Quickstart — Docker
Spin up the entire nine-stage Verdifax pipeline as a single container. No Go toolchain, no manual builds.
1. Pull and run
docker run -d --rm \
--name verdifax-api \
-p 9090:9090 \
-p 9091:9091 \
ghcr.io/verdifax/api:latest
- Port
9090exposes the REST API. - Port
9091exposes the compliance dashboard SPA. - The image is alpine-based and well under 20 MB.
2. Confirm it's alive
curl -s http://localhost:9090/health | python3 -m json.tool
Expected:
{
"ok": true,
"service": "verdifax-orchestrator-api",
"version": "1.0.0",
"time": "2026-04-30T03:35:04Z"
}
3. Run your first attestation
curl -s -X POST http://localhost:9090/execute \
-H "Content-Type: application/json" \
-d '{
"payload_text": "hello verdifax",
"program_id": "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
"route_id": "route-test",
"registry_record_hash": "bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb"
}' | python3 -m json.tool
The response includes the full sealed manifest plus run_id and
duration_ms.
4. Open the dashboard
open http://localhost:9091/
You'll see the run you just made, with the manifest hash, every stage's output, a "Verify" button that re-derives the seal, and a "Download audit report (PDF)" link.
docker-compose (recommended for local dev)
For the full stack with persistence:
git clone https://github.com/verdifax/verdifax-orchestrator
cd verdifax-orchestrator
docker compose up -d --build
The compose file maps both ports, mounts a named volume for the SQLite
run-history, and starts a small nginx sidecar that serves the
interactive nine-stage pipeline UI on port 8080.
Configuration
Every flag has an environment-variable equivalent (12-factor):
| Flag | Env var | Default |
|---|---|---|
--port | VERDIFAX_PORT | 9090 |
--dashboard-port | VERDIFAX_DASHBOARD_PORT | 9091 |
--db-path | VERDIFAX_DB_PATH | verdifax.db |
--log-level | VERDIFAX_LOG_LEVEL | info |
--cors-origins | VERDIFAX_CORS_ORIGINS | * |
--rate-limit | VERDIFAX_RATE_LIMIT | 100 (req/min/key) |