How to self-host

Run your own Tusile community on your domain. This page is the canonical install flow.

Requirements

A machine where Docker and Docker Compose can run.
A public hostname (for example via Duck DNS, No-IP, or FreeDNS).
A Tusile server token created in the app/core.

Choose your install path

Quick start

In the Tusile app, create a new server first to obtain the token. Then download the bundle, unpack it, and run the setup. The script will guide you through the rest.

You need a hostname (domain). Free options: No-IP, Duck DNS, FreeDNS — point it at your server's IP.

Download community-server.zip

Unpack the zip.
Windows: Double-click setup.bat in the community-server folder.
Linux / macOS: In a terminal in that folder: chmod +x setup.sh then ./setup.sh.
This script runs the same steps you would do manually in the I know what I'm doing tab, and you are welcome to read the script content.
Follow the prompts.
When the script lists ports, open them on your router/firewall. The script will start the server.

When the script finishes, connect to your server in the Tusile app.

Advanced setup

The bundle includes Docker, Caddy for HTTPS, and LiveKit for voice and video. Download, set a few variables, edit the Caddyfile with your domain, and start the stack.

You need a domain so Caddy can obtain TLS certificates and the Tusile app can connect without mixed content (browsers block HTTPS pages from calling HTTP backends).

Free options for a hostname: Duck DNS, No-IP, and FreeDNS — you get a subdomain (e.g. yourserver.duckdns.org) and point it at your server's IP; Caddy will then get a certificate for it.

Download community-server.zip

Unpack the archive (e.g. unzip community-server.zip and cd community-server).
In the unpacked folder, set these in your environment configuration file:
- SERVER_TOKEN — token from the Tusile Core Server to register your community.
- COMMUNITY_PUBLIC_URL — public URL of your server with no path (e.g. chat.example.com). Must match the domain in the Caddyfile.
- LiveKit key pair — generate with the LiveKit Docker image, then set LIVEKIT_API_KEY and LIVEKIT_API_SECRET in .env and the same pair in your LiveKit config keys: (e.g. livekit.yaml or livekit.prod.yaml):
```
docker run --rm livekit/livekit-server generate-keys
```
  Use the printed API Key and API Secret in both .env and the LiveKit config file.
Edit Caddyfile: replace community.example.com with your domain. Caddy will obtain TLS certificates automatically.
Start the stack:
```
docker compose up -d
```

NAT / firewall ports

Open these ports on your router or firewall so the server and voice/video work from the internet:

Caddy (HTTPS + LiveKit WSS): 80/tcp, 443/tcp, 7880/tcp. Caddy serves the community API on 80/443 and LiveKit WebSocket on 7880.
LiveKit (voice/video):
- 7881/tcp — ICE/TCP fallback.
- 50000-50060/udp — RTP media. Must be reachable for voice/video.
- 3478/udp — TURN/UDP (and STUN). Helps when clients are behind strict firewalls or symmetric NAT.
- 5349/tcp — TURN/TLS (optional). Enable in livekit.prod.yaml with certs and open this port if you use it.

Port 9090 is also exposed for direct access to the community API if needed; with Caddy, 80/443 are the main entry.

Validation checks

Run docker compose ps and confirm all containers are healthy/up.
Open https://your-domain and verify TLS certificate is valid.
Call https://your-domain/health and verify status is ok.
Join from the Tusile client and verify text + voice in one test channel.

After the containers are up and ports are open, your community server and LiveKit (voice/video) will be running. You should now be able to connect to your server in the Tusile app.