Skip to main content

Docker installation

suSHi runs as a containerized application using Docker Compose, orchestrating a PostgreSQL database and the suSHi backend service.

Prerequisites

  • Docker Engine 20.10 or later
  • Docker Compose v2.0 or later
  • At least 512MB of available RAM
  • Port 8080 available (or customize the port)

Installation steps

1

Create the project directory

Set up your project structure:
mkdir sushi-app
cd sushi-app
2

Configure database directory

Create the PostgreSQL data directory with proper permissions:
mkdir -p db/data
sudo chown -R 1001:1001 ./db/data
The Bitnami PostgreSQL image runs as user ID 1001. Setting these permissions prevents database initialization errors.
3

Create docker-compose.yaml

Create a docker-compose.yaml file with the following configuration:
docker-compose.yaml
version: '3.8'

services:
  postgres:
    image: bitnami/postgresql
    container_name: postgres
    ports:
      - "5432:5432"
    environment:
      POSTGRES_USER: postgres
      POSTGRES_PASSWORD: postgres
      POSTGRES_DB: sushi
    volumes:
      - ./db/data:/bitnami/postgresql/data
    restart: always
  
  sushi-backend:
    image: breeze5690/sushi-backend-prod:v1
    ports:
      - "8080:8080"
    environment:
      - SERVER_PORT=8080
      - LOG_LEVEL=Debug
      - JWT_SECRET=secret123
      - DB_HOST=postgres
      - DB_PORT=5432
      - DB_USER=postgres
      - DB_PASSWORD=postgres
      - DB_NAME=sushi
      - MIGRATE_DB=true
      - GOOGLE_CLIENT_ID=
      - GOOGLE_CLIENT_SECRET=
      - GOOGLE_REDIRECT_URL=http://localhost:8080/api/v1/auth/callback
      - GITHUB_CLIENT_ID=
      - GITHUB_CLIENT_SECRET=
      - GITHUB_REDIRECT_URL=http://localhost:8080/api/v1/auth/callback
    depends_on:
      - postgres
    restart: always
4

Start the services

Launch suSHi with Docker Compose:
docker compose up -d
Verify the services are running:
docker compose ps
Both postgres and sushi-backend should show as “running”.
5

Verify installation

Check the application logs:
docker compose logs -f sushi-backend
Look for:
Configuration loaded successfully
Starting server on port 8080
Access the web interface at http://localhost:8080

Environment variables

Configure suSHi by modifying these environment variables in the sushi-backend service:

Server configuration

VariableDefaultDescription
SERVER_PORT8080Port the HTTP server listens on
LOG_LEVELDebugLogging level: Debug or Info
JWT_SECRETsecret123Secret key for JWT token generation
Security: Change JWT_SECRET to a strong, randomly generated string in production. This secret is used to sign authentication tokens.

Database configuration

VariableDefaultDescription
DB_HOSTpostgresDatabase host (use service name for Docker)
DB_PORT5432PostgreSQL port
DB_USERpostgresDatabase username
DB_PASSWORDpostgresDatabase password
DB_NAMEsushiDatabase name
MIGRATE_DBtrueAutomatically run database migrations on startup
The database configuration should match the PostgreSQL service environment variables.

OAuth configuration

suSHi supports authentication via Google and GitHub OAuth:

Google OAuth

VariableDescription
GOOGLE_CLIENT_IDOAuth 2.0 Client ID from Google Cloud Console
GOOGLE_CLIENT_SECRETOAuth 2.0 Client Secret
GOOGLE_REDIRECT_URLCallback URL: http://your-domain:8080/api/v1/auth/callback
1

Create OAuth credentials

  1. Go to Google Cloud Console
  2. Create a new project or select an existing one
  3. Navigate to APIs & Services > Credentials
  4. Click Create Credentials > OAuth 2.0 Client ID
  5. Choose Web application
2

Configure authorized redirect URIs

Add your callback URL:
http://localhost:8080/api/v1/auth/callback
For production, use your domain:
https://your-domain.com/api/v1/auth/callback
3

Copy credentials

Copy the Client ID and Client Secret to your docker-compose.yaml

GitHub OAuth

VariableDescription
GITHUB_CLIENT_IDOAuth App Client ID from GitHub
GITHUB_CLIENT_SECRETOAuth App Client Secret
GITHUB_REDIRECT_URLCallback URL: http://your-domain:8080/api/v1/auth/callback
1

Register OAuth App

  1. Go to GitHub Developer Settings
  2. Click New OAuth App
  3. Fill in the application details
2

Set authorization callback URL

http://localhost:8080/api/v1/auth/callback
3

Generate client secret

After creating the app, generate a new client secret and copy both the Client ID and Client Secret to your configuration.
OAuth is optional for development but recommended for production deployments to secure access to your suSHi instance.

Advanced configuration

Custom ports

To run suSHi on a different port, update the port mapping:
docker-compose.yaml
services:
  sushi-backend:
    ports:
      - "3000:8080"  # Access on port 3000
Update OAuth redirect URLs if you change the port.

Persistent logs

To persist application logs, add a volume mount:
docker-compose.yaml
services:
  sushi-backend:
    volumes:
      - ./logs:/app/logs
    environment:
      - LOG_PATH=/app/logs

Production considerations

Security checklist for production:
  • Change JWT_SECRET to a strong random string
  • Use strong PostgreSQL credentials
  • Configure OAuth for authentication
  • Use HTTPS/TLS with wss:// for WebSocket connections
  • Set LOG_LEVEL=Info to reduce log verbosity
  • Implement regular database backups
  • Use secrets management instead of environment variables in compose file

Managing the installation

View logs

docker compose logs -f

Restart services

docker compose restart

Stop services

docker compose down

Update to latest version

docker compose pull
docker compose up -d

Remove all data

This will delete all your machine configurations and connection data.
docker compose down -v
sudo rm -rf db/data

Troubleshooting

Ensure PostgreSQL is running and healthy:
docker compose ps postgres
docker compose logs postgres
Check that database credentials match between services.
Fix directory permissions:
sudo chown -R 1001:1001 ./db/data
Check what’s using the port:
sudo lsof -i :8080
Either stop the conflicting service or change suSHi’s port in docker-compose.yaml.
For local development, you may need to use ws:// instead of wss://. This is a known issue documented in the source.In production, ensure you’re using HTTPS and wss:// protocol.

Next steps

Quickstart guide

Connect to your first machine via SSH through the browser.

Configuration reference

Explore all available configuration options.

Build docs developers (and LLMs) love

Get started for freeTalk to us