What it takes to run Toucan


Toucan Toco is a web application built “cloud first” : our Docker images are very easy to use self-hosted as long as you are used to running web services.

Toucan Toco Docker images are used in our own cloud deployments hundreds of times a day. That being said, we know that not every organisation we work with is used to web services technologies and Docker, this is why we provide our partners and technical points of contact with a Toucan Toco installer certification. This certification is delivered after a day of training (2x4h) where trainees get to install Toucan Toco several times with different settings for various use cases.

Please contact your Toucan Toco sales representative to organise this training. If you do not have resources to spare for this, we will put you in contact with our certified partners. We also provide a self assessment form to determine your level of familiarity with the Toucan Toco stack and deployment environment.

Hardware Requirements

You can distinguish the requirements for the backend part (cf. the Toucan Toco Docker image) and the data part (cf. the Mongo service) and their sizing should be directly related to your usage:

  • CPU: depends on the maximum number of users connected at the same time, the complexity of the preprocessing scripts, whether or not all services are hosted on the same server…
  • Memory: depends on the size of all data that will be stored directly in Toucan Toco with each data update (our recommendation is three times this amount to allow indexing and preprocessing scripts to pivot and compute extra data)
  • Storage: a typical installation uses around 3GB, but additional space for the database, data sources files and assets should be planned

For single projects where all services are hosted on the same server, our recommendation and typical configuration are:

  • CPU: Intel® Xeon® E3 1245 v5 (4C/8T @3.5 Ghz)
  • Memory: 32 GB DDR4 ECC
  • Storage: 250 GB SSD

Of course our support team could help you estimate the right sizing according to your data and future usage.

Please note the hardware requirements needed by the frontend part are insignificant since it is only a few static HTML CSS and JS files.

Software Requirements

You will only need to install Docker, that’s all.

Please refer to the official documentation to know how to install and exploit Docker in your environment.

Access Requirements

All the Toucan Toco Docker images are hosted on the official registry, we don’t use any other registry.

To be able to retrieve and pull the Toucan Toco Docker images, you will need to have access to this registry.

We will hence need your ID to grant you the privileges to do it.

Moreover please give us an email address we could use to inform you about latest releases or security issues.



It is common for Toucan Toco apps to be based on flat files, uploaded using our built-in “Data Source” interface.

To be able to persist these files from one deployment to the next, you need to share data between the container and its host by mounting a volume at the /app/storage location in the backend container. It’s the user with UID 1000 and GID 1000 who writes data in /app/storage, so please adapt the permissions of the mounted volume accordingly.

Please also note, if you use the Mongo Docker image as your DB backend, you will also need to mount a volume to persist the data… and it’s mandatory! The volume should be mounted as /data/db and should be writeable by the user with UID 999. More details are available on the official Mongo Docker image page.


To be able to reach the Toucan Toco backend and frontend, you will need to have 2 DNS that resolve the nodes where you will install the stack.

For example:

  • -> resolves to the frontend server
  • -> resolves to the backend server

Even if the frontend and the backend are hosted on the same node, we strongly recommend to use virtual hosting to expose each part at a specific URL.


Toucan Toco sends emails, for example to set up the accounts for new users or to reset access.

You will need:

  • either access to a SMTP service
  • or a Sendgrid account


The following requirements are not necessary to run the Toucan Toco stack.

However, they could be mandatory to enable specific features or are highly recommended for security reasons.

Over SSL

Please note that the Toucan Toco Docker images expose an HTTP service, which is not over SSL: incoming HTTP traffic should not be encrypted.

Even if it’s not mandatory we strongly recommend setting an SSL reverse proxy ahead of the Toucan Toco containers to encrypt all incoming HTTP requests.

Here’s an idea of an implementation you can use:

Toucan Toco Stack with SSL Reverse Proxy

Toucan Toco Stack with SSL Reverse Proxy

Thus you can only expose the HTTP port of the container to the reverse proxy according to your rules and your security policies.

The FAQ provides an example implementation using Caddy as the TLS termination proxy.

Features with Screenshots

Features depending on screenshots (like the Annotate and Share) are based on another service provided by a dedicated container called screenshot.

The image is also available on the Registry:

This container only needs to expose its HTTP API (listening on port 3000) to the Toucan Toco backend container:

Toucan Toco - Docker Compose

Toucan Toco - Docker Compose


This feature relies on a headless browser that will go to the app’s url, hence it requires that the stack’s domain names are fully configured and resolvable from within the screenshot container.