Running with Docker

1. Install Docker and Docker Compose

Follow these instructions:

2. Clone Freki’s latest version

$ git clone

3. Edit the .env configuration file

$ cd freki
$ vi .env
# Instance secret key

# VT master key, used in case the user did not provide his key

# MySQL password for the Freki and root users
  • FREKI_SECRET_KEY: The secret key is needed to keep the client-side sessions secure. You can use Python to generate a random key:

import os
  • VT_MASTER_KEY: When a file is submitted, Freki first tries to use the user’s key. However, users may not have a VirusTotal (VT) API key. In this case, Freki tries to query VT with the administrator’s key. You can leave this field blank, but you will depend exclusively on the goodwill of users.

NOTE: By default, Freki queries VT for non-analyzed samples every 5 minutes.

  • DB_PASSWORD: The MySQL password for the freki user.

  • DB_ROOT_PASSWORD: The MySQL root password.

You are encouraged to check the docker-compose.yml file for additional tweaks.

4. Enable HTTPS

At this point, you should be able to start Freki. However, a good practice (especially if you are going to make your instance public) is to enable HTTPS.

You must move your certificate and private key to a nginx/certs folder so that Docker Compose can mount it inside the container at /etc/nginx/certs.

After that, you need to edit the nginx/freki.conf to something like this:

server {
    listen 80;

    return 301 https://$host$request_uri;

server {
    listen 443 ssl;
    ssl_certificate /etc/nginx/certs/fullchain.pem;
    ssl_certificate_key /etc/nginx/certs/privkey.pem;

    location / {
        proxy_pass http://freki:8000;

        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;

5. Run Freki!

$ make build


$ docker-compose up -d