Guide February 28, 2026 6 min read
How to Self-Host Your Own Demora Signaling Server (Nexus)
Privacy isn't just a feature; it's a right. Learn how to deploy your own discovery layer.
Privacy isn't just a feature; it's a right. While Demora provides a managed signaling service, many users prefer to own their own "discovery" layer.
In this guide, we'll walk you through deploying Demora Nexus—our self-hosted signaling and relay server—using Docker and Caddy.
1. Why Self-Host?
- Total Data Sovereignty: Even your metadata (who connected to what and when) never leaves your infrastructure.
- Custom Relay Control: If you're on a local network, your traffic stays local.
- Enterprise Compliance: Meet strict data residency and security requirements.
2. Prerequisites
- A Linux VPS or local server with Docker and docker-compose installed.
- A domain name (e.g.,
nexus.yourdomain.com). - Firewall ports 80, 443, 3478 (UDP/TCP) open.
3. The Setup (docker-compose.yml)
docker-compose.yml
version: '3.8'
services:
demora-nexus:
image: ghcr.io/arda/demora-nexus:latest
container_name: demora-nexus
environment:
- NEXUS_DOMAIN=nexus.yourdomain.com
- NEXUS_KEY_SECRET=your_super_secret_key
ports:
- "8080:8080" # Signaling WebSocket
- "3478:3478/udp" # STUN/TURN (UDP)
volumes:
- ./data:/root/.demora
caddy:
image: caddy:latest
ports:
- "80:80"
- "443:443"
command: caddy reverse-proxy --from nexus.yourdomain.com --to demora-nexus:80804. Deploy and Verify
- Run
docker-compose up -d. - Check your logs:
docker-compose logs -f demora-nexus. - Verify your health check: Navigate to
https://nexus.yourdomain.com/health.
5. Connect Your Demora Client
In your Demora application, go to Settings > Network and toggle "Custom Signaling". Paste your domain and your NEXUS_KEY_SECRET to begin routing through your private Nexus instance.
6. Conclusion
You're now running your own private remote desktop cloud! No monthly fees, no data trackers, just raw, secure connectivity.