Self-Hosting Wealthfolio
Run Wealthfolio on your own infrastructure. Pick the platform that fits your setup, from Docker to Unraid, Proxmox, or Coolify.
Wealthfolio is local-first by design. The desktop app keeps everything on your machine. The web edition packages the same engine into a single Docker image so you can run it on a homelab, NAS, or VPS and access it from any browser.
This guide is split into platform-specific pages. Pick the one that matches how you already host services.
Image
Multi-arch (linux/amd64, linux/arm64), published on every release:
| Registry | Image |
|---|---|
| Docker Hub | wealthfolio/wealthfolio:latest |
| GHCR | ghcr.io/wealthfolio/wealthfolio:latest |
The legacy afadil/wealthfolio Docker Hub image is still published on
every release as a backwards-compat mirror, so existing compose files
don’t need changes.
Pin to a specific tag (e.g. 3.3.0) in production rather than latest.
Pick your platform
| You already use… | Read this |
|---|---|
| Plain Docker on a Linux box | Docker |
Docker Compose / a compose.yml workflow | Docker Compose |
| Unraid (NAS / homelab) | Unraid |
| Proxmox VE (LXC or VMs) | Proxmox |
| Coolify (self-hosted PaaS) | Coolify |
| Something else | Docker (works anywhere Docker runs) |
After install, all platforms share the same configuration:
- 📋 Configuration reference: every
WF_*env var explained, plus Argon2 hash escaping - 🌐 Reverse proxy setup: Nginx, Caddy, Traefik, NPM examples for HTTPS
What you’ll need before you start
Two values are required in every deployment:
-
A 32-byte secret key that encrypts your stored API keys and signs JWTs:
openssl rand -base64 32Save this somewhere safe. Losing it means losing access to all stored broker credentials and exchange API keys.
-
A login password hash (Argon2id PHC string):
printf 'your-password' | argon2 yoursalt16chars! -id -e(
brew install argon2,apt install argon2, or use argon2.online.)
Both go into environment variables your platform will ask for. The Configuration reference walks through every variable.
Use printf (not echo -n) when generating the hash. echo adds a trailing newline on some
shells that breaks login silently.
Quick taste: Docker one-liner
If you just want to kick the tires:
docker run --rm -d \
--name wealthfolio \
-p 8088:8088 \
-v wealthfolio-data:/data \
-e WF_LISTEN_ADDR=0.0.0.0:8088 \
-e WF_DB_PATH=/data/wealthfolio.db \
-e WF_SECRET_KEY=$(openssl rand -base64 32) \
-e WF_AUTH_PASSWORD_HASH='$argon2id$v=19$m=19456,t=2,p=1$...' \
-e WF_CORS_ALLOW_ORIGINS=http://localhost:8088 \
wealthfolio/wealthfolio:latestOpen http://localhost:8088 and log in with your password. For anything
beyond a quick try, follow the platform-specific guide above.
Getting help
- Discord: discord.gg/WDMCY6aPWK
- GitHub Issues: github.com/wealthfolio/wealthfolio/issues
- Source: github.com/wealthfolio/wealthfolio (AGPL-3.0)