A template to deploy muety/wakapi, a minimalist, self-hosted WakaTime-compatible backend for coding statistics.

Configuration

While deploying, you should at least set a domain for your wakapi instance.

Runtime Configuration

You can specify configuration options either via a config file (edit /app/config.yml using config editor in service settings) or via environment variables (edit in variables). Here is an overview of useful options:

YAML key / Env. variable	Default	Description
env /<br>ENVIRONMENT	dev	Whether to use development- or production settings
app.leaderboard_enabled /<br>WAKAPI_LEADERBOARD_ENABLED	true	Whether to enable the public leaderboard
app.leaderboard_scope /<br>WAKAPI_LEADERBOARD_SCOPE	7_days	Aggregation interval for public leaderboard (see here for allowed values)
app.leaderboard_generation_time /<br>WAKAPI_LEADERBOARD_GENERATION_TIME	0 0 6 * * *,0 0 18 * * *	One or multiple times of day at which to re-calculate the leaderboard
app.leaderboard_require_auth /<br>WAKAPI_LEADERBOARD_REQUIRE_AUTH	false	Restrict leaderboard access to logged in users only
app.aggregation_time /<br>WAKAPI_AGGREGATION_TIME	0 15 2 * * *	Time of day at which to periodically run summary generation for all users
app.report_time_weekly /<br>WAKAPI_REPORT_TIME_WEEKLY	0 0 18 * * 5	Week day and time at which to send e-mail reports
app.data_cleanup_time /<br>WAKAPI_DATA_CLEANUP_TIME	0 0 6 * * 0	When to perform data cleanup operations (see app.data_retention_months)
app.optimize_database_time /<br>WAKAPI_OPTIMIZE_DATABASE_TIME	0 0 8 1 * *	When to perform database vacuuming (SQLite, Postgres) or table optimization (MySQL)
app.import_enabled /<br>WAKAPI_IMPORT_ENABLED	true	Whether data imports from WakaTime or other Wakapi instances are permitted
app.import_batch_size /<br>WAKAPI_IMPORT_BATCH_SIZE	50	Size of batches of heartbeats to insert to the database during importing from external services
app.import_backoff_min /<br>WAKAPI_IMPORT_BACKOFF_MIN	5	"Cooldown" period in minutes before user may attempt another data import
app.import_max_rate /<br>WAKAPI_IMPORT_MAX_RATE	24	Minimum number of hours to wait after a successful data import before user may attempt another one
app.inactive_days /<br>WAKAPI_INACTIVE_DAYS	7	Number of days after which to consider a user inactive (only for metrics)
app.heartbeat_max_age /<br>WAKAPI_HEARTBEAT_MAX_AGE	4320h	Maximum acceptable age of a heartbeat (see ParseDuration)
app.warm_caches /<br>WAKAPI_WARM_CACHES	true	Whether to perform some initial cache warming upon startup
app.custom_languages	-	Map from file endings to language names
app.avatar_url_template /<br>WAKAPI_AVATAR_URL_TEMPLATE	(see config.default.yml)	URL template for external user avatar images (e.g. from Dicebear or Gravatar)
app.date_format /<br>WAKAPI_DATE_FORMAT	Mon, 02 Jan 2006	Go time format strings to format human-readable date (see Time.Format)
app.datetime_format /<br>WAKAPI_DATETIME_FORMAT	Mon, 02 Jan 2006 15:04	Go time format strings to format human-readable datetime (see Time.Format)
app.support_contact /<br>WAKAPI_SUPPORT_CONTACT	[email protected]	E-Mail address to display as a support contact on the page
app.data_retention_months /<br>WAKAPI_DATA_RETENTION_MONTHS	-1	Maximum retention period in months for user data (heartbeats) (-1 for unlimited)
app.max_inactive_months /<br>WAKAPI_MAX_INACTIVE_MONTHS	12	Maximum number of inactive months after which to delete user accounts without data (-1 for unlimited)
server.timeout_sec /<br> WAKAPI_TIMEOUT_SEC	30	Request timeout in seconds
server.base_path /<br> WAKAPI_BASE_PATH	/	Web base path (change when running behind a proxy under a sub-path)
server.public_url /<br> WAKAPI_PUBLIC_URL	http://localhost:3000	URL at which your Wakapi instance can be found publicly
security.disable_local_auth /<br> WAKAPI_DISABLE_LOCAL_AUTH	false	Disables login via local credentials (username and password) to enforce OIDC provider login
security.disable_webauthn /<br> WAKAPI_DISABLE_WEBAUTHN	true	Disables login via WebAuthn (security keys, biometrics, etc.)
security.password_salt /<br> WAKAPI_PASSWORD_SALT	-	Pepper to use for password hashing
security.insecure_cookies /<br> WAKAPI_INSECURE_COOKIES	true	Whether or not to allow cookies over HTTP. For production, it is highly recommended to serve Wakapi via HTTPS and set this to false.
security.cookie_max_age /<br> WAKAPI_COOKIE_MAX_AGE	172800	Lifetime of authentication cookies in seconds or 0 to use Session cookies
security.allow_signup /<br> WAKAPI_ALLOW_SIGNUP	true	Whether to enable local user registration
security.oidc_allow_signup /<br> WAKAPI_OIDC_ALLOW_SIGNUP	true	Whether to enable user registration via OIDC
security.signup_captcha /<br> WAKAPI_SIGNUP_CAPTCHA	false	Whether the registration form requires solving a CAPTCHA
security.invite_codes /<br> WAKAPI_INVITE_CODES	true	Whether to enable registration by invite codes. Primarily useful if registration is disabled (invite-only server).
security.disable_frontpage /<br> WAKAPI_DISABLE_FRONTPAGE	false	Whether to disable landing page (useful for personal instances)
security.expose_metrics /<br> WAKAPI_EXPOSE_METRICS	false	Whether to expose Prometheus metrics under /api/metrics
security.trusted_header_auth /<br> WAKAPI_TRUSTED_HEADER_AUTH	false	Whether to enable trusted header authentication for reverse proxies (see #534). Use with caution!
security.trusted_header_auth_key /<br> WAKAPI_TRUSTED_HEADER_AUTH_KEY	Remote-User	Header field for trusted header authentication. Caution: proxy must be configured to strip this header from client requests!
security.trusted_header_auth_allow_signup /<br> WAKAPI_TRUSTED_HEADER_AUTH_ALLOW_SIGNUP	false	Whether to allow creation of new users based on upstream trusted header authentication (see #808)
security.trust_reverse_proxy_ips /<br> WAKAPI_TRUST_REVERSE_PROXY_IPS	-	Comma-separated list of IPv4 or IPv6 addresses or CIDRs of reverse proxies to trust to handle authentication (e.g. 172.17.0.1, 192.168.0.0/24, [::1]).
security.signup_max_rate /<br> WAKAPI_SIGNUP_MAX_RATE	5/1h	Rate limiting config for signup endpoint in format <max_req>/<multiplier><unit>, where unit is one of s, m or h.
security.login_max_rate /<br> WAKAPI_LOGIN_MAX_RATE	10/1m	Rate limiting config for login endpoint in format <max_req>/<multiplier><unit>, where unit is one of s, m or h.
security.password_reset_max_rate /<br> WAKAPI_PASSWORD_RESET_MAX_RATE	5/1h	Rate limiting config for password reset endpoint in format <max_req>/<multiplier><unit>, where unit is one of s, m or h.
security.oidc	[]	List of OpenID Connect provider configurations (for details, see wiki)
security.oidc[0].name /<br> WAKAPI_OIDC_PROVIDERS_0_NAME	-	Name / identifier for the OpenID Connect provider (e.g. gitlab)
security.oidc[0].display_name /<br> WAKAPI_OIDC_PROVIDERS_0_DISPLAY_NAME	-	Optional "human-readable" display name for the provider presented to the user
security.oidc[0].client_id /<br> WAKAPI_OIDC_PROVIDERS_0_CLIENT_ID	-	OAuth client name with this provider
security.oidc[0].client_secret /<br> WAKAPI_OIDC_PROVIDERS_0_CLIENT_SECRET	-	OAuth client secret with this provider
security.oidc[0].endpoint /<br> WAKAPI_OIDC_PROVIDERS_0_ENDPOINT	-	OpenID Connect provider API entrypoint (for discovery)
security.oidc[0].username_claim /<br> WAKAPI_OIDC_PROVIDERS_0_USERNAME_CLAIM	-	Optionally spcified custom OIDC ID token claim to read username from (by preferred_username, nickname and sub are checked)
security.oidc[0].scopes /<br> WAKAPI_OIDC_PROVIDERS_0_SCOPES	-	Additional OAuth scopes to request beyond openid, profile and email (to be used in custom username claim)
mail.enabled /<br> WAKAPI_MAIL_ENABLED	false	Whether to allow Wakapi to send e-mail (e.g. for password resets)
mail.sender /<br> WAKAPI_MAIL_SENDER	-	Default sender address for outgoing mails
mail.skip_verify_mx_record /<br> WAKAPI_MAIL_SKIP_VERIFY_MX_RECORD	false	Whether to skip validating MX DNS record for user email addresses
mail.provider /<br> WAKAPI_MAIL_PROVIDER	smtp	Implementation to use for sending mails (one of [smtp])
mail.smtp.host /<br> WAKAPI_MAIL_SMTP_HOST	-	SMTP server address for sending mail (if using smtp mail provider)
mail.smtp.port /<br> WAKAPI_MAIL_SMTP_PORT	-	SMTP server port (usually 465)
mail.smtp.username /<br> WAKAPI_MAIL_SMTP_USER	-	SMTP server authentication username
mail.smtp.password /<br> WAKAPI_MAIL_SMTP_PASS	-	SMTP server authentication password
mail.smtp.tls /<br> WAKAPI_MAIL_SMTP_TLS	false	Whether the SMTP server requires TLS encryption (false for STARTTLS or no encryption)
mail.smtp.skip_verify /<br> WAKAPI_MAIL_SMTP_SKIP_VERIFY	false	Whether to allow invalid or self-signed certificates for TLS-encrypted SMTP
sentry.dsn /<br> WAKAPI_SENTRY_DSN	–	DSN for to integrate Sentry for error logging and tracing (leave empty to disable)
sentry.environment /<br> WAKAPI_SENTRY_ENVIRONMENT	(env)	Sentry environment tag (defaults to env / ENV)
sentry.enable_tracing /<br> WAKAPI_SENTRY_TRACING	false	Whether to enable Sentry request tracing
sentry.sample_rate /<br> WAKAPI_SENTRY_SAMPLE_RATE	0.75	Probability of tracing a request in Sentry
sentry.sample_rate_heartbeats /<br> WAKAPI_SENTRY_SAMPLE_RATE_HEARTBEATS	0.1	Probability of tracing a heartbeat request in Sentry

refer to Original README for all configuration options.

Setup on Wakatime client

Wakapi relies on the open-source WakaTime client tools. In order to collect statistics for Wakapi, you need to set them up.

1. Set up WakaTime for your specific IDE or editor. Please refer to the respective plugin guide
2. Edit your local ~/.wakatime.cfg file as follows.

[settings]
# replace localhost:3000 with Your wakapi server domain
api_url = http://localhost:3000/api

# Your Wakapi API key (get it from the web interface after having created an account)
api_key = 406fe41f-6d69-4183-a4cc-121e0c524c2b

Optionally, you can set up a client-side proxy in addition.