Self-Hosting with No SSL Certificate

Updated March 07, 2025 18:26

The following is a guide for setting up Hudu with no SSL certificate. We only recommend this option if the server is going to be used without outside internet access, and will be accessible only on an internal network.

If you are looking to use a free SSL certificate that auto-renews for you, or a custom SSL certificate, you may want to read this article for alternative options: Getting Started with Hudu Self-Hosted.

Prerequisites

In order to self-host Hudu, you will need:

Server with at least 4GB memory and at least 1 CPU (as long as there is no contention), with Ubuntu (20.04, 22.04 or 24.04) as the OS.
SMTP server for sending outgoing mail.

Instructions

SSH into the server you are wishing to host Hudu on.
Install Docker CE on the server. Setup instructions can be found here.
- Do not use SNAP to install Docker - this will cause issues later on.
Create a blank directory named hudu2 on the home directory. On Ubuntu, you can do this by typing: mkdir ~/hudu2
Move into the directory. On Ubuntu: cd ~/hudu2

Place a file named docker-compose.yml in the directory.

Expand to copy content for docker-compose.yml file

volumes:  
  postgres_data: {}
  app_data: {}
  redis_data: {}
services:
  db:    
    image: 'postgres:16.2-alpine'    
    volumes:      
      - postgres_data:/var/lib/postgresql/data
    env_file:
      - '.env'
    logging:
      driver: "json-file"
      options:
          max-file: "5"
          max-size: "10m"
    restart: unless-stopped
  redis:
    image: 'redis:latest'
    command: redis-server
    volumes:
      - redis_data:/var/lib/redis/data
    restart: unless-stopped
  app:    
    image: hududocker/hudu:latest
    env_file:
      - '.env'
    volumes:
      - app_data:/var/www/hudu2/public/uploads/
      - app_data:/var/www/hudu2/uploads/      
      - app_data:/var/lib/app/data
    depends_on:      
      - db
      - redis
    logging:
      driver: "json-file"
      options:
          max-file: "5"
          max-size: "100m"
    restart: unless-stopped
  worker:
    depends_on:
      - db
      - redis
    image: hududocker/hudu:latest
    command: bundle exec sidekiq -C config/sidekiq.yml
    volumes:
      - app_data:/var/www/hudu2/public/uploads/
      - app_data:/var/www/hudu2/uploads/
      - '.:/app'
    env_file:
      - '.env'
    logging:
      driver: "json-file"
      options:
          max-file: "5"
          max-size: "100m"
    restart: unless-stopped
  nginx:
    image: lscr.io/linuxserver/nginx
    container_name: nginx
    cap_add:
      - NET_ADMIN
    env_file: 
      - '.env'
    depends_on:
      - app
    volumes:
      - /var/www/hudu2/config:/config
    ports: 
      - 80:80
      - 443:443
    restart: unless-stopped

Already have a production environment and want to update your docker-compose.yml file? Please visit our Upgrade Postgres in a Production Environment article for more information!

Place a file named .env in the directory. The contents need to be generated with our config generator: here.
Add DISABLE_SSL=true to the .env file and save.

It is critical that you store an exact copy of the .env file in a secure location. Your encryption and secure keys are located in this file, and you can lose access to passwords and more if this file is lost.

When both files are residing within the directory, run the command: sudo docker compose up -d to start your Hudu instance.
Now, run: sudo docker compose down to stop your Hudu instance.
Create a file called: /var/www/hudu2/config/nginx/proxy.conf with the contents of this file.
Navigate to /var/www/hudu2/config/nginx/site-confs/. With Ubuntu, you can do this by typing: cd /var/www/hudu2/config/nginx/site-confs/

Edit the file named default.conf and replace ALL of the contents with this file named default:

Expand to copy the content for the default.conf file

## Version 2/25/2022 - Changelog: Default file for no-ssl

# redirect all traffic to https
server {
  listen 80 default_server;
  listen [::]:80 default_server;
  server_name _;

  root   /var/www/hudu2/public;
  index  index.html;

  location ~ /\. {
    deny all;
 }
  location ~* ^.+\.(rb|log)$ {
    deny all;
  }
  location /cable {        
      proxy_pass http://app:3000/cable;       
	  proxy_http_version 1.1;      
	  proxy_set_header Upgrade $http_upgrade;        
	  proxy_set_header Connection "upgrade";        
	  proxy_set_header Host $host;        
	  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;         
	  proxy_read_timeout 240s;    
	  proxy_send_timeout 240s;         
	  proxy_set_header X-Forwarded-Proto $scheme;        
	  proxy_set_header X-Real-IP $remote_addr;        
	  proxy_pass_request_headers on;        
	  proxy_buffering off;        
	  proxy_redirect off;        
	  break;    
  }
  # send non-static file requests to the app server
  location / {
    try_files $uri @rails;
  }

  location @rails {
    include /config/nginx/proxy.conf;
    proxy_pass http://app:3000;
  }

}

# enable subdomain method reverse proxy confs
include /config/nginx/proxy-confs/*.subdomain.conf;
# enable proxy cache for auth
proxy_cache_path cache/ keys_zone=auth_cache:10m;

Navigate back to the hudu2 folder. On Ubuntu: cd ~/hudu2
Start the instance again: sudo docker compose up -d
Your Hudu should now be up and running! Visit your domain to confirm. If you see a Hudu sign-up screen, it's successful. Head over to the Hudu HQ Billing Portal for a license key.
If you don't see this screen, contact support, and please provide logs: sudo docker compose logs
- Please paste these into something like Pastebin.com