Skip to content

Instantly share code, notes, and snippets.

@alejandromav

alejandromav/Readme.md

Last active July 21, 2025 11:53
Show Gist options
  • Save alejandromav/f4b61d77580ad9596a0a92c6a2df7c19 to your computer and use it in GitHub Desktop.
Save alejandromav/f4b61d77580ad9596a0a92c6a2df7c19 to your computer and use it in GitHub Desktop.
Download ZIP
Self-managed Tinybird deployment - Minimal setup
Raw
Readme.md

Docs: https://www.tinybird.co/docs/v2/get-started/install-tinybird/self-managed

1. Pre-requisites

  • Tinybird account
  • Domain name, and ability to update DNS recrods
  • 4+ CPUs and 16+ GB virtual machine
  • Docker

Sign up to https://cloud.tinybird.co and create your workspace.

Then Install Tinybird CLI, log in, and choose your workspace:

curl -fsSL https://api.tinybird.co/static/install.sh | sh
tb login

Create the DNS recrods for the tinybird.yourdomain.com subdomain pointing to your VM.

2. Create custom region

Follow the instructions:

tb infra add

Copy all the TB_INFRA_ environment variables to use them later in your .env file.

3. Deploy custom Tinybird instance

services:
  tinybird:
    image: tinybirdco/tinybird-local:beta
    # If you want to limit container resources
    # deploy:
    #   resources:
    #     limits:
    #       cpus: '4'
    #       memory: '16GB'
    ports:
      - "7181:7181"
    env_file:
      - .env
    volumes:
      - ./disk/var/lib/clickhouse:/var/lib/clickhouse
      - ./disk/redis-data:/redis-data

  nginx:
    image: nginx:latest
    ports:
      - "80:80"   # Redirect HTTP
      - "443:443" # HTTPS
    volumes:
      - ./nginx.conf:/etc/nginx/nginx.conf:ro
      - ./certs:/etc/nginx/certs:ro  # SSL Certificates
    depends_on:
      - tinybird

Your .env file, with the valeus coming from the tb infra add step:

TB_INFRA_TOKEN=p.eyJpIjogIjg1ZjNk... # Keep it secret!
TB_INFRA_WORKSPACE=alejandromav
TB_INFRA_ORGANIZATION=Tinybird
[email protected]

Create a file nginx.conf in your project folder with the following content:

events {}

http {
    server {
        listen 80;
        server_name tinybird.yourdomain.com;

        # Redirect all HTTP requests to HTTPS
        return 301 https://$host$request_uri;
    }

    server {
        listen 443 ssl;
        server_name tinybird.yourdomain.com;

        # SSL Certificates
        ssl_certificate /etc/nginx/certs/fullchain.pem;
        ssl_certificate_key /etc/nginx/certs/privkey.pem;

        # Reverse proxy to Tinybird
        location / {
            proxy_pass http://tinybird:7181;  # Tinybird container
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;
        }
    }
}

🔹 Replace tinybird.yourdomain.com with your actual domain name.

You need an SSL certificate to enable HTTPS. You can use Let's Encrypt for free:

# Install Certbot
sudo apt install certbot

# Generate a certificate
# This will generate SSL files in /etc/letsencrypt/live/tinybird.yourdomain.com/
sudo certbot certonly --manual --preferred-challenges dns -d tinybird.yourdomain.com

# Copy the SSL files to your project:
mkdir -p certs
sudo cp /etc/letsencrypt/live/tinybird.yourdomain.com/fullchain.pem certs/
sudo cp /etc/letsencrypt/live/tinybird.yourdomain.com/privkey.pem certs/

4. Start Everything

docker-compose up -d

5. Log in to your custom region

tb login --host https://tinybird.yourdomain.com
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment