Skip to main content
Version: 4.x

Deploy Zealot with Docker guide

🔔 Strongly recommended to deploy Zealot using Docker, unless you are familiar with the technology stack for this service. The app protection policy settings for iOS/iPadOS devices, it needs a public network over SSL, free to use Let's Encrypt.

If you use a self-signed certificate you must install the self-signed certificate on each iOS device before installing any app.

Why support docker image only?​

Deploying a Rails-based application is incredibly complex, and even though you must install many dependenices, and you still need to worry how to launch and make it as a daemon to run in the background.

Software requirements​

  • Git 2.0+
  • Docker 20.10.0+
  • Docker Compose 1.28.0+

Install on Docker​

In the principle of one-click installation, but reality is often harsh, Zealot configuration is dependent on ENV environment variables, you need to configure it and then execute the one-click deployment generation script.

First you need to clone the deployment script, After entering the zealot-docker directory, you need to open the example.env file to configure the necessary parameters and then you can directly execute ./ script.

By default, the administrator account: and password ze@l0t (you can change it) and some demo applications will be generated.

$ git clone
$ cd zealot-docker
$ ./deploy

The one-click deployment generation script has three built-in templates by default:

  • Using Let's Encrypt SSL
  • Using Self-signed SSL
  • Using non-SSL (needs gateway or reverse proxy to manage SSL)

For those interested in one-click installation deployment scripts, you can check out the Deployment Documentation with Docker.


Let's Encrypt​

Best Choice

Step 1: Execute the deployment script:

$ ./deploy

Step 2: Check and configure the .env file, mainly whether ZEALOT_DOMAIN and ZEALOT_CERT_EMAIL are filled in correctly. Other parts can be adjusted according to the actual situation of the corresponding configuration

Step 3: Run the Zealot service:

$ docker-compose up -d

Reverse proxy controls SSL​

Check Reverse Proxies Guide page.

Self-signed untrust SSL​

Not recommended

Please do not use this for non-essential cases, for iOS using self-signed certificates may require the device to also have an SSL certificate installed before accessing and installing the application, and Chrome may also deny access due to the certificate.

If the domain name is unregistered, you need to tie the host to access it, usually by modifying the system's /etc/hosts file.

$ sudo vim /etc/hosts zealot.test