Skip to content
Galley

Self-host

Runs on a box you own.

One compose file, one wildcard DNS record, and a host with Docker. Source and database snapshots stay on your network. There is no hosted version. Yet.

Why

Why self-hosted, specifically.

The teams that need real-database previews are usually the ones who can't put production-shape data into a vendor. Self-hosted puts the snapshots, the secrets, and the build logs on infrastructure you control — same place the rest of your security boundary already lives.

The other reason is cost shape. Previews are CPU and disk; per-seat SaaS pricing isn't. A $40/month VPS handles a dozen-engineer team comfortably.

Requirements

What it needs.

  • One Linux host with Docker. 2 vCPU and 4 GB RAM is enough for a small team to start.
  • One wildcard DNS record*.preview.yourco.dev pointed at the host.
  • A master key — 32 random bytes, set once at install. Encrypts secrets at rest. There's no recovery.

Single host runs every control-plane service plus a colocated agent in one compose project — the only topology tested in v1. Splitting agents across a fleet of hosts is on the roadmap; today, scale is "one bigger box" rather than "more boxes."

Install

One compose file.

The compose file pulls every control-plane service as a published image. Set GALLEY_MASTER_KEY and your preview-domain DNS settings, run the snippet below, and you have a working server.

Install

Three lines to a working server.

One compose file pulls every control-plane service as a published image. Point a wildcard DNS record at the host and you have previews. 

curl -fsSL https://galley.sh/install/docker-compose.yml -o docker-compose.yml
echo "GALLEY_MASTER_KEY=$(openssl rand -hex 32)" > .env
docker compose up -d
# On a separate host, after generating a token in
# Admin → Agents → New agent.
sudo docker create --name x galleysh/agent:v1
sudo docker cp x:/usr/local/bin/galley-agent /usr/local/bin/
sudo docker rm x
sudo systemctl enable --now galley-agent

Full walk-through with DNS, TLS, and the master key in the quick start docs ↗.

Telemetry

None by default.

No license check, no crash reporting, no usage stats. There is an opt-in telemetry toggle in instance settings; off unless you turn it on.

For air-gapped operation, mirror the release images and any base images your galley.yml pulls into a private registry, and point Docker at it. Galley itself doesn't reach out post-install.

Operations

Upgrades and backups.

Upgrades: docker compose pull + docker compose up -d. The server runs migrations on boot and agents reconnect automatically. Migrations are forward-only in v1; there's no automatic rollback yet — pin a backed-up Postgres if you need to revert.

Backups: dump Postgres the way you already do. All Galley state lives there — projects, environments, audit log, encrypted secrets — so a consistent dump captures everything. Keep the master key separate; without it the secret ciphertext is unrecoverable.

Zero-downtime upgrades, agent drain/reassign, and dedicated backup tooling are roadmap. For now: stop, swap, start.