2026-06-05 23:46:10 -06:00
2026-06-05 23:46:10 -06:00
2026-06-05 23:46:10 -06:00
2026-06-05 23:46:10 -06:00
2026-06-05 23:46:10 -06:00
2026-06-06 03:33:53 -06:00
2026-06-05 23:46:10 -06:00
2026-06-06 03:46:12 -06:00
2026-06-05 23:46:10 -06:00
2026-06-05 23:46:10 -06:00
2026-06-05 23:46:10 -06:00
2026-06-05 23:46:10 -06:00
2026-06-06 03:33:53 -06:00
2026-06-05 23:46:10 -06:00
2026-06-05 23:46:10 -06:00

FormBuilder

Self-hosted form builder for one workspace with Authentik OIDC sign-in, Prisma/Postgres storage, per-form response ACLs, public form links, webhooks, uploads, and an MCP endpoint.

Portainer Deployment

This repo is ready to deploy as a Portainer stack with docker-compose.yml.

  1. Create a new git repo and push this directory.
  2. In Portainer, create a stack from the git repository.
  3. Copy .env.example to .env in the stack environment and fill the values below.
  4. Deploy the stack.

The app container runs prisma migrate deploy before starting the Next.js standalone server.

Required .env

APP_PORT=3000
POSTGRES_PASSWORD=replace-with-a-strong-password

AUTH_SECRET=replace-with-openssl-rand-base64-32
AUTH_URL=https://forms.example.com

OIDC_ISSUER=https://authentik.example.com/application/o/formbuilder/
OIDC_CLIENT_ID=replace-with-authentik-client-id
OIDC_CLIENT_SECRET=replace-with-authentik-client-secret
OIDC_PROVIDER_NAME=Authentik

AUTH_BOOTSTRAP_ADMINS=you@example.com

Optional values are documented in .env.example for Redis rate limiting, email, file storage, hCaptcha, and webhook worker auth.

Authentik Setup

Create an OAuth2/OpenID provider in Authentik:

  • Provider type: OAuth2/OpenID
  • Client type: Confidential
  • Redirect URI: ${AUTH_URL}/api/auth/callback/oidc
  • Scopes: openid, profile, email
  • Issuer mode: use the provider's OpenID Configuration Issuer URL

Then create an Authentik application and bind it to that provider. Put the issuer, client ID, and client secret in .env.

The first successful signer becomes an admin. Any emails listed in AUTH_BOOTSTRAP_ADMINS are also promoted on first sign-in.

Persistent Data

The compose stack creates two named volumes:

  • postgres_data: bundled Postgres database
  • uploads: local uploaded files mounted at /app/uploads

For multi-instance deployments, set RATE_LIMIT_DRIVER=redis and provide REDIS_URL. For durable object storage outside the app container, configure the S3 values in .env.example.

Useful Commands

npm ci
npm test
npm run build
docker compose up --build

MCP Endpoint

The MCP endpoint is available at:

POST /api/mcp

Create a token in /app/account, then send requests with:

Authorization: Bearer fb_xxxxxxxxxxxxxxxx

Stack

Next.js 15 App Router, React 19, Auth.js v5, Authentik OIDC, Prisma, Postgres, Tailwind, and Docker Compose.

S
Description
No description provided
Readme 314 KiB
Languages
TypeScript 95.9%
CSS 3.6%
Dockerfile 0.5%