Skip to content
Presswerk Docs

Installation

Presswerk runs as three Docker containers: the application, PostgreSQL, and Keycloak (identity provider).

System Requirements

Section titled “System Requirements”
ComponentMinimumRecommended
CPU2 cores4 cores
RAM4 GB8 GB
Disk20 GB50 GB+ (depends on report volume)
OSLinux (amd64), macOSLinux (Ubuntu 22.04+, Debian 12+)
Docker24.0+Latest stable
Docker Composev2.20+Latest stable

Ports: 8080 (application), 8081 (Keycloak), 5432 (PostgreSQL, internal only)

One-Line Install

Section titled “One-Line Install”
Terminal window
curl -fsSL https://presswerk.app/install.sh | bash

This downloads Docker Compose files, generates secure passwords, pulls images, and starts all services. You will be prompted for your domain.

For non-interactive installation:

Terminal window
APP_DOMAIN=reports.acme.com curl -fsSL https://presswerk.app/install.sh | bash

See Air-Gapped Install for environments without internet access.

Manual Install

Section titled “Manual Install”

1. Create project directory

Section titled “1. Create project directory”
Terminal window
mkdir presswerk && cd presswerk

2. Create docker-compose.yml

Section titled “2. Create docker-compose.yml”
services:
  postgres:
    image: postgres:16-alpine
    container_name: presswerk-postgres
    environment:
      POSTGRES_USER: ${DB_USER:-presswerk}
      POSTGRES_PASSWORD: ${DB_PASSWORD:?DB_PASSWORD must be set}
      POSTGRES_DB: ${DB_NAME:-presswerk}
    volumes:
      - postgres_data:/var/lib/postgresql/data
    configs:
      - source: init-keycloak-schema
        target: /docker-entrypoint-initdb.d/init-keycloak-schema.sql
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U ${DB_USER:-presswerk} -d ${DB_NAME:-presswerk}"]
      interval: 10s
      timeout: 5s
      retries: 5
    restart: unless-stopped


  keycloak:
    image: ghcr.io/fs2-software/presswerk-keycloak:${APP_VERSION:-latest}
    container_name: presswerk-keycloak
    command: start --import-realm
    environment:
      KC_DB: postgres
      KC_DB_URL: jdbc:postgresql://postgres:5432/${DB_NAME:-presswerk}
      KC_DB_SCHEMA: keycloak
      KC_DB_USERNAME: ${DB_USER:-presswerk}
      KC_DB_PASSWORD: ${DB_PASSWORD:?DB_PASSWORD must be set}
      KC_HOSTNAME: ${KEYCLOAK_HOSTNAME:?KEYCLOAK_HOSTNAME must be set}
      KC_HTTP_ENABLED: "true"
      KC_PROXY_HEADERS: xforwarded
      KEYCLOAK_ADMIN: ${KEYCLOAK_ADMIN_USER:-admin}
      KEYCLOAK_ADMIN_PASSWORD: ${KEYCLOAK_ADMIN_PASSWORD:?KEYCLOAK_ADMIN_PASSWORD must be set}
    ports:
      - "${KEYCLOAK_PORT:-8081}:8080"
    depends_on:
      postgres:
        condition: service_healthy
    restart: unless-stopped


  app:
    image: ghcr.io/fs2-software/presswerk:${APP_VERSION:-latest}
    container_name: presswerk-app
    environment:
      SPRING_DATASOURCE_URL: jdbc:postgresql://postgres:5432/${DB_NAME:-presswerk}
      SPRING_DATASOURCE_USERNAME: ${DB_USER:-presswerk}
      SPRING_DATASOURCE_PASSWORD: ${DB_PASSWORD:?DB_PASSWORD must be set}
      PRESSWERK_EDITION: core
      PRESSWERK_TENANCY_MODE: single
      KEYCLOAK_URL: http://keycloak:8080
      KEYCLOAK_PUBLIC_URL: ${KEYCLOAK_PUBLIC_URL:?KEYCLOAK_PUBLIC_URL must be set}
      KEYCLOAK_ADMIN_USER: ${KEYCLOAK_ADMIN_USER:-admin}
      KEYCLOAK_ADMIN_PASSWORD: ${KEYCLOAK_ADMIN_PASSWORD:?KEYCLOAK_ADMIN_PASSWORD must be set}
      APP_DOMAIN: ${APP_DOMAIN:?APP_DOMAIN must be set}
      IMAGE_STORAGE_PATH: /var/data/presswerk/images
      IMAGE_BASE_URL: https://${APP_DOMAIN:?APP_DOMAIN must be set}/api/images
      SMTP_HOST: ${SMTP_HOST:-}
      SMTP_PORT: ${SMTP_PORT:-587}
      SMTP_USERNAME: ${SMTP_USERNAME:-}
      SMTP_PASSWORD: ${SMTP_PASSWORD:-}
      SMTP_FROM: ${SMTP_FROM:-noreply@presswerk.app}
      LICENSE_FILE: ${LICENSE_FILE:-}
      LICENSE_PUBLIC_KEY: ${LICENSE_PUBLIC_KEY:-}
    ports:
      - "${APP_PORT:-8080}:8080"
    volumes:
      - image_data:/var/data/presswerk/images
      - export_temp:/tmp/presswerk
    depends_on:
      postgres:
        condition: service_healthy
      keycloak:
        condition: service_started
    restart: unless-stopped


volumes:
  postgres_data:
    name: presswerk_postgres
  image_data:
    name: presswerk_images
  export_temp:
    name: presswerk_export


networks:
  default:
    name: presswerk


configs:
  init-keycloak-schema:
    content: |
      CREATE SCHEMA IF NOT EXISTS keycloak;

3. Create .env

Section titled “3. Create .env”
Terminal window
# Required
APP_DOMAIN=reports.your-domain.com
DB_PASSWORD=your-secure-database-password
KEYCLOAK_HOSTNAME=auth.your-domain.com
KEYCLOAK_PUBLIC_URL=https://auth.your-domain.com
KEYCLOAK_ADMIN_PASSWORD=your-keycloak-admin-password


# Optional
APP_VERSION=latest
APP_PORT=8080
KEYCLOAK_PORT=8081

4. Start services

Section titled “4. Start services”
Terminal window
docker compose up -d

5. Verify

Section titled “5. Verify”
Terminal window
docker compose ps
curl http://localhost:8080/api/actuator/health

Initial Setup

Section titled “Initial Setup”
  1. Open Keycloak admin console at https://auth.your-domain.com/admin
  2. Log in with admin / your KEYCLOAK_ADMIN_PASSWORD
  3. Select the presswerk realm
  4. Go to Users → Add User, create your first user
  5. Under Users → Role Mappings, assign the admin role
  6. Restrict redirect URIs: Clients → presswerk-web → Valid Redirect URIshttps://your-domain.com/*
  7. Open Presswerk at https://reports.your-domain.com and sign in