Make your own PaaS with CapRover

Make your own PaaS with CapRover

Self-Hosted PaaS in your own VPS

After Heroku is not giving any free plans, people now have many alternatives. But it may not be enough for long. Open-source PaaS software like Caprover, Dokku, etc. can be a great solution with a little bit of price.

I have found some open-source PaaS solutions to make your platform for hosting your applications. Such as Caprover, Dokku, Coolify (had issues), etc.
I picked Caprover because of its smooth experience in setup, managing, and deploying with SSL easily (even wildcard domain + SSL supports).

CPU Architecture*:* CapRover source code is compatible with any CPU architecture and the Docker build available on Docker Hub is built for AMD64 (X86), ARM64, and ARMV7 CPUs.

Recommended Stack*:* CapRover is tested on Ubuntu 20.04 and Docker 19.03. If you're using CapRover on a different OS, you might want to look at Docker Docs.

Now get started to set up your own PaaS with Caprover

  • Prepare your VPS first

  • Point your domain or sub-domain with DNS Records

  • Update your Firewalls

  • Setup caprover with docker

  • Configuring initials in your caprover

Prepare your VPS first (preferred Ubuntu 20.x or 22.x)

First, you need to know some prerequisites for this

  • Understanding of Containers, Docker & Docker-Compose

  • IP, TCP/UDP, SSH, Linux (Ubuntu/Debian)

  1. Make sure your VPS is up & running

  2. I prefer using root user for this setup.

    $ ssh root@your_vps_ip

  3. Uninstall some conflict packages (if already had docker)
    $ for pkg in docker-doc docker-compose podman-docker containerd runc; do sudo apt-get remove $pkg; done

  4. Update packages $ apt update && apt-get update

  5. Ensure some necessary packages installed
    $ apt-get install ca-certificates curl gnupg

  6. Add docker's official GPG key:

     $ sudo install -m 0755 -d /etc/apt/keyrings
     $ curl -fsSL | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
     $ sudo chmod a+r /etc/apt/keyrings/docker.gpg
  7. Setup docker package repository:

     echo \
       "deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] \
       "$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | \
       sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
    If you use an Ubuntu derivative distro, such as Linux Mint, you may need to use UBUNTU_CODENAME instead of VERSION_CODENAME.
  8. Install Docker engine:

     $ sudo apt-get update # update latest packages first
     # install docker engines
     $ sudo apt-get install docker-ce docker-ce-cli docker-buildx-plugin docker-compose-plugin

    Now docker should be installed. To verify this,

    docker -v & docker compose version will give you their version information.

Point your domain or sub-domain with DNS Records

You must have a registered domain (sub-domain also allowed). Most importantly, Domain control to have the DNS management.

We need point two A record of our VPS IP address.

  1. Type: A; Hostname: @ or blank; Value: 7x.5x.1x.1xx (your VPS IP address)

  2. Type: A; Hostname: *; Value: 7x.5x.1x.1xx (your VPS IP address)

Update your Firewalls

Having a publicly exposed server is risky and hard to defend. But we can follow some good practices to avoid these problems initially. Such as setting up our firewall to allow ports to only the whitelisted IPs or users.

Right now, I am showing the necessary ports to be open in the public network from anywhere.

  • 80 TCP for regular HTTP connections

  • 443 TCP for secure HTTPS connections

  • 3000 TCP for initial Captain Installation (can be blocked once Captain is attached to a domain)

  • 7946 TCP/UDP for Container Network Discovery

  • 4789 TCP/UDP for Container Overlay Network

  • 2377 TCP/UDP for Docker swarm API

  • 996 TCP for secure HTTPS connections specific to Docker Registry

$ ufw allow 80,443,3000,996,7946,4789,2377/tcp; ufw allow 7946,4789,2377/udp;
After adding these rules, also don't forget to add the port 22 for SSH login through terminals. Otherwise, you may not be able to log in through the SSH again.
$ ufw allow ssh # for SSH login supports to 22/tcp

Now, it's time to enable the firewall rules applied to take action.

$ ufw enable # it will ask for confirmation, type `y` & exit & login again

Congratulations! You have successfully configured the necessary firewalls.

Setup CapRover & Initial configurations

It's time to set up our CapRover. Follow my instructions.

$ docker run -p 80:80 -p 443:443 -p 3000:3000 -v /var/run/docker.sock:/var/run/docker.sock -v /captain:/captain caprover/caprover

Now, it will take a few minutes (depending on your VPS network speed) to complete the pulling & building. Then it will show you a link to open the setup portal.
i.e. http://7x.5x.1x.1xx:3000 (first it will be IP:3000).

  1. Open that link and setup your admin account.

  2. Go to settings > put your root domain (main domain or sub-domain as your platform's root) and save it.

  3. Now your CapRover dashboard will be available at http://captain.you_domain.xx or http://captain.subDomain.your_domain.xx (as you added your domain earlier)

  4. Also, you can enable HTTPS & enable to force it

  5. You may need to log in several times during this process.

Congratulations! You have successfully set up and configured your own PaaS with the CapRover. Now you can try some one-click app installation or deploy your apps using its cli npm i -g caprover or create app & setup source like GitHub repository.

Upcoming: How to deploy apps (i.e. React/Gatsby or Nodejs/Rails etc.) in CapRover.

Thanks for reading!