Skip to main content
Find how to deploy Packmind using Docker Compose or Kubernetes, and how to customize the setup. For comprehensive information about security, data ownership, and privacy in self-hosted deployments, please see Security & Privacy (Self-Hosted).

With Docker Compose

For Linux and MacOS users, run this script to create a ./packmind folder with a Docker Compose setup inside: 
mkdir packmind && \
cd packmind && \
curl -fsSL -o install.sh https://raw.githubusercontent.com/PackmindHub/packmind/refs/heads/main/dockerfile/prod/setup-packmind-compose.sh && \
chmod +x install.sh && \
./install.sh
Once this command is executed, Packmind is now available at http://localhost:8081/, and you can start using it right away. Update later with docker compose pull && docker compose up -d.

With Helm on Kubernetes

Get started on the Helm Chart GitHub repository to deploy Packmind on Kubernetes.

Connect your LLM (Optional but important)

Connecting a LLM offers a better experience when distributing your standards and commands in your Git Repositories, while it’s not mandatory and you can use Packmind without this. OpenAI is the only currently supported AI Provider. If you use Docker Compose, you’ll have to update the docker-compose.yml file. 
x-openai-config: &openai-config
  OPENAI_API_KEY: <YOUR_KEY>
Restart then with: 
docker compose up -d

Add custom CA certificates (Docker Compose)

If your infrastructure uses self-signed certificates or custom Certificate Authorities (CA), you can configure Packmind to trust them:
  1. Create a certs directory next to your docker-compose.yml: 
    mkdir certs
  2. Place your CA certificate(s) in PEM format as certs/ca-bundle.pem: 
    # For a single certificate
cp your-ca-cert.pem certs/ca-bundle.pem

# For multiple certificates, combine them
cat cert1.pem cert2.pem > certs/ca-bundle.pem
  3. Edit docker-compose.yml and uncomment the certificate lines in both api and mcp-server services: 
    api:
  environment:
    NODE_EXTRA_CA_CERTS: /ca-certs/ca-bundle.pem # Uncomment this line
  volumes:
    - ./certs/ca-bundle.pem:/ca-certs/ca-bundle.pem:ro # Uncomment these 2 lines

mcp-server:
  environment:
    NODE_EXTRA_CA_CERTS: /ca-certs/ca-bundle.pem # Uncomment this line
  volumes:
    - ./certs/ca-bundle.pem:/ca-certs/ca-bundle.pem:ro # Uncomment these 2 lines
  4. Restart the services: 
    docker compose up -d

Configure deployment and environment variables

Override environment variables

With Docker Compose

You can override both api and mcp sections of the docker-compose.yaml file. Here is an example of how to add the SMTP_FROM variable to Docker Compose. 
  api:
    image: packmind/api:${PACKMIND_TAG:-latest}
    container_name: packmind-api
    ports:
      - '3000:3000'
    environment:
      <<: [*database-url, *redis-config, *openai-config]
      SMTP_FROM: username@acme.org

With Helm Chart

Follow the instructions on the Helm Chart GitHub repository on how the YAML values file.

List of Environment variables

Database Configuration:
  • DATABASE_URL️ - PostgreSQL database connection URL used by the API, TypeORM migrations, and data sources
Application URLs & CORS:
  • APP_WEB_URL - Base URL of the web application, used for generating links in password reset and invitation emails
  • CORS_ORIGINS - Comma-separated list of allowed origins for CORS (Cross-Origin Resource Sharing) configuration
Redis Configuration:
  • REDIS_URI - Full Redis connection URI used for caching and SSE (Server-Sent Events) client connections
SMTP Configuration:
  • SMTP_HOST - SMTP server hostname for sending emails
  • SMTP_PORT - SMTP server port number
  • SMTP_SECURE - Whether to use secure connection (TLS/SSL) for SMTP
  • SMTP_USER - Username for SMTP authentication
  • SMTP_PASSWORD - Password for SMTP authentication
  • SMTP_FROM - Default sender email address for outgoing emails
  • SMTP_IS_EXCHANGE_SERVER - Flag indicating if the SMTP server is a Microsoft Exchange server
Authentication & Security:
  • JWT_SECRET - Secret key used for signing and verifying JWT tokens for authentication
  • ENCRYPTION_KEY - Key used for encrypting sensitive data like password reset tokens, invitations, and git provider credentials
  • MAX_LOGIN_ATTEMPTS - Maximum number of failed login attempts before rate limiting is triggered (defaults to a configured value if not set)
  • LOGIN_BAN_TIME_SECONDS - Duration (in seconds) for which user will not be allow to try to login again.
API Integration:
  • OPENAI_API_KEY - API key for accessing OpenAI services for customizing standards and commands for AI Agents.
Rate Limiting:
  • RATE_LIMIT_MAX_REQUESTS - Maximum number of requests allowed within the rate limit time window (defaults to 100)
  • RATE_LIMIT_TIME_WINDOW - Time window in milliseconds for rate limiting (defaults to 60000ms / 1 minute)
Monitoring & Debugging:
  • PACKMIND_LOG_LEVEL - Log level for Packmind logger (e.g., ‘debug’, ‘info’, ‘warn’, ‘error’)