Self-Hosting
Run your own LynxPrompt instance with full control over data, features, and branding. A single Docker Compose file gets you started in minutes.
Quick Start
The fastest way to get LynxPrompt running is with the provided docker-compose.selfhost.yml.
Create an environment file
# .env
NEXTAUTH_SECRET=$(openssl rand -base64 32)
[email protected]
APP_URL=https://lynxprompt.yourcompany.comStart the services
docker compose -f docker-compose.selfhost.yml up -dOpen the app
Navigate to http://localhost:3000 (or your configured APP_URL). The first user matching ADMIN_EMAIL is automatically promoted to superadmin.
Requirements: Docker Engine 24+ and Docker Compose v2. The default compose file uses a single PostgreSQL instance and exposes port 3000.
Environment Variables
All configuration is done through environment variables. Only NEXTAUTH_SECRET is strictly required.
Core
| Variable | Default | Description |
|---|---|---|
NEXTAUTH_SECRET | — | Session encryption key. Required. Generate with openssl rand -base64 32 |
APP_URL | http://localhost:3000 | Public URL of the instance (used for callbacks, emails, and CLI) |
NEXTAUTH_URL | same as APP_URL | NextAuth callback URL. Usually the same as APP_URL |
SUPERADMIN_EMAIL | — | Email auto-promoted to superadmin on first sign-in |
NODE_ENV | production | Set to production for self-hosted deployments |
Database
| Variable | Default | Description |
|---|---|---|
DATABASE_URL_APP | — | Main application database (blueprints, marketplace) |
DATABASE_URL_USERS | — | User accounts, sessions, authentication |
DATABASE_URL_BLOG | — | Blog content (when ENABLE_BLOG is on) |
DATABASE_URL_SUPPORT | — | Support forum data (when ENABLE_SUPPORT_FORUM is on) |
Authentication
| Variable | Default | Description |
|---|---|---|
ENABLE_EMAIL_AUTH | true | Magic link email sign-in (requires SMTP) |
ENABLE_PASSKEYS | true | WebAuthn passkey sign-in |
ENABLE_GITHUB_OAUTH | false | GitHub OAuth (requires GITHUB_ID + GITHUB_SECRET) |
ENABLE_GOOGLE_OAUTH | false | Google OAuth (requires GOOGLE_CLIENT_ID + GOOGLE_CLIENT_SECRET) |
ENABLE_SSO | false | Enterprise SSO (SAML, OIDC, LDAP) |
ENABLE_USER_REGISTRATION | true | Allow new user registration. Set to false for invite-only |
ENABLE_TURNSTILE | false | Cloudflare Turnstile CAPTCHA on sign-up |
AI Features
| Variable | Default | Description |
|---|---|---|
ENABLE_AI | false | Enable AI editing & wizard assistant |
ANTHROPIC_API_KEY | — | Anthropic API key (required when ENABLE_AI is true) |
AI_MODEL | claude-3-5-haiku-latest | Anthropic model to use for AI features |
Marketplace
| Variable | Default | Description |
|---|---|---|
ENABLE_STRIPE | false | Enable paid blueprint purchases (requires Stripe keys) |
Branding & Content
| Variable | Default | Description |
|---|---|---|
APP_NAME | LynxPrompt | Application name shown in UI, emails, and metadata |
APP_LOGO_URL | — | URL to a custom logo image |
CONTACT_EMAIL | — | Displayed as contact email in the UI |
STATUS_PAGE_URL | — | Link to your status page (e.g., Upptime, Kuma) |
ENABLE_BLOG | false | Enable the built-in blog |
ENABLE_SUPPORT_FORUM | false | Enable the support forum |
UMAMI_SCRIPT_URL | — | Umami analytics script URL (self-hosted analytics) |
Authentication Configuration
Out of the box, LynxPrompt supports passkeys and email magic links. Add OAuth providers or lock down registration as needed.
Passkeys (default: on)
WebAuthn passkeys work immediately with no extra configuration. Requires HTTPS in production for browser WebAuthn APIs.
Email Magic Links (default: on)
Requires an SMTP server. Set EMAIL_SERVER and EMAIL_FROM in your environment. Without SMTP, disable with ENABLE_EMAIL_AUTH=false.
GitHub OAuth
Set ENABLE_GITHUB_OAUTH=true, GITHUB_ID, and GITHUB_SECRET. Create an OAuth App at GitHub → Settings → Developer settings → OAuth Apps. Set the callback URL to {APP_URL}/api/auth/callback/github.
Google OAuth
Set ENABLE_GOOGLE_OAUTH=true, GOOGLE_CLIENT_ID, and GOOGLE_CLIENT_SECRET. Configure in Google Cloud Console with redirect URI {APP_URL}/api/auth/callback/google.
Invite-Only Mode
Set ENABLE_USER_REGISTRATION=false to prevent new sign-ups. Existing users can still sign in. Admins can invite users via the admin panel.
AI Features Setup
AI-powered blueprint editing and wizard assistance are opt-in.
Get an Anthropic API Key
Sign up at console.anthropic.com and create an API key.
Set environment variables
ENABLE_AI=true
ANTHROPIC_API_KEY=sk-ant-...
AI_MODEL=claude-3-5-haiku-latest # optionalRestart the container
AI buttons will appear automatically in the UI for all users.
Cost note: AI requests are billed by Anthropic to your API key. LynxPrompt does not add any surcharge. Monitor usage at the Anthropic dashboard.
Custom Branding
White-label LynxPrompt for your organization.
APP_NAME=MyCompany Prompts
APP_LOGO_URL=https://cdn.mycompany.com/logo.svg
[email protected]
STATUS_PAGE_URL=https://status.mycompany.comThe app name is used throughout the UI, in page titles, email templates, and OpenGraph metadata. The logo replaces the default LynxPrompt logo in the header and email templates.
Database Architecture
LynxPrompt uses four Prisma clients, each with its own connection string. This allows flexible deployment topologies.
Single Database (recommended)
Point all four DATABASE_URL_* variables to the same PostgreSQL database. This is the default in docker-compose.selfhost.yml and is the simplest setup.
DATABASE_URL_APP=postgresql://...
DATABASE_URL_USERS=postgresql://... # same
DATABASE_URL_BLOG=postgresql://... # same
DATABASE_URL_SUPPORT=postgresql://... # sameMulti-Database
For larger deployments, split databases by concern. Each client connects to a separate database or server, allowing independent scaling and backup strategies.
DATABASE_URL_APP=postgresql://app-db/lynx
DATABASE_URL_USERS=postgresql://auth-db/users
DATABASE_URL_BLOG=postgresql://blog-db/blog
DATABASE_URL_SUPPORT=postgresql://sup-db/forumCLI for Self-Hosted Instances
The LynxPrompt CLI works with self-hosted instances. After installing the CLI, point it to your instance:
lynxp config set-url https://lynxprompt.yourcompany.com
lynxp loginThis stores the API URL locally. All subsequent CLI commands (push, pull, sync) will target your self-hosted instance instead of the public service.
Health Check
LynxPrompt exposes a health endpoint for monitoring and orchestration:
GET /api/health
# Healthy response (200):
{"status":"ok","db":"connected"}
# Unhealthy response (503):
{"status":"error","db":"disconnected"}Use this endpoint in Docker health checks, Kubernetes liveness probes, or external monitoring tools like Uptime Kuma.
# Docker Compose healthcheck example
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:3000/api/health"]
interval: 30s
timeout: 5s
retries: 3