Installation

DaoFlow installs in one command. It's just a normal Docker Compose project on your server — no vendor lock-in, no hacks.

Production Install (Recommended)

One-Line Install

curl -fsSL https://raw.githubusercontent.com/DaoFlow-dev/DaoFlow/main/scripts/install.sh | sh

This downloads the daoflow CLI binary and runs the interactive installer, which:

Checks Docker is installed (installs it on Linux if needed)
Asks for your domain, dashboard exposure mode, admin email, and password
Creates /opt/daoflow/ with .env and docker-compose.yml
Auto-generates all secrets (auth, encryption, database)
Pulls images, starts services, and verifies health

Re-running the install script always refreshes the local daoflow CLI binary before the installer starts.

Non-Interactive Install (CI / Agent-Friendly)

curl -fsSL https://raw.githubusercontent.com/DaoFlow-dev/DaoFlow/main/scripts/install.sh | sh -s -- \
  --dir /opt/daoflow \
  --domain deploy.example.com \
  --email admin@example.com \
  --password 'YourSecurePassword123' \
  --yes

Optional Dashboard Exposure

The installer can also set BETTER_AUTH_URL from an exposed HTTPS endpoint after the stack starts:

# Built-in reverse proxy with automatic Let's Encrypt certificates
daoflow install --domain deploy.example.com --expose traefik --acme-email ops@example.com

# Tailnet-only HTTPS URL
daoflow install --expose tailscale-serve

# Public HTTPS URL
daoflow install --expose tailscale-funnel

# Public ephemeral trycloudflare.com URL
daoflow install --expose cloudflare-quick

Requirements:

traefik requires a real public domain that already points at this host. The installer keeps DaoFlow on its local port and puts Traefik on ports 80/443.
tailscale-serve and tailscale-funnel require tailscale to already be installed and authenticated on the host.
cloudflare-quick requires cloudflared to already be installed on the host.
cloudflare-quick is best for temporary access, demos, and smoke tests; the URL is ephemeral.

What Gets Created

/opt/daoflow/              # All files in one directory
├── .env                   # All config + auto-generated secrets (0600 perms)
├── docker-compose.yml     # Standard Docker Compose — fully inspectable
└── backups/               # Local backup storage

The .env file contains everything — no hidden config:

DAOFLOW_VERSION=latest
BETTER_AUTH_URL=https://deploy.example.com
DAOFLOW_PORT=3000
DAOFLOW_INITIAL_ADMIN_EMAIL=admin@example.com
DAOFLOW_INITIAL_ADMIN_PASSWORD=GENERATED_OR_SUPPLIED_SECRET
POSTGRES_PASSWORD=GENERATED_32_CHAR_HEX
TEMPORAL_POSTGRES_PASSWORD=GENERATED_32_CHAR_HEX
BETTER_AUTH_SECRET=GENERATED_64_CHAR_HEX
ENCRYPTION_KEY=GENERATED_32_CHAR_HEX
DAOFLOW_ENABLE_TEMPORAL=true
TEMPORAL_ADDRESS=temporal:7233

When you choose --expose traefik, the installer also writes:

DAOFLOW_DOMAIN=deploy.example.com
DAOFLOW_ACME_EMAIL=ops@example.com
DAOFLOW_PROXY_NETWORK=daoflow-proxy

Upgrading

# Upgrade to latest
daoflow upgrade --yes

# Pin to a specific version
daoflow upgrade --version 0.2.0 --yes

# JSON output for agents
daoflow upgrade --yes --json

Uninstalling

# Stop services (preserves data)
daoflow uninstall --yes

# Stop + remove all data (requires typing DELETE)
daoflow uninstall --remove-data --yes

Installing the CLI Only

If you only need the CLI (not the server):

Homebrew (macOS)

brew install daoflow-dev/daoflow/daoflow

To upgrade:

brew upgrade daoflow

Direct Binary Download

Download the binary for your platform:

# macOS (Apple Silicon)
curl -fsSL -o /usr/local/bin/daoflow \
  https://github.com/DaoFlow-dev/DaoFlow/releases/latest/download/daoflow-darwin-arm64
chmod +x /usr/local/bin/daoflow

# Linux (x64)
curl -fsSL -o /usr/local/bin/daoflow \
  https://github.com/DaoFlow-dev/DaoFlow/releases/latest/download/daoflow-linux-x64
chmod +x /usr/local/bin/daoflow

Or build from source:

cd packages/cli
bun run build          # Current platform
bun run build:all      # All 4 platforms (linux-x64, linux-arm64, darwin-arm64, darwin-x64)

Verify:

daoflow --cli-version
daoflow --help

Development Setup

For contributing to DaoFlow itself:

1. Clone and Install

git clone https://github.com/DaoFlow-dev/DaoFlow.git
cd DaoFlow
bun install

2. Start Infrastructure

bun run dev:infra

# Optional second terminal if you want durable Temporal-backed workflows locally
bun run dev:temporal

This starts PostgreSQL 17 (port 5432) and Redis 7 (port 6379). Temporal remains optional in local development unless you explicitly start it.

3. Configure

cp .env.example .env

Key variables:

Variable	Default	Description
`DATABASE_URL`	`postgresql://daoflow:daoflow_dev@localhost:5432/daoflow`	Postgres connection
`BETTER_AUTH_URL`	`http://localhost:3000`	Public auth URL
`BETTER_AUTH_SECRET`	optional locally	Session signing secret (required in production)
`ENCRYPTION_KEY`	optional locally	Secret encryption key (recommended locally, required in production)

4. Migrate and Run

bun run db:push
bun run dev

Local endpoints:

API server: http://localhost:3000
Vite web UI: http://localhost:5173

Verifying Your Setup

# CLI health check
daoflow doctor --json

# API health check
curl http://localhost:3000/trpc/health

Production Install (Recommended)​

One-Line Install​

Non-Interactive Install (CI / Agent-Friendly)​

Optional Dashboard Exposure​

What Gets Created​

Upgrading​

Uninstalling​

Installing the CLI Only​

Homebrew (macOS)​

Direct Binary Download​

Development Setup​

1. Clone and Install​

2. Start Infrastructure​

3. Configure​

4. Migrate and Run​

Verifying Your Setup​

Next Steps​