UmamiEngine logoUmamiEngine
Home Features Pricing FAQ Dashboard

How to Self-Host Umami Analytics: A Complete Step-by-Step Guide

Updated: July 2026

Umami Analytics is a powerful, privacy-first web analytics platform that gives you complete control over your data. Self-hosting Umami allows you to run the software on your own infrastructure, ensuring that your analytics data never leaves your servers. This guide walks you through every step of deploying a production-ready Umami instance, from server setup to ongoing maintenance. Whether you are a developer looking to reduce analytics costs or a privacy-conscious website owner, this guide will help you get Umami running in your own environment.

Prerequisites

Before you begin, make sure you have the following ready. You need a Linux server (VPS) with at least 1 GB of RAM and 10 GB of storage. Popular providers include Hetzner ($4-$6 per month), DigitalOcean ($6 per month), and AWS Lightsail ($3.50 per month). Your server should have Docker and Docker Compose installed. You also need a domain name pointed to your server's IP address, as Umami requires HTTPS to function properly with modern browsers. Finally, ensure you have SSH access to your server and basic familiarity with the command line.

Step 1: Install Docker and Docker Compose

If Docker is not already installed on your server, you can install it with a few commands. First, update your package manager and install the required dependencies. On Ubuntu or Debian, run sudo apt update && sudo apt install -y ca-certificates curl. Then add Docker's official GPG key and repository, and install Docker Engine with sudo apt install -y docker-ce docker-ce-cli containerd.io docker-compose-plugin. After installation, verify everything works with sudo docker run hello-world. Add your user to the Docker group to avoid using sudo for every command: sudo usermod -aG docker $USER and then log out and back in.

Step 2: Create the Docker Compose Configuration

Create a directory for your Umami deployment. Inside it, create a docker-compose.yml file. This file defines two services: the Umami application and a PostgreSQL database. The Umami service uses the official ghcr.io/umami-software/umami:postgresql-latest image and runs on port 3000 internally. The PostgreSQL service uses the official postgres:16-alpine image and stores data in a Docker volume for persistence. You define environment variables for the database connection, DATABASE_URL with the PostgreSQL connection string, HASH_SALT for security (generate a random 32-character string), and TRACKER_SCRIPT_NAME if you want to disguise the tracking script from ad blockers.

Step 3: Configure the Database

Umami requires PostgreSQL. In your Docker Compose file, configure the PostgreSQL service with a root password, a database name, and a username. The Umami application will connect to this database using the credentials you set. Umami handles database migrations automatically on startup, so you do not need to manually create tables. The first time you run Umami, it will create all the necessary schema and seed an admin user. The default admin credentials are admin for the username and umami for the password, you should change these immediately after your first login.

Step 4: Deploy with Docker Compose

With your docker-compose.yml file ready, deployment is a single command. Run docker compose up -d from the directory containing your compose file. This pulls the required images and starts the containers in detached mode. Check the status with docker compose ps to ensure both services are running. You can monitor the logs with docker compose logs -f to watch for any errors during startup. If everything is configured correctly, Umami will be accessible on port 3000 of your server's IP address.

Step 5: Configure Nginx as a Reverse Proxy with SSL

For production use, you need to serve Umami over HTTPS. The easiest way to do this is with Nginx as a reverse proxy and Certbot for Let's Encrypt SSL certificates. Install Nginx with sudo apt install -y nginx and Certbot with sudo apt install -y certbot python3-certbot-nginx. Create an Nginx configuration file that proxies requests from your domain to http://localhost:3000. Then run sudo certbot --nginx -d yourdomain.com to automatically obtain and configure SSL certificates. Certbot handles automatic renewal, so you do not need to worry about expired certificates.

Here is a minimal Nginx configuration for Umami:

server {
    listen 80;
    server_name yourdomain.com;
    return 301 https://$server_name$request_uri;
}

server {
    listen 443 ssl http2;
    server_name yourdomain.com;

    ssl_certificate /etc/letsencrypt/live/yourdomain.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/yourdomain.com/privkey.pem;

    location / {
        proxy_pass http://localhost:3000;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}

Step 6: Create Your Admin Account and Add Websites

Navigate to your Umami domain and log in with the default credentials (admin / umami). The first thing you should do is go to Settings and change your admin password to something secure. Next, navigate to the Websites section and add your first website. Enter your site's name and domain, then click Save. Umami will generate a unique tracking script for your website. Copy this script and paste it into the <head> section of your website's HTML. Within moments, you should see data appearing in your Umami dashboard.

Step 7: Set Up Automated Backups

Data loss prevention is critical for any analytics platform. The Umami database contains all your historical analytics data, and losing it can mean losing months or years of insights. Set up automated PostgreSQL backups using a cron job and pg_dump. Create a backup script that dumps the database to a compressed file and uploads it to remote storage (S3, Backblaze B2, or a separate server). Run this script daily with cron by adding 0 2 * * * /path/to/backup-script.sh to your crontab. Test your backups regularly by restoring them to a test environment to ensure they are working correctly.

Step 8: Ongoing Maintenance

Self-hosting requires ongoing attention. You should regularly update Umami by pulling the latest Docker image and restarting the containers. Subscribe to the Umami GitHub repository or join the community Discord to receive notifications about new releases. Monitor your server's disk space, memory usage, and database size. Set up uptime monitoring with a service like UptimeRobot or Healthchecks.io to alert you if your Umami instance goes down. Periodically review your SSL certificate renewal status and ensure your backup strategy is functioning properly.

Security Best Practices

Securing your self-hosted Umami instance goes beyond SSL. Configure your server's firewall to only allow SSH (port 22), HTTPS (port 443), and HTTP (port 80 for redirects). Use SSH key authentication instead of passwords. Keep your server's operating system updated with sudo apt update && sudo apt upgrade -y regularly. Consider using fail2ban to block brute-force SSH attempts. For the Umami application itself, use a strong admin password, enable rate limiting on your reverse proxy, and consider using the TRACKER_SCRIPT_NAME environment variable to disguise your tracking endpoint from ad blockers.

Is Self-Hosting Right for You?

Self-hosting Umami gives you complete control and costs only what you pay for your server. However, it requires significant technical skill, ongoing time investment, and vigilance. For many developers and businesses, the operational overhead of self-hosting analytics outweighs the benefits. If you want all the privacy and features of Umami without the maintenance burden, consider managed Umami hosting.

UmamiEngine provides fully managed Umami analytics for just $5 per month. No servers to provision, no databases to maintain, no updates to apply. Just privacy-first analytics that works out of the box. Sign up in minutes and start tracking your website traffic without the DevOps hassle.

Get Started
Home Terms of Use Privacy Policy

© 2026 UmamiEngine. All rights reserved.