Strato Linux VPS (Linux-V10) and caprover – no happy end

TL;DR: caprover does NOT run on Strato Linux VServer (e.g. Linux V10). Think about nginx reverse-proxy, certbot and docker-compose instead.

The whole idea of running my own server was to install caprover and then be able to easliy create and push web applications. However, it did not work as intended…

This is a note to everybody that tries to install caprover, a self hosted PaaS (something like heroku) on a Linux VPS hosted on strato: It does not work.

The Strato VPS Linux servers, e.g. Linux V10, seem to be docker containers themselves (This might be the reason, why one can rent such a server at the low prize of 5 EUR/month). Caprover however would need to be installed on a non-dockerized host machine. Inside a docker container, the swarm and networking capabilities seem to be restricted.

When trying to install and setup caprover, one gets the following error message, meaning that the installation fails:

pdkvqpxs664z7skc   captain-captain.1       caprover/caprover:1.7.1   hxxxxxxx.stratoserver.net   Ready               Rejected less than a second ago   "error creating external connectivity network: cannot restrict inter-container communication: open /proc/sys/net/bridge/bridge-nf-call-iptables: permission denied"

Searching the web indicates, that the following kernel module could solve the issue:

# adding kernel module does not work for strato linux v10
modprobe br_netfilter

However, it is not possible to add this kernel module, as it is stated in the official Strato FAQ:

• https://www.strato.de/faq/server/kernel-module-bei-unseren-linux-servern/

As it says at the bottom of the page, for the given server type, adding this kernel module is not possible.

So what to do? Setup nginx as reverse proxy, install certbot, create a DNS entry for a subdomain on your webhoster, maintain a docker-compose.yml, update the nginx sites, add site to certbot. Done. Repeat.

How? Let’s see in another post.