Templatescryptomator
security
cryptomator
Self-hosted key management and access control server for sharing Cryptomator-encrypted vaults across teams.
securityidentitystoragePostgreSQL
What gets deployed
Web
cryptomator server
PostgreSQL
managed database
GitHub stars700
About
Self-hosted key management and access control server for sharing Cryptomator-encrypted vaults across teams.
Managed services
- PostgreSQLTCP:5432
Environment Variables
| Variable | Description | Required |
|---|---|---|
| QUARKUS_HTTP_PORT | Default: 8080 | Optional |
| QUARKUS_DATASOURCE_JDBC_URL | Default: jdbc:postgresql://{{KUBERO_APP_NAME}}-postgresql-rw:5432/cryptomator | Optional |
| QUARKUS_DATASOURCE_USERNAME | Default: cryptomator | Optional |
| QUARKUS_DATASOURCE_PASSWORD | Default: cryptomator | Optional |
| HUB_PUBLIC_ROOT_PATH | Default: / | Optional |
| HUB_PUBLIC_URL | Default: {{KUBERO_APP_URL}} | Optional |
| HUB_KEYCLOAK_PUBLIC_URL | Default: {{KUBERO_APP_URL}}/kc | Optional |
| HUB_KEYCLOAK_LOCAL_URL | Default: http://cryptomator-idp:8080 | Optional |
| HUB_KEYCLOAK_REALM | Default: cryptomator | Optional |
| HUB_KEYCLOAK_SYSTEM_CLIENT_ID | Default: cryptomatorhub-system | Optional |
| HUB_KEYCLOAK_SYSTEM_CLIENT_SECRET | Default: cryptomator | Optional |
| HUB_KEYCLOAK_SYNCER_PERIOD | Default: 5m | Optional |
| HUB_KEYCLOAK_OIDC_CRYPTOMATOR_CLIENT_ID | Default: cryptomator | Optional |
| QUARKUS_OIDC_AUTH_SERVER_URL | Default: http://cryptomator-idp:8080/realms/cryptomator | Optional |
| QUARKUS_OIDC_CLIENT_ID | Default: cryptomatorhub | Optional |
| QUARKUS_OIDC_TOKEN_ISSUER | Default: any | Optional |
| QUARKUS_HTTP_PROXY_PROXY_ADDRESS_FORWARDING | Default: true | Optional |
| QUARKUS_OTEL_SDK_DISABLED | Default: true | Optional |
Deploy cryptomator
One click to deploy a fully configured cryptomator instance with all dependencies pre-wired.
Deploy NowReady to deploy cryptomator?
No infrastructure to manage. Just connect your repo and go live in seconds.