Skip to content

Docker AIO - Commercial Edition #137

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 6 commits into from
Oct 13, 2025
Merged

Docker AIO - Commercial Edition #137

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
1be1d49
Docker AIO
danciaclara Aug 6, 2025
76f3d29
Added the Docker page
danciaclara Aug 6, 2025
668c28a
esolved merge conflicts
danciaclara Oct 13, 2025
e87ded9
review fixes
danciaclara Oct 13, 2025
62b25c2
fixed sidebar nav
danciaclara Oct 13, 2025
b5cadd1
minor fixes
danciaclara Oct 13, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion mint.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -68,6 +68,7 @@
"group": "Install",
"pages": [
"self-hosting/methods/docker-compose",
"self-hosting/methods/docker-aio",
"self-hosting/methods/docker-swarm",
"self-hosting/methods/kubernetes",
"self-hosting/methods/coolify",
Expand All @@ -79,7 +80,6 @@
"self-hosting/methods/airgapped-edition-kubernetes"
]
},

"self-hosting/methods/podman-quadlets"
]
},
Expand Down
189 changes: 189 additions & 0 deletions self-hosting/methods/docker-aio.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,189 @@
---
title: Docker AIO (All-in-One) • Commercial Edition
sidebarTitle: Docker AIO
---

The Plane Commercial All-in-One (AIO) Docker image packages all Plane services into a single container, making it the fastest way to get Plane running.

## What's included

Your single AIO container includes all these services running together:

- **Web App** - The main Plane web interface you'll use
- **Space** - Public project spaces for external collaboration
- **Admin** - Administrative interface
- **API Server** - Backend API
- **Live Server** - Real-time collaboration features
- **Silo** - Integration services
- **Monitor** - Feature flags and payments
- **Email Server** - SMTP server for notifications
- **Proxy** (Port 80, 20025, 20465, 20587) - Caddy reverse proxy
- **Worker and Beat Worker** - Background task processing

### Port Mapping

The following ports are exposed:
- `80`: Main web interface (HTTP)
- `443`: HTTPS (if SSL configured)
- `20025`: SMTP port 25
- `20465`: SMTP port 465 (SSL/TLS)
- `20587`: SMTP port 587 (STARTTLS)

## Prerequisites

- [Docker](https://docs.docker.com/engine/)
- Set up these external services:
- *PostgreSQL*
For data storage
- *Redis*
For caching and session management
- *RabbitMQ*
For message queuing
- *S3-compatible storage*
For file uploads (AWS S3 or MinIO)

## Install Plane

1. Download the image with:
```bash
docker pull artifacts.plane.so/makeplane/plane-aio-commercial:stable
```

2. Run the following command to deploy the Plane AIO container. Make sure to replace all placeholder values (e.g., `your-domain.com`, `user:pass`) with your actual configuration.

<Warning>
All environment variables are required for the container to function correctly.
</Warning>

```bash
docker run --name plane-aio --rm -it \
-p 80:80 \
-p 20025:20025 \
-p 20465:20465 \
-p 20587:20587 \
-e DOMAIN_NAME=your-domain.com \
Comment on lines +59 to +64
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

Publish HTTPS port 443 in run examples

You list HTTPS in Port Mapping but don’t publish 443; users can’t terminate TLS. Add 443 to both examples.

 docker run --name plane-aio --rm -it \
-    -p 80:80 \
+    -p 80:80 \
+    -p 443:443 \
     -p 20025:20025 \
     -p 20465:20465 \
     -p 20587:20587 \
 docker run --name myaio --rm -it \
- -p 80:80 \
+ -p 80:80 \
+ -p 443:443 \
  -p 20025:20025 \
  -p 20465:20465 \
  -p 20587:20587 \

Also applies to: 80-84

🤖 Prompt for AI Agents 
In self-hosting/methods/docker-aio.mdx around lines 59 to 64, the docker run
example maps HTTP and other ports but omits publishing HTTPS port 443,
preventing TLS termination; modify both run examples (lines 59-64 and also
80-84) to include "-p 443:443" in the docker run command so the container can
accept inbound HTTPS traffic.

-e DATABASE_URL=postgresql://user:pass@host:port/database \
-e REDIS_URL=redis://host:port \
-e AMQP_URL=amqp://user:pass@host:port/vhost \
-e AWS_REGION=us-east-1 \
-e AWS_ACCESS_KEY_ID=your-access-key \
-e AWS_SECRET_ACCESS_KEY=your-secret-key \
-e AWS_S3_BUCKET_NAME=your-bucket \
artifacts.plane.so/makeplane/plane-aio-commercial:stable
```

If you're running on an IP address, use this example:

```bash
MYIP=192.168.68.169
docker run --name myaio --rm -it \
-p 80:80 \
-p 20025:20025 \
-p 20465:20465 \
-p 20587:20587 \
-e DOMAIN_NAME=${MYIP} \
-e DATABASE_URL=postgresql://plane:plane@${MYIP}:15432/plane \
-e REDIS_URL=redis://${MYIP}:16379 \
-e AMQP_URL=amqp://plane:plane@${MYIP}:15673/plane \
-e AWS_REGION=us-east-1 \
-e AWS_ACCESS_KEY_ID=<YOUR_AWS_ACCESS_KEY_ID> \
-e AWS_SECRET_ACCESS_KEY=<YOUR_AWS_SECRET_ACCESS_KEY> \
-e AWS_S3_BUCKET_NAME=plane-app \
-e AWS_S3_ENDPOINT_URL=http://${MYIP}:19000 \
-e FILE_SIZE_LIMIT=10485760 \
artifacts.plane.so/makeplane/plane-aio-commercial:stable
```

2. Once it's running, you can access the Plane application on the domain you provided during the deployment.
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟡 Minor

Fix step numbering (2 → 3)

Minor numbering issue.

-2. Once it's running, you can access the Plane application on the domain you provided during the deployment.
+3. Once it's running, you can access the Plane application on the domain you provided during the deployment.
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
2. Once it's running, you can access the Plane application on the domain you provided during the deployment.
3. Once it's running, you can access the Plane application on the domain you provided during the deployment.
🤖 Prompt for AI Agents 
In self-hosting/methods/docker-aio.mdx around line 97, the ordered step is
misnumbered as "2" but should be "3"; update the step number to "3" to maintain
correct sequence in the instructions.


## Volume mounts

### Recommended persistent volumes
```bash
-v /path/to/logs:/app/logs \
-v /path/to/data:/app/data
```

### Workspace license DB
```bash
-v /path/to/monitordb:/app/monitor
```

### SSL certificate support
For HTTPS support, mount certificates:
```bash
-v /path/to/certs:/app/email/tls
```

## Environment variables (optional)

### Network and Protocol
- `SITE_ADDRESS`: Server bind address (default: `:80`)
- `APP_PROTOCOL`: Protocol to use (`http` or `https`, default: `http`)

### Email configuration
- `INTAKE_EMAIL_DOMAIN`: Domain for intake emails (default: `intake.<DOMAIN_NAME>`)
- `LISTEN_SMTP_PORT_25`: SMTP port 25 mapping (default: `20025`)
- `LISTEN_SMTP_PORT_465`: SMTP port 465 mapping (default: `20465`)
- `LISTEN_SMTP_PORT_587`: SMTP port 587 mapping (default: `20587`)
- `SMTP_DOMAIN`: SMTP server domain (default: `0.0.0.0`)
- `TLS_CERT_PATH`: Path to TLS certificate file (optional)
- `TLS_PRIV_KEY_PATH`: Path to TLS private key file (optional)

### Security and secrets
- `MACHINE_SIGNATURE`: Unique machine identifier (auto-generated if not provided)
- `SECRET_KEY`: Django secret key (default provided)
- `SILO_HMAC_SECRET_KEY`: Silo HMAC secret (default provided)
- `AES_SECRET_KEY`: AES encryption key (default provided)
- `LIVE_SERVER_SECRET_KEY`: Live server secret (default provided)

### File handling
- `FILE_SIZE_LIMIT`: Maximum file upload size in bytes (default: `5242880` = 5MB)

### Integration callbacks
- `INTEGRATION_CALLBACK_BASE_URL`: Base URL for OAuth callbacks

### API configuration
- `API_KEY_RATE_LIMIT`: API key rate limit (default: `60/minute`)

### Third-party integrations
- `GITHUB_CLIENT_ID`, `GITHUB_CLIENT_SECRET`: GitHub integration
- `GITHUB_APP_NAME`, `GITHUB_APP_ID`, `GITHUB_PRIVATE_KEY`: GitHub App integration
- `SLACK_CLIENT_ID`, `SLACK_CLIENT_SECRET`: Slack integration
- `GITLAB_CLIENT_ID`, `GITLAB_CLIENT_SECRET`: GitLab integration

## Build the image

To build the AIO image yourself:

```bash
cd deploy/aio/commercial
./build.sh --release=v1.11.1
```

Available build options:
- `--release`: Plane version to build (required)
- `--image-name`: Custom image name (default: `plane-aio-commercial`)

## Troubleshoot
The container will validate required environment variables on startup and display helpful error messages if any are missing.

### Logs
All service logs are available in `/app/logs/`:
- Access logs: `/app/logs/access/`
- Error logs: `/app/logs/error/`

### Health checks
The container runs multiple services managed by Supervisor. Check service status:
```bash
docker exec -it <container-name> supervisorctl status
```

## Production considerations

- Use proper SSL certificates for HTTPS
- Configure proper backup strategies for data
- Monitor resource usage and scale accordingly
- Use external load balancer for high availability
- Regularly update to latest versions
- Secure your environment variables and secrets