Self-Hosting
Rivano can be self-hosted for organizations that require data residency, air-gapped environments, or full infrastructure control. The self-hosted version includes all proxy, governance, and observability features.
Requirements
| Component | Minimum | Recommended |
|---|---|---|
| CPU | 2 cores | 4 cores |
| Memory | 4 GB | 8 GB |
| Disk | 20 GB | 50 GB SSD |
| Database | PostgreSQL 15+ | PostgreSQL 16 |
| Runtime | Docker 24+ or K8s 1.28+ | β |
Quick Start with Docker
Pull and run the Rivano container:
docker run -d \
--name rivano \
-p 8080:8080 \
-e DATABASE_URL="postgresql://user:pass@host:5432/rivano" \
-e RIVANO_LICENSE_KEY="your-license-key" \
-e ENCRYPTION_KEY="$(openssl rand -hex 32)" \
-e JWT_SECRET="$(openssl rand -hex 32)" \
ghcr.io/rivano-ai/rivano:latestThe server starts on port 8080. Verify itβs running:
curl http://localhost:8080/health
# {"status":"healthy","version":"1.2.0","database":"connected"}Docker Compose
For a complete setup with PostgreSQL included:
version: "3.9"
services:
rivano:
image: ghcr.io/rivano-ai/rivano:latest
ports:
- "8080:8080"
environment:
DATABASE_URL: postgresql://rivano:rivano@postgres:5432/rivano
RIVANO_LICENSE_KEY: ${RIVANO_LICENSE_KEY}
ENCRYPTION_KEY: ${ENCRYPTION_KEY}
JWT_SECRET: ${JWT_SECRET}
depends_on:
postgres:
condition: service_healthy
postgres:
image: postgres:16-alpine
environment:
POSTGRES_USER: rivano
POSTGRES_PASSWORD: rivano
POSTGRES_DB: rivano
volumes:
- pgdata:/var/lib/postgresql/data
healthcheck:
test: ["CMD-SHELL", "pg_isready -U rivano"]
interval: 5s
timeout: 3s
retries: 5
volumes:
pgdata:Kubernetes (Helm)
Install via Helm for production Kubernetes deployments:
helm repo add rivano https://charts.rivano.ai
helm repo update
helm install rivano rivano/rivano \
--namespace rivano \
--create-namespace \
--set database.url="postgresql://user:pass@host:5432/rivano" \
--set licenseKey="your-license-key" \
--set encryptionKey="your-encryption-key" \
--set replicas=3Helm Values
Key configuration values:
# values.yaml
replicas: 3
image:
repository: ghcr.io/rivano-ai/rivano
tag: latest
resources:
requests:
cpu: "500m"
memory: "1Gi"
limits:
cpu: "2"
memory: "4Gi"
database:
url: "" # required
maxConnections: 20
sslMode: require
ingress:
enabled: true
className: nginx
hosts:
- host: rivano.internal.example.com
paths:
- path: /
pathType: Prefix
tls:
- secretName: rivano-tls
hosts:
- rivano.internal.example.com
autoscaling:
enabled: true
minReplicas: 3
maxReplicas: 10
targetCPUUtilization: 70Environment Variables
| Variable | Required | Description |
|---|---|---|
DATABASE_URL | Yes | PostgreSQL connection string |
RIVANO_LICENSE_KEY | Yes | License key from your Enterprise plan |
ENCRYPTION_KEY | Yes | 32-byte hex key for encrypting provider keys at rest |
JWT_SECRET | Yes | Secret for signing session tokens |
PORT | No | Server port (default: 8080) |
LOG_LEVEL | No | debug, info, warn, error (default: info) |
CORS_ORIGINS | No | Comma-separated allowed origins |
RATE_LIMIT_ENABLED | No | Enable rate limiting (default: true) |
TELEMETRY_ENABLED | No | Send anonymous usage stats (default: true, set false to disable) |
Database Migrations
Migrations run automatically on startup. To run them manually:
docker run --rm \
-e DATABASE_URL="postgresql://user:pass@host:5432/rivano" \
ghcr.io/rivano-ai/rivano:latest \
migrateUpgrading
- Pull the latest image:
docker pull ghcr.io/rivano-ai/rivano:latest - Stop the running container
- Start with the new image β migrations apply automatically
- Verify with the
/healthendpoint
For Helm: helm upgrade rivano rivano/rivano --reuse-values
Enterprise Support
Self-hosting requires an Enterprise plan. This includes:
- Dedicated support channel with 4-hour SLA
- Custom SSO/SAML integration assistance
- Architecture review for high-availability deployments
- Priority access to new features
Contact sales to get started with Enterprise.