Documenso logo

Documenso

The Open Source DocuSign Alternative

Alternative to: docusign, docuware, hellosign


Documenso is an open-source platform for preparing, sending, and signing digital documents, letting you self-host the entire e-signature workflow with full control and transparency over the underlying code. It supports PDF-based signing, audit trails, and integrates with your own infrastructure instead of relying on a third-party signing service.

Documenso Docker Compose example

Self-host Documenso on your own server, homelab, or VPS starting from this Docker Compose example. It runs Documenso in Docker containers using the official documenso/documenso:latest, postgres:15 images, with persistent volumes and automatic restarts preconfigured. Review the environment variables and adjust them to your setup, save the file as compose.yml (or docker-compose.yml), and start the stack with docker compose up -d.

services:
  documenso:
    image: documenso/documenso:latest
    depends_on:
      database:
        condition: service_healthy
    restart: unless-stopped
    environment:
      # Port the Documenso web app listens on inside the container.
      PORT: "3000"
      # Secret used by NextAuth to sign session tokens. Generate a long random string.
      NEXTAUTH_SECRET: "changeme"
      # Primary key used to encrypt sensitive data at rest. Generate a long random string.
      NEXT_PRIVATE_ENCRYPTION_KEY: "changeme"
      # Secondary encryption key used for key rotation. Generate a long random string.
      NEXT_PRIVATE_ENCRYPTION_SECONDARY_KEY: "changeme"
      # Public URL where users reach Documenso. Used for links in emails and redirects.
      NEXT_PUBLIC_WEBAPP_URL: "http://localhost:3000"
      # PostgreSQL connection string (password is internal to the compose network).
      NEXT_PRIVATE_DATABASE_URL: "postgresql://documenso:documenso@database:5432/documenso"
      # Direct (non-pooled) PostgreSQL connection string, used for migrations.
      NEXT_PRIVATE_DIRECT_DATABASE_URL: "postgresql://documenso:documenso@database:5432/documenso"
      # How outbound email is delivered: smtp, smtp-api, resend or mailchannels.
      NEXT_PRIVATE_SMTP_TRANSPORT: "smtp"
      # SMTP server hostname used to deliver signing and notification emails.
      NEXT_PRIVATE_SMTP_HOST: "changeme"
      # SMTP server port (587 for STARTTLS, 465 for implicit TLS).
      NEXT_PRIVATE_SMTP_PORT: "587"
      # SMTP username.
      NEXT_PRIVATE_SMTP_USERNAME: "changeme"
      # SMTP password.
      NEXT_PRIVATE_SMTP_PASSWORD: "changeme"
      # Display name shown in the "From" field of outgoing emails.
      NEXT_PRIVATE_SMTP_FROM_NAME: "Documenso"
      # Email address shown in the "From" field of outgoing emails.
      NEXT_PRIVATE_SMTP_FROM_ADDRESS: "noreply@example.com"
    volumes:
      # Holds the document-signing certificate (cert.p12) generated after install.
      - cert:/opt/documenso

  database:
    # Pinned to a major version; PostgreSQL is only reachable inside the compose network.
    image: postgres:15
    restart: unless-stopped
    environment:
      # Owner of the Documenso database.
      POSTGRES_USER: "documenso"
      # Internal database password (not published outside the compose network).
      POSTGRES_PASSWORD: "documenso"
      # Database created on first start.
      POSTGRES_DB: "documenso"
    volumes:
      - database:/var/lib/postgresql/data
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U documenso"]
      interval: 10s
      timeout: 5s
      retries: 5

volumes:
  cert:
  database:

Values set to changeme are required — replace them with your own values before starting Documenso.

Prefer a managed setup? WinterFlow installs, configures, and updates Documenso for you using this same Docker Compose configuration.