Docker Deployment
Human can run in Docker for isolated, reproducible deployments. The official Dockerfile produces a minimal image with the gateway as the default command.
Quick start
Section titled “Quick start”docker run -it --rm \ -v ~/.human:/human-data/.human \ -p 3000:3000 \ ghcr.io/sethdford/h-uman:latest \ gatewayMount your config directory so the container uses your existing config and data.
Docker Compose
Section titled “Docker Compose”version: "3.8"services: human: image: ghcr.io/sethdford/h-uman:latest ports: - "3000:3000" volumes: - ./config:/human-data/.human - ./workspace:/human-data/workspace environment: - HOME=/human-data - HUMAN_WORKSPACE=/human-data/workspace - HUMAN_GATEWAY_PORT=3000 - OPENAI_API_KEY=${OPENAI_API_KEY} - ANTHROPIC_API_KEY=${ANTHROPIC_API_KEY} restart: unless-stoppedBuilding from source
Section titled “Building from source”The Dockerfile uses a multi-stage build:
# Stage 1: BuildFROM alpine:3.23 AS builderRUN apk add --no-cache build-base cmake sqlite-dev curl-devWORKDIR /appCOPY CMakeLists.txt src/ include/ asm/ vendor/ cmake/ ./RUN mkdir build && cd build && \ cmake .. -DCMAKE_BUILD_TYPE=MinSizeRel -DHU_ENABLE_LTO=ON -DHU_ENABLE_CURL=ON && \ make -j$(nproc)
# Stage 2: RuntimeFROM alpine:3.23 AS release-baseRUN apk add --no-cache ca-certificates curl tzdata libsqlite3COPY --from=builder /app/build/human /usr/local/bin/humanENV HUMAN_WORKSPACE=/human-data/workspaceENV HOME=/human-dataENV HUMAN_GATEWAY_PORT=3000WORKDIR /human-dataEXPOSE 3000ENTRYPOINT ["human"]CMD ["gateway", "--port", "3000", "--host", "::"]Build:
docker build -t human:local .Environment variables
Section titled “Environment variables”| Variable | Description | Default |
|---|---|---|
HOME | Home directory (config path base) | /human-data |
HUMAN_WORKSPACE | Workspace directory | /human-data/workspace |
HUMAN_GATEWAY_PORT | Gateway port | 3000 |
HUMAN_WEBHOOK_HMAC_SECRET | Webhook HMAC secret (optional) | - |
OPENAI_API_KEY | OpenAI API key (if using) | - |
ANTHROPIC_API_KEY | Anthropic API key (if using) | - |
API keys and secrets can be passed via environment variables or a mounted config file.
Image variants
Section titled “Image variants”- release-base (default): Non-root user (65534:65534), safe for production
- release-root: Runs as root; use only when necessary (e.g. privileged operations)
Build root image:
docker build --target release-root -t human:root .Volumes
Section titled “Volumes”| Mount | Purpose |
|---|---|
/human-data/.human | Config, crontab, skills, memory DB |
/human-data/workspace | Agent workspace files |
Ensure these directories exist and have correct permissions for the container user.