Dawarich: A Guide to Self-Hosting Your Location Data

In an increasingly digitized world, where services like Google Location History are ubiquitous for tracking personal movements and visited places, the need for comprehensive control over this sensitive data is growing. Dawarich positions itself as a powerful open-source alternative, allowing users to host and manage their location history independently on their own server. The following is a guide to installing, configuring, and running Dawarich to ensure sovereignty over your own location data.

1. Conceptual Framework and Necessity

Dawarich serves as a private and secure database for geographic movement data. It enables a retrospective analysis of trips and visited places, comparable to commercial offerings, but with the crucial advantage of complete data sovereignty. The motivation behind Dawarich is to give users back control over where and how their very personal location information is stored and processed.

2. Prerequisites for Installation

Before starting the installation, the following components and knowledge are required:

• Server Infrastructure: A physical or virtual server. This can be a home server (e.g., Raspberry Pi, Synology NAS) or a Virtual Private Server (VPS) from a hosting provider.
• Software: Docker and Docker Compose must be installed and functional on the server.
• Domain: A registered domain that will be used to access the Dawarich instance.
• Basic Linux Skills: Familiarity with the command line is necessary for server administration and Docker management.

3. Installation Steps on a Linux Server (Ubuntu)

The following guide describes the installation of Dawarich using Docker and Docker Compose on an Ubuntu server.

3.1. Server Provisioning and Initial Configuration

• Server Provisioning: Rent a VPS (Affiliate).
• Operating System Installation: Ubuntu 24.04 is chosen as the operating system. A dedicated user with a secure password is created.
• DNS Configuration:
  • Find the IP address of the newly provisioned server.
  • In the DNS management panel for your domain, set A-records for the root domain (@) and wildcard subdomains (*), or a specific subdomain (e.g., dawarich.yourdomain.com), to point to the server’s IP address.
  • Important: DNS change propagation can take some time (from minutes to hours). You can use the command ping dawarich.yourdomain.com to check if the resolution is correct.

3.2. Installation of Docker Engine and Docker Compose

• Docker Engine:

  • Go to the official installation guide. It is important to install the Docker Engine, not Docker Desktop.

  • Follow the specific instructions for Ubuntu. This typically involves adding the Docker repository and installing via apt. Example commands:

    sudo apt-get update
    sudo apt-get install ca-certificates curl
    sudo install -m 0755 -d /etc/apt/keyrings
    sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
    sudo chmod a+r /etc/apt/keyrings/docker.asc
    
    # Add the repository to Apt sources:
    echo \
      "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
      $(. /etc/os-release && echo "${UBUNTU_CODENAME:-$VERSION_CODENAME}") stable" | \
      sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
    sudo apt-get update

    sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin

• Verify the Installation:

  docker --version
  docker compose version

  These commands should display the installed versions and confirm that Docker and Docker Compose are ready to use.

3.3. Preparation and Configuration of the Dawarich Application

• Directory Creation:
  • Connect to your server (e.g., via SSH or Visual Studio Code with the “Remote - SSH” extension: username@YOUR-SERVER-IP).
  • Create a dedicated directory for the Dawarich configuration:

    mkdir dawarich
    cd dawarich

• Docker Compose YAML File:
  • Create a compose.yaml file in this directory: touch compose.yaml.
  • Open the file with a text editor.
  • Copy the contents of the docker-compose.production.yaml from the official Dawarich repository and paste it into your compose.yaml file.

3.4. Customizing the compose.yaml

The compose.yaml defines the various services (Redis, database, app, Sidekiq) and their interactions.

• Networks (networks):
  • The internal dawarich network connects the Dawarich services.
  • For the later reverse proxy integration, an external network (e.g., proxy) will be added.
• Database Service (dawarich_db):
  • Image: postgis/postgis:17-3.5-alpine (PostgreSQL with PostGIS extensions).
  • Volume Management: I’m using a bind mount for the database data. Change dawarich_db_data:/var/lib/postgresql/data to ./db_data:/var/lib/postgresql/data.
  • Create the host folder: mkdir db_data.
  • Environment Variables (environment):
    • POSTGRES_USER: e.g., postgres (default).
    • POSTGRES_PASSWORD: e.g., password (default).
    • POSTGRES_DB: e.g., dawarich_production (default).
    • Important: If you change POSTGRES_USER or POSTGRES_PASSWORD, these changes must also be consistently applied in the health check configurations of this service, as well as in the database connection settings of the dawarich-app and dawarich-sidekiq services.
• Dawarich App Service (dawarich_app):
  • Image: Use a specific version tag, e.g., freika/dawarich:0.27.3. Avoid latest, as Dawarich is under active development and latest can lead to unexpected errors or incompatibilities.
  • Volumes: Configure bind mounts for persistent data:
    • ./public:/var/app/public
    • ./watched:/var/app/tmp/imports/watched
    • ./storage:/var/app/storage
    • Create the corresponding host folders: mkdir public watched storage. These should be empty before the first start.
  • Ports: The port forwarding (e.g., 3000:3000) will be removed later when the reverse proxy is configured.
  • Environment Variables:
    • TIME_ZONE: Set the time zone, e.g., Europe/Berlin.
    • APPLICATION_HOSTS: Initially set to localhost and the server’s IP address (e.g., localhost,::1,127.0.0.1,123.45.67.89). The domain will be added here later.
    • The database connection variables (DATABASE_URL or individual parameters) must match the values set for dawarich_db.
  • deploy Block (Resource Limits): This block defines CPU and RAM limits. If you encounter errors like “unsupported deploy” when starting the containers, remove the entire deploy block, as it is not supported by all Docker installations.
• Removing Unneeded Named Volumes: If you are consistently using bind mounts, the named volume definitions at the end of the compose.yaml file should be removed.

networks:
  dawarich:
    external: false
# proxy:
  # external: true
services:
  dawarich_db:
    image: postgis/postgis:17-3.5-alpine
    shm_size: 1G
    container_name: dawarich_db
    volumes:
      - ./db_data:/var/lib/postgresql/data
    networks:
      - dawarich
    environment:
      POSTGRES_USER: postgres
      POSTGRES_PASSWORD: password
      POSTGRES_DB: dawarich_production
    restart: always
    healthcheck:
      test: [ "CMD", "pg_isready", "-U", "postgres" ]
      interval: 10s
      retries: 5
      start_period: 30s
      timeout: 10s
  dawarich_app:
    image: freika/dawarich:0.27.3
    container_name: dawarich_app
    volumes:
      - ./public:/var/app/public
      - ./watched:/var/app/tmp/imports/watched
      - ./storage:/var/app/storage
    networks:
      - dawarich
    # - proxy
    ports:
      - 3000:3000
      # - 9394:9394 # Prometheus exporter, uncomment if needed
    stdin_open: true
    tty: true
    entrypoint: web-entrypoint.sh
    command: ['bin/rails', 'server', '-p', '3000', '-b', '::']
    restart: on-failure
    environment:
      RAILS_ENV: production
      DATABASE_HOST: dawarich_db
      DATABASE_PORT: 5432
      DATABASE_USERNAME: postgres
      DATABASE_PASSWORD: password
      DATABASE_NAME: dawarich_production
      MIN_MINUTES_SPENT_IN_CITY: 60
      APPLICATION_HOSTS: localhost,::1,127.0.0.1,YOUR_SERVER_IP,dawarich.yourdomain.com
      TIME_ZONE: Europe/Berlin
      APPLICATION_PROTOCOL: http
      PROMETHEUS_EXPORTER_ENABLED: false
      PROMETHEUS_EXPORTER_HOST: 0.0.0.0
      PROMETHEUS_EXPORTER_PORT: 9394
      SECRET_KEY_BASE: 12345678901234567890
      RAILS_LOG_TO_STDOUT: "true"
      STORE_GEODATA: "true"
    logging:
      driver: "json-file"
      options:
        max-size: "100m"
        max-file: "5"
    healthcheck:
      test: [ "CMD-SHELL", "wget -qO - http://127.0.0.1:3000/api/v1/health | grep -q '\"status\"\\s*:\\s*\"ok\"'" ]
      interval: 10s
      retries: 30
      start_period: 30s
      timeout: 10s
    depends_on:
      dawarich_db:
        condition: service_healthy
        restart: true
    deploy:
      resources:
        limits:
          cpus: '0.50'    # Limit CPU usage to 50% of one core
          memory: '4G'    # Limit memory usage to 4GB

3.5. Starting the Dawarich Containers

sudo docker compose up -d

This command downloads the Docker images (if not already present) and starts all defined services in the background (-d). Check the logs if you encounter problems:

sudo docker compose logs -f
sudo docker compose ps # Shows the status of the containers
sudo docker compose stats # Shows resource consumption

A common error on the first start is an incorrect or non-existent image tag.

3.6. First Access and User Setup

• After all containers have started successfully (health checks must be positive), Dawarich is initially accessible at http://YOUR-SERVER-IP:3000 (if port 3000 has been opened).
• “Blocked Host” Problem: If access is blocked, it’s often due to the APPLICATION_HOSTS setting. Add your server’s IP address to this variable in the compose.yaml, stop the containers (sudo docker compose down), and restart them.
• Default Login: demo@dawarich.app with the password password.
• Change Password: Change the password immediately.

4. Configuring a Reverse Proxy (Caddy) for HTTPS and Domain Access

For production use, access via a domain with HTTPS is essential.

• Network Preparation:

  • Create an external Docker network for the proxy:

    sudo docker network create proxy

  • Stop the Dawarich containers: sudo docker compose down.

  • Adjust the Dawarich compose.yaml:

    • Add the proxy network to the networks section:

      networks:
        dawarich:
          external: false
        proxy:
          external: true

    • Remove the ports section from the dawarich_app service.

    • Add the proxy network to the dawarich_app service:

      services:
        dawarich_app:
          # ... other configurations ...
          networks:
            - dawarich # internal network
            - proxy    # external proxy network

    • Update the APPLICATION_HOSTS variable in the dawarich_app configuration to include your domain.

• Caddy Configuration:
  • Create a directory for Caddy and create a compose.yaml and a Caddyfile inside it:

    cd ~
    mkdir caddy
    cd caddy
    touch compose.yaml Caddyfile
    mkdir data config

  • Caddy compose.yaml (in the caddy directory):

    services:
      caddy:
        image: caddy:2
        container_name: caddy
        restart: unless-stopped
        ports:
          - "80:80"
          - "443:443"
          - "443:443/udp"
        volumes:
          - ./Caddyfile:/etc/caddy/Caddyfile
          - ./data:/data
          - ./config:/config
        networks:
          - proxy
    networks:
      proxy:
        external: true

  • Caddyfile (in the caddy directory):

    dawarich.yourdomain.com {
        reverse_proxy dawarich_app:3000 # Name of the Dawarich app container and its internal port
        header_up X-Real-IP {remote_host}
        header_up X-Forwarded-For {remote_host}
        header_up X-Forwarded-Proto {scheme}
        # Optional: Compression etc.
        # encode zstd gzip
    }

    Caddy automatically handles HTTPS certificates via Let’s Encrypt.
• Starting the Services:
  1. Start Caddy (in the caddy directory): sudo docker compose up -d.
  2. Start Dawarich (in the dawarich directory): sudo docker compose up -d.
• Troubleshooting:
  • If access via the domain doesn’t work immediately, check the Caddy logs (cd ~/caddy && sudo docker compose logs -f).
  • Ensure that the DNS records have propagated correctly.
  • Clear your local DNS cache (e.g., on Windows with ipconfig /flushdns).
  • Test in a private browser window to rule out caching issues.
  • Verify that the containers are in the same Docker network (proxy) and can reach each other.

5. Core Functionalities and Operation

• Data Import:
  • Immich Integration: Metadata from photos in Immich can be used to extract location data.
  • Google: Import data from Google Takeout.
• Map View and Trip Management: Visualize imported data.
• User Management: Add more users.
• Data Backup and Export:
  • Database Dump:

    cd ~/dawarich # Navigate to the Dawarich directory
    mkdir db_backup
    sudo docker compose exec dawarich_db pg_dumpall --clean --if-exists --username=postgres | gzip > ./db_backup/backup_dump_$(date +%Y%m%d).sql.gz

  • File System Backup: Regularly back up the entire dawarich directory structure (including compose.yaml, the bind-mount folders public, storage, watched, and the db_backup folder). Tools like Duplicati can be used for this.

6. Conclusion and Outlook

Dawarich provides a technically mature and flexible solution for the self-hosted management of location data. The installation using Docker and Docker Compose, although detailed, allows for a controlled and reproducible deployment. Configuring a reverse proxy like Caddy ensures secure and user-friendly access via a custom domain with HTTPS.

The ability to maintain sovereignty over one’s own, very personal movement data is invaluable in today’s world. Dawarich offers the tools to exercise this control effectively. Careful configuration of persistence mechanisms (bind mounts) and a well-thought-out backup strategy are essential for long-term reliable operation. For privacy-conscious users looking for an alternative to commercial location services, Dawarich is a clear recommendation. The investment in learning and configuration is rewarded with the highest level of privacy and data control.