Deploying CapRover Self-Hosted PaaS for Docker Applications on Ubuntu 24.04
Step-by-step guide to deploy CapRover with Docker Compose on Ubuntu 24.04, configure the firewall and wildcard DNS, enable HTTPS, and ship a sample app from the one-click marketplace.
CapRover is an open-source, self-hosted Platform-as-a-Service that automates application deployment with Docker Swarm, Nginx, and automatic Let's Encrypt certificates. This guide deploys CapRover on Ubuntu 24.04 using Docker Compose, opens the required firewall ports, enables HTTPS for the dashboard, and deploys a sample app from the one-click marketplace, following self-hosted PaaS deployment practices documented in Vultr Docs.
Prerequisite: A wildcard DNS A record (e.g.
*.apps.example.com) pointing at the server's IP. Don't use a proxying DNS (Cloudflare orange-cloud), or the ACME challenge will fail.
Set Up the Directory Structure
1. Create the project directory:
mkdir -p ~/caprover
cd ~/caprover
2. Create the environment file:
nano .env
ACCEPTED_TERMS=true
DEFAULT_PASSWORD=StrongPassword-321
CAPROVER_ROOT_DOMAIN=apps.example.com
Deploy with Docker Compose
1. Create the Docker Compose manifest:
nano docker-compose.yml
services:
caprover:
image: caprover/caprover:1.14.1
ports:
- "80:80"
- "443:443"
- "3000:3000"
environment:
ACCEPTED_TERMS: "${ACCEPTED_TERMS}"
DEFAULT_PASSWORD: "${DEFAULT_PASSWORD}"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /captain:/captain
Configure the Firewall
1. Allow SSH and the CapRover ports:
sudo ufw allow OpenSSH
sudo ufw allow 80,443,996,7946,4789,2377/tcp
sudo ufw allow 3000/tcp
sudo ufw allow 7946,4789,2377,443/udp
2. Enable and verify the firewall:
sudo ufw enable
sudo ufw status
Port 3000 is the initial dashboard and will be closed after HTTPS is forced.
Start CapRover
1. Launch the stack in detached mode:
docker compose up -d
2. Verify Swarm services and tail the init logs:
docker service ls
docker service logs captain-captain --tail 20
Wait until the log prints Captain is initialized and ready to serve you.
Configure the Dashboard
1. Sign in:
Open http://YOUR_SERVER_IP:3000 and authenticate with DEFAULT_PASSWORD from .env.
2. Set the root domain:
Enter apps.example.com, click Update Domain, and reopen http://YOUR_SERVER_IP:3000 once CapRover confirms DNS resolution.
3. Enable and force HTTPS:
Click Enable HTTPS, enter the Let's Encrypt email, then click Force HTTPS. The dashboard now lives at https://captain.apps.example.com.
4. Close port 3000 and change the password:
sudo ufw delete allow 3000/tcp
Change the dashboard password from Settings in the sidebar.
Deploy a Sample App
1. From the dashboard, open Apps → One-Click Apps/Databases. 2. Search Uptime Kuma. 3. Set the App Name to uptime-kuma and the version to latest. 4. Click Deploy.
5. Enable HTTPS for the app:
Go to Apps → uptime-kuma, confirm Websocket Support is enabled, click Enable HTTPS, check Force HTTPS, and click Save & Restart. The app is live at https://uptime-kuma.apps.example.com.
If a deploy fails, check:
docker service logs captain-captain --tail 50
Next Steps
CapRover is running with HTTPS for the dashboard and a sample app deployed. From here you can:
Deploy your own apps via the CapRover CLI (
captain-cli) ortar.gzuploadWire
git pushdeploys with GitHub/GitLab webhooksCluster multiple servers into a single Swarm for horizontal scaling
For the full guide with additional tips, visit the original article on Vultr Docs.
