A production-ready Docker deployment of LibreChat - an open-source AI chat platform that supports multiple LLM providers including OpenAI, Anthropic, Google, and local models via Ollama.
- Multi-Provider Support: OpenAI (GPT-4, GPT-3.5), Anthropic (Claude), Google (Gemini), and Ollama (local LLMs)
- Docker-Based: Easy deployment with Docker Compose
- MongoDB Integration: Persistent data storage
- Secure: JWT authentication, encrypted API key storage
- User Management: Built-in registration and authentication system
- Self-Hosted: Full control over your data and privacy
- Docker (version 20.10 or higher)
- Docker Compose (version 2.0 or higher)
- At least one API key from supported LLM providers (optional for Ollama)
git clone git@github.com:sumaiazaman/librechat.git
cd librechatCopy the example environment file and edit it with your settings:
cp .env.example .envEdit .env and configure the following:
# Generate secure secrets (use: openssl rand -hex 32)
JWT_SECRET=your-secure-jwt-secret
JWT_REFRESH_SECRET=your-secure-refresh-secret
SESSION_SECRET=your-secure-session-secret
CREDS_KEY=your-32-byte-creds-key
CREDS_IV=your-16-byte-creds-iv OPENAI_API_KEY=sk-your-openai-key
ANTHROPIC_API_KEY=sk-ant-your-anthropic-key
GOOGLE_KEY=your-google-keyUse OpenSSL to generate secure random strings:
# For JWT and session secrets (32 bytes)
openssl rand -hex 32
# For credentials key (32 bytes)
openssl rand -hex 32
# For credentials IV (16 bytes)
openssl rand -hex 16 docker-compose up -dOpen your browser and navigate to:
http://localhost:3080
docker-compose up -d docker-compose down# All services
docker-compose logs -f
# LibreChat only
docker-compose logs -f librechat
# MongoDB only
docker-compose logs -f mongodb docker-compose restart docker-compose pull
docker-compose up -d| Variable | Description | Required | Default |
|---|---|---|---|
NODE_ENV |
Application environment | Yes | production |
PORT |
Application port | Yes | 3080 |
MONGO_URI |
MongoDB connection string | Yes | mongodb://mongodb:27017/librechat |
JWT_SECRET |
JWT signing secret | Yes | - |
JWT_REFRESH_SECRET |
JWT refresh token secret | Yes | - |
SESSION_SECRET |
Session encryption secret | Yes | - |
CREDS_KEY |
API key encryption key | Yes | - |
CREDS_IV |
API key encryption IV | Yes | - |
ALLOW_REGISTRATION |
Enable user registration | No | true |
OPENAI_API_KEY |
OpenAI API key | No | - |
ANTHROPIC_API_KEY |
Anthropic API key | No | - |
GOOGLE_KEY |
Google API key | No | - |
To disable new user registration after creating your account:
# In .env file
ALLOW_REGISTRATION=falseThen restart:
docker-compose restartMongoDB data is persisted in a Docker volume named mongo_data. This ensures your conversations and settings are preserved across container restarts.
docker-compose exec mongodb mongodump --out /data/backup
docker cp librechat_mongodb:/data/backup ./backup docker cp ./backup librechat_mongodb:/data/backup
docker-compose exec mongodb mongorestore /data/backup- Never commit
.envfile - It contains sensitive secrets - Use strong, random secrets - Generate with
openssl rand -hex 32 - Disable registration - Set
ALLOW_REGISTRATION=falseafter creating your account - Use HTTPS in production - Set up a reverse proxy (nginx, Caddy, Traefik)
- Regular updates - Keep LibreChat and MongoDB images updated
- Firewall rules - Restrict access to port 3080 if needed
# Check logs
docker-compose logs
# Verify .env file exists and is configured
cat .env# Ensure MongoDB is running
docker-compose ps
# Check MongoDB logs
docker-compose logs mongodbEdit docker-compose.yml and change the port mapping:
ports:
- "8080:3080" # Use port 8080 insteadThis deployment configuration is provided as-is. LibreChat is licensed under the MIT License.
Feel free to submit issues and enhancement requests!
Note: This is a Docker deployment configuration for LibreChat. For the main LibreChat project, visit github.com/danny-avila/LibreChat.