Self-Hosted Deployment
Run SKYCOT on your own infrastructure for full control over data residency, network policies, and compliance requirements.
Deployment Options
SKYCOT Enterprise supports three self-hosted deployment models. Choose the option that best fits your infrastructure and compliance requirements.
Docker Compose
SimplestSingle-server deployment using Docker Compose. Suitable for teams of up to 50 users with moderate build volume. All services (Next.js app, PostgreSQL, Redis, Trigger.dev worker) run on a single host with coordinated container networking.
- Single docker compose up command to start
- Automatic TLS via bundled Caddy reverse proxy
- Built-in database backup cron container
- Horizontal scaling via Docker Swarm (optional)
Kubernetes (Helm Chart)
ProductionMulti-node deployment using a Helm chart for Kubernetes clusters. Designed for larger teams and higher build concurrency. Auto-scaling for build workers, rolling updates with zero downtime, and integration with existing Kubernetes monitoring stacks.
- Helm chart with configurable values.yaml
- Horizontal pod autoscaler for build workers
- Ingress controller support (nginx, Traefik, Istio)
- PersistentVolumeClaim for database and storage
- Prometheus + Grafana dashboards included
Air-Gapped
High SecurityFully isolated deployment for environments with no outbound internet access. All container images, npm packages, and model artifacts are bundled into a single offline installation archive. Requires a self-hosted LLM endpoint or VPN tunnel to the Anthropic API.
- Offline installation archive (all images + dependencies)
- No outbound network calls required at runtime
- Compatible with classified and regulated environments
- License validation via signed offline token
- Optional: Connect to self-hosted Claude via API proxy
Infrastructure Requirements
The following resources are required for a single-node deployment. Kubernetes deployments distribute these across multiple nodes with lower per-node requirements.
| Component | Minimum | Recommended |
|---|---|---|
| CPU | 4 vCPUs | 8+ vCPUs |
| Memory | 8 GB RAM | 16+ GB RAM |
| Storage | 50 GB SSD | 100+ GB SSD |
| PostgreSQL | 14+ | 15+ with pgvector |
| Node.js | 20 LTS | 22 LTS |
| Docker | 24.0+ | 25.0+ |
| Kubernetes (optional) | 1.28+ | 1.30+ |
Network Requirements
Unless running in air-gapped mode, the following outbound connections are required for normal operation.
- api.anthropic.com (443/TCP) — Claude API for build compilation and code generation.
- api.stripe.com (443/TCP) — Payment processing for subscription billing.
- api.vercel.com (443/TCP) — Deployment pipeline for shipping built applications.
- *.supabase.co (443/TCP) — Database provisioning for deployed applications.
- registry.npmjs.org (443/TCP) — Package installation during build process.
All connections use TLS 1.2 or higher. No inbound connections are required beyond your chosen ingress (port 80/443 for user traffic).
Configuration Guide
Self-hosted SKYCOT is configured via environment variables and a central configuration file. The following outlines the key configuration areas.
- Database connection — Provide your PostgreSQL connection string via the DATABASE_URL environment variable. The initialization script runs all migrations automatically on first boot.
- AI provider — Set ANTHROPIC_API_KEY to your organization's Anthropic API key. For air-gapped deployments, configure AI_BASE_URL to point to your self-hosted Claude endpoint or API proxy.
- Authentication — Configure Supabase Auth credentials or, for self-hosted auth, provide your OIDC/SAML identity provider details. See the SSO documentation for enterprise IdP configuration.
- Storage — Generated build artifacts are stored locally by default. Configure S3-compatible storage (AWS S3, MinIO, Google Cloud Storage) via the STORAGE_ENDPOINT and STORAGE_BUCKET environment variables.
- Build workers — Trigger.dev workers run as separate containers. Configure concurrency limits via TRIGGER_MAX_CONCURRENT_RUNS. Default: 10 concurrent builds.
- TLS certificates — Docker Compose includes automatic certificate provisioning via Caddy. For Kubernetes, use cert-manager or your existing certificate management solution.
Docker Quick Start
The fastest path to a running self-hosted instance. Detailed instructions are provided in the installation package.
# 1. Extract the installation package
tar -xzf skycot-enterprise-v4.2.0.tar.gz
cd skycot-enterprise
# 2. Copy and configure environment variables
cp .env.example .env
# Edit .env with your database, API keys, and domain
# 3. Start all services
docker compose up -d
# 4. Run database migrations
docker compose exec app pnpm db:migrate
# 5. Verify the installation
curl https://your-domain.com/api/healthThe health endpoint returns a JSON response with the status of each service (database, build workers, AI provider connectivity).
Need deployment assistance?
Enterprise customers receive dedicated deployment support including architecture review, installation assistance, and configuration validation. Contact enterprise@skycot.com to schedule a deployment session with the SKYCOT engineering team.