Self-Hosting Arivu

Arivu ships a dedicated self-hosted compose file that runs only the application: frontend, backend, MongoDB, and Redis. No marketing site, no blog, no extra containers.

What You Will Run

The frontend nginx serves the React SPA and proxies /api/* to the backend. Hitting / redirects to /auth (or /dashboard if already logged in).

Prerequisites

• Linux VM or bare-metal host with Docker Engine and Docker Compose
• 2 vCPU / 4 GB RAM minimum (recommended: 4 vCPU / 8 GB RAM)
• DNS name pointed to your host (for production)
• TLS termination through a reverse proxy or edge provider (e.g., Cloudflare, Caddy, Traefik)
• Gemini API key for AI features

1. Clone and Configure

git clone https://github.com/glnarayanan/arivu.git arivu-app
cd arivu-app
cp .env.example .env

Edit .env with your values:

# Required
SECRET_KEY=<generate with: openssl rand -hex 32>
GEMINI_API_KEY=your_gemini_api_key

# Recommended
MONGO_ROOT_PASSWORD=strong_random_password
APP_URL=https://your-domain.example
CORS_ORIGINS=https://your-domain.example
ADMIN_EMAILS=your-email@example.com

See Environment Variables for the full reference.

2. Start the Stack

docker compose -f docker-compose.selfhosted.yml up -d --build

Verify all containers are healthy:

docker compose -f docker-compose.selfhosted.yml ps

3. Verify

• http://<host>/ → redirects to /auth
• http://<host>/auth → sign up / sign in page
• http://<host>/api/health → {"status": "healthy"}

Create your account, then set SIGNUPS_ENABLED=false in .env and restart backend if you want invite-only mode.

4. Optional: CLI-First Local Workflow

For local self-hosted use, the Arivu CLI can start the full Docker Compose stack and create a local profile automatically.

cd backend
pip install -r requirements.txt
pip install -e .
cd ..

arivu local up
arivu local status
arivu auth login --profile local
arivu save https://example.com/article

Requirements:

• Run arivu local up from inside an Arivu repo checkout.
• Keep the root docker-compose.yml in place.
• Create the root .env before startup.
• Use a real 32+ character SECRET_KEY.
• Create the user account in the web app before CLI login.

See Command Line Interface for profiles, imports, preview, graph, and resurfacing commands.

5. Admin Access

Set ADMIN_EMAILS in .env to your account email. After logging in, navigate to Settings → API Keys to configure Gemini, X, and Resend credentials through the web UI instead of editing .env.

6. Enable X Integration (Optional)

X_INTEGRATION_ENABLED=true
X_CLIENT_ID=your_x_client_id
X_CLIENT_SECRET=your_x_client_secret

Then restart:

docker compose -f docker-compose.selfhosted.yml up -d backend

See X Bookmarks Integration for OAuth app setup details.

7. Backups

Persistent volumes:

• mongodb_data - all application data
• mongodb_config - MongoDB configuration

Before upgrades, snapshot the MongoDB volume and your .env file.

Upgrade Workflow

git fetch --all
git pull
docker compose -f docker-compose.selfhosted.yml up -d --build

Post-upgrade checks:

• Login/logout works
• New bookmark saves and AI summary completes
• /api/health returns healthy

Security Checklist

• Use HTTPS in production (TLS termination in front of the frontend container)
• Use a strong SECRET_KEY (minimum 32 characters)
• Change default MONGO_ROOT_PASSWORD
• Restrict CORS_ORIGINS to your domain
• Keep MongoDB and Redis ports unexposed (the compose file only exposes port 80)
• Keep Docker host and images patched

Full-Stack Deployment (with Marketing Site)

If you want the landing page, blog, and documentation site alongside the app, use the full production compose file instead:

docker compose -f docker-compose.prod.yml up -d --build

This adds the marketing container as the entry point on port 80 and proxies app routes to the frontend.