Ditch Google Analytics: Self-hosting Plausible Analytics
Privacy-friendly tracking in your own cloud – with reverse proxy, auto-updates, and clean architecture
Say goodbye to Google Analytics, and hello to self-hosted Plausible.
If you care about privacy, owning your analytics stack is the logical next step. In this article, I’ll show you how to host Plausible Analytics in your own infrastructure – complete with reverse proxy, auto-updates, SMTP, and GeoIP support.
Why Plausible?
Plausible is a lightweight, EU-based alternative to Google Analytics. Fully open source and privacy-first – no cookies, no personal data, no consent banners required.
Key Features:
- Clean interface, focused on what matters
- Real-time data
- Multi-domain tracking
- Self-hostable
- Open source
- API for dashboards and automation
- Extremely lightweight: < 1 KB tracking script
- Integration of external search engine services
Available metrics:
- Pageviews & unique visitors in real-time
- Time on site & bounce rate
- Traffic sources (e.g. direct, social, referral, search)
- Top pages & landing pages
- Countries, devices & browsers
- UTM parameter tracking
- Event tracking for buttons, forms, downloads, etc.
Why not Google Analytics and similar tools?
A key reason for moving away from Google Analytics is data protection – both for us as operators and in the interest of our visitors. Services like Google Analytics transmit personal data to third countries (e.g. the US), which is problematic under the GDPR. Even with so-called "Standard Contractual Clauses," the legal situation remains uncertain. On top of that, many users feel increasingly uncomfortable being extensively tracked online – often without properly informed consent.
With Plausible Analytics, we intentionally chose a privacy-first analytics tool that operates completely without cookies or personal data and can be fully self-hosted. This gives us full control over our data – and our visitors keep their privacy.
In short, this means:
- No data transfers to third countries
- No personal data or cookies
- No need for a consent management platform
- No tracking of people who don’t want to be tracked
- GDPR, PECR & CCPA compliance without cookie banners
- Transparency and trust for our visitors
- No drop-off from users rejecting cookies
Architecture & Setup Overview
This is how we run Plausible:
- Containerized using Docker Compose
- Reverse proxy via Traefik (alternatively: Nginx)
- Auto-updates with Watchtower
- Data storage using PostgreSQL & ClickHouse
- Monitoring & logging with Grafana/Loki (optional)
Step-by-step Setup
Prerequisites
- A server or VPS with:
- Docker and Docker Compose
- A public domain, e.g.,
analytics.your-domain.com - (Optional) Logging stack like Grafana + Loki
- SMTP credentials (e.g., from mailbox.org, Netcup, etc.)
- MaxMind account for GeoIP integration
Set up the project structure
SSH into your server and run:
mkdir plausible && cd plausible
touch docker-compose.yml plausible.env
Create the Plausible configuration
Create the .env file (plausible.env)
Inside your plausible/ folder, create the file plausible.env:
# Basisadresse
BASE_URL=https://analytics.deine-domain.de
# Datenbank-Zugänge
SECRET_KEY_BASE=zufällig-generierter-key
DATABASE_URL=postgres://postgres:sicherespasswort@postgres:5432/plausible_db
CLICKHOUSE_DATABASE_URL=http://clickhouse:8123/plausible
# Mailversand via SMTP
MAILER_EMAIL=analytics@deine-domain.de
SMTP_HOST=smtp.deinprovider.de
SMTP_PORT=587
SMTP_USER=analytics@deine-domain.de
SMTP_PASSWORD=deinpasswort
SMTP_TLS_ENABLED=true
SMTP_AUTH_METHOD=plain
# Registrierung deaktivieren
DISABLE_REGISTRATION=true
# MaxMind GeoIP
GEOLITE2_COUNTRY_DB=/geo/GeoLite2-Country.mmdb
MAXMIND_LICENSE_KEY=dein-maxmind-license-key
Docker Compose setup (docker-compose.yml)
Create or edit the docker-compose.yml file with the following content:
version: "3.3"
services:
plausible:
image: plausible/analytics:latest
restart: always
depends_on:
- postgres
- clickhouse
env_file:
- plausible.env
volumes:
- ./geo:/geo
labels:
- "traefik.enable=true"
- "traefik.http.routers.plausible.rule=Host(`analytics.deine-domain.de`)"
- "traefik.http.routers.plausible.entrypoints=websecure"
- "traefik.http.routers.plausible.tls.certresolver=letsencrypt"
networks:
- plausible
postgres:
image: postgres:15
restart: always
environment:
POSTGRES_PASSWORD=sicherespasswort
POSTGRES_DB=plausible_db
volumes:
- plausible-db:/var/lib/postgresql/data
networks:
- plausible
clickhouse:
image: clickhouse/clickhouse-server:23
restart: always
volumes:
- plausible-ch:/var/lib/clickhouse
networks:
- plausible
watchtower:
image: containrrr/watchtower
volumes:
- /var/run/docker.sock:/var/run/docker.sock
command: --cleanup
restart: always
networks:
plausible:
volumes:
plausible-db:
plausible-ch:
Optional: Traefik reverse proxy
You are already running a reverse proxy? Fine! Use it here as well. Keep it simple, with more complexity comes more insecurity!
If you’re not already running a reverse proxy, here’s a minimal setup with traefik:
services:
traefik:
image: traefik:v2.10
restart: always
command:
- "--entrypoints.websecure.address=:443"
- "--providers.docker=true"
- "--certificatesresolvers.letsencrypt.acme.tlschallenge=true"
- "--certificatesresolvers.letsencrypt.acme.email=dein@email.de"
- "--certificatesresolvers.letsencrypt.acme.storage=/letsencrypt/acme.json"
ports:
- "80:80"
- "443:443"
volumes:
- "/var/run/docker.sock:/var/run/docker.sock:ro"
- "./letsencrypt:/letsencrypt"
``Launch & first login
Start everything with:
docker compose up -d
Wait a minute or two, then open: https://analytics.deine-domain.de
🔐 You’ll be prompted to create your first (and only) admin user — since DISABLE_REGISTRATION=true, public signups are disabled.
Testing it out
- Log in
- Add a new site/project in Plausible
- Embed the script in your website’s
<head> - Visit the site in private mode – watch the real-time stats
Optional: Loki/Grafana logging integration
For centralized log aggregation, you can feed container logs into Loki and visualize them in Grafana — useful for alerting or auditing access to your analytics instance.
FAQ
ClickHouse – any manual setup needed?
Nope! Plausible will automatically create and manage all necessary tables on startup. Just make sure the container is reachable internally on port 8123.
Can anyone sign up to my Plausible instance?
With DISABLE_REGISTRATION=true set in your .env file, self-registration on the login page is disabled.
Admins can manually create new users through the web interface.
Why don’t I see location data?
Location data is resolved via the MaxMind GeoIP database.
To enable this, you must set a (free) MaxMind license key for the database download.
If you want to use GeoIP data (e.g. for country-level reports), you need:
- A free MaxMind account
- Generate a license key
- Add the
.enventryMAXMIND_LICENSE_KEY=... - Create the
geo/directory → this is where theGeoLite2-Country.mmdbfile will be stored
Optionally, you can also schedule the download via script to keep the database up to date.
How do updates work?
Watchtower runs alongside your services and checks for updated images. When available, it pulls and replaces the containers with minimal downtime.
Log output can be checked via:
docker logs -f <watchtower-container-id>
Final Thoughts
Plausible isn’t just an alternative — it’s a declaration of digital independence.
Privacy-first, fully transparent, and under your control.
💬 Thinking about integrating this with OAuth, multi-tenant setups, or dashboards? Let’s talk — happy to share insights!
Member discussion