IntuneGetIntuneGet
/Docs

Docker Deployment

Deploy IntuneGet using Docker for portable, consistent deployments on any infrastructure.

Prerequisites

  • Docker installed (Install Docker)
  • Docker Compose (usually included with Docker Desktop)
  • Completed Azure AD setup
  • A Windows machine for running the local packager

Quick Start

The fastest way to deploy IntuneGet with Docker:

bash
# Clone your fork (or the main repo)
git clone https://github.com/YOUR_USERNAME/IntuneGet.git
cd IntuneGet

# Copy and configure environment
cp .env.example .env.local

# Edit .env.local with your values
# (Use your favorite editor)

# Start the application
docker-compose up -d

The application will be available at http://localhost:3000

Step-by-Step Setup

1

Clone the Repository

bash
git clone https://github.com/YOUR_USERNAME/IntuneGet.git
cd IntuneGet
2

Configure Environment Variables

Copy the example environment file:

bash
cp .env.example .env.local

Edit .env.local and fill in all required values:

bash|.env.local
# Database (SQLite mode for self-hosting)
DATABASE_MODE=sqlite
DATABASE_PATH=/data/intuneget.db

# Local Packager
PACKAGER_MODE=local
PACKAGER_API_KEY=your-secure-random-key

# Azure AD
NEXT_PUBLIC_AZURE_AD_CLIENT_ID=your-client-id
AZURE_AD_CLIENT_SECRET=your-client-secret

# Application URL
NEXT_PUBLIC_URL=http://localhost:3000
3

Start with Docker Compose

bash
# Start in detached mode
docker-compose up -d

# View logs
docker-compose logs -f

# Stop
docker-compose down
4

Verify Deployment

Check that everything is running:

bash
# Check container status
docker-compose ps

# Test health endpoint
curl http://localhost:3000/api/health

Expected health response:

json
{
  "status": "healthy",
  "mode": "self-hosted",
  "services": {
    "database": true,
    "auth": true,
    "pipeline": true
  }
}

Docker Compose Configuration

The included docker-compose.yml provides a production-ready configuration with SQLite persistence:

yaml|docker-compose.yml
1version: '3.8'
2
3services:
4  intuneget:
5    build:
6      context: .
7      dockerfile: Dockerfile
8    ports:
9      - "3000:3000"
10    environment:
11      - DATABASE_MODE=sqlite
12      - DATABASE_PATH=/data/intuneget.db
13      - PACKAGER_MODE=local
14      - PACKAGER_API_KEY=${PACKAGER_API_KEY}
15      - NEXT_PUBLIC_AZURE_AD_CLIENT_ID=${NEXT_PUBLIC_AZURE_AD_CLIENT_ID}
16      - AZURE_AD_CLIENT_SECRET=${AZURE_AD_CLIENT_SECRET}
17      - NEXT_PUBLIC_URL=${NEXT_PUBLIC_URL}
18    volumes:
19      - intuneget-data:/data
20    restart: unless-stopped
21    healthcheck:
22      test: ["CMD", "curl", "-f", "http://localhost:3000/api/health"]
23      interval: 30s
24      timeout: 10s
25      retries: 3
26      start_period: 40s
27
28volumes:
29  intuneget-data:

Data Persistence

The intuneget-data volume ensures your SQLite database persists across container restarts and updates. Never remove this volume unless you want to start fresh.

Reverse Proxy Configuration

For production, place IntuneGet behind a reverse proxy for SSL termination:

nginx|nginx.conf
server {
    listen 80;
    server_name intuneget.yourdomain.com;

    location / {
        proxy_pass http://localhost:3000;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_cache_bypass $http_upgrade;
    }
}
text|Caddyfile
intuneget.yourdomain.com {
    reverse_proxy localhost:3000
}

Caddy automatically provisions and renews SSL certificates from Let's Encrypt.

yaml|docker-compose.yml
version: '3.8'

services:
  intuneget:
    # ... your existing config ...
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.intuneget.rule=Host(`intuneget.yourdomain.com`)"
      - "traefik.http.routers.intuneget.entrypoints=websecure"
      - "traefik.http.routers.intuneget.tls.certresolver=letsencrypt"

SSL/TLS

Always Use HTTPS in Production

IntuneGet handles authentication tokens and interacts with Microsoft APIs. Always use HTTPS in production environments.

Caddy

Automatic Let's Encrypt certificates

Nginx + Certbot

Run certbot for certificate management

Cloud Load Balancer

AWS ALB, GCP LB, or Azure App Gateway

Updating Your Deployment

To update to the latest version:

bash
# Pull latest changes
git pull origin main

# Rebuild and restart
docker-compose down
docker-compose build --no-cache
docker-compose up -d

Database Migrations

SQLite database schema is managed automatically. After major updates, the schema will be updated on application startup. Check the release notes for any manual migration steps if needed.

Production Checklist

Environment variables are set correctly
HTTPS is configured with valid certificates
NEXT_PUBLIC_URL matches your production domain
Azure AD redirect URIs include your production URL
Local packager is running and connected
Health checks are passing
SQLite database backup schedule configured
Logs are being collected
Monitoring/alerting is set up

Common Issues

Container fails to start

  • Check logs: docker-compose logs -f
  • Verify .env.local exists and has correct values
  • Ensure port 3000 is not in use

Database errors

  • Verify DATABASE_MODE=sqlite is set
  • Check volume mount for /data directory
  • Verify write permissions: docker exec intuneget ls -la /data

Build fails

  • Ensure Docker has enough memory (at least 4GB)
  • Try building with no cache: docker-compose build --no-cache
  • Check for any TypeScript errors in the codebase

Next Steps

Your Docker deployment is ready! Check the troubleshooting guide if you run into any issues.

View Troubleshooting Guide