Deployment

User Guide

Install Deployment Configuration S3/Folder Browser Database Browser Table Viewer Exploratory Data Analysis Embedding Visualization

Deep Dive

Authentication RenderType

Deploy SmooSense as a Web Service

SmooSense can be deployed as a persistent web service so your team can access data from any browser — no local installation required.

1. Example files#

Three files are all you need:

File	Purpose
`app.py`	Flask application entry point
`Dockerfile`	Container image definition
`Makefile`	Convenience commands

`app.py`#

"""
SmooSense deployment entry point.

Set environment variables for S3 and Auth0 as needed.
"""

import os

from smoosense.app import SmooSenseApp

smoosense = SmooSenseApp()

# Flask app object for use with gunicorn:
#   gunicorn "app:app"
app = smoosense.create_app()

if __name__ == "__main__":
    smoosense.run(host="0.0.0.0", port=int(os.environ.get("PORT", "8000")))

`Dockerfile`#

FROM python:3.11-slim

WORKDIR /app

RUN pip install --no-cache-dir smoosense gunicorn

COPY app.py .

EXPOSE 8000

CMD ["gunicorn", "--bind", "0.0.0.0:8000", "--workers", "1", "--timeout", "120", "app:app"]

`Makefile`#

IMAGE_NAME ?= smoosense-app
PORT       ?= 8000

build:
	docker build -t $(IMAGE_NAME) .

run: build
	@echo "SmooSense running at http://localhost:$(PORT)"
	docker run --rm \
		-p $(PORT):8000 \
		$(IMAGE_NAME)

run-s3: build
	@echo "SmooSense running at http://localhost:$(PORT)"
	docker run --rm \
		-p $(PORT):8000 \
		-v $(HOME)/.aws:/root/.aws:ro \
		-e AWS_PROFILE \
		-e AWS_ENDPOINT_URL \
		$(IMAGE_NAME)

2. Quick start#

make run

Open http://localhost:8000 in your browser.

3. With S3 access#

Forward your AWS credentials into the container so SmooSense can read S3 paths:

make run-s3 AWS_PROFILE=my-profile

See Configuration for S3-compatible storage (Cloudflare R2, MinIO, etc.).

4. With authentication#

Set Auth0 environment variables to restrict access to your team:

docker run --rm \
  -p 8000:8000 \
  -e AUTH0_DOMAIN="your-tenant.auth0.com" \
  -e AUTH0_CLIENT_ID="your-client-id" \
  -e AUTH0_CLIENT_SECRET="your-client-secret" \
  -e APP_SECRET_KEY="a-random-secret-key" \
  smoosense-app

See Authentication for the full Auth0 setup guide.

5. With local folder access#

By default, local folder browsing is allowed when accessing SmooSense from localhost and denied from any other host. When deploying as a shared web service, you can control this explicitly with SMOOSENSE_LOCAL_FOLDER_PREFIX:

Deny all local paths (recommended for public-facing deployments):

docker run --rm -p 8000:8000 -e SMOOSENSE_LOCAL_FOLDER_PREFIX="" smoosense-app

Allow a specific mount point (e.g. a shared NFS or EFS volume at /mnt/data):

docker run --rm -p 8000:8000 \
  -v /mnt/data:/mnt/data:ro \
  -e SMOOSENSE_LOCAL_FOLDER_PREFIX="/mnt/data/" \
  smoosense-app

Users will only be able to browse paths that start with /mnt/data/; all other local paths are blocked.

Allow all local paths:

docker run --rm -p 8000:8000 -e SMOOSENSE_LOCAL_FOLDER_PREFIX="*" smoosense-app

6. Environment variables#

Variable	Description	Default
`PORT`	Port the app listens on	`8000`
`AWS_PROFILE`	AWS credentials profile for S3 access	—
`AWS_ENDPOINT_URL`	Endpoint for S3-compatible storage	—
`AWS_ACCESS_KEY_ID`	AWS access key (alternative to profile)	—
`AWS_SECRET_ACCESS_KEY`	AWS secret key (alternative to profile)	—
`AUTH0_DOMAIN`	Auth0 tenant domain	—
`AUTH0_CLIENT_ID`	Auth0 application client ID	—
`AUTH0_CLIENT_SECRET`	Auth0 application client secret	—
`APP_SECRET_KEY`	Flask session secret key (auto-generated if unset)	—
`SMOOSENSE_LOCAL_FOLDER_PREFIX`	Controls local folder access. Unset: auto-detect (allowed on localhost, denied elsewhere). `""`: deny all. `*`: allow all. `/prefix/`: allow only paths starting with the prefix.	unset