liwan

Data Warehouses & Analytics

Privacy‑first web analytics that can be deployed with a single binary and runs on minimal hardware

Track releases GitHub Website

Rust Latest liwan-v1.5.0 · 24d ago Security brief →

Features

Quick setup: single self‑contained binary, no database required
Privacy first: no cookies or cross‑site tracking; data stays on your server
Lightweight: can run on cheap VPS, old Mac Mini, or Raspberry Pi (Rust + Tokio)
Open source: fully modifiable and extensible codebase

Recent releases

View all 2 releases →

liwan-v1.5.0 New feature 24d

Notable features

Added `trusted_headers`, `trusted_proxies`, and `use_forward_headers` config options
Added entry page and exit page dimensions, screen width and orientation dimensions
New timezone‑aware graphs with improved accuracy

Full changelog

Features

Added new trusted_headers, trusted_proxies, and use_forward_headers config options
Added new entry page and exit page dimensions
Added new screen width and orientation dimensions
New timezone-aware graphs with improved accuracy

Bug Fixes

Fixed error when both listen and port config options are set
Added retry logic when opening the DuckDB database to handle potential locking issues on startup (e.g. when the database is being updated by another process or when using a shared network drive)
Fixed an issue where users with invalid session tokens would show up in the UI as logged in

Other

Events are now rate-limited to 2 per second (with a burst of up to 10)
Added ?ref / ?referrer / ?source as fallbacks for UTM source
UTM parameters are now extracted on the server side
Updated to the latest version of DuckDB (1.5.2)
Improved filtering out invalid referrers
Improved world map rendering & graph for bounce rate metric
Improved UI error messages / loading states

View release on GitHub

liwan-v1.4.0 Breaking risk 2mo

⚠ Upgrade required

DuckDB updated to 1.5
Container image now based on distroless
If experiencing WAL replay failures, version 1.4.1-rc.0 with DuckDB 1.5.1 is available as an alternative

Breaking changes

Container now runs as non-root user (UID 1000) instead of root — mounted data folders must be owned by UID 1000 or have appropriate permissions; use --user flag in docker run to override

Notable features

New `listen` configuration option to specify address and port (backwards compatible with old `port` option)
GeoIP database now automatically reloads when updated on disk and updates on first boot

Full changelog

Updated to the latest version of DuckDB (1.5)
GeoIP database now automatically reloads if it has been updated on disk / fixed an issue where the GeoIP database would not be updated on the first boot
Switched to using axum as the web framework and ua-parser for user-agent parsing
Added new listen configuration option to specify the address and port to listen on (can be a socket address or just a port number). The old port option is still supported for backwards compatibility.
Some small UI improvements and optimizations
Container image is now based on distroless

⚠️ The container now runs as a non-root user (UID 1000)!
If you map a folder to /data and encounter permission issues, ensure it’s owned by UID 1000 (e.g. chown 1000:1000 ./data) or has appropriate permissions (e.g. chmod 777 ./data). You can also override the UID used by Liwan when starting the container by setting the --user flag (e.g. docker run --user 0 ... to keep the old behavior).