I've been using Dokploy and it is lovely. Solid and stable for the last 12 months running production apps. First time in ages I got the Heroku vibe again.
Another very similar one is https://dokku.com, have been using it for years and I like that it's a very thin layer on top of Docker. So even if you uninstall it everything keeps running and you can just manage it manually.
> You only access Dokploy through https, removing a whole class of attacks
Words such as the above on the blog post send shivers through my spine each time I read them.
They are, for example, a common sight on websites description of their security. "we use https so everything is ok" says the fluffy website description, carefully omitting to mention any of the stuff that really matters. Instead they just stop abruptly at the mention of the magical https. Shrug.
Or another classic example is all those people who think a dumb pass-through nginx/caddy https proxy infront of their backend suddenly makes the backend secure !
Coming back to this specific wording, I'm not sure what "whole class of attacks" they are expecting to suddenly thwart just because they are running over https ? I would suggest its a bit of a bold statement, to put it kindly.
I assume they are referring to the low-hanging-fruit like MITM etc, but as everyone knows that's not really where the real security concerns are in 2025 ...
Dokploy ergonomics I found just a bit lacking, and switched to Coolify instead. I daresay the feature that swayed me was force “pull latest images” button on coolify (convenient way to update any app), that was weirdly not available on Dokploy.
What’s missing in both, and would liked to hear from hn, is docker-native backup solutions, for backing up select docker volumes. Currently I’m using some tricks with duplicati, but I wonder if there’s anything better.
Also this is the first I’ve heard of coreOS, the author says nothing about it, though it’s in the title. I wonder why someone choose it over Debian.
I really love a workflow where the host OS is as stock as possible (I just run Debian) and everything else runs in Docker.
A while ago I created Harbormaster[1] a very simple and opinionated single-host container Orchestrator, and run everything on there. It just needs a Compose file, and that's it. Harbormaster takes care of the pulling from git repos/updating, restarting containers, etc, as well as provides a centralised config file for what's running on a machine. It's ideal for me.
If KASM workspaces docker image will work in Dokploy, then I'm down. (It kind of does it's own docker in docker thing, so it's not just another simple docker image)
The problem for me with dokploy is how do you manage in-config secrets for deployed apps.
There are many apps which have secrets in their configs that can't be imported from env variables.
The only solution is to have these files locally on the server and then use an external bind mount.
I solved this in my docker-compose-gitops-action by just inserting secrets before copying the files to the server.
I'm glad there's options but once I got one working I feel like I'd be stuck so feedback beforehand from those who've tried multiple is escpecially valuable, especially the monetization aspect for sustainability.
We developed https://canine.sh for work which was heavily inspired by dokploy. The idea was to have a dokploy like container scheduler against a Kubernetes backup for ease of scalability / recovery and multi-node setup.
I’m new to dokploy. I love the simplicity and speed, but in the last week it has done some really weird things. Like one deployment lacked some critical files. I redeployed and they came back, but that sort of inconsistency in a deployment system is alarming.
I love the Dokploy promise but I’ve come across some glaring bugs and inconsistencies that have made living with it difficult. I’ve had to consult its source code because if it’s lack of documentation in a few instances.
Support, even for paying customers, is lacking, too.
Definitely cheering its development on, though, because the promise is wonderful.
23 comments
[ 2.8 ms ] story [ 43.7 ms ] threadNextjs website deployed here to avoid crazy Vercel and netlify pricing. Uptime kuma and Umami deployed in 2 minutes.
Be sure to check disk space. Activate the Docker auto-clean option.
Dokploy vs. CapRover, Dokku, Coolify
Words such as the above on the blog post send shivers through my spine each time I read them.
They are, for example, a common sight on websites description of their security. "we use https so everything is ok" says the fluffy website description, carefully omitting to mention any of the stuff that really matters. Instead they just stop abruptly at the mention of the magical https. Shrug.
Or another classic example is all those people who think a dumb pass-through nginx/caddy https proxy infront of their backend suddenly makes the backend secure !
Coming back to this specific wording, I'm not sure what "whole class of attacks" they are expecting to suddenly thwart just because they are running over https ? I would suggest its a bit of a bold statement, to put it kindly.
I assume they are referring to the low-hanging-fruit like MITM etc, but as everyone knows that's not really where the real security concerns are in 2025 ...
[1] https://isitreallyfoss.com/projects/dokploy/
[2] https://github.com/Dokploy/dokploy/discussions/3
What’s missing in both, and would liked to hear from hn, is docker-native backup solutions, for backing up select docker volumes. Currently I’m using some tricks with duplicati, but I wonder if there’s anything better.
Also this is the first I’ve heard of coreOS, the author says nothing about it, though it’s in the title. I wonder why someone choose it over Debian.
A while ago I created Harbormaster[1] a very simple and opinionated single-host container Orchestrator, and run everything on there. It just needs a Compose file, and that's it. Harbormaster takes care of the pulling from git repos/updating, restarting containers, etc, as well as provides a centralised config file for what's running on a machine. It's ideal for me.
[1] https://harbormaster.readthedocs.io/en/latest/
https://hub.docker.com/r/linuxserver/kasm
The only solution is to have these files locally on the server and then use an external bind mount.
I solved this in my docker-compose-gitops-action by just inserting secrets before copying the files to the server.
https://fariszr.com/docker-compose-gitops-github/
you can't do that with dokploy even with this dokploy action so it's triggers a pull from the source repo only.
Also the preview feature on dokploy is almost useless because there is no variable to get the preview URL dynamically.
coolify, dokku, dockploy, swiftwave; and K8s-based: cozystack, kubero, plural
related: https://news.ycombinator.com/item?id=41358020 (+271 comments; 2024) Dokku: My favorite personal serverless platform
I'm glad there's options but once I got one working I feel like I'd be stuck so feedback beforehand from those who've tried multiple is escpecially valuable, especially the monetization aspect for sustainability.
For me, the core feature of Netlify is building and deploying static websites quickly, with minimal configuration and triggered by git commits.
Does any of these really resemble that experience (except for the CDN Netlify uses, of course)?
Support, even for paying customers, is lacking, too.
Definitely cheering its development on, though, because the promise is wonderful.