoHyy4h7\n ZQopdcMtpN2dgmhEegny9JCSwxfQmQ0zK0g7m6SHiKMwjwARAQABiQQ+BBgBCAAJ\n BQJYrdoqAhsCAikJEI2BgDwOv82IwV0gBBkBCAAGBQJYrdoqAAoJEH6gqcPyc/zY\n 1WAP/2wJ+R0gE6qsce3rjaIz58PJmc8goKrir5hnElWhPgbq7cYIsW5qiFyLhkdp\n YcMmhD9mRiPpQn6Ya2w3e3B8zfIVKipbMBnke/ytZ9M7qHmDCcjoiSmwEXN3wKYI\n mD9VHONsl/CG1rU9Isw1jtB5g1YxuBA7M/m36XN6x2u+NtNMDB9P56yc4gfsZVES\n KA9v+yY2/l45L8d/WUkUi0YXomn6hyBGI7JrBLq0CX37GEYP6O9rrKipfz73XfO7\n JIGzOKZlljb/D9RX/g7nRbCn+3EtH7xnk+TK/50euEKw8SMUg147sJTcpQmv6UzZ\n cM4JgL0HbHVCojV4C/plELwMddALOFeYQzTif6sMRPf+3DSj8frbInjChC3yOLy0\n 6br92KFom17EIj2CAcoeq7UPhi2oouYBwPxh5ytdehJkoo+sN7RIWua6P2WSmon5\n U888cSylXC0+ADFdgLX9K2zrDVYUG1vo8CX0vzxFBaHwN6Px26fhIT1/hYUHQR1z\n VfNDcyQmXqkOnZvvoMfz/Q0s9BhFJ/zU6AgQbIZE/hm1spsfgvtsD1frZfygXJ9f\n irP+MSAI80xHSf91qSRZOj4Pl3ZJNbq4yYxv0b1pkMqeGdjdCYhLU+LZ4wbQmpCk\n SVe2prlLureigXtmZfkqevRz7FrIZiu9ky8wnCAPwC7/zmS18rgP/17bOtL4/iIz\n QhxAAoAMWVrGyJivSkjhSGx1uCojsWfsTAm11P7jsruIL61ZzMUVE2aM3Pmj5G+W\n 9AcZ58Em+1WsVnAXdUR//bMmhyr8wL/G1YO1V3JEJTRdxsSxdYa4deGBBY/Adpsw\n 24jxhOJR+lsJpqIUeb999+R8euDhRHG9eFO7DRu6weatUJ6suupoDTRWtr/4yGqe\n dKxV3qQhNLSnaAzqW/1nA3iUB4k7kCaKZxhdhDbClf9P37qaRW467BLCVO/coL3y\n Vm50dwdrNtKpMBh3ZpbB1uJvgi9mXtyBOMJ3v8RZeDzFiG8HdCtg9RvIt/AIFoHR\n H3S+U79NT6i0KPzLImDfs8T7RlpyuMc4Ufs8ggyg9v3Ae6cN3eQyxcK3w0cbBwsh\n /nQNfsA6uu+9H7NhbehBMhYnpNZyrHzCmzyXkauwRAqoCbGCNykTRwsur9gS41TQ\n M8ssD1jFheOJf3hODnkKU+HKjvMROl1DK7zdmLdNzA1cvtZH/nCC9KPj1z8QC47S\n xx+dTZSx4ONAhwbS/LN3PoKtn8LPjY9NP9uDWI+TWYquS2U+KHDrBDlsgozDbs/O\n jCxcpDzNmXpWQHEtHU7649OXHP7UeNST1mCUCH5qdank0V1iejF6/CfTFU4MfcrG\n YT90qFF93M3v01BbxP+EIY2/9tiIPbrd\n =0YYh\n -----END PGP PUBLIC KEY BLOCK-----\n\n debconf_selections:\n vhost: dokku dokku/vhost_enable boolean true\n # set the domain name of the new Dokku server\n hostname: dokku dokku/hostname string $YOUR_FULL_QUALIFIED_DOMAIN\n # this copies over the public SSH key assigned to the server\n key: dokku dokku/key_file string /home/ubuntu/.ssh/authorized_keys\n\npackages:\n - dokku\npackage_update: true\npackage_upgrade: true\npackage_reboot_if_required: true\n
Shortly after running the create command you will get a confirmation that the instance has been created, and after about a minute it should be ready to login. Check the IP of the instance through the web UI or by running:
nova list\n
SSH with the ubuntu username and the public key previously added. Keep in mind that if you logged in quick enough Dokku might still be installing in the background, and not be ready. The installation takes a few minutes.
"},{"location":"getting-started/install/vagrant/","title":"Vagrant Installation Notes","text":" -
Download and install VirtualBox.
-
Download and install Vagrant.
-
Clone Dokku.
git clone https://github.com/dokku/dokku.git\n
-
Create VM.
# Optional ENV arguments:\n# - `BOX_NAME`\n# - `BOX_URI`\n# - `BOX_MEMORY`\n# - `DOKKU_DOMAIN`\n# - `DOKKU_IP`\n# - `FORWARDED_PORT`.\ncd path/to/dokku\n\n# for most users\nvagrant up\n\n# windows users must instead use the following in an elevated command prompt\nvagrant up dokku-windows\n
-
Setup SSH Config in ~/.ssh/config.
Host dokku.me\n Port 22\n
For users that have customized the IP address of their VM - either in a custom Vagrantfile or via the DOKKU_IP environment variable - and are not using 10.0.0.2 for the Vagrant IP, you'll need to instead use the output of vagrant ssh-config dokku for your ~/.ssh/config entry.
-
Connect to the server via vagrant ssh and add your ssh key to the install. Additionally, set the global domain name to dokku.me.
# usually your key is already available under the current user's `~/.ssh/authorized_keys` file\ncat ~/.ssh/authorized_keys | dokku ssh-keys:add admin\n\n# you can use any domain you already have access to\ndokku domains:set-global dokku.me\n
Please note, the dokku.me domain is setup to point to 10.0.0.2 along with all subdomains (i.e. yourapp.dokku.me). If you change the DOKKU_IP in your Vagrant setup you'll need to update your /etc/hosts file to point your reconfigured IP address.
You are now ready to deploy an app or install plugins.
"},{"location":"getting-started/installation/","title":"Getting Started with Dokku","text":""},{"location":"getting-started/installation/#what-is-dokku","title":"What is Dokku?","text":"Dokku is an extensible, open source Platform as a Service that runs on a single server of your choice. Dokku supports building apps on the fly from a git push via either Dockerfile or by auto-detecting the language with Buildpacks, and then starts containers based on your built image. Using technologies such as nginx and cron, Web processes are automatically routed to, while background processes and automated cron tasks are also managed by Dokku.
"},{"location":"getting-started/installation/#system-requirements","title":"System Requirements","text":"To start using Dokku, you'll need a system that meets the following minimum requirements:
- A fresh installation of any of the following operating systems:
- Ubuntu 20.04/22.04/24.04
- Debian 11+ x64
- A server with one of the following architectures
- AMD64 (alternatively known as
x86_64), commonly used for Intel cloud servers - ARMV8 (alternatively known as
arm64), commonly used for Raspberry PI and AWS Graviton
To avoid memory pressure during builds or runtime of your applications, we suggest the following:
- At least 1 GB of system memory
- If your system has less than 1GB of memory, you can use this workaround.
Finally, we recommend attaching at least one domain name to your server. This is not required, but using a domain name will make app access easier. When connecting a domain, either a single domain or a wildcard may be associated to the server's IP.
- Wildcard domain (
*.domain.tld A Record): will allow access to apps via $APP.domain.tld. - Single domain (
domain.tld A or CNAME Record): will result in apps being accessed via domain.tld:$RANDOM_PORT.
Please see the dns documentation and domains documentation for more details.
"},{"location":"getting-started/installation/#installing-the-latest-stable-version","title":"Installing the latest stable version","text":"This is the simple method of installing Dokku. For alternative methods of installation, see the advanced install guide.
"},{"location":"getting-started/installation/#1-install-dokku","title":"1. Install Dokku","text":"To install the latest stable version of Dokku, you can run the following shell commands:
# for debian systems, installs Dokku via apt-get\nwget -NP . https://dokku.com/install/v0.35.4/bootstrap.sh\nsudo DOKKU_TAG=v0.35.4 bash bootstrap.sh\n
The installation process takes about 5-10 minutes, depending upon internet connection speed.
"},{"location":"getting-started/installation/#2-setup-ssh-key-and-virtualhost-settings","title":"2. Setup SSH key and Virtualhost Settings","text":"Once the installation is complete, you should configure an ssh key and set your global domain.
# usually your key is already available under the current user's `~/.ssh/authorized_keys` file\ncat ~/.ssh/authorized_keys | dokku ssh-keys:add admin\n\n# you can use any domain you already have access to\n# this domain should have an A record or CNAME pointing at your server's IP\ndokku domains:set-global dokku.me\n\n# you can also use the ip of your server\ndokku domains:set-global 10.0.0.2\n\n# finally, you can use sslip.io to get subdomain support\n# as you would with a regular domain name\n# this would be done by appending `.sslip.io` to your ip address\ndokku domains:set-global 10.0.0.2.sslip.io\n
See the user management and domains documentation for more information.
"},{"location":"getting-started/installation/#3-deploy-your-first-application","title":"3. Deploy your first application","text":"At this point, you should be able to deploy to the Dokku installation.
"},{"location":"getting-started/upgrading/","title":"Upgrading","text":"If your version of Dokku is pre 0.3.0 (check with dokku version), we recommend a fresh install on a new server.
"},{"location":"getting-started/upgrading/#security-updates","title":"Security Updates","text":"For any security related updates, please follow our Twitter account. As Dokku does not run any daemons, the security risk introduced by our software is minimal.
Your operating system may occasionally provide security updates. We recommend setting unattended upgrades for your operating system. Here are some helpful links:
- Arch Linux System Maintenance
- Debian Unattended Upgrades
- Ubuntu Unattended Upgrades
Docker releases updates periodically to their engine. We recommend reading their release notes and upgrading accordingly. Please see the Docker documentation for more details.
"},{"location":"getting-started/upgrading/#migration-guides","title":"Migration Guides","text":"Before upgrading, check the migration guides to get comfortable with new features and prepare your deployment to be upgraded.
- Upgrading to 0.35
- Upgrading to 0.34
- Upgrading to 0.33
- Upgrading to 0.32
- Upgrading to 0.31
- Upgrading to 0.30
- Upgrading to 0.29
- Upgrading to 0.28
- Upgrading to 0.27
- Upgrading to 0.26
- Upgrading to 0.25
- Upgrading to 0.24
- Upgrading to 0.23
- Upgrading to 0.22
- Upgrading to 0.21
- Upgrading to 0.20
- Upgrading to 0.10
- Upgrading to 0.9
- Upgrading to 0.8
- Upgrading to 0.7
- Upgrading to 0.6
- Upgrading to 0.5
"},{"location":"getting-started/upgrading/#upgrade-process","title":"Upgrade Process","text":""},{"location":"getting-started/upgrading/#before-upgrading","title":"Before upgrading","text":"If you'll be updating docker or the herokuish package simultaneously, it's recommended that you stop all applications before upgrading and rebuild afterwards. This is not required if the upgrade only impacts the dokku package.
Why do we recommend stopping all apps?
docker: Containers may be randomly reset during the upgrade process, resulting in requests being sent to the wrong containers. Acknowledging and scheduling downtime thus becomes much more important.herokuish: While not required, it may be useful to take advantage of the latest base image. Herokuish changes do not cause issues unless the base OS changes, which may happen in minor or major releases.
# for 0.22.0 and newer versions, use\ndokku ps:stop --all\n\n# for versions between 0.11.4 and 0.21.4, use\ndokku ps:stopall\n\n# for versions between 0.8.1 and 0.11.3, use\ndokku --quiet apps:list | xargs -L1 dokku ps:stop\n\n# for versions older than 0.8.1, use\ndokku --quiet apps | xargs -L1 dokku ps:stop\n
"},{"location":"getting-started/upgrading/#upgrading_1","title":"Upgrading","text":"Info
[!IMPORTANT] Unless specified, the bootstrap.sh script installs Dokku via a Debian package (.deb). Using either the dokku-update or apt methods are enough to perform an upgrade of Dokku.
Please read the migration guides for each version in between your currently installed version of Dokku and the version you are upgrading to in order to ensure minimal downtime.
"},{"location":"getting-started/upgrading/#upgrading-using-dokku-update","title":"Upgrading using dokku-update","text":"Warning
The dokku-update package currently does not support upgrading to a specific version of Dokku. If this is required by a particular migration guide, use the apt method for upgrading.
We provide a helpful binary called dokku-update. This is a recommended package that:
- Can be installed separately, so upgrading Dokku will not affect the running of this package.
- Automates many of the upgrade instructions for you.
- Provides a clean way for us to further enhance the upgrade process in the future.
This binary is available on Debian and RPM-based systems from our package repositories under the name dokku-update. When installing from source, this is available from a separate Github repository at dokku/dokku-update.
"},{"location":"getting-started/upgrading/#upgrading-using-apt","title":"Upgrading using apt","text":"If Dokku was installed in a Debian or Ubuntu system, via apt-get install dokku or bootstrap.sh, you can upgrade with apt-get:
# update your local apt cache\nsudo apt-get update\n\n# update dokku and its dependencies\nsudo apt-get --no-install-recommends install dokku herokuish sshcommand plugn gliderlabs-sigil dokku-update dokku-event-listener\n\n# or just upgrade every package:\nsudo apt-get upgrade\n
To upgrade to a specific version of Dokku, specify it on the apt-get call:
# specify the version _without_ the `v` prefix\nsudo apt-get dokku=$VERSION\n
"},{"location":"getting-started/upgrading/#upgrading-from-source","title":"Upgrading from source","text":"Info
[!CAUTION] Dokku is not normally installed from source. Executing a source upgrade when the installation was performed via apt package may result in an inoperable system and will require manual work to get Dokku in a working state.
If you installed Dokku from source (less common), upgrade with:
cd ~/dokku\ngit pull --tags origin master\n\n# continue to install from source\nsudo DOKKU_BRANCH=master make install\n\n# upgrade to debian package-based installation\nsudo make install\n
To upgrade Herokuish from source, upgrade with:
cd /tmp\ngit clone https://github.com/gliderlabs/herokuish.git\ncd herokuish\nCIRCLECI=true IMAGE_NAME=gliderlabs/herokuish BUILD_TAG=latest make build/docker\n
"},{"location":"getting-started/upgrading/#after-upgrading","title":"After upgrading","text":"After upgrading, you should rebuild the applications to take advantage of any new buildpacks that were released:
dokku ps:rebuild --all\n
"},{"location":"networking/dns/","title":"DNS Configuration","text":"Note
This is a work in progress.
"},{"location":"networking/dns/#dns-versions","title":"DNS Versions","text":"There are many different DNS servers 'in the wild'. Some of the popular ones on Linux are BIND, dnsmasq, and pdns. Windows has its own built-in DNS server as well as Unbound, Posadis, and more. A full list of DNS packages can be found on Wikipedia under Comparison of DNS Server Software. In addition to the various DNS packages, there are tens of thousands of Managed DNS Providers out that all have different DNS interfaces.
"},{"location":"networking/dns/#focus","title":"Focus","text":"Because there are so many different DNS server packages out there as well as a tremendous number of Managed DNS Providers, we will focus on the concepts of DNS as well as providing examples in the 'BIND' format so you can adapt the information to your own server package or managed DNS provider.
"},{"location":"networking/dns/#assumptions","title":"Assumptions","text":" - We assume you have a passing familiarity with DNS. If not, you can read an in-depth article on DNS. But basically you need to know that DNS changes names (like example.tld) into addresses (like 127.0.0.1)
- We assume you already have a domain name registered and pointed to your favorite Managed DNS Provider or have your own BIND DNS server running.
- You have a server on the internet and are about to follow the instructions in the README to get Dokku installed. Don't do the install just yet though.
"},{"location":"networking/dns/#caching","title":"Caching","text":"Please remember that DNS relies heavily on caching. Changes you make to DNS could take anywhere from a few seconds to a few days to propagate. If you tried surfing to example.tld, then changed the IP address in DNS, it could be a while before your computer picks up on the changes.
"},{"location":"networking/dns/#getting-started","title":"Getting started","text":"For the examples, we will use the domain name example.tld and the IP address 127.0.0.1.
Dokku uses DNS to differentiate between apps on your dokku-powered server. If you are using the domain example.tld, and you have two apps node-js-app1 and node-js-app2, Dokku will make them available at node-js-app1.example.tld and node-js-app2.example.tld.
To get started, you need to know the IP address of your Dokku server. Connect to it and run ifconfig or ip addr to see the IP address.
Now you have to make a decision about your domain. Do you want everything and anything at example.tld to go to your Dokku server, or would you rather use a 'sub domain' for your Dokku server?
In other words, do you want your applications on your Dokku server accessible via node-js-app.example.tld or via node-js-app.myserver.example.tld?
"},{"location":"networking/dns/#using-a-sub-domain-node-js-appmyserverexampletld","title":"Using a sub-domain (node-js-app.myserver.example.tld)","text":"Using a sub-domain is easy. When you set up your server, you probably gave it a name like myserver.example.tld.
Go in to your Managed DNS provider and create an A record named myserver and put in the IP address you got from your server a few moments ago.
Hopefully your managed DNS provider also supports wildcards. Create a second A record named *.myserver along with the IP address you got from your server a few moments ago.
If you are using BIND, your zone file will look similar to this:
$ORIGIN example.tld\n$TTL 5m\n\nmyserver IN A 127.0.0.1\n*.myserver IN A 127.0.0.1\n
You can verify your changes in Linux by trying one or more of the following commands:
host myserver.example.tlddig -t A myserver.example.tldnslookup myserver.example.tld
Now is a good time to remind you that the answers you get MAY BE CACHED.
If everything is working correctly, you should also be able to query for any other name under myserver.example.tld and get back the IP address of your server. Try:
host test.myserver.example.tldhost xyzzy.myserver.example.tld
If they all return your IP address, you have set DNS up properly for dokku. You should also be able to ssh root@myserver.example.tld and access your server.
Proceed with the setup instructions in the installation documentation
"},{"location":"networking/dns/#using-the-root-of-your-domain-node-js-appexampletld","title":"Using the root of your domain (node-js-app.example.tld)","text":"This section is a work in progress. It is incomplete.
Using the 'root' of your domain is nearly identical to the previous example.
- hostname is under
example.tld, still needs A record. - Update your global domain using the domains plugin.
"},{"location":"networking/network/","title":"Network Management","text":"New
Introduced in 0.11.0, Enhanced in 0.20.0
network:create <network> # Creates an attachable docker network\nnetwork:destroy <network> # Destroys a docker network\nnetwork:exists <network> # Checks if a docker network exists\nnetwork:info <network> [--format text|json] # Outputs information about a docker network\nnetwork:list [--format text|json] # Lists all docker networks\nnetwork:report [<app>] [<flag>] # Displays a network report for one or more apps\nnetwork:rebuild <app> # Rebuilds network settings for an app\nnetwork:rebuildall # Rebuild network settings for all apps\nnetwork:set <app> <key> (<value>) # Set or clear a network property for an app\n
The Network plugin allows developers to abstract the concept of container network management, allowing developers to both change what networks a given container is attached to as well as rebuild the configuration on the fly.
"},{"location":"networking/network/#usage","title":"Usage","text":""},{"location":"networking/network/#listing-networks","title":"Listing networks","text":"New
Introduced in 0.20.0, Requires Docker 1.21+
You can easily list all available networks using the network:list command:
ShellOutput dokku network:list\n
=====> Networks\nbridge\nhost\nnone\ntest-network\n
Note that you can easily hide extra output from Dokku commands by using the --quiet flag, which makes it easier to parse on the command line.
ShellOutput dokku --quiet network:list\n
bridge\nhost\nnone\ntest-network\n
The network:list command also takes a --format flag, with the valid options including text (default) and json. The json output format can be used for automation purposes:
ShellOutput dokku network:list --format json\n
[\n {\"CreatedAt\":\"2024-02-25T01:55:24.275184461Z\",\"Driver\":\"bridge\",\"ID\":\"d18df2d21433\",\"Internal\":false,\"IPv6\":false,\"Labels\":{},\"Name\":\"bridge\",\"Scope\":\"local\"},\n {\"CreatedAt\":\"2024-02-25T01:55:24.275184461Z\",\"Driver\":\"bridge\",\"ID\":\"f50fa882e7de\",\"Internal\":false,\"IPv6\":false,\"Labels\":{},\"Name\":\"test-network\",\"Scope\":\"local\"},\n {\"CreatedAt\":\"2024-02-25T01:55:24.275184461Z\",\"Driver\":\"host\",\"ID\":\"ab6a59291443\",\"Internal\":false,\"IPv6\":false,\"Labels\":{},\"Name\":\"host\",\"Scope\":\"local\"},\n {\"CreatedAt\":\"2024-02-25T01:55:24.275184461Z\",\"Driver\":\"null\",\"ID\":\"e2506bc8b7d7\",\"Internal\":false,\"IPv6\":false,\"Labels\":{},\"Name\":\"none\",\"Scope\":\"local\"}\n]\n
"},{"location":"networking/network/#creating-a-network","title":"Creating a network","text":"New
Introduced in 0.20.0, Requires Docker 1.21+
Docker networks can be created via the network:create command. Executing this command will create an attachable bridge network. This can be used to route requests between containers without going through any public network.
ShellOutput dokku network:create test-network\n
-----> Creating network test-network\n
Specifying other additional flags or other types of networks can be created directly via the docker command.
"},{"location":"networking/network/#destroying-a-network","title":"Destroying a network","text":"New
Introduced in 0.20.0, Requires Docker 1.21+
A Docker network without any associated containers may be destroyed via the network:destroy command. Docker will refuse to destroy networks that have containers attached.
ShellOutput dokku network:destroy test-network\n
! WARNING: Potentially Destructive Action\n ! This command will destroy network test.\n ! To proceed, type \"test\"\n-----> Destroying network test\n
Info
test
As the command is destructive, it will default to asking for confirmation before executing the removal of the network. This may be avoided by providing the --force flag:
ShellOutput dokku --force network:destroy test-network\n
-----> Destroying network test\n
"},{"location":"networking/network/#checking-if-a-network-exists","title":"Checking if a network exists","text":"New
Introduced in 0.20.0, Requires Docker 1.21+
For CI/CD pipelines, it may be useful to see if an network exists before creating a new network. You can do so via the network:exists command:
ShellOutput dokku network:exists nonexistent-network\n
Network does not exist\n
The network:exists command will return non-zero if the network does not exist, and zero if it does.
"},{"location":"networking/network/#checking-network-info","title":"Checking network info","text":"New
Introduced in 0.35.3
Network information can be retrieved via the network:info command. This is a slightly different version of the docker network command.
ShellOutput dokku network:info bridge\n
=====> bridge network information\n ID: d18df2d21433\n Name: bridge\n Driver: bridge\n Scope: local\n
The network:info command also takes a --format flag, with the valid options including text (default) and json. The json output format can be used for automation purposes:
ShellOutput dokku network:info bridge --format json\n
{\"CreatedAt\":\"2024-02-25T01:55:24.275184461Z\",\"Driver\":\"bridge\",\"ID\":\"d18df2d21433\",\"Internal\":false,\"IPv6\":false,\"Labels\":{},\"Name\":\"bridge\",\"Scope\":\"local\"}\n
"},{"location":"networking/network/#routing-an-app-to-a-known-ipport-combination","title":"Routing an app to a known ip:port combination","text":"In some cases, it may be necessary to route an app to an existing $IP:$PORT combination. This is particularly the case for internal admin tools or services that aren't run by Dokku but have a web ui that would benefit from being exposed by Dokku. This can be done by using a proxy application and routing requests through that.
# for a service listening on:\n# - ip address: 127.0.0.1\n# - port: 8080\n\n# create the app\ndokku apps:create local-app\n\n# add an extra host that maps host.docker.internal to the docker gateway\ndokku docker-options:add local-app deploy \"--add-host=host.docker.internal:host-gateway\"\n\n# set the SERVICE_HOST to the mapped hostname\ndokku config:set local-app SERVICE_HOST=host.docker.internal\n\n# set the SERVICE_PORT to the port combination for your app\ndokku config:set local-app SERVICE_PORT=8080\n\n# set the domains desired\ndokku domains:set local-app local-app.dokku.me\n\n# deploy the service-proxy image\ndokku git:from-image local-app dokku/service-proxy:latest\n
Only a single $IP:$PORT combination can be routed to for a given app, and that $IP:$PORT combination must be accessible to the service proxy on initial deploy, or the service proxy won't start.
"},{"location":"networking/network/#attaching-an-app-to-a-network","title":"Attaching an app to a network","text":"New
Introduced in 0.20.0, Requires Docker 1.21+
Apps will default to being associated with the default bridge network or a network specified by the initial-network network property. Additionally, an app can be attached to attachable networks by changing the attach-post-create or attach-post-deploy network properties when using the docker-local scheduler. A change in these values will require an app deploy or rebuild.
# associates the network after a container is created but before it is started\n# commonly used for cross-app networking\ndokku network:set node-js-app attach-post-create test-network\n\n# associates the network after the deploy is successful but before the proxy is updated\n# used for cross-app networking when healthchecks must be invoked first\ndokku network:set node-js-app attach-post-deploy other-test-network\n\n# associates the network at container creation\n# typically blocks access to services and external routing\ndokku network:set node-js-app initial-network global-network\n
Multiple networks can also be specified for the attach-post-create and attach-post-deploy phases.
# one or more networks can be specified\ndokku network:set node-js-app attach-post-create test-network test-network-2\n
Setting the attach network property to an empty value will de-associate the container with the network.
dokku network:set node-js-app attach-post-create\ndokku network:set node-js-app attach-post-deploy\ndokku network:set node-js-app initial-network\n
The network properties can also be set globally. The global default value is an empty string, and the global value is used when no app-specific value is set.
dokku network:set --global attach-post-create global-create-network\ndokku network:set --global attach-post-deploy global-deploy-network\ndokku network:set --global initial-network global-network\n
The default value may be set by passing an empty value for the option.
dokku network:set --global attach-post-create\ndokku network:set --global attach-post-deploy\ndokku network:set --global initial-network\n
"},{"location":"networking/network/#network-aliases","title":"Network Aliases","text":"Note
This feature is only available when an app has been attached to a network other than the default bridge network.
When a container created for a deployment is being attached to a network - regardless of which network property was used - a network alias of the pattern APP.PROC_TYPE will be added to all containers. This can be used to load-balance requests between containers. For an application named node-js-app with a process type of web, the network alias - or resolvable DNS record within the network - will be:
node-js-app.web\n
The fully-qualified URL for the resource will depend upon the PORT being listened to by the application. Applications built via buildpacks will have their PORT environment variable set to 5000, and as such internal network requests for the above example should point to the following:
http://node-js-app.web:5000\n
Dockerfile-based applications may listen on other ports. For more information on how ports are specified for applications, please refer to the port management documentation.
"},{"location":"networking/network/#specifying-a-custom-tld","title":"Specifying a custom TLD","text":"When attaching applications to networks, a custom TLD can be specified via the network:set command. This TLD is suffixed to the network alias for the application/process-type combination for all networks to which the application is attached, and cannot be customized per network. The default value is an empty string.
To specify a TLD of svc.cluster.local for your application, run the following command:
# replace node-js-app with your application name\ndokku network:set node-js-app tld svc.cluster.local\n
With an application named node-js-app and a process-type named web, the above command will turn the network alias into:
node-js-app.web.svc.cluster.local\n
Note that this has no impact on container port handling, and users must still specify the container port when making internal network requests.
The default value may be set by passing an empty value for the option:
dokku network:set node-js-app tld\n
The tld property can also be set globally. The global default is emty string, and the global value is used when no app-specific value is set.
dokku network:set --global tld svc.cluster.local\n
The default value may be set by passing an empty value for the option.
dokku network:set --global tld\n
"},{"location":"networking/network/#when-to-attach-containers-to-a-network","title":"When to attach containers to a network","text":"Containers can be attached to a network for a variety of reasons:
- A background process in one app needs to communicate to a webservice in another app
- An app needs to talk to a container not managed by Dokku in a secure manner
- A custom network that allows transparent access to another host exists and is necessary for an app to run
Whatever the reason, the semantics of the two network hooks are important and are outlined before.
attach-post-create: - Phase it applies to:
build: Intermediate containers created during the build process.deploy: Deployed app containers.run: Containers created by the run command.
- Container state on attach:
created but not running - Use case: When the container needs to access a resource on the network.
- Example: The app needs to talk to a database on the same network when it first boots.
attach-post-deploy - Phase it applies to:
deploy: Deployed app containers.
- Container state on attach:
running - Use case: When another container on the network needs to access this container.
- Example: A background process needs to communicate with the web process exposed by this container.
initial-network: - Phase it applies to:
build: Intermediate containers created during the build process.deploy: Deployed app containers.run: Containers created by the run command.
- Container state on attach:
created - Use case: When another container on the network is already running and needed by this container.
- Example: A key-value store exposing itself to all your apps may be on the
initial-network.
Warning
If the attachment fails during the running container state, this may result in your application failing to respond to proxied requests once older containers are removed.
"},{"location":"networking/network/#rebuilding-network-settings","title":"Rebuilding network settings","text":"There are cases where you may need to rebuild the network configuration for an app, such as on app boot or container restart. In these cases, you can use the network:rebuild command:
dokku network:rebuild node-js-app\n
Info
This command will exit a non-zero number that depends on the number of containers for which configuration could not be built
"},{"location":"networking/network/#rebuilding-all-network-settings","title":"Rebuilding all network settings","text":"In some cases, a docker upgrade may reset container IPs or Ports. In both cases, you can quickly rewrite those files by using the network:rebuildall command:
dokku network:rebuildall\n
Info
This command will exit a non-zero number that depends on the number of containers for which configuration could not be built
"},{"location":"networking/network/#container-network-interface-binding","title":"Container network interface binding","text":"Info
This functionality does not control the --network docker flag. Please use the docker-options plugin to manage this flag.
By default, an app will only bind to the internal interface. This behavior can be modified per app by changing the bind-all-interfaces network property.
# bind to the default docker interface (`docker0`) with a random internal ip\n# this is the default behavior\ndokku network:set node-js-app bind-all-interfaces false\n\n# bind to all interfaces (`0.0.0.0`) on a random port for each upstream port\n# this will make the app container directly accessible by other hosts on your network\n# ports are randomized for every deploy, e.g. `0.0.0.0:32771->5000/tcp`.\ndokku network:set node-js-app bind-all-interfaces true\n
By way of example, in the default case, each container is bound to the docker interface:
ShellOutput docker ps\n
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES\n1b88d8aec3d1 dokku/node-js-app:latest \"/bin/bash -c '/star About a minute ago Up About a minute node-js-app.web.1\n
As such, the container's IP address will be an internal IP, and thus it is only accessible on the host itself:
ShellOutput docker inspect --format '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' node-js-app.web.1\n
172.17.0.6\n
However, you can disable the internal proxying via the network:set command so that it will listen on the host's IP address:
ShellOutput dokku network:set node-js-app bind-all-interfaces true\n\n# container bound to all interfaces\ndocker ps\n
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES\nd6499edb0edb dokku/node-js-app:latest \"/bin/bash -c '/star About a minute ago Up About a minute 0.0.0.0:49153->5000/tcp node-js-app.web.1\n
The bind-all-interfaces property can also be set globally. The global default is false, and the global value is used when no app-specific value is set.
dokku network:set --global bind-all-interfaces true\n
The default value may be set by passing an empty value for the option.
dokku network:set --global bind-all-interfaces\n
"},{"location":"networking/network/#displaying-network-reports-for-an-app","title":"Displaying network reports for an app","text":"You can get a report about the app's network status using the network:report command:
ShellOutput dokku network:report\n
=====> node-js-app network information\n Network attach post create:\n Network attach post deploy:\n Network bind all interfaces: false\n Network computed attach post create:\n Network computed attach post deploy:\n Network computed bind all interfaces:false\n Network computed initial network:\n Network computed tld:\n Network global attach post create:\n Network global attach post deploy:\n Network global bind all interfaces:false\n Network global initial network:\n Network global tld:\n Network initial network:\n Network tld:\n Network web listeners: 172.17.0.1:5000\n=====> python-sample network information\n Network attach post create:\n Network attach post deploy:\n Network bind all interfaces: false\n Network computed attach post create:\n Network computed attach post deploy:\n Network computed bind all interfaces:false\n Network computed initial network:\n Network computed tld:\n Network global attach post create:\n Network global attach post deploy:\n Network global bind all interfaces:false\n Network global initial network:\n Network global tld:\n Network initial network:\n Network tld:\n Network web listeners: 172.17.0.2:5000\n=====> ruby-sample network information\n Network attach post create:\n Network attach post deploy:\n Network bind all interfaces: false\n Network computed attach post create:\n Network computed attach post deploy:\n Network computed bind all interfaces:false\n Network computed initial network:\n Network computed tld:\n Network global attach post create:\n Network global attach post deploy:\n Network global bind all interfaces:false\n Network global initial network:\n Network global tld:\n Network initial network:\n Network tld:\n Network web listeners:\n
You can run the command for a specific app also.
ShellOutput dokku network:report node-js-app\n
=====> node-js-app network information\n Network attach post create:\n Network attach post deploy:\n Network bind all interfaces: false\n Network computed attach post create:\n Network computed attach post deploy:\n Network computed bind all interfaces:false\n Network computed initial network:\n Network computed tld:\n Network global attach post create:\n Network global attach post deploy:\n Network global bind all interfaces:false\n Network global initial network:\n Network global tld:\n Network initial network:\n Network tld:\n Network web listeners: 172.17.0.1:5000\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku network:report node-js-app --network-bind-all-interfaces\n
"},{"location":"networking/port-management/","title":"Port Management","text":"New
Introduced in 0.31.0, replaces the previous proxy:ports* commands
ports:list <app> # List port mappings for an app\nports:add <app> <scheme>:<host-port>:<container-port> [<scheme>:<host-port>:<container-port>...] # Add port mappings to an app\nports:clear <app> # Clear all port mappings for an app\nports:remove <app> <host-port> [<host-port>|<scheme>:<host-port>:<container-port>...] # Remove specific port mappings from an app\nports:set <app> <scheme>:<host-port>:<container-port> [<scheme>:<host-port>:<container-port>...] # Set port mappings for an app\n
"},{"location":"networking/port-management/#usage","title":"Usage","text":"Warning
Mapping alternative ports may conflict with the active firewall installed on your server or hosting provider. Such software includes - but is not limited to - AWS Security Groups, iptables, and UFW. Please consult the documentation for those softwares as applicable.
Users should also avoid setting the PORT environment variable. Dokku will use port mappings to set this value. Overriding this manually may cause issues in application routing.
You can now configure host -> container port mappings with the ports:* commands. This mapping is currently supported by the built-in nginx-vhosts plugin.
By default, buildpack apps and dockerfile apps without explicitly exposed ports (i.e. using the EXPOSE directive) will be configured with a listener on port 80 (and additionally a listener on 443 if ssl is enabled) that will proxy to the application container on port 5000. Dockerfile apps with explicitly exposed ports will be configured with a listener on each exposed port and will proxy to that same port of the deployed application container.
Note
This default behavior will not be automatically changed on subsequent pushes and must be manipulated with the ports:* commands detailed below.
"},{"location":"networking/port-management/#port-scheme","title":"Port Scheme","text":"The proxy port scheme is as follows:
SCHEME:HOST_PORT:CONTAINER_PORT
The scheme metadata can be used by proxy implementations in order to properly handle proxying of requests. For example, the built-in nginx-vhosts proxy implementation supports the http, https, grpc and grpcs schemes. For the grpc and grpcs see nginx blog post on grpc.
Developers of proxy implementations are encouraged to use whatever schemes make the most sense, and ignore configurations which they do not support. For instance, a udp proxy implementation can safely ignore http and https port mappings.
To change the proxy implementation in use for an application, use the proxy:set command:
# no validation will be performed against\n# the specified proxy implementation\ndokku proxy:set node-js-app nginx\n
"},{"location":"networking/port-management/#listing-port-mappings","title":"Listing port mappings","text":"To inspect the port mapping for a given application, use the ports:list command:
ShellOutput dokku ports:list node-js-app\n
-----> Port mappings for node-js-app\n-----> scheme host port container port\nhttp 80 5000\n
The above application is listening on the host's port 80, which we can test via curl:
ShellOutput curl http://node-js-app.dokku.me\n
Hello World!\n
"},{"location":"networking/port-management/#adding-a-custom-port-mapping","title":"Adding a custom port mapping","text":"There are cases where we may wish for the service to be listening on more than one port, such as port 8080. Normally, this would not be possible:
ShellOutput curl http://node-js-app.dokku.me:8080\n
curl: (7) Failed to connect to node-js-app.dokku.me port 8080: Connection refused\n
However, we can use the ports:add command to add a second external port mapping - 8080 - to our application's port 5000.
ShellOutput dokku ports:add node-js-app http:8080:5000\n
-----> Configuring node-js-app.dokku.me...(using built-in template)\n-----> Creating http nginx.conf\n Reloading nginx\n
We can now test that port 80 still responds properly:
ShellOutput curl http://node-js-app.dokku.me\n
Hello World!\n
And our new listening port of 8080 also works:
ShellOutput curl http://node-js-app.dokku.me:8080\n
Hello World!\n
"},{"location":"networking/port-management/#setting-all-port-mappings-at-once","title":"Setting all port mappings at once","text":"Port mappings can also be force set using the ports:set command.
ShellOutput dokku ports:set node-js-app http:8080:5000\n
-----> Configuring node-js-app.dokku.me...(using built-in template)\n-----> Creating http nginx.conf\n Reloading nginx\n
"},{"location":"networking/port-management/#removing-a-port-mapping","title":"Removing a port mapping","text":"A port mapping can be removed using the ports:remove command if it no longer necessary:
dokku ports:remove node-js-app http:80:5000\n
Ports may also be removed by specifying only the host-port value. This effectively acts as a wildcard and removes all mappings for that particular host port.
dokku ports:remove node-js-app http:80\n
"},{"location":"networking/port-management/#port-management-by-deployment-method","title":"Port management by Deployment Method","text":"Warning
If you set a port map but do not have a global domain set, Dokku will reset that map upon first deployment.
"},{"location":"networking/port-management/#buildpacks","title":"Buildpacks","text":"For buildpack deployments, your application must respect the PORT environment variable. We will typically set this to port 5000, but this is not guaranteed. If you do not respect the PORT environment variable, your containers may start but your services will not be accessible outside of that container.
"},{"location":"networking/port-management/#dockerfile","title":"Dockerfile","text":"Info
Changed as of 0.5.0
Dokku's default proxy implementation - nginx - supports HTTP and GRPC request proxying. At this time, we do not support proxying plain TCP or UDP ports. UDP ports can be exposed by disabling the nginx proxy with dokku proxy:disable myapp and manually exposing the ports via the docker-options plugin. For example, dokku docker-options:add myapp deploy \"-p 2456:2456/udp\". If you would like to investigate alternative proxy methods, please refer to our proxy management documentation.
"},{"location":"networking/port-management/#applications-using-expose","title":"Applications using EXPOSE","text":"Dokku will extract all tcp ports exposed using the EXPOSE directive (one port per line) and setup nginx to proxy the same port numbers to listen publicly. If you would like to change the exposed port, you should do so within your Dockerfile.
For example, if the Dokku installation is configured with the domain dokku.me and an application named node-js-app is deployed with following Dockerfile:
FROM ubuntu:24.04\nEXPOSE 1234\nCMD python3 -m SimpleHTTPServer 1234\n
The application would be exposed to the user at node-js-app.dokku.me:1234. If this is not desired, the following application configuration may be applied:
# add a port mapping to port 80\ndokku ports:add node-js-app http:80:1234\n\n# remove the incorrect port mapping\ndokku ports:remove node-js-app http:1234:1234\n
"},{"location":"networking/port-management/#applications-not-using-expose","title":"Applications not using EXPOSE","text":"Any application that does not use an EXPOSE directive will result in Dokku defaulting to port 5000. This behavior mimics the behavior of a Buildpack deploy. If your application does not support the PORT environment variable, then you will either need to:
- modify your application to support the
PORT environment variable. - switch to using an
EXPOSE directive in your Dockerfile.
"},{"location":"networking/port-management/#displaying-ports-reports-for-an-app","title":"Displaying ports reports for an app","text":"You can get a report about the app's ports status using the ports:report command:
ShellOutput dokku ports:report\n
=====> node-js-app ports information\n Port map detected: http:80:5000\n Port map: http:80:5000 https:443:5000\n=====> python-sample ports information\n Port map detected: http:80:5000\n Port map: http:80:5000\n=====> ruby-sample ports information\n Port map detected: http:80:5000\n Port map: http:80:5000\n
You can run the command for a specific app also.
ShellOutput dokku ports:report node-js-app\n
=====> node-js-app ports information\n Port map detected: http:80:5000\n Port map: http:80:5000 https:443:5000\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku ports:report node-js-app --ports-map\n
"},{"location":"networking/proxy-management/","title":"Proxy Management","text":"New
Introduced in 0.5.0, Enhanced in 0.6.0
proxy:build-config [--parallel count] [--all|<app>] # (Re)builds config for given app\nproxy:clear-config [--all|<app>] # Clears config for given app\nproxy:disable [--parallel count] [--all|<app>] # Disable proxy for app\nproxy:enable [--parallel count] [--all|<app>] # Enable proxy for app\nproxy:report [<app>] [<flag>] # Displays a proxy report for one or more apps\nproxy:set [<app>|--global] <proxy-type> # Set proxy type for app\n
In Dokku 0.5.0, port proxying was decoupled from the nginx-vhosts plugin into the proxy plugin. Dokku 0.6.0 introduced the ability to map host ports to specific container ports. This allows other proxy software - such as HAProxy or Caddy - to be used in place of nginx.
"},{"location":"networking/proxy-management/#usage","title":"Usage","text":""},{"location":"networking/proxy-management/#changing-the-proxy","title":"Changing the proxy","text":"The default proxy shipped with Dokku is nginx. It can be changed via the proxy:set command.
ShellOutput dokku proxy:set node-js-app caddy\n
-----> Setting config vars\n DOKKU_APP_PROXY_TYPE: caddy\n
The proxy may also be set on a global basis. This is usually preferred as running multiple proxy implementations may cause port collision issues.
ShellOutput dokku proxy:set --global caddy\n
-----> Setting config vars\n DOKKU_PROXY_TYPE: caddy\n
Changing the proxy does not stop or start any given proxy implementation. Please see the documentation for your proxy implementation for details on how to perform a change.
"},{"location":"networking/proxy-management/#regenerating-proxy-config","title":"Regenerating proxy config","text":"In certain cases, your app proxy configs may drift from the correct config for your app. You may regenerate the config at any point via the proxy:build-config command. This command will trigger a rebuild for the configured proxy implementation (default: nginx) for a given app. The command may fail if there are no current web listeners for your app.
dokku proxy:build-config node-js-app\n
All apps may have their proxy config rebuilt by using the --all flag.
dokku proxy:build-config --all\n
By default, rebuilding proxy configs for all apps happens serially. The parallelism may be controlled by the --parallel flag.
dokku proxy:build-config --all --parallel 2\n
Finally, the number of parallel workers may be automatically set to the number of CPUs available by setting the --parallel flag to -1
dokku proxy:build-config --all --parallel -1\n
"},{"location":"networking/proxy-management/#clearing-the-generated-proxy-config","title":"Clearing the generated proxy config","text":"New
Introduced in 0.27.0
Generated proxy configurations can also be cleared using the proxy:clear-config command.
dokku proxy:clear-config node-js-app\n
All apps may have their proxy config cleared by using the --all flag.
dokku proxy:clear-config --all\n
Clearing a proxy configuration has different effects depending on the proxy plugin in use. Consul the documentation for your proxy implementation for further details.
"},{"location":"networking/proxy-management/#displaying-proxy-reports-for-an-app","title":"Displaying proxy reports for an app","text":"New
Introduced in 0.8.1
You can get a report about the app's proxy status using the proxy:report command:
ShellOutput dokku proxy:report\n
=====> node-js-app proxy information\n Proxy enabled: true\n Proxy type: nginx\n=====> python-sample proxy information\n Proxy enabled: true\n Proxy type: nginx\n=====> ruby-sample proxy information\n Proxy enabled: true\n Proxy type: nginx\n
You can run the command for a specific app also.
ShellOutput dokku proxy:report node-js-app\n
=====> node-js-app proxy information\n Proxy enabled: true\n Proxy type: nginx\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku proxy:report node-js-app --proxy-type\n
"},{"location":"networking/proxy-management/#proxy-port-scheme","title":"Proxy Port Scheme","text":"See the port scheme documentation for more information on the port mapping scheme used by dokku.
"},{"location":"networking/proxy-management/#proxy-port-mapping","title":"Proxy port mapping","text":"See the port management documentation for more information on how port mappings are managed for an application.
"},{"location":"networking/proxy-management/#container-network-interface-binding","title":"Container network interface binding","text":"Info
Changed as of 0.11.0
From Dokku versions 0.5.0 until 0.11.0, enabling or disabling an application's proxy would also control whether or not the application was bound to all interfaces - e.g. 0.0.0.0. As of 0.11.0, this is now controlled by the network plugin. Please see the network documentation for more information.
"},{"location":"networking/proxy-management/#implementing-a-proxy","title":"Implementing a Proxy","text":"Custom plugins names must have the suffix -vhosts or scheduler overriding via proxy:set may not function as expected.
At this time, the following dokku commands are used to interact with a complete proxy implementation.
domains:add: Adds a given domain to an app. - triggers:
post-domains-update
domains:clear: Clears out an app's associated domains. - triggers:
post-domains-update
domains:disable: Disables domains for an app. - triggers:
pre-disable-vhost
domains:enable: Enables domains for an app. - triggers:
pre-enable-vhost
domains:remove: Removes a domain from an app. - triggers:
post-domains-update
domains:set: Sets all domains for a given app. - triggers:
post-domains-update
proxy:build-config: Builds - or rebuilds - external proxy configuration. - triggers:
proxy-build-config
proxy:clear-config: Clears out external proxy configuration. - triggers:
proxy-clear-config
proxy:disable: Disables the proxy configuration for an app. - triggers:
proxy-disable
proxy:enable: Enables the proxy configuration for an app. - triggers:
proxy-enable
ports:add: Adds one or more port mappings to an app - triggers:
post-proxy-ports-update
ports:clear: Clears out all port mappings for an app. - triggers:
post-proxy-ports-update
ports:remove: Removes one or more port mappings from an app. - triggers:
post-proxy-ports-update
ports:set: Sets all port mappings for an app. - triggers:
post-proxy-ports-update
Proxy implementations may decide to omit some functionality here, or use plugin triggers to supplement config with information from other plugins.
Individual proxy implementations may trigger app rebuilds, depending on how proxy metadata is exposed for the proxy implementation.
Finally, proxy implementations may install extra software needed for the proxy itself in whatever manner deemed fit. Proxy software can run on the host itself or within a running Docker container with either exposed ports or host networking.
"},{"location":"networking/proxies/caddy/","title":"Caddy Proxy","text":"New
Introduced in 0.28.0
Dokku provides integration with the Caddy proxy service by utilizing the Docker label-based integration implemented by Caddy.
caddy:report [<app>] [<flag>] # Displays a caddy report for one or more apps\ncaddy:logs [--num num] [--tail] # Display caddy log output\ncaddy:set <app> <property> (<value>) # Set or clear an caddy property for an app\ncaddy:show-config <app> # Display caddy compose config\ncaddy:start # Starts the caddy server\ncaddy:stop # Stops the caddy server\n
"},{"location":"networking/proxies/caddy/#requirements","title":"Requirements","text":"Using the caddy plugin integration requires the docker-compose-plugin for Docker. See this document from the Docker documentation for more information on the installation process for the docker-compose-plugin.
"},{"location":"networking/proxies/caddy/#usage","title":"Usage","text":"Warning
As using multiple proxy plugins on a single Dokku installation can lead to issues routing requests to apps, doing so should be avoided. As the default proxy implementation is nginx, users are encouraged to stop the nginx service before switching to Caddy.
The Caddy plugin has specific rules for routing requests:
- Caddy integration is exposed via docker labels attached to containers. Changes in labels require either app deploys or rebuilds.
- While Caddy will respect labels associated with other containers, only
web containers have Caddy labels injected by the plugin. - Only
http:80 and https:443 port mappings are supported. - Caddy will automatically enable SSL if the letsencrypt email property is set. SSL will be disabled otherwise.
- If no
http:80 mapping is found, the first http port mapping is used for http requests. - If no
https:443 mapping is found, the first https port mapping is used for https requests. - If no
https mapping is found, the container port from http:80 will be used for https requests. - Requests are routed as soon as the container is running and passing healthchecks.
"},{"location":"networking/proxies/caddy/#switching-to-caddy","title":"Switching to Caddy","text":"To use the Caddy plugin, use the proxy:set command for the app in question:
dokku proxy:set node-js-app caddy\n
This will enable the docker label-based Caddy integration. All future deploys will inject the correct labels for Caddy to read and route requests to containers. Due to the docker label-based integration used by Caddy, a single deploy or rebuild will be required before requests will route successfully.
dokku ps:rebuild node-js-app\n
Any changes to domains or port mappings will also require either a deploy or rebuild.
"},{"location":"networking/proxies/caddy/#starting-caddy-container","title":"Starting Caddy container","text":"Caddy can be started via the caddy:start command. This will start a Caddy container via the docker compose up command.
dokku caddy:start\n
"},{"location":"networking/proxies/caddy/#stopping-the-caddy-container","title":"Stopping the Caddy container","text":"Caddy may be stopped via the caddy:stop command.
dokku caddy:stop\n
The Caddy container will be stopped and removed from the system. If the container is not running, this command will do nothing.
"},{"location":"networking/proxies/caddy/#showing-the-caddy-compose-config","title":"Showing the Caddy compose config","text":"For debugging purposes, it may be useful to show the Caddy compose config. This can be achieved via the caddy:show-config command.
dokku caddy:show-config\n
"},{"location":"networking/proxies/caddy/#customizing-the-caddy-container-image","title":"Customizing the Caddy container image","text":"While the default Caddy image is hardcoded, users may specify an alternative by setting the image property with the --global flag:
dokku caddy:set --global image lucaslorentz/caddy-docker-proxy:2.7\n
"},{"location":"networking/proxies/caddy/#checking-the-caddy-containers-logs","title":"Checking the Caddy container's logs","text":"It may be necessary to check the Caddy container's logs to ensure that Caddy is operating as expected. This can be performed with the caddy:logs command.
dokku caddy:logs\n
This command also supports the following modifiers:
--num NUM # the number of lines to display\n--tail # continually stream logs\n
You can use these modifiers as follows:
dokku caddy:logs --tail --num 10\n
The above command will show logs continually from the caddy container, with an initial history of 10 log lines
"},{"location":"networking/proxies/caddy/#changing-the-caddy-log-level","title":"Changing the Caddy log level","text":"Caddy log output is set to ERROR by default. It may be changed by setting the log-level property with the --global flag:
dokku caddy:set --global log-level DEBUG\n
After modifying, the Caddy container will need to be restarted.
"},{"location":"networking/proxies/caddy/#ssl-configuration","title":"SSL Configuration","text":"The caddy plugin only supports automatic ssl certificates from it's letsencrypt integration. Managed certificates provided by the certs plugin are ignored.
"},{"location":"networking/proxies/caddy/#enabling-letsencrypt-integration","title":"Enabling letsencrypt integration","text":"By default, letsencrypt is disabled and https port mappings are ignored. To enable, set the letsencrypt-email property with the --global flag:
dokku caddy:set --global letsencrypt-email automated@dokku.sh\n
After enabling, the Caddy container will need to be restarted and apps will need to be rebuilt. All http requests will then be redirected to https.
"},{"location":"networking/proxies/caddy/#customizing-the-letsencrypt-server","title":"Customizing the letsencrypt server","text":"The letsencrypt integration is set to the production letsencrypt server by default. To change this, set the letsencrypt-server property with the --global flag:
dokku caddy:set --global letsencrypt-server https://acme-staging-v02.api.letsencrypt.org/directory\n
After enabling, the Caddy container will need to be restarted and apps will need to be rebuilt to retrieve certificates from the new server.
"},{"location":"networking/proxies/caddy/#using-caddys-internal-tls-server","title":"Using Caddy's Internal TLS server","text":"To switch to Caddy's internal TLS server for certificate provisioning, set the tls-internal property. This can only be set on a per-app basis.
dokku caddy:set node-js-app tls-internal true\n
"},{"location":"networking/proxies/caddy/#displaying-caddy-reports-for-an-app","title":"Displaying Caddy reports for an app","text":"You can get a report about the app's Caddy config using the caddy:report command:
ShellOutput dokku caddy:report\n
=====> node-js-app caddy information\n Caddy image: lucaslorentz/caddy-docker-proxy:2.7\n Caddy letsencrypt email:\n Caddy letsencrypt server:\n Caddy log level: ERROR\n Caddy polling interval: 5s\n Caddy tls internal: false\n=====> python-app caddy information\n Caddy image: lucaslorentz/caddy-docker-proxy:2.7\n Caddy letsencrypt email:\n Caddy letsencrypt server:\n Caddy log level: ERROR\n Caddy polling interval: 5s\n Caddy tls internal: false\n=====> ruby-app caddy information\n Caddy image: lucaslorentz/caddy-docker-proxy:2.7\n Caddy letsencrypt email:\n Caddy letsencrypt server:\n Caddy log level: ERROR\n Caddy polling interval: 5s\n Caddy tls internal: false\n
You can run the command for a specific app also.
ShellOutput dokku caddy:report node-js-app\n
=====> node-js-app caddy information\n Caddy image: lucaslorentz/caddy-docker-proxy:2.7\n Caddy letsencrypt email:\n Caddy letsencrypt server:\n Caddy log level: ERROR\n Caddy polling interval: 5s\n Caddy tls internal: false\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku caddy:report node-js-app --caddy-image\n
"},{"location":"networking/proxies/haproxy/","title":"Haproxy Proxy","text":"New
Introduced in 0.28.0
Dokku provides integration with the Haproxy proxy service by utilizing the Docker label-based integration implemented by EasyHaproxy.
haproxy:report [<app>] [<flag>] # Displays a haproxy report for one or more apps\nhaproxy:logs [--num num] [--tail] # Display haproxy log output\nhaproxy:set <app> <property> (<value>) # Set or clear an haproxy property for an app\nhaproxy:show-config <app> # Display haproxy compose config\nhaproxy:start # Starts the haproxy server\nhaproxy:stop # Stops the haproxy server\n
"},{"location":"networking/proxies/haproxy/#requirements","title":"Requirements","text":"Using the haproxy plugin integration requires the docker-compose-plugin for Docker. See this document from the Docker documentation for more information on the installation process for the docker-compose-plugin.
"},{"location":"networking/proxies/haproxy/#usage","title":"Usage","text":"Warning
As using multiple proxy plugins on a single Dokku installation can lead to issues routing requests to apps, doing so should be avoided. As the default proxy implementation is nginx, users are encouraged to stop the nginx service before switching to Haproxy.
The Haproxy plugin has specific rules for routing requests:
- Haproxy integration is exposed via docker labels attached to containers. Changes in labels require either app deploys or rebuilds.
- While Haproxy will respect labels associated with other containers, only
web containers have Haproxy labels injected by the plugin. - Only
http:80 and https:443 port mappings are supported at this time. - Requests are routed as soon as the container is running and passing healthchecks.
"},{"location":"networking/proxies/haproxy/#switching-to-haproxy","title":"Switching to Haproxy","text":"To use the Haproxy plugin, use the proxy:set command for the app in question:
dokku proxy:set node-js-app haproxy\n
This will enable the docker label-based Haproxy integration. All future deploys will inject the correct labels for Haproxy to read and route requests to containers. Due to the docker label-based integration used by Haproxy, a single deploy or rebuild will be required before requests will route successfully.
dokku ps:rebuild node-js-app\n
Any changes to domains or port mappings will also require either a deploy or rebuild.
"},{"location":"networking/proxies/haproxy/#starting-haproxy-container","title":"Starting Haproxy container","text":"Haproxy can be started via the haproxy:start command. This will start a Haproxy container via the docker compose up command.
dokku haproxy:start\n
"},{"location":"networking/proxies/haproxy/#stopping-the-haproxy-container","title":"Stopping the Haproxy container","text":"Haproxy may be stopped via the haproxy:stop command.
dokku haproxy:stop\n
The Haproxy container will be stopped and removed from the system. If the container is not running, this command will do nothing.
"},{"location":"networking/proxies/haproxy/#showing-the-haproxy-compose-config","title":"Showing the Haproxy compose config","text":"For debugging purposes, it may be useful to show the Haproxy compose config. This can be achieved via the haproxy:show-config command.
dokku haproxy:show-config\n
"},{"location":"networking/proxies/haproxy/#customizing-the-haproxy-container-image","title":"Customizing the Haproxy container image","text":"While the default Haproxy image is hardcoded, users may specify an alternative by setting the image property with the --global flag:
dokku haproxy:set --global image byjg/easy-haproxy:4.0.0\n
"},{"location":"networking/proxies/haproxy/#checking-the-haproxy-containers-logs","title":"Checking the Haproxy container's logs","text":"It may be necessary to check the Haproxy container's logs to ensure that Haproxy is operating as expected. This can be performed with the haproxy:logs command.
dokku haproxy:logs\n
This command also supports the following modifiers:
--num NUM # the number of lines to display\n--tail # continually stream logs\n
You can use these modifiers as follows:
dokku haproxy:logs --tail --num 10\n
The above command will show logs continually from the vector container, with an initial history of 10 log lines
"},{"location":"networking/proxies/haproxy/#changing-the-haproxy-log-level","title":"Changing the Haproxy log level","text":"Haproxy log output is set to ERROR by default. It may be changed by setting the log-level property with the --global flag:
dokku haproxy:set --global log-level DEBUG\n
After modifying, the Haproxy container will need to be restarted.
"},{"location":"networking/proxies/haproxy/#ssl-configuration","title":"SSL Configuration","text":"The haproxy plugin only supports automatic ssl certificates from it's letsencrypt integration. Managed certificates provided by the certs plugin are ignored.
"},{"location":"networking/proxies/haproxy/#enabling-letsencrypt-integration","title":"Enabling letsencrypt integration","text":"By default, letsencrypt is disabled and https port mappings are ignored. To enable, set the letsencrypt-email property with the --global flag:
dokku haproxy:set --global letsencrypt-email automated@dokku.sh\n
After enabling, the Haproxy container will need to be restarted and apps will need to be rebuilt. All http requests will then be redirected to https.
"},{"location":"networking/proxies/haproxy/#customizing-the-letsencrypt-server","title":"Customizing the letsencrypt server","text":"The letsencrypt integration is set to the production letsencrypt server by default. To change this, set the letsencrypt-server property with the --global flag:
dokku haproxy:set --global letsencrypt-server https://acme-staging-v02.api.letsencrypt.org/directory\n
After enabling, the Haproxy container will need to be restarted and apps will need to be rebuilt to retrieve certificates from the new server.
"},{"location":"networking/proxies/haproxy/#displaying-haproxy-reports-for-an-app","title":"Displaying Haproxy reports for an app","text":"You can get a report about the app's Haproxy config using the haproxy:report command:
ShellOutput dokku haproxy:report\n
=====> node-js-app haproxy information\n Haproxy image: byjg/easy-haproxy:4.0.0\n=====> python-app haproxy information\n Haproxy image: byjg/easy-haproxy:4.0.0\n=====> ruby-app haproxy information\n Haproxy image: byjg/easy-haproxy:4.0.0\n
You can run the command for a specific app also.
ShellOutput dokku haproxy:report node-js-app\n
=====> node-js-app haproxy information\n Haproxy image: byjg/easy-haproxy:4.0.0\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku haproxy:report node-js-app --haproxy-image\n
"},{"location":"networking/proxies/nginx/","title":"Nginx Proxy","text":"Dokku uses nginx as its server for routing requests to specific applications. By default, access and error logs are written for each app to /var/log/nginx/${APP}-access.log and /var/log/nginx/${APP}-error.log respectively
nginx:access-logs <app> [-t] # Show the nginx access logs for an application (-t follows)\nnginx:error-logs <app> [-t] # Show the nginx error logs for an application (-t follows)\nnginx:report [<app>] [<flag>] # Displays a nginx report for one or more apps\nnginx:set <app> <property> (<value>) # Set or clear an nginx property for an app\nnginx:show-config <app> # Display app nginx config\nnginx:start # Starts the nginx server\nnginx:stop # Stops the nginx server\nnginx:validate-config [<app>] [--clean] # Validates and optionally cleans up invalid nginx configurations\n
"},{"location":"networking/proxies/nginx/#usage","title":"Usage","text":"Warning
As using multiple proxy plugins on a single Dokku installation can lead to issues routing requests to apps, doing so should be avoided.
"},{"location":"networking/proxies/nginx/#request-proxying","title":"Request Proxying","text":"By default, the web process is the only process proxied by the nginx proxy implementation. Proxying to other process types may be handled by a custom nginx.conf.sigil file, as generally described below
Nginx will proxy the requests in a round-robin balancing fashion to the different deployed (scaled) containers running the web proctype. This way, the host's resources can be fully leveraged for single-threaded applications (e.g. dokku ps:scale node-js-app web=4 on a 4-core machine).
Note
Due to how the plugin is implemented, if an app successfully starts up web containers but fails to deploy some other containers, nginx may eventually stop routing requests. Users should revert their code in these cases, or manually trigger dokku proxy:build-config $APP in order to ensure requests route to the new web containers.
"},{"location":"networking/proxies/nginx/#starting-nginx","title":"Starting nginx","text":"New
Introduced in 0.28.0
The nginx server can be started via nginx:start.
dokku nginx:start\n
"},{"location":"networking/proxies/nginx/#stopping-nginx","title":"Stopping nginx","text":"New
Introduced in 0.28.0
The nginx server can be stopped via nginx:stop.
dokku nginx:stop\n
"},{"location":"networking/proxies/nginx/#checking-access-logs","title":"Checking access logs","text":"Note
Changing this value globally or on a per-app basis will require rebuilding the nginx config via the proxy:build-config command.
You may check nginx access logs via the nginx:access-logs command. This assumes that app access logs are being stored in /var/log/nginx/$APP-access.log, as is the default in the generated nginx.conf.
dokku nginx:access-logs node-js-app\n
You may also follow the logs by specifying the -t flag.
dokku nginx:access-logs node-js-app -t\n
"},{"location":"networking/proxies/nginx/#checking-error-logs","title":"Checking error logs","text":"You may check nginx error logs via the nginx:error-logs command. This assumes that app error logs are being stored in /var/log/nginx/$APP-error.log, as is the default in the generated nginx.conf.
dokku nginx:error-logs node-js-app\n
You may also follow the logs by specifying the -t flag.
dokku nginx:error-logs node-js-app -t\n
"},{"location":"networking/proxies/nginx/#showing-the-nginx-config","title":"Showing the nginx config","text":"For debugging purposes, it may be useful to show the nginx config. This can be achieved via the nginx:show-config command.
dokku nginx:show-config node-js-app\n
"},{"location":"networking/proxies/nginx/#validating-nginx-configs","title":"Validating nginx configs","text":"It may be desired to validate an nginx config outside of the deployment process. To do so, run the nginx:validate-config command. With no arguments, this will validate all app nginx configs, one at a time. A minimal wrapper nginx config is generated for each app's nginx config, upon which nginx -t will be run.
dokku nginx:validate-config\n
As app nginx configs are actually executed within a shared context, it is possible for an individual config to be invalid when being validated standalone but also be valid within the global server context. As such, the exit code for the nginx:validate-config command is the exit code of nginx -t against the server's real nginx config.
The nginx:validate-config command also takes an optional --clean flag. If specified, invalid nginx configs will be removed.
Warning
Invalid app nginx config's will be removed even if the config is valid in the global server context.
dokku nginx:validate-config --clean\n
The --clean flag may also be specified for a given app:
dokku nginx:validate-config node-js-app --clean\n
"},{"location":"networking/proxies/nginx/#custom-error-pages","title":"Custom Error Pages","text":"By default, Dokku provides custom error pages for the following three categories of errors:
- 4xx: For all non-404 errors with a 4xx response code.
- 404: For \"404 Not Found\" errors.
- 5xx: For all 5xx error responses
These are provided as an alternative to the generic Nginx error page, are shared for all applications, and their contents are located on disk at /var/lib/dokku/data/nginx-vhosts/dokku-errors. To customize them for a specific app, create a custom nginx.conf.sigil as described above and change the paths to point elsewhere.
"},{"location":"networking/proxies/nginx/#default-site","title":"Default site","text":"By default, Dokku will route any received request with an unknown HOST header value to the lexicographically first site in the nginx config stack. This means that accessing the dokku server via its IP address or a bogus domain name may return a seemingly random website.
Warning
Some versions of Nginx may create a default site when installed. This site is simply a static page which says \"Welcome to Nginx\", and if this default site is enabled, Nginx will not route any requests with an unknown HOST header to Dokku. If you want Dokku to receive all requests, run the following commands:
rm /etc/nginx/sites-enabled/default\ndokku nginx:stop\ndokku nginx:start\n
If services should only be accessed via their domain name, you may want to disable the default site by adding the following configuration to the global nginx configuration.
Create the file at /etc/nginx/conf.d/00-default-vhost.conf:
server {\n listen 80 default_server;\n listen [::]:80 default_server;\n\n # If services hosted by dokku are available via HTTPS, it is recommended\n # to also uncomment the following section.\n #\n # Please note that in order to let this work, you need an SSL certificate. However\n # it does not need to be valid. Users of Debian-based distributions can install the\n # `ssl-cert` package with `sudo apt install ssl-cert` to automatically generate\n # a self-signed certificate that is stored at `/etc/ssl/certs/ssl-cert-snakeoil.pem`.\n #\n #listen 443 ssl;\n #listen [::]:443 ssl;\n #ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem;\n #ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key;\n\n server_name _;\n access_log off;\n return 444;\n}\n
Make sure to reload nginx after creating this file by running systemctl reload nginx.service.
This will catch all unknown HOST header values and close the connection without responding. You can replace the return 444; with return 410; which will cause nginx to respond with an error page.
The configuration file must be loaded before /etc/nginx/conf.d/dokku.conf, so it can not be arranged as a vhost in /etc/nginx/sites-enabled that is only processed afterwards.
Alternatively, you may push an app to your Dokku host with a name like \"00-default\". As long as it lists first in ls /home/dokku/*/nginx.conf | head, it will be used as the default nginx vhost.
"},{"location":"networking/proxies/nginx/#customizing-the-nginx-configuration","title":"Customizing the nginx configuration","text":"New
Introduced in 0.5.0
Dokku uses a templating library by the name of sigil to generate nginx configuration for each app. This may be overridden by committing the default configuration template to a file named nginx.conf.sigil.
The nginx.conf.sigil is expected to be found in a specific directory, depending on the deploy approach:
- The
WORKDIR of the Docker image for deploys resulting from git:from-image and git:load-image commands. - The root of the source code tree for all other deploys (git push,
git:from-archive, git:sync).
Sometimes it may be desirable to set a different path for a given app, e.g. when deploying from a monorepo. This can be done via the nginx-conf-sigil-path property:
dokku nginx:set node-js-app nginx-conf-sigil-path .dokku/nginx.conf.sigil\n
The value is the path to the desired file relative to the base search directory, and will never be treated as absolute paths in any context. If that file does not exist within the repository, Dokku will continue the build process as if the repository has no nginx.conf.sigil.
The default value may be set by passing an empty value for the option:
dokku nginx:set node-js-app nginx-conf-sigil-path\n
The nginx-conf-sigil-path property can also be set globally. The global default is nginx.conf.sigil, and the global value is used when no app-specific value is set.
dokku nginx:set --global nginx-conf-sigil-path nginx.conf.sigil\n
The default value may be set by passing an empty value for the option.
dokku nginx:set --global nginx-conf-sigil-path\n
Info
The default template may change with new releases of Dokku. Please refer to the appropriate template file version for your Dokku version, and make sure to look out for changes when you upgrade.
"},{"location":"networking/proxies/nginx/#disabling-custom-nginx-config","title":"Disabling custom nginx config","text":"Note
Changing this value globally or on a per-app basis will require rebuilding the nginx config via the proxy:build-config command.
While enabled by default, using a custom nginx config can be disabled via nginx:set. This may be useful in cases where you do not want to allow users to override any higher-level customization of app nginx config.
# enable fetching custom config (default)\ndokku nginx:set node-js-app disable-custom-config false\n\n# disable fetching custom config\ndokku nginx:set node-js-app disable-custom-config true\n
Unsetting this value is the same as enabling custom nginx config usage.
"},{"location":"networking/proxies/nginx/#available-template-variables","title":"Available template variables","text":"{{ .APP }} Application name\n{{ .APP_SSL_PATH }} Path to SSL certificate and key\n{{ .DOKKU_ROOT }} Global Dokku root directory (ex: app dir would be `{{ .DOKKU_ROOT }}/{{ .APP }}`)\n{{ .PROXY_PORT }} Non-SSL nginx listener port (same as `DOKKU_PROXY_PORT` config var)\n{{ .PROXY_SSL_PORT }} SSL nginx listener port (same as `DOKKU_PROXY_SSL_PORT` config var)\n{{ .NOSSL_SERVER_NAME }} List of non-SSL VHOSTS\n{{ .PROXY_PORT_MAP }} List of port mappings (same as the `map` ports property)\n{{ .PROXY_UPSTREAM_PORTS }} List of configured upstream ports (derived from the `map` ports property)\n{{ .SSL_INUSE }} Boolean set when an app is SSL-enabled\n{{ .SSL_SERVER_NAME }} List of SSL VHOSTS\n
Finally, each process type has it's network listeners - a list of IP:PORT pairs for the respective app containers - exposed via an .DOKKU_APP_${PROCESS_TYPE}_LISTENERS variable - the PROCESS_TYPE will be upper-cased with hyphens transformed into underscores. Users can use the new variables to expose non-web processes via the nginx proxy.
Note
Application environment variables are available for use in custom templates. To do so, use the form of {{ var \"FOO\" }} to access a variable named FOO.
"},{"location":"networking/proxies/nginx/#customizing-via-configuration-files-included-by-the-default-templates","title":"Customizing via configuration files included by the default templates","text":"The default nginx.conf template will include everything from your apps nginx.conf.d/ subdirectory in the main server {} block (see above):
include {{ .DOKKU_ROOT }}/{{ .APP }}/nginx.conf.d/*.conf;\n
That means you can put additional configuration in separate files. To increase the client request header timeout, the following can be performed:
mkdir /home/dokku/node-js-app/nginx.conf.d/\necho 'client_header_timeout 50s;' > /home/dokku/node-js-app/nginx.conf.d/timeout.conf\nchown dokku:dokku /home/dokku/node-js-app/nginx.conf.d/upload.conf\nservice nginx reload\n
The example above uses additional configuration files directly on the Dokku host. Unlike the nginx.conf.sigil file, these additional files will not be copied over from your application repo, and thus need to be placed in the /home/dokku/node-js-app/nginx.conf.d/ directory manually.
For PHP Buildpack users, you will also need to provide a Procfile and an accompanying nginx.conf file to customize the nginx config within the container. The following are example contents for your Procfile
web: vendor/bin/heroku-php-nginx -C nginx.conf -i php.ini php/\n
Your nginx.conf file - not to be confused with Dokku's nginx.conf.sigil - would also need to be configured as shown in this example:
client_header_timeout 50s;\nlocation / {\n index index.php;\n try_files $uri $uri/ /index.php$is_args$args;\n}\n
Please adjust the Procfile and nginx.conf file as appropriate.
"},{"location":"networking/proxies/nginx/#setting-properties-for-the-nginx-config","title":"Setting Properties for the nginx config","text":"The nginx plugin exposes a variety of properties configurable via the nginx:set command. The properties are used to configure the generated nginx.conf file from the nginx.conf.sigil template. The value precedence is app-specific, then global, and finally the Dokku default.
The nginx:set command takes an app name or the --global flag.
# set a property for the node-js-app\ndokku nginx:set node-js-app property-name some-value\n\n# set a property globally\ndokku nginx:set --global property-name some-value\n
Additionally, setting an empty value will result in reverting the value back to it's default. For app-specific values, this means that Dokku will revert to the globally specified (or global default) value.
# default the value back to the global value for node-js-app\ndokku nginx:set node-js-app property-name\n\n# use the dokku default as the global value\ndokku nginx:set --global property-name\n
Changing these value globally or on a per-app basis will require rebuilding the nginx config via the proxy:build-config command.
Warning
Validation is not performed against the values, and they are used as is within Dokku.
Property Default Type Explanation access-log-format empty string string Name of custom log format to use (log format must be specified elsewhere) access-log-path ${NGINX_LOG_ROOT}/${APP}-access.log string Log path for nginx access logs (set to off to disable) bind-address-ipv4 0.0.0.0 string Default IPv4 address to bind to bind-address-ipv6 [::] string Default IPv6 address to bind to client-max-body-size 1m string Size (with units) of client request body (usually modified for file uploads) error-log-path ${NGINX_LOG_ROOT}/${APP}-error.log string Log path for nginx error logs (set to off to disable) hsts true boolean Enables or disables HSTS for your application hsts-include-subdomains true boolean Forces the browser to apply the HSTS policy to all app subdomains hsts-max-age 15724800 integer Time in seconds to cache HSTS configuration hsts-preload false boolean Tells the browser to include the domain in their HSTS preload lists nginx-conf-sigil-path nginx.conf.sigil string Path in the repository to the nginx.conf.sigil file proxy-buffer-size 8k (# is os pagesize) string Size of the buffer used for reading the first part of proxied server response proxy-buffering on string Enables or disables buffering of responses from the proxied server proxy-buffers 8 8k string Number and size of the buffers used for reading the proxied server response, for a single connection proxy-busy-buffers-size 16k string Limits the total size of buffers that can be busy sending a response to the client while the response is not yet fully read. proxy-read-timeout 60s string Timeout (with units) for reading response from your backend server underscore-in-headers off string Enables or disables the use of underscores in client request header fields. x-forwarded-for-value $remote_addr string Used for specifying the header value to set for the X-Forwarded-For header x-forwarded-port-value $server_port string Used for specifying the header value to set for the X-Forwarded-Port header x-forwarded-proto-value $scheme string Used for specifying the header value to set for the X-Forwarded-Proto header x-forwarded-ssl empty string string Less commonly used alternative to X-Forwarded-Proto (valid values: on or off)"},{"location":"networking/proxies/nginx/#binding-to-specific-addresses","title":"Binding to specific addresses","text":"Note
Users with apps that contain a custom nginx.conf.sigil file will need to modify the files to respect the new NGINX_BIND_ADDRESS_IPV4 and NGINX_BIND_ADDRESS_IPV6 variables.
Properties:
bind-address-ipv4bind-address-ipv6
This is useful in cases where the proxying should be internal to a network or if there are multiple network interfaces that should respond with different content.
"},{"location":"networking/proxies/nginx/#hsts-header","title":"HSTS Header","text":"Warning
if you enable the header and a subsequent deploy of your application results in an HTTP deploy (for whatever reason), the way the header works means that a browser will not attempt to request the HTTP version of your site if the HTTPS version fails until the max-age is reached.
Properties:
hstshsts-include-subdomainshsts-max-agehsts-preload
If SSL certificates are present, HSTS will be automatically enabled.
"},{"location":"networking/proxies/nginx/#running-behind-another-proxy-configuring-x-forwarded-headers","title":"Running behind another proxy \u2014 configuring X-Forwarded-* headers","text":"Warning
These values should only be modified if there is an intermediate Load balancer or CDN between the user and the Dokku server hosting your application.
Properties:
x-forwarded-for-valuex-forwarded-port-valuex-forwarded-proto-valuex-forwarded-ssl
Dokku's default Nginx configuration passes the de-facto standard HTTP headers X-Forwarded-For, X-Forwarded-Proto, and X-Forwarded-Port to your application. These headers indicate the IP address of the original client making the request, the protocol of the original request (HTTP or HTTPS), and the port number of the original request, respectively.
If you have another HTTP proxy sitting in between the end user and your server (for example, a load balancer, or a CDN), then the values of these headers will contain information about (e.g. the IP address of) the closest proxy, and not the end user.
To fix this, assuming that the other proxy also passes X-Forwarded-* headers, which in turn contain information about the end user, you can tell Nginx include those values in the X-Forwarded-* headers that it sends to your application. You can do this via nginx:set, like so:
dokku nginx:set node-js-app x-forwarded-for-value '$http_x_forwarded_for'\ndokku nginx:set node-js-app x-forwarded-port-value '$http_x_forwarded_port'\ndokku nginx:set node-js-app x-forwarded-proto-value '$http_x_forwarded_proto'\n
However, note that you should only do this if:
- Requests to your website always go through a trusted proxy.
- That proxy is configured to send the aforementioned
X-Forwarded-* headers.
Otherwise, if it's possible for clients to make HTTP requests directly against your server, bypassing the other proxy, or if the other proxy is not configured to set these headers, then a client can basically pass any arbitrary values for these headers (which your app then presumably reads) and thereby fake an IP address, for example.
There's also the X-Forwarded-Ssl header which a less common alternative to X-Forwarded-Proto \u2014 and because of that, isn't included in Dokku's default Nginx configuration. It can be turned on if need be:
# force-setting value to `on`\ndokku nginx:set node-js-app x-forwarded-ssl on\n
"},{"location":"networking/proxies/nginx/#changing-log-path","title":"Changing log path","text":"Warning
The defaults should not be changed without verifying that the paths will be writeable by nginx.
Properties:
access-log-patherror-log-path
These setting can be useful for enabling or disabling logging by setting the values to off.
dokku nginx:set node-js-app access-log-path off\ndokku nginx:set node-js-app error-log-path off\n
"},{"location":"networking/proxies/nginx/#changing-log-format","title":"Changing log format","text":"Properties:
acccess-log-format
Prior to changing the log-format, log formats should be specified at a file such as /etc/nginx/conf.d/00-log-formats.conf. This will ensure they are available within your app's nginx context. For instance, the following may be added to the above file. It only needs to be specified once to be used for all apps.
# /etc/nginx/conf.d/00-log-formats.conf\n# escape=json was added in nginx 1.11.8\nlog_format json_combined escape=json\n '{'\n '\"time_local\":\"$time_local\",'\n '\"remote_addr\":\"$remote_addr\",'\n '\"remote_user\":\"$remote_user\",'\n '\"request\":\"$request\",'\n '\"status\":\"$status\",'\n '\"body_bytes_sent\":\"$body_bytes_sent\",'\n '\"request_time\":\"$request_time\",'\n '\"http_referrer\":\"$http_referer\",'\n '\"http_user_agent\":\"$http_user_agent\"'\n '}';\n
"},{"location":"networking/proxies/nginx/#specifying-a-read-timeout","title":"Specifying a read timeout","text":"Note
All numeric values must have a trailing time value specified (s for seconds, m for minutes).
Properties:
proxy-read-timeout
"},{"location":"networking/proxies/nginx/#specifying-a-custom-client_max_body_size","title":"Specifying a custom client_max_body_size","text":"Note
All numerical values must have a trailing size unit specified (k for kilobytes, m for megabytes).
Properties:
client-max-body-size
This property is commonly used to increase the max file upload size.
Changing this value when using the PHP buildpack (or any other buildpack that uses an intermediary server) will require changing the value in the server config shipped with that buildpack. Consult your buildpack documentation for further details.
"},{"location":"networking/proxies/nginx/#other","title":"Other","text":""},{"location":"networking/proxies/nginx/#domains-plugin","title":"Domains plugin","text":"See the domain configuration documentation for more information on how to configure domains for your app.
"},{"location":"networking/proxies/nginx/#customizing-hostnames","title":"Customizing hostnames","text":"See the customizing hostnames documentation for more information on how to configure domains for your app.
"},{"location":"networking/proxies/nginx/#disabling-vhosts","title":"Disabling VHOSTS","text":"See the disabling vhosts documentation for more information on how to disable domain usage for your app.
"},{"location":"networking/proxies/nginx/#ssl-configuration","title":"SSL Configuration","text":"See the ssl documentation for more information on how to configure SSL certificates for your application.
"},{"location":"networking/proxies/nginx/#disabling-nginx","title":"Disabling Nginx","text":"See the proxy documentation for more information on how to disable nginx as the proxy implementation for your app.
"},{"location":"networking/proxies/nginx/#managing-proxy-port-mappings","title":"Managing Proxy Port mappings","text":"See the ports documentation for more information on how to manage ports proxied for your app.
"},{"location":"networking/proxies/nginx/#regenerating-nginx-config","title":"Regenerating nginx config","text":"See the proxy documentation for more information on how to rebuild the nginx proxy configuration for your app.
"},{"location":"networking/proxies/openresty/","title":"OpenResty Proxy","text":"New
Introduced in 0.31.0
Dokku can provide integration with the OpenResty proxy service by utilizing the Docker label-based integration implemented by openresty-docker-proxy.
openresty:report [<app>] [<flag>] # Displays a openresty report for one or more apps\nopenresty:logs [--num num] [--tail] # Display openresty log output\nopenresty:set <app> <property> (<value>) # Set or clear an openresty property for an app\nopenresty:show-config <app> # Display openresty compose config\nopenresty:start # Starts the openresty server\nopenresty:stop # Stops the openresty server\n
"},{"location":"networking/proxies/openresty/#requirements","title":"Requirements","text":"Using the openresty plugin integration requires the docker-compose-plugin for Docker. See this document from the Docker documentation for more information on the installation process for the docker-compose-plugin.
"},{"location":"networking/proxies/openresty/#usage","title":"Usage","text":"Warning
As using multiple proxy plugins on a single Dokku installation can lead to issues routing requests to apps, doing so should be avoided. As the default proxy implementation is nginx, users are encouraged to stop the nginx service before switching to OpenResty.
The OpenResty plugin has specific rules for routing requests:
- OpenResty integration is exposed via docker labels attached to containers. Changes in labels require either app deploys or rebuilds.
- While OpenResty will respect labels associated with other containers, only
web containers have OpenResty labels injected by the plugin. - Only
http:80 and https:443 port mappings are supported at this time. - Requests are routed as soon as the container is running and passing healthchecks.
"},{"location":"networking/proxies/openresty/#switching-to-openresty","title":"Switching to OpenResty","text":"To use the OpenResty plugin, use the proxy:set command for the app in question:
dokku proxy:set node-js-app openresty\n
This will enable the docker label-based OpenResty integration. All future deploys will inject the correct labels for OpenResty to read and route requests to containers. Due to the docker label-based integration used by OpenResty, a single deploy or rebuild will be required before requests will route successfully.
dokku ps:rebuild node-js-app\n
Any changes to domains or port mappings will also require either a deploy or rebuild.
"},{"location":"networking/proxies/openresty/#starting-openresty-container","title":"Starting OpenResty container","text":"OpenResty can be started via the openresty:start command. This will start a OpenResty container via the docker compose up command.
dokku openresty:start\n
"},{"location":"networking/proxies/openresty/#stopping-the-openresty-container","title":"Stopping the OpenResty container","text":"OpenResty may be stopped via the openresty:stop command.
dokku openresty:stop\n
The OpenResty container will be stopped and removed from the system. If the container is not running, this command will do nothing.
"},{"location":"networking/proxies/openresty/#showing-the-openresty-compose-config","title":"Showing the OpenResty compose config","text":"For debugging purposes, it may be useful to show the OpenResty compose config. This can be achieved via the openresty:show-config command.
dokku openresty:show-config\n
"},{"location":"networking/proxies/openresty/#customizing-the-openresty-container-image","title":"Customizing the OpenResty container image","text":"While the default OpenResty image is hardcoded, users may specify an alternative by setting the image property with the --global flag:
dokku openresty:set --global image dokku/openresty-docker-proxy:0.5.6\n
"},{"location":"networking/proxies/openresty/#checking-the-openresty-containers-logs","title":"Checking the OpenResty container's logs","text":"It may be necessary to check the OpenResty container's logs to ensure that OpenResty is operating as expected. This can be performed with the openresty:logs command.
dokku openresty:logs\n
This command also supports the following modifiers:
--num NUM # the number of lines to display\n--tail # continually stream logs\n
You can use these modifiers as follows:
dokku openresty:logs --tail --num 10\n
The above command will show logs continually from the openresty container, with an initial history of 10 log lines
"},{"location":"networking/proxies/openresty/#customizing-openresty-settings-for-an-app","title":"Customizing Openresty Settings for an app","text":""},{"location":"networking/proxies/openresty/#openresty-properties","title":"OpenResty Properties","text":"The OpenResty plugin supports all properties supported by the nginx:set command via openresty:set. At this time, please consult the nginx documentation for more information on what properties are available.
Please note that the oldest running container will be used for OpenResty configuration, and thus newer config may not apply until older app containers are retired during/after a deploy, depending on your zero-downtime settings.
"},{"location":"networking/proxies/openresty/#custom-openresty-templates","title":"Custom OpenResty Templates","text":"At this time, the OpenResty plugin does not allow complete customization of the template used to manage an app's vhost. Apps will use a template provided by the OpenResty container to proxy requests. See the next section for documentation on how to configure portions of the template.
"},{"location":"networking/proxies/openresty/#injecting-custom-snippets-into-the-openresty-config","title":"Injecting custom snippets into the OpenResty config","text":"The OpenResty plugin allows users to specify templates in their repository for auto-injection into the OpenResty config. Please note that this configuration should be validated prior to deployment or may cause outages in your OpenResty proxy layer.
The following folders within an app repository may have *.conf files that will be automatically injected into the OpenResty config.
openresty/http-includes/: Injected in the server block serving http(s) requests for the app.openresty/http-location-includes/: Injected in the location block that proxies to the app in the app's respective server block.
"},{"location":"networking/proxies/openresty/#ssl-configuration","title":"SSL Configuration","text":"The OpenResty plugin only supports automatic ssl certificates from it's letsencrypt integration. Managed certificates provided by the certs plugin are ignored.
"},{"location":"networking/proxies/openresty/#enabling-letsencrypt-integration","title":"Enabling letsencrypt integration","text":"By default, letsencrypt is disabled and https port mappings are ignored. To enable, set the letsencrypt-email property with the --global flag:
dokku openresty:set --global letsencrypt-email automated@dokku.sh\n
After enabling, the OpenResty container will need to be restarted and apps will need to be rebuilt. All http requests will then be redirected to https.
"},{"location":"networking/proxies/openresty/#customizing-the-letsencrypt-server","title":"Customizing the letsencrypt server","text":"The letsencrypt integration is set to the production letsencrypt server by default. To change this, set the letsencrypt-server property with the --global flag:
dokku openresty:set --global letsencrypt-server https://acme-staging-v02.api.letsencrypt.org/directory\n
After enabling, the OpenResty container will need to be restarted and apps will need to be rebuilt to retrieve certificates from the new server.
"},{"location":"networking/proxies/openresty/#limiting-letsencrypt-to-certain-domains","title":"Limiting letsencrypt to certain domains","text":"Warning
Changing this value may cause OpenResty to fail to start if the value is not valid. Caution should be exercised when changing this value from the defaults.
In cases where your server's IP may have invalid domains pointing at it, limiting letsencrypt to certain allowed domains may be desirable to reduce spam requests on the Letsencrypt servers. The default is to allow all domains to have certificates retrieved, but this can be limited by specifying the allowed-letsencrypt-domains-func-base64 global property.
The default internal value for allowed-letsencrypt-domains-func-base64 is the base64 representation of return true, and is meant to be the body of a lua function that return a boolean value.
value=\"$(echo 'return true' | base64 -w 0)\"\ndokku openresty:set --global allowed-letsencrypt-domains-func-base64 $value\n
As this is a global value, once changed, OpenResty should be stopped and started again for the value to take effect:
dokku openresty:stop\ndokku openresty:start\n
A more complex example would be to limit provisioning of certificates to domains in a specific list. The body of the lua function has access to a variable domain, and we can use it like so:
body='allowed_domains = {\"domain.com\", \"extra-domain.com\"}\n\nfor index, value in ipairs(allowed_domains) do\n if value == domain then\n return true\n end\nend\n\nreturn false\n'\nvalue=\"$(echo \"$body\" | base64 -w 0)\"\ndokku openresty:set --global allowed-letsencrypt-domains-func-base64 $value\n
To reset the value to the default, simply specify a blank value prior to restarting OpenResty:
dokku openresty:set --global allowed-letsencrypt-domains-func-base64\n
"},{"location":"networking/proxies/openresty/#displaying-openresty-reports-for-an-app","title":"Displaying OpenResty reports for an app","text":"You can get a report about the app's OpenResty config using the openresty:report command:
ShellOutput dokku openresty:report\n
=====> node-js-app openresty information\n Openresty image: dokku/openresty-docker-proxy:0.5.6\n Openresty letsencrypt email: automated@dokku.sh\n=====> python-app openresty information\n Openresty image: dokku/openresty-docker-proxy:0.5.6\n Openresty letsencrypt email: automated@dokku.sh\n=====> ruby-app openresty information\n Openresty image: dokku/openresty-docker-proxy:0.5.6\n Openresty letsencrypt email: automated@dokku.sh\n
You can run the command for a specific app also.
ShellOutput dokku openresty:report node-js-app\n
=====> node-js-app openresty information\n Openresty image: dokku/openresty-docker-proxy:0.5.6\n Openresty letsencrypt email: automated@dokku.sh\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku openresty:report node-js-app --openresty-letsencrypt-email\n
"},{"location":"networking/proxies/traefik/","title":"Traefik Proxy","text":"New
Introduced in 0.28.0
Dokku provides integration with the Traefik proxy service by utilizing the Docker label-based integration implemented by Traefik.
traefik:report [<app>] [<flag>] # Displays a traefik report for one or more apps\ntraefik:logs [--num num] [--tail] # Display traefik log output\ntraefik:set <app> <property> (<value>) # Set or clear an traefik property for an app\ntraefik:show-config <app> # Display traefik compose config\ntraefik:start # Starts the traefik server\ntraefik:stop # Stops the traefik server\n
"},{"location":"networking/proxies/traefik/#requirements","title":"Requirements","text":"Using the traefik plugin integration requires the docker-compose-plugin for Docker. See this document from the Docker documentation for more information on the installation process for the docker-compose-plugin.
"},{"location":"networking/proxies/traefik/#usage","title":"Usage","text":"Warning
As using multiple proxy plugins on a single Dokku installation can lead to issues routing requests to apps, doing so should be avoided. As the default proxy implementation is nginx, users are encouraged to stop the nginx service before switching to Traefik.
The Traefik plugin has specific rules for routing requests:
- Traefik integration is exposed via docker labels attached to containers. Changes in labels require either app deploys or rebuilds.
- While Traefik will respect labels associated with other containers, only
web containers have Traefik labels injected by the plugin. - Only
http:80 and https:443 port mappings are supported. - If no
http:80 mapping is found, the first http port mapping is used for http requests. - If no
https:443 mapping is found, the first https port mapping is used for https requests. - If no
https mapping is found, the container port from http:80 will be used for https requests. - Requests are routed as soon as the container is running and passing healthchecks.
"},{"location":"networking/proxies/traefik/#switching-to-traefik","title":"Switching to Traefik","text":"To use the Traefik plugin, use the proxy:set command for the app in question:
dokku proxy:set node-js-app traefik\n
This will enable the docker label-based Traefik integration. All future deploys will inject the correct labels for Traefik to read and route requests to containers. Due to the docker label-based integration used by Traefik, a single deploy or rebuild will be required before requests will route successfully.
dokku ps:rebuild node-js-app\n
Any changes to domains or port mappings will also require either a deploy or rebuild.
"},{"location":"networking/proxies/traefik/#starting-traefik-container","title":"Starting Traefik container","text":"Traefik can be started via the traefik:start command. This will start a Traefik container via the docker compose up command.
dokku traefik:start\n
"},{"location":"networking/proxies/traefik/#stopping-the-traefik-container","title":"Stopping the Traefik container","text":"Traefik may be stopped via the traefik:stop command.
dokku traefik:stop\n
The Traefik container will be stopped and removed from the system. If the container is not running, this command will do nothing.
"},{"location":"networking/proxies/traefik/#changing-the-traefik-entrypoint-names","title":"Changing the Traefik entrypoint names","text":"When you use a self-hosted Traefik instance, your entrypoint names might be different from the default http and https
Use traefik:set to set both http-entry-point and https-entry-point to custom values
dokku traefik:set --global http-entry-point web\ndokku traefik:set --global https-entry-point websecure\n
"},{"location":"networking/proxies/traefik/#showing-the-traefik-compose-config","title":"Showing the Traefik compose config","text":"For debugging purposes, it may be useful to show the Traefik compose config. This can be achieved via the traefik:show-config command.
dokku traefik:show-config\n
"},{"location":"networking/proxies/traefik/#customizing-the-traefik-container-image","title":"Customizing the Traefik container image","text":"While the default Traefik image is hardcoded, users may specify an alternative by setting the image property with the --global flag:
dokku traefik:set --global image traefik:v2.8\n
"},{"location":"networking/proxies/traefik/#checking-the-traefik-containers-logs","title":"Checking the Traefik container's logs","text":"It may be necessary to check the Traefik container's logs to ensure that Traefik is operating as expected. This can be performed with the traefik:logs command.
dokku traefik:logs\n
This command also supports the following modifiers:
--num NUM # the number of lines to display\n--tail # continually stream logs\n
You can use these modifiers as follows:
dokku traefik:logs --tail --num 10\n
The above command will show logs continually from the traefik container, with an initial history of 10 log lines
"},{"location":"networking/proxies/traefik/#changing-the-traefik-log-level","title":"Changing the Traefik log level","text":"Traefik log output is set to ERROR by default. It may be changed by setting the log-level property with the --global flag:
dokku traefik:set --global log-level DEBUG\n
After modifying, the Traefik container will need to be restarted.
"},{"location":"networking/proxies/traefik/#ssl-configuration","title":"SSL Configuration","text":"The traefik plugin only supports automatic ssl certificates from it's letsencrypt integration. Managed certificates provided by the certs plugin are ignored.
"},{"location":"networking/proxies/traefik/#enabling-letsencrypt-integration","title":"Enabling letsencrypt integration","text":"By default, letsencrypt is disabled and https port mappings are ignored. To enable, set the letsencrypt-email property with the --global flag:
dokku traefik:set --global letsencrypt-email automated@dokku.sh\n
After enabling, apps will need to be rebuilt and the Traefik container will need to be restarted. All http requests will then be redirected to https.
"},{"location":"networking/proxies/traefik/#customizing-the-letsencrypt-server","title":"Customizing the letsencrypt server","text":"The letsencrypt integration is set to the production letsencrypt server by default. To change this, set the letsencrypt-server property with the --global flag:
dokku traefik:set --global letsencrypt-server https://acme-staging-v02.api.letsencrypt.org/directory\n
After enabling, the Traefik container will need to be restarted and apps will need to be rebuilt to retrieve certificates from the new server.
"},{"location":"networking/proxies/traefik/#api-access","title":"API Access","text":"Traefik exposes an API and Dashboard, which Dokku disables by default for security reasons. It can be exposed and customized as described below.
"},{"location":"networking/proxies/traefik/#enabling-the-api","title":"Enabling the api","text":"Warning
Users enabling the dashboard should also enable api basic auth.
By default, the api is disabled. To enable, set the api-enabled property with the --global flag:
dokku traefik:set --global api-enabled true\n
After enabling, the Traefik container will need to be restarted.
"},{"location":"networking/proxies/traefik/#enabling-the-dashboard","title":"Enabling the dashboard","text":"Warning
Users enabling the dashboard should also enable api basic auth.
By default, the dashboard is disabled. To enable, set the dashboard-enabled property with the --global flag:
dokku traefik:set --global dashboard-enabled true\n
After enabling, the Traefik container will need to be restarted.
"},{"location":"networking/proxies/traefik/#enabling-api-basic-auth","title":"Enabling api basic auth","text":"Users enabling either the api or dashboard are encouraged to enable basic auth. This will apply only to the api/dashboard, and not to apps. To enable, set the basic-auth-username and basic-auth-password properties with the --global flag:. Both must be set or basic auth will not be enabled.
dokku traefik:set --global basic-auth-username username\ndokku traefik:set --global basic-auth-password password\n
After enabling, the Traefik container will need to be restarted.
"},{"location":"networking/proxies/traefik/#customizing-the-api-hostname","title":"Customizing the api hostname","text":"The hostname used for the api and dashboard is set to traefik.dokku.me by default. It can be customized by setting the api-vhost property with the --global flag:
dokku traefik:set --global api-vhost lb.dokku.me\n
After enabling, the Traefik container will need to be restarted.
"},{"location":"networking/proxies/traefik/#displaying-traefik-reports-for-an-app","title":"Displaying Traefik reports for an app","text":"You can get a report about the app's Traefik config using the traefik:report command:
ShellOutput dokku traefik:report\n
=====> node-js-app traefik information\n Traefik api enabled: false\n Traefik api vhost: traefik.dokku.me\n Traefik basic auth password: password\n Traefik basic auth username: user\n Traefik dashboard enabled: false\n Traefik image: traefik:v2.8\n Traefik letsencrypt email:\n Traefik letsencrypt server:\n Traefik log level: ERROR\n=====> python-app traefik information\n Traefik api enabled: false\n Traefik api vhost: traefik.dokku.me\n Traefik basic auth password: password\n Traefik basic auth username: user\n Traefik dashboard enabled: false\n Traefik image: traefik:v2.8\n Traefik letsencrypt email:\n Traefik letsencrypt server:\n Traefik log level: ERROR\n=====> ruby-app traefik information\n Traefik api enabled: false\n Traefik api vhost: traefik.dokku.me\n Traefik basic auth password: password\n Traefik basic auth username: user\n Traefik dashboard enabled: false\n Traefik image: traefik:v2.8\n Traefik letsencrypt email:\n Traefik letsencrypt server:\n Traefik log level: ERROR\n
You can run the command for a specific app also.
ShellOutput dokku traefik:report node-js-app\n
=====> node-js-app traefik information\n Traefik api enabled: false\n Traefik api vhost: traefik.dokku.me\n Traefik basic auth password: password\n Traefik basic auth username: user\n Traefik dashboard enabled: false\n Traefik image: traefik:v2.8\n Traefik letsencrypt email:\n Traefik letsencrypt server:\n Traefik log level: ERROR\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku traefik:report node-js-app --traefik-api-enabled\n
"},{"location":"processes/entering-containers/","title":"Entering containers","text":"New
Introduced in 0.4.0
enter <app> [<container-type> || --container-id <container-id>] # Connect to a specific app container\n
"},{"location":"processes/entering-containers/#usage","title":"Usage","text":"The enter command can be used to enter a running container. The following variations of the command exist:
# enter the first container\ndokku enter node-js-app\n\n# enter the web process\ndokku enter node-js-app web\n\n# enter the first web process\ndokku enter node-js-app web.1\n\n# enter a process for an app by container ID\ndokku enter node-js-app --container-id ID\n
The container-type argument can be one either:
- If your app has a
Procfile, the name of a process type in your Procfile. - If your app has no
Procfile, the word web.
If the specified process type is scaled up to more than one container, then the first container will be automatically selected. this can be overridden by specifying an integer index denoting the desired container, where the first container's index is 1.
Additionally, the enter command can be executed with no <container-type>. If only a single <container-type> is defined in the app's Procfile, executing enter will drop the terminal into the only running container. This behavior is not supported when specifying a custom command; as described below.
By default, dokku enter will run a /bin/bash, but can also be used to run custom commands:
# just echo hi\ndokku enter node-js-app web echo hi\n\n# run a long-running command, as one might for a cron task\ndokku enter node-js-app web python script/background-worker.py\n
"},{"location":"processes/one-off-tasks/","title":"One-off Tasks","text":"run [-e|--env KEY=VALUE] [--no-tty] <app> <cmd> # Run a command in a new container using the current app image\nrun:detached [-e|-env KEY=VALUE] [--force-tty] <app> <cmd> # Run a command in a new detached container using the current app image\nrun:list [--format json|stdout] [<app>] # List all run containers for an app\nrun:logs <app|--container CONTAINER> [-h] [-t] [-n num] [-q] # Display recent log output for run containers\nrun:stop <app|--container CONTAINER> # Stops all run containers for an app or a specified run container\n
Sometimes it is necessary to run a one-off command under an app. Dokku makes it easy to run a fresh container via the run command.
"},{"location":"processes/one-off-tasks/#usage","title":"Usage","text":""},{"location":"processes/one-off-tasks/#running-a-one-off-command","title":"Running a one-off command","text":"The run command can be used to run a one-off process for a specific command. This will start a new container and run the desired command within that container. The container image will be the same container image as was used to start the currently deployed app.
New
Introduced in 0.25.0, this container will be removed after the process exits.
# runs `ls -lah` in the `/app` directory of the app `node-js-app`\ndokku run node-js-app ls -lah\n\n# optionally, run can be passed custom environment variables\ndokku run --env \"NODE_ENV=development\" --env \"PATH=/custom/path\" node-js-app npm run mytask\n
One off containers are removed at the end of process execution.
"},{"location":"processes/one-off-tasks/#running-procfile-commands","title":"Running Procfile commands","text":"The run command can also be used to run a command defined in the app Procfile:
console: bundle exec racksh\n
# runs `bundle exec racksh` in the `/app` directory of the app `my-app`\ndokku run my-app console\n
"},{"location":"processes/one-off-tasks/#specifying-container-labels","title":"Specifying container labels","text":"Containers may have specific labels attached. In order to avoid issues with dokku internals, do not use any labels beginning with either com.dokku or org.label-schema.
dokku --label=com.example.test-label=value run node-js-app ls -lah\n
"},{"location":"processes/one-off-tasks/#disabling-tty","title":"Disabling TTY","text":"New
Introduced in 0.25.0
One-off containers default to interactive mode where possible. To disable this behavior, specify the --no-tty flag:
dokku run --no-tty node-js-app ls -lah\n
"},{"location":"processes/one-off-tasks/#running-a-detached-container","title":"Running a detached container","text":"New
Introduced in 0.25.0
Finally, a container can be run in \"detached\" mode via the run:detached Dokku command. Running a process in detached mode will immediately return a CONTAINER_ID. Detached containers are run without a tty and are also removed at the end of process execution.
dokku run:detached node-js-app ls -lah\n# returns the ID of the new container\n
To start a detached container with a tty, specify the --force-tty flag. Containers will still exit upon command termination, but can be attached to as long as they are running.
dokku run:detached --force-tty node-js-app bash\n
"},{"location":"processes/one-off-tasks/#displaying-one-off-container-logs","title":"Displaying one-off container logs","text":"You can easily get logs of all one-off containers for an app using the logs command:
dokku run:logs node-js-app\n
Logs are pulled via integration with the scheduler for the specified application via \"live tailing\". As such, logs from previously running deployments are usually not available. Users that desire to see logs from previous deployments for debugging purposes should persist those logs to external services. Please see Dokku's vector integration for more information on how to persist logs across deployments to ship logs to another service or a third-party platform.
"},{"location":"processes/one-off-tasks/#behavioral-modifiers","title":"Behavioral modifiers","text":"Dokku also supports certain command-line arguments that augment the run:log command's behavior.
--container NAME # the name of a specific container to show logs for\n-n, --num NUM # the number of lines to display\n-t, --tail # continually stream logs\n-q, --quiet # display raw logs without colors, time and names\n
You can use these modifiers as follows:
dokku run:logs -t --container node-js-app.run.1234\n
The above command will show logs continually from the node-js-app.run.1234 one-off run process.
"},{"location":"processes/one-off-tasks/#listing-one-off-containers","title":"Listing one-off containers","text":"New
Introduced in 0.25.0
One-off containers for a given app can be listed via the run:list command:
ShellOutput dokku run:list node-js-app\n
=====> node-js-app run containers\nNAMES COMMAND CREATED\nnode-js-app.run.28689 \"/exec sleep 15\" 2 seconds ago\n
Info
The COMMAND displayed will be what Docker executes and may not exactly match the command specified by a dokku run command.
The output can also be shown in json format:
ShellOutput dokku run:list node-js-app --format json\n
[\n {\n \"name\": \"node-js-app.run.28689\",\n \"state\": \"running\",\n \"command\": \"\\\"/exec 'sleep 15'\\\"\",\n \"created_at\": \"2022-08-03 05:47:44 +0000 UTC\"\n }\n]\n
"},{"location":"processes/one-off-tasks/#stopping-a-one-off-container","title":"Stopping a one-off container","text":"New
Introduced in 0.29.0
Run containers for an app can be stopped via the run:stop command. The output will be the container id.
ShellOutput # start a container\n# the output will be something like: node-js-app.run.2313\ndokku run node-js-app sleep 300\n\n# stop the container\ndokku run:stop --container node-js-app.run.2313\n
node-js-app.run.2313\n
All containers for a given app can be stopped by specifying the app name.
ShellOutput dokku run:stop node-js-app\n
node-js-app.run.2313\nnode-js-app.run.574\n
"},{"location":"processes/process-management/","title":"Process Management","text":"New
Introduced in 0.3.14, Enhanced in 0.7.0
ps:inspect <app> # Displays a sanitized version of docker inspect for an app\nps:rebuild [--parallel count] [--all|<app>] # Rebuilds an app from source\nps:report [<app>] [<flag>] # Displays a process report for one or more apps\nps:restart [--parallel count] [--all|<app>] [<process-name>] # Restart an app\nps:restore [<app>] # Start previously running apps e.g. after reboot\nps:scale [--skip-deploy] <app> <proc>=<count> [<proc>=<count>...] # Get/Set how many instances of a given process to run\nps:set <app> <key> <value> # Set or clear a ps property for an app\nps:start [--parallel count] [--all|<app>] # Start an app\nps:stop [--parallel count] [--all|<app>] # Stop an app\n
"},{"location":"processes/process-management/#usage","title":"Usage","text":""},{"location":"processes/process-management/#inspecting-app-containers","title":"Inspecting app containers","text":"New
Introduced in 0.13.0
A common administrative task to perform is calling docker inspect on the containers that are running for an app. This can be an error-prone task to perform, and may also reveal sensitive environment variables if not done correctly. Dokku provides a wrapper around this command via the ps:inspect command:
dokku ps:inspect node-js-app\n
This command will gather all the running container IDs for your app and call docker inspect, sanitizing the output data so it can be copy-pasted elsewhere safely.
"},{"location":"processes/process-management/#rebuilding-apps","title":"Rebuilding apps","text":"It may be useful to rebuild an app at will, such as for commands that do not rebuild an app or when skipping a rebuild after setting multiple config values. For these use cases, the ps:rebuild function can be used.
dokku ps:rebuild node-js-app\n
All apps may be rebuilt by using the --all flag.
dokku ps:rebuild --all\n
By default, rebuilding all apps happens serially. The parallelism may be controlled by the --parallel flag.
dokku ps:rebuild --all --parallel 2\n
Finally, the number of parallel workers may be automatically set to the number of CPUs available by setting the --parallel flag to -1
dokku ps:rebuild --all --parallel -1\n
A missing linked container will result in failure to boot apps. Services should all be started for apps being rebuilt.
"},{"location":"processes/process-management/#restarting-apps","title":"Restarting apps","text":"An app may be restarted using the ps:restart command.
dokku ps:restart node-js-app\n
A single process type - such as web or worker - may also be specified. This does not support specifying a given instance of a process type, and only supports restarting all instances of that process type.
dokku ps:restart node-js-app web\n
All apps may be restarted by using the --all flag. This flag is incompatible with specifying a process type.
dokku ps:restart --all\n
By default, restarting all apps happens serially. The parallelism may be controlled by the --parallel flag.
dokku ps:restart --all --parallel 2\n
Finally, the number of parallel workers may be automatically set to the number of CPUs available by setting the --parallel flag to -1
dokku ps:restart --all --parallel -1\n
A missing linked container will result in failure to boot apps. Services should all be started for apps being rebuilt.
"},{"location":"processes/process-management/#displaying-existing-scale-properties","title":"Displaying existing scale properties","text":"Issuing the ps:scale command with no arguments will output the current scaling properties for an app.
ShellOutput dokku ps:scale node-js-app\n
-----> Scaling for python\nproctype: qty\n--------: ---\nweb: 1\n
"},{"location":"processes/process-management/#defining-processes","title":"Defining Processes","text":""},{"location":"processes/process-management/#procfile","title":"Procfile","text":"Note
Dokku supports the Procfile format as defined in this document under \"Strict Mode\" parsing rules.
Apps can define processes to run by using a Procfile. A Procfile is a simple text file that can be used to specify multiple commands, each of which is subject to process scaling. In the case where the built image sets a default command to run - either through usage of CMD for Dockerfile-based builds, a default process for buildpack-based builds, or any other method for the builder in use - the Procfile will take precedence.
If the file exists, it should not be empty, as doing so may result in a failed deploy.
The syntax for declaring a Procfile is as follows. Note that the format is one process type per line, with no duplicate process types.
<process type>: <command>\n
If, for example, you have multiple queue workers and wish to scale them separately, the following would be a valid way to work around the requirement of not duplicating process types:
worker: env QUEUE=* bundle exec rake resque:work\nimportantworker: env QUEUE=important bundle exec rake resque:work\n
If the app build declares an ENTRYPOINT, the command defined in the Procfile is passed as an argument to that entrypoint. This is the case for all Dockerfile-based, Docker Image, and Cloud Native Buildpack deployments.
The web process type holds some significance in that it is the only process type that is automatically scaled to 1 on the initial application deploy. See the web process scaling documentation for more details around scaling individual processes.
See the Procfile location documentation for more information on where to place your Procfile file.
"},{"location":"processes/process-management/#the-web-process","title":"The web process","text":"For initial app deploys, Dokku will default to starting a single web process for each app. This process may be defined within the Procfile or as the CMD (for Dockerfile or Docker image deploys). Scaling of the web process - and all other processes - may be managed via ps:scale or the formation key in the app.json file either before or after the initial deploy.
There are also a few other exceptions for the web process.
- By default, the built-in nginx proxy implementation only proxies the
web process (others may be handled via a custom nginx.conf.sigil). - See the nginx request proxying documentation for more information on how nginx handles proxied requests.
- Only the
web process may be bound to an external port.
"},{"location":"processes/process-management/#the-release-process","title":"The release process","text":"The Procfile also supports a special release command which acts in a similar way to the Heroku Release Phase. See the Release deployment task documentation for more information on how Dokku handles this process type.
"},{"location":"processes/process-management/#changing-the-procfile-location","title":"Changing the Procfile location","text":"The Procfile is expected to be found in a specific directory, depending on the deploy approach:
- The
WORKDIR of the Docker image for deploys resulting from git:from-image and git:load-image commands. - The root of the source code tree for all other deploys (git push,
git:from-archive, git:sync).
Sometimes it may be desirable to set a different path for a given app, e.g. when deploying from a monorepo. This can be done via the procfile-path property:
dokku ps:set node-js-app procfile-path .dokku/Procfile\n
The value is the path to the desired file relative to the base search directory, and will never be treated as absolute paths in any context. If that file does not exist within the repository, Dokku will continue the build process as if the repository has no Procfile.
The default value may be set by passing an empty value for the option:
dokku ps:set node-js-app procfile-path\n
The procfile-path property can also be set globally. The global default is Procfile, and the global value is used when no app-specific value is set.
dokku ps:set --global procfile-path global-Procfile\n
The default value may be set by passing an empty value for the option.
dokku ps:set --global procfile-path\n
"},{"location":"processes/process-management/#scaling-apps","title":"Scaling apps","text":""},{"location":"processes/process-management/#via-cli","title":"Via CLI","text":"Info
This functionality is disabled if the formation is managed via the formation key of app.json.
Dokku can also manage scaling itself via the ps:scale command. This command can be used to scale multiple process types at the same time.
dokku ps:scale node-js-app web=1\n
Multiple process types can be scaled at once:
dokku ps:scale node-js-app web=1 worker=1\n
If desired, the corresponding deploy will be skipped by using the --skip-deploy flag:
dokku ps:scale --skip-deploy node-js-app web=1\n
"},{"location":"processes/process-management/#manually-managing-process-scaling","title":"Manually managing process scaling","text":"Info
Using a formation key in an app.json file with any quantity specified disables the ability to use ps:scale for scaling. All processes not specified in the app.json will have their process count set to zero.
Users can also configure scaling within the codebase itself to manage process scaling. The formation key should be specified as follows in the app.json file:
{\n \"formation\": {\n \"web\": {\n \"quantity\": 1\n },\n \"worker\": {\n \"quantity\": 4\n }\n }\n}\n
Removing the formation key or removing the app.json file from your repository will result in Dokku respecting the ps:scale command for setting scale values. The values set via the app.json file from a previous deploy will be respected.
See the app.json location documentation for more information on where to place your app.json file.
"},{"location":"processes/process-management/#stopping-apps","title":"Stopping apps","text":"Deployed apps can be stopped using the ps:stop command. This turns off all running containers for an app, and will result in a 502 Bad Gateway response for the default nginx proxy implementation.
dokku ps:stop node-js-app\n
All apps may be stopped by using the --all flag.
dokku ps:stop --all\n
By default, stopping all apps happens serially. The parallelism may be controlled by the --parallel flag.
dokku ps:stop --all --parallel 2\n
Finally, the number of parallel workers may be automatically set to the number of CPUs available by setting the --parallel flag to -1
dokku ps:stop --all --parallel -1\n
"},{"location":"processes/process-management/#starting-apps","title":"Starting apps","text":"All stopped containers can be started using the ps:start command. This is similar to running ps:restart, except no action will be taken if the app containers are running.
dokku ps:start node-js-app\n
All apps may be started by using the --all flag.
dokku ps:start --all\n
By default, starting all apps happens serially. The parallelism may be controlled by the --parallel flag.
dokku ps:start --all --parallel 2\n
Finally, the number of parallel workers may be automatically set to the number of CPUs available by setting the --parallel flag to -1
dokku ps:start --all --parallel -1\n
"},{"location":"processes/process-management/#restart-policies","title":"Restart policies","text":"New
Introduced in 0.7.0, Command Changed in 0.22.0
By default, Dokku will automatically restart containers that exit with a non-zero status up to 10 times via the on-failure Docker restart policy.
"},{"location":"processes/process-management/#setting-the-restart-policy","title":"Setting the restart policy","text":"Info
A change in the restart policy must be followed by a ps:rebuild call.
You can configure this via the ps:set command:
# always restart an exited container\ndokku ps:set node-js-app restart-policy always\n\n# never restart an exited container\ndokku ps:set node-js-app restart-policy no\n\n# only restart it on Docker restart if it was not manually stopped\ndokku ps:set node-js-app restart-policy unless-stopped\n\n# restart only on non-zero exit status\ndokku ps:set node-js-app restart-policy on-failure\n\n# restart only on non-zero exit status up to 20 times\ndokku ps:set node-js-app restart-policy on-failure:20\n
Restart policies have no bearing on server reboot, and Dokku will always attempt to restart your apps at that point unless they were manually stopped.
Dokku also runs dokku-event-listener in the background via the system's init service. This monitors container state, performing the following actions:
- If a web process restarts and it's container IP address changes, the app's proxy configuration will be rebuilt.
- If a process within an app exceeds the restart count, the app will be rebuilt.
"},{"location":"processes/process-management/#displaying-reports-for-an-app","title":"Displaying reports for an app","text":"New
Introduced in 0.12.0
You can get a report about the deployed apps using the ps:report command:
ShellOutput dokku ps:report\n
=====> node-js-app ps information\n Deployed: false\n Processes: 0\n Ps can scale: true\n Ps computed procfile path: Procfile2\n Ps global procfile path: Procfile\n Ps restart policy: on-failure:10\n Ps procfile path: Procfile2\n Restore: true\n Running: false\n=====> python-sample ps information\n Deployed: false\n Processes: 0\n Ps can scale: true\n Ps computed procfile path: Procfile\n Ps global procfile path: Procfile\n Ps restart policy: on-failure:10\n Ps procfile path:\n Restore: true\n Running: false\n=====> ruby-sample ps information\n Deployed: false\n Processes: 0\n Ps can scale: true\n Ps computed procfile path: Procfile\n Ps global procfile path: Procfile\n Ps restart policy: on-failure:10\n Ps procfile path:\n Restore: true\n Running: false\n
You can run the command for a specific app also.
ShellOutput dokku ps:report node-js-app\n
=====> node-js-app ps information\n Deployed: false\n Processes: 0\n Ps can scale: true\n Ps restart policy: on-failure:10\n Restore: true\n Running: false\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku ps:report node-js-app --deployed\n
"},{"location":"processes/process-management/#restoring-apps-after-a-server-reboot","title":"Restoring apps after a server reboot","text":"When a server reboots or Docker is restarted/upgraded, Docker may or may not start old app containers automatically, and may in some cases re-assign container IP addresses. To combat this issue, Dokku uses an init process that triggers dokku ps:restore after the Docker daemon is detected as starting. When triggered, the dokku ps:restore command will serially (one by one) run the following for each:
- Start all linked services.
- Clear generated proxy configuration files.
- Start the app if it has not been manually stopped.
- If the app containers still exist, they will be started and the generated proxy configuration files will be rebuilt.
- If any of the app containers are missing, the entire app will be rebuilt.
During this time, requests may route to the incorrect app if the assigned IPs correspond to those for other apps. While dokku makes all efforts to avoid this, there may be a few minutes where urls may route to the wrong app. To avoid this, either use a custom proxy plugin or wait a few minutes until the restoration process is complete.
"},{"location":"processes/scheduled-cron-tasks/","title":"Scheduled Cron Tasks","text":"New
Introduced in 0.23.0
cron:list <app> [--format json|stdout] # List scheduled cron tasks for an app\ncron:report [<app>] [<flag>] # Display report about an app\ncron:run <app> <cron_id> [--detach] # Run a cron task on the fly\ncron:set [--global|<app>] <key> <value> # Set or clear a cron property for an app\n
"},{"location":"processes/scheduled-cron-tasks/#usage","title":"Usage","text":""},{"location":"processes/scheduled-cron-tasks/#dokku-managed-cron","title":"Dokku Managed Cron","text":"Dokku automates scheduled dokku run commands via it's app.json cron integration.
"},{"location":"processes/scheduled-cron-tasks/#specifying-commands","title":"Specifying commands","text":"The app.json file for a given app can define a special cron key that contains a list of commands to run on given schedules. The following is a simple example app.json that effectively runs the command dokku run $APP npm run send-email once a day:
{\n \"cron\": [\n {\n \"command\": \"npm run send-email\",\n \"schedule\": \"@daily\"\n }\n ]\n}\n
A cron entry takes the following properties:
command: A command to be run within the built app image. Specified commands can also be Procfile entries.schedule: A cron-compatible scheduling definition upon which to run the command. Seconds are generally not supported.
Zero or more cron commands can be specified per app. Cron entries are validated after the build artifact is created but before the app is deployed, and the cron schedule is updated during the post-deploy phase.
See the app.json location documentation for more information on where to place your app.json file.
"},{"location":"processes/scheduled-cron-tasks/#task-environment","title":"Task Environment","text":"When running scheduled cron tasks, there are a few items to be aware of:
- Scheduled cron tasks are performed within the app environment available at runtime. If the app image does not exist, the command may fail to execute.
- Schedules are performed on the hosting server's timezone, which is typically UTC.
- At this time, only the
PATH and SHELL environment variables are specified in the cron template. - A
MAILTO value can be set via the cron:set command.
- Each scheduled task is executed within a one-off
run container, and thus inherit any docker-options specified for run containers. Resources are never shared between scheduled tasks. - Scheduled cron tasks are supported on a per-scheduler basis, and are currently only implemented by the
docker-local scheduler. - Tasks for all apps managed by the
docker-local scheduler are written to a single crontab file owned by the dokku user. The dokku user's crontab should be considered reserved for this purpose.
"},{"location":"processes/scheduled-cron-tasks/#specifying-a-mailto-value","title":"Specifying a MAILTO value","text":"By default, cron tasks complete and do not perform any reporting. Users can specify a value for MAILTO via the global mailto cron property by using the cron:set command.
dokku cron:set --global mailto example@example.com\n
All output for individual cron runs will be sent to the specified email.
Cron emails can be disabled by running the cron:set command for the global mailto property with no value.
dokku cron:set --global mailto\n
"},{"location":"processes/scheduled-cron-tasks/#listing-cron-tasks","title":"Listing Cron tasks","text":"Cron tasks for an app can be listed via the cron:list command. This command takes an app argument.
ShellOutput dokku cron:list node-js-app\n
ID Schedule Command\ncGhwPT09cGhwIHRlc3QucGhwPT09QGRhaWx5 @daily node index.js\ncGhwPT09dHJ1ZT09PSogKiAqICogKg== * * * * * true\n
The output can also be displayed in json format:
ShellOutput dokku cron:list node-js-app --format json\n
[{\"id\":\"cGhwPT09cGhwIHRlc3QucGhwPT09QGRhaWx5\",\"app\":\"node-js-app\",\"command\":\"node index.js\",\"schedule\":\"@daily\"}]\n
"},{"location":"processes/scheduled-cron-tasks/#executing-a-cron-task-on-the-fly","title":"Executing a cron task on the fly","text":"Cron tasks can be invoked via the cron:run command. This command takes an app argument and a cron id (retrievable from cron:list output).
dokku cron:run node-js-app cGhwPT09cGhwIHRlc3QucGhwPT09QGRhaWx5\n
By default, the task is run in an attached container - as supported by the scheduler. To run in a background detached container, specify the --detach flag:
dokku cron:run node-js-app cGhwPT09cGhwIHRlc3QucGhwPT09QGRhaWx5 --detach\n
All one-off cron executions have their containers terminated after invocation.
"},{"location":"processes/scheduled-cron-tasks/#displaying-reports","title":"Displaying reports","text":"You can get a report about the cron configuration for apps using the cron:report command:
ShellOutput dokku cron:report\n
=====> node-js-app cron information\n Cron task count: 2\n=====> python-sample cron information\n Cron task count: 0\n=====> ruby-sample cron information\n Cron task count: 10\n
You can run the command for a specific app also.
ShellOutput dokku cron:report node-js-app\n
=====> node-js-app cron information\n Cron task count: 2\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku cron:report node-js-app --cron-task-count\n
"},{"location":"processes/scheduled-cron-tasks/#self-managed-cron","title":"Self Managed Cron","text":"Warning
Self-managed cron tasks should be considered advanced usage. While the instructions are available, users are highly encouraged to use the built-in scheduled cron task support unless absolutely necessary.
Some installations may require more fine-grained control over cron usage. The following are advanced instructions for configuring cron.
"},{"location":"processes/scheduled-cron-tasks/#using-run-for-cron-tasks","title":"Using run for cron tasks","text":"You can always use a one-off container to run an app task:
dokku run node-js-app some-command\n
For tasks that should not be interrupted, run is the preferred method of handling cron tasks, as the container will continue running even during a deploy or scaling event. The trade-off is that there will be an increase in memory usage if there are multiple concurrent tasks running.
"},{"location":"processes/scheduled-cron-tasks/#using-enter-for-cron-tasks","title":"Using enter for cron tasks","text":"Your Procfile can have the following entry:
cron: sleep infinity\n
With the cron process scaled to 1:
dokku ps:scale node-js-app cron=1\n
You can now run all your commands in that container:
dokku enter node-js-app cron some-command\n
Note that you can also run multiple commands at the same time to reduce memory usage, though that may result in polluting the container environment.
For tasks that will properly resume, you should use the above method, as running tasks will be interrupted during deploys and scaling events, and subsequent commands will always run with the latest container. Note that if you scale the cron container down, this may interrupt proper running of the task.
"},{"location":"processes/scheduled-cron-tasks/#general-cron-recommendations","title":"General cron recommendations","text":"Regularly scheduled tasks can be a bit of a pain with Dokku. The following are general recommendations to follow to help ensure successful task runs.
- Use the
dokku user in your cron entry. - If you do not, the
dokku binary will attempt to execute with sudo, and your cron run with fail with sudo: no tty present and no askpass program specified.
- Add a
MAILTO environment variable to ship cron emails to yourself. - Add a
PATH environment variable or specify the full path to binaries on the host. - Add a
SHELL environment variable to specify Bash when running commands. - Keep your cron tasks in time-sorted order.
- Keep your server time in UTC so you don't need to translate daylight savings time when reading the cronfile.
- Run tasks at the lowest traffic times if possible.
- Use cron to trigger jobs, not run them. Use a real queuing system such as rabbitmq to actually process jobs.
- Try to keep tasks quiet so that mails only send on errors.
- Do not silence standard error or standard out. If you silence the former, you will miss failures. Silencing the latter means you should actually make app changes to handle log levels.
- Use a service such as Dead Man's Snitch to verify that cron tasks completed successfully.
- Add lots of comments to your cronfile, including what a task is doing, so that you don't spend time deciphering the file later.
- Place your cronfiles in a pattern such as
/etc/cron.d/APP. - Do not use non-ASCII characters in your cronfile names. cron is finicky.
- Remember to have trailing newlines in your cronfile! cron is finicky.
The following is a sample cronfile that you can use for your apps:
# server cron jobs\nMAILTO=\"mail@dokku.me\"\nPATH=/usr/local/bin:/usr/bin:/bin\nSHELL=/bin/bash\n\n# m h dom mon dow username command\n# * * * * * dokku command to be executed\n# - - - - -\n# | | | | |\n# | | | | +----- day of week (0 - 6) (Sunday=0)\n# | | | +------- month (1 - 12)\n# | | +--------- day of month (1 - 31)\n# | +----------- hour (0 - 23)\n# +----------- min (0 - 59)\n\n### HIGH TRAFFIC TIME IS B/W 00:00 - 04:00 AND 14:00 - 23:59\n### RUN YOUR TASKS FROM 04:00 - 14:00\n### KEEP SORTED IN TIME ORDER\n\n### PLACE ALL CRON TASKS BELOW\n\n# removes unresponsive users from the subscriber list to decrease bounce rates\n0 0 * * * dokku dokku run node-js-app some-command\n\n# sends out our email alerts to users\n0 1 * * * dokku dokku ps:scale node-js-app cron=1 && dokku enter node-js-app cron some-other-command && dokku ps:scale node-js-app cron=0\n\n### PLACE ALL CRON TASKS ABOVE, DO NOT REMOVE THE WHITESPACE AFTER THIS LINE\n
"}]}
\ No newline at end of file
+{"config":{"lang":["en"],"separator":"[\\s\\-]+","pipeline":["stopWordFilter"]},"docs":[{"location":"advanced-usage/backup-recovery/","title":"Backup and Recovery","text":"Info
The backup plugin was deprecated in 0.4.x, below are backup recommendations for 0.5.x and later.
The best plan for disaster recovery is to always keep multiple (remote) copies of your local repo, static assets and periodic database dumps. Backups should be regularly tested for data integrity and completeness.
"},{"location":"advanced-usage/backup-recovery/#tldr","title":"TLDR","text":"Warning
This method has many caveats. Please read this entire document before assuming these backups work as expected, and test your backups on a regular basis.
"},{"location":"advanced-usage/backup-recovery/#creating-a-backup","title":"Creating a backup","text":"To create a backup, run the following command at a time when not executing any Dokku commands or app deployments:
export BACKUP_TIME=$(date +%Y-%m-%d-%H-%M)\nsudo mkdir -p /var/lib/dokku/services\nsudo chown dokku:dokku /var/lib/dokku/services\nmkdir -p /tmp/dokku-backups/\nsudo tar -czvf \"/tmp/dokku-backups/${BACKUP_TIME}.tar.gz\" /home/dokku /var/lib/dokku/config /var/lib/dokku/data /var/lib/dokku/services /var/lib/dokku/plugins\n
This will create a point-in-time backup of your entire Dokku installation in the /tmp/dokku-backups directory. This backup may be moved offsite to another location via rsync, sftp, or some other protocol.
It is recommended that backups are regularly cleaned from the originating server and tested as necessary.
"},{"location":"advanced-usage/backup-recovery/#restoring-a-backup","title":"Restoring a backup","text":"To extract the backup onto another server, copy the backup to the server and extract it using the following command.
sudo tar -xzvf path/to/dokku/backup.tar.gz -C /\n
At this point, all datastores should be individually started and checked for data integrity. Once this is complete, individual apps can be rebuilt. Please consult the process management documentation for more information on how to rebuild apps.
"},{"location":"advanced-usage/backup-recovery/#caveats","title":"Caveats","text":""},{"location":"advanced-usage/backup-recovery/#app-config","title":"App config","text":"Application config is largely held in a small number of places:
/var/lib/dokku/config: Properties set and managed by plugins/var/lib/dokku/data: Files generated or extracted by various plugins/home/dokku: Certain parts of Dokku core store data in this location
Compressing these directories when no Dokku commands are running is enough to ensure a complete backup of the system.
"},{"location":"advanced-usage/backup-recovery/#code-repositories","title":"Code Repositories","text":"Because Dokku is git based, rebuilding a deployed app is as easy as pushing from git. You can push to a new server by updating the dokku remote in you local app's repo.
git remote rm dokku\ngit remote add dokku dokku@[dokku.me:dokku.me]\ngit push dokku [master]\n
"},{"location":"advanced-usage/backup-recovery/#docker-networks","title":"Docker Networks","text":"Docker networks generated by Dokku should be recreated. Running dokku network:report will output all networks in use by various apps, which can then be used to recreate them via dokku network:create $NETWORK.
Networks created by tools other than Dokku may be created as they initially were.
"},{"location":"advanced-usage/backup-recovery/#docker-image-and-tar-based-apps","title":"Docker Image and Tar-based Apps","text":"These apps may fail to rebuild via the normal ps:rebuild method. Redeploy these apps by running the original commands used to deploy them
"},{"location":"advanced-usage/backup-recovery/#datastores","title":"Datastores","text":"Info
Please note that point-in-time backups of the /var/lib/dokku/services directory may contain partially written data due to how various datastores work. Consult the official datastore documentation for the best documentation surrounding proper backup and restore procedures.
Some plugins, like the official dokku-postgres plugin, have built-in commands that allow non-volatile data be exported and imported.
For dokku-postgres, use:
dokku postgres:export [db_name] > [db_name].dump\ndokku postgres:import [db_name] < [db_name].dump\n
Additionally, data for official datastores is located in the /var/lib/dokku/services directory. If the directory is restored and the plugin is available, a dokku $SERVICE:start may be enough to restart the service with the underlying data, so long as the datastore version does not change and the underlying data is not corrupt. If this is the case, it may be necessary to re-import all the data onto a fresh version of the datastore service.
"},{"location":"advanced-usage/backup-recovery/#plugins","title":"Plugins","text":"The plugin directory is contained at the /var/lib/dokku/plugins directory. Core plugins will automatically be included in new installs, but custom plugins may not. The aforementioned tar creation command will back all plugins up, and the tar extract command will restore the plugins.
Note that restoring a plugin will not trigger any install or dependencies triggers. You will need to run these manually. See the plugin management documentation for more information on how to trigger these two hooks.
"},{"location":"advanced-usage/backup-recovery/#volumes-and-static-assets","title":"Volumes and Static Assets","text":"Dokku doesn't enforce a 300mb limit on apps, but it's best practice to keep binary assets outside of git. Since containers are considered volatile in Dokku, external stores like s3 or storage mounts should be used for non-volatile items like user uploads. The Dokku storage core plugin can be used to mount local directories / volumes inside the docker container.
System administrators are highly encouraged to store persistent data in app-specific subdirectories of the path /var/lib/dokku/data/storage. This will help ensure restores of the aforementioned primary Dokku directories will restore service to all apps.
See the persistent storage documentation for more information on how to attach persistent storage to your app.
"},{"location":"advanced-usage/backup-recovery/#recovering-app-code","title":"Recovering app code","text":"In case of an emergency when your git repo and backups are completely lost, you can recover the last pushed copy from your remote Dokku server (assuming you still have the ssh key).
mkdir [app-name] ; cd !$\ngit init && git remote add dokku dokku@[dokku.me:app-name]\ngit pull dokku/master && git checkout dokku/master\n
"},{"location":"advanced-usage/deployment-tasks/","title":"Deployment Tasks","text":"New
Introduced in 0.5.0
"},{"location":"advanced-usage/deployment-tasks/#usage","title":"Usage","text":""},{"location":"advanced-usage/deployment-tasks/#overview","title":"Overview","text":"Sometimes you need to run a command on deployment time, but before an app is completely deployed. Common use cases include:
- Checking a database is initialized
- Running database migrations
- Any commands required to set up the server (e.g. something like a Django
collectstatic)
To support this, Dokku provides support for a special release command within your app's Procfile, as well as a special scripts.dokku key inside of your app's app.json file. Be aware that all commands are run within the context of the built docker image - no commands affect the host unless there are volume mounts attached to your app.
Each \"phase\" has different expectations and limitations:
app.json: scripts.dokku.predeploy - When to use: This should be used if your app does not support arbitrary build commands and you need to make changes to the built image.
- Are changes committed to the image at this phase: Yes
- Example use-cases
- Bundling assets in a slightly different way
- Installing a custom package from source or copying a binary into place
app.json: scripts.dokku.postdeploy - When to use: This should be used in conjunction with external systems to signal the completion of your deploy.
- Are changes committed to the image at this phase: No
- Example use-cases
- Notifying slack that your app is deployed
- Coordinating traffic routing with a central load balancer
app.json: scripts.postdeploy - When to use: This should be used when you wish to run a command once, after the app is created and not on subsequent deploys to the app.
- Are changes committed to the image at this phase: No
- Example use-cases
- Setting up OAuth clients and DNS
- Loading seed/test data into the app\u2019s test database
Procfile: release - When to use: This should be used in conjunction with external systems to signal the completion of your app image build.
- Are changes committed to the image at this phase: No
- Example use-cases
- Sending CSS, JS, and other assets from your app\u2019s slug to a CDN or S3 bucket
- Priming or invalidating cache stores
- Running database migrations
Additionally, if using a Dockerfile with an ENTRYPOINT, the deployment task is passed to that entrypoint as is. The exceptions are if the entrypoint is one of the following:
[\"/tini\", \"--\"][\"/bin/tini\", \"--\"][\"/usr/bin/tini\", \"--\"][\"/usr/local/bin/tini\", \"--\"]
Please keep the above in mind when utilizing deployment tasks.
Info
To execute commands on the host during a release phase, see the plugin creation documentation docs for more information on building your own custom plugin.
"},{"location":"advanced-usage/deployment-tasks/#changing-the-appjson-location","title":"Changing the app.json location","text":"The app.json is expected to be found in a specific directory, depending on the deploy approach:
- The
WORKDIR of the Docker image for deploys resulting from git:from-image and git:load-image commands. - The root of the source code tree for all other deploys (git push,
git:from-archive, git:sync).
Sometimes it may be desirable to set a different path for a given app, e.g. when deploying from a monorepo. This can be done via the appjson-path property:
dokku app-json:set node-js-app appjson-path .dokku/app.json\n
The value is the path to the desired file relative to the base search directory, and will never be treated as absolute paths in any context. If that file does not exist within the repository, Dokku will continue the build process as if the repository has no app.json.
The default value may be set by passing an empty value for the option:
dokku app-json:set node-js-app appjson-path\n
The appjson-path property can also be set globally. The global default is app.json, and the global value is used when no app-specific value is set.
dokku app-json:set --global appjson-path global-app.json\n
The default value may be set by passing an empty value for the option.
dokku app-json:set --global appjson-path\n
"},{"location":"advanced-usage/deployment-tasks/#displaying-app-json-reports-for-an-app","title":"Displaying app-json reports for an app","text":"New
Introduced in 0.25.0
You can get a report about the app's storage status using the app-json:report command:
ShellOutput dokku app-json:report\n
=====> node-js-app app-json information\n App-json computed appjson path: app2.json\n App-json global appjson path: app.json\n App-json appjson path: app2.json\n=====> python-sample app-json information\n App-json computed appjson path: app.json\n App-json global appjson path: app.json\n App-json appjson path:\n=====> ruby-sample app-json information\n App-json computed appjson path: app.json\n App-json global appjson path: app.json\n App-json appjson path:\n
You can run the command for a specific app also.
ShellOutput dokku app-json:report node-js-app\n
=====> node-js-app app-json information\n App-json computed appjson path: app2.json\n App-json global appjson path: app.json\n App-json appjson path: app2.json\n
You can pass flags which will output only the value of the specific information you want. For example:
ShellOutput dokku app-json:report node-js-app --app-json-appjson-path\n
app2.json\n
"},{"location":"advanced-usage/deployment-tasks/#deployment-tasks_1","title":"Deployment tasks","text":""},{"location":"advanced-usage/deployment-tasks/#appjson-deployment-tasks","title":"app.json deployment tasks","text":"Dokku provides limited support for the app.json manifest from Heroku (documentation available here). The keys available for use with Deployment Tasks are:
scripts.dokku.predeploy: This is run after an app's docker image is built, but before any containers are scheduled. Changes made to your image are committed at this phase.scripts.dokku.postdeploy: This is run after an app's containers are scheduled. Changes made to your image are not committed at this phase.scripts.postdeploy: This is run after an app's containers are scheduled. Changes made to your image are not committed at this phase.
Warning
Any failed app.json deployment task will fail the deploy. In the case of either phase, a failure will not affect any running containers.
The following is an example app.json file. Please note that only the scripts.dokku.predeploy and scripts.dokku.postdeploy tasks are supported by Dokku at this time. All other fields will be ignored and can be omitted.
{\n \"scripts\": {\n \"dokku\": {\n \"predeploy\": \"touch /app/predeploy.test\",\n \"postdeploy\": \"curl https://some.external.api.service.com/deployment?state=success\"\n },\n \"postdeploy\": \"curl https://some.external.api.service.com/created?state=success\"\n }\n}\n
"},{"location":"advanced-usage/deployment-tasks/#procfile-release-command","title":"Procfile Release command","text":"New
Introduced in 0.14.0
The Procfile also supports a special release command which acts in a similar way to the Heroku Release Phase. This command is executed after an app's docker image is built, but before any containers are scheduled. This is also run after any command executed by scripts.dokku.predeploy.
To use the release command, simply add a release stanza to your Procfile.
release: curl https://some.external.api.service.com/deployment?state=built\n
Unlike the scripts.dokku.predeploy command, changes made during by the release command are not persisted to disk.
Warning
scaling the release command up will likely result in unspecified issues within your deployment, and is highly discouraged.
"},{"location":"advanced-usage/docker-options/","title":"Docker Container Options","text":"New
Introduced in 0.3.17
docker-options:add <app> <phase(s)> OPTION # Add Docker option to app for phase (comma-separated phase list)\ndocker-options:clear <app> [<phase(s)>...] # Clear a docker options from app\ndocker-options:remove <app> <phase(s)> OPTION # Remove Docker option from app for phase (comma-separated phase list)\ndocker-options:report [<app>] [<flag>] # Displays a docker options report for one or more apps\n
The docker-options plugin allows users to specify custom container options for containers created by Dokku at various phases.
"},{"location":"advanced-usage/docker-options/#usage","title":"Usage","text":""},{"location":"advanced-usage/docker-options/#background","title":"Background","text":""},{"location":"advanced-usage/docker-options/#phases","title":"Phases","text":"Dokku deploys your app in multiple \"phases\" and the docker-options plugin allows you to pass arguments to their underlying docker container:
build: The build phase is used to provide container options that are available during the build process for use by the various builders. - A given builder may strip out or ignore options that are unsupported by the builder in question - as an example, the
dockerfile builder does not support mounted volumes.
deploy: The deploy phase is used to provide container options that are set on deployed process types. This covers every process type specified in an app Procfile as well as any default processes your app may deploy. - The
deploy phase is usually the correct phase to add options for
run: The run phase is used to provide container options to one-off containers created by dokku run, dokku run:detached, and any cron tasks specified in your app.json.
Info
[!IMPORTANT] The run phase does not correspond 1-to-1 to docker run or docker container run commands. Specifying a container option at the run phase will only be invoked on containers created by the run plugin and cron tasks. Please be sure to specify options at the correct phase for your use-case.
Adding or removing docker-options will not apply to any running containers, and only applies to containers created after the options have been modified. As such, changing an app's docker options must be followed by a dokku ps:rebuild or a deploy in order to take effect.
"},{"location":"advanced-usage/docker-options/#supported-docker-options","title":"Supported Docker Options","text":"More information on supported Docker options can be found here.
Container options configured via the docker-options plugin are not used to modify the process a container runs. Container options are the [OPTIONS] portion of the following, where [CONTAINER_COMMAND] and [ARG] are the process and the arguments passed to it that are launched in the created container: docker run [OPTIONS] [CONTAINER_COMMAND] [ARG...]. Please see the documentation for customizing the run command or use a Procfile to modify the command used by a Dockerfile-based container.
"},{"location":"advanced-usage/docker-options/#mounting-volumes-and-host-directories","title":"Mounting volumes and host directories","text":"Docker supports volume and host directory mounting via the -v or --volume flags. In order to simplify usage, Dokku provides a storage plugin as an abstraction to interact with persistent storage. In most cases, the Dokku project recommends using the persistent storage plugin over directly manipulating docker options at different phases. See the persistent storage documentation for more information on how to attach persistent storage to your app.
"},{"location":"advanced-usage/docker-options/#commands","title":"Commands","text":""},{"location":"advanced-usage/docker-options/#add-docker-options","title":"Add Docker options","text":"To add a docker option to an app, use the docker-options:add command. This takes an app name, a comma-separated list of phases, and the docker-option to add.
dokku docker-options:add node-js-app deploy \"--ulimit nofile=12\"\n
Multiple phases can be specified by using a comma when specifying phases:
dokku docker-options:add node-js-app deploy,run \"--ulimit nofile=12\"\n
The docker-options:add does not support setting multiple options in a single call. To specify multiple options, call docker-options:add multiple times.
dokku docker-options:add node-js-app deploy \"--ulimit nofile=12\"\ndokku docker-options:add node-js-app deploy \"--shm-size 256m\"\n
"},{"location":"advanced-usage/docker-options/#remove-a-docker-option","title":"Remove a Docker option","text":"To remove docker options from an app, use the docker-options:remove command. This takes an app name, a comma-separated list of phases, and the docker-option to remove.
dokku docker-options:remove node-js-app run \"\"--ulimit nofile=12\"\n
Multiple phases can be specified by using a comma when specifying phases:
dokku docker-options:remove node-js-app deploy,run \"--ulimit nofile=12\"\n
The docker-options:remove does not support setting multiple options in a single call. To specify multiple options, call docker-options:remove multiple times.
dokku docker-options:remove node-js-app deploy \"--ulimit nofile=12\"\ndokku docker-options:remove node-js-app deploy \"--shm-size 256m\"\n
"},{"location":"advanced-usage/docker-options/#clear-all-docker-options-for-an-app","title":"Clear all Docker options for an app","text":"Docker options can be removed for a specific app using the docker-options:clear command.
ShellOutput dokku docker-options:clear node-js-app\n
-----> Clearing docker-options for node-js-app on all phases\n
One or more valid phases can also be specified. Phases are comma delimited, and specifying an invalid phase will result in an error.
ShellOutputShellOutput dokku docker-options:clear node-js-app run\n
-----> Clearing docker-options for node-js-app on phase run\n
dokku docker-options:clear node-js-app build,run\n
-----> Clearing docker-options for node-js-app on phase build\n-----> Clearing docker-options for node-js-app on phase run\n
"},{"location":"advanced-usage/docker-options/#displaying-docker-options-reports-for-an-app","title":"Displaying docker-options reports for an app","text":"New
Introduced in 0.8.1
You can get a report about the app's docker-options status using the docker-options:report command:
ShellOutput dokku docker-options:report\n
=====> node-js-app docker options information\n Docker options build:\n Docker options deploy: --ulimit nofile=12 --shm-size 256m\n Docker options run: --ulimit nofile=12 --shm-size 256m\n=====> python-sample docker options information\n Docker options build:\n Docker options deploy:\n Docker options run:\n=====> ruby-sample docker options information\n Docker options build:\n Docker options deploy:\n Docker options run:\n
You can run the command for a specific app also.
ShellOutput dokku docker-options:report node-js-app\n
=====> node-js-app docker options information\n Docker options build:\n Docker options deploy: -v /var/log/node-js-app:/app/logs\n Docker options run: -v /var/log/node-js-app:/app/logs\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku docker-options:report node-js-app --docker-options-build\n
"},{"location":"advanced-usage/event-logs/","title":"Dokku Event Logs","text":"New
Introduced in 0.3.21
Docker provides an events command to show system's real time events. Likewise, Dokku can record events as syslog entries and also provides a plugin to display the last ones.
events [-t] # Show the last events (-t follows)\nevents:list # List logged events\nevents:on # Enable events logger\nevents:off # Disable events logger\n
"},{"location":"advanced-usage/event-logs/#usage","title":"Usage","text":"Enable the plugin:
ShellOutput dokku events:on\n
Enabling dokku events logger\n
Dokku will then write log entries to /var/log/syslog as well as a Dokku-specific logs sub-directory /var/log/dokku/events.log, which can be easily displayed with the command dokku events:
ShellOutput dokku events\n
Jul 3 16:09:48 dokku.me dokku[127630]: INVOKED: pre-release-buildpack( pythonapp )\nJul 3 16:10:02 dokku.me dokku[128095]: INVOKED: docker-args-run( rubyapp )\nJul 3 16:10:02 dokku.me dokku[128114]: INVOKED: docker-args-run( nhl )\nJul 3 16:10:03 dokku.me dokku[128195]: INVOKED: pre-deploy( pythonapp )\nJul 3 16:10:23 dokku.me dokku[129253]: INVOKED: docker-args-deploy( pythonapp )\nJul 3 16:10:24 dokku.me dokku[129451]: INVOKED: check-deploy( pythonapp 6274ced0d4be11af4490cd18abaf77cdd593f025133f403d984e80d86a39acec web 5000 10.0.16.80 )\nJul 3 16:10:35 dokku.me dokku[129561]: INVOKED: docker-args-deploy( pythonapp )\nJul 3 16:10:36 dokku.me dokku[129760]: INVOKED: check-deploy( pythonapp ac88a56ee4161ff37e4b92d1498c3eadc91f0aa7c8b81b44fc077e2a51d54cc0 worker )\nJul 3 16:10:46 dokku.me dokku[129851]: INVOKED: post-deploy( pythonapp )\nJul 3 16:10:46 dokku.me dokku[129945]: INVOKED: nginx-pre-reload( pythonapp )\nJul 3 16:15:02 dokku.me dokku[130397]: INVOKED: docker-args-run( goapp )\nJul 3 16:21:02 dokku.me dokku[130796]: INVOKED: docker-args-run( rubyapp )\nJul 3 16:30:02 dokku.me dokku[131384]: INVOKED: docker-args-run( rubyapp )\n
You can list all events that are currently being recorded via dokku events:list:
ShellOutput dokku events:list\n
=====> Events currently logged\ncheck-deploy\ndependencies\ndocker-args-build\ndocker-args-deploy\ndocker-args-run\ngit-post-pull\ngit-pre-pull\nnginx-hostname\nnginx-pre-reload\npost-build-buildpack\npost-build-dockerfile\npost-delete\npost-deploy\npost-domains-update\npre-build-buildpack\npre-build-dockerfile\npre-delete\npre-deploy\npre-release-buildpack\npre-release-dockerfile\nreceive-app\nupdate\n
"},{"location":"advanced-usage/persistent-storage/","title":"Persistent Storage","text":"New
Introduced in 0.5.0
The preferred method to mount external containers to a Dokku managed container, is to use the Dokku storage plugin.
storage:ensure-directory [--chown option] <directory> # Creates a persistent storage directory in the recommended storage path\nstorage:list <app> [--format text|json] # List bind mounts for app's container(s) (host:container)\nstorage:mount <app> <host-dir:container-dir> # Create a new bind mount\nstorage:report [<app>] [<flag>] # Displays a checks report for one or more apps\nstorage:unmount <app> <host-dir:container-dir> # Remove an existing bind mount\n
Info
The storage plugin is compatible with storage mounts created with the docker-options. The storage plugin will only list mounts from the deploy/run phase.
The storage plugin supports the following mount points:
- explicit paths that exist on the host
- docker volumes
"},{"location":"advanced-usage/persistent-storage/#usage","title":"Usage","text":""},{"location":"advanced-usage/persistent-storage/#listing-persistent-storage","title":"Listing persistent storage","text":"Persistent storage bind mounts are specified on a per-app basis, and can be listed with the storage:list command:
ShellOutput dokku storage:list node-js-app\n
-----> node-js-app volume bind-mounts:\n /var/lib/dokku/data/storage/node-js-app:/app/storage\n
The output format can also be set to json for programmatic access:
ShellOutput dokku storage:list node-js-app --format json\n
[\n {\n \"host_path\": \"/var/lib/dokku/data/storage/node-js-app\",\n \"container_path\": \"/app/storage\",\n \"volume_options\": \"\"\n }\n]\n
"},{"location":"advanced-usage/persistent-storage/#creating-storage-directories","title":"Creating storage directories","text":"New
Introduced in 0.25.5
A storage directory can be created with the storage:ensure-directory command. This command will create a subdirectory in the recommended /var/lib/dokku/data/storage path - created during Dokku installation - and prepare it for use with an app.
ShellOutput dokku storage:ensure-directory node-js-app\n
-----> Ensuring /var/lib/dokku/data/storage/node-js-app exists\n Setting directory ownership to 32767:32767\n Directory ready for mounting\n
By default, permissions are set for usage with Herokuish buildpacks. These permissions can be changed via the --chown option according to the following table:
--chown herokuish (default): Use 32767:32767 as the folder permissions. - This is used for apps deployed with Buildpacks via Herokuish.
--chown heroku: Use 1000:1000 as the folder permissions. - This is used for apps deployed with Cloud Native Buildpacks using the
heroku/builder builder.
--chown packeto: Use 2000:2000 as the folder permissions. - This is used for apps deployed with Cloud Native Buildpacks using the
cloudfoundry/cnb or packeto builders.
--chown root: Use 0:0 as the folder permissions. - This is used for containers that run their processes as root, as is typical for most Dockerfile or Docker image deploys.
--chown false: Skips the chown call.
Users deploying via Dockerfile will want to specify --chown false and manually chown the created directory if the user and/or group id of the runnning process in the deployed container do not correspond to any of the above options.
Warning
Failing to set the correct directory ownership may result in issues in persisting files written to the mounted storage directory.
"},{"location":"advanced-usage/persistent-storage/#mounting-storage-into-apps","title":"Mounting storage into apps","text":"Dokku supports mounting both explicit host paths as well as docker volumes via the storage:mount command. This takes two arguments, an app name and a host-path:container-path or docker-volume:container-path combination.
# mount the directory into your container's /app/storage directory, relative to the container root (/)\n# explicit host paths _must_ exist prior to usage.\ndokku storage:mount node-js-app /var/lib/dokku/data/storage/node-js-app:/app/storage\n\n# mount the docker volume into your container's /app/storage directory, relative to the container root (/)\n# docker volumes _must_ exist prior to usage.\ndokku storage:mount node-js-app some-docker-volume:/app/storage\n
In the first example, Dokku will then mount the shared contents of /var/lib/dokku/data/storage/node-js-app to /app/storage inside the container. The mount point is not relative to your app's working directory, and is instead relative to the root (/) of the container. Mounts are only available for containers created via run and by the deploy process, and not during the build process. In addition, the host path is never auto-created by either Dokku or Docker, and should be an explicit path, not one relative to the current working directory.
Info
If the /storage path within the container had pre-existing content, the container files will be over-written. This may be an issue for users that create assets at build time but then mount a directory at the same place during runtime. Files are not merged.
Once persistent storage is mounted, the app requires a restart. See the process scaling documentation for more information.
dokku ps:restart app-name\n
"},{"location":"advanced-usage/persistent-storage/#unmounting-storage","title":"Unmounting storage","text":"If an app no longer requires a mounted volume or directory, the storage:unmount command can be called. This takes the same arguments as the storage:mount command, an app name and a host-path:container-path or docker-volume:container-path combination.
# unmount the directory from your container's /app/storage directory, relative to the container root (/)\ndokku storage:unmount node-js-app /var/lib/dokku/data/storage/node-js-app:/app/storage\n\n# unmount the docker volume from your container's /app/storage directory, relative to the container root (/)\ndokku storage:unmount node-js-app some-docker-volume:/app/storage\n
Once persistent storage is unmounted, the app requires a restart. See the process scaling documentation for more information.
dokku ps:restart app-name\n
"},{"location":"advanced-usage/persistent-storage/#displaying-storage-reports-for-an-app","title":"Displaying storage reports for an app","text":"New
Introduced in 0.8.1
You can get a report about the app's storage status using the storage:report command:
ShellOutput dokku storage:report\n
=====> node-js-app storage information\n Storage build mounts:\n Storage deploy mounts: -v /var/lib/dokku/data/storage/node-js-app:/app/storage\n Storage run mounts: -v /var/lib/dokku/data/storage/node-js-app:/app/storage\n=====> python-sample storage information\n Storage build mounts:\n Storage deploy mounts:\n Storage run mounts:\n=====> ruby-sample storage information\n Storage build mounts:\n Storage deploy mounts:\n Storage run mounts:\n
You can run the command for a specific app also.
ShellOutput dokku storage:report node-js-app\n
=====> node-js-app storage information\n Storage build mounts:\n Storage deploy mounts: -v /var/lib/dokku/data/storage/node-js-app:/app/storage\n Storage run mounts: -v /var/lib/dokku/data/storage/node-js-app:/app/storage\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku storage:report node-js-app --storage-deploy-mounts\n
"},{"location":"advanced-usage/persistent-storage/#use-cases","title":"Use Cases","text":""},{"location":"advanced-usage/persistent-storage/#sharing-storage-across-deploys","title":"Sharing storage across deploys","text":"Dokku is powered by Docker containers, which recommends in their best practices that containers be treated as ephemeral. In order to manage persistent storage for web apps, like user uploads or large binary assets like images, a directory outside the container should be mounted.
"},{"location":"advanced-usage/persistent-storage/#shared-storage-between-containers","title":"Shared storage between containers","text":"When scaling your app, you may require a common location to access shared assets between containers, a storage mount can be used in this situation.
"},{"location":"advanced-usage/persistent-storage/#shared-storage-across-environments","title":"Shared storage across environments","text":"Your app may be used in a cluster that requires containers or resources not running on the same host access your data. Mounting a shared file service (like S3FS or EFS) inside your container will give you great flexibility.
"},{"location":"advanced-usage/persistent-storage/#backing-up","title":"Backing up","text":"Your app may have services that are running in memory and need to be backed up locally (like a key store). Mount a non ephemeral storage mount will allow backups that are not lost when the app is shut down.
"},{"location":"advanced-usage/persistent-storage/#build-phase","title":"Build phase","text":"By default, Dokku will only bind storage mounts during the deploy and run phases. Under certain conditions, one might want to bind a storage mount during the build phase. This can be accomplished by using the docker-options plugin directly.
dokku docker-options:add node-js-app build \"-v /tmp/python-test:/opt/test\"\n
You cannot use mounted volumes during the build phase of a Dockerfile deploy. This is because Docker does not support volumes when executing docker build.
Warning
This can cause data loss if you bind a mount under /app in buildpack apps as herokuish will attempt to remove the original app path during the build phase.
"},{"location":"advanced-usage/persistent-storage/#app-user-and-persistent-storage-file-ownership-buildpack-apps-only","title":"App User and Persistent Storage file ownership (buildpack apps only)","text":"New
Introduced in 0.7.1
By default, Dokku will execute your buildpack app processes as the herokuishuser user. You may override this by setting the DOKKU_APP_USER config variable.
Note
this user must exist in your herokuish image.
Additionally, the default docker-local scheduler that comes with Dokku will ensure your storage mounts are owned by either herokuishuser or the overridden value you have set in DOKKU_APP_USER. See the docker-local scheduler documentation docs for more information.
"},{"location":"advanced-usage/plugin-management/","title":"Plugin Management","text":"New
Introduced in 0.4.0
plugin:disable <name> # Disable an installed plugin (third-party only)\nplugin:enable <name> # Enable a previously disabled plugin\nplugin:install [--core|--git-url] [--committish branch|commit|tag] [--name custom-plugin-name] # Optionally download git-url (and pin to the specified branch/commit/tag) & run install trigger for active plugins (or only core ones)\nplugin:installed <name> # Checks if a plugin is installed\nplugin:install-dependencies [--core] # Run install-dependencies trigger for active plugins (or only core ones)\nplugin:list # Print active plugins\nplugin:trigger <args...>. # Trigger an arbitrary plugin hook\nplugin:uninstall <name> # Uninstall a plugin (third-party only)\nplugin:update [name [branch|commit|tag]] # Optionally update named plugin from git (and pin to the specified branch/commit/tag) & run update trigger for active plugins\n
# for 0.3.x\ncd /var/lib/dokku/plugins\ngit clone <git url>\ndokku plugins-install\n
Info
These commands require root permissions as the install and install-dependencies plugin triggers may utilize commands such as apt-get. For non-core plugins, please inspect those plugins before running the following command as root user.
"},{"location":"advanced-usage/plugin-management/#usage","title":"Usage","text":""},{"location":"advanced-usage/plugin-management/#listing-plugins","title":"Listing Plugins","text":"Installed plugins can be listed via the plugin:list command:
ShellOutput dokku plugin:list\n
plugn: dev\n 00_dokku-standard 0.35.4 enabled dokku core standard plugin\n 20_events 0.35.4 enabled dokku core events logging plugin\n app-json 0.35.4 enabled dokku core app-json plugin\n apps 0.35.4 enabled dokku core apps plugin\n build-env 0.35.4 enabled dokku core build-env plugin\n buildpacks 0.35.4 enabled dokku core buildpacks plugin\n certs 0.35.4 enabled dokku core certificate management plugin\n checks 0.35.4 enabled dokku core checks plugin\n common 0.35.4 enabled dokku core common plugin\n config 0.35.4 enabled dokku core config plugin\n docker-options 0.35.4 enabled dokku core docker-options plugin\n domains 0.35.4 enabled dokku core domains plugin\n enter 0.35.4 enabled dokku core enter plugin\n git 0.35.4 enabled dokku core git plugin\n logs 0.35.4 enabled dokku core logs plugin\n network 0.35.4 enabled dokku core network plugin\n nginx-vhosts 0.35.4 enabled dokku core nginx-vhosts plugin\n plugin 0.35.4 enabled dokku core plugin plugin\n proxy 0.35.4 enabled dokku core proxy plugin\n ps 0.35.4 enabled dokku core ps plugin\n repo 0.35.4 enabled dokku core repo plugin\n resource 0.35.4 enabled dokku core resource plugin\n scheduler-docker-local 0.35.4 enabled dokku core scheduler-docker-local plugin\n shell 0.35.4 enabled dokku core shell plugin\n ssh-keys 0.35.4 enabled dokku core ssh-keys plugin\n storage 0.35.4 enabled dokku core storage plugin\n tags 0.35.4 enabled dokku core tags plugin\n tar 0.35.4 enabled dokku core tar plugin\n trace 0.35.4 enabled dokku core trace plugin\n
Warning
All plugin commands other than plugin:list and plugin:help require sudo access and must be run directly from the Dokku server.
"},{"location":"advanced-usage/plugin-management/#checking-if-a-plugin-is-installed","title":"Checking if a plugin is installed","text":"You can check if a plugin has been installed via the plugin:installed command:
dokku plugin:installed postgres\n
"},{"location":"advanced-usage/plugin-management/#installing-a-plugin","title":"Installing a plugin","text":"Note
Plugins installed in this method within a docker-based installation of Dokku do not persist across installs. Please see the plugin installation section of the docker-based installation docs for further details.
Installing a plugin is easy as well using the plugin:install command. This command will also trigger the install pluginhook on all existing plugins.
The most common usage is to install a plugin from a url. This url may be any of the following:
git: For git+ssh based plugin repository clones.ssh: For git+ssh based plugin repository clones.file: For copying plugins from a path on disk.https: For http based plugin repository clones.
Additionally, any urls with the extensions .tar.gz or .tgz are treated as Gzipped Tarballs for installation purposes and will be downloaded and extracted into place.
ShellOutput dokku plugin:install https://github.com/dokku/dokku-postgres.git\n
-----> Cloning plugin repo https://github.com/dokku/dokku-postgres.git to /var/lib/dokku/plugins/available/postgres\nCloning into 'postgres'...\nremote: Counting objects: 646, done.\nremote: Total 646 (delta 0), reused 0 (delta 0), pack-reused 646\nReceiving objects: 100% (646/646), 134.24 KiB | 0 bytes/s, done.\nResolving deltas: 100% (406/406), done.\nChecking connectivity... done.\n-----> Plugin postgres enabled\n
For git-based plugin installation, a commit SHA-like object may be specified (tag/branch/commit sha) via the --committish argument and Dokku will attempt to install the specified commit object.
# where 2.0.0 is a potential git tag\ndokku plugin:install https://github.com/dokku/dokku-postgres.git --committish 2.0.0\n
Plugin names are interpolated based on the repository name minus the dokku- prefix. If the plugin being installed has a name other than what matches the repository name - or another name is desired - the --name flag can be used to override this interpolation.
dokku plugin:install https://github.com/dokku/smoke-test-plugin.git --name smoke-test-plugin\n
The --core flag may also be indicated as the sole argument, though it is only for installation of core plugins, and thus not useful for end-user installations.
dokku plugin:install --core\n
Finally, all flags may be omitted to trigger the install procedures for both core and third-party plugins:
dokku plugin:install\n
"},{"location":"advanced-usage/plugin-management/#installing-plugin-dependencies","title":"Installing plugin dependencies","text":"In some cases, plugins will have system-level dependencies. These are not automatically installed via plugin:install, and must be separately via the plugin:install-dependencies command. This will run through all the dependencies trigger for all plugins.
dokku plugin:install-dependencies\n
This command may also target just core plugins via the --core flag. This is usually only useful for source-based installs of Dokku.
dokku plugin:install-dependencies --core\n
"},{"location":"advanced-usage/plugin-management/#updating-a-plugin","title":"Updating a plugin","text":"An installed, third-party plugin can be updated can updated via the plugin:update command. This should be done after any upgrades of Dokku as there may be changes in the internal api that require an update of how the plugin interfaces with Dokku.
Please note that this command is only valid for plugin installs that were backed by a git-repository.
ShellOutput dokku plugin:update postgres\n
Plugin (postgres) updated\n
An optional commit SHA-like object may be specified.
dokku plugin:update postgres 2.0.0\n
Any future invocation of plugin:update will respect the previously specified SHA-like object. To follow a particular branch again, specify that branch:
dokku plugin:update postgres main\n
"},{"location":"advanced-usage/plugin-management/#uninstalling-a-plugin","title":"Uninstalling a plugin","text":"Third party plugins can be uninstalled using the plugin:uninstall command:
ShellOutput dokku plugin:uninstall postgres\n
-----> Plugin postgres uninstalled\n
"},{"location":"advanced-usage/plugin-management/#disabling-a-plugin","title":"Disabling a plugin","text":"Disabling a plugin can also be useful for debugging whether a third-party plugin is causing issues in a Dokku installation. Another common use case is for disabling core functionality for replacement with a third-party plugin.
ShellOutput dokku plugin:disable postgres\n
-----> Plugin postgres disabled\n
"},{"location":"advanced-usage/plugin-management/#enabling-a-plugin","title":"Enabling a plugin","text":"Disabled plugins can be re-enabled via the plugin:enable command.
ShellOutput dokku plugin:enable postgres\n
-----> Plugin postgres enabled\n
"},{"location":"advanced-usage/plugin-management/#triggering-a-plugin-trigger","title":"Triggering a plugin trigger","text":"The plugin:trigger can be used to call any internal plugin trigger. This may have unintended consequences, and thus should only be called for development or debugging purposes.
dokku plugin:trigger some-internal-trigger args-go-here\n
"},{"location":"advanced-usage/registry-management/","title":"Registry Management","text":"New
Introduced in 0.25.0
registry:login [--password-stdin] <server> <username> [<password>] # Login to a docker registry\nregistry:report [<app>] [<flag>] # Displays a registry report for one or more apps\nregistry:set <app> <key> (<value>) # Set or clear a registry property for an app\n
The registry plugin enables interacting with remote registries, which is useful when either deploying images via git:from-image or when interacting with custom schedulers to deploy built image artifacts.
"},{"location":"advanced-usage/registry-management/#usage","title":"Usage","text":""},{"location":"advanced-usage/registry-management/#logging-into-a-registry","title":"Logging into a registry","text":"The registry:login command can be used to log into a docker registry. The following are examples for logging into various common registries:
# hub.docker.com\ndokku registry:login docker.io $USERNAME $PASSWORD\n\n# digitalocean\n# the username and password are both defined as the same api token\ndokku registry:login registry.digitalocean.com $DIGITALOCEAN_API_TOKEN $DIGITALOCEAN_API_TOKEN\n\n# github container registry\n# see the following link for information on retrieving a personal access token\n# https://docs.github.com/en/packages/guides/pushing-and-pulling-docker-images#authenticating-to-github-container-registry\ndokku registry:login ghcr.io $USERNAME $REGISTRY_PAT_TOKEN\n\n# quay\n# a robot user may be used to login\ndokku registry:login quay.io $USERNAME $PASSWORD\n
For security reasons, the password may also be specified as stdin by specifying the --password-stdin flag. This is supported regardless of the registry being logged into.
echo \"$PASSWORD\" | dokku registry:login --password-stdin docker.io $USERNAME\n
For certain Docker registries - such as Amazon ECR or Google's GCR registries - users may instead wish to use a docker credential helper to automatically authenticate against a server; please see the documentation regarding the credential helper in question for further setup instructions.
"},{"location":"advanced-usage/registry-management/#setting-a-remote-server","title":"Setting a remote server","text":"To specify a remote server registry for pushes, set the server property via the registry:set command. The default value for this property is empty string. Setting the value to docker.io or hub.docker.com will result in the computed value being empty string (as that is the default, implicit registry), while any non-zero length value will have a / appended to it if there is not one already.
dokku registry:set node-js-app server docker.io\n
This property can be set for a single app or globally via the --global flag. When set globally, the app-specific value will always overide the global value. The default global value for this property is empty string.
dokku registry:set --global server docker.io\n
Setting the property value to an empty string will reset the value to the system default. Resetting the value can be done per app or globally.
# per-app\ndokku registry:set node-js-app server\n\n# globally\ndokku registry:set --global server\n
The following are the values that should be used for common remote servers:
- Amazon Elastic Container Registry:
- value:
$AWS_ACCOUNT_ID.dkr.ecr.$AWS_REGION.amazonaws.com/ - notes: The
$AWS_ACCOUNT_ID and $AWS_REGION should match the values for your account and region, respectively. Additionally, an IAM profile that allows push access to the repository specified by image-repo should be attached to your Dokku server.
- Azure Container Registry:
- value
$REGISTRY_NAME.azurecr.io/ - notes: The
$AKS_REGISTRY_NAME should match the name of the registry created on your account.
- Docker Hub:
- value:
docker.io/ - notes: Requires owning the namespace used in the
image-repo value.
- Digitalocean:
- value:
registry.digitalocean.com/ - notes: Requires setting the correct
image-repo value for your registry.
- Github Container Registry:
- value:
ghcr.io/ - notes: Requires that the authenticated user has access to the namespace used in the
image-repo value.
- Quay.io:
- value:
quay.io/
"},{"location":"advanced-usage/registry-management/#specifying-an-image-repository-name","title":"Specifying an image repository name","text":"By default, Dokku uses the value dokku/$APP_NAME as the image repository that is pushed and deployed. For certain registries, the dokku namespace may not be available to your user. In these cases, the value can be set by changing the value of the image-repo property via the registry:set command.
dokku registry:set node-js-app image-repo my-awesome-prefix/node-js-app\n
Setting the property value to an empty string will reset the value to the system default. Resetting the value has to be done per-app.
# per-app\ndokku registry:set node-js-app image-repo\n
"},{"location":"advanced-usage/registry-management/#templating-the-image-repository-name","title":"Templating the image repository name","text":"Instead of setting the image repository name on a per-app basis, it can be set via a template globally with the image-repo-template property:
dokku registry:set --global image-repo-template \"my-awesome-prefix/{{ .AppName }}\"\n
Dokku uses a Golang template and has access to the AppName variable as shown above.
"},{"location":"advanced-usage/registry-management/#pushing-images-on-build","title":"Pushing images on build","text":"To push the image on release, set the push-on-release property to true via the registry:set command. The default value for this property is false. Setting the property to true will result in the image being tagged with an ID that is incremented with every release. This tag will be what is used for running app code.
dokku registry:set node-js-app push-on-release true\n
This property can be set for a single app or globally via the --global flag. When set globally, the app-specific value will always overide the global value. The default global value for this property is false.
dokku registry:set --global push-on-release true\n
Setting the property value to an empty string will reset the value to the system default. Resetting the value can be done per app or globally.
# per-app\ndokku registry:set node-js-app push-on-release\n\n# globally\ndokku registry:set --global push-on-release\n
"},{"location":"advanced-usage/registry-management/#push-extra-tags","title":"Push extra tags","text":"To push the image on release with extra tags, set the push-extra-tags to a comma-separated list of tags via the registry:set command. The default value for this property is empty. Setting the property will result in the image being tagged with extra tags every release.
The push-extra-tags can be set to a single tag too.
# multiple-tags\ndokku registry:set node-js-app push-extra-tags foo,bar\n
# single tag\ndokku registry:set node-js-app push-extra-tags foo\n
This property can be set for a single app or globally via the --global flag. When set globally, the app-specific value will always overide the global value. The default global value for this property is false.
dokku registry:set --global push-extra-tags foo,bar\n
Setting the property value to an empty string will reset the value to the system default. Resetting the value can be done per app or globally.
# per-app\ndokku registry:set node-js-app push-extra-tags\n\n# globally\ndokku registry:set --global push-extra-tags\n
"},{"location":"advanced-usage/repository-management/","title":"Repository Management","text":"New
Introduced in 0.6.0
repo:gc <app> # Runs 'git gc --aggressive' against the application's repo\nrepo:purge-cache <app> # Deletes the contents of the build cache stored in the repository\n
The repository plugin is meant to allow users to perform management commands against a repository.
"},{"location":"advanced-usage/repository-management/#usage","title":"Usage","text":""},{"location":"advanced-usage/repository-management/#git-garbage-collection","title":"Git Garbage Collection","text":"This will run a git gc --aggressive against the applications repo. This is performed on the Dokku host, and not within an application container.
ShellOutput dokku repo:gc node-js-app\n
Counting objects: 396, done.\nDelta compression using up to 2 threads.\nCompressing objects: 100% (365/365), done.\nWriting objects: 100% (396/396), done.\nTotal 396 (delta 79), reused 315 (delta 0)\n
"},{"location":"advanced-usage/repository-management/#clearing-application-cache","title":"Clearing Application cache","text":"Building containers with buildpacks currently results in a persistent cache directory between deploys. If you need to clear this cache directory for any reason, you may do so by running the following shell command:
dokku repo:purge-cache node-js-app\n
"},{"location":"advanced-usage/resource-management/","title":"Resource Management","text":"New
Introduced in 0.15.0
resource:limit [--process-type <process-type>] [RESOURCE_OPTS...] <app> # Limit resources for a given app/process-type combination\nresource:limit-clear [--process-type <process-type>] <app> # Limit resources for a given app/process-type combination\nresource:report [<app>] [<flag>] # Displays a resource report for one or more apps\nresource:reserve [--process-type <process-type>] [RESOURCE_OPTS...] <app> # Reserve resources for a given app/process-type combination\nresource:reserve-clear [--process-type <process-type>] <app> # Reserve resources for a given app/process-type combination\n
The resource plugin is meant to allow users to limit or reserve resources for a given app/process-type combination.
"},{"location":"advanced-usage/resource-management/#usage","title":"Usage","text":"By default, Dokku allows unlimited resource access to apps deployed on a server. In some cases, it may be desirable to limit this on a per-app or per-process-type basis. The resource plugin allows management of both resource \"limits\" and resource \"reservations\", where each resource request type has specific meaning to the scheduler in use for a given app.
Warning
The meaning of a values and it's units are specific to the scheduler in use for a given app. If a value is incorrect for a scheduler, this may result in containers failing to start correctly. If a scheduler does not support a given resource type combination, it will be ignored. All resource commands require an app rebuild or deploy in order to take effect.
Valid resource options include:
--cpu--memory--memory-swap--network--network-ingress--network-egress--nvidia-gpu
See the Supported Resource Management Properties section of the docker local scheduler documentation for more information on how each resource limit maps to Docker.
Resource limits and reservations are applied only during the run and deploy phases of an application, and will not impact the build phase of an application.
"},{"location":"advanced-usage/resource-management/#resource-limits","title":"Resource Limits","text":"When specified and supported, a resource limit will ensure that your app does not go over the specified value. If this occurs, the underlying scheduler may either cap resource utilization, or it may decide to terminate and reschedule your process.
Resource limits may be set via the resource:limit command:
ShellOutput dokku resource:limit --memory 100 node-js-app\n
=====> Setting resource limits for node-js-app\n memory: 100\n
Multiple resources can be limited in a single call:
ShellOutput dokku resource:limit --cpu 100 --memory 100 node-js-app\n
=====> Setting resource limits for node-js-app\n cpu: 100\n memory: 100\n
Resources can also be limited on a per-process type basis. If specified, this will override any generic limits set for the app.
ShellOutput dokku resource:limit --cpu 100 --memory 100 --process-type worker node-js-app\n
=====> Setting resource limits for node-js-app (worker)\n cpu: 100\n memory: 100\n
A resource value can be individually cleared by setting the value to the special value clear.
ShellOutput dokku resource:limit --cpu clear node-js-app\n
=====> Setting resource limits for node-js-app\n cpu: cleared\n
"},{"location":"advanced-usage/resource-management/#displaying-resource-limits","title":"Displaying Resource Limits","text":"Running the resource:limit command without any flags will display the currently configured default app limits.
ShellOutput dokku resource:limit node-js-app\n
=====> resource limits node-js-app information [defaults]\n cpu:\n memory:\n memory-swap: 100\n network: 100\n network-ingress:\n network-egress:\n nvidia-gpu:\n
This may also be combined with the --process-type flag to see app limits on a process-type level. Note that the displayed values are not merged with the defaults.
ShellOutput dokku resource:limit --process-type web node-js-app\n
=====> resource limits node-js-app information (web)\n cpu: 100\n memory: 100\n memory-swap:\n network:\n network-ingress:\n network-egress:\n nvidia-gpu:\n
"},{"location":"advanced-usage/resource-management/#clearing-resource-limits","title":"Clearing Resource Limits","text":"In cases where the values are incorrect - or there is no desire to limit resources - resource limits may be cleared using the resource:limit-clear command.
ShellOutput dokku resource:limit-clear node-js-app\n
-----> Clearing resource limit for node-js-app\n
Defaults can also be cleared by leaving the app unspecified.
ShellOutput dokku resource:limit-clear\n
-----> Clearing default resource limits\n
"},{"location":"advanced-usage/resource-management/#resource-reservations","title":"Resource Reservations","text":"When specified and supported, a resource reservation will ensure that your server has at least the specified resources before placing a given app's process. If there a resource exhaustion, future rebuilds and deploys may fail.
Resource reservations may be set via the resource:reserve command:
ShellOutput dokku resource:reserve --memory 100 node-js-app\n
=====> Setting resource reservation for node-js-app\n memory: 100\n
Multiple resources can be limited in a single call:
ShellOutput dokku resource:reserve --cpu 100 --memory 100 node-js-app\n
=====> Setting resource reservation for node-js-app\n cpu: 100\n memory: 100\n
Resources can also be limited on a per-process type basis. If specified, this will override any generic limits set for the app.
ShellOutput dokku resource:reserve --cpu 100 --memory 100 --process-type worker node-js-app\n
=====> Setting resource reservation for node-js-app (worker)\n cpu: 100\n memory: 100\n
A resource value can be individually cleared by setting the value to the special value clear.
ShellOutput dokku resource:reserve --cpu clear node-js-app\n
=====> Setting resource reservation for node-js-app\n cpu: cleared\n
"},{"location":"advanced-usage/resource-management/#displaying-resource-reservations","title":"Displaying Resource Reservations","text":"Running the resource:reserve command without any flags will display the currently configured default app reservations.
ShellOutput dokku resource:reserve node-js-app\n
=====> resource reservation node-js-app information [defaults]\n cpu: 100\n memory: 100\n memory-swap:\n network:\n network-ingress:\n network-egress:\n nvidia-gpu:\n
This may also be combined with the --process-type flag to see app reservations on a process-type level. Note that the displayed values are not merged with the defaults.
ShellOutput dokku resource:reserve --process-type web node-js-app\n
=====> resource reservation node-js-app information (web)\n cpu: 100\n memory: 100\n memory-swap:\n network:\n network-ingress:\n network-egress:\n nvidia-gpu:\n
"},{"location":"advanced-usage/resource-management/#clearing-resource-reservations","title":"Clearing Resource Reservations","text":"In cases where the values are incorrect - or there is no desire to reserve resources - resource reservations may be cleared using the resource:reserve-clear command.
ShellOutput dokku resource:reserve-clear node-js-app\n
-----> Clearing resource reservation for node-js-app\n
Defaults can also be cleared by leaving the app unspecified.
ShellOutput dokku resource:reserve-clear\n
-----> Clearing default resource reservation\n
"},{"location":"advanced-usage/resource-management/#displaying-resource-reports-for-an-app","title":"Displaying resource reports for an app","text":"You can get a report about the app's resource status using the resource:report command:
ShellOutput dokku resource:report\n
=====> node-js-app resource information\n web limit cpu:\n web limit memory: 1024\n web limit memory swap: 0\n web limit network: 10\n web limit network ingress:\n web limit network egress:\n web limit nvidia gpu:\n web reservation cpu:\n web reservation memory: 512\n web reservation memory swap:\n web reservation network: 8\n web reservation network ingress:\n web reservation network egress:\n web reservation nvidia gpu:\n=====> python-sample resource information\n web limit cpu:\n web limit memory:\n web limit memory swap:\n web limit network:\n web limit network ingress:\n web limit network egress:\n web limit nvidia gpu:\n web reservation cpu:\n web reservation memory:\n web reservation memory swap:\n web reservation network:\n web reservation network ingress:\n web reservation network egress:\n web reservation nvidia gpu:\n=====> ruby-sample resource information\n web limit cpu:\n web limit memory:\n web limit memory swap:\n web limit network:\n web limit network ingress:\n web limit network egress:\n web limit nvidia gpu:\n web reservation cpu:\n web reservation memory:\n web reservation memory swap:\n web reservation network:\n web reservation network ingress:\n web reservation network egress:\n web reservation nvidia gpu:\n
You can run the command for a specific app also.
ShellOutput dokku resource:report node-js-app\n
=====> node-js-app resource information\n web limit cpu:\n web limit memory: 1024\n web limit memory swap: 0\n web limit network: 10\n web limit network ingress:\n web limit network egress:\n web limit nvidia gpu:\n web reservation cpu:\n web reservation memory: 512\n web reservation memory swap:\n web reservation network: 8\n web reservation network ingress:\n web reservation network egress:\n web reservation nvidia gpu:\n
You can pass flags which will output only the value of the specific information you want. For example:
ShellOutput # Note the periods in the flag name\ndokku resource:report node-js-app --resource-web.limit.memory\n
1024\n
"},{"location":"appendices/0.10.0-migration-guide/","title":"0.10.0 Migration Guide","text":""},{"location":"appendices/0.10.0-migration-guide/#pci-compliance","title":"PCI Compliance","text":"By default, Dokku will ship a PCI Compliant nginx configuration. For developers whose users are on older browsers or mobile devices, you may need to ship a custom nginx.conf.sigil to enable ciphers for older browsers.
See the nginx customization docs for more details.
"},{"location":"appendices/0.10.0-migration-guide/#nginx-error-pages","title":"Nginx Error Pages","text":"We now ship with nicer error pages by default. You are free to customize your Dokku installation via a custom nginx.conf.sigil to change what error pages are displayed in different circumstances.
See the nginx customization docs for more details.
"},{"location":"appendices/0.20.0-migration-guide/","title":"0.20.0 Migration Guide","text":""},{"location":"appendices/0.20.0-migration-guide/#removals","title":"Removals","text":""},{"location":"appendices/0.20.0-migration-guide/#command-removals","title":"Command removals","text":"The following commands were previously deprecated and were removed in this release.
apps: Use apps:list instead.certs: Use certs:report instead.certs:info: Use certs:report instead.checks: Use checks:report instead.docker-options: Use docker-options:report instead.domains: Use domains:report instead.plugin: Use plugin:list instead.proxy: Use proxy:report instead.trace: Use trace:on or trace:off instead.ps: Use enter with a container ID instead to run ps auxww within a container.
The refactor of the proxy plugin removes the following functions from being sourced in plugins:
proxy#get_app_proxy_port_map()proxy#list_app_proxy_ports()proxy#filter_app_proxy_ports()proxy#add_proxy_ports()proxy#remove_proxy_ports()proxy#set_proxy_ports()
The informal policy is to allow removal of functions within a functions file if they are not used in OSS plugins. Should you be affected by any such removals, please file an issue to expose the functionality via a plugin trigger.
"},{"location":"appendices/0.20.0-migration-guide/#function-renames","title":"Function renames","text":" tar#tar_in_cmd was renamed to tar#cmd-tar-in. Users should avoid using cmd-* commands directly, and instead file an issue to have them exposed via a plugin trigger.tar#tar_from_cmd was renamed to tar#cmd-tar-from. Users should avoid using cmd-* commands directly, and instead file an issue to have them exposed via a plugin trigger.
"},{"location":"appendices/0.20.0-migration-guide/#remove-support-for-unsupported-operating-systems","title":"Remove support for Unsupported Operating Systems","text":"Dokku will no longer distribute packages for Ubuntu versions that have reached either End of Life or End of Standard Support (for LTS releases). This currently includes the following releases:
- Ubuntu 14.04 (trusty)
- Ubuntu 14.10 (utopic)
- Ubuntu 15.04 (vivid)
- Ubuntu 15.10 (wily)
- Ubuntu 16.10 (yakkety)
- Ubuntu 17.04 (zesty)
- Ubuntu 17.10 (artful)
Dokku will no longer distribute packages for Debian versions that are not stable or oldstable. This currently includes the following releases:
- Debian 7 (wheezy)
- Debian 8 (jessie)
"},{"location":"appendices/0.20.0-migration-guide/#removed-app-report-flags","title":"Removed App report flags","text":"The --git-sha flag was moved from the apps:report command to the git:report command.
"},{"location":"appendices/0.20.0-migration-guide/#app-report-output","title":"App report output","text":"When an app is not deployed, the apps:report command no longer shows the message not deployed. Please use the --deployed flag on ps:report instead to see if the app has been deployed.
"},{"location":"appendices/0.20.0-migration-guide/#changes","title":"Changes","text":""},{"location":"appendices/0.20.0-migration-guide/#app-report-flags","title":"App report flags","text":"The following changes on the apps:report command were made in this release:
- The
--deploy-source flag was renamed to --app-deploy-source. - The
--locked flag was renamed to --app-locked.
"},{"location":"appendices/0.20.0-migration-guide/#network-report-flags","title":"Network report flags","text":"The following changes on the network:report command were made in this release:
- The
--network-listeners flag was renamed to --network-web-listeners.
"},{"location":"appendices/0.20.0-migration-guide/#plugin-triggers","title":"Plugin Triggers","text":" - The
network-get-port trigger was incorrectly documented to have the isHerokuishContainer argument as the third argument. The code has been fixed to respect the documentation. - The
network-get-listeners trigger now takes an additional processType argument. If not specified, it defaults to web. This default will be removed in an upcoming release.
"},{"location":"appendices/0.20.0-migration-guide/#deprecations","title":"Deprecations","text":" nginx:show-conf has been deprecated in favor of nginx:show-config.proxy#is_app_proxy_enabled() is deprecated in favor of plugn trigger proxy-is-enabled.proxy#get_app_proxy_type() is deprecated in favor of plugn trigger proxy-type.apps#apps_create() is deprecated in favor of plugn trigger app-create.apps#apps_destroy() is deprecated in favor of plugn trigger app-destroy.apps#apps_exists() is deprecated in favor of plugn trigger app-exists.apps#apps_maybe_create() is deprecated in favor of plugn trigger app-maybe-create.plugin trigger network-get-listeners usage without a second processType argument is deprecated..NGINX_PORT variable usage within nginx.conf.sigil templates is deprecated in favor of .PROXY_PORT..NGINX_SSL_PORT variable usage within nginx.conf.sigil templates is deprecated in favor of .PROXY_SSL_PORT..DOKKU_APP_LISTENERS variable usage within nginx.conf.sigil templates is deprecated in favor of .DOKKU_APP_WEB_LISTENERS.
"},{"location":"appendices/0.21.0-migration-guide/","title":"0.21.0 Migration Guide","text":""},{"location":"appendices/0.21.0-migration-guide/#changes","title":"Changes","text":"The tls name is no longer a reserved app name, and can be used by applications. This was previously a reserved app name due to it's use as a place for global SSL certificate files; Dokku has not supported global SSL certificates for many releases, and thus there is no need to reserve the name.
"},{"location":"appendices/0.21.0-migration-guide/#deprecations","title":"Deprecations","text":" git#git_deploy_branch() is deprecated in favor of plugn trigger git-deploy-branch.- The
config command is deprecated in favor of config:show. - Usage of this command in conjunction with either the
--export or --shell flag is deprecated in favor of config:export --format with the correct format value (exports or shell, respectively).
- The
nginx:build-config command is deprecated in favor of proxy:build-config.
"},{"location":"appendices/0.21.0-migration-guide/#removals","title":"Removals","text":"The apps:destroy command no longer takes a second argument force. Instead, this can be passed as the --force flag, either globally or as a flag to the command itself.
The proxy:enable and proxy:disable no longer restart apps when setting the DOKKU_DISABLE_PROXY environment variable. A future release will disable usage of DOKKU_DISABLE_PROXY altogether.
"},{"location":"appendices/0.22.0-migration-guide/","title":"0.22.0 Migration Guide","text":""},{"location":"appendices/0.22.0-migration-guide/#deprecations","title":"Deprecations","text":" - Calling
logs:failed without either a <name> or the --all flag is deprecated.
"},{"location":"appendices/0.22.0-migration-guide/#changes","title":"Changes","text":" - Underscores are no longer valid characters in app names. Please rename applications before upgrading.
- Process type names specified in Procfile may no longer use characters not valid in DNS Label Names (RFC 1123).
- The minimum Docker version is now 17.05.0.
- The
common.GetDeployingAppImageName() function now returns an error as the second return argument instead of calling common.LogFail() internally. - Setting
DOKKU_DISABLE_ANSI_PREFIX_REMOVAL is deprecated; Dokku 0.23.0 will avoid removing the remote: ansi prefix entirely. No warning will be added in this release.
"},{"location":"appendices/0.22.0-migration-guide/#removals","title":"Removals","text":"The ps command has had a few removals as a result of a rewrite to Golang:
- The
ps:set-restart-policy command has been removed in favor the ps:set command. - The
ps:restart-policy command has been removed in favor of the ps:report command. - The
ps:rebuildall command has been removed in favor of calling the ps:rebuild with the --all flag instead of an app name. - The
ps:restartall command has been removed in favor of calling the ps:restart with the --all flag instead of an app name. - The
ps:stopall command has been removed in favor of calling the ps:stop with the --all flag instead of an app name. - The
ps:startall command has been removed in favor of calling the ps:start with the --all flag instead of an app name. - The
DOKKU_PROCFILE file is no longer located in the git directory for a given app on the server. It's location is currently not exposed. - The
procfile-get-command plugin trigger no longer takes a procfile path as the final argument. - All
ps functions have been removed. Please us a trigger as appropriate or file a PR to have a new trigger/wrapper function added.
"},{"location":"appendices/0.23.0-migration-guide/","title":"0.23.0 Migration Guide","text":""},{"location":"appendices/0.23.0-migration-guide/#changes","title":"Changes","text":" - The
plugin:list command no longer outputs the version for the plugn binary. - Users building docker images that run Dokku will need to use a new sudoer wrapper for the
docker-image-labeler binary to work correctly. A reference version has been placed in the docker skeleton directory. This should only impact platform developers, and users of our Docker image will already have the file available. - The
dokku user's cron is now in use by Dokku itself. Customizations will be overwritten. Users are encouraged to use a cron entry in /etc/cron.d/dokku to avoid this issue. - As of 0.23.0, Dokku will now inject the
max-size log driver option for applications. This is restricted to app-configured log driver values empty, local or json-file in 0.23.1 to increase setup compatibility. Users who configure alternative log drivers at the system level will need to either set the global max-size property to unlimited or switch to the built-in vector logging support.
"},{"location":"appendices/0.24.0-migration-guide/","title":"0.24.0 Migration Guide","text":""},{"location":"appendices/0.24.0-migration-guide/#changes","title":"Changes","text":" - The commands
proxy:enable, proxy:disable and proxy:build-config now support the --all flag in addition to general parallelism. - The
builder-cnb plugin has been renamed builder-pack, and all related plugin triggers have had the suffix -cnb changed to -pack.
"},{"location":"appendices/0.24.0-migration-guide/#deprecations","title":"Deprecations","text":" - The 1.0.0 release of Dokku will no longer select buildpack builders over dockerfile builders if both builders match. Instead, Dokku will choose the first builder that responds to the
builder-detect trigger. Users that wish to use a specific builder may set a builder using the builder:set command, which will force Dokku to use the specified builder regardless of what might be auto-detected. - The
tags plugin is deprecated in favor of the git:from-image command. It will be removed in the next minor release, and is considered unmaintained. Users are highly encouraged to switch their workflows to git:from-image. - The
tar plugin is deprecated in favor of the git:from-archive command. It will be removed in the next minor release, and is considered unmaintained. Users are highly encouraged to switch their workflows to git:from-archive.
"},{"location":"appendices/0.25.0-migration-guide/","title":"0.25.0 Migration Guide","text":""},{"location":"appendices/0.25.0-migration-guide/#registry-plugin","title":"Registry Plugin","text":"The dokku-registry plugin is now built-in. This comes with a few changes:
- Builder plugins should call
post-release-builder at the end of the build. - The
push and pull command are not implemented. Users wishing to deploy a remote image should use git:from-image. Image pushing is not available at this time. - At this time, remote docker repositories are not automatically created for AWS, and users must create those repositories for their applications as necessary. This may be implemented in the future.
- Docker images are only pushed when configured to do so. See the registry management documentation for more details.
Before upgrading, uninstall the registry plugin via dokku plugin:uninstall registry. Not doing so will cause issues with Dokku.
"},{"location":"appendices/0.25.0-migration-guide/#other","title":"Other","text":""},{"location":"appendices/0.25.0-migration-guide/#changes","title":"Changes","text":" - The network plugin can now set an
initial-network for all containers on creation. This is a replacement for specifying the --network flag via the docker-options plugin. Please see the network documentation for more information. - The
dokku run command now always removes the ephemeral container on exit. Users that need a persistent container should instead specify a console process type in their Procfile specifying an available shell (usually either bash or sh) and scale that container appropriately. - The
pre-deploy plugin trigger is now called internally by Dokku. Scheduler plugins should avoid calling this trigger, as any image changes introduced by subsequent trigger calls will be ignored. - The default image used for Herokuish Buildpack builds is now
gliderlabs/herokuish:latest-20, and is based on both the heroku-20 stack as well as Ubuntu 20.04. Users that wish to stick with the old, heroku-18/Ubuntu 18.04 builder may specify gliderlabs/herokuish:latest-18 as their builder image. Please see the herokuish buildpack deployment documentation for more information on how to specify a custom buildpack stack builder. - This change does not impact any users of Cloud Native Buildpacks.
- We fixed an issue that required extracting Procfiles at the beginning of a deploy. Due to this change, a
Dockerfile app contains a Procfile that does not specify a web process will fail to start. Usage of a Procfile with only a release command should be replaced with a scripts.dokku.postdeploy deployment task in the app.json file. The alternative is to define the web process in the Procfile. See the deployment task documentation for more information.
"},{"location":"appendices/0.25.0-migration-guide/#deprecations","title":"Deprecations","text":" - In previous versions of Dokku, the only way to specify a custom
Dockerfile was to use the docker-options plugin to set the --file flag for a docker build. As of 0.25.0, the builder-dockerfile:set command should be used instead, as outlined in the docs here. Usage of the old method should be migrated to the new method. - The
--rm and --rm-container flags may be specified but no longer have any effect on dokku run. - The
--detach flag is deprecated in favor of the run:detached command. - The
DOKKU_SCALE file is deprecated. Please see the process management documentation for more information on it's replacement with the formation key of the app.json file. - The hooks
post-release-buildpack, post-release-dockerfile, and post-release-pack are deprecated in favor of post-release-builder. See the plugin triggers documentation for more details.
"},{"location":"appendices/0.25.0-migration-guide/#removals","title":"Removals","text":" - As of April 2021, Ubuntu 16.04 is no longer an LTS release, and support has been removed. Packages may still install on older versions of Ubuntu, but are no longer tested, and therefore no support will be provided.
- The web installer has been removed. Users are now required to setup Dokku via cli commands. This change was made to combat potential security issues where users ignored the web installer, allowing unauthorized users to add their keys to the host.
- The
scheduler-docker-cleanup plugin trigger has been removed from the scheduler interface, and is no longer invoked.
"},{"location":"appendices/0.26.0-migration-guide/","title":"0.26.0 Migration Guide","text":""},{"location":"appendices/0.26.0-migration-guide/#removals","title":"Removals","text":" - The
tags plugin - deprecated in 0.24.0 - was removed. Users are highly encouraged to switch their workflows to git:from-image. - The
tar plugin - deprecated in 0.24.0 - was removed. Users are highly encouraged to switch their workflows to git:from-archive.
"},{"location":"appendices/0.26.0-migration-guide/#changes","title":"Changes","text":" - The
scheduler plugin now controls the scheduler in use for deploys. Apps will have their DOKKU_SCHEDULER environment variables migrated to the scheduler plugin, after which that value will be removed from said app. Please see the scheduler documentation for more information. - The
deploy-source metadata from apps:report is now no longer computed on the fly, but hydrated at deploy time via the deploy-source-set trigger. This value may be empty until your next deploy. - Additionally, the
deploy-source trigger has now been removed.
"},{"location":"appendices/0.27.0-migration-guide/","title":"0.27.0 Migration Guide","text":""},{"location":"appendices/0.27.0-migration-guide/#changes","title":"Changes","text":" -
Renaming an application will now only rename domains that are associated with global domains. As an example:
dokku domains:set-global dokku.me\ndokku apps:create node-js-app\ndokku domains:set node-js-app node-js-app.dokku.me node-js-app.dokku.com\ndokku apps:rename node-js-app other-name\ndokku domains:report node-js-app --domains-app-vhosts\n# output: other-name.dokku.me node-js-app.dokku.com\n
"},{"location":"appendices/0.28.0-migration-guide/","title":"0.28.0 Migration Guide","text":""},{"location":"appendices/0.28.0-migration-guide/#removals","title":"Removals","text":"Support for the following operating systems has been removed:
- CentOS 7
- Debian 9 (Stretch)
- Fedora
- OpenSuse
Dokku will no longer provide packages for RPM based systems. Debian 9 users may use new Debian packages, though support is not guaranteed.
All users are encouraged to install Dokku via the Docker-based installation method, or switch to a supported operating system.
"},{"location":"appendices/0.28.0-migration-guide/#deprecations","title":"Deprecations","text":"Ubuntu 18.04 is now a deprecated installation target. The operating system will be considered EOL by Canonical in April 2023. Users are encouraged to upgrade to Ubuntu 22.04 or consider switching their instllation method to the Docker-based installation method to avoid any disruption in usage.
"},{"location":"appendices/0.28.0-migration-guide/#additions","title":"Additions","text":"New in 0.28.0 are the Caddy, Haproxy and Traefik plugins. As community plugins wrapping these proxies exist, users should:
- Recommended: Uninstall the community plugin in question and switch all config to the new plugins.
- Upgrade the community plugin to a version that does not use the
proxy:set value of caddy, haproxy or traefik.
"},{"location":"appendices/0.29.0-migration-guide/","title":"0.29.0 Migration Guide","text":""},{"location":"appendices/0.29.0-migration-guide/#changes","title":"Changes","text":" - The output of
run:detached now uses the container name - eg. node-js-app.run.1 - vs the container id. - The ID of
cron tasks is now base36-encoded instead of base64-encoded. - The
nginx.conf.sigil is now extracted when source code is extracted for a build and not from the built image. Users can specify alternative paths via the nginx-conf-sigil-path property of the nginx plugin. See the nginx documentation for more information on how to configure the nginx.conf.sigil path for your application. - For deploys via
git:from-image, the nginx.conf.sigil file will be extracted from the source image, respecting the value of nginx-conf-sigil-path.
- The
Procfile is now extracted when source code is extracted for a build and not from the built image. Users can specify alternative paths via the procfile-path property of the ps plugin. See the process management documentation for more information on how to configure the Procfile path for your application. - For deploys via
git:from-image, the Procfile file will be extracted from the source image, respecting the value of procfile-path.
- The existing
pre-restore hook has been renamed to scheduler-pre-restore. There is a new pre-restore hook that is triggered within the ps:restore command prior to restoring any apps. - Nginx init commands are now performed via systemctl on Ubuntu systems when
/usr/bin/systemctl is available.
"},{"location":"appendices/0.29.0-migration-guide/#removals","title":"Removals","text":" - The
DOKKU_WAIT_TO_RETIRE environment variable has been migrated to a checks property named wait-to-retire and will be ignored if set as an environment variable. - The
domains-setup trigger has been removed. Initial app domains will now be automatically setup during app creation. - The
URLS file containing generated urls for an app is no longer generated or referenced. Users should retrieve app urls via the new domains-urls plugin trigger. - The common function
get_app_urls has been removed. Users should retrieve app urls via the new domains-urls plugin trigger.
"},{"location":"appendices/0.30.0-migration-guide/","title":"0.30.0 Migration Guide","text":"Info
Important: Due to the removal of DOKKU_SCALE support, users with a version older than 0.25.x are heavily encouraged to upgrade to 0.29.x prior to 0.30.x. Not doing so will result in all app containers stopping on rebuild due to having no scale settings.
"},{"location":"appendices/0.30.0-migration-guide/#deprecations","title":"Deprecations","text":" - Support for Ubuntu 18.04 has been deprecated. Please upgrade your host OS in advance of the End Of Life in April 2023.
"},{"location":"appendices/0.30.0-migration-guide/#changes","title":"Changes","text":" - The
app.json file is now extracted from the source code instead of the built image. For deploys via git:from-image, the file is extracted from the built image.
"},{"location":"appendices/0.30.0-migration-guide/#removals","title":"Removals","text":" - Support for SPDY has been removed. No major browser supports it as of 2021. Custom
nginx.conf.sigil templates referencing spdy-related variables will continue to build until the 1.0.0 release. - Support for the
DOKKU_SCALE file - deprecated in 0.25.0 - has been removed in favor of the formation key in the app.json file. Please see the process management documentation for more information on how to use the formation key of the app.json file. - The deprecated
--detach global flag for dokku run was removed. Please see the one-off tasks documentation for more information on running detached containers. - The following deprecated trigger have been removed in favor of the
post-release-builder trigger. See the plugin triggers documentation for more details. post-release-buildpackpost-release-dockerfilepost-release-pack
- The ability to call
logs:failed without specifying an app or --all flag has been removed. This was deprecated in 0.22.0. Please see the logs:failed. - The following app shell functions - deprecated since 0.20.0 - have been removed in favor of their plugin trigger equivalents. Sourcing the
app/functions file will fail going forward. apps#apps_create() is removed in favor of plugn trigger app-create.apps#apps_destroy() is removed in favor of plugn trigger app-destroy.apps#apps_exists() is removed in favor of plugn trigger app-exists.apps#apps_maybe_create() is removed in favor of plugn trigger app-maybe-create.
- The following common shell functions have been removed:
common#is_container_running() (deprecated since 0.12.6) is removed in favor of common#is_container_status().common#is_app_running() (deprecated since 0.22.0) is removed in favor of ps#fn-ps-is-app-running().
- The global
--rm-container and --rm flags - deprecated since 0.25.0 - have been removed. - The following git shell functions have been removed:
git#use_git_worktree() (deprecated since 0.23.7) has been removed. There is no alternative as the function has been made internal.git#git_deploy_branch()(deprecated since 0.21.0) has been removed in favor of plugn trigger git-deploy-branch.
- The following nginx commands - deprecated since 0.20.0 - have been removed:
nginx:show-conf has been removed in favor of nginx:show-config.nginx:validate has been removed in favor of nginx:validate-config.nginx:build-config - deprecated since 0.21.0 - has been removed in favor of proxy:build-config.
- The following proxy functions - deprecated since 0.20.0 - have been removed in favor of their plugin trigger equivalents. Sourcing the
proxy/functions file will fail going forward. proxy#is_app_proxy_enabled() is removed in favor of plugn trigger proxy-is-enabled.proxy#get_app_proxy_type() is removed in favor of plugn trigger proxy-type.
"},{"location":"appendices/0.31.0-migration-guide/","title":"0.31.0 Migration Guide","text":""},{"location":"appendices/0.31.0-migration-guide/#changes","title":"Changes","text":" - Herokuish build cache is now mounted from a docker volume - eg.
cache-node-js-app - instead of the local filesystem. All existing app cache will be cleared upon upgrading past 0.29.0. - The
vector container integration now mounts config to /etc/vector instead of the path /etc/vector/vector.json, allowing users the ability to provide extra configuration for Vector Sinks. To take advantage of the new functionality, the vector container should be stopped (via dokku logs:vector-stop) and then started (via dokku logs:vector-start). - The
traefik integration now mounts config to /data instead of the path /acme.json, fixing permissions issues under certain architectures. To take advantage of the new functionality, the traefik container should be stopped (via dokku traefik:stop) and then started (via dokku traefik:start). - Users no longer need to clear the
source-image git property when transitioning from image-based deploys (git:from-image and git:load-image) to other deployment methods (git push, git:from-archive, git:sync). - For deploys via the
git:from-image and git:load-image commands, the CHECKS file is now extracted from the configured WORKDIR property of the image. For all other deploys - git push, git:from-archive, git:sync - will have the CHECKS extracted directly from the source code. The filename in both cases is CHECKS and cannot be modified. - Port mappings are now auto-detected during the build process. Users may override detected port mappings via the
ports plugin. A default port mapping of http:80:5000 will be used if none is otherwise specified. - Users building docker images that run Dokku will need to use a new sudoer wrapper for the
docker-container-healthchecker binary to work correctly. A reference version has been placed in the docker skeleton directory. This should only impact platform developers, and users of our Docker image will already have the file available. - The default image used for Herokuish Buildpack builds is now
gliderlabs/herokuish:latest-22, and is based on both the heroku-22 stack as well as Ubuntu 22.04. Users that wish to stick with the old, heroku-20/Ubuntu 20.04 builder may specify gliderlabs/herokuish:latest-20 as their builder image. Please see the herokuish buildpack deployment documentation for more information on how to specify a custom buildpack stack builder. - The default image used for Cloud Native Buildpack builds is now
heroku/builder:22, and is based on both the heroku-22 stack as well as Ubuntu 22.04. Users that wish to stick with the old, heroku-20/Ubuntu 20.04 builder may specify heroku/buildpacks:20 as their builder image. Please see the herokuish buildpack deployment documentation for more information on how to specify a custom buildpack stack builder.
"},{"location":"appendices/0.31.0-migration-guide/#deprecations","title":"Deprecations","text":" - The
proxy:ports* commands have been replaced with the new ports plugin. Users will be able to use the old proxy:ports* commands for a single minor release, and they will be removed in the next minor release. - The
common#get_available_port() function has been deprecated and will be removed in the next release. Users should avoid interacting with this function and instead use the ports-get-available plugin trigger for fetching an available port. - The
proxy-configure-ports plugin trigger has been deprecated and will be removed in the next release. Users should instead trigger the ports-configure plugin trigger. - The
common#get_dockerfile_exposed_ports() function is deprecated and will be removed in the next release. There is no replacement for this as it's only use in Dokku core was in the builder-dockerfile plugin. - The
common#get_exposed_ports_from_image() function is deprecated and will be removed in the next release. There is no replacement for this as it's only use in Dokku core was during the build process. - The environment variable
DOKKU_PROXY_PORT_MAP has been migrated to the properties system. Direct changes to the value will be ignored, and users should interact with port maps via the ports plugin. - The
CHECKS file is deprecated in favor of defining healthchecks in the app.json file. The docker-container-healthchecker tool can be used to generate healthcheck entries in app.json format from existing CHECKS files. See the zero-downtime deploy documentation for more information on how the new zero downtime check format works. - ARM support is now deprecated, and will be removed in the next minor release. ARM releases are not tested in CI and do not get testing locally. Users of ARM installations on platforms such as the Raspberry PI should consider migrating to ARM64. ARM64 will continue to be supported by Dokku, and there are no plans to remove support for ARM64.
"},{"location":"appendices/0.31.0-migration-guide/#un-deprecations","title":"Un-Deprecations","text":" - The bare
apps and config cli aliases are no longer deprecated. This better follows Heroku's output and is more useful to users. The subcommands will be treated as the primary, documented versions, while the aliases are there for convenience.
"},{"location":"appendices/0.31.0-migration-guide/#removals","title":"Removals","text":" - The variable
RAW_TCP_PORTS is no longer exposed for nginx.conf.sigil templating. - The environment variable
DOKKU_DOCKERFILE_PORTS is no longer in use. Users wishing to change port mappings should instead use the ports plugin. - The
common#get_app_raw_tcp_ports() function has been removed in the next release. Users should instead use the ports-get plugin trigger for fetching ports for an app. - The plugin trigger
network-compute-ports has been removed. It's only use was in the scheduler-docker-local plugin, for exposing ports. It's functionality is now implemented via the ports plugin. - The plugin trigger
network-get-port has been removed. It's only use was in the scheduler-docker-local plugin, for recording ports. It's functionality is now implemented via the ports plugin.
"},{"location":"appendices/0.32.0-migration-guide/","title":"0.32.0 Migration Guide","text":""},{"location":"appendices/0.32.0-migration-guide/#deprecations","title":"Deprecations","text":" - The following
pre-build-* plugin triggers have been deprecated and will be removed in the next release. Users should instead trigger the pre-build plugin trigger. - pre-build-buildpack
- pre-build-dockerfile
- pre-build-lambda
- pre-build-pack
- The following
pre-release-* plugin triggers have been deprecated and will be removed in the next release. Users should instead trigger the pre-release-builder plugin trigger. - pre-release-buildpack
- pre-release-dockerfile
- pre-release-lambda
- pre-release-pack
- The following
post-build-* plugin triggers have been deprecated and will be removed in the next release. Users should instead trigger the post-build plugin trigger. - post-build-buildpack
- post-build-dockerfile
- post-build-lambda
- post-build-pack
- The
CHECKS file was deprecated in the previous release in favor of defining healthchecks in the app.json file. It's support and auto-migration to healthchecks in the app.json file will be removed in the next release. See the zero-downtime deploy documentation for more information on how the new zero downtime check format works.
"},{"location":"appendices/0.32.0-migration-guide/#removals","title":"Removals","text":" - ARM support has been removed. Users of ARM installations on platforms such as the Raspberry PI should consider migrating to ARM64. ARM64 will continue to be supported by Dokku, and there are no plans to remove support for ARM64.
- The following proxy-port related code has been removed. It is replaced by the
ports plugin and it's related plugin triggers. proxy:ports-* commandsproxy-configure-ports plugin triggercommon#get_available_port()common#get_dockerfile_exposed_ports()common#get_exposed_ports_from_image()
"},{"location":"appendices/0.33.0-migration-guide/","title":"0.33.0 Migration Guide","text":"Dokku 0.33.0 did not introduce any refactors, removals, or deprecations, and focused solely on system improvements.
"},{"location":"appendices/0.34.0-migration-guide/","title":"0.34.0 Migration Guide","text":""},{"location":"appendices/0.34.0-migration-guide/#removals","title":"Removals","text":" - The
disable-chown property of the scheduler-docker-local plugin has been removed. Mounted paths will no longer have file permissions changed during the pre-deploy phase. Files baked into the container image for herokuish builds will always be owned by the correct user. - The
git:unlock command has been removed. It was previously used to \"unlock\" a temporary directory that already existed. The directory the git:unlock command used to cleanup is now properly removed on exit of the git:from-image command. - The k3s plugin no longer supports port mappings other than
https:443 and http:80. If no matching port map is specified, Dokku will use expose the app on the first port mapping, with priority given to https mappings over http. - Golang functions to invoke plugin triggers named
PlugnTrigger* have been removed in favor of CallPlugnTrigger.
"},{"location":"appendices/0.34.0-migration-guide/#changes","title":"Changes","text":" - The k3s scheduler now creates an Ingress object per domain instead of one per port mapping. This will cause a short amount of downtime during the next app deploy after upgrading to 0.34.0
- App lock files have been removed from the
/home/dokku directory and moved into the data/apps directory. - Logs are now rotated via
copytruncate instead of create in logrotate. -
The k3s scheduler now defaults to nginx as it's default proxy implementation. The traefik proxy implementation is still available, though users will need to set the global ingress-class k3s property to traefik via the following command:
dokku scheduler-k3s:set --global ingress-class traefik\n
"},{"location":"appendices/0.34.0-migration-guide/#deprecations","title":"Deprecations","text":"The pre-deploy plugin trigger is deprecated as of 0.34.4. It is currently invoked during the post-release-builder plugin trigger, where image mutation is heavily discouraged. Users should instead move any trigger usage to the pre-release-builder plugin trigger. The pre-deploy plugin trigger will be removed in a future release.
"},{"location":"appendices/0.35.0-migration-guide/","title":"0.35.0 Migration Guide","text":""},{"location":"appendices/0.35.0-migration-guide/#changes","title":"Changes","text":" - The provided
dokku/dokku:latest Docker image now runs Ubuntu 24.04 Noble. Users that install custom packages within their docker-based installations should be sure to check package compatibility with Ubuntu 24.04. - The default image used for Cloud Native Buildpack builds is now
heroku/builder:24, and is based on both the heroku-24 stack as well as Ubuntu 24.04. Users that wish to stick with the old, heroku-22/Ubuntu 22.04 builder may specify heroku/buildpacks:22 as their builder image. Please see the cloud native buildpack deployment documentation for more information on how to specify a custom buildpack stack builder. - The default image used for Herokuish Buildpack builds is now
gliderlabs/herokuish:latest-24, and is based on both the heroku-24 stack as well as Ubuntu 24.04. Users that wish to stick with the old, heroku-22/Ubuntu 22.04 builder may specify gliderlabs/herokuish:latest-22 as their builder image. Please see the herokuish buildpack deployment documentation for more information on how to specify a custom buildpack stack builder. - The
vector image used by Dokku for enhanced logging support has been upgraded from 0.39.x to 0.41.x. To take advantage of the new image, execute the following commands: dokku logs:vector-stop\ndokku logs:vector-start\n
- The
openresty image used by Dokku for proxying via openresty has been upgraded from 0.8.0 to 0.9.0. To take advantage of the new image, execute the following commands: dokku openresty:stop\ndokku openresty:start\n
"},{"location":"appendices/0.5.0-migration-guide/","title":"0.5.0 Migration Guide","text":""},{"location":"appendices/0.5.0-migration-guide/#nginx-vhosts-plugin","title":"nginx-vhosts plugin","text":" - The nginx-vhosts template language is now sigil
- No need to escape literal
$ characters (or other \"bash-isms\") - Template variables are represented as {{ .VARIABLE_NAME }}
- A detailed list of template variables can be found here
- A custom nginx-vhosts template must be named
nginx.conf.sigil - The default path for this custom template is the root of your repo (i.e.
/app in the container or WORKDIR if defined in a dockerfile app) - Dokku no longer looks for this file in
/home/dokku/node-js-app on the Dokku server - Check out an example template here
- Support for server-wide SSL certs have been dropped in favor of using the
certs plugin dokku certs:add node-js-app < certs.tar
- All domains for an SSL-enabled app will be redirected to https by default
- This can be overridden with a custom template
- Replaced \"magic\"
NO_VHOST variable with domains:enable/disable - Simplified zero downtime control
checks:enable/disable
"},{"location":"appendices/0.5.0-migration-guide/#dockerfile-apps-with-exposed-ports","title":"Dockerfile apps with exposed ports","text":" - Dockerfiles with
EXPOSE clauses will get all tcp ports proxied by default - Note that nginx will proxy the same port numbers to listen publicly
- UDP ports can be exposed by disabling the nginx proxy with
dokku proxy:disable node-js-app
"},{"location":"appendices/0.6.0-migration-guide/","title":"0.6.0 Migration Guide","text":""},{"location":"appendices/0.6.0-migration-guide/#zero-downtime-deployment","title":"Zero-downtime deployment","text":" - You can now actually disable zero-downtime deployments per-app and per-process-type
- Some config variables have been moved around
DOKKU_CHECKS_ENABLED has been migrated to DOKKU_CHECKS_SKIPPEDDOKKU_CHECKS_DISABLED is now a thing- The values for the above can be a comma-separated list of process-types or the literal string
_all_
- See the updated
checks docs for more info
"},{"location":"appendices/0.6.0-migration-guide/#proxy-port-mapping","title":"Proxy port mapping","text":" - You can now configure host -> container proxy port mappings
- The UI is handled by the proxy interface plugin by setting the
DOKKU_PROXY_PORT_MAP config variable in the format of scheme:host-port:container-port. The default nginx-vhosts proxy plugin supports both the http and https schemes.
- Default port mappings
- buildpack apps will be set to
http:80:5000 and will also include https:443:5000 if SSL is enabled. - dockerfile apps with explicitly exposed ports (i.e. using the
EXPOSE directive) will be configured with a listener on each exposed port that proxies to the same port of the deployed application container. - You may override this behavior with the
proxy:ports-* commands or by directly setting DOKKU_PROXY_PORT_MAP with the config:set command - dockerfile apps without explicitly exposed ports will behave the same as a buildpack app
- NOTE: These defaults are not automatically changed on subsequent pushes and must be manipulated with the aforementioned commands
"},{"location":"appendices/0.6.0-migration-guide/#calling-the-dokku-binary","title":"Calling the dokku binary","text":" - Plugins should not call the
dokku binary directly. Clients using the --app argument are potentially broken, amongst others, when doing so. Instead, please source the functions file for a given plugin when attempting to call Dokku internal functions. As a result, the following Dokku commands are no longer publicly exposed: dokku builddokku receivedokku releasedokku tar:builddokku tar:build-lockeddokku git:builddokku git:build-locked
"},{"location":"appendices/0.7.0-migration-guide/","title":"0.7.0 Migration Guide","text":""},{"location":"appendices/0.7.0-migration-guide/#persistent-storage","title":"Persistent Storage","text":"We should now properly handle file ownership for mounted directories. This was enhanced in 0.7.1. See the persistent storage documentation for more details.
"},{"location":"appendices/0.7.0-migration-guide/#restart-policies","title":"Restart Policies","text":"If you previously managed container restart policies via docker-options, these can now be managed natively via the built-in ps plugin. There is no migration necessary. See the restart policy documentation for more details.
"},{"location":"appendices/0.7.0-migration-guide/#ssh-keys","title":"SSH Keys","text":"Dokku now has an ssh-keys plugin that can be used to manage ssh keys for the dokku user on the host operating system. See the user management documentation for more details.
"},{"location":"appendices/0.8.0-migration-guide/","title":"0.8.0 Migration Guide","text":""},{"location":"appendices/0.8.0-migration-guide/#domain-management","title":"Domain Management","text":"You can now set global and app domains via domains:set and domains:set-global. See the domains documentation for more details.
"},{"location":"appendices/0.8.0-migration-guide/#plugin-uninstallation","title":"Plugin Uninstallation","text":"A new uninstall plugin trigger was introduced. This functionality may be in use for newer plugins, so be aware that older Dokku versions may require manual cleanup.
See the uninstall trigger documentation for implementation instructions.
"},{"location":"appendices/0.8.0-migration-guide/#deployment-tasks","title":"Deployment Tasks","text":"Should a pre or post deployment task fail, we now fail the entire deploy.
"},{"location":"appendices/0.8.0-migration-guide/#nginx-http2-support","title":"Nginx HTTP2 Support","text":"Due to bugs in Nginx, the minimum version for HTTP2 is now 1.11.5.
"},{"location":"appendices/0.9.0-migration-guide/","title":"0.9.0 Migration Guide","text":""},{"location":"appendices/0.9.0-migration-guide/#golang-migration","title":"Golang Migration","text":"There is an ongoing migration to rewrite Dokku in Golang. The reasons are beyond the scope of this document, but this may impact any patches you have for Dokku. As of 0.9.0, only the repo plugin is in Golang.
The following shall remain true, regardless of the state of our rewrite:
- You will be able to write custom plugins in any language.
- You will be able to enable or disable core plugins.
plugn will continue to be used for executing plugin triggers.- We will provide bash wrappers that can be sourced to execute core functionality that is implemented in golang.
"},{"location":"community/clients/","title":"Clients","text":"Given the constraints, running Dokku commands remotely via SSH is fine. For certain configurations, the extra complication of manually invoking ssh can be a burden.
The easiest way to interact with Dokku remotely is by using the official client. Documented below are the various clients that you may wish to use.
"},{"location":"community/clients/#official-client","title":"Official Client","text":"See the remote commands documentation for more information on how to install and use the official client.
"},{"location":"community/clients/#nodejs-dokku-toolbelt","title":"(nodejs) dokku-toolbelt","text":"Dokku-toolbelt is a node-based cli wrapper that proxies requests to the Dokku command running on remote hosts. You can install it via the following shell command (assuming you have nodejs and npm installed):
npm install -g dokku-toolbelt\n
See documentation here for more information.
"},{"location":"community/clients/#ruby-dokku-cli","title":"(ruby) Dokku CLI","text":"Dokku CLI is a rubygem that acts as a client for your Dokku installation. You can install it via the following shell command (assuming you have ruby and rubygems installed):
gem install dokku-cli\n
See documentation here for more information.
"},{"location":"community/clients/#ruby-dokkuclient","title":"(ruby) DokkuClient","text":"DokkuClient is another rubygem that acts as a client for your Dokku installation with built-in support for certain external plugins. You can install it via the following shell command (assuming you have ruby and rubygems installed):
gem install dokku_client\n
See documentation here for more information.
"},{"location":"community/clients/#ruby-dokkufy","title":"(ruby) Dokkufy","text":"Dokkufy is a rubygem that handles automation of certain tasks, such as Dokku setup, plugin installation, etc. You can install it via the following shell command (assuming you have ruby and rubygems installed):
gem install dokkufy\n
See documentation here for more information.
"},{"location":"community/clients/#ruby-dockland","title":"(ruby) Dockland","text":"Dockland is a rubygem that acts as a client for your Dokku installation. You can install it via the following shell command (assuming you have ruby and rubygems installed):
gem install dockland\n
See documentation here for more information.
"},{"location":"community/plugins/","title":"Plugins","text":"Dokku itself is built out of plugins and uses plugn for its plugin system. In essence a plugin is a collection of scripts that will be run based on naming convention.
Let's take a quick look at the current Dokku nginx plugin that's shipped with Dokku by default.
nginx-vhosts/\n\u251c\u2500\u2500 plugin.toml # plugin metadata\n\u251c\u2500\u2500 commands # contains additional commands\n\u251c\u2500\u2500 install # runs on Dokku installation\n\u2514\u2500\u2500 post-deploy # runs after an app is deployed\n
"},{"location":"community/plugins/#installing-a-plugin","title":"Installing a plugin","text":"See the plugin management documentation.
"},{"location":"community/plugins/#creating-your-own-plugin","title":"Creating your own plugin","text":"See the full documentation.
"},{"location":"community/plugins/#official-plugins","title":"Official Plugins","text":"The following plugins are available and provided by Dokku maintainers. Please file issues against their respective issue trackers.
Plugin Author Compatibility Clickhouse dokku 0.4.0+ Copy Files to Image dokku 0.4.0+ CouchDB dokku 0.4.0+ Cron Restart dokku 0.30.0+ Elasticsearch dokku 0.4.0+ Grafana/Graphite/Statsd dokku 0.4.0+ HTTP Auth dokku 0.4.0+ Let's Encrypt dokku 0.4.0+ Maintenance mode dokku 0.4.0+ MariaDB dokku 0.4.0+ Meilisearch dokku 0.4.0+ Memcached dokku 0.4.0+ Mongo dokku 0.4.0+ MySQL dokku 0.4.0+ Nats dokku 0.4.0+ Omnisci dokku 0.4.0+ Postgres dokku 0.4.0+ Pushpin dokku 0.4.0+ RabbitMQ dokku 0.4.0+ Redirect dokku 0.4.0+ Redis dokku 0.4.0+ Registry dokku 0.12.0+ RethinkDB dokku 0.4.0+ Scheduler Kubernetes dokku 0.4.0+ Scheduler Nomad dokku 0.4.0+ Solr dokku 0.4.0+ SSH Hostkeys dokku 0.4.0+ Typesense dokku 0.4.0+"},{"location":"community/plugins/#community-plugins","title":"Community plugins","text":"Warning
The following plugins have been supplied by our community and may not have been tested by Dokku maintainers.
"},{"location":"community/plugins/#datastores","title":"Datastores","text":""},{"location":"community/plugins/#relational","title":"Relational","text":"Plugin Author Compatibility MariaDB kloadut 0.3.x MariaDB (single container) ohardy 0.3.x MariaDB (single container) krisrang 0.3.26+ PostgreSQL jlachowski 0.3.x PostgreSQL (single container) ohardy 0.3.x PostgreSQL (single container) flink 0.3.26+ Edgedb ignisda 0.27.0+"},{"location":"community/plugins/#newsql","title":"NewSQL","text":"Plugin Author Compatibility Surrealdb ignisda 0.27.0+"},{"location":"community/plugins/#caching","title":"Caching","text":"Plugin Author Compatibility Nginx Cache aluxian 0.5.0+ Redis (single container) ohardy 0.3.x Varnish zenedith Varnish cache between nginx and application with base configuration"},{"location":"community/plugins/#queuing","title":"Queuing","text":"Plugin Author Compatibility RabbitMQ jlachowski 0.3.x RabbitMQ (single container) jlachowski 0.3.x ElasticMQ (SQS compatible) cu12 0.5.0+ VerneMQ (MQTT Broker) mrname 0.4.0+"},{"location":"community/plugins/#other","title":"Other","text":"Plugin Author Compatibility etcd basgys 0.4.x FakeSNS cu12 0.5.0+ InfluxDB basgys 0.4.x RethinkDB stuartpb 0.3.x Headless Chrome lazyatom 0.8.1+"},{"location":"community/plugins/#plugins-implementing-new-dokku-functionality","title":"Plugins Implementing New Dokku Functionality","text":"Plugin Author Compatibility App name as env cjblomqvist 0.3.x APT dokku-community 0.18.x+ Auto Sync1 fomojola 0.8.1+ Deploy Webhook2 fomojola 0.8.1+ Docker auto persist volumes flink 0.4.0+ Docker Direct josegonzalez 0.4.0+ Dokku Clone crisward 0.4.0+ Dokku Copy App Config Files josegonzalez 0.4.0+ Dokku Require3 crisward 0.4.0+ Global Certificates josegonzalez 0.5.0+ Graduate (Environment Management) benjamin-dobell 0.4.0+ Host post-build command hook baikunz 0.4.0+ Host pre-build command hook fteychene 0.4.0+ Hostname michaelshobbs 0.4.0+ Hostname michaelshobbs 0.4.0+ HTTP Auth Secure Apps matto1990 0.4.0+ Image Size Limit Tashows Litestream4 AxelTheGerman 0.27.0+ Monit (Health Checks) mbreit 0.8.0+ Monit cjblomqvist 0.3.x Multicast DNS (mDNS) calyhre 0.33.0+ Nuke Containers josegonzalez 0.4.0+ Proctype Filter michaelshobbs 0.4.0+ robots.txt candlewaster 0.4.x Tor michaelshobbs 0.4.0+ UFW josegonzalez 0.3.x User Access mainto 0.4.0+ User ACL maciej \u0142ebkowski 0.4.0+ 1 Adds the ability to sync an application repo with a remote GitHub repo (useful for automated rebuilds without needing a git push from an external system
2 Adds the ability to invoke a post-deploy webhook with the IP, port and app name, all with a single config:set).
3 Extends app.json support to include creating volumes and creating / linking databases on push
4 Adds SQLite replication to external object storage via Litestream
"},{"location":"community/plugins/#other-plugins","title":"Other Plugins","text":"Plugin Author Compatibility Chef cookbook nickcharlton Discourse badsyntax 0.21.4+ Tailscale andrew-womeldorf 0.34.4+ Wordpress dokku-community 0.4.0+"},{"location":"community/plugins/#deprecated-plugins","title":"Deprecated Plugins","text":"The following plugins have been removed as their functionality is now in Dokku Core.
Plugin Author In Dokku Since Airbrake deploy flink v0.5.0 (deployment tasks) App User michaelshobbs v0.7.1 (herokuish 0.3.18) Bower/Grunt thrashr888 v0.5.0 (deployment tasks and .buildpacks) Bower/Gulp gdi2290 v0.5.0 (deployment tasks and .buildpacks) Bower install alexanderbeletsky v0.5.0 (deployment tasks and .buildpacks) Bower/Gulp jagandecapri v0.5.0 (deployment tasks and .buildpacks) Builders: bower, compass, gulp, grunt ignlg v0.5.0 (deployment tasks and .buildpacks) Custom Domains neam v0.3.10 (domains plugin) Debug josegonzalez v0.3.9 (trace command) Dockerfile custom path mimischi v0.25.0 (monorepo support) Docker Options dyson v0.3.17 (docker-options plugin) Dokku Name alex-sherwin v0.4.2 (named containers plugin) Events Logger alessio v0.3.21 (events plugin) Fonts ollej v0.5.0 (deployment tasks) git rev-parse HEAD in env cjblomqvist v0.12.0 (enhanced core git plugin) Host Port binding stuartpb v0.3.17 (docker-options plugin) Link Containers rlaneve v0.3.17 (docker-options plugin) List Containers josegonzalez v0.3.14 (ps plugin) Logspout michaelshobbs v0.22.6 (vector log shipping) Long Timeout investtools v0.21.0 (proxy-read-timeout nginx setting) Monorepo iamale v0.25.0 (monorepo builder support) Multi-Buildpack pauldub v0.4.0 (herokuish) Multiple Domains1 wmluke v0.3.10 (domains plugin) Multi Dockerfile artofrawr v0.25.0 (monorepo support) Named-containers flink v0.4.2 (named-containers plugin) Nginx Trust Proxy kingsquare v0.23.0 (nginx x-forwarded-* properties) Node ademuk v0.5.0 (deployment tasks and .buildpacks) Node pnegahdar v0.5.0 (deployment tasks and .buildpacks) Nginx-Alt mikexstudios v0.3.10 (domains plugin) Persistent Storage dyson v0.3.17 (docker-options plugin) Pre-Deploy Tasks michaelshobbs v0.5.0 (deployment tasks) PrimeCache darkpixel v0.3.0 (zero downtime deploys) Rollbar iloveitaly v0.5.0 (deployment tasks) Syslog michaelshobbs v0.22.6 (vector log shipping) Haproxy tcp load balancer 256dpi v0.28.0 (haproxt plugin) Process Manager: Circus apmorton v0.3.14/0.7.0 (ps/restart policy plugin) Process Manager: Forego flink v0.3.14/0.7.0 (ps plugin) Process Manager: Forego iskandar v0.3.14/0.7.0 (ps plugin) Process Manager: Logging Supervisord sehrope v0.3.14/0.7.0 (ps plugin) Process Manager: Shoreman statianzo v0.3.14/0.7.0 (ps plugin) Process Manager: Supervisord statianzo v0.3.14/0.7.0 (ps plugin) Rebuild application scottatron v0.3.14 (ps plugin) Reset mtime mixxorz Docker 1.8+ SSH Deployment Keys dokku v0.33.0 (git plugin) Supply env vars to buildpacks2 cameron-martin v0.3.9 (build-env plugin) Slack Notifications ribot v0.5.0 (deployment tasks) Telegram Notifications m0rth1um v0.5.0 (deployment tasks) user-env-compile2 motin v0.3.9 (build-env plugin) user-env-compile2 musicglue v0.3.9 (build-env plugin) Volume (persistent storage) ohardy v0.5.0 (storage plugin) Webhooks nickstenning v0.5.0 (deployment tasks) Wkhtmltopdf mbriskar v0.5.0 (deployment tasks) 1 Conflicts with VHOSTS Custom Configuration 2 Similar to the heroku-labs feature
"},{"location":"community/plugins/#unmaintained-plugins","title":"Unmaintained Plugins","text":"The following plugins are no longer maintained by their developers.
Plugin Author Compatibility app-url mikecsh Works with 0.2.0 Chef cookbooks fgrehm CouchDB (multi containers) flink 0.4.0+ CouchDB raceHub Compatible with 0.2.0 Dokku Copy App Config Files alexkruegger Compatible with 0.3.17+ Dokku Registry agco-adm 0.4.0+ Elasticsearch robv Not compatible with >= 0.3.0 (still uses /home/git) Elasticsearch1 blag Compatible with 0.2.0 Graphite/statsd jlachowski < 0.4.0 HipChat Notifications cef Memcached flink 0.4.0+ MongoDB (single container) jeffutter MySQL hughfletcher Neo4j aomitayo PostGIS fermuch PostgreSQL (single container) jeffutter This plugin creates a single postgresql container that all your apps can use. Thus only one instance of postgresql running (good for servers without a ton of memory). Redis luxifer Redis sekjun9878 0.3.26+ RiakCS (single container) jeffutter Incompatible with 0.2.0 1 Forked from jezdez/dokku-elasticsearch-plugin: uses Elasticsearch 1.2 (instead of 0.90), doesn't depend on dokku-link, runs as elasticsearch user instead of root, and turns off multicast autodiscovery for use in a VPS environment.
"},{"location":"configuration/domains/","title":"Domain Configuration","text":"New
Introduced in 0.3.10
domains:add <app> <domain> [<domain> ...] # Add domains to app\ndomains:add-global <domain> [<domain> ...] # Add global domain names\ndomains:clear <app> # Clear all domains for app\ndomains:clear-global # Clear global domain names\ndomains:disable <app> # Disable VHOST support\ndomains:enable <app> # Enable VHOST support\ndomains:remove <app> <domain> [<domain> ...] # Remove domains from app\ndomains:remove-global <domain> [<domain> ...] # Remove global domain names\ndomains:report [<app>|--global] [<flag>] # Displays a domains report for one or more apps\ndomains:set <app> <domain> [<domain> ...] # Set domains for app\ndomains:set-global <domain> [<domain> ...] # Set global domain names\n
Info
Adding a domain before deploying an application will result in port mappings being set. This may cause issues for applications that use non-standard ports, as those will not be automatically detected. Please refer to the proxy documentation for information as to how to reconfigure the mappings.
"},{"location":"configuration/domains/#customizing-hostnames","title":"Customizing hostnames","text":"Applications typically have the following structure for their hostname:
scheme://subdomain.domain.tld\n
The subdomain is inferred from the pushed application name, while the domain.tld is set during initial dokku configuration. It can then be modified with dokku domains:add-global and dokku domains:remove-global. This value is used as a default TLD for all applications on a host.
If an FQDN such as dokku.org is used as the application name, the global virtualhost will be ignored and the resulting vhost URL for that application will be dokku.org.
You can optionally override this in a plugin by implementing the nginx-hostname plugin trigger. If the nginx-hostname plugin has no output, the normal hostname algorithm will be executed. See the plugin trigger documentation for more information.
"},{"location":"configuration/domains/#disabling-vhosts","title":"Disabling VHOSTS","text":"If desired, it is possible to disable vhosts with the domains plugin.
dokku domains:disable node-js-app\n
On subsequent deploys, the nginx virtualhost will be discarded. This is useful when deploying internal-facing services that should not be publicly routeable. As of 0.4.0, nginx will still be configured to proxy your app on some random high port. This allows internal services to maintain the same port between deployments. You may change this port by setting DOKKU_PROXY_PORT and/or DOKKU_PROXY_SSL_PORT (for services configured to use SSL.)
The domains plugin allows you to specify custom domains for applications. This plugin is aware of any ssl certificates that are imported via certs:add. Be aware that disabling domains (with domains:disable) will override any custom domains.
# where `node-js-app` is the name of your app\n\n# add a domain to an app\ndokku domains:add node-js-app dokku.me\n\n# list custom domains for app\ndokku domains:report node-js-app\n\n# clear all custom domains for app\ndokku domains:clear node-js-app\n\n# remove a custom domain from app\ndokku domains:remove node-js-app dokku.me\n\n# set all custom domains for app\ndokku domains:set node-js-app dokku.me dokku.org\n
"},{"location":"configuration/domains/#displaying-domains-reports-for-an-app","title":"Displaying domains reports for an app","text":"New
Introduced in 0.8.1
You can get a report about the app's domains status using the domains:report command:
ShellOutput dokku domains:report\n
=====> node-js-app domains information\n Domains app enabled: true\n Domains app vhosts: node-js-app.dokku.org\n Domains global enabled: true\n Domains global vhosts: dokku.org\n=====> python-app domains information\n Domains app enabled: true\n Domains app vhosts: python-app.dokku.org\n Domains global enabled: true\n Domains global vhosts: dokku.org\n=====> ruby-app domains information\n Domains app enabled: true\n Domains app vhosts: ruby-app.dokku.org\n Domains global enabled: true\n Domains global vhosts: dokku.org\n
You can run the command for a specific app also.
ShellOutput dokku domains:report node-js-app\n
=====> node-js-app domains information\n Domains app enabled: true\n Domains app vhosts: node-js-app.dokku.org\n Domains global enabled: true\n Domains global vhosts: dokku.org\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku domains:report node-js-app --domains-app-enabled\n
"},{"location":"configuration/domains/#default-site","title":"Default site","text":"This is specific to your proxy plugin of choice. See the nginx documentation for more information on how to configure this for the default nginx proxy implementation.
"},{"location":"configuration/environment-variables/","title":"Environment Variables","text":"Typically an application will require some configuration to run properly. Dokku supports application configuration via environment variables. Environment variables may contain private data, such as passwords or API keys, so it is not recommended to store them in your application's repository.
The config plugin provides the following commands to manage your variables:
config:show (<app>|--global) Pretty-print an app or global environment\nconfig:bundle (<app>|--global) [--merged] Bundle environment into tarfile\nconfig:clear (<app>|--global) Clears environment variables\nconfig:export (<app>|--global) [--envfile] Export a global or app environment\nconfig:get (<app>|--global) KEY Display a global or app-specific config value\nconfig:keys (<app>|--global) [--merged] Show keys set in environment\nconfig:set [--encoded] [--no-restart] (<app>|--global) KEY1=VALUE1 [KEY2=VALUE2 ...] Set one or more config vars\nconfig:unset [--no-restart] (<app>|--global) KEY1 [KEY2 ...] Unset one or more config vars\n
Info
For security reasons - and as per docker recommendations - Dockerfile-based deploys have variables available only during runtime, as noted in this issue. Consider using build arguments to expose variables during build-time for Dockerfile apps.
Environment variables are available both at run time and during the application build/compilation step for buildpack-based deploys.
For buildpack deploys, Dokku will create a /app/.env file that can be used for legacy buildpacks. Note that this is not updated when config:set or config:unset is called, and is only written during a deploy or ps:rebuild. Developers are encouraged to instead read from the application environment directly, as the proper values will be available then.
Note
Global ENV files are sourced before app-specific ENV files. This means that app-specific variables will take precedence over global variables. Configuring your global ENV file is manual, and should be considered potentially dangerous as configuration applies to all applications.
You can set multiple environment variables at once:
dokku config:set node-js-app ENV=prod COMPILE_ASSETS=1\n
Whitespace and special characters get tricky. If you are using dokku locally you don't need to do any special escaping. If you are using dokku over ssh you will need to backslash-escape spaces:
dokku config:set node-js-app KEY=\"VAL\\ WITH\\ SPACES\"\n
Dokku can also read base64 encoded values. That's the easiest way to set a value with newlines or spaces. To set a value with newlines you need to base64 encode it first and pass the --encoded flag:
dokku config:set --encoded node-js-app KEY=\"$(base64 ~/.ssh/id_rsa)\"\n
When setting or unsetting environment variables, you may wish to avoid an application restart. This is useful when developing plugins or when setting multiple environment variables in a scripted manner. To do so, use the --no-restart flag:
dokku config:set --no-restart node-js-app ENV=prod\n
If you wish to have the variables output in an eval-compatible form, you can use the config:export command
dokku config:export node-js-app\n# outputs variables in the form:\n#\n# export ENV='prod'\n# export COMPILE_ASSETS='1'\n\n# source in all the node-js-app app environment variables\neval $(dokku config:export node-js-app)\n
You can control the format of the exported variables with the --format flag. --format=shell will output the variables in a single-line for usage in command-line utilities:
dokku config:export --format shell node-js-app\n\n# outputs variables in the form:\n#\n# ENV='prod' COMPILE_ASSETS='1'\n
"},{"location":"configuration/environment-variables/#special-config-variables","title":"Special Config Variables","text":"The following config variables have special meanings and can be set in a variety of ways. Unless specified via global app config, the values may not be passed into applications. Usage of these values within applications should be considered unsafe, as they are an internal configuration values that may be moved to the internal properties system in the future.
Warning
This list is not exhaustive, and may vary from version to version.
Name Default How to modify Description DOKKU_ROOT ~dokku /etc/environment The root directory where dokku will store application repositories, as well as certain configuration files. DOKKU_IMAGE gliderlabs/herokuish /etc/environment ~dokku/.dokkurc ~dokku/.dokkurc/* The default image to use when building herokuish containers. Deprecated in favor of using buildpacks:set-property DOKKU_LIB_ROOT /var/lib/dokku /etc/environment ~dokku/.dokkurc ~dokku/.dokkurc/* The directory where plugins, certain data, and general configuration is stored. PLUGIN_PATH $DOKKU_LIB_ROOT/plugins\" /etc/environment ~dokku/.dokkurc ~dokku/.dokkurc/* The top-level directory where plugins are stored. PLUGIN_AVAILABLE_PATH $PLUGIN_PATH/available\" /etc/environment ~dokku/.dokkurc ~dokku/.dokkurc/* The directory that holds all available plugins, including core. PLUGIN_ENABLED_PATH $PLUGIN_PATH/enabled\" /etc/environment ~dokku/.dokkurc ~dokku/.dokkurc/* The directory that holds all enabled plugins, including core. PLUGIN_CORE_PATH $DOKKU_LIB_ROOT/core-plugins\" /etc/environment ~dokku/.dokkurc ~dokku/.dokkurc/* The directory that stores all core plugins. PLUGIN_CORE_AVAILABLE_PATH $PLUGIN_CORE_PATH/available\" /etc/environment ~dokku/.dokkurc ~dokku/.dokkurc/* The directory that stores all available core plugins. PLUGIN_CORE_ENABLED_PATH $PLUGIN_CORE_PATH/enabled\" /etc/environment ~dokku/.dokkurc ~dokku/.dokkurc/* The directory that stores all enabled core plugins. DOKKU_LOGS_DIR /var/log/dokku /etc/environment ~dokku/.dokkurc ~dokku/.dokkurc/* Where dokku logs should be written to. DOKKU_LOGS_HOST_DIR $DOKKU_LOGS_DIR /etc/environment ~dokku/.dokkurc ~dokku/.dokkurc/* A path on the host that will be mounted into the vector logging container. DOKKU_EVENTS_LOGFILE $DOKKU_LOGS_DIR/events.log /etc/environment ~dokku/.dokkurc ~dokku/.dokkurc/* Where the events log file is written to. DOKKU_APP_NAME none --app APP flag Name of application to work on. Respected by core plugins. DOKKU_APPS_FORCE_DELETE none --force flag Whether to force delete an application. Also used by other plugins for destructive actions. DOKKU_CHECKS_URL https://dokku.com/docs/deployment/zero-downtime-deploys/ /etc/environment ~dokku/.dokkurc ~dokku/.dokkurc/* Url displayed during deployment when no CHECKS file exists. DOKKU_QUIET_OUTPUT none --quiet flag Silences certain header output for dokku commands. DOKKU_RM_CONTAINER none dokku config:set Deprecated: Whether to keep dokku run containers around or not. DOKKU_TRACE none dokku trace:on dokku trace:off --trace flag Turn on very verbose debugging. DOKKU_APP_PROXY_TYPE nginx dokku proxy:set DOKKU_APP_RESTORE 1 dokku config:set dokku ps:stop DOKKU_APP_SHELL /bin/bash dokku config:set Allows users to change the default shell used by Dokku for dokku enter and execution of deployment tasks. DOKKU_APP_TYPE herokuish Auto-detected by using buildpacks or dockerfile DOKKU_CHECKS_DISABLED none dokku checks:disable DOKKU_CHECKS_ENABLED none dokku checks:enable DOKKU_CHECKS_SKIPPED none dokku checks:skip DOKKU_CHECKS_WAIT 5 dokku config:set Wait this many seconds for the container to start before running checks. DOKKU_CHECKS_TIMEOUT 30 dokku config:set Wait this many seconds for each response before marking it as a failure. DOKKU_CHECKS_ATTEMPTS 5 dokku config:set Number of retries for to run for a specific check before marking it as a failure DOKKU_DEFAULT_CHECKS_WAIT 10 dokku config:set If no user-defined checks are specified - or if the process being checked is not a web process - this is the period of time Dokku will wait before checking that a container is still running. DOKKU_DISABLE_PROXY none dokku proxy:disable dokku proxy:enable Disables the proxy in front of your application, resulting in publicly routing the docker container. DOKKU_DISABLE_ANSI_PREFIX_REMOVAL none dokku config:set /etc/environment ~dokku/.dokkurc ~dokku/.dokkurc/* Disables removal of the ANSI prefix during deploys. Can be used in cases where the client deployer does not understand ansi escape codes. DOKKU_DISABLE_APP_AUTOCREATION none dokku config:set Disables automatic creation of a non-existent app on deploy. DOKKU_DOCKER_STOP_TIMEOUT 10 dokku config:set Configurable grace period given to the docker stop command. If a container has not stopped by this time, a kill -9 signal or equivalent is sent in order to force-terminate the container. Both the ps:stop and apps:destroy commands also respect this value. If not specified, the docker defaults for the docker stop command will be used. DOKKU_DOCKERFILE_CACHE_BUILD none dokku config:set DOKKU_DOCKERFILE_START_CMD none dokku config:set DOKKU_PARALLEL_ARGUMENTS. none dokku config:set Allows passing custom arguments to parallel for ps:*all commands DOKKU_PROXY_PORT automatically assigned /etc/environment ~dokku/.dokkurc ~dokku/.dokkurc/* dokku config:set DOKKU_PROXY_SSL_PORT automatically assigned /etc/environment ~dokku/.dokkurc ~dokku/.dokkurc/* dokku config:set DOKKU_SKIP_ALL_CHECKS none dokku config:set DOKKU_SKIP_CLEANUP /etc/environment ~dokku/.dokkurc ~dokku/.dokkurc/* When a deploy is triggered, if this is set to a non-empty value, then old docker containers and images will not be removed. DOKKU_SKIP_DEFAULT_CHECKS dokku config:set DOKKU_SKIP_DEPLOY dokku config:set DOKKU_START_CMD none dokku config:set Command to run instead of /start $PROC_TYPE DOKKU_SYSTEM_GROUP dokku /etc/environment ~dokku/.dokkurc ~dokku/.dokkurc/* System group to chown files as. DOKKU_SYSTEM_USER dokku /etc/environment ~dokku/.dokkurc ~dokku/.dokkurc/* System user to chown files as."},{"location":"configuration/ssl/","title":"SSL Configuration","text":"New
Introduced in 0.4.0
Dokku supports SSL/TLS certificate inspection and CSR/Self-signed certificate generation via the certs plugin. Note that whenever SSL/TLS support is enabled SPDY is also enabled.
certs:add <app> CRT KEY # Add an ssl endpoint to an app. Can also import from a tarball on stdin.\ncerts:generate <app> DOMAIN # Generate a key and certificate signing request (and self-signed certificate)\ncerts:remove <app> # Remove an SSL Endpoint from an app.\ncerts:report [<app>] [<flag>] # Displays an ssl report for one or more apps\ncerts:show <app> <crt|key> # Show the server.crt or server.key on stdout\ncerts:update <app> CRT KEY # Update an SSL Endpoint on an app. Can also import from a tarball on stdin\n
# for 0.3.x\ndokku nginx:import-ssl <app> < certs.tar\n
Info
Adding an ssl certificate before deploying an application will result in port mappings being updated. This may cause issues for applications that use non-standard ports, as those may not be automatically detected. Please refer to the proxy documentation for information as to how to reconfigure the mappings.
"},{"location":"configuration/ssl/#per-application-certificate-management","title":"Per-application certificate management","text":"Dokku provides built-in support for managing SSL certificates on a per-application basis. SSL is managed via nginx outside of application containers, and as such can be updated on-the-fly without rebuilding containers. At this time, applications only support a single SSL certificate at a time. To support multiple domains for a single application, wildcard certificate usage is encouraged.
"},{"location":"configuration/ssl/#certificate-setting","title":"Certificate setting","text":"The certs:add command can be used to push a tar containing a certificate .crt and .key file to a single application. The command should correctly handle cases where the .crt and .key are not named properly or are nested in a subdirectory of said tar file. You can import it as follows:
tar cvf cert-key.tar server.crt server.key\ndokku certs:add node-js-app < cert-key.tar\n
Note
If your .crt file came alongside a .ca-bundle, you'll want to concatenate those into a single .crt file before adding it to the .tar.
cat yourdomain_com.crt yourdomain_com.ca-bundle > server.crt\n
"},{"location":"configuration/ssl/#ssl-and-multiple-domains","title":"SSL and Multiple Domains","text":"When an SSL certificate is associated to an application, the certificate will be associated with all domains currently associated with said application. Your certificate should be associated with all of those domains, otherwise accessing the application will result in SSL errors. If you wish to remove one of the domains from the application, refer to the domain configuration documentation.
Note that with the default nginx template, requests will be redirected to the https version of the domain. If this is not the desired state of request resolution, you may customize the nginx template in use. For more details, see the nginx documentation.
"},{"location":"configuration/ssl/#certificate-generation","title":"Certificate generation","text":"Note
Using this method will create a self-signed certificate, which is only recommended for development or staging use, not production environments.
The certs:generate command will walk you through the correct openssl commands to create a key, csr and a self-signed cert for a given app/domain. We automatically put the self-signed cert in place as well as add the specified domain to the application configuration.
If you decide to obtain a CA signed certificate, you can import that certificate using the aforementioned dokku certs:add command.
"},{"location":"configuration/ssl/#certificate-removal","title":"Certificate removal","text":"The certs:remove command only works on app-specific certificates. It will rm the app-specific tls directory, rebuild the nginx configuration, and reload nginx.
"},{"location":"configuration/ssl/#showing-the-certificate","title":"Showing the certificate","text":"The certs:show command can be used to show your configured certs for an app. The show command can be used for example to export Let's Encrypt certificates after they've been generated. You can export it as follows:
dokku certs:show node-js-app crt > server.crt\ndokku certs:show node-js-app key > server.key\n
"},{"location":"configuration/ssl/#displaying-certificate-reports-for-an-app","title":"Displaying certificate reports for an app","text":"New
Introduced in 0.8.1
You can get a report about the apps ssl status using the certs:report command:
ShellOutput dokku certs:report\n
=====> node-js-app\n Ssl dir: /home/dokku/node-js-app/tls\n Ssl enabled: true\n Ssl hostnames: *.node-js-app.org node-js-app.org\n Ssl expires at: Oct 5 23:59:59 2019 GMT\n Ssl issuer: C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Domain Validation Secure Server CA\n Ssl starts at: Oct 5 00:00:00 2016 GMT\n Ssl subject: OU=Domain Control Validated; OU=PositiveSSL Wildcard; CN=*.node-js-app.org\n Ssl verified: self signed.\n=====> python-app\n Ssl dir: /home/dokku/python-app/tls\n Ssl enabled: false\n Ssl hostnames:\n Ssl expires at:\n Ssl issuer:\n Ssl starts at:\n Ssl subject:\n Ssl verified:\n
You can run the command for a specific app also.
ShellOutput dokku certs:report node-js-app\n
=====> node-js-app ssl information\n Ssl dir: /home/dokku/node-js-app/tls\n Ssl enabled: true\n Ssl hostnames: *.dokku.org dokku.org\n Ssl expires at: Oct 5 23:59:59 2019 GMT\n Ssl issuer: C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Domain Validation Secure Server CA\n Ssl starts at: Oct 5 00:00:00 2016 GMT\n Ssl subject: OU=Domain Control Validated; OU=PositiveSSL Wildcard; CN=*.dokku.org\n Ssl verified: self signed.\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku certs:report node-js-app --ssl-enabled\n
"},{"location":"configuration/ssl/#hsts-header","title":"HSTS Header","text":"The HSTS header is an HTTP header that can inform browsers that all requests to a given site should be made via HTTPS. Dokku enables this header by default for HTTPS requests.
See the NGINX HSTS documentation for more information on how the HSTS configuration can be managed for your application.
"},{"location":"configuration/ssl/#http2-support","title":"HTTP/2 support","text":"Certain versions of nginx have bugs that prevent HTTP/2 from properly responding to all clients, thus causing applications to be unavailable. For HTTP/2 to be enabled in your applications' nginx configs, you need to have installed nginx 1.11.5 or higher. See issue 2435 for more details.
"},{"location":"configuration/ssl/#ssl-port-exposure","title":"SSL Port Exposure","text":"When your app is served from port 80 then the /home/dokku/APP/nginx.conf file will automatically be updated to instruct nginx to respond to ssl on port 443 as a new cert is added. If your app uses a non-standard port (perhaps you have a dockerfile deploy exposing port 99999) you may need to manually expose an ssl port via dokku ports:add <APP> https:443:99999.
"},{"location":"configuration/ssl/#other","title":"Other","text":""},{"location":"configuration/ssl/#running-behind-a-proxy-x-forwarded-ssl-etc","title":"Running behind a proxy (X-Forwarded-Ssl, etc.)","text":"See the running behind another proxy documentation for more information on how to configure your Nginx config when your server is running behind a proxy (e.g. load balancer, etc.).
"},{"location":"deployment/application-deployment/","title":"Deploying an Application","text":"Note
This walkthrough uses the hostname dokku.me in commands. When deploying to your own server, you should substitute the domain dokku.me for the domain name or IP address associated with your server. Users of the Vagrant VM included with Dokku can use dokku.me which points to the IP of the VM.
"},{"location":"deployment/application-deployment/#deploy-tutorial","title":"Deploy tutorial","text":"Once you have configured Dokku with at least one user, you can deploy applications using git push. To quickly see Dokku deployment in action, try using the Heroku Ruby on Rails \"Getting Started\" app.
# from your local machine\ngit clone https://github.com/heroku/ruby-getting-started\n
"},{"location":"deployment/application-deployment/#create-the-app","title":"Create the app","text":"SSH into the Dokku host and create the application as follows:
# on the Dokku host\ndokku apps:create ruby-getting-started\n
"},{"location":"deployment/application-deployment/#create-the-backing-services","title":"Create the backing services","text":"Dokku by default does not provide datastores (e.g. MySQL, PostgreSQL) on a newly created app. You can add datastore support by installing plugins, and the Dokku project provides official plugins for common datastores.
The Getting Started app requires a PostgreSQL service, so install the plugin and create the related service as follows:
# on the Dokku host\n# install the postgres plugin\n# plugin installation requires root, hence the user change\nsudo dokku plugin:install https://github.com/dokku/dokku-postgres.git\n\n# create a postgres service with the name railsdatabase\ndokku postgres:create railsdatabase\n
Each service may take a few moments to create.
"},{"location":"deployment/application-deployment/#linking-backing-services-to-applications","title":"Linking backing services to applications","text":"Once the services have been created, you then set the DATABASE_URL environment variable by linking the service, as follows:
# on the Dokku host\n# each official datastore offers a `link` method to link a service to any application\ndokku postgres:link railsdatabase ruby-getting-started\n
Dokku supports linking a single service to multiple applications as well as linking only one service per application.
"},{"location":"deployment/application-deployment/#deploy-the-app","title":"Deploy the app","text":"Warning
Your app should respect the PORT environment variable, otherwise it may not respond to web requests. You can find more information in the port management documentation.**
Now you can deploy the ruby-getting-started app to your Dokku server. All you have to do is add a remote to name the app. Applications are created on-the-fly on the Dokku server.
# from your local machine\n# the remote username *must* be dokku or pushes will fail\ncd ruby-getting-started\ngit remote add dokku dokku@dokku.me:ruby-getting-started\ngit push dokku main\n
Note
Some tools may not support the short-upstream syntax referenced above, and you may need to prefix the upstream with the scheme ssh:// like so: ssh://dokku@dokku.me:ruby-getting-started Please see the Git documentation for more details.
Note
Your private key should be registered with ssh-agent in your local development environment. If you get a permission denied error when pushing, you can register your private key as follows: ssh-add -k ~/<your private key>.
After running git push dokku main, you should have output similar to this in your terminal:
Counting objects: 231, done.\nDelta compression using up to 8 threads.\nCompressing objects: 100% (162/162), done.\nWriting objects: 100% (231/231), 36.96 KiB | 0 bytes/s, done.\nTotal 231 (delta 93), reused 147 (delta 53)\n-----> Cleaning up...\n-----> Building ruby-getting-started from herokuish...\n-----> Adding BUILD_ENV to build environment...\n-----> Ruby app detected\n-----> Compiling Ruby/Rails\n-----> Using Ruby version: ruby-2.2.1\n-----> Installing dependencies using 1.9.7\n Running: bundle install --without development:test --path vendor/bundle --binstubs vendor/bundle/bin -j4 --deployment\n Fetching gem metadata from https://rubygems.org/...........\n Fetching version metadata from https://rubygems.org/...\n Fetching dependency metadata from https://rubygems.org/..\n Using rake 10.4.2\n\n...\n\n=====> Application deployed:\n http://ruby-getting-started.dokku.me\n
Once the deploy is complete, the application's web URL will be generated as above.
Dokku supports deploying applications in a few ways:
- Heroku buildpacks via Herokuish: See the herokuish buildpacks documentation to learn about the different ways to specify a buildpack.
- This is the default method used by Dokku.
- Dockerfile: See the dockerfile documentation to learn about the different ways to configure Dockerfile-based deploys.
- Docker Image: See the docker image documentation to learn about how to deploy a Docker Image.
"},{"location":"deployment/application-deployment/#setting-up-ssl","title":"Setting up SSL","text":"Info
While SSL certificates can be imported, automated SSL via Letsencrypt requires that all domains on an app correctly point at your server's public ip address. Please keep this in mind when using Letsencrypt.
For many users, responding to requests via https will be desirable. Dokku has a complete ssl plugin built in that can be used to import SSL certificates (below is a short example, please refer to the ssl documentation for more information):
dokku certs:add ruby-getting-started server.crt server.key\n
As an alternative, the Dokku project offers an optional letsencrypt plugin that can be used to automate SSL certificate retrieval and renewal.
# on the Dokku host\n# install the letsencrypt plugin\n# plugin installation requires root, hence the user change\nsudo dokku plugin:install https://github.com/dokku/dokku-letsencrypt.git\n\n# set global email for letsencrypt\ndokku letsencrypt:set --global email your-email@your.domain.com\n\n# set a custom domain that you own for your application\ndokku domains:set ruby-getting-started ruby-getting-started.your.domain.com\n\n# enable letsencrypt\ndokku letsencrypt:enable ruby-getting-started\n\n# enable auto-renewal\ndokku letsencrypt:cron-job --add\n
"},{"location":"deployment/application-deployment/#skipping-deployment","title":"Skipping deployment","text":"If you only want to rebuild and tag a container, you can skip the deployment phase by setting $DOKKU_SKIP_DEPLOY to true by running:
# on the Dokku host\ndokku config:set ruby-getting-started DOKKU_SKIP_DEPLOY=true\n
"},{"location":"deployment/application-deployment/#redeploying-or-restarting","title":"Redeploying or restarting","text":"If you need to redeploy or restart your app:
# on the Dokku host\ndokku ps:rebuild ruby-getting-started\n
See the process scaling documentation for more information on how to manage your app processes.
"},{"location":"deployment/application-deployment/#deploying-with-private-git-submodules","title":"Deploying with private Git submodules","text":"Dokku uses Git locally (i.e. not a Docker image) to build its own copy of your app repo, including submodules, as the dokku user. This means that in order to deploy private Git submodules, you need to put your deploy key in /home/dokku/.ssh/ and potentially add github.com (or your VCS host key) into /home/dokku/.ssh/known_hosts. You can use the following test to confirm your setup is correct:
# on the Dokku host\nsu - dokku\nssh-keyscan -t rsa github.com >> ~/.ssh/known_hosts\nssh -T git@github.com\n
Warning
if the buildpack or Dockerfile build process require SSH key access for other reasons, the above may not always apply.
"},{"location":"deployment/application-deployment/#deploying-to-subdomains","title":"Deploying to subdomains","text":"If you do not enter a fully qualified domain name when pushing your app, Dokku deploys the app to <remotename>.yourdomain.tld as follows:
ShellOutput # from your local machine\n# the remote username *must* be dokku or pushes will fail\n# the below example assumes your app server domain or IP is dokku.me. Push in the form of: dokku@{serveripordomain}:{dokkuappname}\ngit remote add dokku dokku@dokku.me:ruby-getting-started\ngit push dokku main\n
remote: -----> Application deployed:\nremote: http://ruby-getting-started.dokku.me\n
You can also specify the fully qualified name as follows:
ShellOutput # from your local machine\n# the remote username *must* be dokku or pushes will fail\ngit remote add dokku dokku@dokku.me:app.dokku.me\ngit push dokku main\n
remote: -----> Application deployed:\nremote: http://app.dokku.me\n
This is useful when you want to deploy to the root domain:
ShellOutput # from your local machine\n# the remote username *must* be dokku or pushes will fail\ngit remote add dokku dokku@dokku.me:dokku.me\ngit push dokku main\n
... deployment ...\n\nremote: -----> Application deployed:\nremote: http://dokku.me\n
"},{"location":"deployment/application-deployment/#dokkudocker-container-management-compatibility","title":"Dokku/Docker container management compatibility","text":"Dokku is, at its core, a Docker container manager. Thus, it does not necessarily play well with other out-of-band processes interacting with the Docker daemon.
Prior to every deployment, Dokku will execute a cleanup function. As of 0.5.x, the cleanup removes all containers with the dokku label where the status is either dead or exited (previous versions would remove all dead or exited containers). The cleanup function also removes all images with dangling status.
"},{"location":"deployment/application-deployment/#adding-deploy-users","title":"Adding deploy users","text":"See the user management documentation for more information on how to manage users with access to your Dokku server.
"},{"location":"deployment/application-deployment/#default-vhost","title":"Default vhost","text":"See the domains documentation for more information on how to manage the default site.
"},{"location":"deployment/application-deployment/#deploying-non-master-branch","title":"Deploying non-master branch","text":"See the Git documentation for more information on deploying a non-master branch to your application.
"},{"location":"deployment/application-deployment/#dockerfile-deployment","title":"Dockerfile deployment","text":"See the Dockerfile documentation for information Dokku's Dockerfile support.
"},{"location":"deployment/application-deployment/#image-tagging","title":"Image tagging","text":"See the image tagging documentation for more information on how Docker images can be tagged and deployed for a given application.
"},{"location":"deployment/application-deployment/#specifying-a-custom-buildpack","title":"Specifying a custom buildpack","text":"See the herokuish buildpack documentation for more information on how to specify a set of custom buildpacks for your application.
"},{"location":"deployment/application-deployment/#removing-a-deployed-app","title":"Removing a deployed app","text":"See the application management documentation for more information on how to remove an application from your Dokku server.
"},{"location":"deployment/application-deployment/#renaming-a-deployed-app","title":"Renaming a deployed app","text":"See the application management documentation for more information on how an application can be renamed and the impact of doing so upon the application and associated resources.
"},{"location":"deployment/application-deployment/#zero-downtime-deploy","title":"Zero downtime deploy","text":"See the zero-downtime deploy documentation for more information on how Dokku enables zero-downtime deploys.
"},{"location":"deployment/application-management/","title":"Application Management","text":"New
Introduced in 0.3.1
apps:clone <old-app> <new-app> # Clones an app\napps:create <app> # Create a new app\napps:destroy <app> # Permanently destroy an app\napps:exists <app> # Checks if an app exists\napps:list # List your apps\napps:lock <app> # Locks an app for deployment\napps:locked <app> # Checks if an app is locked for deployment\napps:rename <old-app> <new-app> # Rename an app\napps:report [<app>] [<flag>] # Display report about an app\napps:unlock <app> # Unlocks an app for deployment\n
"},{"location":"deployment/application-management/#usage","title":"Usage","text":""},{"location":"deployment/application-management/#listing-applications","title":"Listing applications","text":"New
Introduced in 0.8.1. Use the apps command for older versions.
You can easily list all available applications using the apps:list command:
ShellOutput dokku apps:list\n
=====> My Apps\nnode-js-app\npython-app\n
Note that you can easily hide extra output from Dokku commands by using the --quiet flag, which makes it easier to parse on the command line.
ShellOutput dokku --quiet apps:list\n
node-js-app\npython-app\n
"},{"location":"deployment/application-management/#checking-if-an-application-exists","title":"Checking if an application exists","text":"For CI/CD pipelines, it may be useful to see if an application exists before creating a \"review\" application for a specific branch. You can do so via the apps:exists command:
ShellOutput dokku apps:exists node-js-app\n
App does not exist\n
The apps:exists command will return non-zero if the application does not exist, and zero if it does.
"},{"location":"deployment/application-management/#manually-creating-an-application","title":"Manually creating an application","text":"A common pattern for deploying applications to Dokku is to configure an application before deploying it. You can do so via the apps:create command:
ShellOutput dokku apps:create node-js-app\n
Creating node-js-app... done\n
Once created, you can configure the application as normal, and deploy the application whenever ready. This is useful for cases where you may wish to do any of the following kinds of tasks:
- Configure domain names and SSL certificates.
- Create and link datastores.
- Set environment variables.
"},{"location":"deployment/application-management/#removing-a-deployed-app","title":"Removing a deployed app","text":"In some cases, you may need to destroy an application, whether it is because the application is temporary or because it was misconfigured. In these cases, you can use the apps:destroy command. Performing any destructive actions in Dokku requires confirmation, and this command will ask for the name of the application being deleted before doing so.
ShellOutput dokku apps:destroy node-js-app\n
! WARNING: Potentially Destructive Action\n ! This command will destroy node-js-app (including all add-ons).\n ! To proceed, type \"node-js-app\"\n\nDestroying node-js-app (including all add-ons)\n
Info
node-js-app
This will prompt you to verify the application's name before destroying it. You may also use the --force flag to circumvent this verification process:
ShellOutput dokku --force apps:destroy node-js-app\n
Destroying node-js-app (including all add-ons)\n
The --force flag can also be specified on the command vs globally:
ShellOutput dokku apps:destroy --force node-js-app\n
Destroying node-js-app (including all add-ons)\n
Destroying an application will unlink all linked services and destroy any config related to the application. Note that linked services will retain their data for later use (or removal).
"},{"location":"deployment/application-management/#renaming-a-deployed-app","title":"Renaming a deployed app","text":"New
Introduced in 0.4.7
You can rename a deployed app using the apps:rename command. Note that the application must have been deployed at least once, or the rename will not complete successfully:
ShellOutput dokku apps:rename node-js-app io-js-app\n
Destroying node-js-app (including all add-ons)\n-----> Cleaning up...\n-----> Building io-js-app from herokuish...\n-----> Adding BUILD_ENV to build environment...\n-----> Node.js app detected\n\n-----> Creating runtime environment\n\n...\n\n=====> Application deployed:\n http://io-js-app.ci.dokku.me\n\nRenaming node-js-app to io-js-app... done\n
This will copy all of your app's contents into a new app directory with the name of your choice, delete your old app, then rebuild the new version of the app and deploy it. All of your config variables, including database urls, will be preserved.
By default, Dokku will deploy the renamed app, though you can skip the deploy by using the --skip-deploy flag:
dokku apps:rename --skip-deploy node-js-app io-js-app\n
Remember to also change your git remote on your local machine in order to make git push dokku main work again. For this you can use git remote set-url.
git remote set-url dokku dokku@dokku.me:io-js-app\n
"},{"location":"deployment/application-management/#cloning-an-existing-app","title":"Cloning an existing app","text":"New
Introduced in 0.11.5
You can clone an existing app using the apps:clone command. Note that the application must have been deployed at least once, or cloning will not complete successfully:
ShellOutput dokku apps:clone node-js-app io-js-app\n
Cloning node-js-app to io-js-app... done\n
This will copy all of your app's contents into a new app directory with the name of your choice and then rebuild the new version of the app and deploy it with the following caveats:
- All of your environment variables, including database urls, will be preserved.
- Custom domains are not applied to the new app.
- SSL certificates will not be copied to the new app.
- Port mappings with the scheme
https and host-port 443 will be skipped.
Warning
If you have exposed specific ports via docker-options plugin, or performed anything that cannot be done against multiple applications, apps:clone may result in errors.
By default, Dokku will deploy this new app, though you can skip the deploy by using the --skip-deploy flag:
dokku apps:clone --skip-deploy node-js-app io-js-app\n
Finally, if the application already exists, you may wish to ignore errors resulting from attempting to clone over it. To do so, you can use the --ignore-existing flag. A warning will be emitted, but the command will return 0.
dokku apps:clone --ignore-existing node-js-app io-js-app\n
"},{"location":"deployment/application-management/#locking-app-deploys","title":"Locking app deploys","text":"New
Introduced in 0.11.6
If you wish to disable deploying for a period of time, this can be done via deploy locks. Normally, deploy locks exist only for the duration of a deploy so as to avoid deploys from colliding, but a deploy lock can be created by running the apps:lock command.
ShellOutput dokku apps:lock node-js-app\n
-----> Deploy lock created\n
"},{"location":"deployment/application-management/#unlocking-app-deploys","title":"Unlocking app deploys","text":"New
Introduced in 0.11.6
In some cases, it may be necessary to remove an existing deploy lock. This can be performed via the apps:unlock command.
Warning
Removing the deploy lock will not stop in progress deploys. At this time, in progress deploys will need to be manually terminated by someone with server access.
ShellOutput dokku apps:unlock node-js-app\n
! A deploy may be in progress.\n ! Removing the app lock will not stop in progress deploys.\n-----> Deploy lock removed.\n
"},{"location":"deployment/application-management/#checking-lock-status","title":"Checking lock status","text":"New
Introduced in 0.13.0
In some cases, you may wish to inspect the state of an app lock. To do so, you can issue an apps:lock command. This will exit non-zero if there is no app lock in place.
ShellOutput dokku apps:locked node-js-app\n
Deploy lock does not exist\n
"},{"location":"deployment/application-management/#displaying-reports-for-an-app","title":"Displaying reports for an app","text":"New
Introduced in 0.8.1
You can get a report about the deployed apps using the apps:report command:
ShellOutput dokku apps:report\n
=====> node-js-app app information\n App created at: 1635126111\n App dir: /home/dokku/node-js-app\n App deploy source: git\n App deploy source metadata: cd7b8afccb202f222e7dc7b427553e71ba5ddafd\n App locked: false\n=====> python-sample app information\n App created at: 1635126000\n App dir: /home/dokku/python-sample\n App deploy source:\n App deploy source metadata:\n App locked: false\n=====> ruby-sample app information\n App created at: 1635122462\n App dir: /home/dokku/ruby-sample\n App deploy source: git\n App deploy source metadata: c60921ea2799ca108276414b95ea197f16798d51\n App locked: false\n
You can run the command for a specific app also.
ShellOutput dokku apps:report node-js-app\n
=====> node-js-app app information\n App dir: /home/dokku/node-js-app\n App deploy source: git\n App deploy source metadata: cd7b8afccb202f222e7dc7b427553e71ba5ddafd\n App locked: false\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku apps:report node-js-app --app-dir\n
"},{"location":"deployment/logs/","title":"Log Management","text":"logs <app> [-h|--help] [-t|--tail] [-n|--num num] [-q|--quiet] [-p|--ps process] # Display recent log output\nlogs:failed --all|<app> # Shows the last failed deploy logs\nlogs:report [<app>] [<flag>] # Displays a logs report for one or more apps\nlogs:set [--global|<app>] <key> <value> # Set or clear a logs property for an app\nlogs:vector-logs [--num num] [--tail] # Display vector log output\nlogs:vector-start # Start the vector logging container\nlogs:vector-stop # Stop the vector logging container\n
"},{"location":"deployment/logs/#usage","title":"Usage","text":""},{"location":"deployment/logs/#application-logs","title":"Application logs","text":"You can easily get logs of an app using the logs command:
dokku logs node-js-app\n
Logs are pulled via integration with the scheduler for the specified application via \"live tailing\". As such, logs from previously running deployments are usually not available. Users that desire to see logs from previous deployments for debugging purposes should persist those logs to external services. Please see Dokku's vector integration for more information on how to persist logs across deployments to ship logs to another service or a third-party platform.
"},{"location":"deployment/logs/#behavioral-modifiers","title":"Behavioral modifiers","text":"Dokku also supports certain command-line arguments that augment the log command's behavior.
-n, --num NUM # the number of lines to display\n-p, --ps PS # only display logs from the given process\n-t, --tail # continually stream logs\n-q, --quiet # display raw logs without colors, time and names\n
You can use these modifiers as follows:
dokku logs node-js-app -t -p web\n
The above command will show logs continually from the web process.
"},{"location":"deployment/logs/#failed-deploy-logs","title":"Failed deploy logs","text":"Warning
The default docker-local scheduler will \"store\" these until the next deploy or until the old containers are garbage collected - whichever runs first. If you require the logs beyond this point in time, please ship the logs to a centralized log server.
In some cases, it may be useful to retrieve the logs from a previously failed deploy.
You can retrieve these logs by using the logs:failed command.
dokku logs:failed node-js-app\n
You may also fetch all failed app logs by using the --all flag.
dokku logs:failed --all\n
"},{"location":"deployment/logs/#docker-log-retention","title":"Docker Log Retention","text":"Docker log retention can be specified via the logs:set command by specifying a value for max-size. Log retention is set via injected docker options for all applications, but is also available via the logs-get-property trigger for alternative schedulers.
dokku logs:set node-js-app max-size 20m\n
The default value may be set by passing an empty value for the option:
dokku logs:set node-js-app max-size\n
Valid values include any integer number followed by a unit of measure (k, m, or g) or the string unlimited. Setting to unlimited will result in Dokku omitting the log option.
The max-size property can also be set globally. The global default is 10m, and the global value is used when no app-specific value is set.
dokku logs:set --global max-size 20m\n
The default value may be set by passing an empty value for the option.
dokku logs:set --global max-size\n
"},{"location":"deployment/logs/#vector-logging-shipping","title":"Vector Logging Shipping","text":"New
Introduced in 0.22.6
Vector is an open-source, lightweight and ultra-fast tool for building observability pipelines. Dokku integrates with it for shipping container logs for the docker-local scheduler. Users may configure log-shipping on a per-app or global basis, neither of which interfere with the dokku logs commands.
"},{"location":"deployment/logs/#starting-the-vector-container","title":"Starting the Vector container","text":"Warning
While the default vector image may be updated over time, this will not impact running vector containers. Users are encouraged to view any Dokku and Vector changelogs to ensure their system will continue running as expected.
Vector may be started via the logs:vector-start command.
dokku logs:vector-start\n
This will start a new container named vector with Dokku's vector config mounted and ready for use. If a running container already exists, this command will do nothing. Additionally, if a container exists but is not running, this command will attempt to start the container.
While the default vector image is hardcoded, users may specify an alternative via the --vector-image flag:
dokku logs:vector-start --vector-image timberio/vector:latest-debian\n
The vector container will be started with the following volume mounts:
/var/lib/dokku/data/logs/vector.json:/etc/vector/vector.json/var/run/docker.sock:/var/run/docker.sock/var/log/dokku/apps:/var/log/dokku/apps
The final volume mount - /var/log/dokku/apps - may be used for users that wish to ship logs to a file on disk that may be later logrotated. This directory is owned by the dokku user and group, with permissions set to 0755. At this time, log-rotation is not configured for this directory.
"},{"location":"deployment/logs/#stopping-the-vector-container","title":"Stopping the Vector container","text":"Vector may be stopped via the logs:vector-stop command.
dokku logs:vector-stop\n
The vector container will be stopped and removed from the system. If the container is not running, this command will do nothing.
"},{"location":"deployment/logs/#checking-vectors-logs","title":"Checking Vector's Logs","text":"It may be necessary to check the vector container's logs to ensure that vector is operating as expected. This can be performed with the logs:vector-logs command.
dokku logs:vector-logs\n
This command also supports the following modifiers:
--num NUM # the number of lines to display\n--tail # continually stream logs\n
You can use these modifiers as follows:
dokku logs:vector-logs --tail --num 10\n
The above command will show logs continually from the vector container, with an initial history of 10 log lines
"},{"location":"deployment/logs/#changing-the-vector-image","title":"Changing the vector image","text":"Dokku integrates with a Vector docker image version that is known to be compatible with the documentation. In some cases, it may be useful to specify an alternative image version. To do so, set the global vector-image property.
dokku logs:set --global vector-image timberio/vector:0.35.X-debian\n
Once set, the vector container will need to be stopped and then started. Note that specifying the --vector-image flag on the logs:vector-start will override the setting.
dokku logs:vector-stop\ndokku logs:vector-start\n
Setting this to an empty string will reset the version to the version currently compatible with the Dokku installation.
dokku logs:set --global vector-image\n
"},{"location":"deployment/logs/#configuring-a-log-sink","title":"Configuring a log sink","text":"Vector uses the concept of log \"sinks\" to send logs to a given endpoint. Log sinks may be configured globally or on a per-app basis by specifying a vector-sink in DSN form with the logs:set command. Specifying a sink value will reload any running vector container.
# setting the sink value in quotes is encouraged to avoid\n# issues with ampersand encoding in shell commands\ndokku logs:set node-js-app vector-sink \"console://?encoding[codec]=json\"\n
A sink may be removed by setting an empty value, which will also reload the running vector container.
dokku logs:set node-js-app vector-sink\n
Only one sink may be specified on a per-app basis at a given time.
Log sinks can also be specified globally by specifying the --global flag to logs:set with no app name specified:
dokku logs:set --global vector-sink \"console://?encoding[codec]=json\"\n
As with app-specific sink settings, the global value may also be cleared by setting no value.
dokku logs:set --global vector-sink\n
"},{"location":"deployment/logs/#log-sink-dsn-format","title":"Log Sink DSN Format","text":"The DSN form of a sink is as follows:
SINK_TYPE://?SINK_OPTIONS\n
Valid values for SINK_TYPE include all log vector log sinks, while SINK_OPTIONS is a query-string form for the sink's options. The following is a short description on how to set various values:
bool: form: key=boolstring: form: key=stringint: form: key=int[string]: form: key[]=string[int]: form: key[]=inttable: form: option[key]=value
For some sinks - such as the http sink - it may be useful to use special characters such as &. These characters must be url escaped as per RFC 3986.
# the following command will set the `http` sink with a uri config value\n# for a uri config value: https://loggerservice.com:1234/?token=abc1234&type=vector\n# the url quoted version: https%3A//loggerservice.com%3A1234/%3Ftoken%3Dabc1234%26type%3Dvector\ndokku logs:set test vector-sink \"http://?uri=https%3A//loggerservice.com%3A1234/%3Ftoken%3Dabc1234%26type%3Dvector\"\n
Please read the sink documentation for your sink of choice to configure the sink as desired.
"},{"location":"deployment/remote-commands/","title":"Remote Commands","text":"Dokku commands can be run over SSH. Anywhere you would run dokku <command>, just run ssh -t dokku@dokku.me <command> The -t is used to request a pty. It is highly recommended to do so. To avoid the need to type the -t option each time, create/modify a section in the .ssh/config on the client side, as follows:
Host dokku.me\n RequestTTY yes\n
"},{"location":"deployment/remote-commands/#behavioral-modifiers","title":"Behavioral modifiers","text":"Dokku also supports certain command line arguments that augment its behavior. If using these over SSH, you must use the form ssh -t dokku@dokku.me -- <command> to avoid SSH interpreting Dokku arguments for itself.
--quiet suppress output headers\n--trace enable DOKKU_TRACE for current execution only\n--force force flag. currently used in apps:destroy and other \":destroy\" commands\n
"},{"location":"deployment/remote-commands/#official-client","title":"Official Client","text":"You may optionally use the official client when connecting to the Dokku server.
Of all methods, this is the most official method of interacting with your Dokku installation. It is a bash script that interacts with a remote Dokku installation via ssh. It is available in contrib/dokku_client.sh in the root of the Dokku repository.
It can be installed either via the Homebrew package manager (macOS only), or manually.
"},{"location":"deployment/remote-commands/#installation-via-homebrew","title":"Installation via Homebrew","text":"To install, simply run the following command:
brew install dokku/repo/dokku\n
"},{"location":"deployment/remote-commands/#manual-installation","title":"Manual installation","text":"To install manually, simply clone the Dokku repository down and add the dokku alias pointing at the script:
git clone git@github.com:dokku/dokku.git ~/.dokku\n\n# optional: make sure that the dokku_client.sh version matches your Dokku version\ncd ~/.dokku\ngit checkout <tag/branch>\n\n# add the following to either your\n# .bashrc, .bash_profile, or .profile file\nalias dokku='$HOME/.dokku/contrib/dokku_client.sh'\n
Alternatively, if using another shell such as zsh, create an alias command which invokes the script using bash:
# zsh: add the following to either .zshenv or .zshrc\nalias dokku='bash $HOME/.dokku/contrib/dokku_client.sh'\n\n# fish: add the following to ~/.config/fish/config.fish\nalias dokku 'bash $HOME/.dokku/contrib/dokku_client.sh'\n\n# csh: add the following to .cshrc\nalias dokku 'bash $HOME/.dokku/contrib/dokku_client.sh'\n
"},{"location":"deployment/remote-commands/#usage","title":"Usage","text":"All commands have the application name automatically set via the --app flag on the remote server, and thus the app name does not need to be specified manually for core plugins.
The client supports several environment variables:
DOKKU_HOST (default: dokku git remote): Used to interact with a specific remote server. Can be overridden via the --remote flag.DOKKU_PORT (default: 22): Used to specify a port to connect to the Dokku server on.
It also supports several flags (all flags unspecified here are passed as is to the server):
--app: Override the remote app in use.--trace: Enable trace mode.--remote: Override the remote server.--global: Unsets the \"app\" value. May not be supported for the specified command.
In addition, the following commands have special local side-effects:
apps:create: - If no local
--app flag is specified or detected from a dokku git remote, a random name is generated and used for the app. - The
dokku git remote is set if not already set.
apps:destroy: - Removes the local
dokku git remote if set.
"},{"location":"deployment/remote-commands/#specifying-a-remote","title":"Specifying a remote","text":"While many users will only ever push to a single dokku remote from a given repository, it may be useful to point the same repository at multiple remotes, especially in the case of pre-production environments. This can be done via the remote commands. These commands are only available within the official remote client, and are not server-side commands.
To see your currently configured remote, run dokku remote. This will respect the --remote flag.
To list all available remotes, run dokku remote:list. This is equivalent to running git remote.
To add a remote, run dokku remote:add $REMOTE_NAME dokku@dokku.me:$APP_NAME, replacing $REMOTE_NAME with your desired remote name, the $APP_NAME with your desired app name and the host dokku.me with your Dokku host. This is equivalent to running git remote add $REMOTE_NAME dokku@dokku.me:$APP_NAME.
To remove a remote, run dokku remote:remove $REMOTE_NAME. This is equivalent to running git remote remove $REMOTE_NAME.
By default, the remote in use is dokku. To change the remote the client uses by default, run dokku remote:set $REMOTE_NAME, where $REMOTE_NAME is the name of your desired remote. This will not check the value specified, so that remote must be available or errors will occur when running normal client commands. Note that specifying --remote when running dokku commands will override this configuration value.
To clear the configured remote, run dokku remote:unset. The client will unset the configured remote, and will default back to dokku, or the value of --remote if specified.
"},{"location":"deployment/remote-commands/#unofficial-clients","title":"Unofficial Clients","text":"Please refer to the community clients list for more details.
"},{"location":"deployment/user-management/","title":"User Management","text":"New
Introduced in 0.7.0
ssh-keys:add <name> [/path/to/key] # Add a new public key by pipe or path\nssh-keys:list [--format text|json] [<name>] # List of all authorized Dokku public ssh keys\nssh-keys:remove [--fingerprint fingerprint|<name>] # Remove SSH public key by name\n
When pushing to Dokku, SSH key-based authorization is the preferred authentication method, for ease of use and increased security.
Users in Dokku are managed via the ~/dokku/.ssh/authorized_keys file. It is highly recommended that you follow the steps below to manage users on a Dokku server.
Info
Users of older versions of Dokku may use the sshcommand binary to manage keys instead of the ssh-keys plugin. Please refer to the Dokku documentation for your version for more details.
"},{"location":"deployment/user-management/#usage","title":"Usage","text":""},{"location":"deployment/user-management/#listing-ssh-keys","title":"Listing SSH keys","text":"You can use the ssh-keys:list command to show all configured SSH keys.
ShellOutput dokku ssh-keys:list\n
SHA256:ABC123ABC123+abc123abc123Zabc123abcZ123abc NAME=\"admin\" SSHCOMMAND_ALLOWED_KEYS=\"no-agent-forwarding,no-user-rc,no-X11-forwarding,no-port-forwarding\"\n
The output contains the following information:
- SSH Key Fingerprint.
- The
KEY_NAME. - A comma separated list of SSH options under the
SSHCOMMAND_ALLOWED_KEYS name.
New
Introduced in 0.20.2
The keys for a specific user may be listed by specifying a second argument to the ssh-keys:list command:
dokku ssh-keys:list admin\n
New
Introduced in 0.22.3
The output format may be specified via the --format flag. Supported values include json and text.
dokku ssh-keys:list --format json\n
This can additionally be used to filter to keys for a particular user:
dokku ssh-keys:list --format json admin\n
"},{"location":"deployment/user-management/#adding-ssh-keys","title":"Adding SSH keys","text":"You can add your public key to Dokku with the ssh-keys:add command. The path specified must contain your desired public ssh key contents and must exist on the server. Any special characters - such as ~ - are interpreted under the dokku user context. The output will be the fingerprint of the SSH key:
ShellOutput dokku ssh-keys:add KEY_NAME path/to/id_rsa.pub\n
SHA256:ABC123ABC123+abc123abc123Zabc123abcZ123abc\n
KEY_NAME is the name you want to use to refer to this particular key. Including the word admin in the name will grant the user privileges to add additional keys remotely.
Info
KEY_NAME is a unique name which is used to identify public keys. Attempting to re-use a key name will result in an error. The SSH (Git) user is always dokku, as this is the system user that the dokku binary uses to perform all its actions.
Alternatively, you may pipe the contents of your ssh key via cat or echo into the ssh-keys:add command instead of specifying a path to the ssh key:
ShellOutputShellOutput echo \"$CONTENTS_OF_YOUR_PUBLIC_SSH_KEY_HERE\" | dokku ssh-keys:add KEY_NAME\n
SHA256:ABC123ABC123+abc123abc123Zabc123abcZ123abc\n
cat path/to/id_rsa.pub | dokku ssh-keys:add KEY_NAME\n
SHA256:ABC123ABC123+abc123abc123Zabc123abcZ123abc\n
Admin users and root can add keys remotely by specifying the dokku bin on their ssh command:
cat ~/.ssh/id_rsa.pub | ssh root@dokku.me dokku ssh-keys:add KEY_NAME\n
If you are using the Vagrant installation, you can also use the make vagrant-acl-add target to add your public key to Dokku (it will use your host username as the USER):
cat ~/.ssh/id_rsa.pub | make vagrant-acl-add\n
"},{"location":"deployment/user-management/#removing-ssh-keys","title":"Removing SSH keys","text":"As key names are unique, they can be used to remove a public SSH key.
dokku ssh-keys:remove KEY_NAME\n
An SSH Key can also be removed by fingerprint.
dokku ssh-keys:remove --fingerprint FINGERPRINT\n
"},{"location":"deployment/user-management/#scoping-commands-to-specific-users","title":"Scoping commands to specific users","text":"Support for scoping commands to specific users can be added through plugins that take advantage of the user-auth plugin trigger to handle command authorization. See also the list of community-provided plugins.
"},{"location":"deployment/user-management/#granting-other-unix-user-accounts-dokku-access","title":"Granting other Unix user accounts Dokku access","text":"Any Unix user account which belongs to the sudo Unix group can run Dokku. However, you may want to give them Dokku access but not full sudo privileges.
To allow other Unix user accounts to be able to run Dokku commands, without giving them full sudo access, modify your sudoers configuration.
Use visudo /etc/sudoers.d/dokku-users, or visudo /etc/sudoers to add the following line:
%dokku ALL=(ALL:ALL) NOPASSWD:SETENV: /usr/bin/dokku\n
"},{"location":"deployment/zero-downtime-deploys/","title":"Zero Downtime Deploy Checks","text":"New
Introduced in 0.5.0
checks:disable <app> [process-type(s)] Disable zero-downtime deployment for all processes (or comma-separated process-type list) ***WARNING: this will cause downtime during deployments***\nchecks:enable <app> [process-type(s)] Enable zero-downtime deployment for all processes (or comma-separated process-type list)\nchecks:report [<app>] [<flag>] Displays a checks report for one or more apps\nchecks:run <app> [process-type(s)] Runs zero-downtime checks for all processes (or comma-separated process-type list)\nchecks:set [--global|<app>] <key> <value> Set or clear a logs property for an app\nchecks:skip <app> [process-type(s)] Skip zero-downtime checks for all processes (or comma-separated process-type list)\n
By default, Dokku will wait 10 seconds after starting each container before assuming it is up and proceeding with the deploy. Once this has occurred for all containers started by an application, traffic will be switched to point to your new containers. Dokku will also wait a further 60 seconds after the deploy is complete before terminating old containers in order to give time for long running connections to terminate. In either case, you may have more than one container running for a given application.
You may both create user-defined checks for web processes using the healthchecks key in the app.json file, as well as customize any and all parts of this experience using the checks plugin.
Info
Web checks are performed via curl on Dokku host. Some application code - such as the Django framework - checks for specific hostnames or header values, these checks will fail. To avoid this:
- Remove such checks from your code: Modify your application to remove the hostname check completely.
- Allow checks from all hostnames: Modify your application to accept a dynamically provided hostname.
- Specify the domain within the check: See below for further documentation.
"},{"location":"deployment/zero-downtime-deploys/#configuring-checks-settings","title":"Configuring checks settings","text":""},{"location":"deployment/zero-downtime-deploys/#wait-to-retire","title":"wait-to-retire","text":"After a successful deploy, the grace period given to old containers before they are stopped/terminated is determined by the value of wait-to-retire. This is useful for ensuring completion of long-running HTTP connections.
dokku checks:set node-js-app wait-to-retire 30\n
Defaults to 60.
"},{"location":"deployment/zero-downtime-deploys/#configuring-check-settings-using-the-config-plugin","title":"Configuring check settings using the config plugin","text":"There are certain settings that can be configured via environment variables:
DOKKU_DEFAULT_CHECKS_WAIT: (default: 10) If no user-defined checks are specified - or if the process being checked is not a web process - this is the period of time Dokku will wait before checking that a container is still running.DOKKU_DOCKER_STOP_TIMEOUT: (default: 10) Configurable grace period given to the docker stop command. If a container has not stopped by this time, a kill -9 signal or equivalent is sent in order to force-terminate the container. Both the ps:stop and apps:destroy commands also respect this value. If not specified, the Docker defaults for the docker stop command will be used.
The following settings may also be specified in the app.json file, though are available as environment variables in order to ease application reuse.
DOKKU_CHECKS_WAIT: (default: 5) Wait this many seconds for the container to start before running checks.DOKKU_CHECKS_TIMEOUT: (default: 30) Wait this many seconds for each response before marking it as a failure.DOKKU_CHECKS_ATTEMPTS: (default: 5) Number of retries for to run for a specific check before marking it as a failure
"},{"location":"deployment/zero-downtime-deploys/#skipping-and-disabling-checks","title":"Skipping and Disabling Checks","text":"Info
Note that checks:disable will now (as of 0.6.0) cause downtime for that process-type during deployments. Previously, it acted as checks:skip currently does.
You can choose to skip checks completely on a per-application/per-process basis. Skipping checks will avoid the default 10 second waiting period entirely, as well as any other user-defined checks.
ShellOutput # process type specification is optional\ndokku checks:skip node-js-app worker,web\n
-----> Skipping zero downtime for app's (node-js-app) proctypes (worker,web)\n-----> Unsetting node-js-app\n-----> Unsetting DOKKU_CHECKS_DISABLED\n-----> Setting config vars\n DOKKU_CHECKS_SKIPPED: worker,web\n
Zero downtime checks can also be disabled completely. This will stop old containers before new ones start, which may result in broken connections and downtime if your application fails to boot properly.
ShellOutput dokku checks:disable node-js-app worker\n
-----> Disabling zero downtime for app's (node-js-app) proctypes (worker)\n-----> Setting config vars\n DOKKU_CHECKS_DISABLED: worker\n-----> Setting config vars\n DOKKU_CHECKS_SKIPPED: web\n
"},{"location":"deployment/zero-downtime-deploys/#displaying-checks-reports-for-an-app","title":"Displaying checks reports for an app","text":"New
Introduced in 0.8.1
You can get a report about the app's checks status using the checks:report command:
ShellOutput dokku checks:report\n
=====> node-js-app checks information\n Checks disabled list: none\n Checks skipped list: none\n Checks computed wait to retire: 60\n Checks global wait to retire: 60\n Checks wait to retire:\n=====> python-app checks information\n Checks disabled list: none\n Checks skipped list: none\n Checks computed wait to retire: 60\n Checks global wait to retire: 60\n Checks wait to retire:\n=====> ruby-app checks information\n Checks disabled list: _all_\n Checks skipped list: none\n Checks computed wait to retire: 60\n Checks global wait to retire: 60\n Checks wait to retire:\n
You can run the command for a specific app also.
ShellOutput dokku checks:report node-js-app\n
=====> node-js-app checks information\n Checks disabled list: none\n Checks skipped list: none\n Checks computed wait to retire: 60\n Checks global wait to retire: 60\n Checks wait to retire:\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku checks:report node-js-app --checks-disabled-list\n
"},{"location":"deployment/zero-downtime-deploys/#customizing-checks","title":"Customizing checks","text":"New
Introduced in 0.31.0
If your application needs a longer period to boot up - perhaps to load data into memory, or because of slow boot time - you may also use Dokku's checks functionality to more precisely check whether an application can serve traffic or not.
Healthchecks are run against all process from your application's Procfile. When no healthcheck is defined, Dokku will fallback to a process uptime check.
One or more healthchecks can be defined in the app.json file - see the deployment task documentation for more information on how this is extracted - under the healthchecks.web path:
{\n \"healthchecks\": {\n \"web\": [\n {\n \"type\": \"startup\",\n \"name\": \"web check\",\n \"description\": \"Checking if the app responds to the /health/ready endpoint\",\n \"path\": \"/health/ready\",\n \"attempts\": 3\n }\n ]\n }\n}\n
A healthcheck entry takes the following properties:
attempts: (default: 3) Number of retry attempts to perform on failure.command: (default '' - empty string) Command to execute within container.content: (default: '' - empty string) Content to search in http path check output.initialDelay: (default: 0, unit: seconds) Number of seconds to wait after a container has started before triggering the healthcheck.name: (default: autogenerated) The name of the healthcheck. If unspecified, it will be autogenerated from the rest of the healthcheck information.path: (default: / - for http checks): An http path to check.port: (default: 5000): Port to run healthcheck against.timeout: (default: 5 seconds): Number of seconds to wait before timing out a healthcheck.type: (default: \"\" - none): Type of the healthcheck. Options: liveness, readiness, startup.uptime: (default: \"\" - none): Amount of time the container must be alive before the container is considered healthy. Any restarts will cause this to check to fail, and this check does not respect retries.wait: (default: 5 seconds): Number of seconds to wait between healthcheck attempts.
Warning
Healthchecks are implemented by specific scheduler plugins, and not all plugins support all options. Please consult the scheduler documentation for further details on what is supported.
See the docker-container-healthchecker documentation for more details on how healthchecks are interpreted.
"},{"location":"deployment/zero-downtime-deploys/#manually-invoking-checks","title":"Manually invoking checks","text":"Checks can also be manually invoked via the checks:run command. This can be used to check the status of an application via cron to provide integration with external healthchecking software.
Checks are run against a specific application:
ShellOutput dokku checks:run APP\n
-----> Running pre-flight checks\n-----> Running checks for app (APP.web.1)\n For more efficient zero downtime deployments, create a file CHECKS.\n See https://dokku.com/docs/deployment/zero-downtime-deploys/ for examples\n CHECKS file not found in container: Running simple container check...\n-----> Waiting for 10 seconds ...\n-----> Default container check successful!\n-----> Running checks for app (APP.web.2)\n For more efficient zero downtime deployments, create a file CHECKS.\n See https://dokku.com/docs/deployment/zero-downtime-deploys/ for examples\n CHECKS file not found in container: Running simple container check...\n-----> Waiting for 10 seconds ...\n-----> Default container check successful!\n-----> Running checks for app (APP.worker.1)\n For more efficient zero downtime deployments, create a file CHECKS.\n See https://dokku.com/docs/deployment/zero-downtime-deploys/ for examples\n CHECKS file not found in container: Running simple container check...\n-----> Waiting for 10 seconds ...\n-----> Default container check successful!\n
Checks can be scoped to a particular process type:
ShellOutput dokku checks:run node-js-app worker\n
-----> Running pre-flight checks\n-----> Running checks for app (APP.worker.1)\n For more efficient zero downtime deployments, create a file CHECKS.\n See https://dokku.com/docs/deployment/zero-downtime-deploys/ for examples\n CHECKS file not found in container: Running simple container check...\n-----> Waiting for 10 seconds ...\n-----> Default container check successful!\n
An app process ID may also be specified:
ShellOutput dokku checks:run node-js-app web.2\n
-----> Running pre-flight checks\n-----> Running checks for app (APP.web.2)\n For more efficient zero downtime deployments, create a file CHECKS.\n See https://dokku.com/docs/deployment/zero-downtime-deploys/ for examples\n CHECKS file not found in container: Running simple container check...\n-----> Waiting for 10 seconds ...\n-----> Default container check successful!\n
Non-existent process types will result in an error:
ShellOutput dokku checks:run node-js-app non-existent\n
-----> Running pre-flight checks\nInvalid process type specified (APP.non-existent)\n
Non-existent process IDs will also result in an error
ShellOutput dokku checks:run node-js-app web.3\n
-----> Running pre-flight checks\nInvalid container id specified (APP.web.3)\n
"},{"location":"deployment/builders/builder-management/","title":"Builder Management","text":"New
Introduced in 0.24.0
builder:report [<app>] [<flag>] # Displays a builder report for one or more apps\nbuilder:set <app> <key> (<value>) # Set or clear a builder property for an app\n
Builders are a way of customizing how an app is built from a source, allowing users flexibility in how artifacts are created for later scheduling.
"},{"location":"deployment/builders/builder-management/#usage","title":"Usage","text":""},{"location":"deployment/builders/builder-management/#builder-selection","title":"Builder selection","text":"Dokku supports the following built-in builders:
builder-dockerfile: Builds apps using a Dockerfile via docker build. See the dockerfile builder documentation for more information on how this builder functions.builder-herokuish: Builds apps with Heroku's v2a Buildpack specification via gliderlabs/herokuish. See the herokuish builder documentation for more information on how this builder functions.builder-lambda: Builds AWS Lambda functions in an environment simulating AWS Lambda runtimes via lambda-builder. See the lambda builder documentation for more information on how this builder functions.builder-null: Does nothing during the build phase. See the null builder documentation for more information on how this builder functions.builder-pack: Builds apps with Cloud Native Buildpacks via the pack-cli tool. See the cloud native buildpacks builder documentation for more information on how this builder functions.
Builders run a detection script against a source code repository, and the first detected builder will be used to build the app artifact. The exception to this is when a Dockerfile is detected and the app is also able to use either herokuish or pack-cli for building, in which case one of the latter will be chosen.
"},{"location":"deployment/builders/builder-management/#overriding-the-auto-selected-builder","title":"Overriding the auto-selected builder","text":"If desired, the builder can be specified via the builder:set command by specifying a value for selected. The selected builder will always be used.
dokku builder:set node-js-app selected dockerfile\n
The default value may be set by passing an empty value for the option:
dokku builder:set node-js-app selected\n
The selected property can also be set globally. The global default is an empty string, and auto-detection will be performed when no value is set per-app or globally.
dokku builder:set --global selected herokuish\n
Warning
Selecting a global builder will result in all applications using that builder unless a manual override is selected.
The default value may be set by passing an empty value for the option.
dokku builder:set --global selected\n
"},{"location":"deployment/builders/builder-management/#changing-the-build-directory","title":"Changing the build directory","text":"Warning
Please keep in mind that setting a custom build directory will result in loss of any changes to the top-level directory, such as the git.keep-git-dir property.
When deploying a monorepo, it may be desirable to specify the specific build directory to use for a given app. This can be done via the builder:set command. If a value is specified and that directory does not exist within the repository, the build will fail.
dokku builder:set node-js-app build-dir app2\n
The default value may be set by passing an empty value for the option:
dokku builder:set node-js-app build-dir\n
The build-dir property can also be set globally. The global default is empty string, and the global value is used when no app-specific value is set.
dokku builder:set --global build-dir app2\n
The default value may be set by passing an empty value for the option.
dokku builder:set --global build-dir\n
"},{"location":"deployment/builders/builder-management/#displaying-builder-reports-for-an-app","title":"Displaying builder reports for an app","text":"You can get a report about the app's builder status using the builder:report command:
ShellOutput dokku builder:report\n
=====> node-js-app builder information\n Builder build dir: custom\n Builder computed build dir: custom\n Builder computed selected: herokuish\n Builder global build dir:\n Builder global selected: herokuish\n Builder selected: herokuish\n=====> python-sample builder information\n Builder build dir:\n Builder computed build dir:\n Builder computed selected: dockerfile\n Builder global build dir:\n Builder global selected: herokuish\n Builder selected: dockerfile\n=====> ruby-sample builder information\n Builder build dir:\n Builder computed build dir:\n Builder computed selected: herokuish\n Builder global build dir:\n Builder global selected: herokuish\n Builder selected:\n
You can run the command for a specific app also.
ShellOutput dokku builder:report node-js-app\n
=====> node-js-app builder information\n Builder selected: herokuish\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku builder:report node-js-app --builder-selected\n
"},{"location":"deployment/builders/builder-management/#custom-builders","title":"Custom builders","text":"To create a custom builder, the following triggers must be implemented:
builder-build: - arguments:
BUILDER_TYPE APP SOURCECODE_WORK_DIR - description: Creates a docker image named with the output of
common#get_app_image_name $APP.
builder-detect: - arguments:
APP SOURCECODE_WORK_DIR - description: Outputs the name of the builder (without the
builder- prefix) to use to build the app.
builder-release: - arguments:
BUILDER_TYPE APP IMAGE_AG - description: A post-build, pre-release trigger that can be used to post-process the image. Usually simply tags and labels the image appropriately.
Custom plugins names must have the prefix builder- or builder overriding via builder:set may not function as expected.
Builders can use any tools available on the system to build the docker image, and may even be used to schedule building off-server. The only current requirement is that the image must exist on the server at the end of the builder-build command, though this requirement may be relaxed in a future release.
For a simple example of how to implement this trigger, see builder-pack, which utilizes a cli tool - pack-cli - to generate an OCI image that is compatible with Docker and can be scheduled by the official scheduling plugins.
"},{"location":"deployment/builders/cloud-native-buildpacks/","title":"Cloud Native Buildpacks","text":"New
Introduced in 0.22.0
builder-pack:report [<app>] [<flag>] # Displays a builder-pack report for one or more apps\nbuilder-pack:set <app> <key> (<value>) # Set or clear a builder-pack property for an app\n
buildpacks:set-property [--global|<app>] <key> <value> # Set or clear a buildpacks property for an app\n
Cloud Native Buildpacks are an evolution over the Buildpacks technology provided by the Herokuish builder. See the herokuish buildpacks documentation for more information on how to clear buildpack build cache for an application.
Warning
This functionality uses the pack cli from the Cloud Native Buildpacks project to build apps. As the integration is experimental in Dokku, it is likely to change over time.
"},{"location":"deployment/builders/cloud-native-buildpacks/#usage","title":"Usage","text":""},{"location":"deployment/builders/cloud-native-buildpacks/#requirements","title":"Requirements","text":"The pack cli tool is not included by default with Dokku or as a dependency. It must also be installed as shown on this page.
Builds will proceed with the pack cli for the app from then on.
"},{"location":"deployment/builders/cloud-native-buildpacks/#caveats","title":"Caveats","text":"As this functionality is highly experimental, there are a number of caveats. Please note that not all issues are listed below.
- Specifying specific buildpacks is not currently possible.
- A future release will add support for specifying buildpacks via the
buildpacks plugin.
- There is currently no way to specify extra arguments for
pack cli invocations. - A future release will add support for injecting extra arguments during the build process.
- The default process type is
web. - Build cache is stored in Docker volumes instead of on disk. As such,
repo:purge-cache currently has no effect. - A future version will add integration with the
repo plugin.
pack is not currently included with Dokku, nor is it added as a package dependency. - A future version will include it as a package dependency.
"},{"location":"deployment/builders/cloud-native-buildpacks/#detection","title":"Detection","text":"This builder will be auto-detected in either the following cases:
-
The DOKKU_CNB_EXPERIMENTAL app environment variable is set to 1.
dokku config:set --no-restart node-js-app DOKKU_CNB_EXPERIMENTAL=1\n
-
A project.toml file exists in the root of the app repository.
- This file is consumed by
pack-cli and used to describe how the app is built.
The builder can also be specified via the builder:set command:
dokku builder:set node-js-app selected pack\n
Info
Dokku will only select the dockerfile builder if both the herokuish and pack builders are not detected and a Dockerfile exists. See the dockerfile builder documentation for more information on how that builder functions.
"},{"location":"deployment/builders/cloud-native-buildpacks/#changing-the-projecttoml-location","title":"Changing the project.toml location","text":"The project.toml is expected to be found in a specific directory, depending on the deploy approach:
- The
WORKDIR of the Docker image for deploys resulting from git:from-image and git:load-image commands. - The root of the source code tree for all other deploys (git push,
git:from-archive, git:sync).
Sometimes it may be desirable to set a different path for a given app, e.g. when deploying from a monorepo. This can be done via the projecttoml-path property:
dokku builder-pack:set node-js-app projecttoml-path .dokku/project.toml\n
The value is the path to the desired file relative to the base search directory, and will never be treated as absolute paths in any context. If that file does not exist within the repository, Dokku will continue the build process as if the repository has no project.toml.
The default value may be set by passing an empty value for the option:
dokku builder-pack:set node-js-app projecttoml-path\n
The projecttoml-path property can also be set globally. The global default is project.toml, and the global value is used when no app-specific value is set.
dokku builder-pack:set --global projecttoml-path project2.toml\n
The default value may be set by passing an empty value for the option.
dokku builder-pack:set --global projecttoml-path\n
"},{"location":"deployment/builders/cloud-native-buildpacks/#displaying-builder-pack-reports-for-an-app","title":"Displaying builder-pack reports for an app","text":"New
Introduced in 0.25.0
You can get a report about the app's storage status using the builder-pack:report command:
ShellOutput dokku builder-pack:report\n
=====> node-js-app builder-pack information\n Builder pack computed projecttoml path: project2.toml\n Builder pack global projecttoml path: project.toml\n Builder pack projecttoml path: project2.toml\n=====> python-sample builder-pack information\n Builder pack computed projecttoml path: project.toml\n Builder pack global projecttoml path: project.toml\n Builder pack projecttoml path:\n=====> ruby-sample builder-pack information\n Builder pack computed projecttoml path: project.toml\n Builder pack global projecttoml path: project.json\n Builder pack projecttoml path:\n
You can run the command for a specific app also.
ShellOutput dokku builder-pack:report node-js-app\n
=====> node-js-app builder-pack information\n Builder pack computed projecttoml path: project2.toml\n Builder pack global projecttoml path: project.toml\n Builder pack projecttoml path: project2.toml\n
You can pass flags which will output only the value of the specific information you want. For example:
ShellOutput dokku builder-pack:report node-js-app --builder-pack-projecttoml-path\n
project2.toml\n
"},{"location":"deployment/builders/cloud-native-buildpacks/#customizing-the-buildpack-stack-builder","title":"Customizing the Buildpack stack builder","text":"New
Introduced in 0.23.0
The default stack builder in use by CNB buildpacks in Dokku is based on heroku/builder:24. Users may desire to switch the stack builder to a custom version, either to update the operating system or to customize packages included with the stack builder. This can be performed via the buildpacks:set-property command.
dokku buildpacks:set-property node-js-app stack paketobuildpacks/build:base-cnb\n
The specified stack builder can also be unset by omitting the name of the stack builder when calling buildpacks:set-property.
dokku buildpacks:set-property node-js-app stack\n
A change in the stack builder value will execute the post-stack-set trigger.
Finally, stack builders can be set or unset globally as a fallback. This will take precedence over a globally set DOKKU_CNB_BUILDER environment variable (heroku/builder:24 by default).
# set globally\ndokku buildpacks:set-property --global stack paketobuildpacks/build:base-cnb\n\n# unset globally\ndokku buildpacks:set-property --global stack\n
"},{"location":"deployment/builders/cloud-native-buildpacks/#specifying-commands-via-procfile","title":"Specifying commands via Procfile","text":"See the Procfile documentation for more information on how to specify different processes for your app.
"},{"location":"deployment/builders/dockerfiles/","title":"Dockerfile Deployment","text":"New
Introduced in 0.3.15
builder-dockerfile:report [<app>] [<flag>] # Displays a builder-dockerfile report for one or more apps\nbuilder-dockerfile:set <app> <key> (<value>) # Set or clear a builder-dockerfile property for an app\n
While Dokku normally defaults to using Heroku buildpacks for deployment, you can also use Docker's native Dockerfile system to define a container.
Info
Dockerfile support is considered a power user feature. By using Dockerfile-based deployment, you agree that you will not have the same comfort as that enjoyed by buildpack users, and Dokku features may work differently. Differences between the two systems will be documented here.
"},{"location":"deployment/builders/dockerfiles/#usage","title":"Usage","text":""},{"location":"deployment/builders/dockerfiles/#detection","title":"Detection","text":"This builder will be auto-detected in the following case:
- A
Dockerfile exists in the root of the app repository.
Dokku will only select the dockerfile builder if both the herokuish and pack builders are not detected and a Dockerfile exists. For more information on how those are detected, see the following links:
- Cloud Native Buildpacks documentation
- Herokuish documentation
"},{"location":"deployment/builders/dockerfiles/#switching-from-buildpack-deployments","title":"Switching from buildpack deployments","text":"If an application was previously deployed via buildpacks and ports were customized, the following commands should be run prior to a deploy to ensure the Dockerfile ports are respected:
dokku ports:clear node-js-app\n
"},{"location":"deployment/builders/dockerfiles/#changing-the-dockerfile-location","title":"Changing the Dockerfile location","text":"Info
The previous method to perform this - via docker-options:add - should be removed in favor of the builder-dockerfile:set command outlined here.
The Dockerfile is expected to be found in a specific directory, depending on the deploy approach:
- The
WORKDIR of the Docker image for deploys resulting from git:from-image and git:load-image commands. - The root of the source code tree for all other deploys (git push,
git:from-archive, git:sync).
Sometimes it may be desirable to set a different path for a given app, e.g. when deploying from a monorepo. This can be done via the dockerfile-path property:
dokku builder-dockerfile:set node-js-app dockerfile-path .dokku/Dockerfile\n
The value is the path to the desired file relative to the base search directory, and will never be treated as absolute paths in any context. If that file does not exist within the repository, the build will fail.
The default value may be set by passing an empty value for the option:
dokku builder-dockerfile:set node-js-app dockerfile-path\n
The dockerfile-path property can also be set globally. The global default is Dockerfile, and the global value is used when no app-specific value is set.
dokku builder-dockerfile:set --global dockerfile-path Dockerfile2\n
The default value may be set by passing an empty value for the option.
dokku builder-dockerfile:set --global dockerfile-path\n
"},{"location":"deployment/builders/dockerfiles/#displaying-builder-dockerfile-reports-for-an-app","title":"Displaying builder-dockerfile reports for an app","text":"New
Introduced in 0.25.0
You can get a report about the app's storage status using the builder-dockerfile:report command:
ShellOutput dokku builder-dockerfile:report\n
=====> node-js-app builder-dockerfile information\n Builder dockerfile computed dockerfile path: Dockerfile2\n Builder dockerfile global dockerfile path: Dockerfile\n Builder dockerfile dockerfile path: Dockerfile2\n=====> python-sample builder-dockerfile information\n Builder dockerfile computed dockerfile path: Dockerfile\n Builder dockerfile global dockerfile path: Dockerfile\n Builder dockerfile dockerfile path:\n=====> ruby-sample builder-dockerfile information\n Builder dockerfile computed dockerfile path: Dockerfile\n Builder dockerfile global dockerfile path: Dockerfile\n Builder dockerfile dockerfile path:\n
You can run the command for a specific app also.
ShellOutput dokku builder-dockerfile:report node-js-app\n
=====> node-js-app builder-dockerfile information\n Builder dockerfile computed dockerfile path: Dockerfile2\n Builder dockerfile global dockerfile path: Dockerfile\n Builder dockerfile dockerfile path: Dockerfile2\n
You can pass flags which will output only the value of the specific information you want. For example:
ShellOutput dokku builder-dockerfile:report node-js-app --builder-dockerfile-dockerfile-path\n
Dockerfile2\n
"},{"location":"deployment/builders/dockerfiles/#build-time-configuration-variables","title":"Build-time configuration variables","text":"For security reasons - and as per Docker recommendations - Dockerfile-based deploys have variables available only during runtime.
For users that require customization in the build phase, you may use build arguments via the docker-options plugin. All environment variables set by the config plugin are automatically exported during a docker build, and thus --build-arg only requires setting a key without a value.
dokku docker-options:add node-js-app build '--build-arg NODE_ENV'\n
Once set, the Dockerfile usage would be as follows:
FROM ubuntu:24.04\n\n# set the argument default\nARG NODE_ENV=production\n\n# use the argument\nRUN echo $NODE_ENV\n
You may also set the argument as an environment variable
FROM ubuntu:24.04\n\n# set the argument default\nARG NODE_ENV=production\n\n# assign it to an environment variable\n# we can wrap the variable in brackets\nENV NODE_ENV ${NODE_ENV}\n\n# or omit them completely\n\n# use the argument\nRUN echo $NODE_ENV\n
"},{"location":"deployment/builders/dockerfiles/#building-images-with-docker-buildkit","title":"Building images with Docker BuildKit","text":"If your Dockerfile is using Docker Engine's BuildKit (not to be confused with buildpacks), then the DOCKER_BUILDKIT=1 environment variable needs to be set (unless you're using Docker Engine v24 or higher, which uses BuildKit by default). Additionally, complete build log output can be forced via BUILDKIT_PROGRESS=plain. Both of these environment variables can be set as follows:
echo \"export DOCKER_BUILDKIT=1\" | sudo tee -a /etc/default/dokku\necho \"export BUILDKIT_PROGRESS=plain\" | sudo tee -a /etc/default/dokku\n
"},{"location":"deployment/builders/dockerfiles/#buildkit-directory-caching","title":"BuildKit directory caching","text":"BuildKit implements the RUN --mount option, enabling mount directory caches for RUN directives. The following is an example that mounts debian packaging related directories, which can speed up fetching of remote package data.
FROM debian:latest\nRUN --mount=target=/var/lib/apt/lists,type=cache \\\n --mount=target=/var/cache/apt,type=cache \\\n apt-get update \\\n && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \\\n git\n
Mount cache targets may vary depending on the tool in use, and users are encouraged to investigate the directories that apply for their language and framework.
You would adjust the cache directory for whatever application cache you have, e.g. /root/.pnpm-store/v3 for pnpm, $HOME/.m2 for maven, or /root/.cache for golang.
"},{"location":"deployment/builders/dockerfiles/#customizing-the-run-command","title":"Customizing the run command","text":"By default no arguments are passed to docker run when deploying the container and the CMD or ENTRYPOINT defined in the Dockerfile are executed. You can take advantage of docker ability of overriding the CMD or passing parameters to your ENTRYPOINT setting $DOKKU_DOCKERFILE_START_CMD. Let's say for example you are deploying a base Node.js image, with the following ENTRYPOINT:
ENTRYPOINT [\"node\"]\n
You can do:
dokku config:set node-js-app DOKKU_DOCKERFILE_START_CMD=\"--harmony server.js\"\n
To tell Docker what to run.
Setting $DOKKU_DOCKERFILE_CACHE_BUILD to true or false will enable or disable Docker's image layer cache. Lastly, for more granular build control, you may also pass any docker build option to docker, by setting $DOKKU_DOCKER_BUILD_OPTS.
"},{"location":"deployment/builders/dockerfiles/#procfiles-and-multiple-processes","title":"Procfiles and multiple processes","text":"New
Introduced in 0.5.0
See the Procfile documentation for more information on how to specify different processes for your app.
"},{"location":"deployment/builders/dockerfiles/#exposed-ports","title":"Exposed ports","text":"See the port management documentation for more information on how Dokku exposes ports for applications and how you can configure these for your app.
"},{"location":"deployment/builders/herokuish-buildpacks/","title":"Herokuish Buildpacks","text":"New
Subcommands introduced in 0.15.0
buildpacks:add [--index 1] <app> <buildpack> # Add new app buildpack while inserting into list of buildpacks if necessary\nbuildpacks:clear <app> # Clear all buildpacks set on the app\nbuildpacks:list <app> # List all buildpacks for an app\nbuildpacks:remove <app> <buildpack> # Remove a buildpack set on the app\nbuildpacks:report [<app>] [<flag>] # Displays a buildpack report for one or more apps\nbuildpacks:set [--index 1] <app> <buildpack> # Set new app buildpack at a given position defaulting to the first buildpack if no index is specified\nbuildpacks:set-property [--global|<app>] <key> <value> # Set or clear a buildpacks property for an app\n
builder-herokuish:report [<app>] [<flag>] # Displays a builder-herokuish report for one or more apps\nbuilder-herokuish:set <app> <key> (<value>) # Set or clear a builder-herokuish property for an app\n
Warning
If using the buildpacks plugin, be sure to unset any BUILDPACK_URL and remove any such entries from a committed .env file. A specified BUILDPACK_URL will always override a .buildpacks file or the buildpacks plugin.
Dokku normally defaults to using Heroku buildpacks for deployment, though this may be overridden by committing a valid Dockerfile to the root of your repository and pushing the repository to your Dokku installation. To avoid this automatic Dockerfile deployment detection, you may do one of the following:
- Set a
BUILDPACK_URL environment variable - This can be done via
dokku config:set or via a committed .env file in the root of the repository. See the environment variable documentation for more details.
- Create a
.buildpacks file in the root of your repository. - This can be via a committed
.buildpacks file or managed via the buildpacks plugin commands.
This page will cover usage of the buildpacks plugin.
"},{"location":"deployment/builders/herokuish-buildpacks/#usage","title":"Usage","text":""},{"location":"deployment/builders/herokuish-buildpacks/#detection","title":"Detection","text":"This builder will be auto-detected in either the following cases:
- The
BUILDPACK_URL app environment variable is set. - This can be done via
dokku config:set or via a committed .env file in the root of the repository. See the environment variable documentation for more details.
- A
.buildpacks file exists in the root of the app repository. - This can be via a committed
.buildpacks file or managed via the buildpacks plugin commands.
The builder can also be specified via the builder:set command:
dokku builder:set node-js-app selected herokuish\n
Info
Dokku will only select the dockerfile builder if both the herokuish and pack builders are not detected and a Dockerfile exists. See the dockerfile builder documentation for more information on how that builder functions.
"},{"location":"deployment/builders/herokuish-buildpacks/#listing-buildpacks-in-use","title":"Listing Buildpacks in Use","text":"The buildpacks:list command can be used to show buildpacks that have been set for an app. This will omit any auto-detected buildpacks.
ShellOutputShellOutput # running for an app with no buildpacks specified\ndokku buildpacks:list node-js-app\n
-----> test buildpack urls\n
# running for an app with two buildpacks specified\ndokku buildpacks:list node-js-app\n
-----> test buildpack urls\n https://github.com/heroku/heroku-buildpack-python.git\n https://github.com/heroku/heroku-buildpack-nodejs.git\n
"},{"location":"deployment/builders/herokuish-buildpacks/#adding-custom-buildpacks","title":"Adding custom buildpacks","text":"Info
Please check the documentation for your particular buildpack as you may need to include configuration files (such as a Procfile) in your project root.
To add a custom buildpack, use the buildpacks:add command:
dokku buildpacks:add node-js-app https://github.com/heroku/heroku-buildpack-nodejs.git\n
When no buildpacks are currently specified, the specified buildpack will be the only one executed for detection and compilation.
Multiple buildpacks may be specified by using the buildpacks:add command multiple times.
dokku buildpacks:add node-js-app https://github.com/heroku/heroku-buildpack-ruby.git\ndokku buildpacks:add node-js-app https://github.com/heroku/heroku-buildpack-nodejs.git\n
Buildpacks are executed in order, may be inserted at a specified index via the --index flag. This flag is specified starting at a 1-index value.
# will add the golang buildpack at the second position, bumping all proceeding ones by 1 position\ndokku buildpacks:add --index 2 node-js-app https://github.com/heroku/heroku-buildpack-golang.git\n
"},{"location":"deployment/builders/herokuish-buildpacks/#overwriting-a-buildpack-position","title":"Overwriting a buildpack position","text":"In some cases, it may be necessary to swap out a given buildpack. Rather than needing to re-specify each buildpack, the buildpacks:set command can be used to overwrite a buildpack at a given position.
dokku buildpacks:set node-js-app https://github.com/heroku/heroku-buildpack-ruby.git\n
By default, this will overwrite the first buildpack specified. To specify an index, the --index flag may be used. This flag is specified starting at a 1-index value, and defaults to 1.
# the following are equivalent commands\ndokku buildpacks:set node-js-app https://github.com/heroku/heroku-buildpack-ruby.git\ndokku buildpacks:set --index 1 node-js-app https://github.com/heroku/heroku-buildpack-ruby.git\n
If the index specified is larger than the number of buildpacks currently configured, the buildpack will be appended to the end of the list.
dokku buildpacks:set --index 99 node-js-app https://github.com/heroku/heroku-buildpack-ruby.git\n
"},{"location":"deployment/builders/herokuish-buildpacks/#removing-a-buildpack","title":"Removing a buildpack","text":"Info
At least one of a buildpack or index must be specified
A single buildpack can be removed by name via the buildpacks:remove command.
dokku buildpacks:remove node-js-app https://github.com/heroku/heroku-buildpack-ruby.git\n
Buildpacks can also be removed by index via the --index flag. This flag is specified starting at a 1-index value.
dokku buildpacks:remove node-js-app --index 1\n
"},{"location":"deployment/builders/herokuish-buildpacks/#clearing-all-buildpacks","title":"Clearing all buildpacks","text":"Info
This does not affect automatically detected buildpacks, nor does it impact any specified BUILDPACK_URL environment variable.
The buildpacks:clear command can be used to clear all configured buildpacks for a specified app.
dokku buildpacks:clear node-js-app\n
"},{"location":"deployment/builders/herokuish-buildpacks/#customizing-the-buildpack-stack-builder","title":"Customizing the Buildpack stack builder","text":"New
Introduced in 0.23.0
The default stack builder in use by Herokuish buildpacks in Dokku is based on gliderlabs/herokuish:latest. Typically, this is installed via an OS package which pulls the requisite Docker image. Users may desire to switch the stack builder to a custom version, either to update the operating system or to customize packages included with the stack builder. This can be performed via the buildpacks:set-property command.
dokku buildpacks:set-property node-js-app stack gliderlabs/herokuish:latest\n
The specified stack builder can also be unset by omitting the name of the stack builder when calling buildpacks:set-property.
dokku buildpacks:set-property node-js-app stack\n
A change in the stack builder value will execute the post-stack-set trigger.
Finally, stack builders can be set or unset globally as a fallback. This will take precedence over a globally set DOKKU_IMAGE environment variable (gliderlabs/herokuish:latest-24 by default).
# set globally\ndokku buildpacks:set-property --global stack gliderlabs/herokuish:latest\n\n# unset globally\ndokku buildpacks:set-property --global stack\n
"},{"location":"deployment/builders/herokuish-buildpacks/#allowing-herokuish-for-non-amd64-platforms","title":"Allowing herokuish for non-amd64 platforms","text":"New
Introduced in 0.29.0
By default, the builder-herokuish plugin is not enabled for non-amd64 platforms, and attempting to use it is blocked. This is because the majority of buildpacks are not cross-platform compatible, and thus building apps will either be considerably slower - due to emulating the amd64 platform - or won't work - due to building amd64 packages on arm64 platforms.
To force-enable herokuish on non-amd64 platforms, the allowed property can be set via builder-herokuish:set. The default value depends on the host platform architecture (true on amd64, false otherwise).
dokku builder-herokuish:set node-js-app allowed true\n
The default value may be set by passing an empty value for the option:
dokku builder-herokuish:set node-js-app allowed\n
The allowed property can also be set globally. The global default is platform-dependent, and the global value is used when no app-specific value is set.
dokku builder-herokuish:set --global allowed true\n
The default value may be set by passing an empty value for the option.
dokku builder-herokuish:set --global allowed\n
"},{"location":"deployment/builders/herokuish-buildpacks/#displaying-buildpack-reports-for-an-app","title":"Displaying buildpack reports for an app","text":"You can get a report about the app's buildpacks status using the buildpacks:report command:
ShellOutput dokku buildpacks:report\n
=====> node-js-app buildpacks information\n Buildpacks computed stack: gliderlabs/herokuish:v0.7.0-22\n Buildpacks global stack: gliderlabs/herokuish:latest-24\n Buildpacks list: https://github.com/heroku/heroku-buildpack-nodejs.git\n Buildpacks stack: gliderlabs/herokuish:v0.7.0-20\n=====> python-sample buildpacks information\n Buildpacks computed stack: gliderlabs/herokuish:latest-24\n Buildpacks global stack: gliderlabs/herokuish:latest-24\n Buildpacks list: https://github.com/heroku/heroku-buildpack-nodejs.git,https://github.com/heroku/heroku-buildpack-python.git\n Buildpacks stack:\n=====> ruby-sample buildpacks information\n Buildpacks computed stack: gliderlabs/herokuish:latest-24\n Buildpacks global stack: gliderlabs/herokuish:latest-24\n Buildpacks list:\n Buildpacks stack:\n
You can run the command for a specific app also.
ShellOutput dokku buildpacks:report node-js-app\n
=====> node-js-app buildpacks information\n Buildpacks list: https://github.com/heroku/heroku-buildpack-nodejs.git\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku buildpacks:report node-js-app --buildpacks-list\n
"},{"location":"deployment/builders/herokuish-buildpacks/#displaying-builder-herokuish-reports-for-an-app","title":"Displaying builder-herokuish reports for an app","text":"New
Introduced in 0.29.0
You can get a report about the app's storage status using the builder-herokuish:report command:
ShellOutput dokku builder-herokuish:report\n
=====> node-js-app builder-herokuish information\n Builder herokuish computed allowed: false\n Builder herokuish global allowed: true\n Builder herokuish allowed: false\n=====> python-sample builder-herokuish information\n Builder herokuish computed allowed: true\n Builder herokuish global allowed: true\n Builder herokuish allowed:\n=====> ruby-sample builder-herokuish information\n Builder herokuish computed allowed: true\n Builder herokuish global allowed: true\n Builder herokuish allowed:\n
You can run the command for a specific app also.
ShellOutput dokku builder-herokuish:report node-js-app\n
=====> node-js-app builder-herokuish information\n Builder herokuish computed allowed: false\n Builder herokuish global allowed: true\n Builder herokuish allowed: false\n
You can pass flags which will output only the value of the specific information you want. For example:
ShellOutput dokku builder-herokuish:report node-js-app --builder-herokuish-allowed\n
false\n
"},{"location":"deployment/builders/herokuish-buildpacks/#errata","title":"Errata","text":""},{"location":"deployment/builders/herokuish-buildpacks/#switching-from-dockerfile-deployments","title":"Switching from Dockerfile deployments","text":"If an application was previously deployed via Dockerfile, the following commands should be run before a buildpack deploy will succeed:
dokku ports:clear node-js-app\n
"},{"location":"deployment/builders/herokuish-buildpacks/#using-a-specific-buildpack-version","title":"Using a specific buildpack version","text":"Info
Always remember to pin your buildpack versions when using the multi-buildpacks method, or you may find deploys changing your deployed environment.
By default, Dokku uses the gliderlabs/herokuish project, which pins all of it's vendored buildpacks. There may be occasions where the pinned version results in a broken deploy, or does not have a particular feature that is required to build your project. To use a more recent version of a given buildpack, the buildpack may be specified without a Git commit SHA like so:
# using the latest nodejs buildpack\ndokku buildpacks:set node-js-app https://github.com/heroku/heroku-buildpack-nodejs\n
This will use the latest commit on the master branch of the specified buildpack. To pin to a newer version of a buildpack, a sha may also be specified by using the form REPOSITORY_URL#COMMIT_SHA, where COMMIT_SHA is any tree-ish git object - usually a git tag.
# using v87 of the nodejs buildpack\ndokku buildpacks:set node-js-app https://github.com/heroku/heroku-buildpack-nodejs#v87\n
"},{"location":"deployment/builders/herokuish-buildpacks/#curl-build-timeouts","title":"curl build timeouts","text":"Certain buildpacks may time out in retrieving dependencies via curl. This can happen when your network connection is poor or if there is significant network congestion. You may see a message similar to gzip: stdin: unexpected end of file after a curl command.
If you see output similar this when deploying , you may need to override the curl timeouts to increase the length of time allotted to those tasks. You can do so via the config plugin:
dokku config:set --global CURL_TIMEOUT=1200\ndokku config:set --global CURL_CONNECT_TIMEOUT=180\n
"},{"location":"deployment/builders/herokuish-buildpacks/#clearing-buildpack-cache","title":"Clearing buildpack cache","text":"See the repository management documentation for more information on how to clear buildpack build cache for an application.
"},{"location":"deployment/builders/herokuish-buildpacks/#specifying-commands-via-procfile","title":"Specifying commands via Procfile","text":"See the Procfile documentation for more information on how to specify different processes for your app.
"},{"location":"deployment/builders/lambda/","title":"Lambda Builder","text":"New
Introduced in 0.28.0
builder-lambda:report [<app>] [<flag>] # Displays a builder-lambda report for one or more apps\nbuilder-lambda:set <app> <key> (<value>) # Set or clear a builder-lambda property for an app\n
The lambda builder builds AWS Lambda functions in an environment simulating AWS Lambda runtimes via lambda-builder. Apps built via this builder can run natively in Dokku and may also have their artifacts scheduled to Lambda via an appropriate scheduler.
"},{"location":"deployment/builders/lambda/#usage","title":"Usage","text":""},{"location":"deployment/builders/lambda/#detection","title":"Detection","text":"This builder will be auto-detected in the following case:
- A
lambda.yml exists in the root of the app repository.
The builder may also be selected via the builder:set command
dokku builder:set node-js-app selected lambda\n
"},{"location":"deployment/builders/lambda/#supported-languages","title":"Supported languages","text":"The lambda builder plugin supports the following AWS runtime languages on Amazon Linux 2:
- dotnet
- go (builder is based on AL1)
- nodejs
- python
- ruby
See the lambda-builder documentation for more information on how specific languages are detected.
"},{"location":"deployment/builders/lambda/#customizing-the-build-environment","title":"Customizing the build environment","text":"The lambda builder plugin delegates all build logic to lambda-builder, including language detection and build/runtime environment specification. The lambda-builder tool supports a lambda.yml file format for customizing how apps are built. Please see the readme for lambda-builder for more information on different options.
"},{"location":"deployment/builders/lambda/#changing-the-lambdayml-location","title":"Changing the lambda.yml location","text":"The lambda.yml is expected to be found in a specific directory, depending on the deploy approach:
- The
WORKDIR of the Docker image for deploys resulting from git:from-image and git:load-image commands. - The root of the source code tree for all other deploys (git push,
git:from-archive, git:sync).
Sometimes it may be desirable to set a different path for a given app, e.g. when deploying from a monorepo. This can be done via the lambdayml-path property:
dokku builder-lambda:set node-js-app lambdayml-path .dokku/lambda.yml\n
The value is the path to the desired file relative to the base search directory, and will never be treated as absolute paths in any context. If that file does not exist within the repository, the build will fail.
The default value may be set by passing an empty value for the option:
dokku builder-lambda:set node-js-app lambdayml-path\n
The lambdayml-path property can also be set globally. The global default is lambda.yml, and the global value is used when no app-specific value is set.
dokku builder-lambda:set --global lambdayml-path lambda2.yml\n
The default value may be set by passing an empty value for the option.
dokku builder-lambda:set --global lambdayml-path\n
"},{"location":"deployment/builders/lambda/#displaying-builder-lambda-reports-for-an-app","title":"Displaying builder-lambda reports for an app","text":"You can get a report about the app's storage status using the builder-lambda:report command:
ShellOutput dokku builder-lambda:report\n
=====> node-js-app builder-lambda information\n Builder lambda computed lambdayml path: lambda2.yml\n Builder lambda global lambdayml path: lambda.yml\n Builder lambda lambdayml path: lambda2.yml\n=====> python-sample builder-lambda information\n Builder lambda computed lambdayml path: lambda.yml\n Builder lambda global lambdayml path: lambda.yml\n Builder lambda lambdayml path:\n=====> ruby-sample builder-lambda information\n Builder lambda computed lambdayml path: lambda.yml\n Builder lambda global lambdayml path: lambda.yml\n Builder lambda lambdayml path:\n
You can run the command for a specific app also.
ShellOutput dokku builder-lambda:report node-js-app\n
=====> node-js-app builder-lambda information\n Builder lambda computed lambdayml path: lambda2.yml\n Builder lambda global lambdayml path: lambda.yml\n Builder lambda lambdayml path: lambda2.yml\n
You can pass flags which will output only the value of the specific information you want. For example:
ShellOutput dokku builder-lambda:report node-js-app --builder-lambda-lambdayml-path\n
lambda2.yml\n
"},{"location":"deployment/builders/nixpacks/","title":"Nixpacks","text":"New
Introduced in 0.32.0
The nixpacks builder builds apps via Nixpacks, a buildpack alternative.
"},{"location":"deployment/builders/nixpacks/#usage","title":"Usage","text":""},{"location":"deployment/builders/nixpacks/#requirements","title":"Requirements","text":"The nixpacks cli tool is not included by default with Dokku or as a dependency. It must also be installed as shown on this page.
Builds will proceed with the nixpacks cli for the app from then on.
"},{"location":"deployment/builders/nixpacks/#detection","title":"Detection","text":"This builder will be auto-detected in the following case:
- A
nixpacks.toml exists in the root of the app repository.
The builder may also be selected via the builder:set command
dokku builder:set node-js-app selected nixpacks\n
"},{"location":"deployment/builders/nixpacks/#supported-languages","title":"Supported languages","text":"See the upstream nixpacks documentation for further information on what languages and frameworks are supported.
"},{"location":"deployment/builders/nixpacks/#build-time-configuration-variables","title":"Build-time configuration variables","text":"For security reasons - and as per Docker recommendations - nixpacks-based deploys have variables available only during runtime.
For users that require customization in the build phase, you may use build arguments via the docker-options plugin. All environment variables set by the config plugin are automatically exported within the nixpacks build environment, and thus --env only requires setting a key without a value.
dokku docker-options:add node-js-app build '--env NODE_ENV'\n
Alternatively, a full value may be provided in the form of --env KEY=VALUE:
dokku docker-options:add node-js-app build '--env NODE_ENV=production'\n
"},{"location":"deployment/builders/nixpacks/#changing-the-nixpackstoml-location","title":"Changing the nixpacks.toml location","text":"The nixpacks.toml is expected to be found in a specific directory, depending on the deploy approach:
- The
WORKDIR of the Docker image for deploys resulting from git:from-image and git:load-image commands. - The root of the source code tree for all other deploys (git push,
git:from-archive, git:sync).
Sometimes it may be desirable to set a different path for a given app, e.g. when deploying from a monorepo. This can be done via the nixpackstoml-path property:
dokku builder-nixpacks:set node-js-app nixpackstoml-path .dokku/nixpacks.toml\n
The value is the path to the desired file relative to the base search directory, and will never be treated as absolute paths in any context. If that file does not exist within the repository, the build will fail.
The default value may be set by passing an empty value for the option:
dokku builder-nixpacks:set node-js-app nixpackstoml-path\n
The nixpackstoml-path property can also be set globally. The global default is nixpacks.toml, and the global value is used when no app-specific value is set.
dokku builder-nixpacks:set --global nixpackstoml-path nixpacks2.toml\n
The default value may be set by passing an empty value for the option.
dokku builder-nixpacks:set --global nixpackstoml-path\n
"},{"location":"deployment/builders/nixpacks/#disabling-cache","title":"Disabling cache","text":"Cache is enabled by default, but can be disabled by setting the no-cache property to true:
dokku builder-nixpacks:set node-js-app no-cache true\n
The default value may be set by passing an empty value for the option:
dokku builder-nixpacks:set node-js-app no-cache\n
The no-cache property can also be set globally. The global default is false, and the global value is used when no app-specific value is set.
dokku builder-nixpacks:set --global no-cache true\n
The default value may be set by passing an empty value for the option.
dokku builder-nixpacks:set --global no-cache\n
"},{"location":"deployment/builders/nixpacks/#displaying-builder-nixpacks-reports-for-an-app","title":"Displaying builder-nixpacks reports for an app","text":"You can get a report about the app's storage status using the builder-nixpacks:report command:
ShellOutput dokku builder-nixpacks:report\n
=====> node-js-app builder-nixpacks information\n Builder-nixpacks computed nixpackstoml path: nixpacks2.toml\n Builder-nixpacks global nixpackstoml path: nixpacks.toml\n Builder-nixpacks nixpackstoml path: nixpacks2.toml\n Builder-nixpacks computed no cache: true\n Builder-nixpacks global no cache: false\n Builder-nixpacks no cache: true\n=====> python-sample builder-nixpacks information\n Builder-nixpacks computed nixpackstoml path: nixpacks.toml\n Builder-nixpacks global nixpackstoml path: nixpacks.toml\n Builder-nixpacks nixpackstoml path:\n Builder-nixpacks computed no cache: false\n Builder-nixpacks global no cache: false\n Builder-nixpacks no cache:\n=====> ruby-sample builder-nixpacks information\n Builder-nixpacks computed nixpackstoml path: nixpacks.toml\n Builder-nixpacks global nixpackstoml path: nixpacks.toml\n Builder-nixpacks nixpackstoml path:\n Builder-nixpacks computed no cache: false\n Builder-nixpacks global no cache: false\n Builder-nixpacks no cache:\n
You can run the command for a specific app also.
ShellOutput dokku builder-nixpacks:report node-js-app\n
=====> node-js-app builder-nixpacks information\n Builder-nixpacks computed nixpackstoml path: nixpacks2.toml\n Builder-nixpacks global nixpackstoml path: nixpacks.toml\n Builder-nixpacks nixpackstoml path: nixpacks2.toml\n Builder-nixpacks computed no cache: true\n Builder-nixpacks global no cache: false\n Builder-nixpacks no cache: true\n
You can pass flags which will output only the value of the specific information you want. For example:
ShellOutput dokku builder-nixpacks:report node-js-app --builder-nixpacks-no-cache\n
true\n
"},{"location":"deployment/builders/null/","title":"Null Builder","text":"New
Introduced in 0.25.0
The null builder does nothing, and is useful for routing to services not managed by Dokku. It should not be used in normal operation. Please see the network documentation for more information on the aforementioned use case.
"},{"location":"deployment/builders/null/#usage","title":"Usage","text":""},{"location":"deployment/builders/null/#detection","title":"Detection","text":"This builder is never auto-detected. The builder must be specified via the builder:set command:
dokku builder:set node-js-app selected null\n
"},{"location":"deployment/continuous-integration/generic/","title":"Generic CI/CD Integration","text":"In cases where there is no direct or documented integration available, the Dokku project provides an Official Docker Image for use in Continuous Integration/Continuous Deployment (CI/CD) systems.
Assuming a Docker image can be run as a CI task with environment variables injected, the following CI systems will have their variables automatically detected:
- circleci
- cloudbees
- drone
- github actions
- gitlab-ci
- semaphoreci
- travisci
"},{"location":"deployment/continuous-integration/generic/#simple-usage","title":"Simple Usage","text":"The simplest usage of the image is as follows.
# where the `.env` file contains `GIT_REMOTE_URL` and `SSH_PRIVATE_KEY`\n\ndocker run --rm -v=\"$PWD:/app\" --env-file=.env dokku/ci-docker-image dokku-deploy\n
For more configuration examples and further documentation, see the ci-docker-image readme.
"},{"location":"deployment/continuous-integration/github-actions/","title":"GitHub Actions","text":"The Dokku project has an official GitHub Action available on the GitHub Marketplace. The simplest usage example is as follows:
---\nname: 'deploy'\n\non:\n push:\n branches:\n - master\n\njobs:\n deploy:\n runs-on: ubuntu-24.04\n steps:\n - name: Cloning repo\n uses: actions/checkout@v3\n with:\n fetch-depth: 0\n\n - name: Push to dokku\n uses: dokku/github-action@master\n with:\n git_remote_url: 'ssh://dokku@dokku.me:22/appname'\n ssh_private_key: ${{ secrets.SSH_PRIVATE_KEY }}\n
For further usage documentation and other advanced examples, see the entry on the GitHub Marketplace.
"},{"location":"deployment/continuous-integration/gitlab-ci/","title":"GitLab CI","text":"GitLab CI can be used to automatically deploy a Dokku application via the official the dokku/ci-docker-image. The simplest example is as follows:
---\nimage: dokku/ci-docker-image\n\nstages:\n - deploy\n\nvariables:\n GIT_DEPTH: 0\n\ndeploy:\n stage: deploy\n only:\n - master\n variables:\n GIT_REMOTE_URL: ssh://dokku@dokku.me:22/appname\n script: \n - dokku-deploy\n after_script: \n - dokku-unlock\n
For further usage documentation and other advanced examples, see Dokku's gitlab-ci repository.
"},{"location":"deployment/methods/archive/","title":"Tar and Zip Archives","text":""},{"location":"deployment/methods/archive/#initializing-an-app-repository-from-an-archive-file","title":"Initializing an app repository from an archive file","text":"New
Introduced in 0.24.0
A Dokku app repository can be initialized or updated from the contents of an archive file via the git:from-archive command. This is an excellent way of tracking changes when deploying pre-built binary archives, such as java jars or go binaries. This can also be useful when deploying directly from a GitHub repository at a specific commit.
dokku git:from-archive node-js-app https://github.com/dokku/smoke-test-app/releases/download/2.0.0/smoke-test-app.tar\n
In the above example, Dokku will build the app as if the repository contained the extracted contents of the specified archive file.
Triggering a build with the same archive file multiple times will result in Dokku exiting 0 early as there will be no changes detected.
The git:from-archive command can optionally take a git user.name and user.email argument (in that order) to customize the author. If the arguments are left empty, they will fallback to Dokku and automated@dokku.sh, respectively.
dokku git:from-archive node-js-app https://github.com/dokku/smoke-test-app/releases/download/2.0.0/smoke-test-app.tar \"Camila\" \"camila@example.com\"\n
The default archive type is always set to .tar. To use a different archive type, specify the --archive-type flag. Failure to do so will result in a failure to extract the archive.
dokku git:from-archive --archive-type zip node-js-app https://github.com/dokku/smoke-test-app/archive/2.0.0.zip \"Camila\" \"camila@example.com\"\n
Finally, if the archive url is specified as --, the archive will be fetched from stdin.
curl -sSL https://github.com/dokku/smoke-test-app/releases/download/2.0.0/smoke-test-app.tar | dokku git:from-archive node-js-app --\n
"},{"location":"deployment/methods/git/","title":"Git Deployment","text":"New
Subcommands introduced in 0.12.0
git:allow-host <host> # Adds a host to known_hosts\ngit:auth <host> [<username> <password>] # Configures netrc authentication for a given git server\ngit:from-archive [--archive-type ARCHIVE_TYPE] <app> <archive-url> [<git-username> <git-email>] # Updates an app's git repository with a given archive file\ngit:from-image [--build-dir DIRECTORY] <app> <docker-image> [<git-username> <git-email>] # Updates an app's git repository with a given docker image\ngit:generate-deploy-key # Generates a deploy ssh key\ngit:load-image [--build-dir DIRECTORY] <app> <docker-image> [<git-username> <git-email>] # Updates an app's git repository with a docker image loaded from stdin\ngit:sync [--build|build-if-changes] <app> <repository> [<git-ref>] # Clone or fetch an app from remote git repo\ngit:initialize <app> # Initialize a git repository for an app\ngit:public-key # Outputs the dokku public deploy key\ngit:report [<app>] [<flag>] # Displays a git report for one or more apps\ngit:set <app> <key> (<value>) # Set or clear a git property for an app\ngit:status <app> # Show the working tree status for an app\n
Git-based deployment has been the traditional method of deploying applications in Dokku. As of v0.12.0, Dokku introduces a few ways to customize the experience of deploying via git push. A Git-based deployment currently supports building applications via:
- Cloud Native Buildpacks
- Herokuish Buildpack
- Dockerfiles
"},{"location":"deployment/methods/git/#usage","title":"Usage","text":"Warning
Pushing from a shallow clone is not currently supported and may have undefined behavior. Please unshallow your local repository before pushing to a Dokku app to avoid potential errors in the deployment process.
"},{"location":"deployment/methods/git/#initializing-an-application","title":"Initializing an application","text":"When an application is created via git push, Dokku will create the proper pre-receive hook in order to execute the build pipeline. In certain cases - such as when fronting deploys with the git-http-backend - this may not be correctly created. As an alternative, the git:initialize command can be used to trigger this creation:
# on the Dokku host\n\n# overrides any existing pre-receive hook\ndokku git:initialize node-js-app\n
In order for the above command to succeed, the application must already exist.
Warning
If the pre-receive hook was customized in any way, this will overwrite that hook with the current defaults for Dokku.
"},{"location":"deployment/methods/git/#changing-the-deploy-branch","title":"Changing the deploy branch","text":"By default, Dokku will deploy code pushed to the master branch. In order to quickly deploy a different local branch, the following Git command can be used:
# on the local machine\n\n# where `SOME_BRANCH_NAME` is the name of the branch\ngit push dokku SOME_BRANCH_NAME:master\n
In 0.12.0, the correct way to change the deploy branch is to use the git:set Dokku command.
# on the Dokku host\n\n# override for all applications\ndokku git:set --global deploy-branch SOME_BRANCH_NAME\n\n# override for a specific app\n# where `SOME_BRANCH_NAME` is the name of the branch\ndokku git:set node-js-app deploy-branch SOME_BRANCH_NAME\n
As of 0.22.1, Dokku will also respect the first pushed branch as the primary branch, and automatically set the deploy-branch value at that time.
Pushing multiple branches can also be supported by creating a receive-branch plugin trigger in a custom plugin.
"},{"location":"deployment/methods/git/#configuring-the-git_rev-environment-variable","title":"Configuring the GIT_REV environment variable","text":"New
Introduced in 0.12.0
Application deployments will include a special GIT_REV environment variable containing the current deployment sha being deployed. For rebuilds, this SHA will remain the same.
To configure the name of the GIT_REV environment variable, run the git:set command as follows:
# on the Dokku host\n\n# override for a specific app\ndokku git:set node-js-app rev-env-var DOKKU_GIT_REV\n
This behavior can be disabled entirely on a per-app basis by setting the rev-env-var value to an empty string:
# on the Dokku host\n\n# override for a specific app\ndokku git:set node-js-app rev-env-var \"\"\n
"},{"location":"deployment/methods/git/#keeping-the-git-directory","title":"Keeping the .git directory","text":"By default, Dokku will remove the contents of the .git before triggering a build for a given app. This is generally a safe default as shipping the entire source code history of your app in the deployed image artifact is unnecessary as it increases bloat and potentially can leak information if there are any security issues with your app code.
To enable the .git directory, run the git:set command as follows:
# on the Dokku host\n\n# keep the .git directory during builds\ndokku git:set node-js-app keep-git-dir true\n
The default behavior is to delete this directory and it's contents. To revert to the default behavior, the keep-git-dir value can be set to either an empty string or false.
# on the Dokku host\n\n# delete the .git directory during builds (default)\ndokku git:set node-js-app keep-git-dir false\n\n# delete the .git directory during builds (default)\ndokku git:set node-js-app keep-git-dir \"\"\n
Please keep in mind that setting keep-git-dir to true may result in unstaged changes shown within the built container due to the build process generating application changes within the built app directory.
"},{"location":"deployment/methods/git/#initializing-an-app-repository-from-a-remote-repository","title":"Initializing an app repository from a remote repository","text":"New
Introduced in 0.23.0
A Dokku app repository can be initialized or updated from a remote git repository via the git:sync command. This command will either clone or fetch updates from a remote repository and has undefined behavior if the history cannot be fast-fowarded to the referenced repository reference. Any repository that can be cloned by the dokku user can be specified.
Info
The application must exist before the repository can be initialized
dokku git:sync node-js-app https://github.com/heroku/node-js-getting-started.git\n
The git:sync command optionally takes an optional third parameter containing a git reference, which may be a branch, tag, or specific commit.
# specify a branch\ndokku git:sync node-js-app https://github.com/heroku/node-js-getting-started.git main\n\n# specify a tag\ndokku git:sync node-js-app https://github.com/heroku/node-js-getting-started.git 1\n\n# specify a commit\ndokku git:sync node-js-app https://github.com/heroku/node-js-getting-started.git 97e6c72491c7531507bfc5413903e0e00e31e1b0\n
By default, this command does not trigger an application build. To do so during a git:sync, specify the --build flag.
dokku git:sync --build node-js-app https://github.com/heroku/node-js-getting-started.git\n
When running git:sync without a reference, it may be useful to only build when there are changes. To do so, specify the --build-if-changes flag.
dokku git:sync --build-if-changes node-js-app https://github.com/heroku/node-js-getting-started.git\n
"},{"location":"deployment/methods/git/#initializing-from-private-repositories","title":"Initializing from private repositories","text":"New
Introduced in 0.24.0
Initializing from a private repository requires one of the following:
- A Public SSH Key (
id_rsa.pub file) configured on the remote server, with the associated private key (id_rsa) in the Dokku server's /home/dokku/.ssh/ directory. - A configured
.netrc entry.
Dokku provides the git:auth command which can be used to configure a netrc entry for the remote server. This command can be used to add or remove configuration for any remote server.
# add credentials for github.com\ndokku git:auth github.com username personal-access-token\n\n# remove credentials for github.com\ndokku git:auth github.com\n
For syncing to a private repository stored on a remote Git product such as GitHub or GitLab, Dokku's recommendation is to use a personal access token on a bot user where possible. Please see your service's documentation for information regarding the recommended best practices.
"},{"location":"deployment/methods/git/#allowing-remote-repository-hosts","title":"Allowing remote repository hosts","text":"By default, the Dokku host may not have access to a server containing the remote repository. This can be initialized via the git:allow-host command.
dokku git:allow-host github.com\n
Note that this command is currently not idempotent and may add duplicate entries to the ~dokku/.ssh/known_hosts file.
"},{"location":"deployment/methods/git/#creating-a-cloning-ssh-key-pair","title":"Creating a cloning ssh key pair","text":"New
Introduced in 0.33.0
While most repositories can be authenticated to via the git:auth command, some users may prefer to use an ssh key. This can be generated via the git:generate-deploy-key command, which generates a passwordless ed25519 key-pair.
ShellOutput dokku git:generate-deploy-key\n
Generating public/private ed25519 key pair.\nYour identification has been saved in /home/dokku/.ssh/id_ed25519\nYour public key has been saved in /home/dokku/.ssh/id_ed25519.pub\nThe key fingerprint is:\nSHA256:PvlvVfbpYvkmA87rTfLUq07e3GarRN1BcLqDSjod+p8 dokku@ubuntu\nThe key's randomart image is:\n+--[ED25519 256]--+\n| ..o |\n| + |\n| . . |\n| . o =|\n| So . + ++|\n| .=.o.. +..|\n| ++oo..*o. |\n| oo o%*oo=|\n| .+E=BOOo|\n+----[SHA256]-----+\n
"},{"location":"deployment/methods/git/#verifying-the-cloning-public-key","title":"Verifying the cloning public key","text":"In order to clone a remote repository, the remote server should have the Dokku host's public key configured. This plugin does not currently create this key, but if can be shown via the git:public-key command.
dokku git:public-key\n
If there is no key, an error message is shown that displays the command that can be run on the Dokku server to generate a new public/private ssh key pair.
"},{"location":"deployment/methods/image/","title":"Docker Image Deployment","text":""},{"location":"deployment/methods/image/#initializing-an-app-repository-from-a-docker-image","title":"Initializing an app repository from a docker image","text":"New
Introduced in 0.24.0
A Dokku app repository can be initialized or updated from a Docker image via the git:from-image command. This command will either initialize the app repository or update it to include the specified Docker image via a FROM stanza. This is an excellent way of tracking changes when deploying only a given docker image, especially if deploying an image from a remote CI/CD pipeline.
dokku git:from-image node-js-app my-registry/node-js-getting-started:latest\n
In the above example, Dokku will build the app as if the repository contained only a Dockerfile with the following content:
FROM my-registry/node-js-getting-started:latest\n
If the specified image already exists on the Dokku host, it will not be pulled again, though this behavior may be changed using build phase docker-options.
Triggering a build with the same arguments multiple times will result in Dokku exiting 0 early as there will be no changes detected. If the image tag is reused but the underlying image is different, it is recommended to use the image digest instead of the tag. This can be retrieved via the following command:
# for images pushed to a remote registry\ndocker inspect --format='{{index .RepoDigests 0}}' $IMAGE_NAME\n\n# for images built locally and not pushed to a registry\n# use when the previous command output is empty\ndocker images --no-trunc --quiet $IMAGE_NAME\n
The resulting git:from-image call would then be:
# where the image sha is: sha256:9d187c3025d03c033dcc71e3a284fee53be88cc4c0356a19242758bc80cab673\ndokku git:from-image node-js-app my-registry/node-js-getting-started@sha256:9d187c3025d03c033dcc71e3a284fee53be88cc4c0356a19242758bc80cab673\n
The git:from-image command can optionally take a git user.name and user.email argument (in that order) to customize the author. If the arguments are left empty, they will fallback to Dokku and automated@dokku.sh, respectively.
dokku git:from-image node-js-app my-registry/node-js-getting-started:latest \"Camila\" \"camila@example.com\"\n
If the image is a private image that requires a docker login to access, the registry:login command should be used to log into the registry. See the registry documentation for more details on this process.
Finally, certain images may require a custom build context in order for ONBUILD ADD and ONBUILD COPY statements to succeed. A custom build context can be specified via the --build-dir flag. All files in the specified build-dir will be copied into the repository for use within the docker build process. The build context must be specified on each deploy, and is not otherwise persisted between builds.
dokku git:from-image --build-dir path/to/build node-js-app domy-registrykku/node-js-getting-started:latest \"Camila\" \"camila@example.com\"\n
See the dockerfile documentation to learn about the different ways to configure Dockerfile-based deploys.
"},{"location":"deployment/methods/image/#initializing-an-app-repository-from-a-remote-image-without-a-registry","title":"Initializing an app repository from a remote image without a registry","text":"New
Introduced in 0.30.0
A Dokku app repository can be initialized or updated from the contents of an image archive tar file via the git:load-image command. This method can be used when a Docker Registry is unavailable to act as an intermediary for storing an image, such as when building an image in CI and deploying directly from that image.
docker image save my-registry/node-js-getting-started:latest | ssh dokku@dokku.me git:load-image node-js-app my-registry/node-js-getting-started:latest\n
In the above example, we are saving the image to a tar file via docker image save, streaming that to the Dokku host, and then running git:load-image on the incoming stream. Dokku will build the app as if the repository contained only a Dockerfile with the following content:
FROM my-registry/node-js-getting-started:latest\n
When deploying an app via git:load-image, it is highly recommended to use a unique image tag when building the image. Not doing so will result in Dokku exiting 0 early as there will be no changes detected. If the image tag is reused but the underlying image is different, it is recommended to use the image digest instead of the tag. This can be retrieved via the following command:
# for images pushed to a remote registry\ndocker inspect --format='{{index .RepoDigests 0}}' $IMAGE_NAME\n\n# for images built locally and not pushed to a registry\n# use when the previous command output is empty\ndocker images --no-trunc --quiet $IMAGE_NAME\n
The resulting git:load-image call would then be:
# where the image sha is: sha256:9d187c3025d03c033dcc71e3a284fee53be88cc4c0356a19242758bc80cab673\ndocker image save my-registry/node-js-getting-started:latest | ssh dokku@dokku.me git:load-image node-js-app my-registry/node-js-getting-started@sha256:9d187c3025d03c033dcc71e3a284fee53be88cc4c0356a19242758bc80cab673\n
The git:load-image command can optionally take a git user.name and user.email argument (in that order) to customize the author. If the arguments are left empty, they will fallback to Dokku and automated@dokku.sh, respectively.
docker image save my-registry/node-js-getting-started:latest | ssh dokku@dokku.me git:load-image node-js-app my-registry/node-js-getting-started:latest \"Camila\" \"camila@example.com\"\n
Finally, certain images may require a custom build context in order for ONBUILD ADD and ONBUILD COPY statements to succeed. A custom build context can be specified via the --build-dir flag. All files in the specified build-dir will be copied into the repository for use within the docker build process. The build context must be specified on each deploy, and is not otherwise persisted between builds.
docker image save my-registry/node-js-getting-started:latest | ssh dokku@dokku.me git:load-image --build-dir path/to/build node-js-app my-registry/node-js-getting-started:latest \"Camila\" \"camila@example.com\"\n
See the dockerfile documentation to learn about the different ways to configure Dockerfile-based deploys.
"},{"location":"deployment/schedulers/docker-local/","title":"Docker Local Scheduler","text":"New
Subcommands introduced in 0.12.12
scheduler-docker-local:report [<app>] [<flag>] # Displays a scheduler-docker-local report for one or more apps\nscheduler-docker-local:set <app> <key> (<value>) # Set or clear a scheduler-docker-local property for an app\n
New
Introduced in 0.12.0
Dokku natively includes functionality to manage application lifecycles for a single server using the scheduler-docker-local plugin. It is the default scheduler, but as with all schedulers, it is set on a per-application basis. The scheduler can currently be overridden by running the following command:
dokku scheduler:set node-js-app selected docker-local\n
As it is the default, unsetting the selected scheduler property is also a valid way to reset the scheduler.
dokku scheduler:set node-js-app selected\n
"},{"location":"deployment/schedulers/docker-local/#usage","title":"Usage","text":""},{"location":"deployment/schedulers/docker-local/#deploying-amd64-images-on-arm64","title":"Deploying amd64 images on arm64","text":"New
Introduced in 0.33.0
Many builders only produce amd64-compatible images. The docker-local scheduler will automatically detect these and run them via the --platform=linux/amd64 on arm64 deploy targets.
"},{"location":"deployment/schedulers/docker-local/#disabling-the-init-process","title":"Disabling the init process","text":"The scheduler-docker-local injects an init process by default via the --init. For some apps - such as those where the built docker image uses S6 as the init - this may be undesirable and cause issues with process starts. You may disable this by running the following scheduler-docker-local:set command for your application:
dokku scheduler-docker-local:set node-js-app init-process false\n
Once set, you may re-enable it by setting a blank value for init-process:
dokku scheduler-docker-local:set node-js-app init-process\n
All image containers with the label org.opencontainers.image.vendor=linuxserver.io will have the automatic init process injection force-disabled without further intervention.
"},{"location":"deployment/schedulers/docker-local/#deploying-process-types-in-parallel","title":"Deploying Process Types in Parallel","text":"New
Introduced in 0.25.5
By default, Dokku deploys an app's processes one-by-one in order, with the web process being deployed first. Deployment parallelism may be achieved by setting the parallel-schedule-count property, which defaults to 1. Increasing this number increases the number of process types that may be deployed in parallel (with the web process being the exception).
# Increase parallelism from 1 process type at a time to 4 process types at a time.\ndokku scheduler-docker-local:set node-js-app parallel-schedule-count 4\n
Once set, you may reset it by setting a blank value for parallel-schedule-count:
dokku scheduler-docker-local:set node-js-app parallel-schedule-count\n
If the value of parallel-schedule-count is increased and a given process type fails to schedule successfully, then any in-flight process types will continue to be processed, while all process types that have not been scheduled will be skipped before the deployment finally fails.
Container scheduling output is shown in the order it is received, and thus may be out of order in case of output to stderr.
Note that increasing the value of parallel-schedule-count may significantly impact CPU utilization on your host as your app containers - and their respective processes - start up. Setting a value higher than the number of available CPUs is discouraged. It is recommended that users carefully set this value so as not to overburden their server.
"},{"location":"deployment/schedulers/docker-local/#increasing-parallelism-within-a-process-deploy","title":"Increasing parallelism within a process deploy","text":"New
Introduced in 0.26.0
By default, Dokku will deploy one instance of a given process type at a time. This can be increased by customizing the app.json formation key to include a max_parallel key for the given process type.
The formation key should be specified as follows in the app.json file:
{\n \"formation\": {\n \"web\": {\n \"max_parallel\": 1\n },\n \"worker\": {\n \"max_parallel\": 4\n }\n }\n}\n
Omitting or removing the entry will result in parallelism for that process type to return to 1 entry at a time. This can be combined with the parallel-schedule-count property to speed up deployments.
Note that increasing the value of max_parallel may significantly impact CPU utilization on your host as your app containers - and their respective processes - start up. Setting a value higher than the number of available CPUs is discouraged. It is recommended that users carefully set this value so as not to overburden their server.
See the app.json location documentation for more information on where to place your app.json file.
"},{"location":"deployment/schedulers/docker-local/#scheduler-interface","title":"Scheduler Interface","text":"The following sections describe implemented scheduler functionality for the docker-local scheduler.
"},{"location":"deployment/schedulers/docker-local/#implemented-commands-and-triggers","title":"Implemented Commands and Triggers","text":"This plugin implements various functionality through plugn triggers to integrate with Docker for running apps on a single server. The following functionality is supported by the scheduler-docker-local plugin.
apps:cloneapps:destroyapps:renamedeployenterlogsps:inspectps:stoprun
"},{"location":"deployment/schedulers/docker-local/#logging-support","title":"Logging support","text":"App logs for the logs command are fetched from running containers via the docker cli. To persist logs across deployments, consider using Dokku's vector integration to ship logs to another service or a third-party platform.
"},{"location":"deployment/schedulers/docker-local/#supported-resource-management-properties","title":"Supported Resource Management Properties","text":"The docker-local scheduler supports a minimal list of resource limits and reservations. The following properties are supported:
"},{"location":"deployment/schedulers/docker-local/#resource-limits","title":"Resource Limits","text":" - cpu: (docker option:
--cpus), is specified in number of CPUs a process can access. - See the \"CPU\" section of the Docker Runtime Options documentation for more information.
- memory: (docker option:
--memory) should be specified with a suffix of b (bytes), k (kilobytes), m (megabytes), g (gigabytes). Default unit is m (megabytes). - See the \"Memory\" section of the Docker Runtime Options documentation for more information.
- memory-swap: (docker option:
--memory-swap) should be specified with a suffix of b (bytes), k (kilobytes), m (megabytes), g (gigabytes) - See the \"Memory\" section of the Docker Runtime Options documentation for more information.
- nvidia-gpus: (docker option:
--gpus), is specified in number of Nvidia GPUs a process can access. - See the \"GPU\" section of the Docker Runtime Options documentation for more information.
"},{"location":"deployment/schedulers/docker-local/#resource-reservations","title":"Resource Reservations","text":" - memory: (docker option:
--memory-reservation) should be specified with a suffix of b (bytes), k (kilobytes), m (megabytes), g (gigabytes). Default unit is m (megabytes). - See the \"Memory\" section of the Docker Runtime Options documentation for more information.
"},{"location":"deployment/schedulers/k3s/","title":"K3s Scheduler","text":"New
Introduced in 0.33.0
scheduler-k3s:annotations:set <app|--global> <property> (<value>) [--process-type PROCESS_TYPE] <--resource-type RESOURCE_TYPE>, Set or clear an annotation for a given app/process-type/resource-type combination\nscheduler-k3s:autoscaling-auth:set <app|--global> <trigger> [<--metadata key=value>...], Set or clear a scheduler-k3s autoscaling keda trigger authentication resource for an app\nscheduler-k3s:autoscaling-auth:report <app|--global> [--format stdout|json] [--include-metadata] # Displays a scheduler-k3s autoscaling auth report for an app\nscheduler-k3s:cluster-add [ssh://user@host:port] # Adds a server node to a Dokku-managed cluster\nscheduler-k3s:cluster-list # Lists all nodes in a Dokku-managed cluster\nscheduler-k3s:cluster-remove [node-id] # Removes client node to a Dokku-managed cluster\nscheduler-k3s:initialize # Initializes a cluster\nscheduler-k3s:labels:set <app|--global> <property> (<value>) [--process-type PROCESS_TYPE] <--resource-type RESOURCE_TYPE>, Set or clear a label for a given app/process-type/resource-type combination\nscheduler-k3s:report [<app>] [<flag>] # Displays a scheduler-k3s report for one or more apps\nscheduler-k3s:set [<app>|--global] <key> (<value>) # Set or clear a scheduler-k3s property for an app or the scheduler\nscheduler-k3s:show-kubeconfig # Displays the kubeconfig for remote usage\nscheduler-k3s:uninstall # Uninstalls k3s from the Dokku server\n
Note
The k3s plugin replaces the external scheduler-kubernetes plugin. Users can continue to use the external plugin as necessary, but all future development will occur on the official core k3s plugin.
For multi-server support, Dokku provides the ability for users to setup a K3s cluster. As with all schedulers, it is set on a per-app basis. The scheduler can currently be overridden by running the following command:
dokku scheduler:set node-js-app selected k3s\n
As it is the default, unsetting the selected scheduler property is also a valid way to reset the scheduler.
dokku scheduler:set node-js-app k3s\n
"},{"location":"deployment/schedulers/k3s/#usage","title":"Usage","text":"Info
[!IMPORTANT] The k3s plugin requires usage of a docker registry to store deployed image artifacts. See the registry documentation for more details on how to configure a registry.
"},{"location":"deployment/schedulers/k3s/#initializing-a-cluster","title":"Initializing a cluster","text":"Warning
This command must be run as root
Clusters can be initialized via the scheduler-k3s:initialize command. This will start a k3s cluster on the Dokku node itself.
dokku scheduler-k3s:initialize\n
By default, the k3s installation can run both app and system workloads. For clusters where app workloads are run on distinct worker nodes, initialize the cluster with the --taint-scheduling flag, which will allow only Critical cluster components on the k3s control-plane nodes.
dokku scheduler-k3s:initialize --taint-scheduling\n
By default, Dokku will attempt to auto-detect the IP address of the server. In cases where the auto-detected IP address is incorrect, an override may be specified via the --server-ip flag:
dokku scheduler-k3s:initialize --server-ip 192.168.20.15\n
Dokku's k3s integration natively uses nginx as it's ingress load balancer via ingress-nginx. Properties set by the nginx plugin will be respected, either by turning them into annotations or creating a custom server/location snippet that the ingress-nginx project can use.
Dokku can also use Traefik on cluster initialization via the Traefik's CRDs. To change the ingress, set the --ingress-class flag:
dokku scheduler-k3s:initialize --ingress-class traefik\n
"},{"location":"deployment/schedulers/k3s/#adding-nodes-to-the-cluster","title":"Adding nodes to the cluster","text":"Warning
The dokku user must be able to ssh onto the server in order to connect nodes to the cluster. The remote user must be root or have sudo enabled, or the install will fail.
"},{"location":"deployment/schedulers/k3s/#adding-a-worker-node","title":"Adding a worker node","text":"Nodes that run app workloads can be added via the scheduler-k3s:cluster-add command. This will ssh onto the specified server, install k3s, and join it to the current Dokku node in worker mode. Workers are typically used to run app workloads.
dokku scheduler-k3s:cluster-add ssh://root@worker-1.example.com\n
If the server isn't in the known_hosts file, the connection will fail. This can be bypassed by setting the --insecure-allow-unknown-hosts flag:
dokku scheduler-k3s:cluster-add --insecure-allow-unknown-hosts ssh://root@worker-1.example.com\n
By default, Dokku will attempt to auto-detect the IP address of the Dokku server for the remote server to connect to. In cases where the auto-detected IP address is incorrect, an override may be specified via the --server-ip flag:
dokku scheduler-k3s:cluster-add --server-ip 192.168.20.15 ssh://root@worker-1.example.com\n
"},{"location":"deployment/schedulers/k3s/#adding-a-server-node","title":"Adding a server node","text":"Note
Only the initial Dokku server will be properly configured for push deployment, and should be considered your git remote. Additional server nodes are for ensuring high-availability of the K3s etcd state. Ensure this server is properly backed up and restorable or deployments will not work.
Server nodes are typically used to replicate the cluster state, and it is recommended to have an odd number of nodes spread across several availability zones (datacenters in close proximity within a region). This allows for higher availability in the event of a cluster failure. Server nodes run control-plane services such as the traefik load balancer and the etcd backing store.
Server nodes can also be added with the scheduler-k3s:cluster-add command by specifying --role server. This will ssh onto the specified server, install k3s, and join it to the current Dokku node in server mode.
dokku scheduler-k3s:cluster-add --role server ssh://root@server-1.example.com\n
Server nodes allow any workloads to be scheduled on them by default, in addition to the control-plane, etcd, and the scheduler itself. To avoid app workloads being scheduled on your control-plane, use the --taint-scheduling flag:
dokku scheduler-k3s:cluster-add --role server --taint-scheduling ssh://root@server-1.example.com\n
If the server isn't in the known_hosts file, the connection will fail. This can be bypassed by setting the --insecure-allow-unknown-hosts flag:
dokku scheduler-k3s:cluster-add --role server --insecure-allow-unknown-hosts ssh://root@server-1.example.com\n
By default, Dokku will attempt to auto-detect the IP address of the Dokku server for the remote server to connect to. In cases where the auto-detected IP address is incorrect, an override may be specified via the --server-ip flag:
dokku scheduler-k3s:cluster-add --role server --server-ip 192.168.20.15 ssh://root@server-1.example.com\n
"},{"location":"deployment/schedulers/k3s/#changing-the-network-interface","title":"Changing the network interface","text":"When attaching an worker or server node, the K3s plugin will look at the IP associated with the eth0 interface and use that to connect the new node to the cluster. To change this, set the network-interface property to the appropriate value.
dokku scheduler-k3s:set --global network-interface eth1\n
"},{"location":"deployment/schedulers/k3s/#changing-deploy-timeouts","title":"Changing deploy timeouts","text":"By default, app deploys will timeout after 300s. To customize this value, set the deploy-timeout property via scheduler-k3s:set:
dokku scheduler-k3s:set node-js-app deploy-timeout 60s\n
The default value may be set by passing an empty value for the option:
dokku scheduler-k3s:set node-js-app deploy-timeout\n
The deploy-timeout property can also be set globally. The global default is 300s.
dokku scheduler-k3s:set --global deploy-timeout 60s\n
The default value may be set by passing an empty value for the option.
dokku scheduler-k3s:set --global deploy-timeout\n
"},{"location":"deployment/schedulers/k3s/#customizing-the-namespace","title":"Customizing the namespace","text":"By default, app deploys will run against the default Kubernetes namespace. To customize this value, set the namespace property via scheduler-k3s:set:
dokku scheduler-k3s:set node-js-app namespace lollipop\n
The default value may be set by passing an empty value for the option:
dokku scheduler-k3s:set node-js-app namespace\n
The namespace property can also be set globally. The global default is default.
dokku scheduler-k3s:set --global namespace 60s\n
The default value may be set by passing an empty value for the option.
dokku scheduler-k3s:set --global namespace\n
"},{"location":"deployment/schedulers/k3s/#enabling-rollback-on-failure","title":"Enabling rollback on failure","text":"By default, app deploys do not rollback on failure. To enable this functionality, set the rollback-on-failure property via scheduler-k3s:set:
dokku scheduler-k3s:set node-js-app rollback-on-failure true\n
The default value may be set by passing an empty value for the option:
dokku scheduler-k3s:set node-js-app rollback-on-failure\n
The rollback-on-failure property can also be set globally. The global default is false.
dokku scheduler-k3s:set --global rollback-on-failure false\n
The default value may be set by passing an empty value for the option.
dokku scheduler-k3s:set --global rollback-on-failure\n
"},{"location":"deployment/schedulers/k3s/#using-image-pull-secrets","title":"Using image pull secrets","text":"When authenticating against a registry via registry:login, the scheduler-k3s plugin will authenticate all servers in the cluster against the registry specified. If desired, an image pull secret can be used instead. To customize this value, set the image-pull-secrets property via scheduler-k3s:set:
dokku scheduler-k3s:set node-js-app image-pull-secrets lollipop\n
The default value may be set by passing an empty value for the option:
dokku scheduler-k3s:set node-js-app image-pull-secrets\n
The image-pull-secrets property can also be set globally. The global default is empty string, and k3s will use Dokku's locally configured ~/.docker/config.json for any private registry pulls.
dokku scheduler-k3s:set --global image-pull-secrets 60s\n
The default value may be set by passing an empty value for the option.
dokku scheduler-k3s:set --global image-pull-secrets\n
"},{"location":"deployment/schedulers/k3s/#ssl-certificates","title":"SSL Certificates","text":""},{"location":"deployment/schedulers/k3s/#enabling-letsencrypt-integration","title":"Enabling letsencrypt integration","text":"By default, letsencrypt is disabled and https port mappings are ignored. To enable, set the letsencrypt-email-prod or letsencrypt-email-stag property with the --global flag:
# set the value for prod\ndokku scheduler-k3s:set --global letsencrypt-email-prod automated@dokku.sh\n\n# set the value for stag\ndokku scheduler-k3s:set --global letsencrypt-email-stag automated@dokku.sh\n
After enabling and rebuilding, all apps with an http:80 port mapping will have a corresponding https:443 added and ssl will be automatically enabled. All http requests will then be redirected to https.
"},{"location":"deployment/schedulers/k3s/#customizing-the-letsencrypt-server","title":"Customizing the letsencrypt server","text":"The letsencrypt integration is set to the production letsencrypt server by default. This can be changed on an app-level by setting the letsencrypt-server property with the scheduler-k3s:set command
dokku scheduler-k3s:set node-js-app letsencrypt-server staging\n
The default value may be set by passing an empty value for the option:
dokku scheduler-k3s:set node-js-app letsencrypt-server\n
The image-pull-secrets property can also be set globally. The global default is production.
dokku scheduler-k3s:set --global letsencrypt-server staging\n
The default value may be set by passing an empty value for the option.
dokku scheduler-k3s:set --global letsencrypt-server staging\n
"},{"location":"deployment/schedulers/k3s/#customizing-annotations-and-labels","title":"Customizing Annotations and Labels","text":"Note
The cron ID is used as the process type if your app deploys any cron tasks
"},{"location":"deployment/schedulers/k3s/#setting-annotations","title":"Setting Annotations","text":"Dokku injects certain annotations into each created resource by default, but it may be necessary to inject others for tighter integration with third-party tools. The scheduler-k3s:annotations:set command can be used to perform this task. The command takes an app name and a required --resource-type flag.
dokku scheduler-k3s:annotations:set node-js-app annotation.key annotation.value --resource-type deployment\n
If not specified, the annotation will be applied to all processes within an app, though it may be further scoped to a specific process type via the --process-type flag.
dokku scheduler-k3s:annotations:set node-js-app annotation.key annotation.value --resource-type deployment --process-type web\n
The following resource types are supported:
certificatecronjobdeploymentingressjobpodsecretserviceserviceaccounttraefik_ingressroutetraefik_middleware
"},{"location":"deployment/schedulers/k3s/#removing-an-annotation","title":"Removing an annotation","text":"To unset an annotation, pass an empty value:
dokku scheduler-k3s:annotations:set node-js-app annotation.key --resource-type deployment\ndokku scheduler-k3s:annotations:set node-js-app annotation.key --resource-type deployment --process-type web\n
"},{"location":"deployment/schedulers/k3s/#setting-labels","title":"Setting Labels","text":"Dokku injects certain labels into each created resource by default, but it may be necessary to inject others for tighter integration with third-party tools. The scheduler-k3s:labels:set command can be used to perform this task. The command takes an app name and a required --resource-type flag.
dokku scheduler-k3s:labels:set node-js-app label.key label.value --resource-type deployment\n
If not specified, the label will be applied to all processes within an app, though it may be further scoped to a specific process type via the --process-type flag.
dokku scheduler-k3s:labels:set node-js-app label.key label.value --resource-type deployment --process-type web\n
The following resource types are supported:
certificatecronjobdeploymentingressjobpodsecretserviceserviceaccounttraefik_ingressroutetraefik_middleware
"},{"location":"deployment/schedulers/k3s/#removing-a-label","title":"Removing a label","text":"To unset an label, pass an empty value:
dokku scheduler-k3s:annotations:set node-js-app label.key --resource-type deployment\ndokku scheduler-k3s:labels:set node-js-app label.key --resource-type deployment --process-type web\n
"},{"location":"deployment/schedulers/k3s/#autoscaling","title":"Autoscaling","text":""},{"location":"deployment/schedulers/k3s/#workload-autoscaling","title":"Workload Autoscaling","text":"New
Introduced in 0.33.8 Users with older installations will need to manually install Keda.
Autoscaling in k3s is managed by Keda, which integrates with a variety of external metric providers to allow for autoscaling application workloads.
To enable autoscaling, use the app.json formation.$PROCESS_TYPE.autoscaling key to manage rules. In addition to the existing configuration used for process management, each process type in the formation.$PROCESS_TYPE.autoscaling key can have the following keys:
min_quantity: The minimum number of instances the application can run. If not specified, the quantity specified for the app is used.max_quantity: The maximum number of instances the application can run. If not specified, the higher value of quantity and the min_quantity is used.polling_interval_seconds: (default: 30) The interval to wait for polling each of the configured triggerscooldown_seconds: (default: 300) The number of seconds to wait in between each scaling eventtriggers: A list of autoscaling triggers.
Autoscaling triggers are passed as is to Keda, and should match the configuration keda uses for a given scaler. Below is an example for datadog:
{\n \"formation\": {\n \"web\": {\n \"autoscaling\": {\n \"min_quantity\": 1,\n \"max_quantity\": 10,\n \"triggers\": [\n {\n \"name\": \"name-for-trigger\",\n \"type\": \"datadog\",\n \"metadata\": {\n \"query\": \"per_second(sum:http.requests{service:myservice1}).rollup(max, 300))/180,per_second(sum:http.backlog{service:myservice1}).rollup(max, 300)/30\",\n \"queryValue\": \"1\",\n \"queryAggregator\": \"max\"\n }\n }\n ]\n }\n }\n }\n}\n
Each value in the metadata stanza can use the following interpolated strings:
DOKKU_DEPLOYMENT_NAME: The name of the deployment being scaledDOKKU_PROCESS_TYPE: The name of the process being scaledDOKKU_APP_NAME: The name of the app being scaled
"},{"location":"deployment/schedulers/k3s/#workload-autoscaling-authentication","title":"Workload Autoscaling Authentication","text":"Most Keda triggers require some form of authentication to query for data. In the Kubernetes API, they are represented by TriggerAuthentication and ClusterTriggerAuthentication resources. Dokku can manage these via the scheduler-k3s:autoscaling-auth commands, and includes generated resources with each helm release generated by a deploy.
If no app-specific authentication is provided for a given trigger type, Dokku will fallback to any globally defined ClusterTriggerAuthentication resources. Autoscaling triggers within an app all share the same TriggerAuthentication resources, while ClusterTriggerAuthentication resources can be shared across all apps deployed by Dokku within a given cluster.
"},{"location":"deployment/schedulers/k3s/#creating-authentication-resources","title":"Creating Authentication Resources","text":"Users can specify custom authentication resources directly via the Kubernetes api or use the scheduler-k3s:autoscaling-auth:set command to create the resources in the Kubernetes cluster.
dokku scheduler-k3s:autoscaling-auth:set $APP $TRIGGER --metadata apiKey=some-api-key --metadata appKey=some-app-key\n
For example, the following will configure the authentication for all datadog triggers on the specified app:
dokku scheduler-k3s:autoscaling-auth:set node-js-app datadog --metadata apiKey=1234567890 --metadata appKey=asdfghjkl --metadata datadogSite=us5.datadoghq.com\n
After execution, Dokku will include the following resources for each specified trigger with the helm release generated on subsequent app deploys:
Secret: an Opaque Secret resource storing the authentication credentialsTriggerAuthentication: A TriggerAuthentication resource that references the secret for use by triggers
If the --global flag is specified instead of an app name, a custom helm chart is created on the fly with the above resources.
"},{"location":"deployment/schedulers/k3s/#removing-authentication-resources","title":"Removing Authentication Resources","text":"To remove a configured authenticatin resource, run the scheduler-k3s:autoscaling-auth:set command with no metadata specified. Subsequent deploys will not include these resources.
dokku scheduler-k3s:autoscaling-auth:set $APP $TRIGGER_TYPE\n
"},{"location":"deployment/schedulers/k3s/#displaying-an-authentication-resource-report","title":"Displaying an Authentication Resource report","text":"To see a list of authentication resources managed by Dokku, run the scheduler-k3s:autoscaling-auth:report command.
ShellOutput dokku scheduler-k3s:autoscaling-auth:report node-js-app\n
====> $APP autoscaling-auth report\n datadog: configured\n
By default, the report will not display configured metadata - making it safe to include in Dokku report output. To include metadata and their values, add the --include-metadata flag:
ShellOutput dokku scheduler-k3s:autoscaling-auth:report node-js-app --include-metadata\n
====> node-js-app autoscaling-auth report\n Datadog: configured\n Datadog apiKey: 1234567890\n Datadog appKey: asdfghjkl\n Datadog datadogSite: us5.datadoghq.com\n
"},{"location":"deployment/schedulers/k3s/#using-kubectl-remotely","title":"Using kubectl remotely","text":"Warning
Certain ports must be open for interacting with the remote kubernets api. Refer to the K3s networking documentation for the required open ports between servers prior to running the command.
By default, Dokku assumes that all it controls all actions on the cluster, and thus does not expose the kubectl binary for administrators. To interact with kubectl, you will need to retrieve the kubeconfig for the cluster and configure your client to use that configuration.
dokku scheduler-k3s:show-kubeconfig\n
"},{"location":"deployment/schedulers/k3s/#interacting-with-an-external-kubernetes-cluster","title":"Interacting with an external Kubernetes cluster","text":"While the k3s scheduler plugin is designed to work with a Dokku-managed k3s cluster, Dokku can be configured to interact with any Kubernetes cluster by setting the global kubeconfig-path to a path to a custom kubeconfig on the Dokku server. This property is only available at a global level.
dokku scheduler-k3s:set --global kubeconfig-path /path/to/custom/kubeconfig\n
To set the default value, omit the value from the scheduler-k3s:set call:
dokku scheduler-k3s:set --global kubeconfig-path\n
The default value for the kubeconfig-path is the k3s kubeconfig located at /etc/rancher/k3s/k3s.yaml.
"},{"location":"deployment/schedulers/k3s/#customizing-the-kubernetes-context","title":"Customizing the Kubernetes context","text":"When interacting with a custom Kubeconfig, the kube-context property can be set to specify a specific context within the kubeconfig to use. This property is available only at the global leve.
dokku scheduler-k3s:set --global kube-context lollipop\n
To set the default value, omit the value from the scheduler-k3s:set call:
dokku scheduler-k3s:set --global kube-context\n
The default value for the kube-context is an empty string, and will result in Dokku using the current context within the kubeconfig.
"},{"location":"deployment/schedulers/k3s/#scheduler-interface","title":"Scheduler Interface","text":"The following sections describe implemented and unimplemented scheduler functionality for the k3s scheduler.
"},{"location":"deployment/schedulers/k3s/#implemented-commands-and-triggers","title":"Implemented Commands and Triggers","text":"This plugin implements various functionality through plugn triggers to integrate with Docker for running apps on a single server. The following functionality is supported by the scheduler-k3s plugin.
apps:cloneapps:destroyapps:renamecronenterdeploy- healthchecks
- Due to Kubernetes limitations, only a single healthcheck is supported for each of the
liveness, readiness, and startup healthchecks - Due to Kubernetes limitations, content checks are not supported
- Ports specified in the
app.json are ignored in favor of the container port on the port mapping detected
logsps:stoprun - The
scheduler-post-run trigger is not always triggered
run:detachedrun:list
"},{"location":"deployment/schedulers/k3s/#unimplemented-command-functionality","title":"Unimplemented command functionality","text":" run:logsps:inspect
The following Dokku functionality is not implemented at this time.
vector log integration- persistent storage
"},{"location":"deployment/schedulers/k3s/#logging-support","title":"Logging support","text":"App logs for the logs command are fetched by Dokku from running containers via the kubectl cli. Persisting logs via Vector is not implemented at this time. Users may choose to configure the Vector Kubernetes integration directly by following this guide.
"},{"location":"deployment/schedulers/k3s/#supported-resource-management-properties","title":"Supported Resource Management Properties","text":"The k3s scheduler supports a minimal list of resource limits and reservations:
- cpu: is specified in number of CPUs a process can access.
- memory: should be specified with a suffix of
b (bytes), Ki (kilobytes), Mi (megabytes), Gi (gigabytes). Default unit is Mi (megabytes).
If unspecified for any task, the default reservation will be .1 CPU and 128Mi RAM, with no limit set for either CPU or RAM. This is to avoid issues with overscheduling pods on a cluster. To avoid issues, set more specific values for at least resource reservations. If unbounded utilization is desired, set CPU and Memory to 0m and 0Mi, respectively.
Note
Cron tasks retrieve resource limits based on the computed cron task ID.
"},{"location":"deployment/schedulers/kubernetes/","title":"Kubernetes Scheduler","text":"Warning
Deprecation notice: This scheduler has been replaced with the k3s scheduler plugin and is no longer under active development.
The Kubernetes Scheduler Plugin is available free as an external plugin. Please see the plugin's issue tracker for more information on the status of the plugin.
For users that require additional functionality, please refer to the Sponsoring Documentation.
"},{"location":"deployment/schedulers/kubernetes/#scheduler-interface","title":"Scheduler Interface","text":"The following sections describe implemented scheduler functionality for the kubernetes scheduler.
"},{"location":"deployment/schedulers/kubernetes/#implemented-commands-and-triggers","title":"Implemented Commands and Triggers","text":"This plugin implements various functionality through plugn triggers to integrate with kubectl for running apps on a Kubernetes cluster. The following functionality is supported by the scheduler-kubernetes plugin.
apps:destroydeploy: partial, does not implement failed deploy log capturelogs: partial, does not implement failure logsps:stop
"},{"location":"deployment/schedulers/kubernetes/#logging-support","title":"Logging support","text":"App logs for the logs command are fetched from running pods via the kubectl cli. To persist logs across deployments, consider using Vector or a similar tool to ship logs to another service or a third-party platform.
"},{"location":"deployment/schedulers/nomad/","title":"Nomad Scheduler","text":"Warning
This scheduler is not in Dokku core and thus functionality may change over time as the API stabilizes.
The Nomad Scheduler Plugin is available free as an external plugin. Please see the plugin's issue tracker for more information on the status of the plugin.
For users that require additional functionality, please refer to the Sponsoring Documentation.
"},{"location":"deployment/schedulers/nomad/#scheduler-interface","title":"Scheduler Interface","text":"The following sections describe implemented scheduler functionality for the nomad scheduler.
"},{"location":"deployment/schedulers/nomad/#implemented-commands-and-triggers","title":"Implemented Commands and Triggers","text":"This plugin implements various functionality through plugn triggers to integrate with the nomad cli for running apps on a Nomad cluster. The following functionality is supported by the scheduler-nomad plugin.
apps:destroydeployps:stop
"},{"location":"deployment/schedulers/nomad/#logging-support","title":"Logging support","text":"Warning
Fetching app logs for the logs command is currently not implemented. Please consider using Vector or a similar tool to ship logs to another service or a third-party platform.
"},{"location":"deployment/schedulers/null/","title":"Null Scheduler","text":"New
Introduced in 0.25.0
The null scheduler does nothing, and is useful for routing to services not managed by Dokku. It should not be used in normal operation. Please see the network documentation for more information on the aforementioned use case.
"},{"location":"deployment/schedulers/null/#usage","title":"Usage","text":""},{"location":"deployment/schedulers/null/#detection","title":"Detection","text":"This scheduler is never auto-detected. The scheduler must be specified via the scheduler:set command:
dokku scheduler:set node-js-app selected null\n
"},{"location":"deployment/schedulers/scheduler-management/","title":"Scheduler Management","text":"New
Introduced in 0.26.0
scheduler:report [<app>] [<flag>] # Displays a scheduler report for one or more apps\nscheduler:set <app> <key> (<value>) # Set or clear a scheduler property for an app\n
Schedulers are a way of customizing how an app image is deployed, and can be used to interact with non-local systems such as Kubernetes and Nomad.
"},{"location":"deployment/schedulers/scheduler-management/#usage","title":"Usage","text":""},{"location":"deployment/schedulers/scheduler-management/#scheduler-selection","title":"Scheduler selection","text":"Dokku supports the following built-in schedulers:
scheduler-docker-local: Schedules apps against the local docker socket and runs containers directly on the Dokku host. See the docker-local scheduler documentation for more information on how this scheduler functions.scheduler-null: Does nothing during the scheduler phase. See the null scheduler documentation for more information on how this scheduler functions.
"},{"location":"deployment/schedulers/scheduler-management/#overriding-the-auto-selected-scheduler","title":"Overriding the auto-selected scheduler","text":"If desired, the scheduler can be specified via the scheduler:set command by speifying a value for selected. The selected scheduler will always be used.
dokku scheduler:set node-js-app selected docker-local\n
The default value may be set by passing an empty value for the option:
dokku scheduler:set node-js-app selected\n
The selected property can also be set globally. The global default is an empty string, and auto-detection will be performed when no value is set per-app or globally.
dokku scheduler:set --global selected docker-local\n
The default value may be set by passing an empty value for the option.
dokku scheduler:set --global selected\n
"},{"location":"deployment/schedulers/scheduler-management/#displaying-scheduler-reports-for-an-app","title":"Displaying scheduler reports for an app","text":"You can get a report about the app's scheduler status using the scheduler:report command:
ShellOutput dokku scheduler:report\n
=====> node-js-app scheduler information\n Scheduler computed selected: herokuish\n Scheduler global selected: herokuish\n Scheduler selected: herokuish\n=====> python-sample scheduler information\n Scheduler computed selected: dockerfile\n Scheduler global selected: herokuish\n Scheduler selected: dockerfile\n=====> ruby-sample scheduler information\n Scheduler computed selected: herokuish\n Scheduler global selected: herokuish\n Scheduler selected:\n
You can run the command for a specific app also.
ShellOutput dokku scheduler:report node-js-app\n
=====> node-js-app scheduler information\n Scheduler selected: herokuish\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku scheduler:report node-js-app --scheduler-selected\n
"},{"location":"deployment/schedulers/scheduler-management/#implementing-a-scheduler","title":"Implementing a Scheduler","text":"Custom plugins names must have the prefix scheduler- or scheduler overriding via scheduler:set may not function as expected.
At this time, the following dokku commands are used to implement a complete scheduler.
apps:destroy: stops the app processes on the scheduler - triggers: post-delete, scheduler-register-retired, scheduler-retire
apps:rename: handles app renaming - triggers: post-app-rename-setup
apps:clone: handles app cloning - triggers: post-app-clone-setup
cron: generates cron tasks for the app - triggers: cron-write
deploy: deploys app proceses and checks the status of a deploy - triggers: scheduler-app-status, scheduler-deploy, scheduler-is-deployed, scheduler-logs-failed
enter: enters a running container - triggers: scheduler-enter
logs: fetches app logs - triggers: scheduler-logs
run: starts one-off run containers (detached and non-detached) as well as listing run processes - triggers: scheduler-run, scheduler-run-list
run:list: lists running containers - triggers: scheduler-run-list
run:logs: fetches running container logs - triggers: scheduler-run-logs
ps:stop: stops app processes - triggers: scheduler-stop
ps:inspect: outputs inspect output for processes in an app - triggers: scheduler-inspect
Schedulers may decide to omit some functionality here, or use plugin triggers to supplement config with information from other plugins. Additionally, a scheduler may implement other triggers in order handle any extra processes needed during a deploy.
Schedulers can use any tools available on the system to build the docker image, and may even be used to interact with off-server systems. The only current requirement is that the scheduler must have access to the image built in the build phase. If this is not the case, the registry plugin can be used to push the image to a registry that the scheduler software can access.
Deployment tasks are currently executed directly on the primary Dokku server.
"},{"location":"development/plugin-creation/","title":"Plugin creation","text":"A plugin can be a simple implementation of triggers or can implement a command structure of its own. Dokku has no restrictions on the language in which a plugin is implemented; it only cares that the plugin implements the appropriate commands or triggers for the API. NOTE: any file that implements triggers or uses the command API must be executable.
"},{"location":"development/plugin-creation/#plugin-overview","title":"Plugin Overview","text":"When creating custom plugins:
- Take a look at the plugins shipped with Dokku and hack away!
- Check out the list of triggers the plugin can implement
- Upload the plugin to GitHub with a repository name following the
dokku-<name> convention (e.g. dokku-mariadb) - Edit this page and add a link to the plugin
- Subscribe to the dokku development blog to be notified about API changes and releases
"},{"location":"development/plugin-creation/#compilable-plugins-golang-java-c-etc","title":"Compilable plugins (Golang, Java(?), C, etc.)","text":"When developing a plugin, the install trigger must be implemented such that it outputs the built executable(s) using a directory structure that implements the plugin's desired command and/or triggers the API. See the smoke-test-plugin for an example.
"},{"location":"development/plugin-creation/#command-api","title":"Command API","text":"There are 3 main integration points: commands, subcommands/default, and subcommands/<command-name>.
"},{"location":"development/plugin-creation/#commands","title":"commands","text":"Primarily used to supply the plugin's usage/help output. (i.e. plugin help).
"},{"location":"development/plugin-creation/#subcommandsdefault","title":"subcommands/default","text":"Implements the plugin's default command behavior. (i.e. dokku plugin).
"},{"location":"development/plugin-creation/#subcommandscommand-name","title":"subcommands/<command-name>","text":"Implements the additional command interface and will translate to dokku plugin:cmd on the command line. (i.e. dokku plugin:install).
"},{"location":"development/plugin-creation/#plugin-building-tips","title":"Plugin Building Tips","text":""},{"location":"development/plugin-creation/#always-create-a-plugintoml","title":"Always create a plugin.toml","text":"The plugin.toml file is used to describe the plugin in help output, and helps users understand the purpose of the plugin. This must have a description and a version. The version should be bumped at every plugin release.
[plugin]\ndescription = \"dokku example plugin\"\nversion = \"0.1.0\"\n[plugin.config]\n
"},{"location":"development/plugin-creation/#files-should-be-executable","title":"Files should be executable","text":"Commands, subcommands, triggers and source shell scripts should all be executable. On a Unix-like machine, the following command can be used to make them executable:
chmod +x path/to/file\n
Non-executable commands, subcommands, and triggers will be ignored.
"},{"location":"development/plugin-creation/#use-the-pipefail-bash-option","title":"Use the pipefail bash option","text":"Consider whether to include the set -eo pipefail option. Look at the following example:
IMAGE=$(docker images | grep \"user/repo\" | awk '{print $3}')\nif [[ -z $IMAGE ]]; then\n dokku_log_fail \"user/repo image not found... Did you run 'dokku plugin:install'?\"\nfi\n
If user/repo doesn't exist, Dokku exits just before the awk command and the dokku_log_fail message will never go to STDOUT. printed with echo. The set -e option should be used in this case.
Here is the help entry for set:
help set\nOptions:\n -e Exit immediately if a command exits with a non-zero status.\n -o option-name\n pipefail the return value of a pipeline is the status of\n the last command to exit with a non-zero status,\n or zero if no command exited with a non-zero status\n
"},{"location":"development/plugin-creation/#support-trace-mode","title":"Support trace mode","text":"Trace mode is useful for getting debugging output from plugins when the --trace flag is specified or dokku trace:on is triggered. This should be done at the top of each shell script:
#!/usr/bin/env bash\nset -eo pipefail\n[[ $DOKKU_TRACE ]] && set -x\n
In the above example, the third line enables bash's debug mode, which prints command traces before executing command.
"},{"location":"development/plugin-creation/#verify-the-existence-of-dependencies","title":"Verify the existence of dependencies","text":"If a plugin depends on a specific command-line tool, check whether that tool exists before utilizing it. Either command -v or which may be used to do so:
# `command -v` example\nif ! command -v \"nginx\" &>/dev/null; then\n dokku_log_fail \"Missing nginx, install it\"\nfi\n\n# `which` example\nif ! which nginx &>/dev/null; then\n dokku_log_fail \"Missing nginx, install it\"\nfi\n
In cases where a dependency should be installed before the plugin can be used at all, use the dependencies plugin trigger to install the dependency.
"},{"location":"development/plugin-creation/#implement-a-help-command","title":"Implement a help command","text":"For plugins which expose commands, implement a help command. This may be empty, but should contain a listing of all available commands.
Commas - , - are used in the help output for columnizing output. Verify that the plugin conforms to the spec by running dokku help --all and manually verifying the output.
See the sample plugin below for an example.
"},{"location":"development/plugin-creation/#namespace-commands","title":"Namespace commands","text":"All commands should be namespaced. In cases where a core plugin is overridden, the plugin may utilize the a namespace in use by the core, but generally this should be avoided to reduce confusion as to where the command is implemented.
"},{"location":"development/plugin-creation/#implement-a-proper-catch-all-command","title":"Implement a proper catch-all command","text":"As of 0.3.3, a catch-all should be implemented that exits with a DOKKU_NOT_IMPLEMENTED_EXIT code. This allows Dokku to output a command not found message.
See the sample plugin below for an example.
"},{"location":"development/plugin-creation/#set-app-config-without-restarting","title":"Set app config without restarting","text":"In the case that a plugin needs to set app configuration settings and a restart should be avoided (default Heroku-style behavior) these \"internal\" commands provide this functionality:
config_set --no-restart node-js-app KEY1=VALUE1 [KEY2=VALUE2 ...]\nconfig_unset --no-restart node-js-app KEY1 [KEY2 ...]\n
"},{"location":"development/plugin-creation/#expose-functionality-in-a-functions-file","title":"Expose functionality in a functions file","text":"To allow other plugins access to (some of) a plugin's functionality, functions can expose by including a functions file in the plugin for others to source. All functions in that file should be considered publicly accessible by other plugins.
Any functions that must be kept private should reside in the plugin's trigger/ or commands/ directories. Other files may also be used to hide private functions; the official convention for hiding private functions is to place them an internal-functions file.
"},{"location":"development/plugin-creation/#use-helper-functions-to-fetch-app-images","title":"Use helper functions to fetch app images","text":"New
Introduced in 0.4.0
Dokku allows image tagging and deployment of tagged images. This means hard-coding the $IMAGE as dokku/$APP is no longer sufficient.
Plugins should use get_running_image_tag() and get_app_image_name() as sourced from common/functions. See the plugin triggers doc for examples.
Info
Note: This is only for plugins that are not pre/post-build-* plugins
"},{"location":"development/plugin-creation/#use-docker_bin-instead-of-docker-directly","title":"Use $DOCKER_BIN instead of docker directly","text":"New
Introduced in 0.17.5
Certain systems may require a wrapper function around the docker binary for proper execution. Utilizing the $DOCKER_BIN environment variable when calling docker for those functions is preferred.
# good\n\"$DOCKER_BIN\" container run -d $IMAGE /bin/bash -e -c \"$COMMAND\"\n\n# bad\ndocker run -d $IMAGE /bin/bash -e -c \"$COMMAND\"\n
"},{"location":"development/plugin-creation/#include-labels-for-all-temporary-containers-and-images","title":"Include labels for all temporary containers and images","text":"New
Introduced in 0.5.0
As of 0.5.0, labels are used to help cleanup intermediate containers with dokku cleanup. Plugins that create containers and images should add the correct labels to the build, commit, and run docker commands.
Note that where possible, a label com.dokku.app-name=$APP - where $APP is the name of the app - should also be included. This enables dokku cleanup APP to cleanup the specific containers for a given app.
# `docker build` example\n\"$DOCKER_BIN\" image build \"--label=com.dokku.app-name=${APP}\" $DOKKU_GLOBAL_BUILD_ARGS ...\n\n# `docker commit` example\n# Note that the arguments must be set as a local array\n# as arrays cannot be exported in shell\nlocal DOKKU_COMMIT_ARGS=(\"--change\" \"LABEL org.label-schema.schema-version=1.0\" \"--change\" \"LABEL org.label-schema.vendor=dokku\" \"--change\" \"LABEL $DOKKU_CONTAINER_LABEL=\")\n\"$DOCKER_BIN\" container commit --change \"LABEL com.dokku.app-name=$APP\" \"${DOKKU_COMMIT_ARGS[@]}\" ...\n\n# `docker run` example\n\"$DOCKER_BIN\" container run \"--label=com.dokku.app-name=${APP}\" $DOKKU_GLOBAL_RUN_ARGS ...\n
"},{"location":"development/plugin-creation/#copy-files-from-the-built-image-using-copy_from_image","title":"Copy files from the built image using copy_from_image","text":"Avoid copying files from running containers as these files may change over time. Instead copy files from the image built during the deploy process. This can be done via the copy_from_image helper function. This will correctly handle various corner cases in copying files from an image.
source \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\n\nlocal TMP_FILE=$(mktemp \"/tmp/dokku-${DOKKU_PID}-${FUNCNAME[0]}.XXXXXX\")\ntrap \"rm -rf '$TMP_FILE' >/dev/null\" RETURN INT TERM EXIT\n\nlocal IMAGE_TAG=\"$(get_running_image_tag \"$APP\")\"\nlocal IMAGE=$(get_deploying_app_image_name \"$APP\" \"$IMAGE_TAG\")\ncopy_from_image \"$IMAGE\" \"file-being-copied\" \"$TMP_FILE\" 2>/dev/null\n
Files are copied from the /app directory - for images built via buildpacks - or WORKDIR - for images built via Dockerfile.
"},{"location":"development/plugin-creation/#avoid-calling-the-dokku-binary-directly","title":"Avoid calling the dokku binary directly","text":"New
Introduced in 0.6.0
Plugins should not call the dokku binary directly from within plugins because clients using the --app argument are potentially broken when doing so.
Plugins should instead source the functions file for a given plugin when attempting to call Dokku internal functions. In cases where plugin functions cannot be sourced (eg if a plugin is implemented in Golang), then call the relevant plugin triggers instead.
"},{"location":"development/plugin-creation/#sample-plugin","title":"Sample plugin","text":"The below plugin is a dummy dokku hello plugin.
Each plugin requires a plugin.toml descriptor file with the following required fields:
[plugin]\ndescription = \"dokku hello plugin\"\nversion = \"0.1.0\"\n[plugin.config]\n
hello/subcommands/default
#!/usr/bin/env bash\nset -eo pipefail\n[[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\n\ncmd-hello-default() {\n declare desc=\"prints Hello \\$APP\"\n declare cmd=\"hello\"\n [[ \"$1\" == \"$cmd\" ]] && shift 1\n # Support --app/$DOKKU_APP_NAME flag\n # Use the following lines to reorder args into \"$cmd $DOKKU_APP_NAME $@\"\"\n [[ -n $DOKKU_APP_NAME ]] && set -- $DOKKU_APP_NAME $@\n set -- $cmd $@\n #\n declare APP=\"$1\"\n\n [[ -z \"$APP\" ]] && dokku_log_fail \"Please specify an app to run the command on\"\n verify_app_name \"$APP\"\n\n echo \"Hello $APP\"\n}\n\ncmd-hello-default \"$@\"\n
hello/subcommands/world
#!/usr/bin/env bash\nset -eo pipefail\n[[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\n\ncmd-hello-world() {\n declare desc=\"prints Hello world\"\n declare cmd=\"hello:world\"\n [[ \"$1\" == \"$cmd\" ]] && shift 1\n\n echo \"Hello world\"\n}\n\ncmd-hello-world \"$@\"\n
hello/commands
#!/usr/bin/env bash\nset -eo pipefail\n[[ $DOKKU_TRACE ]] && set -x\n\ncase \"$1\" in\n help | hello:help)\n help_content_func () {\n declare desc=\"return help_content string\"\n cat<<help_content\n hello <app>, Says \"Hello <app>\"\n hello:world, Says \"Hello world\"\nhelp_content\n }\n\n if [[ $1 = \"hello:help\" ]] ; then\n echo -e 'Usage: dokku hello[:world] [<app>]'\n echo ''\n echo 'Say Hello World.'\n echo ''\n echo 'Example:'\n echo ''\n echo '$ dokku hello:world'\n echo 'Hello world'\n echo ''\n echo 'Additional commands:'\n help_content_func | sort | column -c2 -t -s,\n else\n help_content_func\n fi\n ;;\n\n *)\n exit $DOKKU_NOT_IMPLEMENTED_EXIT\n ;;\n\nesac\n
"},{"location":"development/plugin-triggers/","title":"Plugin triggers","text":"Plugin triggers (formerly pluginhooks) are a good way to jack into existing Dokku infrastructure. You can use them to modify the output of various Dokku commands or override internal configuration.
Plugin triggers are simply scripts that are executed by the system. You can use any language you want, so long as the script:
- Is executable
- Has the proper language requirements installed
For instance, if you wanted to write a plugin trigger in PHP, you would need to have php installed and available on the CLI prior to plugin trigger invocation.
The following is an example for the nginx-hostname plugin trigger. It reverses the hostname that is provided to nginx during deploys. If you created an executable file named nginx-hostname with the following code in your plugin trigger, it would be invoked by Dokku during the normal app deployment process:
#!/usr/bin/env bash\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nAPP=\"$1\"; SUBDOMAIN=\"$2\"; VHOST=\"$3\"\n\nNEW_SUBDOMAIN=`echo $SUBDOMAIN | rev`\necho \"$NEW_SUBDOMAIN.$VHOST\"\n
"},{"location":"development/plugin-triggers/#available-plugin-triggers","title":"Available plugin triggers","text":"There are a number of plugin-related triggers. These can be optionally implemented by plugins and allow integration into the standard Dokku setup/teardown process.
The following plugin triggers describe those available to a Dokku installation. As well, there is an example for each trigger that you can use as templates for your own plugin development.
Info
The example plugin trigger code is not guaranteed to be implemented as in within dokku, and are merely simplified examples. Please look at the Dokku source for larger, more in-depth examples.
"},{"location":"development/plugin-triggers/#app-create","title":"app-create","text":" - Description: Creates an app
- Invoked by:
- Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#app-destroy","title":"app-destroy","text":" - Description: Destroys an app (with confirmation if force isn't specified)
- Invoked by:
- Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#app-exists","title":"app-exists","text":" - Description: Checks if an app exists
- Invoked by:
- Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#app-list","title":"app-list","text":" - Description: Lists all apps in available to the currently logged in user. Optionally disables filtering by user if the first argument is
false. - Invoked by:
- Arguments:
$FILTER - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#app-json-process-deploy-parallelism","title":"app-json-process-deploy-parallelism","text":" - Description: Decides the parallelism to use when deploying a given process type. The default is 1 process entry at a type.
- Invoked by:
dokku deploy - Arguments:
$APP $PROCESS_TYPE - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#app-json-get-content","title":"app-json-get-content","text":" - Description: Outputs the contents of the app-json file, if any
- Invoked by: Deployment checks
- Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#app-maybe-create","title":"app-maybe-create","text":" - Description: Creates an app (gated by whether this is globally enabled or not)
- Invoked by:
- Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#app-restart","title":"app-restart","text":" - Description: Triggers an app restart
- Invoked by:
dokku config:clear, dokku config:set, dokku config:unset - Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#app-urls","title":"app-urls","text":" - Description: Allows you to change the urls Dokku reports for an application. Will override any auto-detected urls.
- Invoked by:
dokku deploy, dokku url, and dokku urls - Arguments:
$APP $URL_TYPE - Example:
#!/usr/bin/env bash\n# Sets the domain to `internal.tld`\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nAPP=\"$1\"; URL_TYPE=\"$2\"\ncase \"$URL_TYPE\" in\n url)\n echo \"https://internal.tld/${APP}/\"\n ;;\n urls)\n echo \"https://internal.tld/${APP}/\"\n echo \"http://internal.tld/${APP}/\"\n ;;\nesac\n
"},{"location":"development/plugin-triggers/#builder-build","title":"builder-build","text":" - Description: Triggers the artifact build process
- Invoked by:
dokku deploy - Arguments:
$BUILDER_TYPE $APP $SOURCECODE_WORK_DIR - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#builder-create-dokku-image","title":"builder-create-dokku-image","text":" - Description: Allows modification of the configured dokku-image
- Invoked by:
dokku deploy - Arguments:
$BUILDER_TYPE $APP $SOURCECODE_WORK_DIR $DOKKU_IMAGE - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#builder-detect","title":"builder-detect","text":" - Description: Allows overriding the auto-detected
herokuish builder in favor of a custom one. Dockerfile gets lowest builder precedence. - Invoked by:
dokku deploy - Arguments:
$APP $SOURCECODE_WORK_DIR - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nAPP=\"$1\"; SOURCECODE_WORK_DIR=\"$2\"\n\nif [[ -f \"$SOURCECODE_WORK_DIR/project.toml\" ]]; then\n echo -n \"pack\"\nfi\n
"},{"location":"development/plugin-triggers/#builder-dokku-image","title":"builder-dokku-image","text":" - Description: Allows modification of the used dokku-image.
- Invoked by:
dokku deploy - Arguments:
$BUILDER_TYPE $APP $SOURCECODE_WORK_DIR $DOKKU_IMAGE - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#builder-get-property","title":"builder-get-property","text":" - Description: Return the value for an app's builder property
- Invoked by:
- Arguments:
$APP $KEY - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nAPP=\"$1\"; PROPERTY=\"$2\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#builder-herokuish-allowed","title":"builder-herokuish-allowed","text":" - Description: Checks if herokuish is allowed to run on non-amd64 hosts
- Invoked by: unit tests
- Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#builder-image-is-cnb","title":"builder-image-is-cnb","text":" - Description: Checks if an image is cnb-based
- Invoked by: unit tests
- Arguments:
$APP $IMAGE_TAG - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#builder-image-is-herokuish","title":"builder-image-is-herokuish","text":" - Description: Checks if an image is herokuish-based
- Invoked by: unit tests
- Arguments:
$APP $IMAGE_TAG - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#builder-release","title":"builder-release","text":" - Description: Triggers the artifact release process
- Invoked by:
dokku deploy - Arguments:
$BUILDER_TYPE $APP $IMAGE_TAG - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#buildpack-stack-name","title":"buildpack-stack-name","text":" - Description: Retrieves the configured buildpack stack for the pack and herokuish builders
- Invoked by: builder-herokuish and builder-pack
- Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#caddy-template-source","title":"caddy-template-source","text":" - Description: Retrieves an alternative template for the caddy compose config
- Invoked by: caddy-vhosts
- Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#certs-exists","title":"certs-exists","text":" - Description: Echos
true if certs exists for the app, false otherwise - Invoked by:
- Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#certs-force","title":"certs-force","text":" - Description: Echos
true if a cert should be simulated for the app, no output otherwise - Invoked by:
- Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#check-deploy","title":"check-deploy","text":" - Description: Allows you to run checks on a deploy before Dokku allows the container to handle requests.
- Invoked by:
dokku deploy - Arguments:
$APP $CONTAINER_ID $PROC_TYPE $PORT $IP - Example:
#!/usr/bin/env bash\n# Disables deploys of containers based on whether the\n# `DOKKU_DISABLE_DEPLOY` env var is set to `true` for an app\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_AVAILABLE_PATH/config/functions\"\n\nAPP=\"$1\"; CONTAINER_ID=\"$2\"; PROC_TYPE=\"$3\"; PORT=\"$4\" ; IP=\"$5\"\n\neval \"$(config_export app $APP)\"\nDOKKU_DISABLE_DEPLOY=\"${DOKKU_DISABLE_DEPLOY:-false}\"\n\nif [[ \"$DOKKU_DISABLE_DEPLOY\" = \"true\" ]]; then\n echo -e \"\\033[31m\\033[1mDeploys disabled, sorry.\\033[0m\"\n exit 1\nfi\n
"},{"location":"development/plugin-triggers/#checks-get-property","title":"checks-get-property","text":" - Description: Return the value for an app's checks property
- Invoked by:
- Arguments:
$APP $KEY - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nAPP=\"$1\"; PROPERTY=\"$2\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#commands-help-and-commands-plugin_namehelp","title":"commands help and commands <PLUGIN_NAME>:help","text":" - Description: Your plugin should implement a
help command in your commands file to take advantage of this plugin trigger. commands help is used by dokku help to aggregate all plugins abbreviated help output. Implementing <PLUGIN_NAME>:help in your commands file gives users looking for help, a more detailed output. 'commands help' must be implemented inside the commands plugin file. It's recommended that PLUGIN_NAME:help be added to the commands file to ensure consistency among community plugins and give you a new avenue to share rich help content with your user. - Invoked by:
dokku help and commands <PLUGIN_NAME>:help - Arguments: None
- Example:
#!/usr/bin/env bash\n# Outputs help for the derp plugin\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\ncase \"$1\" in\n help | hello:help)\n help_content_func () {\n declare desc=\"return help_content string\"\n cat<<help_content\n hello <app>, Says \"Hello <app>\"\n hello:world, Says \"Hello world\"\nhelp_content\n }\n\n if [[ $1 = \"hello:help\" ]] ; then\n echo -e 'Usage: dokku hello[:world] [<app>]'\n echo ''\n echo 'Say Hello World.'\n echo ''\n echo 'Example:'\n echo ''\n echo '$ dokku hello:world'\n echo 'Hello world'\n echo ''\n echo 'Additional commands:'\n help_content_func | sort | column -c2 -t -s,\n else\n help_content_func\n fi\n ;;\n\n *)\n exit $DOKKU_NOT_IMPLEMENTED_EXIT\n ;;\n\nesac\n
"},{"location":"development/plugin-triggers/#config-export","title":"config-export","text":" - Description: Returns the environment variables in a specified format
- Invoked by: app-json plugin
- Arguments:
$APP $GLOBAL $MERGED $FORMAT - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#config-get","title":"config-get","text":" - Description: Fetches the app config value for a key
- Invoked by:
- Arguments:
$APP $KEY - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#config-get-global","title":"config-get-global","text":" - Description: Fetches the global config value for a key
- Invoked by:
- Arguments:
$KEY - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#core-post-deploy","title":"core-post-deploy","text":"Info
To avoid issues with community plugins, this plugin trigger should be used only for core plugins. Please avoid using this trigger in your own plugins.
- Description: Allows running of commands after an app's processes have been scaled up, but before old containers are torn down. Dokku core currently uses this to switch traffic on nginx.
- Invoked by:
dokku deploy - Arguments:
$APP $INTERNAL_PORT $INTERNAL_IP_ADDRESS $IMAGE_TAG - Example:
#!/usr/bin/env bash\n# Notify an external service that a successful deploy has occurred.\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\ncurl \"http://httpstat.us/200\"\n
"},{"location":"development/plugin-triggers/#core-post-extract","title":"core-post-extract","text":"Info
To avoid issues with community plugins, this plugin trigger should be used only for core plugins. Please avoid using this trigger in your own plugins.
- Description: Allows you to modify the contents of an app after it has been extracted from git but before the image source type is detected.
- Invoked by: The
receive-app plugin trigger - Arguments:
$APP $TMP_WORK_DIR $REV - Example:
#!/usr/bin/env bash\n# Adds a clock process to an app's Procfile\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nAPP=\"$1\"\nTMP_WORK_DIR=\"$2\"\nREV=\"$3\" # optional, may not be sent for tar-based builds\n\npushd \"$TMP_WORK_DIR\" >/dev/null\ntouch Procfile\necho \"clock: some-command\" >> Procfile\npopd &>/dev/null\n
"},{"location":"development/plugin-triggers/#cron-get-property","title":"cron-get-property","text":" - Description: Return the value for an app's cron property
- Invoked by:
- Arguments:
$APP $KEY - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nAPP=\"$1\"; PROPERTY=\"$2\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#cron-entries","title":"cron-entries","text":" - Description: Allows injecting cron entries into the written out scheduled cron task list. Each entry is newline delimited, and individual entries come in the form
$SCHEDULE;$FULL_COMMAND;$ARBITRARY_DATA. Individual implementations of cron writing can decide whether and how to include these cron entries. The ARBITRARY_DATA includes the log file path for the basic docker-local cron implementation. - Invoked by:
- Arguments:
$DOKKU_SCHEDULER - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\n\nDOKKU_SCHEDULER=\"$1\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#cron-write","title":"cron-write","text":" - Description: Force triggers writing out cron entries
- Invoked by:
- Arguments:
- Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#dependencies","title":"dependencies","text":" - Description: Used to install system-level dependencies.
- Invoked by:
dokku plugin:install-dependencies - Arguments: None
- Example:
#!/usr/bin/env bash\n# Installs nginx for the current plugin\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nexport DEBIAN_FRONTEND=noninteractive\n\ncase \"$DOKKU_DISTRO\" in\n debian|raspbian|ubuntu)\n apt-get -qq -y --no-install-recommends install nginx\n ;;\n *)\n echo \"Installation on $DOKKU_DISTRO not supported\" 1>&2\n ;;\nesac\n
"},{"location":"development/plugin-triggers/#deploy","title":"deploy","text":" - Description: Triggers a deploy for the given app. Can override the image tag to deploy, as well as specify a single process type to deploy.
- Invoked by:
dokku deploy - Arguments:
$APP [$IMAGE_TAG] [$PROC_TYPE] - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\n\nAPP=\"$1\" IMAGE_TAG=\"$2\" PROC_TYPE=\"$3\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#deployed-app-image-repo","title":"deployed-app-image-repo","text":" - Description: Used to manage the full repo of the image being deployed. Useful for deploying from an external registry where the repository name is not
dokku/$APP - Invoked by:
internal function dokku_deploy_cmd() (deploy phase) - Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nAPP=\"$1\"\n# change the repo from dokku/APP to dokkupaas/APP\necho \"dokkupaas/$APP\"\n
"},{"location":"development/plugin-triggers/#deployed-app-image-tag","title":"deployed-app-image-tag","text":" - Description: Used to manage the tag of the image being deployed. Useful for deploying a specific version of an image, or when deploying from an external registry
- Invoked by:
internal function dokku_deploy_cmd() (deploy phase) - Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# customize the tag version\necho 'not-latest'\n
"},{"location":"development/plugin-triggers/#deployed-app-repository","title":"deployed-app-repository","text":" - Description: Used to manage the remote repository of the image being deployed.
- Invoked by:
internal function dokku_deploy_cmd() (deploy phase) - Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\necho 'derp.dkr.ecr.us-east-1.amazonaws.com'\n
"},{"location":"development/plugin-triggers/#deploy-source-set","title":"deploy-source-set","text":" - Description: Used to set metadata about how the app is being deployed
- Invoked by:
git:from-archive, git:from-image, git:load-image, git:sync, and all git push commands - Arguments:
$APP $SOURCE_TYPE $METADATA - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#docker-args-build","title":"docker-args-build","text":"Warning
Deprecated, please use docker-args-process-build instead
- Description:
- Invoked by:
internal function dokku_build() (build phase) - Arguments:
$APP $IMAGE_SOURCE_TYPE - Example:
#!/usr/bin/env bash\n# Sets a docker build-arg called CACHEBUST which can be used\n# to bust cache at any arbitrary point in a Dockerfile build\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nSTDIN=$(cat)\nAPP=\"$1\"; IMAGE_SOURCE_TYPE=\"$2\"\noutput=\"\"\n\nif [[ \"$IMAGE_SOURCE_TYPE\" == \"dockerfile\" ]]; then\n output=\" --build-arg CACHEBUST=$(date +%s)\"\nfi\necho -n \"$STDIN$output\"\n
"},{"location":"development/plugin-triggers/#docker-args-deploy","title":"docker-args-deploy","text":"Warning
Deprecated, please use docker-args-process-deploy instead
- Description:
- Invoked by:
dokku deploy - Arguments:
$APP $IMAGE_TAG [$PROC_TYPE $CONTAINER_INDEX] - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nAPP=\"$1\"; IMAGE_TAG=\"$2\"; IMAGE=$(get_app_image_name $APP $IMAGE_TAG)\n\n# TODO\n
"},{"location":"development/plugin-triggers/#docker-args-process-build","title":"docker-args-process-build","text":" - Description:
$PROC_TYPE may be set to magic _all_ process type to signify global docker deploy options. - Invoked by:
dokku ps:rebuild - Arguments:
$APP $IMAGE_SOURCE_TYPE - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\n\nAPP=\"$1\"; IMAGE_SOURCE_TYPE=\"$2\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#docker-args-process-deploy","title":"docker-args-process-deploy","text":" - Description:
$PROC_TYPE may be set to magic _all_ process type to signify global docker deploy options. - Invoked by:
dokku deploy - Arguments:
$APP $IMAGE_SOURCE_TYPE $IMAGE_TAG [$PROC_TYPE $CONTAINER_INDEX] - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nAPP=\"$1\"; $IMAGE_SOURCE_TYPE=\"$2\" IMAGE_TAG=\"$3\"; PROC_TYPE=\"$4\"; CONTAINER_INDEX=\"$5\"; IMAGE=$(get_app_image_name $APP $IMAGE_TAG)\n\n# TODO\n
"},{"location":"development/plugin-triggers/#docker-args-process-run","title":"docker-args-process-run","text":" - Description:
$PROC_TYPE may be set to magic _all_ process type to signify global docker run options. - Invoked by:
dokku run - Arguments:
$APP $IMAGE_SOURCE_TYPE $IMAGE_TAG - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nAPP=\"$1\"; IMAGE_SOURCE_TYPE=\"$3\"; IMAGE_TAG=\"$2\"; IMAGE=$(get_app_image_name $APP $IMAGE_TAG)\n\n# TODO\n
"},{"location":"development/plugin-triggers/#docker-args-run","title":"docker-args-run","text":"Warning
Deprecated, please use docker-args-process-run instead
- Description:
- Invoked by:
dokku run - Arguments:
$APP $IMAGE_TAG - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nAPP=\"$1\"; IMAGE_TAG=\"$2\"; IMAGE=$(get_app_image_name $APP $IMAGE_TAG)\n\n# TODO\n
"},{"location":"development/plugin-triggers/#domains-add","title":"domains-add","text":" - Description: Adds a domain to an app
- Invoked by:
- Arguments:
$APP $DOMAIN - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#domains-disable","title":"domains-disable","text":" - Description: Disables domains for an app
- Invoked by:
- Arguments:
$APP $RESTART_APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#domains-enable","title":"domains-enable","text":" - Description: Enables domains for an app
- Invoked by:
- Arguments:
$APP $RESTART_APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#domains-list","title":"domains-list","text":" - Description: Lists all domains for an app
- Invoked by:
- Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#domains-urls","title":"domains-urls","text":" - Description: Gets an app's url(s)
- Invoked by:
- Arguments:
$APP $URL_TYPE - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#domains-vhost-enabled","title":"domains-vhost-enabled","text":" - Description: Checks if a virtual hosts are enabled for an app
- Invoked by:
- Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#git-deploy-branch","title":"git-deploy-branch","text":" - Description: Outputs the deploy branch for an app, inherited or not
- Invoked by:
- Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#git-get-property","title":"git-get-property","text":" - Description: Return the value for an app's git property
- Invoked by:
- Arguments:
$APP $KEY - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nAPP=\"$1\"; PROPERTY=\"$2\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#git-from-archive","title":"git-from-archive","text":" - Description: Updates an app's git repository from an archive and then triggers a build
- Invoked by:
git:from-archive - Arguments:
$APP $ARCHIVE_URL $ARCHIVE_TYPE $USER_NAME $USER_EMAIL - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#git-from-directory","title":"git-from-directory","text":" - Description: Updates an app's git repository from a source directory and then triggers a build
- Invoked by:
git:from-image and git:from-archive - Arguments:
$APP $SOURCECODE_WORK_DIR $USER_NAME $USER_EMAIL - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#git-from-image","title":"git-from-image","text":" - Description: Updates an app's git repository from a docker image and then triggers a build as necessary
- Invoked by:
git:from-image - Arguments:
$APP $DOCKER_IMAGE $BUILD_DIR $USER_NAME $USER_EMAIL - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#git-has-code","title":"git-has-code","text":" - Description: Checks to see if there is code at the specified branch
- Arguments:
$APP $BRANCH_NAME - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#git-post-pull","title":"git-post-pull","text":" - Description:
- Invoked by:
dokku git-upload-pack - Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#git-pre-pull","title":"git-pre-pull","text":" - Description:
- Invoked by:
dokku git-upload-pack - Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
Warning
The git-pre-pull trigger should not be used for authentication since it does not get called for commands that use git-upload-archive such as git archive. Instead, use the user-auth trigger.
"},{"location":"development/plugin-triggers/#git-revision","title":"git-revision","text":" - Description: Allows you to fetch the current git revision for a given application
- Invoked by:
- Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#install","title":"install","text":" - Description: Used to setup any files/configuration for a plugin.
- Invoked by:
dokku plugin:install. - Arguments: None
- Example:
#!/usr/bin/env bash\n# Sets the hostname of the Dokku server\n# based on the output of `hostname -f`\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nif [[ ! -f \"$DOKKU_ROOT/VHOST\" ]]; then\n hostname -f > $DOKKU_ROOT/VHOST\nfi\n
"},{"location":"development/plugin-triggers/#haproxy-template-source","title":"haproxy-template-source","text":" - Description: Retrieves an alternative template for the haproxy compose config
- Invoked by: haproxy-vhosts
- Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#logs-get-property","title":"logs-get-property","text":" - Description: Return the value for an app's log property
- Invoked by:
- Arguments:
$APP $KEY - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nAPP=\"$1\"; PROPERTY=\"$2\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#network-build-config","title":"network-build-config","text":" - Description: Rebuilds network configuration
- Invoked by:
internally triggered by proxy-build-config within proxy implementations - Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#network-clear-config","title":"network-clear-config","text":" - Description: Clears network configuration
- Invoked by:
internally triggered within proxy implementations - Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#network-config-exists","title":"network-config-exists","text":" - Description: Returns whether the network configuration for a given app exists
- Invoked by:
internally triggered by core-post-deploy within proxy implementations - Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#network-get-ipaddr","title":"network-get-ipaddr","text":" - Description: Return the ipaddr for a given app container
- Invoked by:
internally triggered by a deploy - Arguments:
$APP $PROC_TYPE $CONTAINER_ID - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#network-get-listeners","title":"network-get-listeners","text":" - Description: Return the listeners (host:port combinations) for a given app container
- Invoked by:
internally triggered by a deploy - Arguments:
$APP $PROCESS_TYPE - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#network-get-property","title":"network-get-property","text":" - Description: Return the value for an app's network property
- Invoked by:
internally triggered by a deploy - Arguments:
$APP $KEY - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#network-get-static-listeners","title":"network-get-static-listeners","text":" - Description: Return the network value for an app's property
- Invoked by:
internally triggered by proxy-build-config - Arguments:
$APP $PROCESS_TYPE - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#network-write-ipaddr","title":"network-write-ipaddr","text":" - Description: Write the ipaddr for a given app index
- Invoked by:
internally triggered by a deploy - Arguments:
$APP $PROC_TYPE $CONTAINER_INDEX $IP_ADDRESS - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#network-write-port","title":"network-write-port","text":" - Description: Write the port for a given app index
- Invoked by:
internally triggered by a deploy - Arguments:
$APP $PROC_TYPE $CONTAINER_INDEX $PORT - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#nginx-app-template-source","title":"nginx-app-template-source","text":" - Description: Return the path to a
sigil template that should be used to generate a given nginx configuration file. - Invoked by:
nginx-vhosts#build-config - Arguments:
$APP $TEMPLATE_TYPE - The
TEMPLATE_TYPE argument can be one of: [app-config, hsts-config, validate-config]
- Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\n\nAPP=\"$1\"\nTEMPLATE_TYPE=\"$2\"\ncase \"$TEMPLATE_TYPE\" in\n app-config)\n echo \"$(cd \"$(dirname \"${BASH_SOURCE[0]}\")\" && pwd)/app.conf.sigil\";;\n hsts-config)\n echo \"$(cd \"$(dirname \"${BASH_SOURCE[0]}\")\" && pwd)/hsts.conf.sigil\";;\n validate-config)\n echo \"$(cd \"$(dirname \"${BASH_SOURCE[0]}\")\" && pwd)/validate.conf.sigil\";;\n *)\n dokku_log_fail \"Invalid template type: ${TEMPLATE_TYPE}\"\nesac\n
The default templates are viewable here: plugins/nginx-vhosts/templates/
"},{"location":"development/plugin-triggers/#nginx-dokku-template-source","title":"nginx-dokku-template-source","text":" - Description: Return the path to a
sigil template that should be used to generate the dokku.conf nginx configuration file. - Invoked by:
nginx-vhosts#install - Arguments: None, however the
sigil template can make use of the following variables: $.DOKKU_ROOT $.NGINX_ROOT - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\necho \"$(cd \"$(dirname \"${BASH_SOURCE[0]}\")\" && pwd)/dokku.conf.sigil\"\n
The default template is viewable here: plugins/nginx-vhosts/templates/dokku.conf.sigil
"},{"location":"development/plugin-triggers/#nginx-hostname","title":"nginx-hostname","text":" - Description: Allows you to customize the hostname for a given app
- Invoked by:
dokku domains:setup - Arguments:
$APP $SUBDOMAIN $VHOST - Example:
#!/usr/bin/env bash\n# Reverses the hostname for the app\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nAPP=\"$1\"; SUBDOMAIN=\"$2\"; VHOST=\"$3\"\n\nNEW_SUBDOMAIN=`echo $SUBDOMAIN | rev`\necho \"$NEW_SUBDOMAIN.$VHOST\"\n
"},{"location":"development/plugin-triggers/#nginx-pre-reload","title":"nginx-pre-reload","text":"Warning
The arguments INTERNAL_PORT and INTERNAL_IP_ADDRESS are no longer sufficient to retrieve all app listeners. Please run plugn trigger network-get-listeners APP within any implementation of nginx-pre-reload in order to retrieve all application listeners.
- Description: Run before nginx reloads hosts
- Invoked by:
dokku proxy:build-config - Arguments:
$APP $INTERNAL_PORT $INTERNAL_IP_ADDRESS - Example:
#!/usr/bin/env bash\n# Runs a check against all nginx conf files\n# to ensure they are valid\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nnginx -t\n
"},{"location":"development/plugin-triggers/#openresty-template-source","title":"openresty-template-source","text":" - Description: Retrieves an alternative template for the openresty compose config
- Invoked by: openresty-vhosts
- Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#ports-clear","title":"ports-clear","text":" - Description: Clears the ports for a given app without triggering further restarts or rebuilds
- Invoked by: internally
- Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#ports-configure","title":"ports-configure","text":" - Description: Configures the initial proxy ports
- Invoked by:
internally triggered by proxy plugins - Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#ports-get","title":"ports-get","text":" - Description: Returns a list of port mappings, newline delimited
- Invoked by: Various networking plugins
- Arguments:
$APP $FORMAT - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#ports-get-available","title":"ports-get-available","text":" - Description: Prints out an available port greater than 1024
- Invoked by: Various networking plugins
- Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#ports-get-property","title":"ports-get-property","text":" - Description: Return the value for an app's ports property
- Invoked by:
- Arguments:
$APP $KEY - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nAPP=\"$1\"; PROPERTY=\"$2\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#ports-set-detected","title":"ports-set-detected","text":" - Description: Allows builders to specify detected port mappings for a given app
- Invoked by: Builder plugins
- Arguments:
$APP [$PORT_MAPPING...] - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-app-clone","title":"post-app-clone","text":" - Description: Allows you to run commands after an app was cloned.
- Invoked by:
dokku apps:clone - Arguments:
$OLD_APP_NAME $NEW_APP_NAME - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-app-clone-setup","title":"post-app-clone-setup","text":" - Description: Allows you to run commands after an app is setup, and before it is rebuild. This is useful for cleaning up tasks, or ensuring configuration from an old app is copied to the new app
- Invoked by:
dokku apps:clone - Arguments:
$OLD_APP_NAME $NEW_APP_NAME - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-app-rename","title":"post-app-rename","text":" - Description: Allows you to run commands after an app was renamed.
- Invoked by:
dokku apps:rename - Arguments:
$OLD_APP_NAME $NEW_APP_NAME - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-app-rename-setup","title":"post-app-rename-setup","text":" - Description: Allows you to run commands after an app is setup, and before it is rebuild. This is useful for cleaning up tasks, or ensuring configuration from an old app is copied to the new app
- Invoked by:
dokku apps:rename - Arguments:
$OLD_APP_NAME $NEW_APP_NAME - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-build","title":"post-build","text":" - Description: Allows you to run commands after the build image is create for a given app.
- Invoked by:
internal function dokku_build() (build phase) - Arguments:
$BUILDER_TYPE $APP $SOURCECODE_WORK_DIR - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-build-buildpack","title":"post-build-buildpack","text":"Warning
Deprecated, please use post-build instead
- Description: Allows you to run commands after the build image is create for a given app. Only applies to apps using buildpacks.
- Invoked by:
internal function dokku_build() (build phase) - Arguments:
$APP $SOURCECODE_WORK_DIR - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-build-dockerfile","title":"post-build-dockerfile","text":"Warning
Deprecated, please use post-build instead
- Description: Allows you to run commands after the build image is create for a given app. Only applies to apps using a dockerfile.
- Invoked by:
internal function dokku_build() (build phase) - Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-build-lambda","title":"post-build-lambda","text":"Warning
Deprecated, please use post-build instead
- Description: Allows you to run commands after the build image is create for a given app. Only applies to apps using lambda.
- Invoked by:
internal function dokku_build() (build phase) - Arguments:
$APP $SOURCECODE_WORK_DIR - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-build-pack","title":"post-build-pack","text":"Warning
Deprecated, please use post-build instead
- Description: Allows you to run commands after the build image is create for a given app. Only applies to apps using pack.
- Invoked by:
internal function dokku_build() (build phase) - Arguments:
$APP $SOURCECODE_WORK_DIR - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-certs-remove","title":"post-certs-remove","text":" - Description: Allows you to run commands after a cert is removed
- Invoked by:
dokku certs:remove - Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nAPP=\"$1\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-certs-update","title":"post-certs-update","text":" - Description: Allows you to run commands after a cert is added/updated
- Invoked by:
dokku certs:add, dokku certs:update - Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nAPP=\"$1\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-config-update","title":"post-config-update","text":" - Description: Allows you to get notified when one or more configs is added or removed. Action can be
set or unset. - Invoked by:
dokku config:set, dokku config:unset - Arguments:
$APP set|unset key1=VALUE1 key2=VALUE2 - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-container-create","title":"post-container-create","text":" - Description: This trigger should be used to do stuff to containers after they are created but before they are started. They are explicitly for commands that may involve network traffic, and not for commands that are self-contained, such as chown or tar.
- Invoked by:
dokku run, dokku ps:rebuild, dokku deploy - Arguments: \"app|service\" \"$CONTAINER_ID\" \"$APP|$SERVICE\" \"$PHASE\"
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-create","title":"post-create","text":" - Description: Can be used to run commands after an app is created.
- Invoked by:
dokku apps:create - Arguments:
$APP - Example:
#!/usr/bin/env bash\n# Runs a command to ensure that an app\n# has a postgres database when it is starting\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nAPP=\"$1\";\nPOSTGRES=\"$1\"\n\ndokku postgres:create $POSTGRES\ndokku postgres:link $POSTGRES $APP\n
"},{"location":"development/plugin-triggers/#post-delete","title":"post-delete","text":" - Description: Can be used to run commands after an app is deleted.
- Invoked by:
dokku apps:destroy - Arguments:
$APP $IMAGE_TAG - Example:
#!/usr/bin/env bash\n# Runs a command to ensure that an app's\n# postgres installation is removed\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nAPP=\"$1\";\n\ndokku postgres:destroy $APP\n
"},{"location":"development/plugin-triggers/#post-deploy","title":"post-deploy","text":"Info
Please see core-post-deploy if contributing a core plugin with the post-deploy hook.
- Description: Allows running of commands after an app's processes have been scaled up, but before old containers are torn down. Dokku calls this after
core-post-deploy. Deployment Tasks are also invoked by this plugin trigger. - Invoked by:
dokku deploy - Arguments:
$APP $INTERNAL_PORT $INTERNAL_IP_ADDRESS $IMAGE_TAG - Example:
#!/usr/bin/env bash\n# Notify an external service that a successful deploy has occurred.\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\ncurl \"http://httpstat.us/200\"\n
"},{"location":"development/plugin-triggers/#post-domains-update","title":"post-domains-update","text":" - Description: Allows you to run commands once the domain for an app has been updated. It also sends in the command that has been used. This can be \"add\", \"clear\" or \"remove\". The third argument will be the optional list of domains
- Invoked by:
dokku domains:add, dokku domains:clear, dokku domains:remove, dokku domains:set - Arguments:
$APP action name domains - Example:
#!/usr/bin/env bash\n# Reloads haproxy for our imaginary haproxy plugin\n# that replaces the nginx-vhosts plugin\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nsudo service haproxy reload\n
"},{"location":"development/plugin-triggers/#post-extract","title":"post-extract","text":" - Description: Allows you to modify the contents of an app after it has been extracted from git but before the image source type is detected.
- Invoked by: The
receive-app plugin trigger - Arguments:
$APP $TMP_WORK_DIR $REV - Example:
#!/usr/bin/env bash\n# Adds a clock process to an app's Procfile\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nAPP=\"$1\"\nTMP_WORK_DIR=\"$2\"\nREV=\"$3\" # optional, may not be sent for tar-based builds\n\npushd \"$TMP_WORK_DIR\" >/dev/null\ntouch Procfile\necho \"clock: some-command\" >> Procfile\npopd &>/dev/null\n
"},{"location":"development/plugin-triggers/#post-proxy-ports-update","title":"post-proxy-ports-update","text":" - Description: Allows you to run commands once the port mappings for an app have been updated. It also sends the invoking command. This can be \"add\", \"clear\" or \"remove\".
- Invoked by:
dokku ports:add, dokku ports:clear, dokku ports:remove - Arguments:
$APP action name - Example:
#!/usr/bin/env bash\n# Rebuilds haproxy config for our imaginary haproxy plugin\n# that replaces the nginx-vhosts plugin\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nsource \"$PLUGIN_AVAILABLE_PATH/haproxy/functions\"\nAPP=\"$1\"\n\nhaproxy-build-config \"$APP\"\n
"},{"location":"development/plugin-triggers/#post-registry-login","title":"post-registry-login","text":" - Description: Allows running a command after the a registry has been logged into
- Invoked by:
dokku registry:login - Arguments:
$DOCKER_REGISTRY_SERVER $DOCKER_REGISTRY_USER - Example:
#!/usr/bin/env bash\n\n# the DOCKER_REGISTRY_PASS env var is also set\necho \"$DOCKER_REGISTRY_PASS\"\n
"},{"location":"development/plugin-triggers/#post-release-builder","title":"post-release-builder","text":"Warning
Image mutation in this trigger may result in an invalid run state, and is heavily discouraged.
- Description: Invokes a command after the build process is complete.
- Invoked by: builder plugins
- Arguments:
$BUILDER_TYPE $APP $IMAGE - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nBUILDER_TYPE=\"$1\"; APP=\"$2\"; IMAGE=$3\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-stack-set-todo","title":"post-stack-set TODO","text":" - Description: Allows you to run commands after changing the stack
- Invoked by: buildpacks plugin
- Arguments:
$APP $VALUE - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#post-stop","title":"post-stop","text":" - Description: Can be used to run commands after an app is manually stopped
- Invoked by:
dokku ps:stop - Arguments:
$APP - Example:
#!/usr/bin/env bash\n# Marks an app as manually stopped\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nAPP=\"$1\";\n\ndokku config:set --no-restart $APP MANUALLY_STOPPED=1\n
"},{"location":"development/plugin-triggers/#pre-build","title":"pre-build","text":" - Description: Allows you to run commands before the build image is created for a given app. For instance, this can be useful to add env vars to your container.
- Invoked by:
internal function dokku_build() (build phase) - Arguments:
$BUILDER_TYPE $APP $SOURCECODE_WORK_DIR - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#pre-build-buildpack","title":"pre-build-buildpack","text":"Warning
Deprecated, please use pre-build instead
- Description: Allows you to run commands before the build image is created for a given app. For instance, this can be useful to add env vars to your container. Only applies to apps using buildpacks.
- Invoked by:
internal function dokku_build() (build phase) - Arguments:
$APP $SOURCECODE_WORK_DIR - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#pre-build-dockerfile","title":"pre-build-dockerfile","text":"Warning
Deprecated, please use pre-build instead
- Description: Allows you to run commands before the build image is created for a given app. For instance, this can be useful to add env vars to your container. Only applies to apps using a dockerfile.
- Invoked by:
internal function dokku_build() (build phase) - Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#pre-build-lambda","title":"pre-build-lambda","text":"Warning
Deprecated, please use pre-build instead
- Description: Allows you to run commands before the build image is created for a given app. For instance, this can be useful to add env vars to your container. Only applies to apps using lambda.
- Invoked by:
internal function dokku_build() (build phase) - Arguments:
$APP $SOURCECODE_WORK_DIR - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#pre-build-pack","title":"pre-build-pack","text":"Warning
Deprecated, please use pre-build instead
- Description: Allows you to run commands before the build image is created for a given app. For instance, this can be useful to add env vars to your container. Only applies to apps using pack.
- Invoked by:
internal function dokku_build() (build phase) - Arguments:
$APP $SOURCECODE_WORK_DIR - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#pre-delete","title":"pre-delete","text":" - Description: Can be used to run commands before an app is deleted.
- Invoked by:
dokku apps:destroy - Arguments:
$APP $IMAGE_TAG - Example:
#!/usr/bin/env bash\n# Clears out the gulp asset build cache for apps\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\n\nAPP=\"$1\"; GULP_CACHE_DIR=\"$DOKKU_ROOT/$APP/gulp\"; IMAGE=$(get_app_image_name $APP $IMAGE_TAG)\n\nif [[ -d $GULP_CACHE_DIR ]]; then\n docker run \"${DOCKER_COMMIT_LABEL_ARGS[@]}\" --rm -v \"$GULP_CACHE_DIR:/gulp\" \"$IMAGE\" find /gulp -depth -mindepth 1 -maxdepth 1 -exec rm -Rf {} \\; || true\nfi\n
"},{"location":"development/plugin-triggers/#pre-deploy","title":"pre-deploy","text":"Warning
Deprecated, please use pre-release-builder instead
- Description: Allows the running of code before the app's processes are scaled up and after the docker images are prepared.
- Invoked by:
dokku deploy - Arguments:
$APP $IMAGE_TAG - Example:
#!/usr/bin/env bash\n# Runs gulp in our container\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nAPP=\"$1\"; IMAGE_TAG=\"$2\"; IMAGE=$(get_app_image_name $APP $IMAGE_TAG)\n\ndokku_log_info1 \"Running gulp\"\nCID=$(docker run \"${DOCKER_COMMIT_LABEL_ARGS[@]}\" -d $IMAGE /bin/bash -c \"cd /app && gulp default\")\ntest $(docker wait $CID) -eq 0\nDOCKER_COMMIT_LABEL_ARGS=(\"--change\" \"LABEL org.label-schema.schema-version=1.0\" \"--change\" \"LABEL org.label-schema.vendor=dokku\" \"--change\" \"LABEL com.dokku.app-name=$APP\")\ndocker commit \"${DOCKER_COMMIT_LABEL_ARGS[@]}\" $CID $IMAGE >/dev/null\n
"},{"location":"development/plugin-triggers/#pre-disable-vhost","title":"pre-disable-vhost","text":" - Description: Allows you to run commands before the VHOST feature is disabled
- Invoked by:
dokku domains:disable - Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nAPP=\"$1\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#pre-enable-vhost","title":"pre-enable-vhost","text":" - Description: Allows you to run commands before the VHOST feature is enabled
- Invoked by:
dokku domains:enable - Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nAPP=\"$1\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#pre-receive-app","title":"pre-receive-app","text":" - Description: Allows you to customize the contents of an app directory before they are processed for deployment. The
IMAGE_SOURCE_TYPE can be any of [herokuish, dockerfile] - Invoked by:
dokku git-hook, dokku tar-build-locked - Arguments:
$APP $IMAGE_SOURCE_TYPE $TMP_WORK_DIR $REV - Example:
#!/usr/bin/env bash\n# Adds a file called `dokku-is-awesome` to the repository\n# the contents will be the app name\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nAPP=\"$1\"; IMAGE_SOURCE_TYPE=\"$2\"; TMP_WORK_DIR=\"$3\"; REV=\"$4\"\n\necho \"$APP\" > \"$TMP_WORK_DIR/dokku-is-awesome\"\n
"},{"location":"development/plugin-triggers/#pre-release-builder","title":"pre-release-builder","text":" - Description: Allows you to run commands before environment variables are set for the release step of the deploy.
- Invoked by:
internal function dokku_release() (release phase) - Arguments:
$BUILDER_TYPE $APP $IMAGE - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nBUILDER_TYPE=\"$1\"; APP=\"$2\"; IMAGE_TAG=\"$3\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#pre-release-buildpack","title":"pre-release-buildpack","text":"Warning
Deprecated, please use pre-release-builder instead
- Description: Allows you to run commands before environment variables are set for the release step of the deploy. Only applies to apps using buildpacks.
- Invoked by:
internal function dokku_release() (release phase) - Arguments:
$APP $IMAGE_TAG - Example:
#!/usr/bin/env bash\n# Installs the graphicsmagick package into the container\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nAPP=\"$1\"; IMAGE_TAG=\"$2\"; IMAGE=$(get_app_image_name $APP $IMAGE_TAG)\n\ndokku_log_info1 \"Installing GraphicsMagick...\"\n\nCMD=\"cat > gm && \\\n dpkg -s graphicsmagick &>/dev/null || \\\n (apt-get update -qq && apt-get -qq -y --no-install-recommends install graphicsmagick && apt-get clean)\"\n\nCID=$(docker run $DOKKU_GLOBAL_RUN_ARGS -i -a stdin $IMAGE /bin/bash -c \"$CMD\")\ntest $(docker wait $CID) -eq 0\nDOCKER_COMMIT_LABEL_ARGS=(\"--change\" \"LABEL org.label-schema.schema-version=1.0\" \"--change\" \"LABEL org.label-schema.vendor=dokku\" \"--change\" \"LABEL com.dokku.app-name=$APP\")\ndocker commit \"${DOCKER_COMMIT_LABEL_ARGS[@]}\" $CID $IMAGE >/dev/null\n
"},{"location":"development/plugin-triggers/#pre-release-lambda","title":"pre-release-lambda","text":"Warning
Deprecated, please use pre-release-builder instead
- Description: Allows you to run commands before environment variables are set for the release step of the deploy. Only applies to apps using lambda.
- Invoked by:
internal function dokku_release() (release phase) - Arguments:
$APP $IMAGE_TAG - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nAPP=\"$1\"; IMAGE_TAG=\"$2\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#pre-release-pack","title":"pre-release-pack","text":"Warning
Deprecated, please use pre-release-builder instead
- Description: Allows you to run commands before environment variables are set for the release step of the deploy. Only applies to apps using pack.
- Invoked by:
internal function dokku_release() (release phase) - Arguments:
$APP $IMAGE_TAG - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nAPP=\"$1\"; IMAGE_TAG=\"$2\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#pre-release-dockerfile","title":"pre-release-dockerfile","text":"Warning
Deprecated, please use pre-release-builder instead
- Description: Allows you to run commands before environment variables are set for the release step of the deploy. Only applies to apps using a dockerfile.
- Invoked by:
internal function dokku_release() (release phase) - Arguments:
$APP $IMAGE_TAG - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nsource \"$PLUGIN_CORE_AVAILABLE_PATH/common/functions\"\nAPP=\"$1\"; IMAGE_TAG=\"$2\"; IMAGE=$(get_app_image_name $APP $IMAGE_TAG)\n\n# TODO\n
"},{"location":"development/plugin-triggers/#pre-restore","title":"pre-restore","text":" - Description: Allows you to run commands before all containers are restored
- Invoked by:
dokku ps:restore - Arguments:
- Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#pre-start","title":"pre-start","text":" - Description: Can be used to run commands before an app is started
- Invoked by:
dokku ps:start - Arguments:
$APP - Example:
#!/usr/bin/env bash\n# Notifies an example url that an app is starting\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nAPP=\"$1\";\n\ncurl \"https://dokku.me/starting/${APP}\" || true\n
"},{"location":"development/plugin-triggers/#procfile-get-command","title":"procfile-get-command","text":" - Description: Fetches the command for a specific process type
- Invoked by:
internally - Arguments:
$APP $PROCESS_TYPE $PORT - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#procfile-exists","title":"procfile-exists","text":" - Description: Checks if a procfile exists for the specified app
- Invoked by:
internally - Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#proxy-build-config","title":"proxy-build-config","text":" - Description: Builds the proxy implementation configuration for a given app
- Invoked by:
internally triggered by ps:restore - Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#proxy-clear-config","title":"proxy-clear-config","text":" - Description: Clears the proxy implementation configuration for a given app
- Invoked by:
internally triggered by apps:rename - Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#proxy-disable","title":"proxy-disable","text":" - Description: Disables the configured proxy implementation for an app
- Invoked by:
internally triggered by ps:restore - Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#proxy-enable","title":"proxy-enable","text":" - Description: Enables the configured proxy implementation for an app
- Invoked by:
internally triggered by ps:restore - Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#proxy-is-enabled","title":"proxy-is-enabled","text":" - Description: Checks if there is a proxy enabled for the app
- Invoked by:
- Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#proxy-type","title":"proxy-type","text":" - Description: Returns the proxy type for an app
- Invoked by:
- Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#ps-can-scale","title":"ps-can-scale","text":" - Description: Sets whether or not a user can scale an app with
ps:scale - Invoked by:
- Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#ps-current-scale","title":"ps-current-scale","text":" - Description: Prints out the current scale contents (process-type=quantity) delimited by newlines.
- Invoked by:
- Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#ps-set-scale","title":"ps-set-scale","text":" - Description: Sets the scale for an app based on a specified formation (process-type=quantity). Any unspecified process types will be left as is.
- Invoked by:
- Arguments:
$APP $SKIP_DEPLOY $CLEAR_EXISTING [$PROCESS_TUPLE...] - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#receive-app","title":"receive-app","text":" - Description: Allows you to customize what occurs when an app is received. Normally just triggers an app build.
- Invoked by:
dokku git-hook, dokku ps:rebuild - Arguments:
$APP $REV ($REV may not be included in cases where a repository is not pushed) - Example:
#!/usr/bin/env bash\n# For our imaginary mercurial plugin, triggers a rebuild\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nAPP=\"$1\"; REV=\"$2\"\n\ndokku hg-build $APP $REV\n
"},{"location":"development/plugin-triggers/#receive-branch","title":"receive-branch","text":" - Description: Allows you to customize what occurs when a specific branch is received. Can be used to add support for specific branch names
- Invoked by:
dokku git-hook, dokku ps:rebuild - Arguments:
$APP $REV $REFNAME - Example:
#!/bin/bash\n# Gives Dokku the ability to support multiple branches for a given service\n# Allowing you to have multiple staging environments on a per-branch basis\n\nreference_app=$1\nrefname=$3\nnewrev=$2\nAPP=${refname/*\\//}.$reference_app\n\nif [[ ! -d \"$DOKKU_ROOT/$APP\" ]]; then\n REFERENCE_REPO=\"$DOKKU_ROOT/$reference_app\"\n git clone --bare --shared --reference \"$REFERENCE_REPO\" \"$REFERENCE_REPO\" \"$DOKKU_ROOT/$APP\" >/dev/null\nfi\nplugn trigger receive-app $APP $newrev\n
"},{"location":"development/plugin-triggers/#release-and-deploy","title":"release-and-deploy","text":" - Description: Triggers a release of the image tag and a subsequent deploy
- Invoked by:
- Arguments:
$APP $IMAGE_TAG - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nAPP=\"$1\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#report","title":"report","text":" - Description: Allows you to report on any custom configuration in use by your application
- Invoked by:
dokku report - Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nAPP=\"$1\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#resource-get-property","title":"resource-get-property","text":" - Description: Fetches a given resource property value
- Invoked by:
- Arguments:
$APP $PROC_TYPE $RESOURCE_TYPE $PROPERTY - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nAPP=\"$1\"; PROC_TYPE=\"$2\" RESOURCE_TYPE=\"$3\" PROPERTY=\"$4\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#retire-container-failed","title":"retire-container-failed","text":" - Description: Allows you to run commands if/when retiring old containers has failed
- Invoked by:
dokku deploy - Arguments:
$APP - Example:
#!/usr/bin/env bash\n# Send an email when a container failed to retire\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nAPP=\"$1\"; HOSTNAME=$(hostname -s)\n\nmail -s \"$APP containers on $HOSTNAME failed to retire\" ops@dokku.me\n
"},{"location":"development/plugin-triggers/#scheduler-app-status","title":"scheduler-app-status","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
- Description: Fetch the status of an app
- Invoked by:
dokku ps:report - Arguments:
$DOKKU_SCHEDULER $APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-deploy","title":"scheduler-deploy","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
- Description: Allows you to run scheduler commands when an app is deployed
- Invoked by:
dokku deploy - Arguments:
$DOKKU_SCHEDULER $APP $IMAGE_TAG - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\"; IMAGE_TAG=\"$3\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-detect","title":"scheduler-detect","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
- Description: Allows you to check which scheduler is in use for an app
- Invoked by:
dokku deploy - Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nAPP=\"$1\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-enter","title":"scheduler-enter","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
- Description: Allows you to enter a running container for a given app
- Invoked by:
dokku enter - Arguments:
$DOKKU_SCHEDULER $APP $@ - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\"; ARGS=\"$@\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-inspect","title":"scheduler-inspect","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
- Description: Allows you to run inspect commands for all containers for a given app
- Invoked by:
dokku ps:inspect - Arguments:
$DOKKU_SCHEDULER $APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-is-deployed","title":"scheduler-is-deployed","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
- Description: Allows you to check if the scheduler has deployed the app
- Invoked by: Various plugins
- Arguments:
$DOKKU_SCHEDULER $APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-logs","title":"scheduler-logs","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
- Description: Allows you to run scheduler commands when retrieving container logs
- Invoked by:
dokku logs:failed - Arguments:
$DOKKU_SCHEDULER $APP $PROCESS_TYPE $TAIL $PRETTY_PRINT $NUM - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\"; PROCESS_TYPE=\"$3\"; TAIL=\"$4\"; PRETTY_PRINT=\"$5\"; NUM=\"$6\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-logs-failed","title":"scheduler-logs-failed","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
- Description: Allows you to run scheduler commands when retrieving failed container logs
- Invoked by:
dokku logs:failed - Arguments:
$DOKKU_SCHEDULER $APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-pre-restore","title":"scheduler-pre-restore","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
- Description: Allows you to run commands before an app is restored
- Invoked by:
dokku ps:restore - Arguments:
$DOKU_SCHEDULER $APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-post-delete","title":"scheduler-post-delete","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
- Description: Allows you to run scheduler commands when an app is deleted
- Invoked by:
dokku apps:destroy - Arguments:
$DOKKU_SCHEDULER $APP $IMAGE_TAG - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\"; IMAGE_TAG=\"$3\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-post-deploy-process","title":"scheduler-post-deploy-process","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
- Description: Allows you to run a command after a process has been started
- Invoked by: scheduler-docker-local
- Arguments:
$APP $PROCESS_TYPE - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nAPP=\"$1\"; PROCESS_TYPE=\"$2\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-post-run","title":"scheduler-post-run","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
- Description: Allows you to run scheduler commands after a
dokku run invocation is called - Invoked by:
dokku run - Arguments:
$DOKKU_SCHEDULER $APP $CONTAINER_ID - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\"; CONTAINER_ID=\"$3\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-register-retired","title":"scheduler-register-retired","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
- Description: Allows scheduling retiring a local container and any related images
- Invoked by:
internally - Arguments:
$APP $CONTAINER_ID - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nAPP=\"$1\";\nCONTAINER_ID=\"$2\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-retire","title":"scheduler-retire","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
- Description: Allows you to run scheduler commands when containers should be force retired from the system
- Invoked by:
dokku run - Arguments:
$DOKKU_SCHEDULER $APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-run","title":"scheduler-run","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
- Description: Allows you to run scheduler commands when a command is executed for your app
- Invoked by:
dokku run - Arguments:
$DOKKU_SCHEDULER $APP ...ARGS - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\"; ARGS=\"${@:3}\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-run-list","title":"scheduler-run-list","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
- Description: Lists all run containers for a given app
- Invoked by:
dokku run - Arguments:
$DOKKU_SCHEDULER $APP $FORMAT - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\"; FORMAT=\"$3\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-run-logs","title":"scheduler-run-logs","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
- Description: Allows you to run scheduler commands when retrieving one-off container logs
- Invoked by:
dokku run - Arguments:
$DOKKU_SCHEDULER $APP $CONTAINER $TAIL $PRETTY_PRINT $NUM - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\"; CONTAINER=\"$3\"; TAIL=\"$4\"; PRETTY_PRINT=\"$5\"; NUM=\"$6\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-run-stop","title":"scheduler-run-stop","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
- Description: Allows a scheduler to stop all \"run\" containers or a specified container
- Invoked by:
dokku run:stop - Arguments:
$DOKKU_SCHEDULER $APP $CONTAINER_NAME - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\"; CONTAINER_NAME=\"$3\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#scheduler-stop","title":"scheduler-stop","text":"Warning
The scheduler plugin trigger apis are under development and may change between minor releases until the 1.0 release.
- Description: Allows you to run scheduler commands when a tag is destroyed
- Invoked by:
dokku apps:destroy, dokku ps:stop - Arguments:
$DOKKU_SCHEDULER $APP $REMOVE_CONTAINERS - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nDOKKU_SCHEDULER=\"$1\"; APP=\"$2\"; REMOVE_CONTAINERS=\"$3\";\n\n# TODO\n
"},{"location":"development/plugin-triggers/#storage-list","title":"storage-list","text":" - Description: Returns a list of storage mounts
- Invoked by:
dokku storage:list and dokku deploy - Arguments:
$APP $PHASE $FORMAT - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\nAPP=\"$1\"\n\n# TODO\n
"},{"location":"development/plugin-triggers/#traefik-template-source","title":"traefik-template-source","text":" - Description: Retrieves an alternative template for the traefik compose config
- Invoked by: traefik-vhosts
- Arguments:
$APP - Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/plugin-triggers/#uninstall","title":"uninstall","text":" - Description: Used to cleanup after itself.
- Invoked by:
dokku plugin:uninstall - Arguments:
$PLUGIN - Example:
#!/usr/bin/env bash\n# Cleanup up extra containers created\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nPLUGIN=\"$1\"\n\n[[ \"$PLUGIN\" = \"my-plugin\" ]] && docker rmi -f \"${PLUGIN_IMAGE_DEPENDENCY}\"\n
To avoid uninstalling other plugins make sure to check the plugin name like shown in the example.
"},{"location":"development/plugin-triggers/#update","title":"update","text":" - Description: Can be used to run plugin updates on a regular interval. You can schedule the invoker in a cron-task to ensure your system gets regular updates.
- Invoked by:
dokku plugin:update. - Arguments: None
- Example:
#!/usr/bin/env bash\n# Update the herokuish image from git source\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\ncd /root/dokku\nsudo BUILD_STACK=true make install\n
"},{"location":"development/plugin-triggers/#user-auth","title":"user-auth","text":"This is a special plugin trigger that is executed on every command run. As Dokku sometimes internally invokes the dokku command, special care should be taken to properly handle internal command redirects.
Note that the trigger should exit as follows:
0 to continue running as normal1 to halt execution of the command
The SSH_USER is the original ssh user. If you are running remote commands, this user will typically be dokku, and as such should not be trusted when checking permissions. If you are connected via ssh as a different user who then invokes dokku, the value of this variable will be that user's name (root, myuser, etc.).
The SSH_NAME is the NAME variable set via the sshcommand acl-add command. For reference, the following command can be run as the root user to specify a specific NAME for a given ssh key:
sshcommand acl-add dokku NAME < $PATH_TO_SSH_KEY\n
Note that the NAME value is set at the first ssh key match. If an ssh key is set in the /home/dokku/.ssh/authorized_keys multiple times, the first match will decide the value.
- Description: Allows you to deny access to a Dokku command by either ssh user or associated ssh-command NAME user.
- Invoked by:
dokku - Arguments:
$SSH_USER $SSH_NAME $DOKKU_COMMAND - Example:
#!/usr/bin/env bash\n# Allow root/admin users to do everything\n# Deny plugin access to default users\n# Allow access to all other commands\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\nSSH_USER=$1\nSSH_NAME=$2\nshift 2\n[[ \"$SSH_USER\" == \"root\" ]] && exit 0\n[[ \"$SSH_NAME\" == \"admin\" ]] && exit 0\n[[ \"$SSH_NAME\" == \"default\" && $1 == plugin:* ]] && exit 1\nexit 0\n
"},{"location":"development/plugin-triggers/#user-auth-app","title":"user-auth-app","text":"This is a special plugin trigger that is executed when listing apps or checking if an app exists. All Dokku commands should check if an app exists at least once before interacting with them so as not to circumvent the check.
Note that the trigger should exit 0, and each non-empty line on stdout is captured as a valid app name.
The SSH_USER is the original ssh user. If you are running remote commands, this user will typically be dokku, and as such should not be trusted when checking permissions. If you are connected via ssh as a different user who then invokes dokku, the value of this variable will be that user's name (root, myuser, etc.).
The SSH_NAME is the NAME variable set via the sshcommand acl-add command. For reference, the following command can be run as the root user to specify a specific NAME for a given ssh key:
sshcommand acl-add dokku NAME < $PATH_TO_SSH_KEY\n
Note that the NAME value is set at the first ssh key match. If an ssh key is set in the /home/dokku/.ssh/authorized_keys multiple times, the first match will decide the value.
- Description: Allows you to deny access to a Dokku app by either ssh user or associated ssh-command NAME user.
- Invoked by:
dokku - Arguments:
$SSH_USER $SSH_NAME $DOKKU_COMMAND - Example:
#!/usr/bin/env bash\n# hide any apps with the prefix \"admin\"\n# if the logged in user (SSH_USER) or SSH_NAME is not `root`\n\nmain() {\n declare SSH_USER=\"$1\" SSH_NAME=\"$2\" ARGS=(\"${@:3}\")\n\n for arg in \"${ARGS[@]}\"; do\n if [[ \"$arg\" == admin-* ]] && [[ \"$SSH_USER\" != \"root\" ]] && [[ \"$SSH_NAME\" != \"root\" ]]; then\n continue\n fi\n\n echo \"${arg}\"\n done\n}\n\nmain \"$@\"\n
"},{"location":"development/plugin-triggers/#vector-template-source","title":"vector-template-source","text":" - Description: Retrieves an alternative template for the vector compose config
- Invoked by: caddy-vhosts
- Arguments:
- Example:
#!/usr/bin/env bash\n\nset -eo pipefail; [[ $DOKKU_TRACE ]] && set -x\n\n# TODO\n
"},{"location":"development/release-process/","title":"Release Process","text":"Dokku is released in intervals at most three weeks apart, though may be released much quicker.
To propose a release, the following tasks need to be performed:
export PACKAGECLOUD_TOKEN=SOME_TOKEN\n# supports major/minor/patch/betafish\ncontrib/release-dokku\n
Info
If you are a maintainer and need the PACKAGECLOUD_TOKEN in order to make a release, please contact @josegonzalez to get this information.
As well, the Arch Linux package description must be updated via vagrant up build-arch (needs to be done after the tag is pushed to GitHub, because it is based on that)
"},{"location":"development/release-process/#versioning","title":"Versioning","text":"Dokku follows semver standards. As we are not yet at a stable release, breaking changes will require only a minor release, while all other changes only require a patch release. Once we hit stable, breaking changes will require a major release.
At the moment, tags need not be signed, though that may change in the future.
"},{"location":"development/release-process/#arch-linux-packages","title":"Arch Linux Packages","text":"Arch Linux packages are not really build, because all that is needed for an Arch User Repo (AUR) package is the description of how to build the package. To make this process as easy as possible there is a vagrant box called build-arch that updates the version of this build description (a file called PKGBUILD), then runs some helper scripts to fill all additional information and does test if the package could be build. Then only those changes need to be pushed to the AUR repo and an updated version of the package is ready for usage for our Arch Linux users. For detailed information see the section below.
The workflow looks like this:
# having dokku-arch in ../dokku-arch\nvagrant up build-arch\n# wait for \"==> build-arch: ==> Finished making: dokku 0.35.4-2 (Mon Feb 22 23:20:37 CET 2016)\"\ncd ../dokku-arch\ngit add PKGBUILD .SRCINFO\ngit commit -m 'Update to dokku 0.9.9'\ngit push aur master\n
Info
If you are a maintainer and need access to the AUR repositories in order to make a release, please contact @morrisjobke or @josegonzalez to get this co-maintainership.
"},{"location":"development/release-process/#detailed-information-for-arch-linux-packages","title":"Detailed information for Arch Linux packages","text":"All of the information to build the Arch Linux package is in the AUR git repository (see dokku AUR page). The release of a AUR package only consists of pushing the package information into the AUR git repo. Then users could use that information to build the package on their machines.
To update the package clone the repository and adjust the files in the repository. Then a helper script - updpkgsums - to update the SHA sum could be called (check against the original SHA sum). Another helper script - mksrcinfo - needs to be called to update the meta information of the package in a file called .SRCINFO. The next step builds the package locally for verification - makepkg. As last step commit your changes and push the commit.
- dependencies are defined in the
depends attribute in PKGBUILD - build steps during package build time are defined in the
package() method in PKGBUILD - steps that should be executed during install/update/remove time are defined in the file
dokku.install - detailed information about all attributes in
PKGBUILD could be found in the Arch Linux wiki - detailed information about the AUR workflow could be found in the AUR article in the Arch Linux wiki
That is the usual workflow:
updpkgsums # update sha sums - compare them with the original ones\nmksrcinfo # update package metadata for AUR\nmakepkg # test package builds\ngit add PKGBUILD .SRCINFO\ngit commit -m 'Update to dokku 0.9.9'\ngit push\n
Info
If there is something unclear simply ask @morrisjobke for help.
"},{"location":"development/testing/","title":"Running Tests","text":"Dokku has a full test suite to assist in quick iterating development. These tests include a linter using shellcheck, functional unit tests using the Bats testing framework, and a deployment suite of example apps that use the most popular languages and frameworks.
We maintain the Dokku test harness within the tests directory:
tests/unit/*.bats: Bats teststests/apps/: Example applications that can be used for tests
"},{"location":"development/testing/#continuous-integration","title":"Continuous Integration","text":"All pull requests have tests run against them on GitHub Actions, a continuous integration platform that provides Docker support for Ubuntu Noble 24.04.
If you wish to skip tests for a particular commit, e.g. documentation changes, you may add the [ci skip] designator to your commit message. Commits that should be tested but have the above designator will not be merged.
While we do provide official packages for a variety of platforms, as our test suite currently runs on Ubuntu Noble 24.04, we only provide official installation support for that platform and the supported LTS releases of Ubuntu (currently 20.04, 22.04, and 24.04).
"},{"location":"development/testing/#local-test-execution","title":"Local Test Execution","text":""},{"location":"development/testing/#vagrant-vm","title":"Vagrant VM","text":" - Setup Dokku in a Vagrant VM.
- Run the following to setup tests and execute them:
vagrant ssh\nsudo su -\ncd ~/dokku\nmake ci-dependencies setup-deploy-tests\n
After making changes to your local Dokku clone, don't forget to update the Vagrant Dokku install.
# update vagrant dokku install from local git clone\nmake copyfiles\n\n# build a specific plugin\nmake go-build-plugin copyplugin PLUGIN_NAME=apps\n
"},{"location":"development/testing/#vscode-dev-container","title":"VSCode Dev Container","text":" - Open Dokku in a VSCode DevContainer
- Run the following in the VSCode terminal to setup tests and execute them:
make ci-dependencies setup-deploy-tests\n
After making changes to your local Dokku clone, don't forget to update the Vagrant Dokku install.
# update vagrant dokku install from local git clone\nmake copyfiles\n\n# build a specific plugin\nmake go-build-plugin copyplugin PLUGIN_NAME=apps\n
"},{"location":"development/testing/#executing-tests","title":"Executing tests","text":"Execute the entire test suite (linter, bats tests, and app deployment tests):
make test\n
Run the linter
make lint\n
Execute all bats tests
make unit-tests\n
Execute all app deployment tests
make deploy-tests\n
"},{"location":"development/testing/#executing-app-tests","title":"Executing App Tests","text":"You may run a specific app deployment tests with a target similar to:
make deploy-test-nodejs-express\n
For a full list of test make targets check out tests.mk in the root of the Dokku repository.
"},{"location":"development/testing/#executing-a-single-test-suite","title":"Executing a single test suite","text":"When working on a particular plugin, it may be useful to run only a particular test suite. This can be done by specifying the test suite path:
bats tests/unit/apps_1.bats\n
It is also possible to target multiple test suites at a time.
bats tests/unit/apps_1.bats tests/unit/certs.bats\n
"},{"location":"development/testing/#executing-a-single-test","title":"Executing a single test","text":"In order to increase testing velocity, a wrapper script around Bats is available that can be used to run a single test case within a suite.
Tests within a suite may be listed by specifying the suite as a parameter to bats.
bats tests/unit/apps_1.bats\n
A single test can be specified via the --filter argument. The tests are selected via regex match, and all matches are executed.
bats --filter list tests/unit/apps_1.bats\n
"},{"location":"enterprise/pro/","title":"Dokku Pro","text":"Dokku Pro is a commercial offering that provides a familiar Web UI for all common tasks performed by developers. End users can expect an interface that provides various complex cli commands in an intuitive, app-centric manner, quickly speeding up tasks that might otherwise be difficult for new and old users to perform. Additionally, it provides a way to perform these tasks remotely via a json api, enabling easier, audited remote management of servers. Finally, Dokku Pro provides an alternative, https-based method for deploying code which can be used in environments that lockdown ssh access to servers.
"},{"location":"enterprise/pro/#purchasing","title":"Purchasing","text":"Dokku Pro may be purchased online by clicking the following purchase link:
Dokku Pro Purchase Link
Info
Currently, the server must be able to contact the public internet to validate the license, or it will fail to start. For offline support, inquire for enterprise offline licensing.
"},{"location":"enterprise/pro/#installation","title":"Installation","text":"Dokku Pro is shipped as Debian and RPM packages, and depends on the following files:
/etc/default/dokku-pro: Configures certain environment variables for usage by the dokku-pro binary/etc/dokku-pro/license.key: Contains the downloaded license key/var/lib/dokku/data/pro/db: Contains the local dokku-pro database
Please refer to the purchase email for details on configuring Dokku Pro.
"},{"location":"enterprise/pro/#features-and-development","title":"Features and Development","text":"Dokku Pro has the following functionality:
- Shipped as a single binary for ease of use
- JSON-API-compatible API with JWT authentication
- Authenticated HTTP(S) endpoints for git push functionality
- Single Page App (SPA) Web UI exposing app, datastore, and ssh key management
While each release is fairly feature complete, individual features and documentation will expand over time. Feature development follows a monthly release cadence, with individual bug fixes released on an as needed basis.
"},{"location":"getting-started/advanced-installation/","title":"Advanced installation","text":""},{"location":"getting-started/advanced-installation/#installing-via-other-methods","title":"Installing via other methods","text":"For various reasons, certain hosting providers may have other steps that should be preferred to the above. If hosted on any of the following popular hosts, please follow the linked to instructions:
- DigitalOcean Installation Notes
- DreamHost Cloud Installation Notes
- Microsoft Azure Installation Notes
As well, you may wish to customize your installation in some other fashion. or experiment with Vagrant. The guides below should get you started:
- Debian Package Installation Notes
- Docker-based Installation Notes
- Vagrant Installation Notes
- Advanced Install Customization
- Automated deployment via ansible
"},{"location":"getting-started/advanced-installation/#installing-from-source","title":"Installing from Source","text":"You can always install Dokku straight from the latest - potentially unstable - master branch via the following Bash command:
# using a branch results in installing from source\nwget -NP . https://dokku.com/install/master/bootstrap.sh;\nsudo DOKKU_BRANCH=master bash bootstrap.sh\n
"},{"location":"getting-started/advanced-installation/#development","title":"Development","text":"If you plan on developing Dokku, the easiest way to install from your own repository is cloning the repository and calling the install script. Example:
git clone https://github.com/yourusername/dokku.git\ncd dokku\nsudo make install\n
The Makefile allows source URLs to be overridden to include customizations from your own repositories. The DOCKER_URL, PLUGN_URL, SSHCOMMAND_URL and STACK_URL environment variables may be set to override the defaults (see the Makefile for how these apply). Example:
sudo SSHCOMMAND_URL=https://raw.githubusercontent.com/yourusername/sshcommand/master/sshcommand make install\n
"},{"location":"getting-started/advanced-installation/#bootstrap-a-server-from-your-own-repository","title":"Bootstrap a server from your own repository","text":"The bootstrap script allows the Dokku repository URL to be overridden to bootstrap a host from your own clone of Dokku using the DOKKU_REPO environment variable. Example:
wget -NP . https://dokku.com/install/master/bootstrap.sh;\nchmod +x bootstrap.sh\nsudo DOKKU_REPO=https://github.com/yourusername/dokku.git DOKKU_BRANCH=master ./bootstrap.sh\n
"},{"location":"getting-started/advanced-installation/#custom-herokuish-build","title":"Custom Herokuish build","text":"Dokku ships with a pre-built version of the Herokuish component by default. If you want to build your own version you can specify that with an environment variable.
git clone https://github.com/dokku/dokku.git\ncd dokku\nsudo BUILD_STACK=true STACK_URL=https://github.com/gliderlabs/herokuish.git make install\n
"},{"location":"getting-started/advanced-installation/#skipping-herokuish-installation","title":"Skipping Herokuish installation","text":"The Herokuish package is recommended but not required if not using Heroku buildpacks for deployment. Debian-based OS users can run the bootstrap installer via sudo DOKKU_NO_INSTALL_RECOMMENDS=\" --no-install-recommends \" bash bootstrap.sh to skip the dependency. Please note that this will also skip installation of other recommended dependencies.
"},{"location":"getting-started/advanced-installation/#configuring-an-unattended-installation","title":"Configuring an unattended installation","text":"Once Dokku is installed, you'll want to configure the virtualhost setup as well as the push user. If you do not, your installation will be considered incomplete and you will not be able to deploy applications.
For Debian, unattended installation is described Debian installation guide.
Set up a domain using your preferred vendor and a wildcard domain pointing to the host running Dokku. You can manage this global domain using the domains plugin.
Follow the user management documentation in order to add SSH keys for users to Dokku, or to give other Unix accounts access to Dokku.
"},{"location":"getting-started/advanced-installation/#vms-with-less-than-1-gb-of-memory","title":"VMs with less than 1 GB of memory","text":"Having less than 1 GB of system memory available for Dokku and its containers may result in unexpected errors, such as ! [remote rejected] master -> master (pre-receive hook declined) during installation of NPM dependencies.
To work around this issue, it might suffice to augment the Linux swap file size to a maximum of twice the physical memory size.
To resize the swap file of a 512 MB machine to 1 GB, follow these steps while in SSH within your machine:
cd /var\ntouch swap.img\nchmod 600 swap.img\n\ndd if=/dev/zero of=/var/swap.img bs=1024k count=1000\nmkswap /var/swap.img\nswapon /var/swap.img\nfree\n\necho \"/var/swap.img none swap sw 0 0\" >> /etc/fstab\n
Reference
"},{"location":"getting-started/troubleshooting/","title":"Troubleshooting","text":"New
Introduced in 0.17.0
trace:on # Enables trace mode\ntrace:off # Disables trace mode\n
"},{"location":"getting-started/troubleshooting/#trace-mode","title":"Trace Mode","text":"By default, Dokku will constrain the amount of output displayed for any given command run. The verbosity of output can be increased by enabling trace mode. Trace mode will turn on the set -x flag for bash plugins, while other plugins are free to respect the environment variable DOKKU_TRACE and log differently as approprate. Trace mode can be useful to see where plugins are running commands that would otherwise be unexpected.
To enable trace mode, run trace:on
ShellOutput dokku trace:on\n
-----> Enabling trace mode\n
Trace mode can be disabled with trace:off
ShellOutput dokku trace:off\n
-----> Disabling trace mode\n
"},{"location":"getting-started/troubleshooting/#common-problems","title":"Common Problems","text":""},{"location":"getting-started/troubleshooting/#i-deployed-my-app-but-i-am-getting-the-default-nginx-page","title":"I deployed my app but I am getting the default nginx page","text":"Most of the time it's caused by some defaults newer versions of nginx set. To make sure that's the issue you're having run the following:
nginx -t\n## nginx: [emerg] could not build the server_names_hash, you should increase server_names_hash_bucket_size: 32\n
If you get a similar error just edit /etc/nginx/nginx.conf and add the following line to your http section:
http {\n (... existing content ...)\n server_names_hash_bucket_size 64;\n (...)\n}\n
Note that the server_names_hash_bucket_size setting defines the maximum domain name length. A value of 64 would allow domains with up to 64 characters. Set it to 128 if you need longer ones.
Save the file and try stopping nginx and starting it again:
dokku nginx:stop\ndokku nginx:start\n
Using the EXPOSE directive in a Dockerfile may be another reason why you might see the default site. When the EXPOSE directive is in use and a proxy plugin is enabled (the default), the proxy plugin will listen to requests on the ports specified in the EXPOSE stanza.
For example, if you have an EXPOSE directive like so:
EXPOSE 8000\n
The port mapping will be http:8000:8000.
To avoid this issue, either of the following can be done:
- Remove
EXPOSE directive: This will require respecting the $PORT environment variable (automatically set by Dokku). Once that change is deployed, the port mapping should be cleared via the dokku ports:clear $APP command (where $APP is your app name). - Update the port mapping: Updating the port mapping to redirect port
80 to your app's exposed port via dokku ports:set $APP http:80:$EXPOSED_PORT can also fix the issue. This will also allow certificate management and the letsencrypt plugin to work correctly.
See the port management documentation for more information on how Dokku exposes ports for applications and how you can configure these for your app.
"},{"location":"getting-started/troubleshooting/#i-want-to-deploy-my-app-but-while-pushing-i-get-the-following-error","title":"I want to deploy my app, but while pushing I get the following error","text":"The following error may be emitted from a deploy:
! [remote rejected] master -> master (pre-receive hook declined)\n
The remote rejected error does not give enough information. Anything could have failed. Enable trace mode and begin debugging. If this does not help you, create a gist containing the full log, and create an issue.
One the reasons why you may get this error is because the command that is run in the container exited (without errors). For example, (in Procfile) when you define a new worker container to run Delayed Job and use the bin/delayed_job start command. This command deamonizes the process and exists. The container thinks it's done so it closes itself. The error you get is the one above. To fix the above problem for Delayed Job, you must define the worker to user rake jobs:work, which doesn't deamonize the process.
"},{"location":"getting-started/troubleshooting/#i-get-the-aforementioned-error-in-the-build-phase-after-turning-on-dokku-tracing","title":"I get the aforementioned error in the build phase (after turning on Dokku tracing)","text":"Most errors that happen in this phase are due to transient network issues (either locally or remotely) buildpack bugs.
Find the failed phase's container image (077581956a92 in this example).
docker ps -a | grep build\n## 94d9515e6d93 077581956a92 \"/build\" 29 minutes ago Exited (0) 25 minutes ago cocky_bell\n
Start a new container with the failed image and poke around (i.e. ensure you can access the internet from within the container or attempt the failed command, if known).
docker run -ti 077581956a92 /bin/bash\ncurl -s -S icanhazip.com\n## 192.168.0.1\ncurl http://s3pository.heroku.com/node/v0.10.30/node-v0.10.30-linux-x64.tar.gz -o node-v0.10.30-linux-x64.tar.gz\ntar tzf node-v0.10.30-linux-x64.tar.gz\n## ...\n
Sometimes (especially on DigitalOcean) deploying again seems to get past these seemingly transient issues. Additionally we've seen issues if changing networks that have different DNS resolvers. In this case, you can run the following to update your resolv.conf.
resolvconf -u\n
Please see #841 and #649.
"},{"location":"getting-started/troubleshooting/#after-adding-an-ssh-key-i-am-told-i-cannot-read-from-the-remote-repository-on-push","title":"After adding an SSH key, I am told I cannot read from the remote repository on push","text":"Connection closed by <host> port 22\nfatal: Could not read from remote repository.\n\nPlease make sure you have the correct access rights\nand the repository exists.\n
Certain systems may have access to the dokku user via SSH disabled. Please check that the dokku user is allowed access to the system in the file /etc/security/access.conf. As Dokku does not manage this file, please consult your Operating System's documentation for more information.
"},{"location":"getting-started/troubleshooting/#i-want-to-deploy-my-app-but-i-am-getting-asked-for-the-password-of-the-git-user","title":"I want to deploy my app but I am getting asked for the password of the Git user","text":"Sometimes the following error message may be shown on push
fatal: 'NAME' does not appear to be a git repository\nfatal: Could not read from remote repository.\n
You get asked for a password because your SSH secret key can't be found. This may happen if the private key corresponding to the public key you added with sshcommand acl-add is not located in the default location ~/.ssh/id_rsa.
You have to point SSH to the correct secret key for your domain name. Add the following to your ~/.ssh/config:
Host DOKKU_HOSTNAME\n IdentityFile \"~/.ssh/KEYNAME\"\n
Also see issue #116.
"},{"location":"getting-started/troubleshooting/#i-successfully-deployed-my-application-with-no-deployment-errors-and-receiving-bad-gateway-when-attempting-to-access-the-application","title":"I successfully deployed my application with no deployment errors and receiving Bad Gateway when attempting to access the application","text":"In many cases the application will require the a process.env.PORT port opposed to a specified port.
When specifying your port you may want to use something similar to:
var port = process.env.PORT || 3000\n
Please see #282.
Additionally, your application should listen/bind to all interfaces (0.0.0.0). Many frameworks default to listening on 127.0.0.1.
Please see #5798.
"},{"location":"getting-started/troubleshooting/#deployment-fails-because-of-slow-internet-connection-messages-shows-gzip-stdin-unexpected-end-of-file","title":"Deployment fails because of slow internet connection, messages shows gzip: stdin: unexpected end of file","text":"If you see output similar this when deploying:
Command: 'set -o pipefail; curl --fail --retry 3 --retry-delay 1 --connect-timeout 3 --max-time 30 https://s3-external-1.amazonaws.com/heroku-buildpack-ruby/ruby-2.0.0-p451-default-cache.tgz -s -o - | tar zxf -' failed unexpectedly:\n !\n ! gzip: stdin: unexpected end of file\n ! tar: Unexpected EOF in archive\n ! tar: Unexpected EOF in archive\n ! tar: Error is not recoverable: exiting now\n
it might that the cURL command that is supposed to fetch the buildpack (anything in the low megabyte file size range) takes too long to finish, due to slowish connection. To overwrite the default values (connection timeout: 90 seconds, total maximum time for operation: 600 seconds), set the following environment variables:
dokku config:set --global CURL_TIMEOUT=1200\ndokku config:set --global CURL_CONNECT_TIMEOUT=180\n
Please see #509.
Another reason for this error (although it may respond immediately ruling out a timeout issue) may be because you've set the config setting SSL_CERT_FILE. Using a config setting with this key interferes with the buildpack's ability to download its dependencies, so you must rename the config setting to something else, e.g. MY_APP_SSL_CERT_FILE.
"},{"location":"getting-started/troubleshooting/#build-fails-with-killed-message","title":"Build fails with Killed message","text":"This generally occurs when the server runs out of memory. You can either add more RAM to your server or setup swap space. The follow script will create 2 GB of swap space.
sudo install -o root -g root -m 0600 /dev/null /swapfile\ndd if=/dev/zero of=/swapfile bs=1k count=2048k\nmkswap /swapfile\nswapon /swapfile\necho \"/swapfile swap swap auto 0 0\" | sudo tee -a /etc/fstab\nsudo sysctl -w vm.swappiness=10\necho vm.swappiness = 10 | sudo tee -a /etc/sysctl.conf\n
"},{"location":"getting-started/troubleshooting/#i-successfully-deployed-my-application-with-no-deployment-errors-but-im-receiving-connection-timeout-when-attempting-to-access-the-application","title":"I successfully deployed my application with no deployment errors but I'm receiving Connection Timeout when attempting to access the application","text":"This can occur if Dokku is running on a system with a firewall like UFW enabled (some OS versions like Ubuntu have this enabled by default). You can check if this is your case by running the following script:
sudo ufw status\n
If the previous script returned Status: active and a list of ports, UFW is enabled and is probably the cause of the symptom described above. To disable it, run:
sudo ufw disable\n
"},{"location":"getting-started/troubleshooting/#i-cant-connect-to-my-application-because-the-server-is-sending-an-invalid-response-or-cant-provide-a-secure-connection","title":"I can't connect to my application because the server is sending an invalid response, or can't provide a secure connection","text":"This isn't usually an issue with Dokku, but rather an app config problem. This can happen when your application is configured to enforce secure connections/HSTS, but you don't have SSL set up for the app.
In Rails at least, if your application.rb or environmnents/production.rb include the line configure.force_ssl = true which includes HSTS, try commenting that out and redeploying.
If this solves the issue temporarily, longer term you should consider configuring SSL.
"},{"location":"getting-started/troubleshooting/#my-application-deploys-properly-but-wont-load-in-browser-connection-refused","title":"My application deploys properly, but won't load in browser \"connection refused\"","text":"This could be a result of a bad proxy configuration (http:5000:5000 may be incorrect). Run dokku ports:report node-js-app to check if your app has the correct proxy configuration. It should show something like the following.
=====> node-js-app ports information\n Port map: http:80:5000 https:443:5000\n
Set dokku ports:set node-js-app http:80:5000 to get proxy correctly configured for http endpoint.
"},{"location":"getting-started/troubleshooting/#i-deployed-a-new-app-but-now-subdomains-are-miss-routed","title":"I deployed a new app but now subdomains are miss-routed","text":"Sometimes nginx does something funky and cant actually reload for whatever reason.
# Validate the configuration\n$ sudo nginx -t\nnginx: the configuration file /etc/nginx/nginx.conf syntax is ok\nnginx: configuration file /etc/nginx/nginx.conf test is successful\n\n$ sudo service nginx restart\n\n# Re-enable Letsencrypt\n
Example: existing AppA (https) and AppB(https), deployed NEW (non-https) then noticed right away NEW's subdomain showed AppB's content and cert but under its own subdomain (cert miss-match of course). AppB still works. AppA also changed to show AppB content and cert.. Other apps were unaffected.
Consider caddy and traefik support via docker containers if this continues to be an issue.
"},{"location":"getting-started/uninstalling/","title":"Uninstalling","text":"While we hate to see you go, if you need to uninstall Dokku, the following may help you out:
"},{"location":"getting-started/uninstalling/#arch-uninstallation","title":"Arch Uninstallation","text":"# purge dokku from your system\nyay -Rsn dokku\n
"},{"location":"getting-started/uninstalling/#debian-uninstallation","title":"Debian Uninstallation","text":"# purge dokku from your system\napt-get purge dokku herokuish\n\n# remove any dependencies that are no longer necessary\napt-get autoremove\n
"},{"location":"getting-started/uninstalling/#makefile-uninstallation","title":"Makefile Uninstallation","text":"This is a manual deletion process, and as it is not a recommended installation method, there is currently no automated uninstallation.
All service plugins should be unlinked from applications, stopped, and destroyed.
All applications should be stopped, and all docker containers and images deleted:
# stop all applications\ndokku ps:stop --all\n\n# cleanup containers and images\ndokku cleanup\n
The following user/group must be deleted:
- user:
dokku - group:
dokku
The following directories must be deleted:
~dokku/var/lib/dokku/var/log/dokku
"},{"location":"getting-started/where-to-get-help/","title":"Where to Get Help","text":"If you\u2019re stuck, there are a number of places you can get help:
"},{"location":"getting-started/where-to-get-help/#the-official-dokku-website","title":"The Official Dokku Website","text":" - https://dokku.com/docs/getting-started/installation/
The Official Dokku website is always a great place to visit. It features links to oft-used developer tools, community plugins, and guides on using Dokku.
"},{"location":"getting-started/where-to-get-help/#monitored-locations","title":"Monitored Locations","text":"The Code Of Conduct applies to all actively monitored Dokku discussion areas. Please be mindful of your neighbors on the internet.
"},{"location":"getting-started/where-to-get-help/#forums","title":"Forums","text":" - GitHub Discussions
GitHub Discussions is a new way for the Dokku community to interact with each other! This is a place to ask questions to the community or discuss potential feature requests before filing issues.
"},{"location":"getting-started/where-to-get-help/#the-slack-channel","title":"The Slack Channel","text":" - Gliderlabs Slack (Join the
#dokku channel)
If you\u2019re stumped, give us a holler in the Dokku Slack channel. Someone from the development team is usually there, especially during the daylight hours for North and South American users. We\u2019d love to hear from you, whether you need some help, want to find users in your area, or would like to donate our brand new sports car.
Chat is synced to Discord and IRC.
"},{"location":"getting-started/where-to-get-help/#discord","title":"Discord","text":" - Dokku Discord
We provide a Dokku Discord that folks can use to ask questions or comments about the project. Someone from the development team is usually there, especially during the daylight hours for North and South American users. Feel free to join us online!
Chat is synced to IRC and Slack.
"},{"location":"getting-started/where-to-get-help/#unmonitored-locations","title":"Unmonitored Locations","text":"You may find help on these locations, but they are not actively monitored by the development team. The Code of Conduct still applies.
"},{"location":"getting-started/where-to-get-help/#stack-overflow","title":"Stack Overflow","text":" - The Dokku tag on Stack Overflow
Tag your questions with dokku to enable existing users of Stack Overflow to find your questions.
"},{"location":"getting-started/where-to-get-help/#irc-on-liberachat","title":"IRC (on libera.chat)","text":" - irc.libera.chat/#dokku
This location isn't as well monitored as Slack, and loses history. Chat is synced to Discord and Slack
"},{"location":"getting-started/install/azure/","title":"Microsoft Azure Installation Notes","text":" -
If you don't already have one generate an SSH key pair.
-
Go to the Dokku on Azure deployment page and click Deploy to Azure.
-
You'll be prompted to enter a few parameters, including a unique storage account name and a unique name for the subdomain used for your public IP address. For the sshKeyData parameter, copy and paste the contents of the public key file you just created. After a few minutes the Dokku instance will be deployed.
-
Once the installation is complete, you should configure an ssh key and set your global domain.
# usually your key is already available under the current user's `~/.ssh/authorized_keys` file\ncat ~/.ssh/authorized_keys | dokku ssh-keys:add admin\n\n# you can use any domain you already have access to\n# this domain should have an A record or CNAME pointing at your server's IP\ndokku domains:set-global dokku.me\n\n# you can also use the ip of your server\ndokku domains:set-global 10.0.0.2\n\n# finally, you can use sslip.io to get subdomain support\n# as you would with a regular domain name\n# this would be done by appending `.sslip.io` to your ip address\ndokku domains:set-global 10.0.0.2.sslip.io\n
See the user management and domains documentation for more information.
"},{"location":"getting-started/install/debian/","title":"Debian Package Installation Notes","text":"As of 0.3.18, Dokku defaults to being installed via Debian package. While certain hosts may require extra work to get running, you may optionally wish to automate the installation of Dokku without the use of our bootstrap.sh Bash script. The following are the steps run by said script:
# install docker\nwget -nv -O - https://get.docker.com/ | sh\n\n# install dokku\nwget -qO- https://packagecloud.io/dokku/dokku/gpgkey | sudo tee /etc/apt/trusted.gpg.d/dokku.asc\n# programmatically determine distro and codename\nDISTRO=\"$(awk -F= '$1==\"ID\" { print tolower($2) ;}' /etc/os-release)\"\nOS_ID=\"$(awk -F= '$1==\"VERSION_CODENAME\" { print tolower($2) ;}' /etc/os-release)\"\necho \"deb https://packagecloud.io/dokku/dokku/${DISTRO}/ ${OS_ID} main\" | sudo tee /etc/apt/sources.list.d/dokku.list\nsudo apt-get update -qq >/dev/null\nsudo apt-get -qq -y install dokku\nsudo dokku plugin:install-dependencies --core\n
"},{"location":"getting-started/install/debian/#unattended-installation","title":"Unattended installation","text":"In case you want to perform an unattended installation of Dokku, this is made possible through debconf, which allows you to configure a package before installing it.
You can set any of the below options through the debconf-set-selections command, for example to enable vhost-based deployments:
echo \"dokku dokku/vhost_enable boolean true\" | sudo debconf-set-selections\n
After setting the desired options, proceed with the installation as described above.
"},{"location":"getting-started/install/debian/#debconf-options","title":"debconf options","text":"Name Type Default Description dokku/vhost_enable boolean false Use vhost-based deployments (e.g. [yourapp].dokku.me) dokku/hostname string dokku.me Hostname, used as vhost domain and for showing app URL after deploy dokku/skip_key_file boolean false Don't check for the existence of the dokku/key_file. Warning: Setting this to true, will require you to manually add an SSH key later on. dokku/key_file string /root/.ssh/id_rsa.pub Path on disk to an SSH key to add to the Dokku user (Will be ignored on dpkg-reconfigure) dokku/nginx_enable boolean true Enable nginx-vhosts plugin"},{"location":"getting-started/install/digitalocean/","title":"DigitalOcean Droplet Installation Notes","text":"DigitalOcean offers a pre-installed Dokku image. You can run this image on any sized Droplet, although larger Droplets will allow you to run larger applications.
Info
Please disable IPv6. There are known issues with IPv6 on DigitalOcean and Docker. If you would like to run Dokku on an IPv6 DigitalOcean Droplet, please consult this guide.
- Login to your DigitalOcean account.
- Click Create a Droplet.
- Under Choose an image > Marketplace, search latest Dokku release for Ubuntu 24.04 (version numbers may vary).
- Under Choose a size, select your machine spec.
- Under Choose a datacenter region, select your region.
- Add an SSH Key.
- New Keys
- Under Add your SSH keys click New SSH Key (this opens a dialog).
- From your terminal, execute
cat $HOME/.ssh/id_rsa.pub. - Copy the output and paste it into the New SSH Key dialog, provide a name and click Add SSH Key.
- Existing Keys
- Simply add a checkmark next to the existing keys you'd like to add.
- Under Finalize and create, give your Droplet a hostname (not required) and click Create.
- Once created, copy the IP address to your clipboard.
- In a terminal, ssh onto the server by running
ssh root@$SERVER_IP, where $SERVER_IP is your server's IP address. - Remove the default nginx site via
rm /etc/nginx/sites-enabled/default -
If you added more than one key, use the dokku ssh-keys:add to add an ssh key to the dokku user:
echo \"$CONTENTS_OF_YOUR_PUBLIC_SSH_KEY_HERE\" | dokku ssh-keys:add KEY_NAME\n
-
Ensure your server has a correct global hostname via dokku domains:set-global
# replace dokku.me with a hostname pointed at your server\ndokku domains:set-global dokku.me\n
"},{"location":"getting-started/install/docker/","title":"Docker Installation Notes","text":"Pull the dokku/dokku image:
docker pull dokku/dokku:0.35.4\n
Next, run the image.
docker container run -d \\\n --env DOKKU_HOSTNAME=dokku.me \\\n --env DOKKU_HOST_ROOT=/var/lib/dokku/home/dokku \\\n --env DOKKU_LIB_HOST_ROOT=/var/lib/dokku/var/lib/dokku \\\n --name dokku \\\n --publish 3022:22 \\\n --publish 8080:80 \\\n --publish 8443:443 \\\n --volume /var/lib/dokku:/mnt/dokku \\\n --volume /var/run/docker.sock:/var/run/docker.sock \\\n dokku/dokku:0.35.4\n
Alternatively, you can use docker-compose.yml:
services:\n dokku:\n image: dokku/dokku:0.35.4\n container_name: dokku\n network_mode: bridge\n ports:\n - \"3022:22\"\n - \"8080:80\"\n - \"8443:443\"\n volumes:\n - \"/var/lib/dokku:/mnt/dokku\"\n - \"/var/run/docker.sock:/var/run/docker.sock\"\n environment:\n DOKKU_HOSTNAME: dokku.me\n DOKKU_HOST_ROOT: /var/lib/dokku/home/dokku\n DOKKU_LIB_HOST_ROOT: /var/lib/dokku/var/lib/dokku\n restart: unless-stopped\n
The above command will start a new docker container that is ready when a message similar to Runit started as PID 12345 appears.
Dokku is run in the following configuration:
- The global hostname is set to
dokku.me on boot. - The container name is dokku.
- Container SSH port 22 is exposed on the host as 3022.
- Container HTTP port 80 is exposed on the host as 8080.
- Container HTTPS port 443 is exposed on the host as 8443.
- Data within the container is stored on the host within the
/var/lib/dokku directory. - Image build cache is set to the data dir +
/home/dokku. - The docker socket is mounted into container.
Application repositories, plugin config, as well as plugin data are persisted to disk within the specified host directory for /var/lib/dokku.
Other docker container options can also be used when running Dokku, though the specific outcome will depend upon the specified options. For example, the Dokku container's nginx port can be bound to a specific host ip by specifying --publish $HOST_IP:8080:80, where $HOST_IP is the IP desired. Please see the docker container run documentation for further explanation for various docker arguments.
"},{"location":"getting-started/install/docker/#plugin-installation","title":"Plugin Installation","text":""},{"location":"getting-started/install/docker/#on-dokku-start","title":"On Dokku start","text":"To install custom plugins, create a plugin-list file in the host's /var/lib/dokku directory. The plugins listed herein will be automatically installed by Dokku on container boot. This file should be the following format:
plugin_name: repository_url\n
An example for installing the postgres and redis plugins follows:
postgres: https://github.com/dokku/dokku-postgres.git\nredis: https://github.com/dokku/dokku-redis.git\n
"},{"location":"getting-started/install/docker/#prior-to-dokku-start","title":"Prior to Dokku start","text":"The alternative is to build a custom docker image via a custom Dockerfile. This Dockerfile can run any plugin:install command. Note that the version installed at that time will be the one that persists. Below is an example Dockerfile showing this method.
FROM dokku/dokku:0.35.4\nRUN dokku plugin:install https://github.com/dokku/dokku-postgres.git postgres\nRUN dokku plugin:install https://github.com/dokku/dokku-redis.git redis\n
"},{"location":"getting-started/install/docker/#ssh-key-management","title":"SSH Key Management","text":"To initialize ssh-keys within the container, use docker exec to enter the container:
docker exec -it dokku bash\n
Next, run the appropriate ssh-keys commands:
echo \"$CONTENTS_OF_YOUR_PUBLIC_SSH_KEY_HERE\" | dokku ssh-keys:add KEY_NAME\n
Please see the user management documentation for more information.
"},{"location":"getting-started/install/docker/#pushing-applications","title":"Pushing Applications","text":"When exposing the Dokku container's SSH port (22) on 3022, something similar to the following will need to be setup within the user's ~/.ssh/config:
Host dokku.docker\n HostName 127.0.0.1\n Port 3022\n
In the above example, the hostname 127.0.0.1 is being aliased to dokku.docker, while the port is being overridden to 3022. All SSH commands - including git pushes - for the hostname dokku.docker will be transparently sent to 127.0.0.1:3022.
"},{"location":"getting-started/install/dreamhost/","title":"DreamHost Cloud Server Installation Notes","text":"Cloud-init script can be used to automate installation of Dokku on Dreamhost (or any other OpenStack-compatible cloud with minimal changes).
A new server instance can be created on DreamHost Cloud from the command line using OpenStack client or from the web UI and with the same command use a cloud-init script to install Dokku. Install the OpenStack CLI, download the DreamHost Cloud credentials file before proceeding and make sure your public SSH key is added to the cloud.
source openrc.sh # Set the environment variables for DreamHost Cloud\n
This allows OpenStack client to connect to DreamHost API endpoints. The command below creates a new server instance named my-dokku-instance based on Ubuntu 24.04, with 2 GB RAM and 1 CPU (the flavor called supersonic), opening network port access to HTTP and SSH (the default security group), and the name of the chosen SSH key. This key will be automatically added to the new server in the authorized_keys for the default SSH user (ubuntu), and it will be reused by Dokku.
openstack server create \\\n --image Ubuntu-24.04 \\\n --flavor gp1.supersonic \\\n --security-group default \\\n --key-name $YOUR_SSH_KEYNAME \\\n --user-data dokku-cloudinit.sh \\\n my-dokku-instance\n
The content of dokku-cloudinit.sh script contains instructions to add Docker and Dokku's apt repositories and install Dokku with the proper debconf options set. Don't forget to add the FQDN for your application server:
#cloud-config\n\napt:\n sources:\n source_dokku: \n source: 'deb https://packagecloud.io/dokku/dokku/ubuntu/ $RELEASE main'\n key: |\n -----BEGIN PGP PUBLIC KEY BLOCK-----\n Version: GnuPG v1.4.11 (GNU/Linux)\n\n mQINBFu7hksBEADJfS1wB4JJmVcJ3FYoY/F3DmEsg2/NSj/TleB7hkdFPGTaOEef\n c6SrK6bkQas8CzCZXskg3FFUFyxJwP0yQFosJ7nQCXbuaCzkGyOaob/2D4lqniKu\n lyFvZuN0Evh2SoJYB6Idiy3rG58/KMQxJ/73HjcrOPxwpcfIE+rfey0fo6HOcSz7\n AS3pXMbe0VoVOt8107i9qg6PizpaPugbSOP98aq2o0sPkjvKVzPsBvXWe9lDTreI\n X+00Z6WXjcDxmKTGvCkcJ6jk0L5r66Y6TNlJeYwFb0o7PbY7YeJSEJxw9eNozZpY\n EYvHCzHvsv7c8s+s5MeHDvvF5qsvt5qPPfw3zwLT01g1YTQpZdSDKn72YhrQUGJM\n j/W8ro8Ij9BYhYQMIdy+RPNQrBdKjj75kW1NLCGLlE89+6PYzlQwDFLdl9eZlUdM\n rvxbDPM99MRBBq30xfIS6YctHr40mEqZEi6OUoImaj5bbA1H3XHVH2JsWo1ttQYo\n 5qOGGhNi7/nyI9zxVo9r97lgGLztyl6ILZt8kxnWIx1QnPmSMuUNqYfuUuKAPs1q\n +bisBLvylnFvQSqnpEuPwUS1UDby4CzVBzshTsuykCQRiwdU9tcjzZUlKKKTRLhj\n CZCNxv1Ovgl+3m/4R5L7YOBYGCmVW0/GvlrxPLGCjZa1O8/3nih5+cv5TwARAQAB\n tGhodHRwczovL3BhY2thZ2VjbG91ZC5pby9kb2trdS9kb2trdSAoaHR0cHM6Ly9w\n YWNrYWdlY2xvdWQuaW8vZG9jcyNncGdfc2lnbmluZykgPHN1cHBvcnRAcGFja2Fn\n ZWNsb3VkLmlvPokCOAQTAQIAIgUCW7uGSwIbLwYLCQgHAwIGFQgCCQoLBBYCAwEC\n HgECF4AACgkQ8f9oUSiLMxUN3Q/+LeoFr8p3zSp9tRcCuMXfbc7rnJ/UgJiO53jW\n 8LsXH1h5dWeh2H5VqzGjDJ3SORisAWdOMu1SWkw4mvBZQQL12iwAMZmIDmbWU73c\n PplwGUQ4sltNxtiAVdntWC1vwSceY6/AQZwE2k60RYzg5bR2KAyZR9yGssGsekFO\n zOuMiTswzEYoZaJla+cduAXZzGf8NZgbzhXKhyfjVodRTyNR0dhoeMwNBlH0WWzW\n owwNOaJQ1LwDUkjrfRpkT53RJ5olRYa5ONDxuZEvmFy57bqXJh5U13m9FNWEtmF2\n NySFltZYEL6BZQn5qehF4kqqJ0JSVsHEyEC7sU9yr93khTGjWQfcGaITZXPNyXTC\n py/J1TeOEOz2VyvglPx/JL4dTfPg5uZCTWRXzLJDAbW26BcyFI4OyPjFly6FLj0o\n nMUuEzdCmNpHCKWkeyXajxtYd4EMo+UHGYC7jrpsAxRib0pdHUwnOG0MeNIUtPm/\n yW8i5St9PnX2y2qSaAoVURAI3irApn4Wc+hgRjo22l/B6ZudMAtASD5Ie8pXHNS0\n dlsgiv3sTZachMKU+usoIgejIb0MuBhBwVJ93A4YguEqNgZg0Cz4MUpWNma6zLIN\n Ko+3khp3z2Y/jWfNTKs41sz++png1iqjnvXjGIjKtgcFJyH+AwZzkh5LjRiahM/I\n OO/xTaO5Ag0EW7uGSwEQAL39qC95IFVNobRvecddeL26kHPgd0JS4fjB5r01pMFR\n 3fojnEwGTLzRJVR4iTfzOiAG1XKGYmEb15NkEgEcvaLaojSsaaAHv++BqL2qXHJa\n sfsgjKqxCAKyJps5wCEIzF1xfxHB/5BIyKenXZw9K/zlZzsfqzyehLAarZ4oMQEN\n u/dG3TlXCf/oSBHDttLTcRTGs1I8FEaA9O0ZeV+2S/WuT0kFa6s1tRUMMWHWzMmR\n 2a+vLCE3OMWtlRk6sfhfccf4rIzjj3xyieEGKznkOycu8JOqTBRmGMl3wRS2XI7c\n PFiV1MGRV5uhJ6a0D6DDAddL13TaXMfsZB0KkFHh8bKvAxJA9opHhl+X2NrdwsLz\n crCWF+QdoPX494j2aWnwSOXXtW9c2b6cpDfUoGVD79IYEzL0n6dgBPwCKLcmxotF\n Tv+H3Yy0DBn8BaQ0ZHbEgudwr73vxMgbYStGfu/bQEulcLA0vfTRGBRhzlZLE8k6\n +fXK23R4T/3kdyJovHdnK6aIN6oFTnVM5pyLrxmUkLCaPEbnoxVtA9zOeiGhqjYT\n pLgZMG95HgoscBlOh8BpuM2E3MSPV6XYjEKtvDpWy/i/oCPhd/PcY/qVxzj6dANU\n gQE/8hdf6Q//SvUxZaVrVwnmWkIZshGDJj/EM8VGhKzEoZF8Xmr/aibyN3CLoSMl\n ABEBAAGJBD4EGAECAAkFAlu7hksCGy4CKQkQ8f9oUSiLMxXBXSAEGQECAAYFAlu7\n hksACgkQ+ytqpCHNGT+1Vg//Z0ZiIoQQCLXmbAPdA79HVLCzsvkKQ3/RlqIR7Nq1\n JzgqPxg8drRo5+Ri+VrsIJt3AYH/lGm1UuSeycM6NrNWBpqL5FLjrMmbILQp9GMf\n bCZLXocOwDvrfpdBuEK+AS8SuLeiZtl8DcOe9Xtv3LSxXre0hsiIZpTRIjP+qkj8\n W7oZqUxwo1Wcnff+0snf6hPiTps/IB1utzSjxXVe86/89BWvLt/mT1o81h5mclgk\n l1eit6BvZsO/iicLB5KbyA7DVjAnxngze0+cCUAIVbqQbZhAVw5oZbKeXedbGuxr\n eRLWx+h5IBbtn+JwWngzueHyc3fY5b6ann06f6y6BF5+XmPRIXakYh4moJxSRQCA\n GVKGEubH/Y1Vyq8QIX7V6PGpS39mQkoYXEztvEtyZiV3J+SyObYZVTs9d5/rhoE2\n wXQIFTOdyHi52K2VfT3JU7rWOw5/SWuOQyyDdWgxEJuU6bUeOViOwHVkZDzwBX3Y\n 1to5cgY6dNQARplEgZZjRja4uc06u2d7Bk2CfqO4LvjV5UlPm838Ga+kGzBpp86X\n 5JBbZz9lPGf+GY7ZcROQp6ONui8P08+7EaTVtILTE0rd5g8umOnWBo1zteMv50As\n jyIPW20kUuJMdz3V+TNag5aCMW7qnO4zwildlQZmL54+xQDuRXK8P5JlKml6gnK+\n 4SLvUA/8CALEMqxNlb06ZJc1GCU/mcQYXfkNosHaNYpORjziDnH1LBQ7AnhIhhMy\n FwcuxpG9bABwQfoQE84Kx3zVU0xEoCGr549Kf5p7ZcqGwn3WzSql+qR/NcPRV9Dp\n tb4iSXoTUeutR1SeVn/TI2aOWez3UyIztnam+p32e4BNuyByFRmo2e8dP1RqCg6b\n 0KwuxDDE0k3zJCpjsWROrtBVQ9Zt9rsfG5kFxJ6Qi90uJP71f8rFDUuKmxJazDf3\n g3GHEGovUrOJO5JpvCcfCyT9mfOPxUSAKGBHj8NPY84vjqGaA9qqt54D8YT57TjR\n 5oWd8Iwex4XFHAoj59q04KmramVgP5q8VKFrxwVOhYmK6SNmvW9dEI3Y16bu9KF7\n CJnPq/mQXEI+a/G6hZgZ8eYxOV2812WcORppezALreHJeN1HogxI972G0kalKhNC\n p3315BKJdw/p6/j/qIob2EZOdqBsdHRKBgBVXVbaCnzgh1kKLEvJnVDio+zjEPDr\n lR9wQbcHRbu+ZqRSEbH0of/4rx0CdCPGKSDafviKPDXnvls85tWV/lMtNxamqYvv\n V0DUeTWQDmfiyWCgqXTiRA9U4ZFgFNWmirh38UmV7VtSlYaRos8fEQTfmN20fqTk\n 9mVAREENSiAuc4P93l8TtrN1bAqXaTX5oz+lepqWmHWvY+RiNiw=\n =laU4\n -----END PGP PUBLIC KEY BLOCK-----\n source_docker: \n source: 'deb [arch=amd64] https://download.docker.com/linux/ubuntu $RELEASE stable'\n key: |\n -----BEGIN PGP PUBLIC KEY BLOCK-----\n\n mQINBFit2ioBEADhWpZ8/wvZ6hUTiXOwQHXMAlaFHcPH9hAtr4F1y2+OYdbtMuth\n lqqwp028AqyY+PRfVMtSYMbjuQuu5byyKR01BbqYhuS3jtqQmljZ/bJvXqnmiVXh\n 38UuLa+z077PxyxQhu5BbqntTPQMfiyqEiU+BKbq2WmANUKQf+1AmZY/IruOXbnq\n L4C1+gJ8vfmXQt99npCaxEjaNRVYfOS8QcixNzHUYnb6emjlANyEVlZzeqo7XKl7\n UrwV5inawTSzWNvtjEjj4nJL8NsLwscpLPQUhTQ+7BbQXAwAmeHCUTQIvvWXqw0N\n cmhh4HgeQscQHYgOJjjDVfoY5MucvglbIgCqfzAHW9jxmRL4qbMZj+b1XoePEtht\n ku4bIQN1X5P07fNWzlgaRL5Z4POXDDZTlIQ/El58j9kp4bnWRCJW0lya+f8ocodo\n vZZ+Doi+fy4D5ZGrL4XEcIQP/Lv5uFyf+kQtl/94VFYVJOleAv8W92KdgDkhTcTD\n G7c0tIkVEKNUq48b3aQ64NOZQW7fVjfoKwEZdOqPE72Pa45jrZzvUFxSpdiNk2tZ\n XYukHjlxxEgBdC/J3cMMNRE1F4NCA3ApfV1Y7/hTeOnmDuDYwr9/obA8t016Yljj\n q5rdkywPf4JF8mXUW5eCN1vAFHxeg9ZWemhBtQmGxXnw9M+z6hWwc6ahmwARAQAB\n tCtEb2NrZXIgUmVsZWFzZSAoQ0UgZGViKSA8ZG9ja2VyQGRvY2tlci5jb20+iQI3\n BBMBCgAhBQJYrefAAhsvBQsJCAcDBRUKCQgLBRYCAwEAAh4BAheAAAoJEI2BgDwO\n v82IsskP/iQZo68flDQmNvn8X5XTd6RRaUH33kXYXquT6NkHJciS7E2gTJmqvMqd\n tI4mNYHCSEYxI5qrcYV5YqX9P6+Ko+vozo4nseUQLPH/ATQ4qL0Zok+1jkag3Lgk\n jonyUf9bwtWxFp05HC3GMHPhhcUSexCxQLQvnFWXD2sWLKivHp2fT8QbRGeZ+d3m\n 6fqcd5Fu7pxsqm0EUDK5NL+nPIgYhN+auTrhgzhK1CShfGccM/wfRlei9Utz6p9P\n XRKIlWnXtT4qNGZNTN0tR+NLG/6Bqd8OYBaFAUcue/w1VW6JQ2VGYZHnZu9S8LMc\n FYBa5Ig9PxwGQOgq6RDKDbV+PqTQT5EFMeR1mrjckk4DQJjbxeMZbiNMG5kGECA8\n g383P3elhn03WGbEEa4MNc3Z4+7c236QI3xWJfNPdUbXRaAwhy/6rTSFbzwKB0Jm\n ebwzQfwjQY6f55MiI/RqDCyuPj3r3jyVRkK86pQKBAJwFHyqj9KaKXMZjfVnowLh\n 9svIGfNbGHpucATqREvUHuQbNnqkCx8VVhtYkhDb9fEP2xBu5VvHbR+3nfVhMut5\n G34Ct5RS7Jt6LIfFdtcn8CaSas/l1HbiGeRgc70X/9aYx/V/CEJv0lIe8gP6uDoW\n FPIZ7d6vH+Vro6xuWEGiuMaiznap2KhZmpkgfupyFmplh0s6knymuQINBFit2ioB\n EADneL9S9m4vhU3blaRjVUUyJ7b/qTjcSylvCH5XUE6R2k+ckEZjfAMZPLpO+/tF\n M2JIJMD4SifKuS3xck9KtZGCufGmcwiLQRzeHF7vJUKrLD5RTkNi23ydvWZgPjtx\n Q+DTT1Zcn7BrQFY6FgnRoUVIxwtdw1bMY/89rsFgS5wwuMESd3Q2RYgb7EOFOpnu\n w6da7WakWf4IhnF5nsNYGDVaIHzpiqCl+uTbf1epCjrOlIzkZ3Z3Yk5CM/TiFzPk\n z2lLz89cpD8U+NtCsfagWWfjd2U3jDapgH+7nQnCEWpROtzaKHG6lA3pXdix5zG8\n eRc6/0IbUSWvfjKxLLPfNeCS2pCL3IeEI5nothEEYdQH6szpLog79xB9dVnJyKJb\n VfxXnseoYqVrRz2VVbUI5Blwm6B40E3eGVfUQWiux54DspyVMMk41Mx7QJ3iynIa\n 1N4ZAqVMAEruyXTRTxc9XW0tYhDMA/1GYvz0EmFpm8LzTHA6sFVtPm/ZlNCX6P1X\n zJwrv7DSQKD6GGlBQUX+OeEJ8tTkkf8QTJSPUdh8P8YxDFS5EOGAvhhpMBYD42kQ\n pqXjEC+XcycTvGI7impgv9PDY1RCC1zkBjKPa120rNhv/hkVk/YhuGoajoHyy4h7\n ZQopdcMtpN2dgmhEegny9JCSwxfQmQ0zK0g7m6SHiKMwjwARAQABiQQ+BBgBCAAJ\n BQJYrdoqAhsCAikJEI2BgDwOv82IwV0gBBkBCAAGBQJYrdoqAAoJEH6gqcPyc/zY\n 1WAP/2wJ+R0gE6qsce3rjaIz58PJmc8goKrir5hnElWhPgbq7cYIsW5qiFyLhkdp\n YcMmhD9mRiPpQn6Ya2w3e3B8zfIVKipbMBnke/ytZ9M7qHmDCcjoiSmwEXN3wKYI\n mD9VHONsl/CG1rU9Isw1jtB5g1YxuBA7M/m36XN6x2u+NtNMDB9P56yc4gfsZVES\n KA9v+yY2/l45L8d/WUkUi0YXomn6hyBGI7JrBLq0CX37GEYP6O9rrKipfz73XfO7\n JIGzOKZlljb/D9RX/g7nRbCn+3EtH7xnk+TK/50euEKw8SMUg147sJTcpQmv6UzZ\n cM4JgL0HbHVCojV4C/plELwMddALOFeYQzTif6sMRPf+3DSj8frbInjChC3yOLy0\n 6br92KFom17EIj2CAcoeq7UPhi2oouYBwPxh5ytdehJkoo+sN7RIWua6P2WSmon5\n U888cSylXC0+ADFdgLX9K2zrDVYUG1vo8CX0vzxFBaHwN6Px26fhIT1/hYUHQR1z\n VfNDcyQmXqkOnZvvoMfz/Q0s9BhFJ/zU6AgQbIZE/hm1spsfgvtsD1frZfygXJ9f\n irP+MSAI80xHSf91qSRZOj4Pl3ZJNbq4yYxv0b1pkMqeGdjdCYhLU+LZ4wbQmpCk\n SVe2prlLureigXtmZfkqevRz7FrIZiu9ky8wnCAPwC7/zmS18rgP/17bOtL4/iIz\n QhxAAoAMWVrGyJivSkjhSGx1uCojsWfsTAm11P7jsruIL61ZzMUVE2aM3Pmj5G+W\n 9AcZ58Em+1WsVnAXdUR//bMmhyr8wL/G1YO1V3JEJTRdxsSxdYa4deGBBY/Adpsw\n 24jxhOJR+lsJpqIUeb999+R8euDhRHG9eFO7DRu6weatUJ6suupoDTRWtr/4yGqe\n dKxV3qQhNLSnaAzqW/1nA3iUB4k7kCaKZxhdhDbClf9P37qaRW467BLCVO/coL3y\n Vm50dwdrNtKpMBh3ZpbB1uJvgi9mXtyBOMJ3v8RZeDzFiG8HdCtg9RvIt/AIFoHR\n H3S+U79NT6i0KPzLImDfs8T7RlpyuMc4Ufs8ggyg9v3Ae6cN3eQyxcK3w0cbBwsh\n /nQNfsA6uu+9H7NhbehBMhYnpNZyrHzCmzyXkauwRAqoCbGCNykTRwsur9gS41TQ\n M8ssD1jFheOJf3hODnkKU+HKjvMROl1DK7zdmLdNzA1cvtZH/nCC9KPj1z8QC47S\n xx+dTZSx4ONAhwbS/LN3PoKtn8LPjY9NP9uDWI+TWYquS2U+KHDrBDlsgozDbs/O\n jCxcpDzNmXpWQHEtHU7649OXHP7UeNST1mCUCH5qdank0V1iejF6/CfTFU4MfcrG\n YT90qFF93M3v01BbxP+EIY2/9tiIPbrd\n =0YYh\n -----END PGP PUBLIC KEY BLOCK-----\n\n debconf_selections:\n vhost: dokku dokku/vhost_enable boolean true\n # set the domain name of the new Dokku server\n hostname: dokku dokku/hostname string $YOUR_FULL_QUALIFIED_DOMAIN\n # this copies over the public SSH key assigned to the server\n key: dokku dokku/key_file string /home/ubuntu/.ssh/authorized_keys\n\npackages:\n - dokku\npackage_update: true\npackage_upgrade: true\npackage_reboot_if_required: true\n
Shortly after running the create command you will get a confirmation that the instance has been created, and after about a minute it should be ready to login. Check the IP of the instance through the web UI or by running:
nova list\n
SSH with the ubuntu username and the public key previously added. Keep in mind that if you logged in quick enough Dokku might still be installing in the background, and not be ready. The installation takes a few minutes.
"},{"location":"getting-started/install/vagrant/","title":"Vagrant Installation Notes","text":" -
Download and install VirtualBox.
-
Download and install Vagrant.
-
Clone Dokku.
git clone https://github.com/dokku/dokku.git\n
-
Create VM.
# Optional ENV arguments:\n# - `BOX_NAME`\n# - `BOX_URI`\n# - `BOX_MEMORY`\n# - `DOKKU_DOMAIN`\n# - `DOKKU_IP`\n# - `FORWARDED_PORT`.\ncd path/to/dokku\n\n# for most users\nvagrant up\n\n# windows users must instead use the following in an elevated command prompt\nvagrant up dokku-windows\n
-
Setup SSH Config in ~/.ssh/config.
Host dokku.me\n Port 22\n
For users that have customized the IP address of their VM - either in a custom Vagrantfile or via the DOKKU_IP environment variable - and are not using 10.0.0.2 for the Vagrant IP, you'll need to instead use the output of vagrant ssh-config dokku for your ~/.ssh/config entry.
-
Connect to the server via vagrant ssh and add your ssh key to the install. Additionally, set the global domain name to dokku.me.
# usually your key is already available under the current user's `~/.ssh/authorized_keys` file\ncat ~/.ssh/authorized_keys | dokku ssh-keys:add admin\n\n# you can use any domain you already have access to\ndokku domains:set-global dokku.me\n
Please note, the dokku.me domain is setup to point to 10.0.0.2 along with all subdomains (i.e. yourapp.dokku.me). If you change the DOKKU_IP in your Vagrant setup you'll need to update your /etc/hosts file to point your reconfigured IP address.
You are now ready to deploy an app or install plugins.
"},{"location":"getting-started/installation/","title":"Getting Started with Dokku","text":""},{"location":"getting-started/installation/#what-is-dokku","title":"What is Dokku?","text":"Dokku is an extensible, open source Platform as a Service that runs on a single server of your choice. Dokku supports building apps on the fly from a git push via either Dockerfile or by auto-detecting the language with Buildpacks, and then starts containers based on your built image. Using technologies such as nginx and cron, Web processes are automatically routed to, while background processes and automated cron tasks are also managed by Dokku.
"},{"location":"getting-started/installation/#system-requirements","title":"System Requirements","text":"To start using Dokku, you'll need a system that meets the following minimum requirements:
- A fresh installation of any of the following operating systems:
- Ubuntu 20.04/22.04/24.04
- Debian 11+ x64
- A server with one of the following architectures
- AMD64 (alternatively known as
x86_64), commonly used for Intel cloud servers - ARMV8 (alternatively known as
arm64), commonly used for Raspberry PI and AWS Graviton
To avoid memory pressure during builds or runtime of your applications, we suggest the following:
- At least 1 GB of system memory
- If your system has less than 1GB of memory, you can use this workaround.
Finally, we recommend attaching at least one domain name to your server. This is not required, but using a domain name will make app access easier. When connecting a domain, either a single domain or a wildcard may be associated to the server's IP.
- Wildcard domain (
*.domain.tld A Record): will allow access to apps via $APP.domain.tld. - Single domain (
domain.tld A or CNAME Record): will result in apps being accessed via domain.tld:$RANDOM_PORT.
Please see the dns documentation and domains documentation for more details.
"},{"location":"getting-started/installation/#installing-the-latest-stable-version","title":"Installing the latest stable version","text":"This is the simple method of installing Dokku. For alternative methods of installation, see the advanced install guide.
"},{"location":"getting-started/installation/#1-install-dokku","title":"1. Install Dokku","text":"To install the latest stable version of Dokku, you can run the following shell commands:
# for debian systems, installs Dokku via apt-get\nwget -NP . https://dokku.com/install/v0.35.4/bootstrap.sh\nsudo DOKKU_TAG=v0.35.4 bash bootstrap.sh\n
The installation process takes about 5-10 minutes, depending upon internet connection speed.
"},{"location":"getting-started/installation/#2-setup-ssh-key-and-virtualhost-settings","title":"2. Setup SSH key and Virtualhost Settings","text":"Once the installation is complete, you should configure an ssh key and set your global domain.
# usually your key is already available under the current user's `~/.ssh/authorized_keys` file\ncat ~/.ssh/authorized_keys | dokku ssh-keys:add admin\n\n# you can use any domain you already have access to\n# this domain should have an A record or CNAME pointing at your server's IP\ndokku domains:set-global dokku.me\n\n# you can also use the ip of your server\ndokku domains:set-global 10.0.0.2\n\n# finally, you can use sslip.io to get subdomain support\n# as you would with a regular domain name\n# this would be done by appending `.sslip.io` to your ip address\ndokku domains:set-global 10.0.0.2.sslip.io\n
See the user management and domains documentation for more information.
"},{"location":"getting-started/installation/#3-deploy-your-first-application","title":"3. Deploy your first application","text":"At this point, you should be able to deploy to the Dokku installation.
"},{"location":"getting-started/upgrading/","title":"Upgrading","text":"If your version of Dokku is pre 0.3.0 (check with dokku version), we recommend a fresh install on a new server.
"},{"location":"getting-started/upgrading/#security-updates","title":"Security Updates","text":"For any security related updates, please follow our Twitter account. As Dokku does not run any daemons, the security risk introduced by our software is minimal.
Your operating system may occasionally provide security updates. We recommend setting unattended upgrades for your operating system. Here are some helpful links:
- Arch Linux System Maintenance
- Debian Unattended Upgrades
- Ubuntu Unattended Upgrades
Docker releases updates periodically to their engine. We recommend reading their release notes and upgrading accordingly. Please see the Docker documentation for more details.
"},{"location":"getting-started/upgrading/#migration-guides","title":"Migration Guides","text":"Before upgrading, check the migration guides to get comfortable with new features and prepare your deployment to be upgraded.
- Upgrading to 0.35
- Upgrading to 0.34
- Upgrading to 0.33
- Upgrading to 0.32
- Upgrading to 0.31
- Upgrading to 0.30
- Upgrading to 0.29
- Upgrading to 0.28
- Upgrading to 0.27
- Upgrading to 0.26
- Upgrading to 0.25
- Upgrading to 0.24
- Upgrading to 0.23
- Upgrading to 0.22
- Upgrading to 0.21
- Upgrading to 0.20
- Upgrading to 0.10
- Upgrading to 0.9
- Upgrading to 0.8
- Upgrading to 0.7
- Upgrading to 0.6
- Upgrading to 0.5
"},{"location":"getting-started/upgrading/#upgrade-process","title":"Upgrade Process","text":""},{"location":"getting-started/upgrading/#before-upgrading","title":"Before upgrading","text":"If you'll be updating docker or the herokuish package simultaneously, it's recommended that you stop all applications before upgrading and rebuild afterwards. This is not required if the upgrade only impacts the dokku package.
Why do we recommend stopping all apps?
docker: Containers may be randomly reset during the upgrade process, resulting in requests being sent to the wrong containers. Acknowledging and scheduling downtime thus becomes much more important.herokuish: While not required, it may be useful to take advantage of the latest base image. Herokuish changes do not cause issues unless the base OS changes, which may happen in minor or major releases.
# for 0.22.0 and newer versions, use\ndokku ps:stop --all\n\n# for versions between 0.11.4 and 0.21.4, use\ndokku ps:stopall\n\n# for versions between 0.8.1 and 0.11.3, use\ndokku --quiet apps:list | xargs -L1 dokku ps:stop\n\n# for versions older than 0.8.1, use\ndokku --quiet apps | xargs -L1 dokku ps:stop\n
"},{"location":"getting-started/upgrading/#upgrading_1","title":"Upgrading","text":"Info
[!IMPORTANT] Unless specified, the bootstrap.sh script installs Dokku via a Debian package (.deb). Using either the dokku-update or apt methods are enough to perform an upgrade of Dokku.
Please read the migration guides for each version in between your currently installed version of Dokku and the version you are upgrading to in order to ensure minimal downtime.
"},{"location":"getting-started/upgrading/#upgrading-using-dokku-update","title":"Upgrading using dokku-update","text":"Warning
The dokku-update package currently does not support upgrading to a specific version of Dokku. If this is required by a particular migration guide, use the apt method for upgrading.
We provide a helpful binary called dokku-update. This is a recommended package that:
- Can be installed separately, so upgrading Dokku will not affect the running of this package.
- Automates many of the upgrade instructions for you.
- Provides a clean way for us to further enhance the upgrade process in the future.
This binary is available on Debian and RPM-based systems from our package repositories under the name dokku-update. When installing from source, this is available from a separate Github repository at dokku/dokku-update.
"},{"location":"getting-started/upgrading/#upgrading-using-apt","title":"Upgrading using apt","text":"If Dokku was installed in a Debian or Ubuntu system, via apt-get install dokku or bootstrap.sh, you can upgrade with apt-get:
# update your local apt cache\nsudo apt-get update\n\n# update dokku and its dependencies\nsudo apt-get --no-install-recommends install dokku herokuish sshcommand plugn gliderlabs-sigil dokku-update dokku-event-listener\n\n# or just upgrade every package:\nsudo apt-get upgrade\n
To upgrade to a specific version of Dokku, specify it on the apt-get call:
# specify the version _without_ the `v` prefix\nsudo apt-get dokku=$VERSION\n
"},{"location":"getting-started/upgrading/#upgrading-from-source","title":"Upgrading from source","text":"Info
[!CAUTION] Dokku is not normally installed from source. Executing a source upgrade when the installation was performed via apt package may result in an inoperable system and will require manual work to get Dokku in a working state.
If you installed Dokku from source (less common), upgrade with:
cd ~/dokku\ngit pull --tags origin master\n\n# continue to install from source\nsudo DOKKU_BRANCH=master make install\n\n# upgrade to debian package-based installation\nsudo make install\n
To upgrade Herokuish from source, upgrade with:
cd /tmp\ngit clone https://github.com/gliderlabs/herokuish.git\ncd herokuish\nCIRCLECI=true IMAGE_NAME=gliderlabs/herokuish BUILD_TAG=latest make build/docker\n
"},{"location":"getting-started/upgrading/#after-upgrading","title":"After upgrading","text":"After upgrading, you should rebuild the applications to take advantage of any new buildpacks that were released:
dokku ps:rebuild --all\n
"},{"location":"networking/dns/","title":"DNS Configuration","text":"Note
This is a work in progress.
"},{"location":"networking/dns/#dns-versions","title":"DNS Versions","text":"There are many different DNS servers 'in the wild'. Some of the popular ones on Linux are BIND, dnsmasq, and pdns. Windows has its own built-in DNS server as well as Unbound, Posadis, and more. A full list of DNS packages can be found on Wikipedia under Comparison of DNS Server Software. In addition to the various DNS packages, there are tens of thousands of Managed DNS Providers out that all have different DNS interfaces.
"},{"location":"networking/dns/#focus","title":"Focus","text":"Because there are so many different DNS server packages out there as well as a tremendous number of Managed DNS Providers, we will focus on the concepts of DNS as well as providing examples in the 'BIND' format so you can adapt the information to your own server package or managed DNS provider.
"},{"location":"networking/dns/#assumptions","title":"Assumptions","text":" - We assume you have a passing familiarity with DNS. If not, you can read an in-depth article on DNS. But basically you need to know that DNS changes names (like example.tld) into addresses (like 127.0.0.1)
- We assume you already have a domain name registered and pointed to your favorite Managed DNS Provider or have your own BIND DNS server running.
- You have a server on the internet and are about to follow the instructions in the README to get Dokku installed. Don't do the install just yet though.
"},{"location":"networking/dns/#caching","title":"Caching","text":"Please remember that DNS relies heavily on caching. Changes you make to DNS could take anywhere from a few seconds to a few days to propagate. If you tried surfing to example.tld, then changed the IP address in DNS, it could be a while before your computer picks up on the changes.
"},{"location":"networking/dns/#getting-started","title":"Getting started","text":"For the examples, we will use the domain name example.tld and the IP address 127.0.0.1.
Dokku uses DNS to differentiate between apps on your dokku-powered server. If you are using the domain example.tld, and you have two apps node-js-app1 and node-js-app2, Dokku will make them available at node-js-app1.example.tld and node-js-app2.example.tld.
To get started, you need to know the IP address of your Dokku server. Connect to it and run ifconfig or ip addr to see the IP address.
Now you have to make a decision about your domain. Do you want everything and anything at example.tld to go to your Dokku server, or would you rather use a 'sub domain' for your Dokku server?
In other words, do you want your applications on your Dokku server accessible via node-js-app.example.tld or via node-js-app.myserver.example.tld?
"},{"location":"networking/dns/#using-a-sub-domain-node-js-appmyserverexampletld","title":"Using a sub-domain (node-js-app.myserver.example.tld)","text":"Using a sub-domain is easy. When you set up your server, you probably gave it a name like myserver.example.tld.
Go in to your Managed DNS provider and create an A record named myserver and put in the IP address you got from your server a few moments ago.
Hopefully your managed DNS provider also supports wildcards. Create a second A record named *.myserver along with the IP address you got from your server a few moments ago.
If you are using BIND, your zone file will look similar to this:
$ORIGIN example.tld\n$TTL 5m\n\nmyserver IN A 127.0.0.1\n*.myserver IN A 127.0.0.1\n
You can verify your changes in Linux by trying one or more of the following commands:
host myserver.example.tlddig -t A myserver.example.tldnslookup myserver.example.tld
Now is a good time to remind you that the answers you get MAY BE CACHED.
If everything is working correctly, you should also be able to query for any other name under myserver.example.tld and get back the IP address of your server. Try:
host test.myserver.example.tldhost xyzzy.myserver.example.tld
If they all return your IP address, you have set DNS up properly for dokku. You should also be able to ssh root@myserver.example.tld and access your server.
Proceed with the setup instructions in the installation documentation
"},{"location":"networking/dns/#using-the-root-of-your-domain-node-js-appexampletld","title":"Using the root of your domain (node-js-app.example.tld)","text":"This section is a work in progress. It is incomplete.
Using the 'root' of your domain is nearly identical to the previous example.
- hostname is under
example.tld, still needs A record. - Update your global domain using the domains plugin.
"},{"location":"networking/network/","title":"Network Management","text":"New
Introduced in 0.11.0, Enhanced in 0.20.0
network:create <network> # Creates an attachable docker network\nnetwork:destroy <network> # Destroys a docker network\nnetwork:exists <network> # Checks if a docker network exists\nnetwork:info <network> [--format text|json] # Outputs information about a docker network\nnetwork:list [--format text|json] # Lists all docker networks\nnetwork:report [<app>] [<flag>] # Displays a network report for one or more apps\nnetwork:rebuild <app> # Rebuilds network settings for an app\nnetwork:rebuildall # Rebuild network settings for all apps\nnetwork:set <app> <key> (<value>) # Set or clear a network property for an app\n
The Network plugin allows developers to abstract the concept of container network management, allowing developers to both change what networks a given container is attached to as well as rebuild the configuration on the fly.
"},{"location":"networking/network/#usage","title":"Usage","text":""},{"location":"networking/network/#listing-networks","title":"Listing networks","text":"New
Introduced in 0.20.0, Requires Docker 1.21+
You can easily list all available networks using the network:list command:
ShellOutput dokku network:list\n
=====> Networks\nbridge\nhost\nnone\ntest-network\n
Note that you can easily hide extra output from Dokku commands by using the --quiet flag, which makes it easier to parse on the command line.
ShellOutput dokku --quiet network:list\n
bridge\nhost\nnone\ntest-network\n
The network:list command also takes a --format flag, with the valid options including text (default) and json. The json output format can be used for automation purposes:
ShellOutput dokku network:list --format json\n
[\n {\"CreatedAt\":\"2024-02-25T01:55:24.275184461Z\",\"Driver\":\"bridge\",\"ID\":\"d18df2d21433\",\"Internal\":false,\"IPv6\":false,\"Labels\":{},\"Name\":\"bridge\",\"Scope\":\"local\"},\n {\"CreatedAt\":\"2024-02-25T01:55:24.275184461Z\",\"Driver\":\"bridge\",\"ID\":\"f50fa882e7de\",\"Internal\":false,\"IPv6\":false,\"Labels\":{},\"Name\":\"test-network\",\"Scope\":\"local\"},\n {\"CreatedAt\":\"2024-02-25T01:55:24.275184461Z\",\"Driver\":\"host\",\"ID\":\"ab6a59291443\",\"Internal\":false,\"IPv6\":false,\"Labels\":{},\"Name\":\"host\",\"Scope\":\"local\"},\n {\"CreatedAt\":\"2024-02-25T01:55:24.275184461Z\",\"Driver\":\"null\",\"ID\":\"e2506bc8b7d7\",\"Internal\":false,\"IPv6\":false,\"Labels\":{},\"Name\":\"none\",\"Scope\":\"local\"}\n]\n
"},{"location":"networking/network/#creating-a-network","title":"Creating a network","text":"New
Introduced in 0.20.0, Requires Docker 1.21+
Docker networks can be created via the network:create command. Executing this command will create an attachable bridge network. This can be used to route requests between containers without going through any public network.
ShellOutput dokku network:create test-network\n
-----> Creating network test-network\n
Specifying other additional flags or other types of networks can be created directly via the docker command.
"},{"location":"networking/network/#destroying-a-network","title":"Destroying a network","text":"New
Introduced in 0.20.0, Requires Docker 1.21+
A Docker network without any associated containers may be destroyed via the network:destroy command. Docker will refuse to destroy networks that have containers attached.
ShellOutput dokku network:destroy test-network\n
! WARNING: Potentially Destructive Action\n ! This command will destroy network test.\n ! To proceed, type \"test\"\n-----> Destroying network test\n
Info
test
As the command is destructive, it will default to asking for confirmation before executing the removal of the network. This may be avoided by providing the --force flag:
ShellOutput dokku --force network:destroy test-network\n
-----> Destroying network test\n
"},{"location":"networking/network/#checking-if-a-network-exists","title":"Checking if a network exists","text":"New
Introduced in 0.20.0, Requires Docker 1.21+
For CI/CD pipelines, it may be useful to see if an network exists before creating a new network. You can do so via the network:exists command:
ShellOutput dokku network:exists nonexistent-network\n
Network does not exist\n
The network:exists command will return non-zero if the network does not exist, and zero if it does.
"},{"location":"networking/network/#checking-network-info","title":"Checking network info","text":"New
Introduced in 0.35.3
Network information can be retrieved via the network:info command. This is a slightly different version of the docker network command.
ShellOutput dokku network:info bridge\n
=====> bridge network information\n ID: d18df2d21433\n Name: bridge\n Driver: bridge\n Scope: local\n
The network:info command also takes a --format flag, with the valid options including text (default) and json. The json output format can be used for automation purposes:
ShellOutput dokku network:info bridge --format json\n
{\"CreatedAt\":\"2024-02-25T01:55:24.275184461Z\",\"Driver\":\"bridge\",\"ID\":\"d18df2d21433\",\"Internal\":false,\"IPv6\":false,\"Labels\":{},\"Name\":\"bridge\",\"Scope\":\"local\"}\n
"},{"location":"networking/network/#routing-an-app-to-a-known-ipport-combination","title":"Routing an app to a known ip:port combination","text":"In some cases, it may be necessary to route an app to an existing $IP:$PORT combination. This is particularly the case for internal admin tools or services that aren't run by Dokku but have a web ui that would benefit from being exposed by Dokku. This can be done by using a proxy application and routing requests through that.
# for a service listening on:\n# - ip address: 127.0.0.1\n# - port: 8080\n\n# create the app\ndokku apps:create local-app\n\n# add an extra host that maps host.docker.internal to the docker gateway\ndokku docker-options:add local-app deploy \"--add-host=host.docker.internal:host-gateway\"\n\n# set the SERVICE_HOST to the mapped hostname\ndokku config:set local-app SERVICE_HOST=host.docker.internal\n\n# set the SERVICE_PORT to the port combination for your app\ndokku config:set local-app SERVICE_PORT=8080\n\n# set the domains desired\ndokku domains:set local-app local-app.dokku.me\n\n# deploy the service-proxy image\ndokku git:from-image local-app dokku/service-proxy:latest\n
Only a single $IP:$PORT combination can be routed to for a given app, and that $IP:$PORT combination must be accessible to the service proxy on initial deploy, or the service proxy won't start.
"},{"location":"networking/network/#attaching-an-app-to-a-network","title":"Attaching an app to a network","text":"New
Introduced in 0.20.0, Requires Docker 1.21+
Apps will default to being associated with the default bridge network or a network specified by the initial-network network property. Additionally, an app can be attached to attachable networks by changing the attach-post-create or attach-post-deploy network properties when using the docker-local scheduler. A change in these values will require an app deploy or rebuild.
# associates the network after a container is created but before it is started\n# commonly used for cross-app networking\ndokku network:set node-js-app attach-post-create test-network\n\n# associates the network after the deploy is successful but before the proxy is updated\n# used for cross-app networking when healthchecks must be invoked first\ndokku network:set node-js-app attach-post-deploy other-test-network\n\n# associates the network at container creation\n# typically blocks access to services and external routing\ndokku network:set node-js-app initial-network global-network\n
Multiple networks can also be specified for the attach-post-create and attach-post-deploy phases.
# one or more networks can be specified\ndokku network:set node-js-app attach-post-create test-network test-network-2\n
Setting the attach network property to an empty value will de-associate the container with the network.
dokku network:set node-js-app attach-post-create\ndokku network:set node-js-app attach-post-deploy\ndokku network:set node-js-app initial-network\n
The network properties can also be set globally. The global default value is an empty string, and the global value is used when no app-specific value is set.
dokku network:set --global attach-post-create global-create-network\ndokku network:set --global attach-post-deploy global-deploy-network\ndokku network:set --global initial-network global-network\n
The default value may be set by passing an empty value for the option.
dokku network:set --global attach-post-create\ndokku network:set --global attach-post-deploy\ndokku network:set --global initial-network\n
"},{"location":"networking/network/#network-aliases","title":"Network Aliases","text":"Note
This feature is only available when an app has been attached to a network other than the default bridge network.
When a container created for a deployment is being attached to a network - regardless of which network property was used - a network alias of the pattern APP.PROC_TYPE will be added to all containers. This can be used to load-balance requests between containers. For an application named node-js-app with a process type of web, the network alias - or resolvable DNS record within the network - will be:
node-js-app.web\n
The fully-qualified URL for the resource will depend upon the PORT being listened to by the application. Applications built via buildpacks will have their PORT environment variable set to 5000, and as such internal network requests for the above example should point to the following:
http://node-js-app.web:5000\n
Dockerfile-based applications may listen on other ports. For more information on how ports are specified for applications, please refer to the port management documentation.
"},{"location":"networking/network/#specifying-a-custom-tld","title":"Specifying a custom TLD","text":"When attaching applications to networks, a custom TLD can be specified via the network:set command. This TLD is suffixed to the network alias for the application/process-type combination for all networks to which the application is attached, and cannot be customized per network. The default value is an empty string.
To specify a TLD of svc.cluster.local for your application, run the following command:
# replace node-js-app with your application name\ndokku network:set node-js-app tld svc.cluster.local\n
With an application named node-js-app and a process-type named web, the above command will turn the network alias into:
node-js-app.web.svc.cluster.local\n
Note that this has no impact on container port handling, and users must still specify the container port when making internal network requests.
The default value may be set by passing an empty value for the option:
dokku network:set node-js-app tld\n
The tld property can also be set globally. The global default is emty string, and the global value is used when no app-specific value is set.
dokku network:set --global tld svc.cluster.local\n
The default value may be set by passing an empty value for the option.
dokku network:set --global tld\n
"},{"location":"networking/network/#when-to-attach-containers-to-a-network","title":"When to attach containers to a network","text":"Containers can be attached to a network for a variety of reasons:
- A background process in one app needs to communicate to a webservice in another app
- An app needs to talk to a container not managed by Dokku in a secure manner
- A custom network that allows transparent access to another host exists and is necessary for an app to run
Whatever the reason, the semantics of the two network hooks are important and are outlined before.
attach-post-create: - Phase it applies to:
build: Intermediate containers created during the build process.deploy: Deployed app containers.run: Containers created by the run command.
- Container state on attach:
created but not running - Use case: When the container needs to access a resource on the network.
- Example: The app needs to talk to a database on the same network when it first boots.
attach-post-deploy - Phase it applies to:
deploy: Deployed app containers.
- Container state on attach:
running - Use case: When another container on the network needs to access this container.
- Example: A background process needs to communicate with the web process exposed by this container.
initial-network: - Phase it applies to:
build: Intermediate containers created during the build process.deploy: Deployed app containers.run: Containers created by the run command.
- Container state on attach:
created - Use case: When another container on the network is already running and needed by this container.
- Example: A key-value store exposing itself to all your apps may be on the
initial-network.
Warning
If the attachment fails during the running container state, this may result in your application failing to respond to proxied requests once older containers are removed.
"},{"location":"networking/network/#rebuilding-network-settings","title":"Rebuilding network settings","text":"There are cases where you may need to rebuild the network configuration for an app, such as on app boot or container restart. In these cases, you can use the network:rebuild command:
dokku network:rebuild node-js-app\n
Info
This command will exit a non-zero number that depends on the number of containers for which configuration could not be built
"},{"location":"networking/network/#rebuilding-all-network-settings","title":"Rebuilding all network settings","text":"In some cases, a docker upgrade may reset container IPs or Ports. In both cases, you can quickly rewrite those files by using the network:rebuildall command:
dokku network:rebuildall\n
Info
This command will exit a non-zero number that depends on the number of containers for which configuration could not be built
"},{"location":"networking/network/#container-network-interface-binding","title":"Container network interface binding","text":"Info
This functionality does not control the --network docker flag. Please use the docker-options plugin to manage this flag.
By default, an app will only bind to the internal interface. This behavior can be modified per app by changing the bind-all-interfaces network property.
# bind to the default docker interface (`docker0`) with a random internal ip\n# this is the default behavior\ndokku network:set node-js-app bind-all-interfaces false\n\n# bind to all interfaces (`0.0.0.0`) on a random port for each upstream port\n# this will make the app container directly accessible by other hosts on your network\n# ports are randomized for every deploy, e.g. `0.0.0.0:32771->5000/tcp`.\ndokku network:set node-js-app bind-all-interfaces true\n
By way of example, in the default case, each container is bound to the docker interface:
ShellOutput docker ps\n
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES\n1b88d8aec3d1 dokku/node-js-app:latest \"/bin/bash -c '/star About a minute ago Up About a minute node-js-app.web.1\n
As such, the container's IP address will be an internal IP, and thus it is only accessible on the host itself:
ShellOutput docker inspect --format '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' node-js-app.web.1\n
172.17.0.6\n
However, you can disable the internal proxying via the network:set command so that it will listen on the host's IP address:
ShellOutput dokku network:set node-js-app bind-all-interfaces true\n\n# container bound to all interfaces\ndocker ps\n
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES\nd6499edb0edb dokku/node-js-app:latest \"/bin/bash -c '/star About a minute ago Up About a minute 0.0.0.0:49153->5000/tcp node-js-app.web.1\n
The bind-all-interfaces property can also be set globally. The global default is false, and the global value is used when no app-specific value is set.
dokku network:set --global bind-all-interfaces true\n
The default value may be set by passing an empty value for the option.
dokku network:set --global bind-all-interfaces\n
"},{"location":"networking/network/#displaying-network-reports-for-an-app","title":"Displaying network reports for an app","text":"You can get a report about the app's network status using the network:report command:
ShellOutput dokku network:report\n
=====> node-js-app network information\n Network attach post create:\n Network attach post deploy:\n Network bind all interfaces: false\n Network computed attach post create:\n Network computed attach post deploy:\n Network computed bind all interfaces:false\n Network computed initial network:\n Network computed tld:\n Network global attach post create:\n Network global attach post deploy:\n Network global bind all interfaces:false\n Network global initial network:\n Network global tld:\n Network initial network:\n Network tld:\n Network web listeners: 172.17.0.1:5000\n=====> python-sample network information\n Network attach post create:\n Network attach post deploy:\n Network bind all interfaces: false\n Network computed attach post create:\n Network computed attach post deploy:\n Network computed bind all interfaces:false\n Network computed initial network:\n Network computed tld:\n Network global attach post create:\n Network global attach post deploy:\n Network global bind all interfaces:false\n Network global initial network:\n Network global tld:\n Network initial network:\n Network tld:\n Network web listeners: 172.17.0.2:5000\n=====> ruby-sample network information\n Network attach post create:\n Network attach post deploy:\n Network bind all interfaces: false\n Network computed attach post create:\n Network computed attach post deploy:\n Network computed bind all interfaces:false\n Network computed initial network:\n Network computed tld:\n Network global attach post create:\n Network global attach post deploy:\n Network global bind all interfaces:false\n Network global initial network:\n Network global tld:\n Network initial network:\n Network tld:\n Network web listeners:\n
You can run the command for a specific app also.
ShellOutput dokku network:report node-js-app\n
=====> node-js-app network information\n Network attach post create:\n Network attach post deploy:\n Network bind all interfaces: false\n Network computed attach post create:\n Network computed attach post deploy:\n Network computed bind all interfaces:false\n Network computed initial network:\n Network computed tld:\n Network global attach post create:\n Network global attach post deploy:\n Network global bind all interfaces:false\n Network global initial network:\n Network global tld:\n Network initial network:\n Network tld:\n Network web listeners: 172.17.0.1:5000\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku network:report node-js-app --network-bind-all-interfaces\n
"},{"location":"networking/port-management/","title":"Port Management","text":"New
Introduced in 0.31.0, replaces the previous proxy:ports* commands
ports:list <app> # List port mappings for an app\nports:add <app> <scheme>:<host-port>:<container-port> [<scheme>:<host-port>:<container-port>...] # Add port mappings to an app\nports:clear <app> # Clear all port mappings for an app\nports:remove <app> <host-port> [<host-port>|<scheme>:<host-port>:<container-port>...] # Remove specific port mappings from an app\nports:set <app> <scheme>:<host-port>:<container-port> [<scheme>:<host-port>:<container-port>...] # Set port mappings for an app\n
"},{"location":"networking/port-management/#usage","title":"Usage","text":"Warning
Mapping alternative ports may conflict with the active firewall installed on your server or hosting provider. Such software includes - but is not limited to - AWS Security Groups, iptables, and UFW. Please consult the documentation for those softwares as applicable.
Users should also avoid setting the PORT environment variable. Dokku will use port mappings to set this value. Overriding this manually may cause issues in application routing.
You can now configure host -> container port mappings with the ports:* commands. This mapping is currently supported by the built-in nginx-vhosts plugin.
By default, buildpack apps and dockerfile apps without explicitly exposed ports (i.e. using the EXPOSE directive) will be configured with a listener on port 80 (and additionally a listener on 443 if ssl is enabled) that will proxy to the application container on port 5000. Dockerfile apps with explicitly exposed ports will be configured with a listener on each exposed port and will proxy to that same port of the deployed application container.
Note
This default behavior will not be automatically changed on subsequent pushes and must be manipulated with the ports:* commands detailed below.
"},{"location":"networking/port-management/#port-scheme","title":"Port Scheme","text":"The proxy port scheme is as follows:
SCHEME:HOST_PORT:CONTAINER_PORT
The scheme metadata can be used by proxy implementations in order to properly handle proxying of requests. For example, the built-in nginx-vhosts proxy implementation supports the http, https, grpc and grpcs schemes. For the grpc and grpcs see nginx blog post on grpc.
Developers of proxy implementations are encouraged to use whatever schemes make the most sense, and ignore configurations which they do not support. For instance, a udp proxy implementation can safely ignore http and https port mappings.
To change the proxy implementation in use for an application, use the proxy:set command:
# no validation will be performed against\n# the specified proxy implementation\ndokku proxy:set node-js-app nginx\n
"},{"location":"networking/port-management/#listing-port-mappings","title":"Listing port mappings","text":"To inspect the port mapping for a given application, use the ports:list command:
ShellOutput dokku ports:list node-js-app\n
-----> Port mappings for node-js-app\n-----> scheme host port container port\nhttp 80 5000\n
The above application is listening on the host's port 80, which we can test via curl:
ShellOutput curl http://node-js-app.dokku.me\n
Hello World!\n
"},{"location":"networking/port-management/#adding-a-custom-port-mapping","title":"Adding a custom port mapping","text":"There are cases where we may wish for the service to be listening on more than one port, such as port 8080. Normally, this would not be possible:
ShellOutput curl http://node-js-app.dokku.me:8080\n
curl: (7) Failed to connect to node-js-app.dokku.me port 8080: Connection refused\n
However, we can use the ports:add command to add a second external port mapping - 8080 - to our application's port 5000.
ShellOutput dokku ports:add node-js-app http:8080:5000\n
-----> Configuring node-js-app.dokku.me...(using built-in template)\n-----> Creating http nginx.conf\n Reloading nginx\n
We can now test that port 80 still responds properly:
ShellOutput curl http://node-js-app.dokku.me\n
Hello World!\n
And our new listening port of 8080 also works:
ShellOutput curl http://node-js-app.dokku.me:8080\n
Hello World!\n
"},{"location":"networking/port-management/#setting-all-port-mappings-at-once","title":"Setting all port mappings at once","text":"Port mappings can also be force set using the ports:set command.
ShellOutput dokku ports:set node-js-app http:8080:5000\n
-----> Configuring node-js-app.dokku.me...(using built-in template)\n-----> Creating http nginx.conf\n Reloading nginx\n
"},{"location":"networking/port-management/#removing-a-port-mapping","title":"Removing a port mapping","text":"A port mapping can be removed using the ports:remove command if it no longer necessary:
dokku ports:remove node-js-app http:80:5000\n
Ports may also be removed by specifying only the host-port value. This effectively acts as a wildcard and removes all mappings for that particular host port.
dokku ports:remove node-js-app http:80\n
"},{"location":"networking/port-management/#port-management-by-deployment-method","title":"Port management by Deployment Method","text":"Warning
If you set a port map but do not have a global domain set, Dokku will reset that map upon first deployment.
"},{"location":"networking/port-management/#buildpacks","title":"Buildpacks","text":"For buildpack deployments, your application must respect the PORT environment variable. We will typically set this to port 5000, but this is not guaranteed. If you do not respect the PORT environment variable, your containers may start but your services will not be accessible outside of that container.
"},{"location":"networking/port-management/#dockerfile","title":"Dockerfile","text":"Info
Changed as of 0.5.0
Dokku's default proxy implementation - nginx - supports HTTP and GRPC request proxying. At this time, we do not support proxying plain TCP or UDP ports. UDP ports can be exposed by disabling the nginx proxy with dokku proxy:disable myapp and manually exposing the ports via the docker-options plugin. For example, dokku docker-options:add myapp deploy \"-p 2456:2456/udp\". If you would like to investigate alternative proxy methods, please refer to our proxy management documentation.
"},{"location":"networking/port-management/#applications-using-expose","title":"Applications using EXPOSE","text":"Dokku will extract all tcp ports exposed using the EXPOSE directive (one port per line) and setup nginx to proxy the same port numbers to listen publicly. If you would like to change the exposed port, you should do so within your Dockerfile.
For example, if the Dokku installation is configured with the domain dokku.me and an application named node-js-app is deployed with following Dockerfile:
FROM ubuntu:24.04\nEXPOSE 1234\nCMD python3 -m SimpleHTTPServer 1234\n
The application would be exposed to the user at node-js-app.dokku.me:1234. If this is not desired, the following application configuration may be applied:
# add a port mapping to port 80\ndokku ports:add node-js-app http:80:1234\n\n# remove the incorrect port mapping\ndokku ports:remove node-js-app http:1234:1234\n
"},{"location":"networking/port-management/#applications-not-using-expose","title":"Applications not using EXPOSE","text":"Any application that does not use an EXPOSE directive will result in Dokku defaulting to port 5000. This behavior mimics the behavior of a Buildpack deploy. If your application does not support the PORT environment variable, then you will either need to:
- modify your application to support the
PORT environment variable. - switch to using an
EXPOSE directive in your Dockerfile.
"},{"location":"networking/port-management/#displaying-ports-reports-for-an-app","title":"Displaying ports reports for an app","text":"You can get a report about the app's ports status using the ports:report command:
ShellOutput dokku ports:report\n
=====> node-js-app ports information\n Port map detected: http:80:5000\n Port map: http:80:5000 https:443:5000\n=====> python-sample ports information\n Port map detected: http:80:5000\n Port map: http:80:5000\n=====> ruby-sample ports information\n Port map detected: http:80:5000\n Port map: http:80:5000\n
You can run the command for a specific app also.
ShellOutput dokku ports:report node-js-app\n
=====> node-js-app ports information\n Port map detected: http:80:5000\n Port map: http:80:5000 https:443:5000\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku ports:report node-js-app --ports-map\n
"},{"location":"networking/proxy-management/","title":"Proxy Management","text":"New
Introduced in 0.5.0, Enhanced in 0.6.0
proxy:build-config [--parallel count] [--all|<app>] # (Re)builds config for given app\nproxy:clear-config [--all|<app>] # Clears config for given app\nproxy:disable [--parallel count] [--all|<app>] # Disable proxy for app\nproxy:enable [--parallel count] [--all|<app>] # Enable proxy for app\nproxy:report [<app>] [<flag>] # Displays a proxy report for one or more apps\nproxy:set [<app>|--global] <proxy-type> # Set proxy type for app\n
In Dokku 0.5.0, port proxying was decoupled from the nginx-vhosts plugin into the proxy plugin. Dokku 0.6.0 introduced the ability to map host ports to specific container ports. This allows other proxy software - such as HAProxy or Caddy - to be used in place of nginx.
"},{"location":"networking/proxy-management/#usage","title":"Usage","text":""},{"location":"networking/proxy-management/#changing-the-proxy","title":"Changing the proxy","text":"The default proxy shipped with Dokku is nginx. It can be changed via the proxy:set command.
ShellOutput dokku proxy:set node-js-app caddy\n
-----> Setting config vars\n DOKKU_APP_PROXY_TYPE: caddy\n
The proxy may also be set on a global basis. This is usually preferred as running multiple proxy implementations may cause port collision issues.
ShellOutput dokku proxy:set --global caddy\n
-----> Setting config vars\n DOKKU_PROXY_TYPE: caddy\n
Changing the proxy does not stop or start any given proxy implementation. Please see the documentation for your proxy implementation for details on how to perform a change.
"},{"location":"networking/proxy-management/#regenerating-proxy-config","title":"Regenerating proxy config","text":"In certain cases, your app proxy configs may drift from the correct config for your app. You may regenerate the config at any point via the proxy:build-config command. This command will trigger a rebuild for the configured proxy implementation (default: nginx) for a given app. The command may fail if there are no current web listeners for your app.
dokku proxy:build-config node-js-app\n
All apps may have their proxy config rebuilt by using the --all flag.
dokku proxy:build-config --all\n
By default, rebuilding proxy configs for all apps happens serially. The parallelism may be controlled by the --parallel flag.
dokku proxy:build-config --all --parallel 2\n
Finally, the number of parallel workers may be automatically set to the number of CPUs available by setting the --parallel flag to -1
dokku proxy:build-config --all --parallel -1\n
"},{"location":"networking/proxy-management/#clearing-the-generated-proxy-config","title":"Clearing the generated proxy config","text":"New
Introduced in 0.27.0
Generated proxy configurations can also be cleared using the proxy:clear-config command.
dokku proxy:clear-config node-js-app\n
All apps may have their proxy config cleared by using the --all flag.
dokku proxy:clear-config --all\n
Clearing a proxy configuration has different effects depending on the proxy plugin in use. Consul the documentation for your proxy implementation for further details.
"},{"location":"networking/proxy-management/#displaying-proxy-reports-for-an-app","title":"Displaying proxy reports for an app","text":"New
Introduced in 0.8.1
You can get a report about the app's proxy status using the proxy:report command:
ShellOutput dokku proxy:report\n
=====> node-js-app proxy information\n Proxy enabled: true\n Proxy type: nginx\n=====> python-sample proxy information\n Proxy enabled: true\n Proxy type: nginx\n=====> ruby-sample proxy information\n Proxy enabled: true\n Proxy type: nginx\n
You can run the command for a specific app also.
ShellOutput dokku proxy:report node-js-app\n
=====> node-js-app proxy information\n Proxy enabled: true\n Proxy type: nginx\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku proxy:report node-js-app --proxy-type\n
"},{"location":"networking/proxy-management/#proxy-port-scheme","title":"Proxy Port Scheme","text":"See the port scheme documentation for more information on the port mapping scheme used by dokku.
"},{"location":"networking/proxy-management/#proxy-port-mapping","title":"Proxy port mapping","text":"See the port management documentation for more information on how port mappings are managed for an application.
"},{"location":"networking/proxy-management/#container-network-interface-binding","title":"Container network interface binding","text":"Info
Changed as of 0.11.0
From Dokku versions 0.5.0 until 0.11.0, enabling or disabling an application's proxy would also control whether or not the application was bound to all interfaces - e.g. 0.0.0.0. As of 0.11.0, this is now controlled by the network plugin. Please see the network documentation for more information.
"},{"location":"networking/proxy-management/#implementing-a-proxy","title":"Implementing a Proxy","text":"Custom plugins names must have the suffix -vhosts or scheduler overriding via proxy:set may not function as expected.
At this time, the following dokku commands are used to interact with a complete proxy implementation.
domains:add: Adds a given domain to an app. - triggers:
post-domains-update
domains:clear: Clears out an app's associated domains. - triggers:
post-domains-update
domains:disable: Disables domains for an app. - triggers:
pre-disable-vhost
domains:enable: Enables domains for an app. - triggers:
pre-enable-vhost
domains:remove: Removes a domain from an app. - triggers:
post-domains-update
domains:set: Sets all domains for a given app. - triggers:
post-domains-update
proxy:build-config: Builds - or rebuilds - external proxy configuration. - triggers:
proxy-build-config
proxy:clear-config: Clears out external proxy configuration. - triggers:
proxy-clear-config
proxy:disable: Disables the proxy configuration for an app. - triggers:
proxy-disable
proxy:enable: Enables the proxy configuration for an app. - triggers:
proxy-enable
ports:add: Adds one or more port mappings to an app - triggers:
post-proxy-ports-update
ports:clear: Clears out all port mappings for an app. - triggers:
post-proxy-ports-update
ports:remove: Removes one or more port mappings from an app. - triggers:
post-proxy-ports-update
ports:set: Sets all port mappings for an app. - triggers:
post-proxy-ports-update
Proxy implementations may decide to omit some functionality here, or use plugin triggers to supplement config with information from other plugins.
Individual proxy implementations may trigger app rebuilds, depending on how proxy metadata is exposed for the proxy implementation.
Finally, proxy implementations may install extra software needed for the proxy itself in whatever manner deemed fit. Proxy software can run on the host itself or within a running Docker container with either exposed ports or host networking.
"},{"location":"networking/proxies/caddy/","title":"Caddy Proxy","text":"New
Introduced in 0.28.0
Dokku provides integration with the Caddy proxy service by utilizing the Docker label-based integration implemented by Caddy.
caddy:report [<app>] [<flag>] # Displays a caddy report for one or more apps\ncaddy:logs [--num num] [--tail] # Display caddy log output\ncaddy:set <app> <property> (<value>) # Set or clear an caddy property for an app\ncaddy:show-config <app> # Display caddy compose config\ncaddy:start # Starts the caddy server\ncaddy:stop # Stops the caddy server\n
"},{"location":"networking/proxies/caddy/#requirements","title":"Requirements","text":"Using the caddy plugin integration requires the docker-compose-plugin for Docker. See this document from the Docker documentation for more information on the installation process for the docker-compose-plugin.
"},{"location":"networking/proxies/caddy/#usage","title":"Usage","text":"Warning
As using multiple proxy plugins on a single Dokku installation can lead to issues routing requests to apps, doing so should be avoided. As the default proxy implementation is nginx, users are encouraged to stop the nginx service before switching to Caddy.
The Caddy plugin has specific rules for routing requests:
- Caddy integration is exposed via docker labels attached to containers. Changes in labels require either app deploys or rebuilds.
- While Caddy will respect labels associated with other containers, only
web containers have Caddy labels injected by the plugin. - Only
http:80 and https:443 port mappings are supported. - Caddy will automatically enable SSL if the letsencrypt email property is set. SSL will be disabled otherwise.
- If no
http:80 mapping is found, the first http port mapping is used for http requests. - If no
https:443 mapping is found, the first https port mapping is used for https requests. - If no
https mapping is found, the container port from http:80 will be used for https requests. - Requests are routed as soon as the container is running and passing healthchecks.
"},{"location":"networking/proxies/caddy/#switching-to-caddy","title":"Switching to Caddy","text":"To use the Caddy plugin, use the proxy:set command for the app in question:
dokku proxy:set node-js-app caddy\n
This will enable the docker label-based Caddy integration. All future deploys will inject the correct labels for Caddy to read and route requests to containers. Due to the docker label-based integration used by Caddy, a single deploy or rebuild will be required before requests will route successfully.
dokku ps:rebuild node-js-app\n
Any changes to domains or port mappings will also require either a deploy or rebuild.
"},{"location":"networking/proxies/caddy/#starting-caddy-container","title":"Starting Caddy container","text":"Caddy can be started via the caddy:start command. This will start a Caddy container via the docker compose up command.
dokku caddy:start\n
"},{"location":"networking/proxies/caddy/#stopping-the-caddy-container","title":"Stopping the Caddy container","text":"Caddy may be stopped via the caddy:stop command.
dokku caddy:stop\n
The Caddy container will be stopped and removed from the system. If the container is not running, this command will do nothing.
"},{"location":"networking/proxies/caddy/#showing-the-caddy-compose-config","title":"Showing the Caddy compose config","text":"For debugging purposes, it may be useful to show the Caddy compose config. This can be achieved via the caddy:show-config command.
dokku caddy:show-config\n
"},{"location":"networking/proxies/caddy/#customizing-the-caddy-container-image","title":"Customizing the Caddy container image","text":"While the default Caddy image is hardcoded, users may specify an alternative by setting the image property with the --global flag:
dokku caddy:set --global image lucaslorentz/caddy-docker-proxy:2.7\n
"},{"location":"networking/proxies/caddy/#checking-the-caddy-containers-logs","title":"Checking the Caddy container's logs","text":"It may be necessary to check the Caddy container's logs to ensure that Caddy is operating as expected. This can be performed with the caddy:logs command.
dokku caddy:logs\n
This command also supports the following modifiers:
--num NUM # the number of lines to display\n--tail # continually stream logs\n
You can use these modifiers as follows:
dokku caddy:logs --tail --num 10\n
The above command will show logs continually from the caddy container, with an initial history of 10 log lines
"},{"location":"networking/proxies/caddy/#changing-the-caddy-log-level","title":"Changing the Caddy log level","text":"Caddy log output is set to ERROR by default. It may be changed by setting the log-level property with the --global flag:
dokku caddy:set --global log-level DEBUG\n
After modifying, the Caddy container will need to be restarted.
"},{"location":"networking/proxies/caddy/#ssl-configuration","title":"SSL Configuration","text":"The caddy plugin only supports automatic ssl certificates from it's letsencrypt integration. Managed certificates provided by the certs plugin are ignored.
"},{"location":"networking/proxies/caddy/#enabling-letsencrypt-integration","title":"Enabling letsencrypt integration","text":"By default, letsencrypt is disabled and https port mappings are ignored. To enable, set the letsencrypt-email property with the --global flag:
dokku caddy:set --global letsencrypt-email automated@dokku.sh\n
After enabling, the Caddy container will need to be restarted and apps will need to be rebuilt. All http requests will then be redirected to https.
"},{"location":"networking/proxies/caddy/#customizing-the-letsencrypt-server","title":"Customizing the letsencrypt server","text":"The letsencrypt integration is set to the production letsencrypt server by default. To change this, set the letsencrypt-server property with the --global flag:
dokku caddy:set --global letsencrypt-server https://acme-staging-v02.api.letsencrypt.org/directory\n
After enabling, the Caddy container will need to be restarted and apps will need to be rebuilt to retrieve certificates from the new server.
"},{"location":"networking/proxies/caddy/#using-caddys-internal-tls-server","title":"Using Caddy's Internal TLS server","text":"To switch to Caddy's internal TLS server for certificate provisioning, set the tls-internal property. This can only be set on a per-app basis.
dokku caddy:set node-js-app tls-internal true\n
"},{"location":"networking/proxies/caddy/#displaying-caddy-reports-for-an-app","title":"Displaying Caddy reports for an app","text":"You can get a report about the app's Caddy config using the caddy:report command:
ShellOutput dokku caddy:report\n
=====> node-js-app caddy information\n Caddy image: lucaslorentz/caddy-docker-proxy:2.7\n Caddy letsencrypt email:\n Caddy letsencrypt server:\n Caddy log level: ERROR\n Caddy polling interval: 5s\n Caddy tls internal: false\n=====> python-app caddy information\n Caddy image: lucaslorentz/caddy-docker-proxy:2.7\n Caddy letsencrypt email:\n Caddy letsencrypt server:\n Caddy log level: ERROR\n Caddy polling interval: 5s\n Caddy tls internal: false\n=====> ruby-app caddy information\n Caddy image: lucaslorentz/caddy-docker-proxy:2.7\n Caddy letsencrypt email:\n Caddy letsencrypt server:\n Caddy log level: ERROR\n Caddy polling interval: 5s\n Caddy tls internal: false\n
You can run the command for a specific app also.
ShellOutput dokku caddy:report node-js-app\n
=====> node-js-app caddy information\n Caddy image: lucaslorentz/caddy-docker-proxy:2.7\n Caddy letsencrypt email:\n Caddy letsencrypt server:\n Caddy log level: ERROR\n Caddy polling interval: 5s\n Caddy tls internal: false\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku caddy:report node-js-app --caddy-image\n
"},{"location":"networking/proxies/haproxy/","title":"Haproxy Proxy","text":"New
Introduced in 0.28.0
Dokku provides integration with the Haproxy proxy service by utilizing the Docker label-based integration implemented by EasyHaproxy.
haproxy:report [<app>] [<flag>] # Displays a haproxy report for one or more apps\nhaproxy:logs [--num num] [--tail] # Display haproxy log output\nhaproxy:set <app> <property> (<value>) # Set or clear an haproxy property for an app\nhaproxy:show-config <app> # Display haproxy compose config\nhaproxy:start # Starts the haproxy server\nhaproxy:stop # Stops the haproxy server\n
"},{"location":"networking/proxies/haproxy/#requirements","title":"Requirements","text":"Using the haproxy plugin integration requires the docker-compose-plugin for Docker. See this document from the Docker documentation for more information on the installation process for the docker-compose-plugin.
"},{"location":"networking/proxies/haproxy/#usage","title":"Usage","text":"Warning
As using multiple proxy plugins on a single Dokku installation can lead to issues routing requests to apps, doing so should be avoided. As the default proxy implementation is nginx, users are encouraged to stop the nginx service before switching to Haproxy.
The Haproxy plugin has specific rules for routing requests:
- Haproxy integration is exposed via docker labels attached to containers. Changes in labels require either app deploys or rebuilds.
- While Haproxy will respect labels associated with other containers, only
web containers have Haproxy labels injected by the plugin. - Only
http:80 and https:443 port mappings are supported at this time. - Requests are routed as soon as the container is running and passing healthchecks.
"},{"location":"networking/proxies/haproxy/#switching-to-haproxy","title":"Switching to Haproxy","text":"To use the Haproxy plugin, use the proxy:set command for the app in question:
dokku proxy:set node-js-app haproxy\n
This will enable the docker label-based Haproxy integration. All future deploys will inject the correct labels for Haproxy to read and route requests to containers. Due to the docker label-based integration used by Haproxy, a single deploy or rebuild will be required before requests will route successfully.
dokku ps:rebuild node-js-app\n
Any changes to domains or port mappings will also require either a deploy or rebuild.
"},{"location":"networking/proxies/haproxy/#starting-haproxy-container","title":"Starting Haproxy container","text":"Haproxy can be started via the haproxy:start command. This will start a Haproxy container via the docker compose up command.
dokku haproxy:start\n
"},{"location":"networking/proxies/haproxy/#stopping-the-haproxy-container","title":"Stopping the Haproxy container","text":"Haproxy may be stopped via the haproxy:stop command.
dokku haproxy:stop\n
The Haproxy container will be stopped and removed from the system. If the container is not running, this command will do nothing.
"},{"location":"networking/proxies/haproxy/#showing-the-haproxy-compose-config","title":"Showing the Haproxy compose config","text":"For debugging purposes, it may be useful to show the Haproxy compose config. This can be achieved via the haproxy:show-config command.
dokku haproxy:show-config\n
"},{"location":"networking/proxies/haproxy/#customizing-the-haproxy-container-image","title":"Customizing the Haproxy container image","text":"While the default Haproxy image is hardcoded, users may specify an alternative by setting the image property with the --global flag:
dokku haproxy:set --global image byjg/easy-haproxy:4.0.0\n
"},{"location":"networking/proxies/haproxy/#checking-the-haproxy-containers-logs","title":"Checking the Haproxy container's logs","text":"It may be necessary to check the Haproxy container's logs to ensure that Haproxy is operating as expected. This can be performed with the haproxy:logs command.
dokku haproxy:logs\n
This command also supports the following modifiers:
--num NUM # the number of lines to display\n--tail # continually stream logs\n
You can use these modifiers as follows:
dokku haproxy:logs --tail --num 10\n
The above command will show logs continually from the vector container, with an initial history of 10 log lines
"},{"location":"networking/proxies/haproxy/#changing-the-haproxy-log-level","title":"Changing the Haproxy log level","text":"Haproxy log output is set to ERROR by default. It may be changed by setting the log-level property with the --global flag:
dokku haproxy:set --global log-level DEBUG\n
After modifying, the Haproxy container will need to be restarted.
"},{"location":"networking/proxies/haproxy/#ssl-configuration","title":"SSL Configuration","text":"The haproxy plugin only supports automatic ssl certificates from it's letsencrypt integration. Managed certificates provided by the certs plugin are ignored.
"},{"location":"networking/proxies/haproxy/#enabling-letsencrypt-integration","title":"Enabling letsencrypt integration","text":"By default, letsencrypt is disabled and https port mappings are ignored. To enable, set the letsencrypt-email property with the --global flag:
dokku haproxy:set --global letsencrypt-email automated@dokku.sh\n
After enabling, the Haproxy container will need to be restarted and apps will need to be rebuilt. All http requests will then be redirected to https.
"},{"location":"networking/proxies/haproxy/#customizing-the-letsencrypt-server","title":"Customizing the letsencrypt server","text":"The letsencrypt integration is set to the production letsencrypt server by default. To change this, set the letsencrypt-server property with the --global flag:
dokku haproxy:set --global letsencrypt-server https://acme-staging-v02.api.letsencrypt.org/directory\n
After enabling, the Haproxy container will need to be restarted and apps will need to be rebuilt to retrieve certificates from the new server.
"},{"location":"networking/proxies/haproxy/#displaying-haproxy-reports-for-an-app","title":"Displaying Haproxy reports for an app","text":"You can get a report about the app's Haproxy config using the haproxy:report command:
ShellOutput dokku haproxy:report\n
=====> node-js-app haproxy information\n Haproxy image: byjg/easy-haproxy:4.0.0\n=====> python-app haproxy information\n Haproxy image: byjg/easy-haproxy:4.0.0\n=====> ruby-app haproxy information\n Haproxy image: byjg/easy-haproxy:4.0.0\n
You can run the command for a specific app also.
ShellOutput dokku haproxy:report node-js-app\n
=====> node-js-app haproxy information\n Haproxy image: byjg/easy-haproxy:4.0.0\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku haproxy:report node-js-app --haproxy-image\n
"},{"location":"networking/proxies/nginx/","title":"Nginx Proxy","text":"Dokku uses nginx as its server for routing requests to specific applications. By default, access and error logs are written for each app to /var/log/nginx/${APP}-access.log and /var/log/nginx/${APP}-error.log respectively
nginx:access-logs <app> [-t] # Show the nginx access logs for an application (-t follows)\nnginx:error-logs <app> [-t] # Show the nginx error logs for an application (-t follows)\nnginx:report [<app>] [<flag>] # Displays a nginx report for one or more apps\nnginx:set <app> <property> (<value>) # Set or clear an nginx property for an app\nnginx:show-config <app> # Display app nginx config\nnginx:start # Starts the nginx server\nnginx:stop # Stops the nginx server\nnginx:validate-config [<app>] [--clean] # Validates and optionally cleans up invalid nginx configurations\n
"},{"location":"networking/proxies/nginx/#usage","title":"Usage","text":"Warning
As using multiple proxy plugins on a single Dokku installation can lead to issues routing requests to apps, doing so should be avoided.
"},{"location":"networking/proxies/nginx/#request-proxying","title":"Request Proxying","text":"By default, the web process is the only process proxied by the nginx proxy implementation. Proxying to other process types may be handled by a custom nginx.conf.sigil file, as generally described below
Nginx will proxy the requests in a round-robin balancing fashion to the different deployed (scaled) containers running the web proctype. This way, the host's resources can be fully leveraged for single-threaded applications (e.g. dokku ps:scale node-js-app web=4 on a 4-core machine).
Note
Due to how the plugin is implemented, if an app successfully starts up web containers but fails to deploy some other containers, nginx may eventually stop routing requests. Users should revert their code in these cases, or manually trigger dokku proxy:build-config $APP in order to ensure requests route to the new web containers.
"},{"location":"networking/proxies/nginx/#starting-nginx","title":"Starting nginx","text":"New
Introduced in 0.28.0
The nginx server can be started via nginx:start.
dokku nginx:start\n
"},{"location":"networking/proxies/nginx/#stopping-nginx","title":"Stopping nginx","text":"New
Introduced in 0.28.0
The nginx server can be stopped via nginx:stop.
dokku nginx:stop\n
"},{"location":"networking/proxies/nginx/#checking-access-logs","title":"Checking access logs","text":"Note
Changing this value globally or on a per-app basis will require rebuilding the nginx config via the proxy:build-config command.
You may check nginx access logs via the nginx:access-logs command. This assumes that app access logs are being stored in /var/log/nginx/$APP-access.log, as is the default in the generated nginx.conf.
dokku nginx:access-logs node-js-app\n
You may also follow the logs by specifying the -t flag.
dokku nginx:access-logs node-js-app -t\n
"},{"location":"networking/proxies/nginx/#checking-error-logs","title":"Checking error logs","text":"You may check nginx error logs via the nginx:error-logs command. This assumes that app error logs are being stored in /var/log/nginx/$APP-error.log, as is the default in the generated nginx.conf.
dokku nginx:error-logs node-js-app\n
You may also follow the logs by specifying the -t flag.
dokku nginx:error-logs node-js-app -t\n
"},{"location":"networking/proxies/nginx/#showing-the-nginx-config","title":"Showing the nginx config","text":"For debugging purposes, it may be useful to show the nginx config. This can be achieved via the nginx:show-config command.
dokku nginx:show-config node-js-app\n
"},{"location":"networking/proxies/nginx/#validating-nginx-configs","title":"Validating nginx configs","text":"It may be desired to validate an nginx config outside of the deployment process. To do so, run the nginx:validate-config command. With no arguments, this will validate all app nginx configs, one at a time. A minimal wrapper nginx config is generated for each app's nginx config, upon which nginx -t will be run.
dokku nginx:validate-config\n
As app nginx configs are actually executed within a shared context, it is possible for an individual config to be invalid when being validated standalone but also be valid within the global server context. As such, the exit code for the nginx:validate-config command is the exit code of nginx -t against the server's real nginx config.
The nginx:validate-config command also takes an optional --clean flag. If specified, invalid nginx configs will be removed.
Warning
Invalid app nginx config's will be removed even if the config is valid in the global server context.
dokku nginx:validate-config --clean\n
The --clean flag may also be specified for a given app:
dokku nginx:validate-config node-js-app --clean\n
"},{"location":"networking/proxies/nginx/#custom-error-pages","title":"Custom Error Pages","text":"By default, Dokku provides custom error pages for the following three categories of errors:
- 4xx: For all non-404 errors with a 4xx response code.
- 404: For \"404 Not Found\" errors.
- 5xx: For all 5xx error responses
These are provided as an alternative to the generic Nginx error page, are shared for all applications, and their contents are located on disk at /var/lib/dokku/data/nginx-vhosts/dokku-errors. To customize them for a specific app, create a custom nginx.conf.sigil as described above and change the paths to point elsewhere.
"},{"location":"networking/proxies/nginx/#default-site","title":"Default site","text":"By default, Dokku will route any received request with an unknown HOST header value to the lexicographically first site in the nginx config stack. This means that accessing the dokku server via its IP address or a bogus domain name may return a seemingly random website.
Warning
Some versions of Nginx may create a default site when installed. This site is simply a static page which says \"Welcome to Nginx\", and if this default site is enabled, Nginx will not route any requests with an unknown HOST header to Dokku. If you want Dokku to receive all requests, run the following commands:
rm /etc/nginx/sites-enabled/default\ndokku nginx:stop\ndokku nginx:start\n
If services should only be accessed via their domain name, you may want to disable the default site by adding the following configuration to the global nginx configuration.
Create the file at /etc/nginx/conf.d/00-default-vhost.conf:
server {\n listen 80 default_server;\n listen [::]:80 default_server;\n\n # If services hosted by dokku are available via HTTPS, it is recommended\n # to also uncomment the following section.\n #\n # Please note that in order to let this work, you need an SSL certificate. However\n # it does not need to be valid. Users of Debian-based distributions can install the\n # `ssl-cert` package with `sudo apt install ssl-cert` to automatically generate\n # a self-signed certificate that is stored at `/etc/ssl/certs/ssl-cert-snakeoil.pem`.\n #\n #listen 443 ssl;\n #listen [::]:443 ssl;\n #ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem;\n #ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key;\n\n server_name _;\n access_log off;\n return 444;\n}\n
Make sure to reload nginx after creating this file by running systemctl reload nginx.service.
This will catch all unknown HOST header values and close the connection without responding. You can replace the return 444; with return 410; which will cause nginx to respond with an error page.
The configuration file must be loaded before /etc/nginx/conf.d/dokku.conf, so it can not be arranged as a vhost in /etc/nginx/sites-enabled that is only processed afterwards.
Alternatively, you may push an app to your Dokku host with a name like \"00-default\". As long as it lists first in ls /home/dokku/*/nginx.conf | head, it will be used as the default nginx vhost.
"},{"location":"networking/proxies/nginx/#customizing-the-nginx-configuration","title":"Customizing the nginx configuration","text":"New
Introduced in 0.5.0
Dokku uses a templating library by the name of sigil to generate nginx configuration for each app. This may be overridden by committing the default configuration template to a file named nginx.conf.sigil.
The nginx.conf.sigil is expected to be found in a specific directory, depending on the deploy approach:
- The
WORKDIR of the Docker image for deploys resulting from git:from-image and git:load-image commands. - The root of the source code tree for all other deploys (git push,
git:from-archive, git:sync).
Sometimes it may be desirable to set a different path for a given app, e.g. when deploying from a monorepo. This can be done via the nginx-conf-sigil-path property:
dokku nginx:set node-js-app nginx-conf-sigil-path .dokku/nginx.conf.sigil\n
The value is the path to the desired file relative to the base search directory, and will never be treated as absolute paths in any context. If that file does not exist within the repository, Dokku will continue the build process as if the repository has no nginx.conf.sigil.
The default value may be set by passing an empty value for the option:
dokku nginx:set node-js-app nginx-conf-sigil-path\n
The nginx-conf-sigil-path property can also be set globally. The global default is nginx.conf.sigil, and the global value is used when no app-specific value is set.
dokku nginx:set --global nginx-conf-sigil-path nginx.conf.sigil\n
The default value may be set by passing an empty value for the option.
dokku nginx:set --global nginx-conf-sigil-path\n
Info
The default template may change with new releases of Dokku. Please refer to the appropriate template file version for your Dokku version, and make sure to look out for changes when you upgrade.
"},{"location":"networking/proxies/nginx/#disabling-custom-nginx-config","title":"Disabling custom nginx config","text":"Note
Changing this value globally or on a per-app basis will require rebuilding the nginx config via the proxy:build-config command.
While enabled by default, using a custom nginx config can be disabled via nginx:set. This may be useful in cases where you do not want to allow users to override any higher-level customization of app nginx config.
# enable fetching custom config (default)\ndokku nginx:set node-js-app disable-custom-config false\n\n# disable fetching custom config\ndokku nginx:set node-js-app disable-custom-config true\n
Unsetting this value is the same as enabling custom nginx config usage.
"},{"location":"networking/proxies/nginx/#available-template-variables","title":"Available template variables","text":"{{ .APP }} Application name\n{{ .APP_SSL_PATH }} Path to SSL certificate and key\n{{ .DOKKU_ROOT }} Global Dokku root directory (ex: app dir would be `{{ .DOKKU_ROOT }}/{{ .APP }}`)\n{{ .PROXY_PORT }} Non-SSL nginx listener port (same as `DOKKU_PROXY_PORT` config var)\n{{ .PROXY_SSL_PORT }} SSL nginx listener port (same as `DOKKU_PROXY_SSL_PORT` config var)\n{{ .NOSSL_SERVER_NAME }} List of non-SSL VHOSTS\n{{ .PROXY_PORT_MAP }} List of port mappings (same as the `map` ports property)\n{{ .PROXY_UPSTREAM_PORTS }} List of configured upstream ports (derived from the `map` ports property)\n{{ .SSL_INUSE }} Boolean set when an app is SSL-enabled\n{{ .SSL_SERVER_NAME }} List of SSL VHOSTS\n
Finally, each process type has it's network listeners - a list of IP:PORT pairs for the respective app containers - exposed via an .DOKKU_APP_${PROCESS_TYPE}_LISTENERS variable - the PROCESS_TYPE will be upper-cased with hyphens transformed into underscores. Users can use the new variables to expose non-web processes via the nginx proxy.
Note
Application environment variables are available for use in custom templates. To do so, use the form of {{ var \"FOO\" }} to access a variable named FOO.
"},{"location":"networking/proxies/nginx/#customizing-via-configuration-files-included-by-the-default-templates","title":"Customizing via configuration files included by the default templates","text":"The default nginx.conf template will include everything from your apps nginx.conf.d/ subdirectory in the main server {} block (see above):
include {{ .DOKKU_ROOT }}/{{ .APP }}/nginx.conf.d/*.conf;\n
That means you can put additional configuration in separate files. To increase the client request header timeout, the following can be performed:
mkdir /home/dokku/node-js-app/nginx.conf.d/\necho 'client_header_timeout 50s;' > /home/dokku/node-js-app/nginx.conf.d/timeout.conf\nchown dokku:dokku /home/dokku/node-js-app/nginx.conf.d/upload.conf\nservice nginx reload\n
The example above uses additional configuration files directly on the Dokku host. Unlike the nginx.conf.sigil file, these additional files will not be copied over from your application repo, and thus need to be placed in the /home/dokku/node-js-app/nginx.conf.d/ directory manually.
For PHP Buildpack users, you will also need to provide a Procfile and an accompanying nginx.conf file to customize the nginx config within the container. The following are example contents for your Procfile
web: vendor/bin/heroku-php-nginx -C nginx.conf -i php.ini php/\n
Your nginx.conf file - not to be confused with Dokku's nginx.conf.sigil - would also need to be configured as shown in this example:
client_header_timeout 50s;\nlocation / {\n index index.php;\n try_files $uri $uri/ /index.php$is_args$args;\n}\n
Please adjust the Procfile and nginx.conf file as appropriate.
"},{"location":"networking/proxies/nginx/#setting-properties-for-the-nginx-config","title":"Setting Properties for the nginx config","text":"The nginx plugin exposes a variety of properties configurable via the nginx:set command. The properties are used to configure the generated nginx.conf file from the nginx.conf.sigil template. The value precedence is app-specific, then global, and finally the Dokku default.
The nginx:set command takes an app name or the --global flag.
# set a property for the node-js-app\ndokku nginx:set node-js-app property-name some-value\n\n# set a property globally\ndokku nginx:set --global property-name some-value\n
Additionally, setting an empty value will result in reverting the value back to it's default. For app-specific values, this means that Dokku will revert to the globally specified (or global default) value.
# default the value back to the global value for node-js-app\ndokku nginx:set node-js-app property-name\n\n# use the dokku default as the global value\ndokku nginx:set --global property-name\n
Changing these value globally or on a per-app basis will require rebuilding the nginx config via the proxy:build-config command.
Warning
Validation is not performed against the values, and they are used as is within Dokku.
Property Default Type Explanation access-log-format empty string string Name of custom log format to use (log format must be specified elsewhere) access-log-path ${NGINX_LOG_ROOT}/${APP}-access.log string Log path for nginx access logs (set to off to disable) bind-address-ipv4 0.0.0.0 string Default IPv4 address to bind to bind-address-ipv6 [::] string Default IPv6 address to bind to client-max-body-size 1m string Size (with units) of client request body (usually modified for file uploads) error-log-path ${NGINX_LOG_ROOT}/${APP}-error.log string Log path for nginx error logs (set to off to disable) hsts true boolean Enables or disables HSTS for your application hsts-include-subdomains true boolean Forces the browser to apply the HSTS policy to all app subdomains hsts-max-age 15724800 integer Time in seconds to cache HSTS configuration hsts-preload false boolean Tells the browser to include the domain in their HSTS preload lists nginx-conf-sigil-path nginx.conf.sigil string Path in the repository to the nginx.conf.sigil file proxy-buffer-size 8k (# is os pagesize) string Size of the buffer used for reading the first part of proxied server response proxy-buffering on string Enables or disables buffering of responses from the proxied server proxy-buffers 8 8k string Number and size of the buffers used for reading the proxied server response, for a single connection proxy-busy-buffers-size 16k string Limits the total size of buffers that can be busy sending a response to the client while the response is not yet fully read. proxy-read-timeout 60s string Timeout (with units) for reading response from your backend server underscore-in-headers off string Enables or disables the use of underscores in client request header fields. x-forwarded-for-value $remote_addr string Used for specifying the header value to set for the X-Forwarded-For header x-forwarded-port-value $server_port string Used for specifying the header value to set for the X-Forwarded-Port header x-forwarded-proto-value $scheme string Used for specifying the header value to set for the X-Forwarded-Proto header x-forwarded-ssl empty string string Less commonly used alternative to X-Forwarded-Proto (valid values: on or off)"},{"location":"networking/proxies/nginx/#binding-to-specific-addresses","title":"Binding to specific addresses","text":"Note
Users with apps that contain a custom nginx.conf.sigil file will need to modify the files to respect the new NGINX_BIND_ADDRESS_IPV4 and NGINX_BIND_ADDRESS_IPV6 variables.
Properties:
bind-address-ipv4bind-address-ipv6
This is useful in cases where the proxying should be internal to a network or if there are multiple network interfaces that should respond with different content.
"},{"location":"networking/proxies/nginx/#hsts-header","title":"HSTS Header","text":"Warning
if you enable the header and a subsequent deploy of your application results in an HTTP deploy (for whatever reason), the way the header works means that a browser will not attempt to request the HTTP version of your site if the HTTPS version fails until the max-age is reached.
Properties:
hstshsts-include-subdomainshsts-max-agehsts-preload
If SSL certificates are present, HSTS will be automatically enabled.
"},{"location":"networking/proxies/nginx/#running-behind-another-proxy-configuring-x-forwarded-headers","title":"Running behind another proxy \u2014 configuring X-Forwarded-* headers","text":"Warning
These values should only be modified if there is an intermediate Load balancer or CDN between the user and the Dokku server hosting your application.
Properties:
x-forwarded-for-valuex-forwarded-port-valuex-forwarded-proto-valuex-forwarded-ssl
Dokku's default Nginx configuration passes the de-facto standard HTTP headers X-Forwarded-For, X-Forwarded-Proto, and X-Forwarded-Port to your application. These headers indicate the IP address of the original client making the request, the protocol of the original request (HTTP or HTTPS), and the port number of the original request, respectively.
If you have another HTTP proxy sitting in between the end user and your server (for example, a load balancer, or a CDN), then the values of these headers will contain information about (e.g. the IP address of) the closest proxy, and not the end user.
To fix this, assuming that the other proxy also passes X-Forwarded-* headers, which in turn contain information about the end user, you can tell Nginx include those values in the X-Forwarded-* headers that it sends to your application. You can do this via nginx:set, like so:
dokku nginx:set node-js-app x-forwarded-for-value '$http_x_forwarded_for'\ndokku nginx:set node-js-app x-forwarded-port-value '$http_x_forwarded_port'\ndokku nginx:set node-js-app x-forwarded-proto-value '$http_x_forwarded_proto'\n
However, note that you should only do this if:
- Requests to your website always go through a trusted proxy.
- That proxy is configured to send the aforementioned
X-Forwarded-* headers.
Otherwise, if it's possible for clients to make HTTP requests directly against your server, bypassing the other proxy, or if the other proxy is not configured to set these headers, then a client can basically pass any arbitrary values for these headers (which your app then presumably reads) and thereby fake an IP address, for example.
There's also the X-Forwarded-Ssl header which a less common alternative to X-Forwarded-Proto \u2014 and because of that, isn't included in Dokku's default Nginx configuration. It can be turned on if need be:
# force-setting value to `on`\ndokku nginx:set node-js-app x-forwarded-ssl on\n
"},{"location":"networking/proxies/nginx/#changing-log-path","title":"Changing log path","text":"Warning
The defaults should not be changed without verifying that the paths will be writeable by nginx.
Properties:
access-log-patherror-log-path
These setting can be useful for enabling or disabling logging by setting the values to off.
dokku nginx:set node-js-app access-log-path off\ndokku nginx:set node-js-app error-log-path off\n
"},{"location":"networking/proxies/nginx/#changing-log-format","title":"Changing log format","text":"Properties:
acccess-log-format
Prior to changing the log-format, log formats should be specified at a file such as /etc/nginx/conf.d/00-log-formats.conf. This will ensure they are available within your app's nginx context. For instance, the following may be added to the above file. It only needs to be specified once to be used for all apps.
# /etc/nginx/conf.d/00-log-formats.conf\n# escape=json was added in nginx 1.11.8\nlog_format json_combined escape=json\n '{'\n '\"time_local\":\"$time_local\",'\n '\"remote_addr\":\"$remote_addr\",'\n '\"remote_user\":\"$remote_user\",'\n '\"request\":\"$request\",'\n '\"status\":\"$status\",'\n '\"body_bytes_sent\":\"$body_bytes_sent\",'\n '\"request_time\":\"$request_time\",'\n '\"http_referrer\":\"$http_referer\",'\n '\"http_user_agent\":\"$http_user_agent\"'\n '}';\n
"},{"location":"networking/proxies/nginx/#specifying-a-read-timeout","title":"Specifying a read timeout","text":"Note
All numeric values must have a trailing time value specified (s for seconds, m for minutes).
Properties:
proxy-read-timeout
"},{"location":"networking/proxies/nginx/#specifying-a-custom-client_max_body_size","title":"Specifying a custom client_max_body_size","text":"Note
All numerical values must have a trailing size unit specified (k for kilobytes, m for megabytes).
Properties:
client-max-body-size
This property is commonly used to increase the max file upload size.
Changing this value when using the PHP buildpack (or any other buildpack that uses an intermediary server) will require changing the value in the server config shipped with that buildpack. Consult your buildpack documentation for further details.
"},{"location":"networking/proxies/nginx/#other","title":"Other","text":""},{"location":"networking/proxies/nginx/#domains-plugin","title":"Domains plugin","text":"See the domain configuration documentation for more information on how to configure domains for your app.
"},{"location":"networking/proxies/nginx/#customizing-hostnames","title":"Customizing hostnames","text":"See the customizing hostnames documentation for more information on how to configure domains for your app.
"},{"location":"networking/proxies/nginx/#disabling-vhosts","title":"Disabling VHOSTS","text":"See the disabling vhosts documentation for more information on how to disable domain usage for your app.
"},{"location":"networking/proxies/nginx/#ssl-configuration","title":"SSL Configuration","text":"See the ssl documentation for more information on how to configure SSL certificates for your application.
"},{"location":"networking/proxies/nginx/#disabling-nginx","title":"Disabling Nginx","text":"See the proxy documentation for more information on how to disable nginx as the proxy implementation for your app.
"},{"location":"networking/proxies/nginx/#managing-proxy-port-mappings","title":"Managing Proxy Port mappings","text":"See the ports documentation for more information on how to manage ports proxied for your app.
"},{"location":"networking/proxies/nginx/#regenerating-nginx-config","title":"Regenerating nginx config","text":"See the proxy documentation for more information on how to rebuild the nginx proxy configuration for your app.
"},{"location":"networking/proxies/openresty/","title":"OpenResty Proxy","text":"New
Introduced in 0.31.0
Dokku can provide integration with the OpenResty proxy service by utilizing the Docker label-based integration implemented by openresty-docker-proxy.
openresty:report [<app>] [<flag>] # Displays a openresty report for one or more apps\nopenresty:logs [--num num] [--tail] # Display openresty log output\nopenresty:set <app> <property> (<value>) # Set or clear an openresty property for an app\nopenresty:show-config <app> # Display openresty compose config\nopenresty:start # Starts the openresty server\nopenresty:stop # Stops the openresty server\n
"},{"location":"networking/proxies/openresty/#requirements","title":"Requirements","text":"Using the openresty plugin integration requires the docker-compose-plugin for Docker. See this document from the Docker documentation for more information on the installation process for the docker-compose-plugin.
"},{"location":"networking/proxies/openresty/#usage","title":"Usage","text":"Warning
As using multiple proxy plugins on a single Dokku installation can lead to issues routing requests to apps, doing so should be avoided. As the default proxy implementation is nginx, users are encouraged to stop the nginx service before switching to OpenResty.
The OpenResty plugin has specific rules for routing requests:
- OpenResty integration is exposed via docker labels attached to containers. Changes in labels require either app deploys or rebuilds.
- While OpenResty will respect labels associated with other containers, only
web containers have OpenResty labels injected by the plugin. - Only
http:80 and https:443 port mappings are supported at this time. - Requests are routed as soon as the container is running and passing healthchecks.
"},{"location":"networking/proxies/openresty/#switching-to-openresty","title":"Switching to OpenResty","text":"To use the OpenResty plugin, use the proxy:set command for the app in question:
dokku proxy:set node-js-app openresty\n
This will enable the docker label-based OpenResty integration. All future deploys will inject the correct labels for OpenResty to read and route requests to containers. Due to the docker label-based integration used by OpenResty, a single deploy or rebuild will be required before requests will route successfully.
dokku ps:rebuild node-js-app\n
Any changes to domains or port mappings will also require either a deploy or rebuild.
"},{"location":"networking/proxies/openresty/#starting-openresty-container","title":"Starting OpenResty container","text":"OpenResty can be started via the openresty:start command. This will start a OpenResty container via the docker compose up command.
dokku openresty:start\n
"},{"location":"networking/proxies/openresty/#stopping-the-openresty-container","title":"Stopping the OpenResty container","text":"OpenResty may be stopped via the openresty:stop command.
dokku openresty:stop\n
The OpenResty container will be stopped and removed from the system. If the container is not running, this command will do nothing.
"},{"location":"networking/proxies/openresty/#showing-the-openresty-compose-config","title":"Showing the OpenResty compose config","text":"For debugging purposes, it may be useful to show the OpenResty compose config. This can be achieved via the openresty:show-config command.
dokku openresty:show-config\n
"},{"location":"networking/proxies/openresty/#customizing-the-openresty-container-image","title":"Customizing the OpenResty container image","text":"While the default OpenResty image is hardcoded, users may specify an alternative by setting the image property with the --global flag:
dokku openresty:set --global image dokku/openresty-docker-proxy:0.5.6\n
"},{"location":"networking/proxies/openresty/#checking-the-openresty-containers-logs","title":"Checking the OpenResty container's logs","text":"It may be necessary to check the OpenResty container's logs to ensure that OpenResty is operating as expected. This can be performed with the openresty:logs command.
dokku openresty:logs\n
This command also supports the following modifiers:
--num NUM # the number of lines to display\n--tail # continually stream logs\n
You can use these modifiers as follows:
dokku openresty:logs --tail --num 10\n
The above command will show logs continually from the openresty container, with an initial history of 10 log lines
"},{"location":"networking/proxies/openresty/#customizing-openresty-settings-for-an-app","title":"Customizing Openresty Settings for an app","text":""},{"location":"networking/proxies/openresty/#openresty-properties","title":"OpenResty Properties","text":"The OpenResty plugin supports all properties supported by the nginx:set command via openresty:set. At this time, please consult the nginx documentation for more information on what properties are available.
Please note that the oldest running container will be used for OpenResty configuration, and thus newer config may not apply until older app containers are retired during/after a deploy, depending on your zero-downtime settings.
"},{"location":"networking/proxies/openresty/#custom-openresty-templates","title":"Custom OpenResty Templates","text":"At this time, the OpenResty plugin does not allow complete customization of the template used to manage an app's vhost. Apps will use a template provided by the OpenResty container to proxy requests. See the next section for documentation on how to configure portions of the template.
"},{"location":"networking/proxies/openresty/#injecting-custom-snippets-into-the-openresty-config","title":"Injecting custom snippets into the OpenResty config","text":"The OpenResty plugin allows users to specify templates in their repository for auto-injection into the OpenResty config. Please note that this configuration should be validated prior to deployment or may cause outages in your OpenResty proxy layer.
The following folders within an app repository may have *.conf files that will be automatically injected into the OpenResty config.
openresty/http-includes/: Injected in the server block serving http(s) requests for the app.openresty/http-location-includes/: Injected in the location block that proxies to the app in the app's respective server block.
"},{"location":"networking/proxies/openresty/#ssl-configuration","title":"SSL Configuration","text":"The OpenResty plugin only supports automatic ssl certificates from it's letsencrypt integration. Managed certificates provided by the certs plugin are ignored.
"},{"location":"networking/proxies/openresty/#enabling-letsencrypt-integration","title":"Enabling letsencrypt integration","text":"By default, letsencrypt is disabled and https port mappings are ignored. To enable, set the letsencrypt-email property with the --global flag:
dokku openresty:set --global letsencrypt-email automated@dokku.sh\n
After enabling, the OpenResty container will need to be restarted and apps will need to be rebuilt. All http requests will then be redirected to https.
"},{"location":"networking/proxies/openresty/#customizing-the-letsencrypt-server","title":"Customizing the letsencrypt server","text":"The letsencrypt integration is set to the production letsencrypt server by default. To change this, set the letsencrypt-server property with the --global flag:
dokku openresty:set --global letsencrypt-server https://acme-staging-v02.api.letsencrypt.org/directory\n
After enabling, the OpenResty container will need to be restarted and apps will need to be rebuilt to retrieve certificates from the new server.
"},{"location":"networking/proxies/openresty/#limiting-letsencrypt-to-certain-domains","title":"Limiting letsencrypt to certain domains","text":"Warning
Changing this value may cause OpenResty to fail to start if the value is not valid. Caution should be exercised when changing this value from the defaults.
In cases where your server's IP may have invalid domains pointing at it, limiting letsencrypt to certain allowed domains may be desirable to reduce spam requests on the Letsencrypt servers. The default is to allow all domains to have certificates retrieved, but this can be limited by specifying the allowed-letsencrypt-domains-func-base64 global property.
The default internal value for allowed-letsencrypt-domains-func-base64 is the base64 representation of return true, and is meant to be the body of a lua function that return a boolean value.
value=\"$(echo 'return true' | base64 -w 0)\"\ndokku openresty:set --global allowed-letsencrypt-domains-func-base64 $value\n
As this is a global value, once changed, OpenResty should be stopped and started again for the value to take effect:
dokku openresty:stop\ndokku openresty:start\n
A more complex example would be to limit provisioning of certificates to domains in a specific list. The body of the lua function has access to a variable domain, and we can use it like so:
body='allowed_domains = {\"domain.com\", \"extra-domain.com\"}\n\nfor index, value in ipairs(allowed_domains) do\n if value == domain then\n return true\n end\nend\n\nreturn false\n'\nvalue=\"$(echo \"$body\" | base64 -w 0)\"\ndokku openresty:set --global allowed-letsencrypt-domains-func-base64 $value\n
To reset the value to the default, simply specify a blank value prior to restarting OpenResty:
dokku openresty:set --global allowed-letsencrypt-domains-func-base64\n
"},{"location":"networking/proxies/openresty/#displaying-openresty-reports-for-an-app","title":"Displaying OpenResty reports for an app","text":"You can get a report about the app's OpenResty config using the openresty:report command:
ShellOutput dokku openresty:report\n
=====> node-js-app openresty information\n Openresty image: dokku/openresty-docker-proxy:0.5.6\n Openresty letsencrypt email: automated@dokku.sh\n=====> python-app openresty information\n Openresty image: dokku/openresty-docker-proxy:0.5.6\n Openresty letsencrypt email: automated@dokku.sh\n=====> ruby-app openresty information\n Openresty image: dokku/openresty-docker-proxy:0.5.6\n Openresty letsencrypt email: automated@dokku.sh\n
You can run the command for a specific app also.
ShellOutput dokku openresty:report node-js-app\n
=====> node-js-app openresty information\n Openresty image: dokku/openresty-docker-proxy:0.5.6\n Openresty letsencrypt email: automated@dokku.sh\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku openresty:report node-js-app --openresty-letsencrypt-email\n
"},{"location":"networking/proxies/traefik/","title":"Traefik Proxy","text":"New
Introduced in 0.28.0
Dokku provides integration with the Traefik proxy service by utilizing the Docker label-based integration implemented by Traefik.
traefik:report [<app>] [<flag>] # Displays a traefik report for one or more apps\ntraefik:logs [--num num] [--tail] # Display traefik log output\ntraefik:set <app> <property> (<value>) # Set or clear an traefik property for an app\ntraefik:show-config <app> # Display traefik compose config\ntraefik:start # Starts the traefik server\ntraefik:stop # Stops the traefik server\n
"},{"location":"networking/proxies/traefik/#requirements","title":"Requirements","text":"Using the traefik plugin integration requires the docker-compose-plugin for Docker. See this document from the Docker documentation for more information on the installation process for the docker-compose-plugin.
"},{"location":"networking/proxies/traefik/#usage","title":"Usage","text":"Warning
As using multiple proxy plugins on a single Dokku installation can lead to issues routing requests to apps, doing so should be avoided. As the default proxy implementation is nginx, users are encouraged to stop the nginx service before switching to Traefik.
The Traefik plugin has specific rules for routing requests:
- Traefik integration is exposed via docker labels attached to containers. Changes in labels require either app deploys or rebuilds.
- While Traefik will respect labels associated with other containers, only
web containers have Traefik labels injected by the plugin. - Only
http:80 and https:443 port mappings are supported. - If no
http:80 mapping is found, the first http port mapping is used for http requests. - If no
https:443 mapping is found, the first https port mapping is used for https requests. - If no
https mapping is found, the container port from http:80 will be used for https requests. - Requests are routed as soon as the container is running and passing healthchecks.
"},{"location":"networking/proxies/traefik/#switching-to-traefik","title":"Switching to Traefik","text":"To use the Traefik plugin, use the proxy:set command for the app in question:
dokku proxy:set node-js-app traefik\n
This will enable the docker label-based Traefik integration. All future deploys will inject the correct labels for Traefik to read and route requests to containers. Due to the docker label-based integration used by Traefik, a single deploy or rebuild will be required before requests will route successfully.
dokku ps:rebuild node-js-app\n
Any changes to domains or port mappings will also require either a deploy or rebuild.
"},{"location":"networking/proxies/traefik/#starting-traefik-container","title":"Starting Traefik container","text":"Traefik can be started via the traefik:start command. This will start a Traefik container via the docker compose up command.
dokku traefik:start\n
"},{"location":"networking/proxies/traefik/#stopping-the-traefik-container","title":"Stopping the Traefik container","text":"Traefik may be stopped via the traefik:stop command.
dokku traefik:stop\n
The Traefik container will be stopped and removed from the system. If the container is not running, this command will do nothing.
"},{"location":"networking/proxies/traefik/#changing-the-traefik-entrypoint-names","title":"Changing the Traefik entrypoint names","text":"When you use a self-hosted Traefik instance, your entrypoint names might be different from the default http and https
Use traefik:set to set both http-entry-point and https-entry-point to custom values
dokku traefik:set --global http-entry-point web\ndokku traefik:set --global https-entry-point websecure\n
"},{"location":"networking/proxies/traefik/#showing-the-traefik-compose-config","title":"Showing the Traefik compose config","text":"For debugging purposes, it may be useful to show the Traefik compose config. This can be achieved via the traefik:show-config command.
dokku traefik:show-config\n
"},{"location":"networking/proxies/traefik/#customizing-the-traefik-container-image","title":"Customizing the Traefik container image","text":"While the default Traefik image is hardcoded, users may specify an alternative by setting the image property with the --global flag:
dokku traefik:set --global image traefik:v2.8\n
"},{"location":"networking/proxies/traefik/#checking-the-traefik-containers-logs","title":"Checking the Traefik container's logs","text":"It may be necessary to check the Traefik container's logs to ensure that Traefik is operating as expected. This can be performed with the traefik:logs command.
dokku traefik:logs\n
This command also supports the following modifiers:
--num NUM # the number of lines to display\n--tail # continually stream logs\n
You can use these modifiers as follows:
dokku traefik:logs --tail --num 10\n
The above command will show logs continually from the traefik container, with an initial history of 10 log lines
"},{"location":"networking/proxies/traefik/#changing-the-traefik-log-level","title":"Changing the Traefik log level","text":"Traefik log output is set to ERROR by default. It may be changed by setting the log-level property with the --global flag:
dokku traefik:set --global log-level DEBUG\n
After modifying, the Traefik container will need to be restarted.
"},{"location":"networking/proxies/traefik/#ssl-configuration","title":"SSL Configuration","text":"The traefik plugin only supports automatic ssl certificates from it's letsencrypt integration. Managed certificates provided by the certs plugin are ignored.
"},{"location":"networking/proxies/traefik/#enabling-letsencrypt-integration","title":"Enabling letsencrypt integration","text":"By default, letsencrypt is disabled and https port mappings are ignored. To enable, set the letsencrypt-email property with the --global flag:
dokku traefik:set --global letsencrypt-email automated@dokku.sh\n
After enabling, apps will need to be rebuilt and the Traefik container will need to be restarted. All http requests will then be redirected to https.
"},{"location":"networking/proxies/traefik/#customizing-the-letsencrypt-server","title":"Customizing the letsencrypt server","text":"The letsencrypt integration is set to the production letsencrypt server by default. To change this, set the letsencrypt-server property with the --global flag:
dokku traefik:set --global letsencrypt-server https://acme-staging-v02.api.letsencrypt.org/directory\n
After enabling, the Traefik container will need to be restarted and apps will need to be rebuilt to retrieve certificates from the new server.
"},{"location":"networking/proxies/traefik/#api-access","title":"API Access","text":"Traefik exposes an API and Dashboard, which Dokku disables by default for security reasons. It can be exposed and customized as described below.
"},{"location":"networking/proxies/traefik/#enabling-the-api","title":"Enabling the api","text":"Warning
Users enabling the dashboard should also enable api basic auth.
By default, the api is disabled. To enable, set the api-enabled property with the --global flag:
dokku traefik:set --global api-enabled true\n
After enabling, the Traefik container will need to be restarted.
"},{"location":"networking/proxies/traefik/#enabling-the-dashboard","title":"Enabling the dashboard","text":"Warning
Users enabling the dashboard should also enable api basic auth.
By default, the dashboard is disabled. To enable, set the dashboard-enabled property with the --global flag:
dokku traefik:set --global dashboard-enabled true\n
After enabling, the Traefik container will need to be restarted.
"},{"location":"networking/proxies/traefik/#enabling-api-basic-auth","title":"Enabling api basic auth","text":"Users enabling either the api or dashboard are encouraged to enable basic auth. This will apply only to the api/dashboard, and not to apps. To enable, set the basic-auth-username and basic-auth-password properties with the --global flag:. Both must be set or basic auth will not be enabled.
dokku traefik:set --global basic-auth-username username\ndokku traefik:set --global basic-auth-password password\n
After enabling, the Traefik container will need to be restarted.
"},{"location":"networking/proxies/traefik/#customizing-the-api-hostname","title":"Customizing the api hostname","text":"The hostname used for the api and dashboard is set to traefik.dokku.me by default. It can be customized by setting the api-vhost property with the --global flag:
dokku traefik:set --global api-vhost lb.dokku.me\n
After enabling, the Traefik container will need to be restarted.
"},{"location":"networking/proxies/traefik/#displaying-traefik-reports-for-an-app","title":"Displaying Traefik reports for an app","text":"You can get a report about the app's Traefik config using the traefik:report command:
ShellOutput dokku traefik:report\n
=====> node-js-app traefik information\n Traefik api enabled: false\n Traefik api vhost: traefik.dokku.me\n Traefik basic auth password: password\n Traefik basic auth username: user\n Traefik dashboard enabled: false\n Traefik image: traefik:v2.8\n Traefik letsencrypt email:\n Traefik letsencrypt server:\n Traefik log level: ERROR\n=====> python-app traefik information\n Traefik api enabled: false\n Traefik api vhost: traefik.dokku.me\n Traefik basic auth password: password\n Traefik basic auth username: user\n Traefik dashboard enabled: false\n Traefik image: traefik:v2.8\n Traefik letsencrypt email:\n Traefik letsencrypt server:\n Traefik log level: ERROR\n=====> ruby-app traefik information\n Traefik api enabled: false\n Traefik api vhost: traefik.dokku.me\n Traefik basic auth password: password\n Traefik basic auth username: user\n Traefik dashboard enabled: false\n Traefik image: traefik:v2.8\n Traefik letsencrypt email:\n Traefik letsencrypt server:\n Traefik log level: ERROR\n
You can run the command for a specific app also.
ShellOutput dokku traefik:report node-js-app\n
=====> node-js-app traefik information\n Traefik api enabled: false\n Traefik api vhost: traefik.dokku.me\n Traefik basic auth password: password\n Traefik basic auth username: user\n Traefik dashboard enabled: false\n Traefik image: traefik:v2.8\n Traefik letsencrypt email:\n Traefik letsencrypt server:\n Traefik log level: ERROR\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku traefik:report node-js-app --traefik-api-enabled\n
"},{"location":"processes/entering-containers/","title":"Entering containers","text":"New
Introduced in 0.4.0
enter <app> [<container-type> || --container-id <container-id>] # Connect to a specific app container\n
"},{"location":"processes/entering-containers/#usage","title":"Usage","text":"The enter command can be used to enter a running container. The following variations of the command exist:
# enter the first container\ndokku enter node-js-app\n\n# enter the web process\ndokku enter node-js-app web\n\n# enter the first web process\ndokku enter node-js-app web.1\n\n# enter a process for an app by container ID\ndokku enter node-js-app --container-id ID\n
The container-type argument can be one either:
- If your app has a
Procfile, the name of a process type in your Procfile. - If your app has no
Procfile, the word web.
If the specified process type is scaled up to more than one container, then the first container will be automatically selected. this can be overridden by specifying an integer index denoting the desired container, where the first container's index is 1.
Additionally, the enter command can be executed with no <container-type>. If only a single <container-type> is defined in the app's Procfile, executing enter will drop the terminal into the only running container. This behavior is not supported when specifying a custom command; as described below.
By default, dokku enter will run a /bin/bash, but can also be used to run custom commands:
# just echo hi\ndokku enter node-js-app web echo hi\n\n# run a long-running command, as one might for a cron task\ndokku enter node-js-app web python script/background-worker.py\n
"},{"location":"processes/one-off-tasks/","title":"One-off Tasks","text":"run [-e|--env KEY=VALUE] [--no-tty] <app> <cmd> # Run a command in a new container using the current app image\nrun:detached [-e|-env KEY=VALUE] [--force-tty] <app> <cmd> # Run a command in a new detached container using the current app image\nrun:list [--format json|stdout] [<app>] # List all run containers for an app\nrun:logs <app|--container CONTAINER> [-h] [-t] [-n num] [-q] # Display recent log output for run containers\nrun:stop <app|--container CONTAINER> # Stops all run containers for an app or a specified run container\n
Sometimes it is necessary to run a one-off command under an app. Dokku makes it easy to run a fresh container via the run command.
"},{"location":"processes/one-off-tasks/#usage","title":"Usage","text":""},{"location":"processes/one-off-tasks/#running-a-one-off-command","title":"Running a one-off command","text":"The run command can be used to run a one-off process for a specific command. This will start a new container and run the desired command within that container. The container image will be the same container image as was used to start the currently deployed app.
New
Introduced in 0.25.0, this container will be removed after the process exits.
# runs `ls -lah` in the `/app` directory of the app `node-js-app`\ndokku run node-js-app ls -lah\n\n# optionally, run can be passed custom environment variables\ndokku run --env \"NODE_ENV=development\" --env \"PATH=/custom/path\" node-js-app npm run mytask\n
One off containers are removed at the end of process execution.
"},{"location":"processes/one-off-tasks/#running-procfile-commands","title":"Running Procfile commands","text":"The run command can also be used to run a command defined in the app Procfile:
console: bundle exec racksh\n
# runs `bundle exec racksh` in the `/app` directory of the app `my-app`\ndokku run my-app console\n
"},{"location":"processes/one-off-tasks/#specifying-container-labels","title":"Specifying container labels","text":"Containers may have specific labels attached. In order to avoid issues with dokku internals, do not use any labels beginning with either com.dokku or org.label-schema.
dokku --label=com.example.test-label=value run node-js-app ls -lah\n
"},{"location":"processes/one-off-tasks/#disabling-tty","title":"Disabling TTY","text":"New
Introduced in 0.25.0
One-off containers default to interactive mode where possible. To disable this behavior, specify the --no-tty flag:
dokku run --no-tty node-js-app ls -lah\n
"},{"location":"processes/one-off-tasks/#running-a-detached-container","title":"Running a detached container","text":"New
Introduced in 0.25.0
Finally, a container can be run in \"detached\" mode via the run:detached Dokku command. Running a process in detached mode will immediately return a CONTAINER_ID. Detached containers are run without a tty and are also removed at the end of process execution.
dokku run:detached node-js-app ls -lah\n# returns the ID of the new container\n
To start a detached container with a tty, specify the --force-tty flag. Containers will still exit upon command termination, but can be attached to as long as they are running.
dokku run:detached --force-tty node-js-app bash\n
"},{"location":"processes/one-off-tasks/#displaying-one-off-container-logs","title":"Displaying one-off container logs","text":"You can easily get logs of all one-off containers for an app using the logs command:
dokku run:logs node-js-app\n
Logs are pulled via integration with the scheduler for the specified application via \"live tailing\". As such, logs from previously running deployments are usually not available. Users that desire to see logs from previous deployments for debugging purposes should persist those logs to external services. Please see Dokku's vector integration for more information on how to persist logs across deployments to ship logs to another service or a third-party platform.
"},{"location":"processes/one-off-tasks/#behavioral-modifiers","title":"Behavioral modifiers","text":"Dokku also supports certain command-line arguments that augment the run:log command's behavior.
--container NAME # the name of a specific container to show logs for\n-n, --num NUM # the number of lines to display\n-t, --tail # continually stream logs\n-q, --quiet # display raw logs without colors, time and names\n
You can use these modifiers as follows:
dokku run:logs -t --container node-js-app.run.1234\n
The above command will show logs continually from the node-js-app.run.1234 one-off run process.
"},{"location":"processes/one-off-tasks/#listing-one-off-containers","title":"Listing one-off containers","text":"New
Introduced in 0.25.0
One-off containers for a given app can be listed via the run:list command:
ShellOutput dokku run:list node-js-app\n
=====> node-js-app run containers\nNAMES COMMAND CREATED\nnode-js-app.run.28689 \"/exec sleep 15\" 2 seconds ago\n
Info
The COMMAND displayed will be what Docker executes and may not exactly match the command specified by a dokku run command.
The output can also be shown in json format:
ShellOutput dokku run:list node-js-app --format json\n
[\n {\n \"name\": \"node-js-app.run.28689\",\n \"state\": \"running\",\n \"command\": \"\\\"/exec 'sleep 15'\\\"\",\n \"created_at\": \"2022-08-03 05:47:44 +0000 UTC\"\n }\n]\n
"},{"location":"processes/one-off-tasks/#stopping-a-one-off-container","title":"Stopping a one-off container","text":"New
Introduced in 0.29.0
Run containers for an app can be stopped via the run:stop command. The output will be the container id.
ShellOutput # start a container\n# the output will be something like: node-js-app.run.2313\ndokku run node-js-app sleep 300\n\n# stop the container\ndokku run:stop --container node-js-app.run.2313\n
node-js-app.run.2313\n
All containers for a given app can be stopped by specifying the app name.
ShellOutput dokku run:stop node-js-app\n
node-js-app.run.2313\nnode-js-app.run.574\n
"},{"location":"processes/process-management/","title":"Process Management","text":"New
Introduced in 0.3.14, Enhanced in 0.7.0
ps:inspect <app> # Displays a sanitized version of docker inspect for an app\nps:rebuild [--parallel count] [--all|<app>] # Rebuilds an app from source\nps:report [<app>] [<flag>] # Displays a process report for one or more apps\nps:restart [--parallel count] [--all|<app>] [<process-name>] # Restart an app\nps:restore [<app>] # Start previously running apps e.g. after reboot\nps:scale [--skip-deploy] <app> <proc>=<count> [<proc>=<count>...] # Get/Set how many instances of a given process to run\nps:set <app> <key> <value> # Set or clear a ps property for an app\nps:start [--parallel count] [--all|<app>] # Start an app\nps:stop [--parallel count] [--all|<app>] # Stop an app\n
"},{"location":"processes/process-management/#usage","title":"Usage","text":""},{"location":"processes/process-management/#inspecting-app-containers","title":"Inspecting app containers","text":"New
Introduced in 0.13.0
A common administrative task to perform is calling docker inspect on the containers that are running for an app. This can be an error-prone task to perform, and may also reveal sensitive environment variables if not done correctly. Dokku provides a wrapper around this command via the ps:inspect command:
dokku ps:inspect node-js-app\n
This command will gather all the running container IDs for your app and call docker inspect, sanitizing the output data so it can be copy-pasted elsewhere safely.
"},{"location":"processes/process-management/#rebuilding-apps","title":"Rebuilding apps","text":"It may be useful to rebuild an app at will, such as for commands that do not rebuild an app or when skipping a rebuild after setting multiple config values. For these use cases, the ps:rebuild function can be used.
dokku ps:rebuild node-js-app\n
All apps may be rebuilt by using the --all flag.
dokku ps:rebuild --all\n
By default, rebuilding all apps happens serially. The parallelism may be controlled by the --parallel flag.
dokku ps:rebuild --all --parallel 2\n
Finally, the number of parallel workers may be automatically set to the number of CPUs available by setting the --parallel flag to -1
dokku ps:rebuild --all --parallel -1\n
A missing linked container will result in failure to boot apps. Services should all be started for apps being rebuilt.
"},{"location":"processes/process-management/#restarting-apps","title":"Restarting apps","text":"An app may be restarted using the ps:restart command.
dokku ps:restart node-js-app\n
A single process type - such as web or worker - may also be specified. This does not support specifying a given instance of a process type, and only supports restarting all instances of that process type.
dokku ps:restart node-js-app web\n
All apps may be restarted by using the --all flag. This flag is incompatible with specifying a process type.
dokku ps:restart --all\n
By default, restarting all apps happens serially. The parallelism may be controlled by the --parallel flag.
dokku ps:restart --all --parallel 2\n
Finally, the number of parallel workers may be automatically set to the number of CPUs available by setting the --parallel flag to -1
dokku ps:restart --all --parallel -1\n
A missing linked container will result in failure to boot apps. Services should all be started for apps being rebuilt.
"},{"location":"processes/process-management/#displaying-existing-scale-properties","title":"Displaying existing scale properties","text":"Issuing the ps:scale command with no arguments will output the current scaling properties for an app.
ShellOutput dokku ps:scale node-js-app\n
-----> Scaling for python\nproctype: qty\n--------: ---\nweb: 1\n
"},{"location":"processes/process-management/#defining-processes","title":"Defining Processes","text":""},{"location":"processes/process-management/#procfile","title":"Procfile","text":"Note
Dokku supports the Procfile format as defined in this document under \"Strict Mode\" parsing rules.
Apps can define processes to run by using a Procfile. A Procfile is a simple text file that can be used to specify multiple commands, each of which is subject to process scaling. In the case where the built image sets a default command to run - either through usage of CMD for Dockerfile-based builds, a default process for buildpack-based builds, or any other method for the builder in use - the Procfile will take precedence.
If the file exists, it should not be empty, as doing so may result in a failed deploy.
The syntax for declaring a Procfile is as follows. Note that the format is one process type per line, with no duplicate process types.
<process type>: <command>\n
If, for example, you have multiple queue workers and wish to scale them separately, the following would be a valid way to work around the requirement of not duplicating process types:
worker: env QUEUE=* bundle exec rake resque:work\nimportantworker: env QUEUE=important bundle exec rake resque:work\n
If the app build declares an ENTRYPOINT, the command defined in the Procfile is passed as an argument to that entrypoint. This is the case for all Dockerfile-based, Docker Image, and Cloud Native Buildpack deployments.
The web process type holds some significance in that it is the only process type that is automatically scaled to 1 on the initial application deploy. See the web process scaling documentation for more details around scaling individual processes.
See the Procfile location documentation for more information on where to place your Procfile file.
"},{"location":"processes/process-management/#the-web-process","title":"The web process","text":"For initial app deploys, Dokku will default to starting a single web process for each app. This process may be defined within the Procfile or as the CMD (for Dockerfile or Docker image deploys). Scaling of the web process - and all other processes - may be managed via ps:scale or the formation key in the app.json file either before or after the initial deploy.
There are also a few other exceptions for the web process.
- By default, the built-in nginx proxy implementation only proxies the
web process (others may be handled via a custom nginx.conf.sigil). - See the nginx request proxying documentation for more information on how nginx handles proxied requests.
- Only the
web process may be bound to an external port.
"},{"location":"processes/process-management/#the-release-process","title":"The release process","text":"The Procfile also supports a special release command which acts in a similar way to the Heroku Release Phase. See the Release deployment task documentation for more information on how Dokku handles this process type.
"},{"location":"processes/process-management/#changing-the-procfile-location","title":"Changing the Procfile location","text":"The Procfile is expected to be found in a specific directory, depending on the deploy approach:
- The
WORKDIR of the Docker image for deploys resulting from git:from-image and git:load-image commands. - The root of the source code tree for all other deploys (git push,
git:from-archive, git:sync).
Sometimes it may be desirable to set a different path for a given app, e.g. when deploying from a monorepo. This can be done via the procfile-path property:
dokku ps:set node-js-app procfile-path .dokku/Procfile\n
The value is the path to the desired file relative to the base search directory, and will never be treated as absolute paths in any context. If that file does not exist within the repository, Dokku will continue the build process as if the repository has no Procfile.
The default value may be set by passing an empty value for the option:
dokku ps:set node-js-app procfile-path\n
The procfile-path property can also be set globally. The global default is Procfile, and the global value is used when no app-specific value is set.
dokku ps:set --global procfile-path global-Procfile\n
The default value may be set by passing an empty value for the option.
dokku ps:set --global procfile-path\n
"},{"location":"processes/process-management/#scaling-apps","title":"Scaling apps","text":""},{"location":"processes/process-management/#via-cli","title":"Via CLI","text":"Info
This functionality is disabled if the formation is managed via the formation key of app.json.
Dokku can also manage scaling itself via the ps:scale command. This command can be used to scale multiple process types at the same time.
dokku ps:scale node-js-app web=1\n
Multiple process types can be scaled at once:
dokku ps:scale node-js-app web=1 worker=1\n
If desired, the corresponding deploy will be skipped by using the --skip-deploy flag:
dokku ps:scale --skip-deploy node-js-app web=1\n
"},{"location":"processes/process-management/#manually-managing-process-scaling","title":"Manually managing process scaling","text":"Info
Using a formation key in an app.json file with any quantity specified disables the ability to use ps:scale for scaling. All processes not specified in the app.json will have their process count set to zero.
Users can also configure scaling within the codebase itself to manage process scaling. The formation key should be specified as follows in the app.json file:
{\n \"formation\": {\n \"web\": {\n \"quantity\": 1\n },\n \"worker\": {\n \"quantity\": 4\n }\n }\n}\n
Removing the formation key or removing the app.json file from your repository will result in Dokku respecting the ps:scale command for setting scale values. The values set via the app.json file from a previous deploy will be respected.
See the app.json location documentation for more information on where to place your app.json file.
"},{"location":"processes/process-management/#stopping-apps","title":"Stopping apps","text":"Deployed apps can be stopped using the ps:stop command. This turns off all running containers for an app, and will result in a 502 Bad Gateway response for the default nginx proxy implementation.
dokku ps:stop node-js-app\n
All apps may be stopped by using the --all flag.
dokku ps:stop --all\n
By default, stopping all apps happens serially. The parallelism may be controlled by the --parallel flag.
dokku ps:stop --all --parallel 2\n
Finally, the number of parallel workers may be automatically set to the number of CPUs available by setting the --parallel flag to -1
dokku ps:stop --all --parallel -1\n
"},{"location":"processes/process-management/#starting-apps","title":"Starting apps","text":"All stopped containers can be started using the ps:start command. This is similar to running ps:restart, except no action will be taken if the app containers are running.
dokku ps:start node-js-app\n
All apps may be started by using the --all flag.
dokku ps:start --all\n
By default, starting all apps happens serially. The parallelism may be controlled by the --parallel flag.
dokku ps:start --all --parallel 2\n
Finally, the number of parallel workers may be automatically set to the number of CPUs available by setting the --parallel flag to -1
dokku ps:start --all --parallel -1\n
"},{"location":"processes/process-management/#restart-policies","title":"Restart policies","text":"New
Introduced in 0.7.0, Command Changed in 0.22.0
By default, Dokku will automatically restart containers that exit with a non-zero status up to 10 times via the on-failure Docker restart policy.
"},{"location":"processes/process-management/#setting-the-restart-policy","title":"Setting the restart policy","text":"Info
A change in the restart policy must be followed by a ps:rebuild call.
You can configure this via the ps:set command:
# always restart an exited container\ndokku ps:set node-js-app restart-policy always\n\n# never restart an exited container\ndokku ps:set node-js-app restart-policy no\n\n# only restart it on Docker restart if it was not manually stopped\ndokku ps:set node-js-app restart-policy unless-stopped\n\n# restart only on non-zero exit status\ndokku ps:set node-js-app restart-policy on-failure\n\n# restart only on non-zero exit status up to 20 times\ndokku ps:set node-js-app restart-policy on-failure:20\n
Restart policies have no bearing on server reboot, and Dokku will always attempt to restart your apps at that point unless they were manually stopped.
Dokku also runs dokku-event-listener in the background via the system's init service. This monitors container state, performing the following actions:
- If a web process restarts and it's container IP address changes, the app's proxy configuration will be rebuilt.
- If a process within an app exceeds the restart count, the app will be rebuilt.
"},{"location":"processes/process-management/#displaying-reports-for-an-app","title":"Displaying reports for an app","text":"New
Introduced in 0.12.0
You can get a report about the deployed apps using the ps:report command:
ShellOutput dokku ps:report\n
=====> node-js-app ps information\n Deployed: false\n Processes: 0\n Ps can scale: true\n Ps computed procfile path: Procfile2\n Ps global procfile path: Procfile\n Ps restart policy: on-failure:10\n Ps procfile path: Procfile2\n Restore: true\n Running: false\n=====> python-sample ps information\n Deployed: false\n Processes: 0\n Ps can scale: true\n Ps computed procfile path: Procfile\n Ps global procfile path: Procfile\n Ps restart policy: on-failure:10\n Ps procfile path:\n Restore: true\n Running: false\n=====> ruby-sample ps information\n Deployed: false\n Processes: 0\n Ps can scale: true\n Ps computed procfile path: Procfile\n Ps global procfile path: Procfile\n Ps restart policy: on-failure:10\n Ps procfile path:\n Restore: true\n Running: false\n
You can run the command for a specific app also.
ShellOutput dokku ps:report node-js-app\n
=====> node-js-app ps information\n Deployed: false\n Processes: 0\n Ps can scale: true\n Ps restart policy: on-failure:10\n Restore: true\n Running: false\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku ps:report node-js-app --deployed\n
"},{"location":"processes/process-management/#restoring-apps-after-a-server-reboot","title":"Restoring apps after a server reboot","text":"When a server reboots or Docker is restarted/upgraded, Docker may or may not start old app containers automatically, and may in some cases re-assign container IP addresses. To combat this issue, Dokku uses an init process that triggers dokku ps:restore after the Docker daemon is detected as starting. When triggered, the dokku ps:restore command will serially (one by one) run the following for each:
- Start all linked services.
- Clear generated proxy configuration files.
- Start the app if it has not been manually stopped.
- If the app containers still exist, they will be started and the generated proxy configuration files will be rebuilt.
- If any of the app containers are missing, the entire app will be rebuilt.
During this time, requests may route to the incorrect app if the assigned IPs correspond to those for other apps. While dokku makes all efforts to avoid this, there may be a few minutes where urls may route to the wrong app. To avoid this, either use a custom proxy plugin or wait a few minutes until the restoration process is complete.
"},{"location":"processes/scheduled-cron-tasks/","title":"Scheduled Cron Tasks","text":"New
Introduced in 0.23.0
cron:list <app> [--format json|stdout] # List scheduled cron tasks for an app\ncron:report [<app>] [<flag>] # Display report about an app\ncron:run <app> <cron_id> [--detach] # Run a cron task on the fly\ncron:set [--global|<app>] <key> <value> # Set or clear a cron property for an app\n
"},{"location":"processes/scheduled-cron-tasks/#usage","title":"Usage","text":""},{"location":"processes/scheduled-cron-tasks/#dokku-managed-cron","title":"Dokku Managed Cron","text":"Dokku automates scheduled dokku run commands via it's app.json cron integration.
"},{"location":"processes/scheduled-cron-tasks/#specifying-commands","title":"Specifying commands","text":"The app.json file for a given app can define a special cron key that contains a list of commands to run on given schedules. The following is a simple example app.json that effectively runs the command dokku run $APP npm run send-email once a day:
{\n \"cron\": [\n {\n \"command\": \"npm run send-email\",\n \"schedule\": \"@daily\"\n }\n ]\n}\n
A cron entry takes the following properties:
command: A command to be run within the built app image. Specified commands can also be Procfile entries.schedule: A cron-compatible scheduling definition upon which to run the command. Seconds are generally not supported.
Zero or more cron commands can be specified per app. Cron entries are validated after the build artifact is created but before the app is deployed, and the cron schedule is updated during the post-deploy phase.
See the app.json location documentation for more information on where to place your app.json file.
"},{"location":"processes/scheduled-cron-tasks/#task-environment","title":"Task Environment","text":"When running scheduled cron tasks, there are a few items to be aware of:
- Scheduled cron tasks are performed within the app environment available at runtime. If the app image does not exist, the command may fail to execute.
- Schedules are performed on the hosting server's timezone, which is typically UTC.
- At this time, only the
PATH and SHELL environment variables are specified in the cron template. - A
MAILTO value can be set via the cron:set command.
- Each scheduled task is executed within a one-off
run container, and thus inherit any docker-options specified for run containers. Resources are never shared between scheduled tasks. - Scheduled cron tasks are supported on a per-scheduler basis, and are currently only implemented by the
docker-local scheduler. - Tasks for all apps managed by the
docker-local scheduler are written to a single crontab file owned by the dokku user. The dokku user's crontab should be considered reserved for this purpose.
"},{"location":"processes/scheduled-cron-tasks/#specifying-a-mailto-value","title":"Specifying a MAILTO value","text":"By default, cron tasks complete and do not perform any reporting. Users can specify a value for MAILTO via the global mailto cron property by using the cron:set command.
dokku cron:set --global mailto example@example.com\n
All output for individual cron runs will be sent to the specified email.
Cron emails can be disabled by running the cron:set command for the global mailto property with no value.
dokku cron:set --global mailto\n
"},{"location":"processes/scheduled-cron-tasks/#listing-cron-tasks","title":"Listing Cron tasks","text":"Cron tasks for an app can be listed via the cron:list command. This command takes an app argument.
ShellOutput dokku cron:list node-js-app\n
ID Schedule Command\ncGhwPT09cGhwIHRlc3QucGhwPT09QGRhaWx5 @daily node index.js\ncGhwPT09dHJ1ZT09PSogKiAqICogKg== * * * * * true\n
The output can also be displayed in json format:
ShellOutput dokku cron:list node-js-app --format json\n
[{\"id\":\"cGhwPT09cGhwIHRlc3QucGhwPT09QGRhaWx5\",\"app\":\"node-js-app\",\"command\":\"node index.js\",\"schedule\":\"@daily\"}]\n
"},{"location":"processes/scheduled-cron-tasks/#executing-a-cron-task-on-the-fly","title":"Executing a cron task on the fly","text":"Cron tasks can be invoked via the cron:run command. This command takes an app argument and a cron id (retrievable from cron:list output).
dokku cron:run node-js-app cGhwPT09cGhwIHRlc3QucGhwPT09QGRhaWx5\n
By default, the task is run in an attached container - as supported by the scheduler. To run in a background detached container, specify the --detach flag:
dokku cron:run node-js-app cGhwPT09cGhwIHRlc3QucGhwPT09QGRhaWx5 --detach\n
All one-off cron executions have their containers terminated after invocation.
"},{"location":"processes/scheduled-cron-tasks/#displaying-reports","title":"Displaying reports","text":"You can get a report about the cron configuration for apps using the cron:report command:
ShellOutput dokku cron:report\n
=====> node-js-app cron information\n Cron task count: 2\n=====> python-sample cron information\n Cron task count: 0\n=====> ruby-sample cron information\n Cron task count: 10\n
You can run the command for a specific app also.
ShellOutput dokku cron:report node-js-app\n
=====> node-js-app cron information\n Cron task count: 2\n
You can pass flags which will output only the value of the specific information you want. For example:
dokku cron:report node-js-app --cron-task-count\n
"},{"location":"processes/scheduled-cron-tasks/#self-managed-cron","title":"Self Managed Cron","text":"Warning
Self-managed cron tasks should be considered advanced usage. While the instructions are available, users are highly encouraged to use the built-in scheduled cron task support unless absolutely necessary.
Some installations may require more fine-grained control over cron usage. The following are advanced instructions for configuring cron.
"},{"location":"processes/scheduled-cron-tasks/#using-run-for-cron-tasks","title":"Using run for cron tasks","text":"You can always use a one-off container to run an app task:
dokku run node-js-app some-command\n
For tasks that should not be interrupted, run is the preferred method of handling cron tasks, as the container will continue running even during a deploy or scaling event. The trade-off is that there will be an increase in memory usage if there are multiple concurrent tasks running.
"},{"location":"processes/scheduled-cron-tasks/#using-enter-for-cron-tasks","title":"Using enter for cron tasks","text":"Your Procfile can have the following entry:
cron: sleep infinity\n
With the cron process scaled to 1:
dokku ps:scale node-js-app cron=1\n
You can now run all your commands in that container:
dokku enter node-js-app cron some-command\n
Note that you can also run multiple commands at the same time to reduce memory usage, though that may result in polluting the container environment.
For tasks that will properly resume, you should use the above method, as running tasks will be interrupted during deploys and scaling events, and subsequent commands will always run with the latest container. Note that if you scale the cron container down, this may interrupt proper running of the task.
"},{"location":"processes/scheduled-cron-tasks/#general-cron-recommendations","title":"General cron recommendations","text":"Regularly scheduled tasks can be a bit of a pain with Dokku. The following are general recommendations to follow to help ensure successful task runs.
- Use the
dokku user in your cron entry. - If you do not, the
dokku binary will attempt to execute with sudo, and your cron run with fail with sudo: no tty present and no askpass program specified.
- Add a
MAILTO environment variable to ship cron emails to yourself. - Add a
PATH environment variable or specify the full path to binaries on the host. - Add a
SHELL environment variable to specify Bash when running commands. - Keep your cron tasks in time-sorted order.
- Keep your server time in UTC so you don't need to translate daylight savings time when reading the cronfile.
- Run tasks at the lowest traffic times if possible.
- Use cron to trigger jobs, not run them. Use a real queuing system such as rabbitmq to actually process jobs.
- Try to keep tasks quiet so that mails only send on errors.
- Do not silence standard error or standard out. If you silence the former, you will miss failures. Silencing the latter means you should actually make app changes to handle log levels.
- Use a service such as Dead Man's Snitch to verify that cron tasks completed successfully.
- Add lots of comments to your cronfile, including what a task is doing, so that you don't spend time deciphering the file later.
- Place your cronfiles in a pattern such as
/etc/cron.d/APP. - Do not use non-ASCII characters in your cronfile names. cron is finicky.
- Remember to have trailing newlines in your cronfile! cron is finicky.
The following is a sample cronfile that you can use for your apps:
# server cron jobs\nMAILTO=\"mail@dokku.me\"\nPATH=/usr/local/bin:/usr/bin:/bin\nSHELL=/bin/bash\n\n# m h dom mon dow username command\n# * * * * * dokku command to be executed\n# - - - - -\n# | | | | |\n# | | | | +----- day of week (0 - 6) (Sunday=0)\n# | | | +------- month (1 - 12)\n# | | +--------- day of month (1 - 31)\n# | +----------- hour (0 - 23)\n# +----------- min (0 - 59)\n\n### HIGH TRAFFIC TIME IS B/W 00:00 - 04:00 AND 14:00 - 23:59\n### RUN YOUR TASKS FROM 04:00 - 14:00\n### KEEP SORTED IN TIME ORDER\n\n### PLACE ALL CRON TASKS BELOW\n\n# removes unresponsive users from the subscriber list to decrease bounce rates\n0 0 * * * dokku dokku run node-js-app some-command\n\n# sends out our email alerts to users\n0 1 * * * dokku dokku ps:scale node-js-app cron=1 && dokku enter node-js-app cron some-other-command && dokku ps:scale node-js-app cron=0\n\n### PLACE ALL CRON TASKS ABOVE, DO NOT REMOVE THE WHITESPACE AFTER THIS LINE\n
"}]}
\ No newline at end of file
diff --git a/docs/sitemap.xml b/docs/sitemap.xml
index 238054af9..1077961f9 100644
--- a/docs/sitemap.xml
+++ b/docs/sitemap.xml
@@ -2,370 +2,370 @@
https://dokku.com/docs/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/advanced-usage/backup-recovery/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/advanced-usage/deployment-tasks/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/advanced-usage/docker-options/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/advanced-usage/event-logs/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/advanced-usage/persistent-storage/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/advanced-usage/plugin-management/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/advanced-usage/registry-management/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/advanced-usage/repository-management/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/advanced-usage/resource-management/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/appendices/0.10.0-migration-guide/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/appendices/0.20.0-migration-guide/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/appendices/0.21.0-migration-guide/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/appendices/0.22.0-migration-guide/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/appendices/0.23.0-migration-guide/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/appendices/0.24.0-migration-guide/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/appendices/0.25.0-migration-guide/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/appendices/0.26.0-migration-guide/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/appendices/0.27.0-migration-guide/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/appendices/0.28.0-migration-guide/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/appendices/0.29.0-migration-guide/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/appendices/0.30.0-migration-guide/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/appendices/0.31.0-migration-guide/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/appendices/0.32.0-migration-guide/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/appendices/0.33.0-migration-guide/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/appendices/0.34.0-migration-guide/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/appendices/0.35.0-migration-guide/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/appendices/0.5.0-migration-guide/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/appendices/0.6.0-migration-guide/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/appendices/0.7.0-migration-guide/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/appendices/0.8.0-migration-guide/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/appendices/0.9.0-migration-guide/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/community/clients/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/community/plugins/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/configuration/domains/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/configuration/environment-variables/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/configuration/ssl/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/deployment/application-deployment/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/deployment/application-management/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/deployment/logs/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/deployment/remote-commands/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/deployment/user-management/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/deployment/zero-downtime-deploys/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/deployment/builders/builder-management/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/deployment/builders/cloud-native-buildpacks/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/deployment/builders/dockerfiles/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/deployment/builders/herokuish-buildpacks/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/deployment/builders/lambda/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/deployment/builders/nixpacks/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/deployment/builders/null/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/deployment/continuous-integration/generic/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/deployment/continuous-integration/github-actions/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/deployment/continuous-integration/gitlab-ci/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/deployment/methods/archive/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/deployment/methods/git/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/deployment/methods/image/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/deployment/schedulers/docker-local/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/deployment/schedulers/k3s/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/deployment/schedulers/kubernetes/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/deployment/schedulers/nomad/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/deployment/schedulers/null/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/deployment/schedulers/scheduler-management/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/development/plugin-creation/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/development/plugin-triggers/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/development/release-process/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/development/testing/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/enterprise/pro/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/getting-started/advanced-installation/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/getting-started/troubleshooting/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/getting-started/uninstalling/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/getting-started/where-to-get-help/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/getting-started/install/azure/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/getting-started/install/debian/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/getting-started/install/digitalocean/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/getting-started/install/docker/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/getting-started/install/dreamhost/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/getting-started/install/vagrant/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/getting-started/installation/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/getting-started/upgrading/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/networking/dns/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/networking/network/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/networking/port-management/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/networking/proxy-management/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/networking/proxies/caddy/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/networking/proxies/haproxy/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/networking/proxies/nginx/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/networking/proxies/openresty/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/networking/proxies/traefik/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/processes/entering-containers/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/processes/one-off-tasks/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/processes/process-management/
- 2024-10-05
+ 2024-10-06
https://dokku.com/docs/processes/scheduled-cron-tasks/
- 2024-10-05
+ 2024-10-06
\ No newline at end of file
diff --git a/docs/sitemap.xml.gz b/docs/sitemap.xml.gz
index da5dd718f..ee6c50b89 100644
Binary files a/docs/sitemap.xml.gz and b/docs/sitemap.xml.gz differ