CapRover

CapRover is a self-hosted Platform-as-a-Service that turns a bare VPS into a Heroku-like deployment environment. It orchestrates Docker Swarm, nginx, and Let’s Encrypt behind a clean web GUI and CLI so developers can ship Node.js, Python, PHP, Ruby, ASP.NET, Java, or any containerizable application without touching nginx configs or SSL certificates manually.

The platform ships with a one-click app library covering databases (MySQL, PostgreSQL, MongoDB, MariaDB), CMS platforms (WordPress, Ghost), caching layers (Redis, Memcached), and dozens of other common services. Once installed on a $5–$6 VPS, CapRover handles certificate issuance and renewal, HTTP-to-HTTPS redirection, reverse proxying, and container lifecycle management automatically.

CapRover supports multi-node Docker Swarm clusters, enabling horizontal scaling and automatic load balancing without reconfiguring nginx or redeploying services. The optional CapRover Pro tier adds two-factor authentication enforcement, webhook-based alerting, and remote monitoring hooks, while the core remains fully functional and free for self-hosted use.

Since v1.11, CapRover ships anonymous analytics (opt-out with an env var) to track feature usage patterns. Recent additions include a GoAccess web statistics engine, Docker Compose simplified deployment, project grouping, multi-theme UI, and HTTP/3 support via UDP nginx port mapping.

What You Get

• One-Click App Library - Deploy databases, CMS platforms, and developer tools by selecting from a dropdown and clicking install—no Dockerfile or Docker Compose knowledge required.
• Automatic SSL with Let’s Encrypt - Certificates are issued and renewed automatically for every app subdomain, with HTTP-to-HTTPS enforcement handled by nginx without manual edits.
• Docker Swarm Clustering - Add worker nodes from the web GUI to spread containers across multiple servers, with nginx automatically load-balancing traffic between instances.
• Web GUI and CLI - A React-based dashboard handles app creation, log viewing, environment variables, and scaling; caprover deploy enables scripted CI/CD deployments from any pipeline.
• Fully Customizable nginx Templates - Override the default generated nginx config per app to enable HTTP/2, custom headers, cache rules, or advanced proxy settings while retaining auto-management for standard cases.
• Persistent App Portability - Removing CapRover does not break deployed applications; containers and volumes remain intact so services keep running independently.
• Built-in GoAccess Statistics - Web traffic analytics are available directly from the dashboard via an embedded GoAccess instance, without configuring external log shippers.

Common Use Cases

• Replacing Heroku on a budget VPS - A startup migrates from $25–$250/month Heroku dynos to a $6 DigitalOcean or Hetzner VPS running CapRover, retaining auto-deploy, SSL, and environment variable management at a fraction of the cost.
• Running a WordPress blog with managed SSL - A blogger installs WordPress and MySQL via one-click app, gets a free Let’s Encrypt certificate automatically, and never touches nginx or certbot manually.
• Deploying a FastAPI or Django backend - A Python developer ships a containerized API with PostgreSQL in minutes using the web UI, without writing a single Dockerfile or configuring a reverse proxy.
• Multi-node high-availability setup - A DevOps engineer adds two worker nodes to scale a PHP application horizontally, with CapRover’s nginx load balancing distributing traffic across all containers automatically.
• Self-hosting developer tools - A team deploys Gitea, Drone CI, MinIO, and Plausible Analytics on a single server using one-click apps, consolidating infrastructure under one management interface.

Under The Hood

Architecture CapRover is structured as a layered Node.js application where a thin Express routing layer delegates to a dependency-injected service layer that orchestrates Docker, nginx, and data persistence. The injection system (Injector/InjectionExtractor) threads per-request context—authenticated user, namespace, SSL state—through the middleware chain without global mutable state. CaptainManager acts as the top-level coordinator, instantiating CertbotManager, LoadBalancerManager, BackupManager, DiskCleanupManager, and SelfHostedDockerRegistry as collaborators with clear constructor injection. The ServiceManager and UserManager layers sit below, handling app lifecycle and user authentication independently. An event system (ICapRoverEvent, EventLoggerFactory) decouples side effects like analytics logging from core business logic.

Tech Stack The backend is TypeScript on Node.js with Express 5, using Dockerode for typed Docker API access and fs-extra for filesystem operations. EJS templates generate dynamic nginx configurations from stored CaptainDefinition descriptors. Data is stored in JSON files managed by a DataStore abstraction with separate stores for apps, registries, projects, and Pro configuration. simple-git and ssh2 handle remote server operations for cluster node management. The build pipeline uses tsc with madge for circular dependency detection and Prettier for formatting. The frontend is a separate React application (in the caprover-frontend repo) served as static files from dist-frontend.

Code Quality The codebase maintains comprehensive test coverage across critical paths: encryption round-trips, backup restore workflows, certificate command generation, circular queue behavior, Docker utility functions, git helper operations, one-click app routing, app definition patching, and project sorting. Tests are written with Jest and ts-jest with realistic mocking of external dependencies. TypeScript is used throughout with strict typing, custom error classes, and typed API response models. ESLint with typescript-eslint enforces code standards, and Prettier ensures consistent formatting. The CONTRIBUTING.md, CODE_OF_CONDUCT.md, SECURITY.md, and sample apps directory provide extensive onboarding documentation.

What Makes It Unique CapRover’s most distinctive characteristic is its ability to run Docker Swarm orchestration transparently on a single-node VPS—users get clustering primitives without needing to understand Swarm networking. The CaptainDefinition file format (a minimal JSON descriptor checked into the repo) enables reproducible multi-service deployments via git push without writing full Docker Compose files. The LoadBalancerManager dynamically regenerates and reloads nginx configurations from templates on every app state change, making SSL provisioning and routing updates atomic. The optional Pro tier integrates two-factor authentication and webhook alerting at the infrastructure level rather than per-application, covering the entire CapRover instance under a single auth policy.

Self-Hosting

CapRover is released under the Apache License 2.0 with a custom appendix. The core of the license is permissive: you can use, modify, and redistribute CapRover freely, including for commercial purposes, and there are no copyleft obligations that would affect your deployed applications. The appendix, however, adds two restrictions: paid features of CapRover-as-a-service cannot be modified without a written agreement, and redistribution of a paid version requires written permission from the authors. For the vast majority of self-hosters deploying the free open-source core, neither restriction applies—you are fully within your rights to run, modify, and adapt CapRover on your own infrastructure.

Running CapRover yourself requires a Linux VPS with a public IP, Docker installed, and a wildcard DNS entry pointing subdomains to the server. The installation is a single Docker run command, but ongoing operations—OS patching, Docker updates, storage management, and CapRover version upgrades—fall entirely on you. CapRover ships with a DiskCleanupManager for automatic log pruning and a BackupManager for configuration backups, but database backups for your deployed apps are your responsibility. Multi-node clustering requires SSH access between nodes and careful Docker Swarm network configuration. The v1.12 release bumped the minimum Docker API version, so major upgrades occasionally require coordinating Docker upgrades with CapRover upgrades.

CapRover does not offer an official managed cloud tier in the traditional sense—there is no CapRover-hosted service where you pay per app or per deployment. The CapRover Pro subscription (accessed via a Pro API key) adds two-factor authentication enforcement, webhook-based alerting for build events, and feature flags, but the underlying infrastructure remains on your own server. Compared to Heroku or Render, you give up managed backups, SLA guarantees, global CDN, and 24/7 support. The trade-off is significant cost reduction—a $6 VPS running CapRover can host dozens of small apps that would cost hundreds of dollars monthly on a managed PaaS.