Self-hosted comments for static sites. One script tag. Your data, your server, no subscriptions.
- Single script embed — one
<script>tag, no dependencies on the host page - Self-hosted — your data stays on your server in a single SQLite file
- Gravatar avatars — with a letter-initial fallback
- Markdown comments — rendered server-side, sanitized with
sanitize-html - Nested replies — up to 3 levels deep
- Spam protection — honeypot field and blocked words list, configurable per domain
- Email notifications — SMTP alerts for new comments and replies; admin and commenter notifications are separate. Credentials stored encrypted at rest (AES-256-GCM)
- Admin dashboard — approve, pin, edit, delete, search, and configure comments at
/admin - Per-domain settings — brand colour with WCAG/APCA indicators, spam controls, SMTP setup, and embed code in a tabbed settings page
- Email preview — preview all notification email templates from the dashboard before sending
- MIT licensed
git clone https://github.com/KarthikeyanKC/discuss.git
cd discuss
npm install --production
npm run setup
cp .env.example .env # set JWT_SECRETThen visit /admin to log in, add your domain, and copy your embed snippet.
<div id="discuss-comments"></div>
<script src="https://discuss.example.com/client.js"></script>| Guide | Description |
|---|---|
| Deployment | systemd service, Nginx and Apache reverse proxy setup |
| Configuration | All environment variables |
| Embedding | Widget options, stable thread keys, cross-origin setup |
| Email Notifications | SMTP setup, provider recommendations, Gmail and Resend guides |
| Upgrading | How to upgrade safely |
| Contributing | Dev setup, conventions, and how to submit a pull request |
- Export and import comments
- Comment reporting
- Comment favouriting
- Comment sorting (newest, oldest, most liked)
- Rate limiting per domain and IP address
- Comment mentions
See CHANGELOG.md for release history.
MIT © Karthikeyan KC