Intellectual Property law is a real thing. Writing code doesn't make you an expert at writing license agreements.
Words such as the above on the blog post send shivers through my spine each time I read them.
They are, for example, a common sight on websites description of their security. "we use https so everything is ok" says the fluffy website description, carefully omitting to mention any of the stuff that really matters. Instead they just stop abruptly at the mention of the magical https. Shrug.
Or another classic example is all those people who think a dumb pass-through nginx/caddy https proxy infront of their backend suddenly makes the backend secure !
Coming back to this specific wording, I'm not sure what "whole class of attacks" they are expecting to suddenly thwart just because they are running over https ? I would suggest its a bit of a bold statement, to put it kindly.
I assume they are referring to the low-hanging-fruit like MITM etc, but as everyone knows that's not really where the real security concerns are in 2025 ...
> your password must be at least 20 characters long, contain mixed-case letters, digits, five kanji, and at least one byte that isn't a valid UTF-8 codepoint
> but I'm setting up a small VM on my private PC to run a script that scrapes porn
> DID I FUCKING STUTTER
> ok ok I'm sorry calm down
What’s missing in both, and would liked to hear from hn, is docker-native backup solutions, for backing up select docker volumes. Currently I’m using some tricks with duplicati, but I wonder if there’s anything better.
Also this is the first I’ve heard of coreOS, the author says nothing about it, though it’s in the title. I wonder why someone choose it over Debian.
Only once in a while I get a weird gateway timeout error on some services since my server is behind a vpn and firewall.
But other than that it's a great setup.
A while ago I created Harbormaster[1] a very simple and opinionated single-host container Orchestrator, and run everything on there. It just needs a Compose file, and that's it. Harbormaster takes care of the pulling from git repos/updating, restarting containers, etc, as well as provides a centralised config file for what's running on a machine. It's ideal for me.
I feel like you should love something like https://projectbluefin.io/ then?
I tried it a few months ago. It had some rough edges that made me move away (to Debian and then most recently NixOS), but I might swing back the way of Bluefin at some point.
coolify, dokku, dockploy, swiftwave; and K8s-based: cozystack, kubero, plural
related: https://news.ycombinator.com/item?id=41358020 (+271 comments; 2024) Dokku: My favorite personal serverless platform
I'm glad there's options but once I got one working I feel like I'd be stuck so feedback beforehand from those who've tried multiple is escpecially valuable, especially the monetization aspect for sustainability.
Dokploy vs. CapRover, Dokku, Coolify
With Dokploy, on the other hand, I found the UI difficult to navigate, which would be fine if the documentation was good but it was lacking.
But for many of the features their comparison claims Dokku doesn’t have, it actually does: database support, scheduled jobs, docker compose support. It has some form of monitoring. Overall Dokku has been a pretty robust solution for me and anything it might be missing, like in monitoring for instance, I can just add at the system level.
To be clear, I’m not anti-Dokploy and I think the more these tools improve the better. Just wanted to share my experience in defense of Dokku. Being able to spin up your apps on a cheap VPS is incredibly empowering over having to pay 10x more for managed services like Heroku or Render.
Breaks when you use anything but bash as root user shell. Breaks if you have images in private registries with swarm. Breaks if you wanna restrict the API key access to just one project (the key can access all projects lol).
It's a great piece of software, I use it myself. But calling it polished in any way is a bit of a stretch.
I tried coolify couldn't get it running properly on the same VPS I got Dokploy to just work on the first try.
I tried SwiftWave and Coolify for that. They seem to support that if I understood you correctly.
I also love their template gallery of pre-existing projects, managed to setup auxiliary stuff like Plausible and Ghost which I wouldn't have done if it wasn't for the one-click install.
For me, the core feature of Netlify is building and deploying static websites quickly, with minimal configuration and triggered by git commits.
Does any of these really resemble that experience (except for the CDN Netlify uses, of course)?
I host maybe 8 different side projects on Coolify like this. Most don’t even have a Dockerfile in the repo. I use the standard nix packs option, and builds, rolling deployments etc are auto handled.
The only solution is to have these files locally on the server and then use an external bind mount.
I solved this in my docker-compose-gitops-action by just inserting secrets before copying the files to the server.
https://fariszr.com/docker-compose-gitops-github/
you can't do that with dokploy even with this dokploy action so it's triggers a pull from the source repo only.
Also the preview feature on dokploy is almost useless because there is no variable to get the preview URL dynamically.
Just mount it at the same path on all hosts and then bind-mount it into the container and it will work no matter where the container is scheduled
Have to think about backup strategy yourself tho.
Nextjs website deployed here to avoid crazy Vercel and netlify pricing. Uptime kuma and Umami deployed in 2 minutes.
Be sure to check disk space. Activate the Docker auto-clean option.
Support, even for paying customers, is lacking, too.
Definitely cheering its development on, though, because the promise is wonderful.