Оффлайн
- Регистрация
- 1 Мар 2015
- Сообщения
- 1,481
- Баллы
- 155
Infisical is a modern, open-source secret manager for developers — think self-hosted Doppler or Vault, but simpler and actually enjoyable to use.
In this guide, I’ll show you how to deploy Infisical using Docker on any Linux server (Ubuntu, Debian, etc.), configure your environment, and keep your setup online and secure with uptime monitoring.
Let’s go ?
? What You’ll Need
git clone
cd infisical/self-host
Step 2: Configure the .env File
Copy the example file:
cp .env.template .env
Edit values in .env to match your setup. At minimum, update:
NODE_ENV=production
ENCRYPTION_KEY=generate-strong-key
DATABASE_URL=postgresql://infisical:password@db:5432/infisical
You can generate a strong encryption key with:
openssl rand -hex 32
?️ Step 3: Set Up Docker Compose
Infisical includes a ready-to-use docker-compose.yml. Just run:
docker compose up -d
This launches:
After a few seconds, your instance should be available at:
or your custom domain.
? Step 4: Add HTTPS and a Domain (Optional)
Use a reverse proxy (Caddy, Nginx, Traefik) to expose Infisical securely:
Head to the web UI → sign up → create your first workspace.
Infisical lets you securely store .env variables, share secrets between team members, and integrate into CI/CD pipelines.
Step 6: Add Monitoring with Garmingo Status
Your secrets system is now live. But what happens when it goes down?
? Secret managers are core infra. Downtime = deploys break, apps crash, teams blocked.
Here’s how to make sure that never happens:
You’ll get:
?
? TL;DR
Managing secrets is serious business — treat it like core infrastructure.
?
In this guide, I’ll show you how to deploy Infisical using Docker on any Linux server (Ubuntu, Debian, etc.), configure your environment, and keep your setup online and secure with uptime monitoring.
Let’s go ?
? What You’ll Need
- A Linux server (Debian/Ubuntu preferred)
- Docker & Docker Compose installed
- A domain + SSL (optional but recommended)
- 10 minutes
git clone
cd infisical/self-host
Step 2: Configure the .env FileCopy the example file:
cp .env.template .env
Edit values in .env to match your setup. At minimum, update:
NODE_ENV=production
ENCRYPTION_KEY=generate-strong-key
DATABASE_URL=postgresql://infisical:password@db:5432/infisical
You can generate a strong encryption key with:
openssl rand -hex 32
?️ Step 3: Set Up Docker Compose
Infisical includes a ready-to-use docker-compose.yml. Just run:
docker compose up -d
This launches:
- The Infisical server
- A PostgreSQL database
- A Redis cache
After a few seconds, your instance should be available at:
or your custom domain.
? Step 4: Add HTTPS and a Domain (Optional)
Use a reverse proxy (Caddy, Nginx, Traefik) to expose Infisical securely:
- Point secrets.yourdomain.com to your VPS
- Use Let’s Encrypt for SSL
- Proxy port 8080 to HTTPS
Head to the web UI → sign up → create your first workspace.
Infisical lets you securely store .env variables, share secrets between team members, and integrate into CI/CD pipelines.
Step 6: Add Monitoring with Garmingo StatusYour secrets system is now live. But what happens when it goes down?
? Secret managers are core infra. Downtime = deploys break, apps crash, teams blocked.
Here’s how to make sure that never happens:
- Create a free account at
- Add a monitor for your Infisical URL ()
- Set alerting to Slack, Email, Telegram, Discord, or Webhooks
- (Optional) Create a private status page for internal visibility
You’ll get:
- Realtime alerts
- Incident logs
- SLA tracking
- Monthly uptime reports
- Peace of mind
?
? TL;DR
- Clone Infisical
- Configure .env + secrets
- ? Run with Docker
- ? Secure with HTTPS
- ? Monitor with Garmingo Status
Managing secrets is serious business — treat it like core infrastructure.
?