Self-Hosting Pounce — Pounce Docs

Production deployment guide for self-hosted Pounce instances. System requirements, install steps, SSL, backups, and security.

System Requirements

Component	Minimum	Recommended
Node.js	20.x LTS	20.x LTS
PostgreSQL	14+	16+
RAM	2 GB	4 GB
Disk	10 GB	20 GB+
CPU	1 core	2+ cores

Supported OS: Ubuntu 22.04+, Debian 12+, macOS 14+

Quick Start

1. Clone and Install

git clone https://github.com/your-org/pounce.git
cd pounce
npm install

2. Configure Environment

cp .env.example .env

Required environment variables:

Variable	Description	Example
`DATABASE_URL`	PostgreSQL connection string	`postgresql://user:pass@localhost:5432/pounce`
`SESSION_SECRET`	Random 32+ char string for session signing	`openssl rand -hex 32`
`ADMIN_EMAIL`	Your email for the owner account	`you@yourdomain.com`
`ADMIN_PASSWORD_HASH`	Bcrypt hash of your admin password	`bcrypt.hash('your-password', 12)`
`LLM_API_KEY`	API key for AI response generation	Your provider’s key
`LLM_PROVIDER`	AI provider (`ollama`, `openai`, `anthropic`)	`ollama`
`EMAIL_API_KEY`	Resend API key for sending emails	`re_xxxx`
`EMAIL_FROM`	Sender email address	`hello@yourdomain.com`
`APP_URL`	Your Pounce instance URL	`https://pounce.yourdomain.com`

3. Set Up the Database

# Create the database
createdb pounce

# Run migrations
npm run db:migrate

Or use Neon (free tier available) for managed PostgreSQL.

4. Build and Start

npm run build
npm start

Pounce starts on port 3000 by default. Visit http://localhost:3000 to begin setup.

Production Deployment

Systemd Service

Create /etc/systemd/system/pounce.service:

[Unit]
Description=Pounce Lead Response
After=network.target postgresql.service

[Service]
Type=simple
User=pounce
WorkingDirectory=/opt/pounce
ExecStart=/usr/bin/node /opt/pounce/dist/server.js
Restart=on-failure
RestartSec=10
Environment=NODE_ENV=production

# Security
NoNewPrivileges=yes
ProtectSystem=strict
ProtectHome=yes
ReadWritePaths=/opt/pounce/logs

[Install]
WantedBy=multi-user.target

sudo systemctl daemon-reload
sudo systemctl enable pounce
sudo systemctl start pounce

Nginx Reverse Proxy

server {
    listen 80;
    server_name pounce.yourdomain.com;
    return 301 https://$server_name$request_uri;
}

server {
    listen 443 ssl http2;
    server_name pounce.yourdomain.com;

    ssl_certificate /etc/letsencrypt/live/pounce.yourdomain.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/pounce.yourdomain.com/privkey.pem;

    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_prefer_server_ciphers off;
    add_header Strict-Transport-Security "max-age=63072000; includeSubDomains" always;

    location / {
        proxy_pass http://127.0.0.1:3000;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_cache_bypass $http_upgrade;
    }

    # Webhook endpoints need larger body size
    location /api/stripe/webhook {
        proxy_pass http://127.0.0.1:3000;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        client_max_body_size 10M;
    }
}

SSL with Let’s Encrypt

sudo apt install certbot python3-certbot-nginx
sudo certbot --nginx -d pounce.yourdomain.com
sudo certbot renew --dry-run  # Verify auto-renewal

First-Run Setup

Enter your license key (PC-XXXX-XXXX-XXXX)
Create your admin account (email + password)
Configure your first lead form (name, fields, redirect URL)
Set up email sending (Resend API key + domain verification)
Optionally connect a booking provider (Cal.com or Calendly)

Backup Strategy

Daily Database Backup

pg_dump pounce | gzip > /backups/pounce-$(date +%Y%m%d).sql.gz

Add to crontab:

0 2 * * * pg_dump pounce | gzip > /backups/pounce-$(date +\%Y\%m\%d).sql.gz

What to Back Up

Item	Location	Frequency
PostgreSQL database	`pg_dump`	Daily
Environment variables	`.env` file	On change
License key	Admin dashboard	On initial setup
Nginx config	`/etc/nginx/sites-available/`	On change

Restoring from Backup

gunzip < /backups/pounce-20260427.sql.gz | psql pounce
cp .env.backup .env
sudo systemctl restart pounce

Updating Pounce

cd /opt/pounce
git pull origin main
npm install
npm run build
sudo systemctl restart pounce

Some updates may require database migrations:

npm run db:migrate

Always read the changelog before updating.

Security Checklist

Change default admin password after first login
Set a strong SESSION_SECRET (32+ random characters)
Enable HTTPS (Let’s Encrypt or your own certificate)
Set NODE_ENV=production
Restrict database access to localhost only
Configure firewall: only allow ports 22, 80, 443
Set up automatic security updates: sudo apt install unattended-upgrades
Store .env with chmod 600 permissions
Never commit .env to version control (it’s in .gitignore)
Regularly update Node.js and npm dependencies