⚠️ CRITICAL WARNING: UNMAINTAINED PROJECT
Cherokee is no longer actively developed. The last official release was in December 2013 (v1.2.103).
- No official Docker image exists
- Community-maintained image:
ghcr.io/managedkaos/cherokee:main- Known issues: OpenSSL 3 incompatibility, Python 2.7 dependency
For new deployments, use modern alternatives: Nginx, Caddy, or Apache.
This guide uses the community-maintained Docker image to run Cherokee. This is the recommended installation method for modern systems, as it avoids build issues related to OpenSSL 3 incompatibility and Python 2.7 EOL.
ghcr.io/managedkaos/cherokee:mainFor Docker installation, see Docker.
Create a directory to store your configuration and compose files.
mkdir -p /opt/cherokee
cd /opt/cherokee
Define a container for Cherokee using the community image.
# docker-compose.yml
services:
cherokee:
image: ghcr.io/managedkaos/cherokee:main
container_name: cherokee
ports:
- "80:80" # HTTP
- "443:443" # HTTPS
- "9090:9090" # Admin UI (restrict access!)
volumes:
- ./config:/etc/cherokee # Configuration
- ./www:/var/www # Web content
- ./logs:/var/log/cherokee # Logs
restart: unless-stopped
networks:
- cherokee-net
networks:
cherokee-net:
driver: bridge
⚠️ Security Note: The admin UI (port 9090) should NOT be exposed to public networks. Use firewall rules or bind to localhost only:
ports: - "127.0.0.1:9090:9090" # Localhost only
Create a minimal configuration directory:
mkdir -p config www logs
Start the container in the background.
docker compose up -d
Verify the container is running:
docker compose ps
http://SERVER_IP or http://localhosthttp://SERVER_IP:9090 or http://localhost:9090⚠️ Important: Restrict admin UI access immediately after first login.
# If running locally, access via browser:
# http://localhost:9090
# Default credentials are shown in container logs:
docker compose logs cherokee | grep -i "password\|login"
| Path | Purpose |
|---|---|
/etc/cherokee/cherokee.conf |
Main configuration file |
/var/www |
Web content directory |
/var/log/cherokee |
Log files |
Edit the Docker Compose file to customize:
services:
cherokee:
image: ghcr.io/managedkaos/cherokee:main
environment:
- CHEROKEE_ADMIN_USER=admin # Custom admin user
- CHEROKEE_ADMIN_PASS=secret # Custom admin password
ports:
- "8080:80" # Custom HTTP port
- "8443:443" # Custom HTTPS port
volumes:
- ./config:/etc/cherokee
- /path/to/your/site:/var/www/html
docker compose logs -f cherokee
docker compose restart
docker compose down
docker compose pull
docker compose up -d
⚠️ Security Warning: Cherokee has known unresolved security vulnerabilities.
Restrict Admin UI Access
# Firewall rule (UFW)
sudo ufw deny 9090/tcp
sudo ufw allow from 10.0.0.0/8 to any port 9090 proto tcp
Use Reverse Proxy for TLS Termination
Network Isolation
Minimal Privileges
docker compose exec cherokee whoami)Regular Monitoring
See Cherokee Security and Cherokee Hardening for additional guidance.
| Issue | Solution |
|---|---|
| Container fails to start | Check logs: docker compose logs cherokee |
| Admin UI not accessible | Verify port 9090 is not blocked by firewall |
| Configuration not persisting | Ensure volume mounts are correct |
| TLS/SSL errors | Cherokee uses bundled SSL; consider reverse proxy |
Running containers in production? We help with:
Need help? office@linux-server-admin.com or Contact Us