Modern data exploration and visualization platform — build charts, dashboards, and SQL-driven analytics on top of your databases.
| Port | 8088 |
| Registry | ghcr.io/daemonless/superset |
| Source | https://github.com/apache/superset |
| Website | https://superset.apache.org/ |
| Tag | Description | Best For |
|---|---|---|
latest |
Upstream Binary. Built from official release. | Most users. Matches Linux Docker behavior. |
Before deploying, ensure your host environment is ready. See the Quick Start Guide for host setup instructions.
services:
superset:
image: "ghcr.io/daemonless/superset:latest"
container_name: superset
environment:
- PUID=1000 # User ID for the application process
- PGID=1000 # Group ID for the application process
- TZ=UTC # Timezone for the container
- SUPERSET_SECRET_KEY=<SUPERSET_SECRET_KEY> # Flask SECRET_KEY; auto-generated and persisted to /config/.secret_key when unset
- SUPERSET_ADMIN_USERNAME= # Admin username to ensure on startup (default: admin)
- SUPERSET_ADMIN_PASSWORD=<SUPERSET_ADMIN_PASSWORD> # When set, creates/ensures the admin user on startup
- SUPERSET_ADMIN_EMAIL= # Admin email (default: admin@example.com)
- SUPERSET_WORKERS= # Gunicorn worker count (default: 2)
- DATABASE_URL= # Metadata database URI (default: sqlite:////config/superset.db)
- REDIS_URL= # Optional Redis URL for caching
volumes:
- "/path/to/containers/superset:/config"
ports:
- "8088:8088"
healthcheck:
test: ["CMD", "{'port': 8088, 'path': '/health'}"]
restart: unless-stopped.env:
# .env
DIRECTOR_PROJECT=superset
PUID=1000
PGID=1000
TZ=UTC
SUPERSET_SECRET_KEY=<SUPERSET_SECRET_KEY>
SUPERSET_ADMIN_USERNAME=
SUPERSET_ADMIN_PASSWORD=<SUPERSET_ADMIN_PASSWORD>
SUPERSET_ADMIN_EMAIL=
SUPERSET_WORKERS=
DATABASE_URL=
REDIS_URL=
appjail-director.yml:
# appjail-director.yml
options:
- virtualnet: ':<random> default'
- nat:
services:
superset:
name: superset
options:
- container: 'boot args:--pull'
- expose: '8088:8088 proto:tcp' \
oci:
user: root
environment:
- PUID: !ENV '${PUID}'
- PGID: !ENV '${PGID}'
- TZ: !ENV '${TZ}'
- SUPERSET_SECRET_KEY: !ENV '${SUPERSET_SECRET_KEY}'
- SUPERSET_ADMIN_USERNAME: !ENV '${SUPERSET_ADMIN_USERNAME}'
- SUPERSET_ADMIN_PASSWORD: !ENV '${SUPERSET_ADMIN_PASSWORD}'
- SUPERSET_ADMIN_EMAIL: !ENV '${SUPERSET_ADMIN_EMAIL}'
- SUPERSET_WORKERS: !ENV '${SUPERSET_WORKERS}'
- DATABASE_URL: !ENV '${DATABASE_URL}'
- REDIS_URL: !ENV '${REDIS_URL}'
volumes:
- superset: /config
volumes:
superset:
device: '/path/to/containers/superset'Makejail:
# Makejail
ARG tag=latest
OPTION overwrite=force
OPTION from=ghcr.io/daemonless/superset:${tag}
Note: Exposing ports in AppJail means that your service can be reached from remote hosts. If that is not your intention, do not expose the ports and communicate with the service using the IPv4 address assigned by the virtual network.
podman run -d --name superset \
-p 8088:8088 \
--health-cmd {'port': 8088, 'path': '/health'} \
-e PUID=1000 \
-e PGID=1000 \
-e TZ=UTC \
-e SUPERSET_SECRET_KEY=<SUPERSET_SECRET_KEY> \
-e SUPERSET_ADMIN_USERNAME= \
-e SUPERSET_ADMIN_PASSWORD=<SUPERSET_ADMIN_PASSWORD> \
-e SUPERSET_ADMIN_EMAIL= \
-e SUPERSET_WORKERS= \
-e DATABASE_URL= \
-e REDIS_URL= \
-v /path/to/containers/superset:/config \
ghcr.io/daemonless/superset:latestappjail oci run -Pd \
-o overwrite=force \
-o container="args:--pull" \
-o virtualnet=":<random> default" \
-o nat \
-o expose="8088:8088 proto:tcp" \
-e PUID=1000 \
-e PGID=1000 \
-e TZ=UTC \
-e SUPERSET_SECRET_KEY=<SUPERSET_SECRET_KEY> \
-e SUPERSET_ADMIN_USERNAME= \
-e SUPERSET_ADMIN_PASSWORD=<SUPERSET_ADMIN_PASSWORD> \
-e SUPERSET_ADMIN_EMAIL= \
-e SUPERSET_WORKERS= \
-e DATABASE_URL= \
-e REDIS_URL= \
-o fstab="/path/to/containers/superset /config <pseudofs>" \
ghcr.io/daemonless/superset:latest supersetNote: Exposing ports in AppJail means that your service can be reached from remote hosts. If that is not your intention, do not expose the ports and communicate with the service using the IPv4 address assigned by the virtual network.
- name: Deploy superset
containers.podman.podman_container:
name: superset
image: "ghcr.io/daemonless/superset:latest"
state: started
restart_policy: always
env:
PUID: "1000"
PGID: "1000"
TZ: "UTC"
SUPERSET_SECRET_KEY: "<SUPERSET_SECRET_KEY>"
SUPERSET_ADMIN_USERNAME: ""
SUPERSET_ADMIN_PASSWORD: "<SUPERSET_ADMIN_PASSWORD>"
SUPERSET_ADMIN_EMAIL: ""
SUPERSET_WORKERS: ""
DATABASE_URL: ""
REDIS_URL: ""
ports:
- "8088:8088"
volumes:
- "/path/to/containers/superset:/config"Access at: http://localhost:8088
| Variable | Default | Description |
|---|---|---|
PUID |
1000 |
User ID for the application process |
PGID |
1000 |
Group ID for the application process |
TZ |
UTC |
Timezone for the container |
SUPERSET_SECRET_KEY |
<SUPERSET_SECRET_KEY> |
Flask SECRET_KEY; auto-generated and persisted to /config/.secret_key when unset |
SUPERSET_ADMIN_USERNAME |
`` | Admin username to ensure on startup (default: admin) |
SUPERSET_ADMIN_PASSWORD |
<SUPERSET_ADMIN_PASSWORD> |
When set, creates/ensures the admin user on startup |
SUPERSET_ADMIN_EMAIL |
`` | Admin email (default: admin@example.com) |
SUPERSET_WORKERS |
`` | Gunicorn worker count (default: 2) |
DATABASE_URL |
`` | Metadata database URI (default: sqlite:////config/superset.db) |
REDIS_URL |
`` | Optional Redis URL for caching |
| Path | Description |
|---|---|
/config |
Superset home: metadata DB, secret key, uploads |
| Port | Protocol | Description |
|---|---|---|
8088 |
TCP | Web UI |
Set REDIS_URL to enable Redis-backed caching, e.g. with
daemonless/redis on the same host
(network_mode: host — inter-container DNS is not available on
FreeBSD podman):
services:
superset:
image: ghcr.io/daemonless/superset:latest
container_name: superset
restart: unless-stopped
network_mode: host
environment:
- PUID=1000
- PGID=1000
- TZ=UTC
- REDIS_URL=redis://localhost:6379/0
volumes:
- /containers/superset:/config
depends_on:
- redis
redis:
image: ghcr.io/daemonless/redis:latest
container_name: superset_redis
restart: unless-stopped
network_mode: host
environment:
- PUID=1000
- PGID=1000
- TZ=UTC
volumes:
- /containers/superset-redis:/configUploads require a database connection with Allow file uploads to
database enabled (edit the database → Advanced → Security). To use a
local SQLite playground database as the upload target, start the
container with SUPERSET_ALLOW_SQLITE=true.
Architectures: amd64
User: bsd (UID/GID via PUID/PGID, defaults to 1000:1000)
Base: FreeBSD 15.1
Need help? Join our Discord community.