Umami should be configured for website analytics role controls and event processing integrity. With Umami v3 (released December 2024), note that PostgreSQL is now the only supported database - MySQL support has been removed.
# Application Settings
UMAMI_URL=https://analytics.yourdomain.com
UMAMI_APP_SECRET=generate_a_strong_random_secret_here
# Database Configuration (PostgreSQL only in v3)
UMAMI_DB_TYPE=postgresql
UMAMI_DB_HOST=your-postgres-host
UMAMI_DB_PORT=5432
UMAMI_DB_USER=umami
UMAMI_DB_NAME=umami
UMAMI_DB_PASSWORD=replace_with_strong_password
# Optional Settings
UMAMI_HASH_SALT=generate_another_random_salt
UMAMI_PLUGINS_ENABLED=true
# Data Retention Settings
UMAMI_RESET_TIMEZONE=UTC
UMAMI_RESET_HOUR=0
# Tracker Settings
UMAMI_TRACKER_SCRIPT_NAME=umami
UMAMI_IGNORE_IP=localhost,127.0.0.1
UMAMI_IGNORE_COLUMNS=referrer
UMAMI_DISABLE_COOKIE=true
# Performance Settings
UMAMI_PAGE_SIZE=50
UMAMI_MAX_DURATION=0
UMAMI_AGGREGATE_ADJUSTMENT=1
# Security Settings
UMAMI_CSP_NONE=false
UMAMI_ALLOW_FRAMING=false
UMAMI_ALLOW_METRICS=false
⚠️ Critical Change in Umami v3: PostgreSQL is now the only supported database. MySQL support has been completely removed.
-- Connect to PostgreSQL as superuser
CREATE USER umami WITH PASSWORD 'secure_password';
CREATE DATABASE umami OWNER umami;
GRANT ALL PRIVILEGES ON DATABASE umami TO umami;
-- For enhanced security, consider connection limits
ALTER USER umami CONNECTION LIMIT 10;
APP_SECRET with sufficient entropyUMAMI_DISABLE_COOKIE=true)UMAMI_IGNORE_IP)# PostgreSQL backup example
pg_dump -h localhost -U umami -d umami > umami_backup_$(date +%F).sql
# For automated backups, consider cron jobs
# 0 2 * * * pg_dump -h localhost -U umami -d umami > /backups/umami_$(date +\%F).sql
Back up metadata database(s), event storage, and configuration/secrets metadata. Store configurations in version control for audit trails.
Validate restore procedures with:
Instead of environment variables, consider using Docker secrets for sensitive information:
version: '3.8'
services:
app:
image: ghcr.io/umami/umami:postgresql-v3.0.3
restart: unless-stopped
environment:
- UMAMI_DB_TYPE=postgresql
- UMAMI_DB_HOST=db
- UMAMI_DB_NAME=umami
- UMAMI_DB_USER=umami
secrets:
- db_password
- app_secret
configs:
- source: umami_env
target: /app/.env
secrets:
db_password:
file: ./secrets/db_password.txt
app_secret:
file: ./secrets/app_secret.txt
configs:
umami_env:
file: ./config/umami.env
Consider using configuration templates for different environments (dev, staging, prod) with tools like Ansible, Helm, or Docker Compose with environment-specific overrides.
Any questions?
Feel free to contact us. Find all contact information on our contact page.