Docker configuration
The qodana-installer-cli command-line tool is a Docker container that manages the lifecycle of Qodana Self-Hosted.
This tool orchestrates Docker Swarm stacks for:
Infrastructure services: PostgreSQL, MinIO, RabbitMQ, Keycloak
Application services: API, Audit, Git, Linters API, Report Processor, FUS, Frontend
Supporting tools: Traefik ingress proxy, image garbage collector
Prepare your project
Access and permissions
The container should be given access to the Docker socket:
Your user should have permission to the /var/run/docker.sock resource, i.e. be part of the docker group on the host.
Port 80 on the host should be available so that the Traefik ingress proxy can bind to it in host-network mode.
Networking
All service hostnames should resolve the IP address of the Swarm manager node. You can achieve this using:
An internal DNS server that covers
*.<DOMAIN>Manual
/etc/hostsentries on every machine that should have access to Qodana
Domain name system (DNS)
Qodana Self-Hosted exposes different HTTP endpoints as base URLs. Make sure to allocate a top-level domain like qodana.local. The majority of Qodana Self-Hosted components require dedicated base URLs, for example:
Component | URL |
|---|---|
Frontend (web UI) |
|
Backend (API gateway) |
|
Linter API |
|
Built-in file storage (MinIO) |
|
Built-in SSO provider (Keycloak) |
|
Built-in ingress controller (Traefik) |
|
These hostnames enable interaction of Qodana components and provide access to essential services. The IP address can be of your server or a load balancer, depending on your deployment architecture.
Traefik routes inbound HTTP traffic to services based on the Host header, using routing rules configured via Docker service labels. Each service registers its own Traefik route at deploy time.
In production environments, you should use a domain that aligns with your naming conventions like qodana.mycompany.com, files.qodana.mycompany.com and others.
If you intend to use Qodana only internally, configure DNS records in your internal DNS server. For external access, ensure that public DNS records point to appropriate IP addresses of your server or load balancer.
Configure domains
On your local machine, make the changes to the /etc/hosts file depending on your needs, i.e. for the default or your custom domain configuration:
PostgreSQL
Databases
Qodana Self-Hosted operates multiple services with each service requiring their own database:
Database | Description | Variable |
|---|---|---|
API Database | Stores data related to Qodana’s API |
|
Git Database | Manages repositories and version control data |
|
Audit Database | Handles audit logs and compliance data |
|
Keycloak Database | Optional. Used for authentication and authorization services like Keycloak |
|
Users and roles
Each service requires a dedicated PostgreSQL user for having access to its corresponding database. These users are assigned specific permissions to ensure security and proper data isolation:
Database | Description | Variable |
|---|---|---|
API User | Read/write permissions for the API database |
|
Linters API User | Read-only permissions for certain tables |
|
Report Processor User | Read/write permissions for processing reports |
|
Git User | Full permissions for Git-related data |
|
Audit User | Full permissions for audit logs |
|
Keycloak User | Optional. Full ownership and permissions for the Keycloak database |
|
Permissions
The following permission rules are applied to ensure proper access control:
Users are granted access only to their respective databases.
Default privileges are configured so that users automatically receive permissions on newly created objects like tables, sequences, and functions.
Sensitive databases like an audit database are strictly controlled to prevent unauthorized access.
Database organization
Each Qodana service (API, Git, Audit, Keycloak) should have its own database. This prevents data corruption, unauthorized access between services, and lets you tune each database better to your needs.
Databases can be hosted on a single server or on different servers. A shared server is suitable for small-scale deployments with low traffic and minimal resource requirements. Separate servers are best suited for large-scale deployments or when handling highly sensitive data like audit logs or authentication.
Security and compliance
Use strong, randomly generated passwords for all database users. Store credentials securely, such as in an environment variable manager or secret storage like HashiCorp Vault and others.
Restrict permissions to ensure users can only access their assigned databases. Avoid granting superuser or unnecessary privileges.
Enable logging for database activity to monitor access and changes, especially for the audit database.
Backup and recovery
Implement a robust backup and recovery plan:
Schedule regular automated backups for all databases.
Test restoration processes regularly to ensure reliability.
For critical data like audit logs and Keycloak, use frequent point-in-time recovery backups.
Monitoring and maintenance
Use PostgreSQL monitoring tools like pgAdmin, Prometheus, or other to track database performance and health.
Periodically review database usage and clean up unused objects. Apply security updates and patches for PostgreSQL.
Example SQL script for a single database server setup
This snippet contains an example script that documents the instructions for configuring a single database server for Qodana Self-Hosted. The script references environment variables instead of hard coded values. The Keycloak database and user permissions configuration are optional. They are documented in the script if you plan to use Keycloak as an identity provider.
RabbitMQ
RabbitMQ acts as a message broker for various Qodana services facilitating communication and task processing.
Virtual hosts
Each Qodana instance requires a dedicated virtual host to isolate messaging operations from other applications. Define a virtual host using the environment variable: ${RABBITMQ_VHOST}. Example: /qodana
Users
A dedicated RabbitMQ user is required by Qodana for authenticating and performing operations on a virtual host. Create a user with the following parameters:
Parameter | Description |
|---|---|
Username |
|
Password |
|
Tags | Assign the administrator tag to grant full access |
Example:
Queues
Qodana requires several durable queues for handling messaging related to reports, Git operations, and triggers. Create the following queues within the ${RABBITMQ_VHOST} variable:
Description | Name | Example |
|---|---|---|
Report queue |
|
|
Git contributor request queue |
|
|
Git contributor response queue |
|
|
Trigger queue |
|
|
All queues must be durable to ensure message persistence in case of RabbitMQ restarts.
Permissions
Define access permissions for the Qodana user to operate within the vhost. Grant the following permissions to the ${RABBITMQ_APPLICATION_USERNAME} variable for the ${RABBITMQ_VHOST} variable:
Permission | Configuration | Description |
|---|---|---|
Configure |
| Enables configuration of all resources |
Write |
| Enables publishing to all queues |
Read |
| Enables consuming from all queues |
This is an example configuration in JSON:
Example definition in JSON
This is and example RabbitMQ configuration. For more details, see visit the RabbitMQ website.
MinIO
Qodana Self-Hosted supports MinIO for object storage. Qodana requires pre-signed URLs, which lets Qodana clients connect directly to a storage and upload artifacts for asynchronous processing or storage purposes.
Qodana Self-Hosted requires the MINIO_RESULTS_BUCKET and MINIO_BASELINES_BUCKET buckets, and they should be hosted on the same storage service.
OIDC provider
Qodana Self-Hosted does not provide a built-in user management module, so users should authenticate using an OIDC provider. Qodana Self-Hosted authorizes their actions according to permissions given to a specific user by an administrator.
To get assistance with configuring an OIDC provider, please contact our support at qodana-support@jetbrains.com.
Command overview
Here is the list of available Docker commands and links to their respective use cases:
Command | Description |
|---|---|
| |
| |
| Create a compressed backup of all local data |
| Restore data from a backup file |
| Retrieve credentials for any infrastructure component |
| Print all configurable variables and their resolved values |
| Stream logs from all Qodana services |
|
Deploy Qodana Self-Hosted
Assuming that requirements from the Overview of self-hosting and Prepare your project chapters are satisfied, pull the quay.io/jetbrains/qodana-installer-cli:latest Docker image. All commands running this image require the /var/run/docker.sock Docker socket file for communicating with the Docker engine and Docker Swarm.
By default, Qodana Self-Hosted comes configured with local dependencies for quick Proofs Of Concepts (PoCs) or Proofs of Value (PoV).
Depending on your needs, run the command to deploy Qodana Self-Hosted on your machine:
This configuration creates the default user with the following credentials:
Username:
tser@qodana.localPassword:
@wesomeQodana
These credentials are publicly known, so you should update them as soon as possible by navigating to the http://login.qodana.local page.
This command configures the qodana.mycompany.com custom domain along with user credentials.
This command uses the --env-file option to specify the path to the configuration file; in this case, the qodana-self-hosted.env file.
You can use the same --env-file flag for each subsequent command like backup, credentials or environment to ensure consistent behaviour.
You can export and persist secrets created during installation in the ${PWD}/secrets directory:
To make the secret idempotent, this command mounts the /app/qodana-installer/secrets directory for secret storage.
Here, the COMMON_LICENSE_KEY_SECRET variable configures a license key for production use. Without a valid key, the application runs with limited functionality.
The install-app command performs the following steps:
Initializes Docker Swarm (
docker swarm init) if the host is not already a Swarm node andDOCKER_SWARM_INIT=trueCreates the
qodana_self_hostedoverlay networkDeploys supporting tools: Traefik ingress (binds port 80) and
docker-swarm-gcGenerates all service secrets using
openssl randand stores them as Docker configurationsRenders configuration templates for each service like API, Audit, Git, Linters API
Renders RabbitMQ definitions and Keycloak realm templates, then deploys infrastructure services like PostgreSQL, MinIO, RabbitMQ, Keycloak
Waits 20 seconds for infrastructure to become available
Deploys Qodana application services: API, Audit, Git, Linters API, Report Processor, FUS, Frontend
The install-app command exits after submitting all stacks. Services continue starting up in the background.
The entire deployment process may take two or three minutes to complete.
After the deployment, make sure that all services reached their desired replica count by running the following command:
Every service should show 1/1 in the REPLICAS column. If any service shows 0/1, inspect its logs:
Alternatively, use the installer log aggregation:
In your browser, navigate to the configured domain to receive access to Qodana Self-Hosted.
Get a list of used variables
Run the environment command to display every configurable variable with its resolved value:
If you run this command with the same flags that you used for the install-app command, you will be able to see what values are in effect.
Manage credentials
All infrastructure credentials like database passwords, object storage keys, message queue passwords, or Keycloak admin accounts are generated randomly during deployment and stored as Docker configurations. They can be retrieved at any time without having to deploy Qodana Self-Hosted again.
All credentials are:
Generated during deployment using cryptographically secure random bytes via
openssl randStored immediately as Docker configs and labeled as
qodana.jetbrains.self-hosted.lite.select=trueMounted read-only into each service container at the path that a service expects
Never written to the host filesystem or any log output
Docker configs persist across container and service restarts. They are the single source of truth for all generated credentials and are what the credentials command reads.
Using the credentials command, you can retrieve credentials:
Here, under <target> you can use the following values:
Value | Description |
|---|---|
| Keycloak super-admin credentials. Used at the admin console available via |
| Default Qodana UI user credentials, used as an out-of-the-box login capability at |
| PostgreSQL credentials for the Keycloak database, provides direct access for diagnostic purposes |
| MinIO root user credentials. Used by MinIO console at |
| RabbitMQ application user credentials, used by the RabbitMQ management interface via the management plugin API |
The --format flag lets you use the following values:
The | Description |
|---|---|
|
|
|
|
|
|
Retrieve logs
Retrieve aggregated log entries from all running services using the logs command:
You can filter logs using the --filters parameter and labels described in the Configure Qodana Self-Hosted chapter. For example, the qodana.jetbrains.self-hosted.lite.service label lets you filter logs by a service type. This label accepts the following values:
Value | Services covered |
|---|---|
| API, Audit, Git API, Git Worker, Linters API, Report Processor, FUS, Frontend |
| PostgreSQL, MinIO, RabbitMQ, Keycloak |
| Traefik, docker-swarm-gc |
Below is an example command using this label and the application label value:
Using the Docker CLI, you can also query a single service directly:
Backup and restore
Using the backup and restore commands, you can create and restore compressed, timestamped backup data of all local data volumes. In this case, each backup is a full-volume snapshot, which requires sufficient free disk space on the host machine.
The commands require that you use absolute paths on the Docker host. Qodana Self-Hosted spawns a utility container via the Docker socket and mounts the path directly using a -v bind-mount, for example:
Command | Argument example | Mounted inside utility container as |
|---|---|---|
|
|
|
|
|
|
If you mount an external filesystem into the Qodana Self-Hosted container like -v /nas/backups:/backups, you should still pass the host-side path like /nas/backups to the command — not the container-internal path like /backups.
When using the -v flag to mount a volume in the utility container, the path is resolved by the Docker daemon on the host machine, not relatively to the installer container’s filesystem.
Creating a backup
The destination directory should already exist on the Docker host, for example:
Run the backup command to create a backup archive:
Here is a list of components contained in the backup archive:
Component | Data included |
|---|---|
PostgreSQL | All Qodana application databases (API, Audit, Git, Keycloak) |
MinIO | Analysis results, baselines, and global configuration buckets |
RabbitMQ | Message queue state |
Docker configs (secrets) are stored in Docker's config store and survive as long as the Swarm node exists.
The backup process does the following:
Pauses all services by setting replicas to
0Makes snapshots of all data volumes into a single timestamped archive:
backup-YYYY-MM-DD-HH-MM-SS.tar.gzVerifies archive integrity before resuming services
Resumes all services independently of the backup completion status
During the backup procedure, all services become unavailable. The archive step usually completes in seconds to a few minutes.
If the backup operation fails at any point after services are paused, they are automatically resumed. In this case, the archive is saved in the destination directory and should be deleted manually before the next backup attempt.
Restoring from a backup
To restore from a backup, follow these steps:
Before restoring, make sure that the backup archive file is available on the Docker host.
Run the
install-appcommand to create volumes and services. This is the recommended method for migrating to a new host. Any external integrations relying on the old secret values must be updated after migration.Run the
restorecommand with an absolute path to the backup archive file, for example:docker run \ --env-file qodana.env \ -v /var/run/docker.sock:/var/run/docker.sock \ quay.io/jetbrains/qodana-installer-cli:latest \ restore /srv/qodana-backups/backup-2025-02-17-14-30-16.tar.gz
The restore process does the following:
Validates the backup archive. If the archive is missing or corrupt, the process stops
Pauses all services by setting replicas to
0Wipes all volume data, i.e deletes current contents of every managed volume
Extracts the archive into clean volumes
Resumes all services independently of the restore completion status
Get help page
The help command lets you retrieve the help page for any available command:
Uninstall Qodana Self-Hosted
Run the uninstall command to remove Qodana Self-Hosted from Docker:
This action removes the following components:
Docker service stacks: application services, infrastructure services, supporting tools
All Docker configurations created by Qodana Self-Hosted like secrets and service configurations
All Docker volumes that are labeled as Qodana-managed
The qodana_self_hosted overlay network is not removed because removing and recreating it between deployments on the same host causes Docker Swarm to lose network stability, i.e. containers can no longer resolve each other. If you need to remove it, run the following command:
Reset passwords
User password management is handled through Keycloak. To reset passwords, perform the following steps:
Retrieve the Keycloak administrator credentials:
docker run \ -v /var/run/docker.sock:/var/run/docker.sock \ quay.io/jetbrains/qodana-installer-cli:latest \ credentials --keycloakSign in to the Keycloak Admin Console at
http://login.<DOMAIN>.At the Keycloak Admin Console, navigate to the
qodana, and then navigate to . Here, select the user's and then click .
Configure Qodana Self-Hosted
Labels and environment variables let you configure Qodana Self-Hosted specifically to your needs.
Global labels
Qodana Self-Hosted uses several global labels to mark the managed resources. You can use these labels to operate Qodana Self-Hosted:
Label and value | Description |
|---|---|
| Identify all resources that are part of the Qodana Self-Hosted installation |
| Display at runtime a Qodana Self-Hosted version that a specific resouce is related to. Dependent on the |
For example, you can use global variables to troubleshoot problems connected with service availability, for example:
Domain and hostname variables
Variable | Default value | Controls |
|---|---|---|
|
| Base domain; services without an explicit override default to |
|
| Web UI |
|
| API gateway |
|
| Object storage |
|
| Authentication |
|
| Linters API |
|
| Traefik subdomain prefix — full hostname is |
|
| Keycloak subdomain prefix |
This Docker command shows how you can override domain and host names while deploying Qodana Self-Hosted:
We recommend that you run the uninstall command prior to this command. This will let you remove the existing Docker configurations that may contain hostname values.
UI user variables
Qodana Self-Hosted creates one user in the qodana Keycloak realm that you can override using the following variables:
Variable | Default | Description |
|---|---|---|
|
| Username and email address |
|
| Plaintext password — hashed with Argon2id at deployment time |
You can override the user credentials using the following command:
Dependency mode variables
The QODANA_DEPENDENCIES_MODE variable controls whether infrastructure services are deployed as part of the Swarm or supplied externally. The variable accepts the following values:
Value | Description |
|---|---|
| The default value. Qodana Self-Hosted deploys PostgreSQL, MinIO, RabbitMQ, and Keycloak as Swarm services |
| Qodana Self-Hosted skips dependency deployment; you supply connection details via environment variables |
You can override the dependency mode using the following command:
Component-specific labels
Qodana Self-Hosted is operated by several services. To simplify administration, they are combined into the following groups:
Group name | Description |
|---|---|
| Stateful components |
| Qodana API, Qodana Git API, linter API and others |
| Ingress and garbage collection of Docker images and others |
Here, each group identifies a specific Docker Swarm stack.
Labels related to local dependencies
The qodana.jetbrains.self-hosted.lite.dependencies.local=true and qodana.jetbrains.self-hosted.lite.service-type=local-dependencies labels identify resources related to the qodana_self_hosted_local_dependencies stack or group.
The qodana.jetbrains.self-hosted.lite.database.volume.name label defines the internal name of a volume that will be mapped to a related stateful service that is part of a certain Docker stack.
You can find out the volume name for a given container using this Docker CLI command:
To understand the mount point of a specific Docker volume, you can use the qodana.jetbrains.self-hosted.lite.database.volume.path label.
Labels related to Qodana Self-Hosted
The qodana.jetbrains.self-hosted.lite.service-type=application label identifies the resources related to the qodana_self_hosted_local_service_tools stack.
Label related to supporting tools
The qodana.jetbrains.self-hosted.lite.service-type=supporting-tools label identifies the resources related to the qodana_self_hosted_local_service_tools stack.
Environment variables
Product
General
Environment variable | Description | Default value |
|---|---|---|
| Application logging level |
|
| Subdomain for identity provider (Keycloak) |
|
| Container registry URL for pulling images |
|
| Current version of Qodana Self-Hosted |
|
| Memory limit for the Frontend service |
|
| Object storage provider type |
|
| Message broker provider (RabbitMQ) |
|
FUS
Variables used for statistics collection and processing.
Environment variable | Description | Default value |
|---|---|---|
| Memory limit for FUS service |
|
| Java options for FUS |
|
| Whether FUS is internal only |
|
| Endpoint URL for FUS configuration |
|
Linter API
Linter API validates linters and checks for versions of supported linters and plugins.
General
Environment variable | Description | Default value |
|---|---|---|
| Memory limit for the Linters API service |
|
| Java options for the Linters API service |
|
| Username for Linters API Postgres database |
|
| Name of the Linters API Postgres database |
|
| Memory limit for the API service |
|
| Java options for the API (optional override) |
|
| Username for API Postgres database |
|
| Name of the API Postgres database |
|
| Zendesk feedback email for API support |
|
| Default version for linters CI templates |
|
| Organization name (optional) | |
| License ID for API (optional) |
|
GitHub
Environment variable | Description | Default value |
|---|---|---|
| Whether GitHub integration is enabled |
|
| Origin URL for GitHub |
|
| GitHub Application ID |
|
| GitHub Application Name |
|
| GitHub OAuth Client ID |
|
OAuth
Environment variable | Description | Default value |
|---|---|---|
| OAuth redirect URI for API |
|
| Base URL for OAuth provider |
|
| Authorization frontend URL for OAuth |
|
| OAuth client ID |
|
| List of OAuth request scopes |
|
| Required scopes for OAuth |
|
| Service name for OAuth provider |
|
| URL to fetch user info from OAuth provider |
|
| User ID field title in OAuth response |
|
| Email field title in OAuth response |
|
| Full name field title in OAuth response |
|
| Whether SAML is enabled for OAuth |
|
| Roles field in OAuth token (if any) |
|
| Realm access field in OAuth token |
|
| Resource access field in OAuth token |
|
| Current client field in OAuth token |
|
| Custom roles field in OAuth token |
|
Dependency services
Utility Swiss Knife container
Environment variable | Description | Default value |
|---|---|---|
| Utility Swiss Knife container image name |
|
| Tag for the Swiss Knife container |
|
Docker Swarm
Environment variable | Description | Default value |
|---|---|---|
| Run the |
|
| Address pool for Docker Swarm overlay network |
|
| Docker Swarm garbage collection image name |
|
| Tag for the Docker GC image |
|
For example, you can set the DOCKER_SWARM_INIT variable to false if the host is already a Swarm manager, which lets you skip the init attempt:
If 10.20.0.0/16 conflicts with existing networks on your host, use the DOCKER_SWARM_ADDRESS_POOL variable to a non-overlapping CIDR, for example:
Ingress traffic
Environment variable | Description | Default value |
|---|---|---|
| Ingress container image name |
|
| Tag for the ingress container (Traefik version) |
|
| Subdomain for ingress traffic |
|
Database
Environment variable | Description | Default value |
|---|---|---|
| Postgres container image name |
|
| Tag for the Postgres container image |
|
| Default Postgres database user |
|
| Password for Postgres user |
|
| Hostname for the database |
|
| Database port |
|
MinIO
Environment variable | Description | Default value |
|---|---|---|
| Hostname for MinIO | |
| MinIO registry image name |
|
| Tag for the MinIO registry image |
|
| MinIO client image name |
|
| Tag for the MinIO client image |
|
| Root user for MinIO instance |
|
| Root password for MinIO |
|
| Port for MinIO API service |
|
| Bucket name for storing Qodana results |
|
| Bucket name for storing Qodana baselines |
|
| Expiration time for MinIO presigned URLs in minutes |
|
RabbitMQ
Environment variable | Description | Default value |
|---|---|---|
| RabbitMQ registry image name |
|
| Tag for the RabbitMQ registry image |
|
| Hostname for the RabbitMQ service |
|
| Port for RabbitMQ service |
|
| Virtual host for RabbitMQ |
|
| Queue name for Qodana reports |
|
Keycloak
Environment variable | Description | Default value |
|---|---|---|
| Keycloak registry image name |
|
| Tag for the Keycloak image |
|
| Hostname for Keycloak instance |
|
| Keycloak database name |
|
Audit
Environment variable | Description | Default value |
|---|---|---|
| Memory limit for the Audit service |
|
| Java options for the Audit service |
|
| Username for Audit Postgres database |
|
| Name of the Audit Postgres database |
|
Git
Environment variable | Description | Default value |
|---|---|---|
| Queue name for Git contributors request |
|
| Queue name for Git contributors response |
|
| Wait time for contributors' responses |
|
| Max number of messages for contributors' responses |
|
| Number of workers for contributors' responses |
|
| Queue name for Git triggers |
|
| Wait time for Git triggers |
|
| Max number of messages for Git triggers |
|
| Number of workers for Git triggers |
|
| Memory limit for the Git Service |
|
| Java options for the Git Service |
|
| Username for Git Postgres database |
|
| Name of the Git Postgres database |
|
| Timeout for Git probe checks |
|
Report processor
Environment variable | Description | Default value |
|---|---|---|
| Memory limit for the Report Processor service |
|
| Java options for the Report Processor service |
|
| Username for Report Processor Postgres database |
|
| Name of the Report Processor Postgres database |
|
Known limitations
This table describes known limitations regarding the current Dockerized implementation of Qodana Self-Hosted:
Limitation | Detail |
|---|---|
No HTTPS | All communication is plain HTTP. An upstream TLS-terminating proxy is required for production |
No backup in remote mode | When the |
Single-node Swarm | Designed for single-node Docker Swarm. Multi-node deployments require additional volume and network planning |
Domain changes require reinstall | Hostnames are encoded in Docker configs at install time. Changing them requires running the |
No incremental backup | Each backup is a full volume snapshot |
Docker configs not in backup | Generated secrets are stored in Docker's config store, not in the data volume backup. They must be regenerated using the |
Startup time | Services continue starting after the installer exits. You should wait for 2–3 minutes before accessing the UI |
Troubleshooting
To troubleshoot the issues that may arise during deployment, configuration, or operation of Qodana Self-Hosted, use the following command to extract log entries:
Study log entries and also try to:
Look for the message related to a specific issue
Review the possible causes of the issue
Find the trace and debug the issue
If you cannot debug the issue or if the issue persists, navigate to the JetBrains website and create a request containing the following information:
Information item | Description |
|---|---|
Summary | Short and self-contained description of the issue |
Description | Additional information to outline the issue better |
Attachments | Any log files and screenshots, if available |
Tags | Specify the version |
Type | Try to categorize the title and the description of your case. This will be refined after the maintainers analyze the issue |
Priority | Set the priority to the issue. Apply common sense for the definition of the urgency level |
Services show 0/1 replicas after deployment
Run the following commands to detect the services that are not running:
Common causes: insufficient memory, port 80 already in use, hostnames not resolving.
Cannot reach the UI after install completes
Take the following actions to troubleshoot the issue:
Verify hostnames resolve:
curl -v http://qodana.localConfirm that Traefik is running:
docker service ls | grep traefikConfirm that port 80 is bound:
ss -tlnp | grep :80
The install-app command fails partway through
Consider rerunning the install-app command because it skips already created resources. Identify the cause from logs, fix the underlying cause (e.g., network conflict, missing Docker socket), then run the command again.
The credentials command returns nothing or errors
The credentials command reads Docker configs. If you have just uninstalled or are running on a different host, the configs do not exist. Consider running the install-app command first.
Backup fails with a permission error
The backup destination path should exist on the Docker host and be writable by the Docker daemon. Ensure that the directory exists:
Inspecting Docker configs
To make sure that Docker configs exist, run the following command:
Inspecting Qodana Self-Hosted volumes
Run the following command to inspect Qodana Self-Hosted volumes: