Skip to content
/ wakapi Public

πŸ“Š A minimalist, self-hosted WakaTime-compatible backend for coding statistics


Notifications You must be signed in to change notification settings


Repository files navigation

A minimalist, self-hosted WakaTime-compatible backend for coding statistics.

Installation instructions can be found below and in the Wiki.

πŸš€ Features

  • βœ… Free and open-source
  • βœ… Built by developers for developers
  • βœ… Statistics for projects, languages, editors, hosts and operating systems
  • βœ… Badges
  • βœ… Weekly E-Mail reports
  • βœ… REST API
  • βœ… Partially compatible with WakaTime
  • βœ… WakaTime integration
  • βœ… Support for Prometheus exports
  • βœ… Lightning fast
  • βœ… Self-hosted

⌨️ How to use?

There are different options for how to use Wakapi, ranging from our hosted cloud service to self-hosting it. Regardless of which option choose, you will always have to do the client setup in addition.

☁️ Option 1: Use

If you want to try out a free, hosted cloud service, all you need to do is create an account and then set up your client-side tooling (see below).

πŸ“¦ Option 2: Quick-run a release

$ curl -L | bash

Alternatively using eget:

$ eget muety/wakapi

🐳 Option 3: Use Docker

# Create a persistent volume
$ docker volume create wakapi-data

$ SALT="$(cat /dev/urandom | LC_ALL=C tr -dc 'a-zA-Z0-9' | fold -w ${1:-32} | head -n 1)"

# Run the container
$ docker run -d \
  -p 3000:3000 \
  -v wakapi-data:/data \
  --name wakapi \

Note: By default, SQLite is used as a database. To run Wakapi in Docker with MySQL or Postgres, see Dockerfile and config.default.yml for further options.

If you want to run Wakapi on Kubernetes, there is wakapi-helm-chart for quick and easy deployment.

πŸ§‘β€πŸ’» Option 4: Compile and run from source

# Build and install
# Alternatively: go build -o wakapi
$ go install

# Get default config and customize
$ curl -o wakapi.yml
$ vi wakapi.yml

# Run it
$ ./wakapi -config wakapi.yml

Note: Check the comments in config.yml for best practices regarding security configuration and more.

πŸ’‘ When running Wakapi standalone (without Docker), it is recommended to run it as a SystemD service.

πŸ’» Client setup

Wakapi relies on the open-source WakaTime client tools. In order to collect statistics for Wakapi, you need to set them up.

  1. Set up WakaTime for your specific IDE or editor. Please refer to the respective plugin guide
  2. Edit your local ~/.wakatime.cfg file as follows.

# Your Wakapi server URL or '' when using the cloud server
api_url = http://localhost:3000/api

# Your Wakapi API key (get it from the web interface after having created an account)
api_key = 406fe41f-6d69-4183-a4cc-121e0c524c2b

Optionally, you can set up a client-side proxy in addition.

πŸ”§ Configuration options

You can specify configuration options either via a config file (default: config.yml, customizable through the -c argument) or via environment variables. Here is an overview of all options.

YAML key / Env. variable Default Description
env /
dev Whether to use development- or production settings
app.leaderboard_enabled /
true Whether to enable the public leaderboard
app.leaderboard_scope /
7_days Aggregation interval for public leaderboard (see here for allowed values)
app.leaderboard_generation_time /
0 0 6 * * *,0 0 18 * * * One or multiple times of day at which to re-calculate the leaderboard
app.aggregation_time /
0 15 2 * * * Time of day at which to periodically run summary generation for all users
app.report_time_weekly /
0 0 18 * * 5 Week day and time at which to send e-mail reports
app.data_cleanup_time /
0 0 6 * * 0 When to perform data cleanup operations (see app.data_retention_months)
app.import_enabled /
true Whether data imports from WakaTime or other Wakapi instances are permitted
app.import_batch_size /
50 Size of batches of heartbeats to insert to the database during importing from external services
app.import_backoff_min /
5 "Cooldown" period in minutes before user may attempt another data import
app.import_max_rate /
24 Minimum number of hours to wait after a successful data import before user may attempt another one
app.inactive_days /
7 Number of days after which to consider a user inactive (only for metrics)
app.heartbeat_max_age /
4320h Maximum acceptable age of a heartbeat (see ParseDuration)
app.custom_languages - Map from file endings to language names
app.avatar_url_template /
(see config.default.yml) URL template for external user avatar images (e.g. from Dicebear or Gravatar)
app.date_format /
Mon, 02 Jan 2006 Go time format strings to format human-readable date (see Time.Format)
app.datetime_format /
Mon, 02 Jan 2006 15:04 Go time format strings to format human-readable datetime (see Time.Format)
app.support_contact /
WAKAPI_SUPPORT_CONTACT E-Mail address to display as a support contact on the page
app.data_retention_months /
-1 Maximum retention period in months for user data (heartbeats) (-1 for unlimited)
app.max_inactive_months /
12 Maximum number of inactive months after which to delete user accounts without data (-1 for unlimited)
server.port /
3000 Port to listen on
server.listen_ipv4 /
WAKAPI_LISTEN_IPV4 IPv4 network address to listen on (set to '-' to disable IPv4)
server.listen_ipv6 /
::1 IPv6 network address to listen on (set to '-' to disable IPv6)
server.listen_socket /
- UNIX socket to listen on (set to '-' to disable UNIX socket)
server.listen_socket_mode /
0666 Permission mode to create UNIX socket with
server.timeout_sec /
30 Request timeout in seconds
server.tls_cert_path /
- Path of SSL server certificate (leave blank to not use HTTPS)
server.tls_key_path /
- Path of SSL server private key (leave blank to not use HTTPS)
server.base_path /
/ Web base path (change when running behind a proxy under a sub-path)
server.public_url /
http://localhost:3000 URL at which your Wakapi instance can be found publicly
security.password_salt /
- Pepper to use for password hashing
security.insecure_cookies /
false Whether or not to allow cookies over HTTP
security.cookie_max_age /
172800 Lifetime of authentication cookies in seconds or 0 to use Session cookies
security.allow_signup /
true Whether to enable user registration
security.signup_captcha /
false Whether the registration form requires solving a CAPTCHA
security.invite_codes /
true Whether to enable registration by invite codes. Primarily useful if registration is disabled (invite-only server).
security.disable_frontpage /
false Whether to disable landing page (useful for personal instances)
security.expose_metrics /
false Whether to expose Prometheus metrics under /api/metrics
security.trusted_header_auth /
false Whether to enable trusted header authentication for reverse proxies (see #534). Use with caution!
security.trusted_header_auth_key /
Remote-User Header field for trusted header authentication. Caution: proxy must be configured to strip this header from client requests!
security.trust_reverse_proxy_ips /
- Comma-separated list IPv4 or IPv6 addresses of reverse proxies to trust to handle authentication.
security.signup_max_rate /
5/1h Rate limiting config for signup endpoint in format <max_req>/<multiplier><unit>, where unit is one of s, m or h.
security.login_max_rate /
10/1m Rate limiting config for login endpoint in format <max_req>/<multiplier><unit>, where unit is one of s, m or h.
security.password_reset_max_rate /
5/1h Rate limiting config for password reset endpoint in format <max_req>/<multiplier><unit>, where unit is one of s, m or h. /
- Database host
db.port /
- Database port
db.socket /
- Database UNIX socket (alternative to host) (for MySQL only)
db.user /
- Database user
db.password /
- Database password /
wakapi_db.db Database name
db.dialect /
sqlite3 Database type (one of sqlite3, mysql, postgres, cockroach, mssql)
db.charset /
utf8mb4 Database connection charset (for MySQL only)
db.max_conn /
2 Maximum number of database connections
db.ssl /
false Whether to use TLS encryption for database connection (Postgres and CockroachDB only)
db.automgirate_fail_silently /
false Whether to ignore schema auto-migration failures when starting up
mail.enabled /
true Whether to allow Wakapi to send e-mail (e.g. for password resets)
mail.sender /
Wakapi <> Default sender address for outgoing mails
mail.provider /
smtp Implementation to use for sending mails (one of [smtp]) /
- SMTP server address for sending mail (if using smtp mail provider)
mail.smtp.port /
- SMTP server port (usually 465)
mail.smtp.username /
- SMTP server authentication username
mail.smtp.password /
- SMTP server authentication password
mail.smtp.tls /
false Whether the SMTP server requires TLS encryption (false for STARTTLS or no encryption)
sentry.dsn /
– DSN for to integrate Sentry for error logging and tracing (leave empty to disable)
sentry.enable_tracing /
false Whether to enable Sentry request tracing
sentry.sample_rate /
0.75 Probability of tracing a request in Sentry
sentry.sample_rate_heartbeats /
0.1 Probability of tracing a heartbeat request in Sentry
quick_start /
false Whether to skip initial boot tasks. Use only for development purposes!
enable_pprof /
false Whether to expose pprof profiling data as an endpoint for debugging

Supported databases

Wakapi uses GORM as an ORM. As a consequence, a set of different relational databases is supported.

πŸ” Authentication

Wakapi supports different types of user authentication.

  • Cookie: This method is used in the browser. Users authenticate by sending along an encrypted, secure, HTTP-only cookie (wakapi_auth) that was set in the server's response upon login.
  • API key:
    • Via header: This method is inspired by WakaTime's auth. mechanism and is the common way to authenticate against API endpoints. Users set the Authorization header to Basic <BASE64_TOKEN>, where the latter part corresponds to your base64-hashed API key.
    • Vis query param: Alternatively, users can also pass their plain API key as a query parameter ( e.g. ?api_key=86648d74-19c5-452b-ba01-fb3ec70d4c2f) in the URL with every request.
  • Trusted header: This mechanism allows to delegate authentication to a reverse proxy (e.g. for SSO), that Wakapi will then trust blindly. See #534 for details.
    • Must be enabled via trusted_header_auth and configuring trust_reverse_proxy_ip in the config
    • Warning: This type of authentication is quite prone to misconfiguration. Make sure that your reverse proxy properly strips relevant headers from client requests.

πŸ”§ API endpoints

See our Swagger API Documentation.

Generating Swagger docs

$ go install
$ swag init -o static/docs

🀝 Integrations

Prometheus export

You can export your Wakapi statistics to Prometheus to view them in a Grafana dashboard or so. Here is how.

# 1. Start Wakapi with the feature enabled
$ ./wakapi

# 2. Get your API key and hash it
$ echo "<YOUR_API_KEY>" | base64

# 3. Add a Prometheus scrape config to your prometheus.yml (see below)

Scrape config example

# prometheus.yml
# (assuming your Wakapi instance listens at localhost, port 3000)

  - job_name: 'wakapi'
    scrape_interval: 1m
    metrics_path: '/api/metrics'
    bearer_token: '<YOUR_BASE64_HASHED_TOKEN>'
      - targets: [ 'localhost:3000' ]


There is also a nice Grafana dashboard, provided by the author of wakatime_exporter.

WakaTime integration

Wakapi plays well together with WakaTime. For one thing, you can forward heartbeats from Wakapi to WakaTime to effectively use both services simultaneously. In addition, there is the option to import historic data from WakaTime for consistency between both services. Both features can be enabled in the Integrations section of your Wakapi instance's settings page.

GitHub Readme Stats integrations

Wakapi also integrates with GitHub Readme Stats to generate fancy cards for you. Here is an example. To use this, don't forget to enable public data under Settings -> Permissions.

Click to view code

Github Readme Metrics integration

There is a WakaTime plugin for GitHub Metrics that is also compatible with Wakapi. To use this, don't forget to enable public data under Settings -> Permissions.


Click to view code
- uses: lowlighter/metrics@latest
    # ... other options
    plugin_wakatime: yes
    plugin_wakatime_token: ${{ secrets.WAKATIME_TOKEN }}      # Required
    plugin_wakatime_days: 7                                   # Display last week stats
    plugin_wakatime_sections: time, projects, projects-graphs # Display time and projects sections, along with projects graphs
    plugin_wakatime_limit: 4                                  # Show 4 entries per graph
    plugin_wakatime_url:                    # Wakatime url endpoint
    plugin_wakatime_user: .user.login                         # User

Browser Plugin (Chrome & Firefox)

The browser-wakatime plugin enables you to track your web surfing in WakaTime (and Wakapi, of course). Visited websites will appear as "files" in the summary. Follow these instructions to get started:

  1. Install the browser extension from the official store (Firefox, Chrome)
  2. Open the extension settings dialog
  3. Configure it like so (see screenshot below):
    • API Key: Your personal API key (get it at
    • Logging Type: Only the domain
    • API URL: (alternatively, replace with your self-hosted instance hostname)
  4. Save
  5. Start browsing!

Note: the plugin will only sync heartbeats once in a while, so it might take some time for them to appear on Wakapi. To "force" it to sync, simply bring up the plugin main dialog.

Gnome Extension

If you're using the GNOME desktop, there is a quick way to display your today's coding statistics in the status bar.

Simply install the Executor extension and add the following command as a status bar indicator:

~/.wakatime/wakatime-cli-linux-amd64 --today

πŸ“¦ Data Export

You can export your coding activity from Wakapi to CSV in the form of raw heartbeats. While there is no way to accomplish this directly through the web UI, we provide an easy-to-use Python script instead.

$ pip install requests tqdm
$ python scripts/ --api_key API_KEY [--url URL] [--from FROM] [--to TO] [--output OUTPUT]
python scripts/ --api_key 04648d14-15c9-432b-b901-dbeec70d4eaf \
  --url \
  --from 2023-01-01 \
  --to 2023-01-31 \
  --output wakapi_export.csv

πŸ‘ Best practices

It is recommended to use wakapi behind a reverse proxy, like Caddy or nginx, to enable TLS encryption (HTTPS).

However, if you want to expose your wakapi instance to the public anyway, you need to set server.listen_ipv4 to in config.yml.

πŸ§ͺ Tests

Unit tests

Unit tests are supposed to test business logic on a fine-grained level. They are implemented as part of the application, using Go's testing package alongside stretchr/testify.

How to run

$ CGO_ENABLED=0 go test `go list ./... | grep -v ''` -json -coverprofile=coverage/coverage.out ./... -run ./...

API tests

API tests are implemented as black box tests, which interact with a fully-fledged, standalone Wakapi through HTTP requests. They are supposed to check Wakapi's web stack and endpoints, including response codes, headers and data on a syntactical level, rather than checking the actual content that is returned.

Our API (or end-to-end, in some way) tests are implemented as a Postman collection and can be run either from inside Postman, or using newman as a command-line runner.

To get a predictable environment, tests are run against a fresh and clean Wakapi instance with a SQLite database that is populated with nothing but some seed data (see data.sql). It is usually recommended for software tests to be safe, stateless and without side effects. In contrary to that paradigm, our API tests strictly require a fixed execution order (which Postman assures) and their assertions may rely on specific previous tests having succeeded.

Prerequisites (Linux only)

# 1. sqlite (cli)
$ sudo apt install sqlite  # Fedora: sudo dnf install sqlite

# 2. newman
$ npm install -g newman

How to run (Linux only)

$ ./testing/

πŸ€“ Developer notes

Building web assets

To keep things minimal, all JS and CSS assets are included as static files and checked in to Git. TailwindCSS and Iconify require an additional build step. To only require this at the time of development, the compiled assets are checked in to Git as well.

$ yarn
$ yarn build  # or: yarn watch

New icons can be added by editing the icons array in scripts/bundle_icons.js.


As explained in #284, precompressed (using Brotli) versions of some of the assets are delivered to save additional bandwidth. This was inspired by Caddy's precompressed directive. gzipped.FileServer checks for every static file's .br or .gz equivalents and, if present, delivers those instead of the actual file, alongside Content-Encoding: br. Currently, compressed assets are simply checked in to Git. Later we might want to have this be part of a new build step.

To pre-compress files, run this:

# Install brotli first
$ sudo apt install brotli  # or: sudo dnf install brotli

# Watch, build and compress
$ yarn watch:compress

# Alternatively: build and compress only
$ yarn build:all:compress

# Alternatively: compress only
$ yarn compress

❔ FAQs

Since Wakapi heavily relies on the concepts provided by WakaTime, their FAQs largely apply to Wakapi as well. You might find answers there.

What data are sent to Wakapi?
  • File names
  • Project names
  • Editor names
  • Your computer's host name
  • Timestamps for every action you take in your editor
  • ...

See the related WakaTime FAQ section for details.

If you host Wakapi yourself, you have control over all your data. However, if you use our webservice and are concerned about privacy, you can also exclude or obfuscate certain file- or project names.

What happens if I'm offline?

All data are cached locally on your machine and sent in batches once you're online again.

How did Wakapi come about?

Wakapi was started when I was a student, who wanted to track detailed statistics about my coding time. Although I'm a big fan of WakaTime I didn't want to pay $9 a month back then. Luckily, most parts of WakaTime are open source!

How does Wakapi compare to WakaTime?

Wakapi is a small subset of WakaTime and has a lot less features. Cool WakaTime features, that are missing Wakapi, include:

  • Leaderboards
  • Embeddable Charts
  • Personal Goals
  • Team- / Organization Support
  • Additional Integrations (with GitLab, etc.)
  • Richer API

WakaTime is worth the price. However, if you only need basic statistics and like to keep sovereignty over your data, you might want to go with Wakapi.

How are durations calculated?

Inferring a measure for your coding time from heartbeats works a bit differently than in WakaTime. While WakaTime has timeout intervals, Wakapi essentially just pads every heartbeat that occurs after a longer pause with 2 extra minutes.

Here is an example (circles are heartbeats):

|   |10s|      3m      |10s|   |

It is unclear how to handle the three minutes in between. Did the developer do a 3-minute break, or were just no heartbeats being sent, e.g. because the developer was staring at the screen trying to find a solution, but not actually typing code?

  • WakaTime (with 5 min timeout): 3 min 20 sec
  • WakaTime (with 2 min timeout): 20 sec
  • Wakapi: 10 sec + 2 min + 10 sec = 2 min 20 sec

Wakapi adds a "padding" of two minutes before the third heartbeat. This is why total times will slightly vary between Wakapi and WakaTime.

πŸ‘₯ Community contributions

πŸ‘ Support

Coding in open source is my passion and I would love to do it on a full-time basis and make a living from it one day. So if you like this project, please consider supporting it πŸ™‚. You can donate either through buying me a coffee or becoming a GitHub sponsor. Every little donation is highly appreciated and boosts my motivation to keep improving Wakapi!

πŸ™ Thanks

I highly appreciate the efforts of @alanhamlett and the WakaTime team and am thankful for their software being open source.

Moreover, thanks to for sponsoring server infrastructure for

πŸ““ License

MIT @ Ferdinand MΓΌtsch