☰ Documentation menu
Libraries & reference

Deployment & self-hosting

QuantumLedger can run anywhere from a single SQLite file to a full PostgreSQL-backed cluster. The server is source-available (BUSL-1.1); see Libraries & downloads.

One-command self-host (Docker Compose)

cd deploy && docker compose up -d

This brings up four services (defined in deploy/docker-compose.yml):

Service Role
postgres PostgreSQL 16 database.
api The FastAPI app (web UI + API) on port 8000.
worker Async job processor (reproduce jobs, corpus ingestion, background tasks).
proxy Caddy reverse proxy — TLS and caching headers.

Persistent volumes hold the database (pgdata), attestation keys and other state (qldata), and TLS certificates (caddydata).

Configuration (environment variables)

Variable Purpose
QL_DATABASE_URL Connection string. A PostgreSQL URL for hosted, or a SQLite URL for a tiny single-node deployment.
QL_DEPLOYMENT Deployment flavor (selfhost / hosted / …) — drives feature gates and UI copy.
QL_BASE_URL Public base URL (e.g. https://quantumledger.example.com).
QL_SECRET_KEY Session-cookie secret. Set a strong value in production.
QL_ATTESTATION_KEY_PATH Path to the Ed25519 private key used to sign attestations.
QL_PUBLIC_CARDS true/false. Set false for a VPC/air-gapped install so cards and badges stay internal.
QL_ADMIN_EMAIL Initial admin account.

Generate a strong, unique QL_SECRET_KEY in production — it signs session cookies. Never reuse the development default, and store the attestation key (QL_ATTESTATION_KEY_PATH) somewhere durable and backed up.

Tiny / offline deployments

Point QL_DATABASE_URL at a SQLite file for a single-node install — the schema is identical to the PostgreSQL one, so nothing else changes. Combine with QL_PUBLIC_CARDS=false for a fully internal, air-gapped deployment (no public cards, badges, or corpus exposure).

Running the app directly

pip install -e packages/ql-core -e packages/ql-sdk -e packages/ql-crawler -e server
PYTHONPATH=server uvicorn app.main:app --port 8000

The image builds from deploy/Dockerfile (python:3.12-slim), installs all packages, and runs uvicorn app.main:app.

Verifying attestations from outside

Consumers verify attestations against the public keys published at /.well-known/quantumledger-jwks.json — no privileged access needed. See Compliance & attestations.

Tests

python -m pytest   # determinism, immutability, dedup, drift, rule engine, attestation, crawler, e2e

That's the end of the guide — back to the overview, or browse the live API reference.