CodeDigSelf-Hosted
Run CodeDig entirely within your own infrastructure — on-premises, in a private cloud, or in an air-gapped environment.
Enterprise plan required. Self-hosted CodeDig is available on Enterprise plans by request. Contact security@codedig.ai to discuss your deployment and receive access to container images and a license key.
Availability
Self-hosted CodeDig is suited for organisations that:
- Cannot send source code to external services (compliance, ITAR, etc.)
- Require an air-gapped or private-network deployment
- Need to integrate with an on-premises GitHub Enterprise or GitLab instance
- Have contractual data residency requirements
The self-hosted deployment is functionally identical to the SaaS offering. All analysis runs locally — no code leaves your network.
Deployment artifacts
After your Enterprise agreement is in place, we provide:
- Container images — published to a private registry; pull with the credentials supplied by your account team
- Helm chart — at
helm/archaeologist-operator/in the release bundle (values.yaml,values-prod.yaml,values-staging.yaml) - Docker Compose reference —
docker/docker-compose.prod.ymlfor non-Kubernetes deployments - License key — required at startup; loaded via the
CODEDIG_LICENSE_KEYenvironment variable
Requirements
| Component | Requirement |
|---|---|
| Architecture | x86_64 (amd64) |
| RAM | >= 4 GB (8 GB recommended for large monorepos) |
| CPU | >= 2 cores |
| Disk | >= 20 GB for data + index storage |
| PostgreSQL | >= 14 |
| Redis | >= 6 (used for job queuing and caching) |
| Container runtime | Docker 20+ or Kubernetes 1.27+ |
Docker Compose
For smaller teams or evaluation deployments, Docker Compose is the fastest path to a running instance. A production-ready reference is included in the release bundle:
# Reference: docker/docker-compose.prod.yml
services:
api:
image: ghcr.io/sassy-solutions/codedig-api:latest
environment:
DATABASE_URL: postgres://user:pass@db:5432/codedig
REDIS_URL: redis://redis:6379
ports:
- "4000:4000"
depends_on: [db, redis]
db:
image: postgres:16
environment:
POSTGRES_DB: codedig
POSTGRES_USER: user
POSTGRES_PASSWORD: pass
redis:
image: redis:7-alpineSee docker/docker-compose.prod.yml in the release bundle for the complete definition including volume mounts, health checks, and resource limits.
Kubernetes / Helm
For production at scale, use the bundled Helm chart. Override values as needed for your environment:
# Reference: helm/archaeologist-operator/
helm install codedig ./helm/archaeologist-operator \
-f helm/archaeologist-operator/values-prod.yaml \
--set api.env.DATABASE_URL="postgres://..." \
--set api.env.REDIS_URL="redis://..." \
--namespace codedig --create-namespaceThe chart includes a Kubernetes Operator (crates/operator/) for managing CodeDig resources as Kubernetes custom resources, enabling GitOps-style configuration management.
Air-gapped environments
CodeDig's core analysis pipeline runs entirely locally and requires no outbound internet access for parsing, security scanning, or PR gate analysis. However, two features require outbound HTTPS:
- AI-assisted explanations and recommendations — these call your configured LLM provider endpoint. In air-gapped environments, point
LLM_BASE_URLat a locally-hosted model (e.g. vLLM or Ollama). Alternatively, AI features can be disabled entirely via the admin console. - License validation — requires a one-time call to
license.codedig.aiat startup. Offline license validation is available for fully air-gapped deployments — contact your account team to enable it.
For more information on AI data handling, see the Privacy Policy → AI Processing section.
Related: API Keys · Configuration Reference