Most installations fall into one of these buckets:
No matter which shape you choose, these are the core runtime inputs:
| Flag / Env | Purpose |
|---|---|
--bind / PROXY_BIND |
listen address |
--port / PROXY_PORT |
listen port |
--db-path / PROXY_DB_PATH |
SQLite database path |
--static-dir / WEB_STATIC_DIR |
frontend static assets directory |
--upstream / TAVILY_UPSTREAM |
Tavily MCP upstream |
TAVILY_USAGE_BASE |
Tavily HTTP / usage upstream base URL |
You also need one admin access strategy:
DEV_OPEN_ADMIN=true for local or disposable validation onlyThe repository root ships a stock
docker-compose.yml:
That file already:
0.0.0.0:8787tavily-hikari-data volume/srv/app/data/tavily_proxy.dbghcr.io/ivanli-cn/tavily-hikari:latestIt does not provide an admin gateway on its own, so add one of these before real admin work:
DEV_OPEN_ADMIN=trueexamples/forwardauth-caddyFor production-style gateway wiring, the repository already includes:
Start it directly:
That example launches:
auth-mock as a ForwardAuth simulatorupstream-mock as a Tavily upstream simulatorDefault behavior:
GET /health is publicRemote-Email and Remote-Name to HikariRemote-Email=admin@example.com as adminUse it when you want to validate the gateway, identity-header, and Hikari chain before replacing the mocks with your real auth system and real Tavily upstream.
If you do not have a separate ForwardAuth gateway, enable the built-in admin login instead.
Recommended setup:
Key points:
ADMIN_AUTH_BUILTIN_PASSWORD_HASH over plaintext passwordsSecure/health returns 200/admin or /api/keys/api/tavily/search or /mcp call succeedsThe long-lived data is not just one main DB file:
/srv/app/data/tavily_proxy.db/srv/app/data/tavily_proxy-observability.dbUpgrade notes:
tavily_proxy.db when preparing offline validation or rollback input; treat
the core DB plus the observability sidecar as one complete database setscripts/export-live-db-snapshot-to-testbox.sh when you need a read-only validation copy.
It runs SQLite .backup per file, records SHA-256 sums, and verifies PRAGMA integrity_checkIf you see database is locked, long-running quota_sync rows, oversized ha_outbox backlog, or
unexpected SQLite file growth, keep the recovery flow consistent:
/health returns 200scheduled_jobs has no fresh long-running quota_sync* running rowsdatabase is locked is no longer continuously spiking in logsrequest_logs_gc_once first for request-log backlogha_outbox_cleanup_once or scripts/ha-outbox-maintenance.sh for HA outbox backlogdb_compaction_once only when reclaimable_bytes >= 512MB or you are explicitly in a
maintenance windowThe operator CLIs inside the image are:
For large offline validation or cleanup rehearsal, export a full read-only snapshot set from 101 before copying it to the shared testbox:
Notes:
request_logs_gc_once performs bounded request-log/body cleanupha_trigger_repair_once explicitly removes upgraded-database leftovers such as stale
trg_ha_outbox_* triggers before backlog cleanup startsha_outbox_cleanup_once performs bounded historical HA outbox cleanup; it can also
--repair-triggers, and its report separates invalid-legacy deletions from ordinary retention
deletions. The online ha_outbox_gc scheduler is intentionally lighter and handles freshness
cleanup onlyscripts/ha-outbox-maintenance.sh is the operator wrapper that keeps the order as “repair +
cleanup first, compaction only if needed”db_compaction_once shrinks SQLite files and honors the reclaimable-space threshold by defaultdb_compaction_once --force is only for an explicit maintenance windowtavily_proxy.db plus
tavily_proxy-observability.db, not the main DB aloneTavily Hikari can strip or rewrite sensitive headers before proxying upstream traffic.
The important behaviors are:
Forwarded, X-Forwarded-*, Via, CF-*, and similar chain-revealing headersOrigin and Referer when neededforwarded_headers and dropped_headers in SQLite for debuggingFor the deeper design notes, see:
Typical exposed surfaces are:
/admin for operators/api/tavily/* for downstream HTTP clients/mcp for proxied MCP trafficThe main release artifact is a container image published to:
ghcr.io/ivanli-cn/tavily-hikari:<tag>
That image includes the compiled frontend bundle. The public docs-site and Storybook are published separately through GitHub Pages.
If the deployment gets stuck on admin access, SQLite persistence, or upstream 502 problems,
continue with FAQ & Troubleshooting.