Self-Hosting
Configuration
Configure your self-hosted Quackback installation.
Configuration
Customize your self-hosted Quackback deployment with environment variables and settings.
Environment Variables
All configuration is done through environment variables in your .env file.
Core Settings
# Required
APP_URL=https://feedback.yourdomain.com
APP_SECRET=your-secret-key-at-least-32-chars
# Application name (appears in emails, titles)
APP_NAME=Quackback
# Environment
NODE_ENV=productionDatabase
# PostgreSQL connection string
DATABASE_URL=postgresql://user:password@localhost:5432/quackback
# Connection pool size (optional)
DATABASE_POOL_SIZE=20Email (SMTP)
# SMTP server settings
SMTP_HOST=smtp.yourdomain.com
SMTP_PORT=587
SMTP_SECURE=false
SMTP_USER=notifications@yourdomain.com
SMTP_PASSWORD=your-smtp-password
# From address for emails
SMTP_FROM="Quackback <notifications@yourdomain.com>"Redis (Optional)
Redis improves performance for caching and sessions:
REDIS_URL=redis://localhost:6379File Storage
For file uploads (logos, attachments):
# Local storage (default)
STORAGE_TYPE=local
STORAGE_PATH=./uploads
# S3-compatible storage
STORAGE_TYPE=s3
S3_BUCKET=your-bucket-name
S3_REGION=us-east-1
S3_ACCESS_KEY=your-access-key
S3_SECRET_KEY=your-secret-key
S3_ENDPOINT=https://s3.amazonaws.comAuthentication Providers
Google OAuth
GOOGLE_CLIENT_ID=your-client-id.apps.googleusercontent.com
GOOGLE_CLIENT_SECRET=your-client-secretGitHub OAuth
GITHUB_CLIENT_ID=your-client-id
GITHUB_CLIENT_SECRET=your-client-secretSAML/SSO
SAML_ENABLED=true
SAML_ISSUER=https://feedback.yourdomain.com
SAML_ENTRY_POINT=https://idp.yourdomain.com/sso
SAML_CERTIFICATE=your-idp-certificatePerformance Tuning
Worker Processes
# Number of worker processes
WORKERS=4Rate Limiting
# API rate limiting
RATE_LIMIT_WINDOW=60000
RATE_LIMIT_MAX=100Caching
# Cache TTL in seconds
CACHE_TTL=3600Security Settings
Session Security
# Session duration (in seconds)
SESSION_DURATION=604800 # 7 days
# Secure cookies (require HTTPS)
SECURE_COOKIES=trueCORS
# Allowed origins (comma-separated)
CORS_ORIGINS=https://yourdomain.com,https://app.yourdomain.comContent Security Policy
# Custom CSP header
CSP_DIRECTIVES="default-src 'self'; img-src 'self' data: https:;"Backups
Database Backups
Set up automated PostgreSQL backups:
# backup.sh
#!/bin/bash
BACKUP_DIR=/backups
DATE=$(date +%Y%m%d_%H%M%S)
docker compose exec -T db pg_dump -U quackback quackback > $BACKUP_DIR/backup_$DATE.sql
# Keep only last 7 days
find $BACKUP_DIR -name "backup_*.sql" -mtime +7 -deleteSchedule with cron:
0 2 * * * /path/to/backup.shFile Backups
If using local storage, back up the uploads directory:
tar -czf uploads_backup.tar.gz ./uploadsMonitoring
Health Check
Quackback exposes a health endpoint:
curl https://feedback.yourdomain.com/api/healthReturns:
{
"status": "healthy",
"database": "connected",
"cache": "connected"
}Logging
Configure log levels:
LOG_LEVEL=info # debug, info, warn, error
LOG_FORMAT=json # json or prettyView logs:
docker compose logs -f appMulti-Instance Deployment
For high availability, run multiple instances:
# docker-compose.yml
services:
app:
image: quackback/quackback
deploy:
replicas: 3Requirements for multi-instance:
- Shared Redis for sessions
- Shared storage (S3) for uploads
- Load balancer in front
Email Templates
Customize email templates by mounting a custom templates directory:
services:
app:
volumes:
- ./custom-templates:/app/templatesAdvanced Configuration
Custom Domains per Workspace
Enable workspace-level custom domains:
CUSTOM_DOMAINS_ENABLED=trueDisable Registration
Prevent new user signups:
REGISTRATION_ENABLED=falseMaintenance Mode
Put the application in maintenance mode:
MAINTENANCE_MODE=true
MAINTENANCE_MESSAGE="We're upgrading. Back soon!"Next: Updating