Docker Deployment

QvaSoft Gateway is available as an official Docker image on Docker Hub.

Quick Start

docker pull asielhv/qvasoft-gateway
docker run -p 4000:4000 asielhv/qvasoft-gateway

Access the admin panel at http://localhost:4000/admin.

Image Tags

Tag	Description
`qvasoft/gateway:latest`	Latest stable release
`qvasoft/gateway:1.0`	Specific version

Docker Compose

version: '3.8'
services:
  gateway:
    image: asielhv/qvasoft-gateway
    ports:
      - "4000:4000"
    volumes:
      - gateway-data:/app/data
    environment:
      - ConnectionStrings__DefaultConnection=Data Source=/app/data/identity.db
    restart: unless-stopped

volumes:
  gateway-data:

Start with:

docker compose up -d

Persistent Data

The SQLite database (identity.db) and configuration (ocelot.json) are stored in the container's /app directory. Mount a volume to persist data across container restarts:

docker run -p 4000:4000 -v gateway-data:/app asielhv/qvasoft-gateway

warning

Without a mounted volume, your configuration and user data will be lost when the container is removed.

Environment Variables

Override any configuration using environment variables:

docker run -p 4000:4000 \
  -e "AppSetting__AdminApi__AppName=Production Gateway" \
  -e "AppSetting__AdminApi__PrimaryColor=#6200ea" \
  -e "AppSetting__AllowedCorsOrigins__0=https://app.example.com" \
  qvasoft/gateway

Authentication Provider Configuration

Since AuthenticationProviders is an array, use the index (__0, __1, etc.) to target a specific provider. For example, to override the SecretKey of the first JWT provider:

docker run -p 4000:4000 \
  -e "AppSetting__AuthenticationProviders__0__SecretKey=MySuperSecretKey2025!" \
  asielhv/qvasoft-gateway

In Docker Compose:

services:
  gateway:
    image: asielhv/qvasoft-gateway
    ports:
      - "4000:4000"
    environment:
      - AppSetting__AuthenticationProviders__0__SecretKey=MySuperSecretKey2025!

tip

The index corresponds to the position in the AuthenticationProviders array defined in appsettings.json. __0 is the first provider, __1 the second, and so on. You can override any property of a provider this way (e.g., Issuer, Audience, Authority).

note

Admin authentication is handled internally with an auto-generated key that exists only in memory. No secret key configuration is needed -- sessions are automatically invalidated on container restart.

TLS / HTTPS

To enable HTTPS, mount your certificate and configure Kestrel:

docker run -p 4000:4000 -p 4001:4001 \
  -v /path/to/certificate.pfx:/app/certificate.pfx \
  -e "Kestrel__Endpoints__Https__Url=https://*:4001" \
  -e "Kestrel__Endpoints__Https__Certificate__Path=certificate.pfx" \
  -e "Kestrel__Endpoints__Https__Certificate__Password=cert-password" \
  asielhv/qvasoft-gateway:1.0

Health Check

Add a health check to your Docker Compose:

services:
  gateway:
    image: asielhv/qvasoft-gateway
    # ...
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:4000/admin"]
      interval: 30s
      timeout: 10s
      retries: 3

Updating

Pull the latest image and recreate the container:

docker pull asielhv/qvasoft-gateway
docker compose down
docker compose up -d

Your data is preserved in the mounted volume.

Quick Start​

Image Tags​

Docker Compose​

Persistent Data​

Environment Variables​

Authentication Provider Configuration​

TLS / HTTPS​

Health Check​

Updating​