Deploying to Heroku (recommended)
The most convenient way to deploy Falco is to deploy it on Heroku using our one-click deploy feature.
To install Falco on Heroku, you will need a Heroku account with valid payment information (some of Falco features can be run for free under Heroku’s Free Tier, however the credit card details are needed to qualify for free Heroku Addons). Click here to create a Heroku account.
A note about Heroku’s princing and Falco features
Heroku pricing is splitted in two: the “dyno” (understand the actual hosting) and the “addons”.
Under the Free Tier, any Heroku app not used for 30 minutes will enter “Sleep mode”. This means that any processes running will be stopped. To “wake” an Heroku app, you can just hit its URL—after around 30 seconds, it should be back up.
web dyno (the user interface) can “fall asleep”—the
worker dyno responsible for running the audits automatically stays up. If you do not want to wait for the app to wake up, you might want to pay for their dyno “Hobby” tier, which at the time of writing costs $14/month for both dynos.
In addition, the Free Tier of the PostgreSQL addon used in Falco currently allows a maximum of 10.000 rows. Should you use Falco intensively, you might have to upgrade to the “Hobby Basic” Tier ($9/month, independently of the dyno tier discussed above).
To sum up:
|Falco features||Free Tier||Upgraded dyno ($14/month)||Upgraded Postgres ($9/month)||Both upgrades ($16/month)|
|Running audits automatically||✅||✅||✅||✅|
|Visualizing and comparing results||✅||✅||✅||✅|
|Running lots of audits||❌||❌||✅||✅|
You are free to upgrade or downgrade at any time—beware though that should you have more than 10.000 rows in the database, you will have to delete old audits to qualify again for the free Postgres tier.
Click on the following button to trigger the deployment of your Falco instance:Deploy to Heroku
Then, choose a name for your instance (like
falco-mycompany), pick the region closest to you, and follow Heroku’s instructions.
The actual deployment should take approximately 10 minutes.
Once Falco is deployed, you should be able to log in to the admin interface using the credentials
Deploying with Docker Compose
Installing Docker Compose
- Install Docker using the Ubuntu online guide or these instructions:
sudo apt-get updatesudo apt-get install wgetwget -qO- https://get.docker.com/ | shsudo usermod -aG docker <username>sudo service docker startnewgrp docker
- Install Docker Compose using the online guide. You have to download the latest release from Docker Compose Github’s page and put the binary on your /usr/local/bin folder. Usually, you can use the following command, replacing
$dockerComposeVersionby the Docker Compose version to install :
curl -L https://github.com/docker/compose/releases/download/$dockerComposeVersion/docker-compose-`uname -s`-`uname -m` > /usr/local/bin/docker-composesudo chmod +x /usr/local/bin/docker-compose
Installing Falco with Docker Compose
To install Falco with
- Create a new directory.
- Copy the
docker-compose.prod.ymlfile (link) inside that directory and rename it
docker-compose.yml. You can change the
latesttag to a specific version if you need to.
- Copy the
.env.prod.distfile (link) inside that directory and rename it to
.env.prod. Edit the file and generate the secrets, change the emails, etc.
- Start the stack with
docker-compose up -d
This will start the stack: Redis + PostgreSQL + Celery + the main application. The main application should be available on http://localhost:80.
For a production use, we recommend using a PostreSQL with valid SSL certificates and expose the application with a frontal server managing the HTTPS certificates. Without a valid SSL certificate, the application will not work.
The first time the application starts, you will need to manually run the migrations and add some data:
docker-composer exec backend sh# You are now inside the Docker container./manage.py migrate --noinput./manage.py createcachetable# Please change login, mail and password below./manage.py shell -c "from django.contrib.auth import get_user_model; User = get_user_model(); User.objects.create_superuser('admin', 'email@example.com', 'admin')"./manage.py populate-periodic-tasks