Deployment

Self-Hosting Guide

A planned guide for running a hosted Dits server on your own infrastructure, intended to give you complete control over your data, security, and customization.

Important

Planned — not yet available.There is no Dits server to self-host today. The server binary, storage service, and the container images referenced below are part of the roadmap and have not been built. Dits today is a local-first Rust CLI — install it with npm install -g @byronwade/dits. Treat this page as a design sketch of the intended architecture, not as working deployment instructions. Do not depend on it yet.

Full Data Sovereignty

Self-hosting is intended to give you complete control over your data and compliance with any regulatory requirements.

Why Self-Host?

Security & Privacy

Complete data ownership
Custom security policies
Air-gapped networks
Regulatory compliance

Customization

Custom integrations
Modified workflows
Branding options
Feature flags

Infrastructure Control

Choose your hardware
Storage optimization
Network configuration
Cost management

System Requirements

Component	Minimum	Recommended
CPU	4 cores	8+ cores
RAM	8 GB	32+ GB
Storage	100 GB SSD	1+ TB NVMe
Network	100 Mbps	1+ Gbps
OS	Linux (Ubuntu 22.04, Debian 12, RHEL 9)

Installation Methods

Docker (Recommended)

Fastest and easiest deployment method

Use Docker Compose for quick setup with all dependencies included.

View Docker deployment guide →

Binary Installation

Direct installation without containers

# Download latest release
curl -LO https://releases.dits.io/latest/dits-server

# Make executable
chmod +x dits-server

# Run server
./dits-server --config /etc/dits/config.toml

Configuration

Server Configuration File

# /etc/dits/config.toml

[server]
host = "0.0.0.0"
port = 8080
tls_cert = "/etc/dits/ssl/cert.pem"
tls_key = "/etc/dits/ssl/key.pem"

[database]
url = "postgres://dits:password@localhost:5432/dits"
max_connections = 50
ssl_mode = "require"

[storage]
type = "local"
path = "/var/lib/dits/chunks"
# Or use S3-compatible storage:
# type = "s3"
# bucket = "dits-chunks"
# region = "us-east-1"

[cache]
type = "redis"
url = "redis://localhost:6379"
size = "4GB"

[auth]
jwt_secret = "your-secure-secret"
token_expiry = "24h"

[logging]
level = "info"
format = "json"
output = "/var/log/dits/server.log"

Security Hardening

Recommended Security Measures

Network Security

Enable TLS 1.3 for all connections
Use firewall to restrict access
Set up VPN for admin access
Enable rate limiting

System Security

Run as non-root user
Enable SELinux/AppArmor
Keep system updated
Use encrypted storage

Systemd Service

# /etc/systemd/system/dits.service

[Unit]
Description=Dits Server
After=network.target postgresql.service redis.service

[Service]
Type=simple
User=dits
Group=dits
ExecStart=/usr/local/bin/dits-server --config /etc/dits/config.toml
Restart=always
RestartSec=5
LimitNOFILE=65535

[Install]
WantedBy=multi-user.target

# Enable and start service
sudo systemctl daemon-reload
sudo systemctl enable dits
sudo systemctl start dits

# Check status
sudo systemctl status dits

Backup Strategy

Database Backup

# Daily database backup
pg_dump -U dits dits | gzip > \
  /backups/db-$(date +%Y%m%d).sql.gz

# Point-in-time recovery
# Configure WAL archiving in postgresql.conf

Chunk Storage Backup

# Incremental backup with rsync
rsync -avz --delete \
  /var/lib/dits/chunks/ \
  backup-server:/backups/chunks/

# Or use deduplicating backup
restic backup /var/lib/dits/chunks

Need Help?

See our troubleshooting guide for common issues, or join the community for support.