Docker

Deploy Marmot using Docker containers with your own PostgreSQL database.

Quick Start

Generate an encryption key

Install the Marmot CLI and generate a key:

curl -fsSL get.marmotdata.io | sh
marmot generate-encryption-key

Run the container

docker run -d \
  --name marmot \
  -p 8080:8080 \
  -e MARMOT_SERVER_ENCRYPTION_KEY=<your-generated-key> \
  -e MARMOT_DATABASE_HOST=<your-postgres-host> \
  -e MARMOT_DATABASE_PORT=5432 \
  -e MARMOT_DATABASE_USER=<your-postgres-user> \
  -e MARMOT_DATABASE_PASSWORD=<your-postgres-password> \
  -e MARMOT_DATABASE_NAME=<your-postgres-database> \
  -e MARMOT_DATABASE_SSLMODE=disable \
  ghcr.io/marmotdata/marmot:latest

Access the UI

Open http://localhost:8080 in your browser.

Default Credentials

The default username and password is admin:admin. Change this after your first login.

Configuration

Environment Variables Config File

Pass configuration as environment variables:

docker run -d \
  --name marmot \
  -p 8080:8080 \
  -e MARMOT_SERVER_ENCRYPTION_KEY=your-key \
  -e MARMOT_DATABASE_HOST=postgres.example.com \
  -e MARMOT_DATABASE_PORT=5432 \
  -e MARMOT_DATABASE_USER=marmot \
  -e MARMOT_DATABASE_PASSWORD=secret \
  -e MARMOT_DATABASE_NAME=marmot \
  -e MARMOT_DATABASE_SSLMODE=require \
  ghcr.io/marmotdata/marmot:latest

Mount a config file for more complex configurations:

docker run -d \
  --name marmot \
  -p 8080:8080 \
  -v /path/to/config.yaml:/app/config.yaml \
  ghcr.io/marmotdata/marmot:latest server --config /app/config.yaml

Example config.yaml:

server:
  encryption_key: "your-generated-key"

database:
  host: postgres.example.com
  port: 5432
  user: marmot
  password: secret
  name: marmot
  sslmode: require

Development Mode

For local development, you can skip encryption (credentials stored in plaintext):

docker run -d \
  --name marmot \
  -p 8080:8080 \
  -e MARMOT_SERVER_ALLOW_UNENCRYPTED=true \
  -e MARMOT_DATABASE_HOST=host.docker.internal \
  -e MARMOT_DATABASE_PORT=5432 \
  -e MARMOT_DATABASE_USER=postgres \
  -e MARMOT_DATABASE_PASSWORD=password \
  -e MARMOT_DATABASE_NAME=marmot \
  ghcr.io/marmotdata/marmot:latest

Not for Production

Never use MARMOT_SERVER_ALLOW_UNENCRYPTED=true in production environments.

Reference

For all configuration options, see the configuration guide.

Next Steps

Add Data with Plugins

Automatically discover assets from your data sources

Configure Authentication

Set up SSO with GitHub, Google, Okta and more

Quick Start​