Docker configuration to quickly setup your own Canarytokens.

Dockerized Canarytokens

by Thinkst Applied Research


Canarytokens helps track activity and actions on your network.


  • At least one domain name. If you want to enabled PDF-opening tracking, at least two domains.
  • Internet-facing Docker host. You can install Docker on a Linux host quickly.

Setup (in Ubuntu)

  • Boot your Docker host, and take note of the public IP.
  • Configure your domains so that their nameservers point to the public IP of the Docker host. This requires a change at your Registrar, simply changing NS records in the zonefile is insufficient.
  • Clone the Docker setup:
$ git clone
$ cd canarytokens-docker
  • Install Docker compose (if not already present):
$ sudo apt-get install python-pip python-dev
$ sudo pip install -U docker-compose
#if this breaks with PyYAML errors, install the libyaml development package
# sudo apt-get install libyaml-dev
  • Configuration is held in the two .env files. Edit these. Uncomment 'CANARY_PUBLIC_DOMAIN' in switchboard.ev and set it to one of the domains defined for 'CANARY_DOMAIN' in frontend.ev(if you do not uncomment and set it, the Public IP will be used). If you are using Mailgun to send emails, uncomment 'CANARY_MAILGUN_DOMAIN_NAME' and 'CANARY_MAILGUN_API_KEY' from switchboard.ev and set the values. If you are using Mandrill instead, uncomment 'CANARY_MANDRILL_API_KEY' and set it. Here's example files for a setup that generates tokens on, and (PDFs), running on a host with public domain 'my.domain' and IP, using Mailgun Domain Name 'x.y' and API Key 'zzzzzzzzzz':
    • frontend.ev
#These domains are used for general purpose tokens,

#These domains are only used for PDF tokens
  • switchboard.ev (using Mailgun for email)
  • Finally, download and instatiate the images:
$ docker-compose up

Persisting data

The tokens are saved in a Redis database file which exists outside the Docker containers. Look for dump.rdb in the canarytokens-docker/data directory.

If you want to wipe all your tokens, delete dump.rdb.