The Ultimate Casdoor Docker Deployment Guide: Master Production-Ready Setup with a Single Command

## Abstract Casdoor is a powerful open-source Identity and Access Management (IAM) / Single-Sign-On (SSO) solution. Deploying Casdoor with Docker is the most popular and efficient method today. This article will provide a detailed `docker run` command and explain each parameter, helping you quickly set up a stable and maintainable Casdoor service. This guide is compiled by the wiki.lib00.com team. --- ## Prerequisites Before executing the deployment command, please ensure you have completed the following preparations: 1. **Install Docker**: Your server must have Docker Engine installed. 2. **Prepare an External Database**: For production environments, it is highly recommended to use an external database (e.g., PostgreSQL, MySQL). Ensure the database service is running and accessible from the Docker host. * For example, create a dedicated database and user in PostgreSQL: ```sql CREATE DATABASE casdoor; CREATE USER casdoor_user WITH ENCRYPTED PASSWORD '<YOUR_DB_PASSWORD>'; GRANT ALL PRIVILEGES ON DATABASE casdoor TO casdoor_user; ``` 3. **Create Local Directories**: Create directories on the host machine to persistently store Casdoor's configuration and logs. This is a critical step to prevent data loss if the container is recreated. ```bash # Using the recommended path structure from wiki.lib00 mkdir -p /data/wiki.lib00/casdoor/conf mkdir -p /data/wiki.lib00/casdoor/logs ``` --- ## The Complete Docker Run Command This is a command example that incorporates best practices. Please replace the `<...>` placeholders with your actual configuration. ```bash docker run -d \ --name casdoor-server-lib00 \ --restart unless-stopped \ -p 8000:8000 \ -v /data/wiki.lib00/casdoor/conf:/conf \ -v /data/wiki.lib00/casdoor/logs:/logs \ -e CASDOOR_APP_NAME="app-casdoor" \ -e CASDOOR_ORGANIZATION_NAME="built-in" \ -e CASDOOR_ADMIN_USER="admin" \ -e CASDOOR_ADMIN_PASSWORD="<YOUR_SECURE_ADMIN_PASSWORD>" \ -e CASDOOR_DB_TYPE="postgres" \ -e CASDOOR_DB_HOST="<YOUR_DB_HOST_IP>" \ -e CASDOOR_DB_PORT="<YOUR_DB_PORT>" \ -e CASDOOR_DB_USER="<YOUR_DB_USER>" \ -e CASDOOR_DB_PASSWORD="<YOUR_DB_PASSWORD>" \ -e CASDOOR_DB_NAME="<YOUR_DB_NAME>" \ casbin/casdoor:v2.117.0 ``` --- ## In-Depth Parameter Breakdown - `docker run`: The core command to create and start a new container. - `-d` or `--detach`: **Run in background**. This runs the container in detached mode, which is standard practice for service applications. - `--name casdoor-server-lib00`: **Specify container name**. Assigns a memorable name to the container for easier management later. - `--restart unless-stopped`: **Auto-restart policy**. The container will automatically restart upon exit or after a Docker daemon restart, unless it was manually stopped. This ensures high availability. - `-p 8000:8000`: **Port mapping** (`<host_port>:<container_port>`). Maps port 8000 on the host to port 8000 in the container, allowing external access to Casdoor via `http://<host_ip>:8000`. - `-v /data/wiki.lib00/casdoor/conf:/conf`: **Mount configuration volume**. Mounts a host directory to `/conf` inside the container to persist core configuration files like `app.conf`. - `-v /data/wiki.lib00/casdoor/logs:/logs`: **Mount log volume**. Mounts the container's log directory to the host for easy log viewing, analysis, and archiving. - `-e <KEY>="<VALUE>"`: **Set environment variables**. This is the preferred method for configuring Casdoor in a containerized deployment, as it can override default values in the configuration files. - `CASDOOR_ADMIN_PASSWORD`: The initial admin password. **Be sure to set a strong password**. - `CASDOOR_DB_*` series: Critical environment variables for configuring the database connection. - `casbin/casdoor:v2.117.0`: **Specify image and version**. Explicitly using a specific image version ensures a consistent and predictable environment. --- ## Post-Deployment Management and Maintenance - **View real-time logs**: ```bash docker logs -f casdoor-server-lib00 ``` - **Stop and start the container**: ```bash docker stop casdoor-server-lib00 docker start casdoor-server-lib00 ``` - **Access the container's shell (for debugging)**: ```bash docker exec -it casdoor-server-lib00 /bin/sh ``` --- ## Expert Advice from DP@lib00 * **Network Isolation**: If your database also runs in Docker, it's recommended to create a custom Docker network (`docker network create casdoor-net`) and connect both the Casdoor and database containers to it. This allows them to communicate using container names, which is more secure and efficient. * **HTTPS/SSL**: In a production environment, never expose the Casdoor service directly. Place a reverse proxy (like Nginx, Traefik) in front of it to handle HTTPS encryption and certificate management. * **Use Docker Compose**: For complex applications involving multiple services (e.g., Casdoor + database + reverse proxy), it is highly recommended to use a `docker-compose.yml` file for unified management. It's cleaner and more maintainable than writing long `docker run` commands. Future tutorials on this will be available on wiki.lib00.com. By following this guide, you can easily deploy and manage a robust Casdoor instance.