Deploys Huly V7 — an all-in-one project management platform — with 40 services, built-in video calls (LiveKit), AI assistant, automatic backups, and a session persistence fix that prevents the logout-on-refresh bug.
Supported platforms: Dokploy, Coolify, Portainer / bare Docker Compose
SSH into your server and run:
curl ifconfig.meThis will show your server IP (example: 88.222.521.3). Write it down - you'll need it.
- Go to https://www.dynu.com/ and create an account
- Go to Control Panel
- Go to DDNS Services
- Click Add
Create Huly Domain:
- Under "Option 1: Use Our Domain Name", enter a name like
huly - Click Add
- Find the IPv4 Address field - it will have a random IP
- Replace it with YOUR server IP (e.g.,
88.222.521.3) - Click Save
Now you have a domain:
huly.dynu.net-> points to your server
Two options are available:
- In Dokploy, click create project, call it something like "Huly", and click create.
Then click create service and select template.
Go to Templates and add this repository in the Base URL field. URL:
https://raw.githubusercontent.com/spatialy/huly-dokploy/mainThen click create. - Select the Huly V7 template
- Go to Environment tab and change:
(Replace with your actual domain)
HOST_ADDRESS=huly.dynu.net - Go to Domains tab:
- Change the domain from the auto-generated one to yours
- Enable HTTPS
- Click Deploy
Huly is now running! Video calls (LiveKit) are built-in and work automatically -- API keys are auto-generated at deploy time.
Important: Huly v0.7.315 uses OTP (email code) as the default login method. You must configure SMTP for email delivery, otherwise users won't receive login codes. Password login is also available as a fallback (click "Sign in with password" on the login page).
Git-based deploys have a key advantage: Dokploy uses a stable project name tied to your service, so Docker volumes persist across rebuilds and redeploys. With templates, Delete + Redeploy generates a new project name and orphans your old data volumes. With Git deploys, you can safely rebuild without worrying about data loss.
Upgrading is also simpler -- pull new commits from upstream and redeploy. Config files update automatically from the repo.
Important: Use the
coolify/directory, NOTblueprints/. Theblueprints/directory expects../files/volumes/paths that are only created by Dokploy's template processor.
- In Dokploy, create a project (e.g., "Huly") and create a Docker Compose service
- Set the source to Git Repository with URL:
https://github.com/spatialy/huly-dokploy - Set Docker Compose Location to
coolify/huly-v7-pg/docker-compose.yml(PostgreSQL, recommended) orcoolify/huly-v7-next/docker-compose.yml(CockroachDB) - Go to Environment tab and set:
HOST_ADDRESS=huly.example.com - Generate secrets (run these on your server and paste the values):
# SECRET openssl rand -base64 64 | tr -d '\n' # PG_PASSWORD (or CR_PASSWORD for CockroachDB) openssl rand -base64 24 | tr -d '/+=' | head -c 32 # REDPANDA_ADMIN_PWD openssl rand -base64 24 | tr -d '/+=' | head -c 16 # LIVEKIT_API_KEY openssl rand -base64 24 | tr -d '/+=' | head -c 16 # LIVEKIT_API_SECRET openssl rand -base64 32 | tr -d '\n'
- Set the database URL:
- PostgreSQL:
PG_DB_URL=postgres://huly:<your-PG_PASSWORD>@postgres:5432/huly - CockroachDB:
CR_DB_URL=postgres://huly:<your-CR_PASSWORD>@cockroach:26257/huly
- PostgreSQL:
- Configure SMTP (see Configure Email below)
- Go to Domains tab, set your domain and enable HTTPS
- Click Deploy
See coolify/huly-v7-pg/.env.example for the full list of variables and documentation.
Volume safety: All data (database, files, search index) uses Docker named volumes -- safe across redeploys. Config files in ./volumes/ are static templates tracked in Git and restored from the repo on every clone. No runtime data is stored in bind mounts.
Upgrading: Pull new commits from upstream in Dokploy's Git settings (or let it auto-pull), then click Redeploy. Config files update from the repo automatically, data volumes persist.
In your Huly app's Environment tab, set these SMTP variables:
MAIL_FROM=noreply@yourdomain.com
SMTP_HOST=smtp.gmail.com
SMTP_PORT=587
SMTP_USERNAME=your-email@gmail.com
SMTP_PASSWORD=your-app-password
Using Amazon SES instead? Leave the SMTP fields blank and set:
MAIL_FROM=noreply@yourdomain.com
SES_ACCESS_KEY=your-access-key
SES_SECRET_KEY=your-secret-key
SES_REGION=us-east-1
AWS SES Setup Guide (IAM + SES Console)
- Go to Amazon SES > Identities > Create identity
- Choose Email address (quick) or Domain (production)
- For email: enter the address you'll use as
MAIL_FROM, click the verification link - For domain: add the DKIM CNAME records SES gives you to your DNS
- For email: enter the address you'll use as
- If your SES account is in sandbox mode (default for new accounts), you can only send to verified email addresses. To send to anyone, request production access: SES > Account dashboard > Request production access
- Go to IAM > Users > Create user
- Name it something like
huly-ses-sender - Select Attach policies directly
- Click Create policy and use this JSON:
Name it
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "ses:SendEmail", "ses:SendRawEmail" ], "Resource": "*" } ] }HulySESSendEmailand attach it to the user - Go to the user > Security credentials > Create access key
- Select Application running outside AWS
- Copy the Access key ID ->
SES_ACCESS_KEYand Secret access key ->SES_SECRET_KEY
MAIL_FROM=noreply@yourdomain.com # Must match a verified SES identity
SES_ACCESS_KEY=AKIA... # From step 2
SES_SECRET_KEY=... # From step 2
SES_REGION=us-east-1 # The region where you verified your identity
Click Save and Redeploy.
Two options are available:
Point Coolify at this repo and deploy the coolify/huly-v7-pg/ directory (PostgreSQL variant, recommended) or coolify/huly-v7-next/ (CockroachDB variant).
- In Coolify, create a new project and add a Docker Compose service
- Set the source to Git Repository with URL:
https://github.com/spatialy/huly-dokploy - Set Docker Compose Location to
coolify/huly-v7-pg/docker-compose.yml - Go to Environment Variables and set:
HOST_ADDRESS=huly.example.com - Generate secrets (run these on your server and paste the values):
# SECRET openssl rand -base64 64 | tr -d '\n' # PG_PASSWORD openssl rand -base64 24 | tr -d '/+=' | head -c 32 # REDPANDA_ADMIN_PWD openssl rand -base64 24 | tr -d '/+=' | head -c 16 # LIVEKIT_API_KEY openssl rand -base64 24 | tr -d '/+=' | head -c 16 # LIVEKIT_API_SECRET openssl rand -base64 32 | tr -d '\n'
- Set
PG_DB_URL=postgres://huly:<your-PG_PASSWORD>@postgres:5432/huly - Configure SMTP (see Configure Email below)
- Click Deploy
See coolify/huly-v7-pg/.env.example for the full list of variables and documentation.
The coolify/huly.yaml is a single-file Coolify service template with SERVICE_* magic variables for auto-generated secrets. This is intended for future inclusion in the Coolify templates repo.
To use it now:
- Copy
coolify/huly.yamlinto your Coolify instance's custom templates - Deploy from the template
- Set
HOST_ADDRESSto your domain in the environment panel - Configure SMTP and optional integrations
Secrets (SECRET, PG_PASSWORD/CR_PASSWORD, LIVEKIT_API_KEY, etc.) are auto-generated by Coolify.
The coolify/huly-v7-pg/ directory (PostgreSQL, recommended) or coolify/huly-v7-next/ (CockroachDB) is a standard Docker Compose project that works with any orchestrator (Portainer, Dockge) or bare docker compose.
git clone https://github.com/spatialy/huly-dokploy.git
cd huly-dokploy/coolify/huly-v7-pg
# Copy and edit the environment file
cp .env.example .env
# Edit .env — set HOST_ADDRESS, generate secrets, configure SMTP
nano .env
# Start all services
docker compose up -dMake sure ports 80, 7881/tcp, 3478/udp, and 50000-50100/udp are accessible. Set up a reverse proxy (Caddy, Traefik, nginx) in front of the nginx service to terminate TLS.
LiveKit is built into the Huly stack. WebSocket signaling goes through nginx on the same domain (wss://huly.example.com/livekit), but media/TURN traffic requires these ports to be open on your server's firewall:
| Port | Protocol | Purpose |
|---|---|---|
| 7881 | TCP | LiveKit RTC (WebRTC over TCP) |
| 3478 | UDP | TURN server |
| 50000-50100 | UDP | Media (WebRTC audio/video) |
If you're using a cloud provider (AWS, Hetzner, DigitalOcean, etc.), make sure these ports are allowed in your security group / firewall rules.
- You need only 1 domain -- LiveKit is built-in and shares the same domain
- HTTPS must be enabled on your domain
- Wait 1-2 minutes for DNS to propagate before deploying
- If something doesn't work, try redeploying
Your Huly instance is open to the public by default. Anyone who knows your domain can create an account. After creating your first user account, you should disable public sign-ups immediately.
Set DISABLE_SIGNUP=true in your environment variables and redeploy. This must be set on both the account and front services -- our compose files already wire this variable to both, so you only need to set it once in your env.
DISABLE_SIGNUP=true
After this, new users can only be invited by existing users through the Huly UI. The sign-up page will no longer be accessible.
By default, this template ships with INIT_REPO_DIR=/nonexistent, so new workspaces are created completely empty — no demo projects, sample issues, Card types, or onboarding content. This gives you a clean slate.
To restore the upstream default behavior (sample "Welcome to Huly!" project, "Game Design (Example)" project, Card types, Quick-Start Docs, etc.), set:
INIT_REPO_DIR=./init-scripts
This template tracks two independent versions:
| Version | What | Example |
|---|---|---|
| Template version | Our blueprint changes (fixes, config improvements) | v1.1.4 / v3.1.0 / v3.2.0 (shown as badge in Dokploy template picker) |
| Huly version | Upstream Docker image tags | v0.7.315 (huly-v7) / v0.7.375 (huly-v7-next, huly-v7-pg) |
Dokploy bakes templates at deploy time. Pushing updates to this repo does NOT update existing deployments. To check which version you deployed, look for TEMPLATE_VERSION in your Dokploy Environment tab.
To upgrade without losing data: Edit the docker-compose.yml and mounted files directly in Dokploy's compose editor, then click Redeploy. This preserves all Docker volumes (database, files, etc.).
Warning: Do NOT delete and redeploy from the template to upgrade. Dokploy generates a new project name on each deploy, which creates new empty volumes. Your old data becomes orphaned (still on disk, but not attached to the new deployment).
The default Huly V7 deployment has a cookie handling issue that causes users to be logged out on page refresh. This template fixes it with four changes that work together:
- Cookie Domain Rewriting -- An entrypoint script reads
HOST_ADDRESS(e.g.,huly.example.com), calculates the parent domain (.example.com), and patches the nginx config with the correctproxy_cookie_domaindirective - X-Forwarded-Proto https -- Hardcoded in nginx to fix protocol detection (Docker internal traffic is HTTP)
- proxy_cookie_flags -- Sets
SecureandSameSite=Laxon cookies - TRUST_PROXY=true -- Tells the account service to trust reverse proxy headers
This is zero-config -- you just set your domain and it works.
Three blueprints are available:
29 services using haiodo/* Docker images from the intabia-fusion/foundation-selfhost PostgreSQL fork at v0.7.315.
Service list
| Service | Version | Description |
|---|---|---|
| postgres | 18.1 | Database |
| redis | 8.0 | Cache for hulypulse and LiveKit |
| redpanda | v25.2.11 | Message queue (Kafka compatible) |
| minio | latest | Object storage |
| elastic | 7.14.2 | Search engine |
| nginx | 1.21.3 | Reverse proxy with cookie fixes |
| livekit | latest | WebRTC server for video calls |
| account | v0.7.315 | Account management |
| transactor | v0.7.315 | Data synchronization |
| collaborator | v0.7.315 | Real-time collaboration |
| front | v0.7.315 | Frontend |
| workspace | v0.7.315 | Workspace management |
| fulltext | v0.7.315 | Full-text search |
| stats | v0.7.315 | Statistics |
| rekoni | v0.7.315 | Document processing |
| datalake | v0.7.315 | Data storage API |
| hulypulse | v0.7.315 | Real-time updates |
| stream | v0.7.315 | Media streaming |
| preview | v0.7.315 | File previews |
| media | v0.7.315 | Media processing |
| love | v0.7.315 | Video calls service |
| love-agent | v0.7.315 | Meeting transcription |
| aibot | v0.7.315 | AI assistant |
| billing | v0.7.315 | Billing service |
| rating | v0.7.315 | Rating service |
| process-service | v0.7.315 | Background processing |
| v0.7.315 | Print/export service | |
| github | v0.7.315 | GitHub integration |
| v0.7.315 | Email delivery (OTP codes, notifications) |
40 services using official hardcoreeng/* Docker images on CockroachDB at v0.7.375.
Service list
| Service | Version | Description |
|---|---|---|
| cockroachdb | latest-v24.2 | Database (CockroachDB) |
| redis | 8.0 | Cache for hulypulse and LiveKit |
| redpanda | v25.2.11 | Message queue (Kafka compatible) |
| minio | latest | Object storage |
| elastic | 7.14.2 | Search engine |
| mongo | 7-jammy | MongoDB (for aibot, calendar, telegram) |
| nginx | 1.21.3 | Reverse proxy with cookie fixes |
| livekit | latest | WebRTC server for video calls |
| account | v0.7.375 | Account management |
| transactor | v0.7.375 | Data synchronization |
| collaborator | v0.7.375 | Real-time collaboration |
| front | v0.7.375 | Frontend |
| workspace | v0.7.375 | Workspace management |
| fulltext | v0.7.375 | Full-text search |
| kvs | v0.7.375 | Key-value store (CockroachDB-backed) |
| stats | v0.7.375 | Statistics |
| rekoni | v0.7.375 | Document processing |
| datalake | v0.7.375 | Data storage API |
| hulypulse | v0.7.375 | Real-time updates |
| stream | v0.7.375 | Media streaming |
| preview | v0.7.375 | File previews |
| media | v0.7.375 | Media processing |
| love | v0.7.375 | Video calls service |
| love-agent | v0.7.375 | Meeting transcription (via OpenAI or Deepgram STT) |
| aibot | v0.7.375 | AI assistant |
| rating | v0.7.375 | Rating service |
| process-service | v0.7.375 | Background processing |
| v0.7.375 | Print/export service | |
| github | v0.7.375 | GitHub integration |
| v0.7.375 | Email delivery (OTP codes, notifications) | |
| link-preview | v0.7.375 | Link previews in chat |
| calendar | v0.7.375 | Google Calendar sync (optional) |
| gmail | v0.7.375 | Gmail integration (optional) |
| telegram-bot | v0.7.375 | Telegram bot (optional) |
| cockroach-jobs | postgres:17-alpine | Reconciles meeting-minutes counters (workaround for upstream bug) |
| notification | v0.7.375 | Push notifications via VAPID (optional — requires keys) |
| backup | v0.7.375 | Automatic workspace backup scheduler (hourly) |
| backup-api | v0.7.375 | Backup download API |
| export | v0.7.375 | Workspace data export (ZIP) |
| sign | v0.7.375 | PDF digital signatures (auto-generates self-signed cert) |
40 services using official hardcoreeng/* Docker images on PostgreSQL 17 at v0.7.375. Same services as V7 Next but uses PostgreSQL instead of CockroachDB, saving ~1-1.5GB RAM at idle. Recommended for small VPS deployments (2-4GB RAM).
Service list
| Service | Version | Description |
|---|---|---|
| postgresql | 17-alpine | Database (PostgreSQL) |
| redis | 8.0 | Cache for hulypulse and LiveKit |
| redpanda | v25.2.11 | Message queue (Kafka compatible) |
| minio | latest | Object storage |
| elastic | 7.14.2 | Search engine |
| mongo | 7-jammy | MongoDB (for aibot, calendar) |
| nginx | 1.21.3 | Reverse proxy with cookie fixes |
| livekit | latest | WebRTC server for video calls |
| account | v0.7.375 | Account management |
| transactor | v0.7.375 | Data synchronization |
| collaborator | v0.7.375 | Real-time collaboration |
| front | v0.7.375 | Frontend |
| workspace | v0.7.375 | Workspace management |
| fulltext | v0.7.375 | Full-text search |
| kvs | v0.7.375 | Key-value store (native PostgreSQL support since v0.7.375) |
| stats | v0.7.375 | Statistics |
| rekoni | v0.7.375 | Document processing |
| datalake | v0.7.375 | Data storage API |
| hulypulse | v0.7.375 | Real-time updates |
| stream | v0.7.375 | Media streaming |
| preview | v0.7.375 | File previews |
| media | v0.7.375 | Media processing |
| love | v0.7.375 | Video calls service |
| love-agent | v0.7.375 | Meeting transcription (via OpenAI or Deepgram STT) |
| aibot | v0.7.375 | AI assistant |
| rating | v0.7.375 | Rating service |
| process-service | v0.7.375 | Background processing |
| v0.7.375 | Print/export service | |
| github | v0.7.375 | GitHub integration |
| v0.7.375 | Email delivery (OTP codes, notifications) | |
| link-preview | v0.7.375 | Link previews in chat |
| calendar | v0.7.375 | Google Calendar sync (optional) |
| gmail | v0.7.375 | Gmail integration (optional) |
| telegram-bot | v0.7.375 | Telegram bot (optional) |
| pg-jobs | postgres:17-alpine | Reconciles meeting-minutes counters (workaround for upstream bug) |
| notification | v0.7.375 | Push notifications via VAPID (optional — requires keys) |
| backup | v0.7.375 | Automatic workspace backup scheduler (hourly) |
| backup-api | v0.7.375 | Backup download API |
| export | v0.7.375 | Workspace data export (ZIP) |
| sign | v0.7.375 | PDF digital signatures (auto-generates self-signed cert) |
KVS on PostgreSQL: As of v0.7.375,
hulykvsnatively supports PostgreSQL (PR #5). No workarounds needed.
Dokploy auto-generates these secrets at deploy time -- no manual setup needed:
| Variable | Type | Description |
|---|---|---|
main_domain |
domain | Your Huly domain (e.g., huly.example.com) |
huly_secret |
base64:64 | Secret for JWT tokens |
cockroach_password |
password:32 | CockroachDB password (V7 Next) |
postgres_password |
password:32 | PostgreSQL password (V7 Legacy and V7 PG) |
redpanda_password |
password:16 | Redpanda admin password |
livekit_api_key |
password:16 | LiveKit API key (for video calls) |
livekit_api_secret |
base64:32 | LiveKit API secret (for video calls) |
The GitHub service is included but dormant by default. To enable it:
- Go to https://github.com/settings/apps/new
- Set Callback URL:
https://{your-domain}/github - Set Setup URL:
https://{your-domain}/github(check "Redirect on update") - Set Webhook URL:
https://{your-domain}/_github/api/webhook - Set Webhook secret:
secret - Permissions -- set all to Read & Write:
- Commit statuses, Contents, Custom properties, Discussions
- Issues, Pages, Projects, Pull requests, Webhooks
- Metadata: Read-only
- Subscribe to events: Issues, Pull request, Pull request review, Pull request review comment, Pull request review thread
- Click Create GitHub App
- Generate a Private Key (downloads a
.pemfile)
From your GitHub App's settings page, copy the values into Dokploy's Environment tab:
GITHUB_APPID=123456
GITHUB_APPNAME=my-huly-app
GITHUB_CLIENTID=Iv1.xxxxxxxxxx
GITHUB_CLIENT_SECRET=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
GITHUB_PRIVATE_KEY=<see below>
GITHUB_BOT_NAME=my-huly-app[bot]
GITHUB_PRIVATE_KEYformat: Copy the PEM file content as-is into the env var. Replace newlines with literal\n.Quick conversion:
awk 'NF {sub(/\r/, ""); printf "%s\\n",$0;}' your-app.private-key.pem
The AI bot service is included but requires OPENAI_API_KEY to start. Without a valid API key, the aibot container will crash-loop -- this is expected and won't affect the rest of Huly (nginx is configured to handle optional services being down).
To enable the AI assistant, set these in your Huly app's Environment tab:
| Variable | Required | Description |
|---|---|---|
OPENAI_API_KEY |
Yes (for AI to work) | API key for your OpenAI-compatible provider |
OPENAI_BASE_URL |
No | API endpoint (default: https://api.openai.com/v1). Change for alternative providers |
OPENAI_MODEL |
No | Main chat model (default: gpt-4o-mini) |
OPENAI_SUMMARY_MODEL |
No | Model for summarization (default: gpt-4o-mini) |
OPENAI_TRANSLATE_MODEL |
No | Model for translation (default: gpt-4o-mini) |
Example -- OpenAI:
OPENAI_API_KEY=sk-proj-...
OPENAI_MODEL=gpt-4o
OPENAI_SUMMARY_MODEL=gpt-4o-mini
Example -- Ollama (local):
OPENAI_API_KEY=ollama
OPENAI_BASE_URL=http://host.docker.internal:11434/v1
OPENAI_MODEL=llama3.1
OPENAI_SUMMARY_MODEL=llama3.1
Note: If you don't need AI features, you can safely ignore the aibot crash-loop in your container logs. It won't affect other services.
The bot provides: chat, text translation, message/meeting summarization, and PDF import.
The Calendar and Gmail services require Google OAuth credentials. To enable:
- Create a Google Cloud project and enable the Calendar API and Gmail API
- Create OAuth 2.0 credentials (type: Web application)
- Set the credentials JSON in your Huly app's Environment tab:
GOOGLE_CREDENTIALS={"web":{"client_id":"...","client_secret":"...","redirect_uris":["https://your-domain/_calendar"]}}
The Calendar service watches for changes and syncs bidirectionally. The watch webhook URL is automatically set to https://<HOST_ADDRESS>/_calendar.
To enable the Telegram bot:
- Create a bot via @BotFather on Telegram
- Set the environment variables:
TELEGRAM_BOT_TOKEN=123456:ABC-DEF1234ghIkl-zyx57W2v1u123ew11
Browser push notifications require VAPID keys. Without them, push notifications are silently disabled — everything else works normally.
Generate VAPID keys:
npx web-push generate-vapid-keysSet the 3 environment variables:
PUSH_PUBLIC_KEY=BN... # From "Public Key" output
PUSH_PRIVATE_KEY=... # From "Private Key" output
PUSH_SUBJECT=mailto:admin@yourdomain.com
By default, Huly uses the bundled MinIO container for S3-compatible object storage. You can switch to an external S3 provider (AWS S3, Backblaze B2, Cloudflare R2, DigitalOcean Spaces) by setting 4 env vars:
| Variable | Default | Description |
|---|---|---|
S3_ENDPOINT |
http://minio:9000 |
S3 endpoint URL |
S3_ACCESS_KEY |
minioadmin |
Access key / username |
S3_SECRET_KEY |
minioadmin |
Secret key / password |
S3_REGION |
us-east-1 |
S3 region |
Examples:
AWS S3:
S3_ENDPOINT=https://s3.us-east-1.amazonaws.com
S3_ACCESS_KEY=AKIA...
S3_SECRET_KEY=...
S3_REGION=us-east-1
Backblaze B2:
S3_ENDPOINT=https://s3.us-west-004.backblazeb2.com
S3_ACCESS_KEY=your-key-id
S3_SECRET_KEY=your-application-key
S3_REGION=us-west-004
Cloudflare R2:
S3_ENDPOINT=https://<account-id>.r2.cloudflarestorage.com
S3_ACCESS_KEY=your-access-key
S3_SECRET_KEY=your-secret-key
S3_REGION=auto
Important: Pre-create these buckets on your external provider:
blobs,eu,backups. MinIO creates them dynamically, but external providers may not.The bundled MinIO service still runs when using external S3 (it's harmless). To save resources, you can comment out or remove the
minioservice from your compose file.No migration tooling is provided. Switching from MinIO to external S3 does not migrate existing data.
Backup is enabled by default — no configuration needed. The backup service runs hourly, stores snapshots in the backups MinIO bucket, and retains the last 84 snapshots (~3.5 days at hourly intervals). Backups are downloadable via the /_backup/ endpoint.
Export allows workspace data export as ZIP files (CSV/JSON) via the /_export/ endpoint. Enabled by default.
The sign service provides PDF digital signature capabilities. A self-signed certificate is auto-generated on first start — no setup required.
Self-signed (default): Works out of the box. PDF readers show an "untrusted signer" warning. Good for testing and internal use.
Production — AATL-compliant certificate (trusted by Adobe Acrobat):
- Purchase a document signing certificate from an AATL member CA (GlobalSign, DigiCert, Entrust, SSL.com — ~$200-300/year)
- Convert to PKCS#12 if needed:
openssl pkcs12 -export -out certificate.p12 \ -inkey private.key -in signing-cert.pem -certfile chain.pem
- Replace the auto-generated cert in the
sign_certDocker volume:docker volume inspect <project>_sign_cert | grep Mountpoint sudo cp certificate.p12 <mountpoint>/certificate.p12
- Set
SIGN_CERTIFICATE_PASSWORDto the .p12 password - Restart the sign service
Huly can transcribe meeting audio in real-time. The love-agent service (official hardcoreeng/love-agent image) captures audio from LiveKit rooms and sends transcriptions to the aibot, which saves them as Meeting Minutes.
Two STT providers are supported:
| Variable | Default | Description |
|---|---|---|
STT_PROVIDER |
deepgram |
Transcription backend: deepgram or openai |
DEEPGRAM_API_KEY |
(empty) | API key for Deepgram (default model: nova-3) |
OPENAI_API_KEY |
(set above) | Reused from AI config. OpenAI STT uses the Realtime WebSocket API (gpt-4o-transcribe), not Whisper |
Example -- Deepgram (recommended):
STT_PROVIDER=deepgram
DEEPGRAM_API_KEY=your-deepgram-api-key
Example -- OpenAI (uses Realtime API, not Whisper):
STT_PROVIDER=openai
(Uses OPENAI_API_KEY from the AI assistant config above -- no extra key needed)
Note: The love-agent generates its
PLATFORM_TOKENautomatically at startup by authenticating with the accounts service. If the token generation fails (e.g., accounts service is slow to start), the love-agent will retry on restart. Video calls work regardless -- only transcription is affected.
- Make sure HTTPS is enabled on your domain
- Check that
HOST_ADDRESSmatches your actual domain - Check the nginx entrypoint logs:
docker logs <nginx-container> | head -20-- you should see the parent domain being calculated - Verify cookies in browser dev tools: F12 -> Application -> Cookies -> check the domain is correct
- Redeploy the app
- Check that ports 7881/tcp, 3478/udp, and 50000-50100/udp are open on your server firewall
- Verify
LIVEKIT_API_KEYandLIVEKIT_API_SECRETare set in the environment (auto-generated at deploy time) - Try redeploying
- This is cosmetic. In v0.7.375, signup creates your account but does not return a login token. The frontend tries to set a session cookie and fails, showing "Unknown error: Unexpected token...".
- Your account was created. Go to the Sign In page, enter your email/password, and complete the OTP email verification to log in.
- This is a known upstream bug (PR #10527). Meeting minutes are saved to the database but the UI counter is never incremented, so the UI shows "No meeting minutes".
- The
cockroach-jobs(V7 Next) orpg-jobs(V7 PG) sidecar automatically reconciles these counters every 5 minutes (configurable viaRECONCILE_INTERVAL). After one cycle, meeting minutes will appear in the UI.
- Wait a few seconds and refresh -- services take time to start
- PostgreSQL / CockroachDB may need up to 30 seconds to initialize on first deploy
- If persists, go to Deployments tab and redeploy
git clone https://github.com/spatialy/huly-dokploy.git
cd huly-dokploy
./scripts/install-hooks.sh # Install pre-commit hook for auto version bumpingA pre-commit hook automatically bumps the template patch version whenever you commit changes to blueprint files. It detects which blueprint(s) changed (huly-v7-next, huly-v7-pg, or both) and bumps only the affected one(s). The hook updates meta.json and TEMPLATE_VERSION in template.toml, then stages them into your commit.
For manual or larger bumps:
./scripts/bump-version.sh status # Show current versions
./scripts/bump-version.sh patch # Bump both v7-next + v7-pg patch (auto on commit)
./scripts/bump-version.sh minor # Bump both minor versions
./scripts/bump-version.sh major # Bump both major versions
./scripts/bump-version.sh next [patch] # Bump only v7-next (default: patch)
./scripts/bump-version.sh pg [patch] # Bump only v7-pg (default: patch)
./scripts/bump-version.sh huly v0.7.360 # Update Huly images in both + auto patchThe huly subcommand updates HULY_VERSION in both template.toml files, both Coolify .env.example files, the coolify/huly.yaml inline defaults, syncs the Huly version into meta.json descriptions, and auto-bumps both template patch versions. The legacy huly-v7 blueprint is not managed by these scripts.
meta.json # Dokploy blueprint registry (version badge + description)
CHANGELOG.md # Release history
scripts/
bump-version.sh # Bump template or Huly version for v7-next + v7-pg
pre-commit # Git hook: auto patch bump on blueprint changes
install-hooks.sh # Install git hooks after cloning
blueprints/huly-v7/ # Dokploy: haiodo/* v0.7.315 on PostgreSQL (legacy)
template.toml # Dokploy template (env vars, mounts, domains)
docker-compose.yml # 29 services orchestration
huly.svg # Logo for Dokploy UI
blueprints/huly-v7-next/ # Dokploy: hardcoreeng/* v0.7.375 on CockroachDB
template.toml # Dokploy template (env vars, mounts, domains)
docker-compose.yml # 40 services orchestration
huly.svg # Logo for Dokploy UI
blueprints/huly-v7-pg/ # Dokploy: hardcoreeng/* v0.7.375 on PostgreSQL (recommended)
template.toml # Dokploy template (env vars, mounts, domains)
docker-compose.yml # 40 services orchestration (PostgreSQL instead of CockroachDB)
huly.svg # Logo for Dokploy UI
coolify/
huly-v7-next/ # Coolify / Docker Compose: CockroachDB deployment
docker-compose.yml # Self-contained compose, 40 services
.env.example # Documented env template
volumes/ # Config files (extracted from template.toml)
nginx/ # Nginx reverse proxy config + entrypoint
livekit/ # LiveKit config + entrypoint
love-agent/ # Meeting transcription entrypoint
cockroach-jobs/ # Meeting-minutes counter reconciliation
sign/ # PDF signing cert auto-generation
huly-v7-pg/ # Coolify / Docker Compose: PostgreSQL deployment (recommended)
docker-compose.yml # Self-contained compose, 40 services on PostgreSQL
.env.example # Documented env template
volumes/ # Config files
nginx/ # Nginx reverse proxy config + entrypoint
livekit/ # LiveKit config + entrypoint
love-agent/ # Meeting transcription entrypoint
pg-jobs/ # Meeting-minutes counter reconciliation
sign/ # PDF signing cert auto-generation
huly.yaml # Coolify upstream template (single file, future PR)
- Original Huly: https://github.com/hcengineering/huly
- PostgreSQL Fork: https://github.com/intabia-fusion/foundation-selfhost -- This template uses the intabia-fusion fork of Huly that replaces CockroachDB with PostgreSQL, making self-hosting simpler and more resource-friendly. Docker images are published as
haiodo/*on Docker Hub. - Dokploy Template: Created to help non-developers deploy Huly without headaches. If it helps you, give it a star!
- Developed by Datalox Inc — A Growth Engineering Consultancy based in Miami, FL. Built with a lot of Cuban Coladas ☕☕☕.
Use freely!