InstaLab is an operations console for Instagram snapshot runs (followers/following), scheduling, run history, insights, and unfollow cleanup. It runs as a two-container stack: Flask API + Django UI. Collection supports two backends: browser (Playwright session, default) and private (instagrapi).
- Single‑pane UI for queueing runs, viewing history, and monitoring status.
- Snapshot/count workers with safeguards to avoid overlapping runs.
- Accounts manager with password + TOTP + challenge handling.
- Health endpoints and metrics-friendly status surfaces.
- Built‑in per-run trace logging for API request/response visibility.
docker-compose.yml/docker-compose.preview.ymldocker-compose.local.yml+docker-compose.local-postgres.ymlDockerfileapp/(Flask API, Django UI, workers, scripts, UI build pipeline)
- Create a local env:
cp .env.example .env
- Start Postgres + app stack:
docker compose -f docker-compose.local.yml -f docker-compose.local-postgres.yml up -d --build- Or:
./scripts/local_postgres_up.sh
- Open UI:
If you already have Postgres running, set the INSTALAB_DB_* values in .env and start:
docker compose -f docker-compose.local.yml up -d --build
- Secrets are not committed. Use
.env.exampleas a template. - Required for production:
DJANGO_SECRET_KEY(strong random value)DJANGO_DEBUG=FalseDJANGO_ALLOWED_HOSTSINSTALAB_ENCRYPTION_KEY(encrypts login secrets in Postgres)
- Runtime data (DB, sessions, job artifacts) should live outside the repo.
- See SECURITY.md for security best practices and deployment guidelines.
- Postgres only. Set
INSTALAB_DB_TYPE=postgres. - Default DB name/user:
instalab(seedocker-compose.local-postgres.yml).
- Browser backend (default): run
/api/unfollow/initonce to create Playwright storage state atINSTALAB_BROWSER_STORAGE_PATH, then runs reuse that signed-in browser session. - Private backend (
instagrapi): logins are stored in Postgreslogin_accountsand encrypted at rest. - For private backend, a first successful login caches session settings; subsequent runs reuse the session.
- 2FA is supported via TOTP or SMS/email challenge codes.
- Device profile settings are persisted to avoid “new device” loops.
- Collector setup and collector->target execution runbook: docs/COLLECTOR_TARGET_SETUP_FLOW.md.
- Legacy template styles:
- Source:
app/ui_src/ui.css - Output:
app/django_app/static/ui.css
- Source:
- Modern React UI:
- Source:
app/frontend/ - Output:
app/django_app/static/modern/
- Source:
- Build both UI assets:
cd app && npm run build - Watch legacy CSS:
cd app && npm run dev - Run modern UI dev server:
cd app && npm run frontend:dev
/serves legacy or modern UI based onINSTALAB_UI_VARIANT(legacyormodern)/legacy/always serves legacy UI/app/serves the modern React UI
- This repo contains code + compose; environment‑specific ops runbooks live outside the repo.
- In production behind nginx, ensure
/static/serves Django’sSTATIC_ROOT(default:app/django_app/staticfilesaftercollectstatic). - Proxy routing (Decodo): configure under Settings → Proxy routing (stored in the config table). Native proxying requires host/port/username/password.
dev: active developmentmain: stable / public-ready
- Update version / changelog (if you keep one)
- Run UI build (
cd app && npm run build) - Verify API + UI start clean (
docker compose up -d) - Sanity check a run end‑to‑end in dev
- Merge
dev->main - Tag release (
git tag vX.Y.Z && git push --tags)
- API.md – API endpoint documentation
- ARCHITECTURE.md – System architecture and run lifecycle
- docs/COLLECTOR_TARGET_SETUP_FLOW.md – collector login setup and target execution flow
- SECURITY.md – Security considerations and deployment best practices
- CONTRIBUTING.md – Guidelines for contributing to the project
See LICENSE file for license information.