Skip to content

Commit cf11836

Browse files
crypt0rrcrypt0rr
authored
Added Formbricks (#171)
1 parent 4c18463 commit cf11836

File tree

5 files changed

+326
-0
lines changed

5 files changed

+326
-0
lines changed

README.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -95,6 +95,7 @@ If you would like to add your own config, you can use the [service-template](tem
9595
| 🔄 **Resilio Sync** | A fast, reliable, and simple file sync and share solution. | [Details](services/resilio-sync) |
9696
| 🗂️ **Stirling-PDF** | A web application for managing and editing PDF files. | [Details](services/stirlingpdf) |
9797
| 📄 **BentoPDF** | A lightweight, self-hosted web app for viewing and managing PDF documents. | [Details](services/bentopdf) |
98+
| 📋 **Formbricks** | A self-hosted, open-source platform for collecting user feedback, surveys, and NPS. | [Details](services/formbricks) |
9899
| 🏦 **Subtrackr** | A self-hosted web app to track subscriptions, renewal dates, costs, and payment methods. | [Details](services/subtrackr) |
99100
| 🗃️ **Vaultwarden** | An unofficial Bitwarden server implementation written in Rust. | [Details](services/vaultwarden) |
100101
| 💸 **Wallos** | An open-source, self-hostable web app to track and manage your recurring subscriptions and expenses, with multi-currency support, customizable categories, and statistics. | [Details](services/wallos) |

services/formbricks/.env

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,8 @@
1+
#version=1.0
2+
#url=https://github.com/2Tiny2Scale/tailscale-docker-sidecar-configs
3+
#COMPOSE_PROJECT_NAME= // only use in multiple deployments on the same infra
4+
SERVICE=formbricks
5+
IMAGE_URL=ghcr.io/formbricks/formbricks:latest
6+
SERVICEPORT=3000
7+
TS_AUTHKEY=
8+
DNS_SERVER=9.9.9.9

services/formbricks/README.md

Lines changed: 35 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,35 @@
1+
2+
# Formbricks with Tailscale Sidecar Configuration
3+
4+
This Docker Compose configuration sets up **Formbricks** with a Tailscale sidecar container, enabling secure access to your self-hosted user feedback and survey platform over your private Tailscale network. With this setup, your Formbricks instance remains **private and accessible only from authorized devices on your Tailnet**, keeping feedback data and analytics protected from public exposure.
5+
6+
## Formbricks
7+
8+
[**Formbricks**](https://github.com/formbricks/formbricks) is an open-source, self-hosted alternative to tools like Typeform, Hotjar, and Google Forms. It allows you to collect **user feedback, surveys, NPS scores, and product insights** directly from your applications or websites, while maintaining full control over your data.
9+
10+
Formbricks is built with privacy, extensibility, and developer experience in mind, making it well-suited for internal tooling, SaaS products, and organizations that want insight without vendor lock-in.
11+
12+
## Key Features
13+
14+
- 📝 **Surveys & Forms** – Create surveys, forms, and questionnaires with a modern UI.
15+
-**NPS & CSAT** – Measure Net Promoter Score and customer satisfaction.
16+
- 🎯 **In-App Feedback** – Embed feedback widgets directly into your applications.
17+
- 📊 **Analytics & Dashboards** – Analyze responses with built-in insights.
18+
- 🔌 **API & Webhooks** – Integrate feedback data into external systems.
19+
- 🔐 **Privacy-First** – Full data ownership through self-hosting.
20+
- 🐳 **Docker-Ready** – Designed for containerized deployments.
21+
- 📦 **Open Source** – Community-driven and extensible.
22+
23+
## Why Self-Host?
24+
25+
Feedback data can include sensitive product insights, internal metrics, and personal information. Self-hosting Formbricks ensures **complete ownership and control over your data**, supports compliance requirements, and removes reliance on third-party SaaS platforms. Combined with Tailscale, Formbricks becomes a secure internal feedback system that is never exposed to the public internet.
26+
27+
## Configuration Overview
28+
29+
In this deployment, a **Tailscale sidecar container** (for example `tailscale-formbricks`) runs the Tailscale client and joins your private Tailscale network. The main `formbricks` service uses:
30+
31+
```plain
32+
network_mode: service:tailscale-formbricks
33+
```
34+
35+
This configuration routes all inbound and outbound traffic through the Tailscale interface, ensuring that the Formbricks admin UI, APIs, and feedback endpoints are accessible **only via your Tailscale network**. This keeps sensitive feedback data protected while still allowing secure access for authorized team members.

services/formbricks/config/serve.json

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,16 @@
1+
{
2+
"TCP": {
3+
"443": {
4+
"HTTPS": true
5+
}
6+
},
7+
"Web": {
8+
"${TS_CERT_DOMAIN}:443": {
9+
"Handlers": {
10+
"/": {
11+
"Proxy": "http://127.0.0.1:3000"
12+
}
13+
}
14+
}
15+
}
16+
}

services/formbricks/docker-compose.yml

Lines changed: 266 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,266 @@
1+
services:
2+
# Make sure you have updated/checked the .env file with the correct variables.
3+
# All the ${ xx } need to be defined there.
4+
# Tailscale Sidecar Configuration
5+
tailscale:
6+
image: tailscale/tailscale:latest # Image to be used
7+
container_name: tailscale-${SERVICE} # Name for local container management
8+
hostname: ${SERVICE} # Name used within your Tailscale environment
9+
environment:
10+
- TS_AUTHKEY=${TS_AUTHKEY}
11+
- TS_STATE_DIR=/var/lib/tailscale
12+
- TS_SERVE_CONFIG=/config/serve.json # Tailscale Serve configuration to expose the web interface on your local Tailnet - remove this line if not required
13+
- TS_USERSPACE=false
14+
- TS_ENABLE_HEALTH_CHECK=true # Enable healthcheck endpoint: "/healthz"
15+
- TS_LOCAL_ADDR_PORT=127.0.0.1:41234 # The <addr>:<port> for the healthz endpoint
16+
#- TS_ACCEPT_DNS=true # Uncomment when using MagicDNS
17+
volumes:
18+
- ./config:/config # Config folder used to store Tailscale files - you may need to change the path
19+
- ./ts/state:/var/lib/tailscale # Tailscale requirement - you may need to change the path
20+
devices:
21+
- /dev/net/tun:/dev/net/tun # Network configuration for Tailscale to work
22+
cap_add:
23+
- net_admin # Tailscale requirement
24+
#ports:
25+
# - 0.0.0.0:${SERVICEPORT}:${SERVICEPORT} # Binding port ${SERVICE}PORT to the local network - may be removed if only exposure to your Tailnet is required
26+
# If any DNS issues arise, use your preferred DNS provider by uncommenting the config below
27+
#dns:
28+
# - ${DNS_SERVER}
29+
healthcheck:
30+
test: ["CMD", "wget", "--spider", "-q", "http://127.0.0.1:41234/healthz"] # Check Tailscale has a Tailnet IP and is operational
31+
interval: 1m # How often to perform the check
32+
timeout: 10s # Time to wait for the check to succeed
33+
retries: 3 # Number of retries before marking as unhealthy
34+
start_period: 10s # Time to wait before starting health checks
35+
restart: always
36+
37+
postgres:
38+
restart: always
39+
image: pgvector/pgvector:pg17
40+
volumes:
41+
- ./${SERVICE}-data/postgres:/var/lib/postgresql/data
42+
environment:
43+
- POSTGRES_PASSWORD=postgres
44+
45+
redis:
46+
restart: always
47+
image: valkey/valkey@sha256:12ba4f45a7c3e1d0f076acd616cb230834e75a77e8516dde382720af32832d6d
48+
command: valkey-server --appendonly yes
49+
volumes:
50+
- ./${SERVICE}-data/redis:/data
51+
52+
formbricks:
53+
image: ${IMAGE_URL}
54+
network_mode: service:tailscale
55+
container_name: app-${SERVICE}
56+
environment:
57+
######################################################## REQUIRED ########################################################
58+
59+
# The url of your Formbricks instance used in the admin panel
60+
# Set this to your public-facing URL, e.g., https://example.com
61+
WEBAPP_URL: "https://formbricks.<YOUR-TAILNET>.ts.net"
62+
63+
# Required for next-auth. Should be the same as WEBAPP_URL
64+
NEXTAUTH_URL: "https://formbricks.<YOUR-TAILNET>.ts.net"
65+
66+
# PostgreSQL DB for Formbricks to connect to
67+
DATABASE_URL: "postgresql://postgres:postgres@postgres:5432/formbricks?schema=public"
68+
69+
# NextJS Auth
70+
# @see: https://next-auth.js.org/configuration/options#nextauth_secret
71+
# You can use: `openssl rand -hex 32` to generate one
72+
NEXTAUTH_SECRET: ""
73+
74+
# Encryption Key is used for 2FA & Single use URLs for Link Surveys
75+
# You can use: $(openssl rand -hex 32) to generate one
76+
ENCRYPTION_KEY: ""
77+
78+
# API Secret for running cron jobs.
79+
# You can use: $(openssl rand -hex 32) to generate a secure one
80+
CRON_SECRET: ""
81+
82+
# Redis URL for caching, rate limiting, and audit logging
83+
# To use external Redis/Valkey: remove the redis service below and update this URL
84+
REDIS_URL: "redis://redis:6379"
85+
86+
# Set the minimum log level(debug, info, warn, error, fatal)
87+
# LOG_LEVEL: "info"
88+
89+
############################################# OPTIONAL (ENTERPRISE EDITION) #############################################
90+
91+
# Enterprise License Key (More info at: https://formbricks.com/docs/self-hosting/license)
92+
# Required to access Enterprise-only features
93+
# ENTERPRISE_LICENSE_KEY: ""
94+
95+
############################################# OPTIONAL (EMAIL CONFIGURATION) #############################################
96+
97+
# Email Configuration
98+
# MAIL_FROM: ""
99+
# MAIL_FROM_NAME: ""
100+
# SMTP_HOST: ""
101+
# SMTP_PORT: ""
102+
# SMTP_USER: ""
103+
# SMTP_PASSWORD: ""
104+
# SMTP_AUTHENTICATED: ""
105+
106+
# (Additional option for TLS (port 465) only)
107+
# SMTP_SECURE_ENABLED: ""
108+
109+
# If set to 0, the server will accept connections without requiring authorization from the list of supplied CAs (default is 1).
110+
# SMTP_REJECT_UNAUTHORIZED_TLS: "0"
111+
112+
############################################## OPTIONAL (APP CONFIGURATION) ##############################################
113+
114+
# Set the below to 0 to enable Email Verification for new signups (will required Email Configuration)
115+
EMAIL_VERIFICATION_DISABLED: "1"
116+
117+
# Set the below to 0 to enable Password Reset (will required Email Configuration)
118+
PASSWORD_RESET_DISABLED: "1"
119+
120+
# Set the below to 1 to disable logins with email
121+
# EMAIL_AUTH_DISABLED: ""
122+
123+
# Set the below to 1 to disable invites
124+
# INVITE_DISABLED: ""
125+
126+
# Set the below if you want to ship JS & CSS files from a complete URL instead of the current domain
127+
# ASSET_PREFIX_URL: ""
128+
129+
# Set the below to your Unsplash API Key for their Survey Backgrounds
130+
# UNSPLASH_ACCESS_KEY: ""
131+
132+
# Set the below to your public domain (default is WEBAPP_URL)
133+
# PUBLIC_URL: ""
134+
135+
# The SENTRY_DSN is used for error tracking and performance monitoring with Sentry.
136+
# SENTRY_DSN: ""
137+
# It's used for authentication when uploading source maps to Sentry, to make errors more readable.
138+
# SENTRY_AUTH_TOKEN: ""
139+
# The SENTRY_ENVIRONMENT is used to identify the environment in Sentry.
140+
# SENTRY_ENVIRONMENT: ""
141+
142+
################################################### OPTIONAL (STORAGE) ###################################################
143+
144+
# Set S3 Storage configuration (required for the file upload in serverless environments like Vercel)
145+
# S3_ACCESS_KEY: ""
146+
# S3_SECRET_KEY: ""
147+
# S3_REGION: ""
148+
# S3_BUCKET_NAME: ""
149+
150+
# Set a third party S3 compatible storage service endpoint like StorJ leave empty if you use Amazon S3
151+
# S3_ENDPOINT_URL: ""
152+
153+
# Force path style for S3 compatible storage (0 for disabled, 1 for enabled)
154+
# S3_FORCE_PATH_STYLE: "0"
155+
156+
############################################# OPTIONAL (OAUTH CONFIGURATION) #############################################
157+
158+
# Set the below from Cloudflare Turnstile if you want to enable turnstile in signups
159+
# TURNSTILE_SITE_KEY: ""
160+
# TURNSTILE_SECRET_KEY: ""
161+
162+
# Set the below keys to enable recaptcha V3 for survey responses bot protection(only available in the Enterprise Edition)
163+
# RECAPTCHA_SITE_KEY: ""
164+
# RECAPTCHA_SECRET_KEY: ""
165+
166+
# Set the below from GitHub if you want to enable GitHub OAuth
167+
# GITHUB_ID: ""
168+
# GITHUB_SECRET: ""
169+
170+
# Set the below from Google if you want to enable Google OAuth
171+
# GOOGLE_CLIENT_ID: ""
172+
# GOOGLE_CLIENT_SECRET: ""
173+
174+
# Set the below from Azure Active Directory Login if you want to enable Azure AD OAuth
175+
# AZUREAD_CLIENT_ID: ""
176+
# AZUREAD_CLIENT_SECRET: ""
177+
# AZUREAD_TENANT_ID: ""
178+
179+
# Set the below to OpenID Connect Provider if you want to enable OIDC
180+
# OIDC_CLIENT_ID: ""
181+
# OIDC_CLIENT_SECRET: ""
182+
# OIDC_ISSUER: ""
183+
# OIDC_DISPLAY_NAME: ""
184+
# OIDC_SIGNING_ALGORITHM: ""
185+
186+
# Set the below to SAML Provider if you want to enable SAML
187+
# SAML_DATABASE_URL: "postgresql://postgres:postgres@postgres:5432/formbricks-saml?sslmode=disable"
188+
189+
########################################## OPTIONAL (THIRD PARTY INTEGRATIONS) ###########################################
190+
191+
# Oauth credentials for Notion Integration
192+
# NOTION_OAUTH_CLIENT_ID: ""
193+
# NOTION_OAUTH_CLIENT_SECRET: ""
194+
195+
# Oauth credentials for Google Sheet Integration
196+
# GOOGLE_SHEETS_CLIENT_ID: ""
197+
# GOOGLE_SHEETS_CLIENT_SECRET: ""
198+
# GOOGLE_SHEETS_REDIRECT_URL: ""
199+
200+
# Oauth credentials for Airtable Integration
201+
# AIRTABLE_CLIENT_ID: ""
202+
203+
# Oauth credentials for Slack Integration
204+
# SLACK_CLIENT_ID: ""
205+
# SLACK_CLIENT_SECRET: ""
206+
207+
############################################### OPTIONAL (LEGAL INFORMATION) ################################################
208+
209+
# Set the below to have your own Privacy Page URL on auth & link survey page
210+
# PRIVACY_URL: ""
211+
212+
# Set the below to have your own Terms Page URL on auth & link survey page
213+
# TERMS_URL: ""
214+
215+
# Set the below to have your own Imprint Page URL on auth & link survey page
216+
# IMPRINT_URL: ""
217+
218+
# Set the below to have your own Address on email footer
219+
# IMPRINT_ADDRESS: ""
220+
221+
########################################## OPTIONAL (SERVER CONFIGURATION) ###########################################
222+
223+
# Set the below to 1 to disable Rate Limiting across Formbricks
224+
# RATE_LIMITING_DISABLED: "1"
225+
226+
# Set the below to send OpenTelemetry data for tracing
227+
# OPENTELEMETRY_LISTENER_URL: "http://localhost:4318/v1/traces"
228+
229+
########################################## OPTIONAL (AUDIT LOGGING) ###########################################
230+
231+
# Set the below to 1 to enable audit logging.
232+
# AUDIT_LOG_ENABLED: "1"
233+
234+
# Set the below to get the ip address of the user from the request headers
235+
# AUDIT_LOG_GET_USER_IP: "1"
236+
237+
############################################# OPTIONAL (OTHER) #############################################
238+
239+
# signup is disabled by default for self-hosted instances, users can only signup using an invite link, in order to allow signup from SSO(without invite), set the below to 1
240+
# AUTH_SKIP_INVITE_FOR_SSO: "1"
241+
242+
# Set the below to automatically assign new users to a specific team, insert an existing team id
243+
# (Role Management is an Enterprise feature)
244+
# AUTH_SSO_DEFAULT_TEAM_ID: ""
245+
246+
# Configure the minimum role for user management from UI(owner, manager, disabled)
247+
# USER_MANAGEMENT_MINIMUM_ROLE: "manager"
248+
249+
# Configure the maximum age for the session in seconds. Default is 86400 (24 hours)
250+
# SESSION_MAX_AGE: "86400"
251+
252+
# Container/host settings
253+
PUID: "1000"
254+
PGID: "1000"
255+
TZ: Europe/Amsterdam
256+
volumes:
257+
- ./${SERVICE}-data/app/config:/config
258+
- ./${SERVICE}-data/saml-connection:/home/nextjs/apps/web/saml-connection
259+
depends_on:
260+
tailscale:
261+
condition: service_healthy
262+
postgres:
263+
condition: service_started
264+
redis:
265+
condition: service_started
266+
restart: always

0 commit comments

Comments
 (0)