Skip to main content
Docker Compose is the fastest way to get InfraAudit running. A single docker compose up command starts the Go API, Postgres database, Redis cache, and the React frontend — no Kubernetes cluster required.
Complete the Prerequisites first. You need a Supabase project and Docker Compose v2 before starting.

Step 1: Clone the repository

git clone https://github.com/pratik-mahalle/infraudit-go.git
cd infraudit-go

Step 2: Create your .env file

Copy the example environment file: 
cp .env.example .env
Open .env and fill in your values. The template below shows every variable you need for a working deployment: 
# Supabase — required (see /self-hosting/prerequisites)
SUPABASE_URL=https://xxxxxxxxxxxxxx.supabase.co
SUPABASE_JWT_SECRET=your-jwt-secret-here
SUPABASE_ANON_KEY=eyJhbGciOi...
SUPABASE_SERVICE_ROLE_KEY=eyJhbGciOi...

# Server
SERVER_PORT=8080
FRONTEND_URL=http://localhost:5173
ENVIRONMENT=development

# Database — provisioned automatically by Docker Compose
DB_DRIVER=postgres
DB_HOST=postgres
DB_PORT=5432
DB_NAME=infraudit
DB_USER=infraudit
DB_PASSWORD=change-me-production-password
DB_SSLMODE=disable

# Credential encryption — generate with: openssl rand -hex 32
ENCRYPTION_KEY=change-me-32-byte-random-string-here

# Optional: AI recommendations
GEMINI_API_KEY=

# Optional: Slack notifications
SLACK_WEBHOOK_URL=
You must change two values before any real deployment:
  • ENCRYPTION_KEY — encrypts all cloud provider credentials stored in Postgres. Generate a secure value with openssl rand -hex 32. Never use the placeholder.
  • DB_PASSWORD — the default is publicly known. Change it before exposing the deployment to any network.
For the full list of configurable variables, see the Configuration reference.

Step 3: Start the stack

docker compose up -d
This starts four containers:
ContainerPortPurpose
api8080InfraAudit Go backend
postgres5432Primary database
redis6379Cache layer
frontend5173React web UI
Watch the API logs until it reports ready: 
docker compose logs -f api
You should see: 
api_1  | InfraAudit API starting on :8080
api_1  | Database connected (postgres)
api_1  | Redis connected
api_1  | Supabase auth configured
If the API exits immediately with SUPABASE_JWT_SECRET is required, the Supabase values in .env are missing or incorrect.

Step 4: Verify the deployment

Run the health checks: 
curl http://localhost:8080/healthz
# {"status":"ok"}

curl http://localhost:8080/readyz
# {"status":"ready","database":"ok","redis":"ok"}
Then open http://localhost:5173 in your browser and sign up.

Optional: enable monitoring

Add Prometheus and Grafana with the monitoring profile: 
docker compose --profile monitoring up -d
ContainerPortPurpose
prometheus9090Metrics scraper
grafana3000Dashboard UI
Grafana starts with a pre-built InfraAudit dashboard. Log in with admin / admin and change the password on first login.

Managing the stack

# Stop without removing volumes (data is preserved)
docker compose down

Updating to a new version

Pull the latest images and restart: 
docker compose pull
docker compose up -d
The API runs any pending database migrations automatically on startup. See Upgrades for details on what to check before pulling a new version.

Production considerations

Before exposing your deployment to the internet:
  • Place a reverse proxy (nginx, Caddy) in front of port 8080 to terminate TLS.
  • Set ENVIRONMENT=production — this disables the Swagger UI and debug endpoints.
  • Set ALLOWED_ORIGINS to your frontend domain instead of the default *.
  • Store secrets in environment variables or a secrets manager rather than the .env file.
  • Read Secrets and encryption before going live.