Self-Hosting Broch
Broch runs entirely on your infrastructure — your data, your users, and your network traffic never leave your environment. This guide walks you through the decisions and steps required to deploy it.
All deployment files (Docker Compose variants and Terraform modules) live in broch-io/broch-deploy. This documentation site covers the decisions and prerequisites that apply across every platform; each platform’s installation guide links into the matching directory in broch-deploy for the files you’ll actually run.
Pricing & free trial
Section titled “Pricing & free trial”Broch is $10 per developer seat / month, with a 15-day free trial — a card upfront, not charged. There’s no license key to obtain ahead of time: deploy the server, sign in through your identity provider, and buy seats or start the trial right in the app at first-run setup. See Licensing to plan seats and pricing before you start.
Before You Begin
Section titled “Before You Begin”Self-hosting requires working through several decisions before installation. Work through each topic in order:
| Step | Topic | Notes |
|---|---|---|
| 1 | Choose your platform | Determines which options are available to you |
| 2 | Database | Embedded or external PostgreSQL |
| 3 | Wildcard domain & DNS | Required by all deployments |
| 4 | TLS certificates | Approach varies by platform |
| 5 | Ingress & reverse proxy | Understand your ingress before deploying |
| 6 | Identity provider | Configure SSO before installation — it’s a boot input |
| 7 | Install | Platform-specific guide (links below) |
| 8 | First-run setup | Sign in, then buy or start your 15-day free trial and activate — all in the app |
Your install method handles the BROCH_MASTER_KEY (Broch’s at-rest encryption root) for you: the Terraform modules and the DigitalOcean cloud-init generate it automatically, while the Docker Compose .env.example prompts you to generate one with openssl rand -base64 48. Either way it stays in your environment — Broch never sees it. See At-Rest Encryption.
Installation Guides
Section titled “Installation Guides”Once you have completed the planning steps above:
- Docker Compose — Any Linux host, on-premises or cloud VM. Four variants for different DB + TLS combinations.
- DigitalOcean — Droplet via Terraform. Single VM, no managed services.
- AWS — ECS Fargate + ALB + RDS via Terraform.
- Azure — Container Apps + Postgres Flexible Server via Terraform.
Once the server is running, First-Run Setup walks through signing in and activating your license in the app.
Questions?
Section titled “Questions?”Contact Broch at [email protected].