Skip to content
Probo Logo Probo Documentation

Docker Compose Deployment

Docker Compose provides the simplest way to deploy Probo with all required services on a single server. This deployment method is ideal for:

  • Small to medium organizations
  • Development and testing environments
  • Single-server production deployments
  • Quick proof-of-concept setups

Prerequisites

Section titled “Prerequisites”
  • Docker 20.10+
  • Docker Compose 2.0+
  • 4 GB RAM minimum
  • 20 GB storage space

Quick Start

Section titled “Quick Start”

  1. Download the production compose file:

    Terminal window
    curl -o compose.prod.yaml https://raw.githubusercontent.com/getprobo/probo/main/compose.prod.yaml

  2. Generate required secrets:

    Terminal window
    export PROBOD_ENCRYPTION_KEY=$(openssl rand -base64 32)
    export AUTH_COOKIE_SECRET=$(openssl rand -base64 32)
    export AUTH_PASSWORD_PEPPER=$(openssl rand -base64 32)
    export TRUST_AUTH_TOKEN_SECRET=$(openssl rand -base64 32)

  3. Create environment file:

    Terminal window
    cat > .env << EOF
    # Required secrets
    PROBOD_ENCRYPTION_KEY=${PROBOD_ENCRYPTION_KEY}
    AUTH_COOKIE_SECRET=${AUTH_COOKIE_SECRET}
    AUTH_PASSWORD_PEPPER=${AUTH_PASSWORD_PEPPER}
    TRUST_AUTH_TOKEN_SECRET=${TRUST_AUTH_TOKEN_SECRET}
    

    # Application settings
    PROBOD_BASE_URL=https://your-domain.com
    API_ADDR=0.0.0.0:8080
    API_CORS_ALLOWED_ORIGINS=https://your-domain.com
    

    # Email settings (configure your SMTP)
    SMTP_ADDR=smtp.example.com:587
    SMTP_TLS_REQUIRED=true
    [email protected]
    EOF

  4. Start the services:

    Terminal window
    docker compose -f compose.prod.yaml up -d

  5. Verify deployment:

    Terminal window
    # Check service health
    curl http://localhost:8080/health
    # View logs
    docker compose -f compose.prod.yaml logs -f probo

Production Configuration

Section titled “Production Configuration”

TLS/SSL Setup

Section titled “TLS/SSL Setup”

For production, configure TLS certificates:

docker-compose.override.yml
services:
  probo:
    environment:
      PROBOD_BASE_URL: "https://your-domain.com"
    volumes:
      - "/path/to/ssl/cert.pem:/etc/ssl/cert.pem:ro"
      - "/path/to/ssl/key.pem:/etc/ssl/key.pem:ro"

External Database

Section titled “External Database”

To use an external PostgreSQL database:

docker-compose.override.yml
services:
  probo:
    environment:
      PG_ADDR: "your-db-host:5432"
      PG_USERNAME: "probod"
      PG_PASSWORD: "your-secure-password"
      PG_DATABASE: "probod"
    depends_on: []


# Remove the postgres service
postgres:
  deploy:
    replicas: 0

External S3 Storage

Section titled “External S3 Storage”

To use AWS S3 or another S3-compatible service:

docker-compose.override.yml
services:
  probo:
    environment:
      AWS_REGION: "us-east-1"
      AWS_BUCKET: "your-probo-bucket"
      AWS_ACCESS_KEY_ID: "your-access-key"
      AWS_SECRET_ACCESS_KEY: "your-secret-key"
      # Remove AWS_ENDPOINT for AWS S3
      # AWS_ENDPOINT: ""


# Remove MinIO service
minio:
  deploy:
    replicas: 0

Service Architecture

Section titled “Service Architecture”

The Docker Compose deployment includes:

Core Services

Section titled “Core Services”
  • probo - Main application (ports 8080, 8081, 8443)
  • postgres - PostgreSQL database (port 5432)
  • minio - S3-compatible storage (ports 9000, 9001)
  • chrome - PDF generation service (port 9222)

Networking

Section titled “Networking”

Services communicate over a dedicated Docker network with automatic service discovery.

Data Persistence

Section titled “Data Persistence”
  • probo-data - Application data and uploads
  • postgres-data - Database files
  • minio-data - Object storage files

Load Balancer Setup

Section titled “Load Balancer Setup”

For high availability, place Probo behind a load balancer:

Nginx Configuration

Section titled “Nginx Configuration”
upstream probo {
    server 127.0.0.1:8080;
    # Add more servers for HA
    # server 127.0.0.1:8081;
}


server {
    listen 443 ssl http2;
    server_name your-domain.com;


    ssl_certificate /path/to/cert.pem;
    ssl_certificate_key /path/to/key.pem;


    location / {
        proxy_pass http://probo;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}

HAProxy Configuration

Section titled “HAProxy Configuration”
global
    log stdout local0
    chroot /var/lib/haproxy
    stats socket /run/haproxy/admin.sock mode 660


defaults
    mode http
    timeout connect 5000ms
    timeout client 50000ms
    timeout server 50000ms


frontend probo_frontend
    bind *:443 ssl crt /path/to/cert.pem
    redirect scheme https if !{ ssl_fc }
    default_backend probo_backend


backend probo_backend
    balance roundrobin
    server probo1 127.0.0.1:8080 check
    # Add more servers for HA
    # server probo2 127.0.0.1:8081 check

Monitoring

Section titled “Monitoring”

Health Checks

Section titled “Health Checks”
Terminal window
# Application health
curl http://localhost:8080/health


# Metrics endpoint
curl http://localhost:8081/metrics


# Database connectivity
docker compose exec postgres pg_isready -U postgres


# MinIO health
curl http://localhost:9000/minio/health/live

Log Management

Section titled “Log Management”
Terminal window
# View all service logs
docker compose -f compose.prod.yaml logs -f


# Specific service logs
docker compose -f compose.prod.yaml logs -f probo
docker compose -f compose.prod.yaml logs -f postgres


# Configure log rotation
docker compose -f compose.prod.yaml logs --follow --tail=100

Backup and Recovery

Section titled “Backup and Recovery”

Database Backup

Section titled “Database Backup”
Terminal window
# Create backup
docker compose exec postgres pg_dump -U postgres probod > backup.sql


# Restore backup
docker compose exec -T postgres psql -U postgres probod < backup.sql

File Storage Backup

Section titled “File Storage Backup”
Terminal window
# Backup MinIO data
docker run --rm -v probo_minio-data:/data -v $(pwd):/backup alpine \
  tar czf /backup/minio-backup.tar.gz -C /data .


# Restore MinIO data
docker run --rm -v probo_minio-data:/data -v $(pwd):/backup alpine \
  tar xzf /backup/minio-backup.tar.gz -C /data

Troubleshooting

Section titled “Troubleshooting”

Common Issues

Section titled “Common Issues”

  1. Port conflicts:

    Terminal window
    # Check port usage
    netstat -tulpn | grep :8080
    

    # Change ports in compose file
    ports:
      - "8081:8080"  # Use different host port

  2. Database connection errors:

    Terminal window
    # Check database logs
    docker compose logs postgres
    

    # Test connection
    docker compose exec probo pg_isready -h postgres -U postgres

  3. File permission issues:

    Terminal window
    # Fix volume permissions
    sudo chown -R 999:999 postgres-data/

Performance Tuning

Section titled “Performance Tuning”

For better performance, adjust resource limits:

docker-compose.override.yml
services:
  probo:
    deploy:
      resources:
        limits:
          cpus: "2.0"
          memory: 4G
        reservations:
          cpus: "1.0"
          memory: 2G


  postgres:
    deploy:
      resources:
        limits:
          cpus: "2.0"
          memory: 4G

Security Considerations

Section titled “Security Considerations”
  1. Use strong secrets - Generate cryptographically secure secrets
  2. Enable TLS - Always use HTTPS in production
  3. Network isolation - Use Docker networks to isolate services
  4. Regular updates - Keep Docker images updated
  5. Backup encryption - Encrypt backups at rest and in transit

Upgrading

Section titled “Upgrading”
Terminal window
# Pull latest images
docker compose -f compose.prod.yaml pull


# Restart services with new images
docker compose -f compose.prod.yaml up -d


# Check logs for any issues
docker compose -f compose.prod.yaml logs -f probo