This tutorial assumes you have already followed the quick start guide using one of the installation methods listed in Install Overview.
Decide on Sandboxing
Decide on Sandboxing
You should decide on the sandboxing mode for your deployment based on your use case and whether it is multi-tenant or not. Here is a simplified way to decide:
More Information at Sandboxing & Workers
Friendly Tip #1: For multi-tenant setups, use V8/Code Sandboxing.It is secure and does not require privileged Docker access in Kubernetes.
Privileged Docker is usually not allowed to prevent root escalation threats.
Friendly Tip #2: For single-tenant setups, use No Sandboxing. It is faster and does not require privileged Docker access.
| Name | Supports NPM in Code Piece | Requires Docker to be Privileged | Performance | Secure for Multi Tenant | Environment Variable |
|---|---|---|---|---|---|
| V8/Code Sandboxing | ❌ | No | Fast & Lightweight | ✅ | Set AP_EXECUTION_MODE to SANDBOX_CODE_ONLY |
| No Sandboxin | ✅ | No | Fast & Lightweight | ❌ | Set AP_EXECUTION_MODE to UNSANDBOXED |
| Kernel Namespaces Sandboxing | ✅ | Yes | Slow & CPU Intensive | ✅ | Set AP_EXECUTION_MODE to SANDBOXED |
Enterprise Edition (Optional)
Enterprise Edition (Optional)
For licensing inquiries regarding the self-hosted enterprise edition, please reach out to
[email protected], as the code and Docker image are not covered by the MIT license.You can request a trial key from within the app or in the cloud by filling out the form. Alternatively, you can contact sales at https://www.activepieces.com/sales.
Please know that when your trial runs out, all enterprise features will be shut down meaning any user other than the platform admin will be deactivated, and your private pieces will be deleted, which could result in flows using them to fail.
Please know that when your trial runs out, all enterprise features will be shut down meaning any user other than the platform admin will be deactivated, and your private pieces will be deleted, which could result in flows using them to fail.
Enterprise Edition only works on Fresh Installation as the database migration scripts are different from the community edition.
Enterprise edition must use
PostgreSQL as the database backend and Redis as the Queue System.Installation
-
Set the
AP_EDITIONenvironment variable toee. -
Set the
AP_EXECUTION_MODEto anything other thanUNSANDBOXED, check the above section. -
Once your instance is up, activate the license key by going to Platform Admin -> Setup -> License Keys.
Setup HTTPS
Setup HTTPS
Setting up HTTPS is highly recommended because many services require webhook URLs to be secure (HTTPS). This helps prevent potential errors.To set up SSL, you can use any reverse proxy. For a step-by-step guide, check out our example using Nginx.
Configure S3 (Optional)
Configure S3 (Optional)
Run logs and files are stored in the database by default, but you can switch to S3 later without any migration; for most cases, the database is enough.It’s recommended to start with the database and switch to S3 if needed. After switching, expired files in the database will be deleted, and everything will be stored in S3. No manual migration is needed.Configure the following environment variables:
AP_S3_ACCESS_KEY_IDAP_S3_SECRET_ACCESS_KEYAP_S3_ENDPOINTAP_S3_BUCKETAP_S3_REGIONAP_MAX_FILE_SIZE_MBAP_FILE_STORAGE_LOCATION(set toS3)AP_S3_USE_SIGNED_URLS
Friendly Tip #1: If the S3 bucket supports signed URLs but needs to be accessible over a public network, you can set
AP_S3_USE_SIGNED_URLS to true to route traffic directly to S3 and reduce heavy traffic on your API server.Troubleshooting (Optional)
Troubleshooting (Optional)
If you encounter any issues, check out our Troubleshooting guide.