InkStone

Docker

May 21, 2026 ยท 1 min read
deployment
Contents

Every push to the InkStone main branch automatically builds and publishes a fresh image to GitHub Container Registry. Pull it directly โ€” no build step, no cloning the repo, no compiler on your VPS:

docker pull ghcr.io/airenare/inkstone:latest
docker run -p 8000:8000 \
  -e VAULT_REPO=https://<token>@github.com/you/your-vault \
  ghcr.io/airenare/inkstone:latest

To pin to a specific release instead of latest, use the commit SHA tag (e.g. ghcr.io/airenare/inkstone:abc1234). Available tags are listed on the package page.

To update InkStone, run docker pull ghcr.io/airenare/inkstone:latest and restart the container. If you use Coolify or another PaaS, you can schedule periodic redeployments to pick up new images automatically โ€” see Production Deployment.

Quick start with docker compose

The repo includes a docker-compose.yml. Create a .env file next to it:

VAULT_REPO=https://<token>@github.com/you/your-vault-repo
WEBHOOK_SECRET=some-long-random-string

Then start the container:

docker compose up -d

On first start the entrypoint clones the vault into the container. On subsequent starts it does a git pull to fetch the latest notes. The site is served at http://localhost:8000.

Automatic updates

Set up a GitHub webhook pointing at http://yourhost:8000/webhook with the same WEBHOOK_SECRET to trigger a vault pull on every push โ€” no restart needed.

Build and run manually

docker build -t inkstone .
docker run -p 8000:8000 \
  -e VAULT_REPO=https://<token>@github.com/you/your-vault-repo \
  inkstone

Mount a local vault instead

If you prefer to mount a local directory rather than cloning from git, omit VAULT_REPO and bind-mount your vault to /vault:

docker run -p 8000:8000 \
  -v /path/to/your/vault:/vault \
  inkstone

Or with compose โ€” replace the contents of docker-compose.yml with:

services:
  app:
    build: .
    ports:
      - "8000:8000"
    environment:
      - SECRET_KEY=change-me-to-a-long-random-string
    volumes:
      - /path/to/your/vault:/vault
    restart: unless-stopped

Passing additional environment variables

docker run -p 8000:8000 \
  -e VAULT_REPO=https://<token>@github.com/you/vault \
  -e SECRET_KEY=mysecretkey \
  -e ACCESS_TOKEN=masterkey \
  inkstone

Or pass a file:

docker run -p 8000:8000 --env-file .env inkstone

See Configuration Reference for the full list of supported environment variables.

See also

Production Deployment
May 21, 2026
Deploy with Coolify, configure webhooks, and set up SSL.
Local Development
May 21, 2026
Run InkStone locally with hot-reload for writing and development.