mechanics vs. Coolify / Dokku / Dokploy: Focused Research Brief

Updated: 2026-06-05
researchmechanicsself-hostedpaaskubernetescompetitioncoolifydokkudokploygitops

Bottom line

Coolify, Dokku, and Dokploy are the most visible competition for mechanics in the self-hosted PaaS space, but they aren't direct architectural peers. All three are vendor-controlled, Docker-based platforms optimized for human users: web dashboards, git push deploys, and one-click service catalogs. They win on day-1 simplicity and visual discoverability. mechanics is Kubernetes-native and SSH-command-first, optimizing for agents, GitOps, and user control over vendor control. The comparison isn't "which has more features today" but "who owns the decisions about your infrastructure tomorrow - you, or the vendor's business model?"

Key findings

  • Coolify dominates mindshare but carries architectural and control baggage. With 55,000+ GitHub stars and 280+ one-click services, Coolify is the default recommendation for self-hosted PaaS in 2026. Its v4.0 release added multi-server orchestration and a Claude Code MCP server. But it's fundamentally a bespoke Docker/Traefik/Laravel platform owned by one company. Kubernetes support is listed as "planned, but not in roadmap yet, so no ETA," and multi-server deployments deliberately block volume mounts because Coolify can't synchronize state across servers.
  • Dokku is mature but intentionally single-host. Dokku has been in production since 2013 and offers the lowest surface area of the three. It's CLI-first and stable. Multi-server scaling is "limited" by design. Dokku Pro ($849 lifetime) adds a web UI and JSON API, yet the core remains a single-server Heroku clone. Outgrowing Dokku generally means leaving Dokku.
  • Dokploy is the newest and most Kubernetes-adjacent, but it bets on Docker Swarm and is moving open-core. Dokploy has 26,000+ stars and native Docker Compose support. Its multi-node story uses Docker Swarm, which Mirantis will support through 2030 but which the broader ecosystem has largely abandoned in favor of Kubernetes. In January 2026 Dokploy also announced a "Dokploy Source Available License" for future enterprise features, introducing license-boundary risk.
  • MCP is a retrofit, and the agent community is moving back toward CLI. Coolify ships an MCP server. MCP is widely criticized for token inefficiency, session overhead, and dependency on MCP-supporting clients. For scripted agents, CI runners, and autonomous workflows, CLI/SSH remains the dominant interface: "over 90% of active production CI/CD pipelines still invoke command-line tools as their primary automation primitive." mechanics exposes SSH commands natively. Coolify is bolting on a protocol the community is already questioning.
  • Security and licensing are real differentiators. Coolify disclosed 11 critical CVEs in January 2026, including multiple CVSS 10.0 command-injection vulnerabilities and root SSH key exposure. Dokploy's shift to source-available licensing for enterprise features creates future control boundaries. Dokku is MIT-licensed and bootstrapped, with the most honest scope ceiling.
  • The deepest difference is control, not code. Coolify, Dokku, and Dokploy each make the user's infrastructure dependent on one project's roadmap, pricing, and licensing. mechanics delegates every hard decision to established community-driven projects - Kubernetes, Argo CD, Istio, Gateway API, Forgejo, CNPG - and only provides replaceable SSH glue on top.

Background

The self-hosted PaaS category exploded after Heroku removed its free tier in 2022 and then formally entered "sustaining engineering" in February 2026. That announcement ended new Enterprise contracts and redirected Salesforce investment elsewhere, leaving millions of apps on a legacy platform. Coolify, Dokku, and Dokploy all position themselves as escape hatches from Heroku's pricing and stagnation.

Each tool makes a different trade-off:

  • Coolify mimics Heroku's dashboard experience most closely.
  • Dokku mimics Heroku's CLI and buildpack experience most closely.
  • Dokploy tries to combine a modern UI with Docker Swarm clustering.

All three run on a VPS, all three handle SSL and reverse proxying automatically, and all three cost roughly the underlying server price (€4–10/month on Hetzner).

mechanics comes from a different lineage. It isn't trying to replicate Heroku's UX. It assumes the user wants:

  • A GitOps deployment model via Argo CD
  • Service mesh / Gateway API routing via Istio
  • Source hosting via Forgejo
  • All operations exposed through an SSH command surface

This isn't a PaaS abstraction. It's a control plane over standard cloud-native tooling.

Current state

Coolify

Dimension Detail
GitHub stars 55,000+ (May 2026)
License MIT / Apache 2.0 (fully open source)
Runtime Docker + Traefik/Caddy
Multi-server Dashboard manages independent servers; no native clustering; Swarm experimental; Kubernetes "planned, no ETA"
Idle overhead 500MB–1.2GB RAM
Agent interface Official MCP server (read-only as of v4.1.0); community MCP servers with write scope; REST API
Known CVEs 11 critical disclosed Jan 2026, incl. 3 CVSS 10.0

Coolify is the safest choice for a solo founder who wants a polished web UI, a marketplace of one-click services, and the fastest path from "I have a Git repo" to "it's live." It's the most likely direct competitor to mechanics for early users.

Dokku

Dimension Detail
First release 2013
License MIT
Runtime Docker
Multi-server Single-host by default; limited multi-server
UI CLI-only in core; Dokku Pro ($849) adds web UI + JSON API
Agent interface SSH + dokku CLI; Pro adds REST API

Dokku is the most honest about what it's: a single-server tool. It doesn't pretend to be a multi-cluster orchestrator. For users who will never outgrow one VPS, Dokku is arguably the most stable and resource-efficient choice.

Dokploy

Dimension Detail
GitHub stars 26,000+
License Apache 2.0 for current code; future features under "Dokploy Source Available License"
Runtime Docker + Docker Swarm
Multi-server Native Swarm clustering with load balancing
Idle overhead ~350MB RAM
Agent interface REST API + CLI

Dokploy is the closest to offering real clustering, but Docker Swarm is its foundation. Swarm is simple and has commercial support through 2030, yet the tooling ecosystem (monitoring, security scanners, CI/CD plugins, AI workload operators) has moved to Kubernetes.

Technical or implementation details

Runtime abstraction

  • Coolify/Dokku/Dokploy: Abstract Docker. You deploy containers. The platform owns scheduling, networking, storage, and secrets.
  • mechanics: Abstracts Kubernetes. You deploy Argo CD Applications, Gateway API HTTPRoutes, and PersistentVolumeClaims. The platform owns the command surface; Kubernetes owns the runtime.

Scaling path

Outgrow moment Coolify Dokku Dokploy mechanics
Need more compute Add independent servers + external LB Buy bigger VPS / leave Dokku Add Swarm workers Add K8s worker nodes
Need HA Manual multi-server + LB Not supported Swarm HA Standard K8s HA
Need managed cloud Export is custom Rebuild Rebuild Move manifests to EKS/GKE/AKS
Need custom operators Wait for Coolify marketplace / hack Write custom plugins Limited Swarm ecosystem Install any Helm chart/operator

Agent operability

Coolify now ships an MCP server. MCP is a session-based, JSON-RPC protocol for conversational agents in editors like Claude Code and Cursor. It's useful for those environments but adds protocol overhead for scripted or autonomous agents. It has been criticized for inefficient token usage.

Dokku and Dokploy expose REST APIs. REST APIs require token management, TLS configuration, and client libraries.

mechanics exposes SSH commands. This means:

  • No client binary to distribute. Every environment already has ssh.
  • No token rotation beyond SSH key management.
  • Structured output can be added with --json.
  • Commands compose naturally in shell scripts and CI pipelines.
  • Both large and small local LLMs can discover commands via --help and operate without prior training, as showed empirically.

As the MCP-vs-CLI analysis notes: "A CLI wins when the consumer is a script, a CI job, a human at a terminal, or any process that needs unix-style composition" and "over 90% of active production CI/CD pipelines still invoke command-line tools as their primary automation primitive."

Control architecture

Coolify / Dokku / Dokploy mechanics
Orchestrator Vendor's choice (Docker / Swarm / custom) Kubernetes (community standard)
Routing Vendor's proxy config (Traefik / nginx) Istio + Gateway API (standard SIGs)
GitOps Vendor's deployment pipeline Argo CD (CNCF)
Git hosting External or none Forgejo (non-profit, free software)
Database operator Vendor-managed containers or plugins CNPG or any K8s operator
Control-plane glue Vendor UI, API, MCP SSH commands over standard tools

The practical implication: if Coolify Inc. Or Dokploy Technology decide tomorrow that your use case is no longer worth supporting, your infrastructure is at the mercy of their roadmap. If mechanics stops development, the Kubernetes manifests, Argo CD Applications, and Gateway API routes continue to work on any conformant cluster. A single DevOps engineer can recreate the SSH glue in a weekend because the underlying contracts are universal.

Evidence, comparisons, and related context

  • Heroku's decline: In February 2026 Heroku moved to a "sustaining engineering model," stopped new Enterprise contracts, and redirected Salesforce engineering investment. This validates the entire self-hosted PaaS category but also means incumbent platforms are aggressively capturing migrating users.
  • Kubernetes as standard: The CNCF 2025 survey found 82% of container users run Kubernetes in production and 98% have adopted cloud-native techniques. Kubernetes is described as the de facto "operating system" for AI workloads. This validates mechanics's bet that Kubernetes is the long-term runtime contract.
  • Docker Swarm trajectory: Mirantis committed to Swarm support through 2030. Portainer's 2025 assessment is that "Swarm didn't die, but it stopped growing... The broader industry made its call, and it called Kubernetes.". For a platform whose multi-node scaling depends on Swarm, this is a strategic ceiling.
  • Coolify CVEs: The Hacker News reported 11 critical Coolify CVEs in January 2026, many CVSS 10.0. Root causes included command injection in database backup/import, Docker Compose handling, Git configuration, and root SSH key exposure. All were patched, but the pattern reflects the risk of a large bespoke platform performing privileged operations.
  • Coolify MCP: Coolify v4.1.0 shipped an official read-only MCP server in May 2026. Community servers predate it and add write access. This shows Coolify recognizes the agent trend but is adapting via API-layer retrofit rather than native command-surface design.
  • MCP vs CLI debate: Independent analysis in 2026 found CLI remains dominant for CI/CD, scripts, and autonomous agents because of determinism, composability, and lower overhead. MCP is better suited to conversational agents in AI editors, but even there it has been criticized for token inefficiency.
  • Dokploy licensing shift: In January 2026 Dokploy moved existing code to Apache 2.0 but announced that future enterprise features (SSO, HA, auto-scaling, advanced monitoring) will be source-available with paid production licenses. This is a rational business move, but it creates a control boundary between what users can self-host freely and what requires a vendor relationship.

Limitations and critiques

  • mechanics is harder for non-K8s humans today. Coolify's one-line install and web dashboard are genuinely faster for a developer who has never used Kubernetes. That's a real adoption barrier.
  • Resource overhead on tiny VPSes. Kubernetes needs more baseline RAM than Docker alone. On a 2GB VPS, mechanics may not fit comfortably where Dokku would. The honest minimum for a usable K8s single-node experience is closer to 4GB.
  • Coolify's MCP server may narrow the agent gap for editor users. If Coolify's official MCP gains write access and broad tool coverage, it becomes plausible for Claude Code / Cursor users - but not for CI runners, shell-based agents, or environments without MCP clients.
  • Dokploy's licensing creates future uncertainty. Current code is Apache 2.0, but future enterprise features will be source-available with paid production use. This introduces license-boundary risk for platform builders.
  • Dokku's ceiling is explicit. It doesn't claim to be a multi-cluster orchestrator. That honesty is a strength, but it means Dokku stops being the answer at a certain scale.

Open questions

  • Will Coolify's MCP server evolve into a full write-capable agent interface, or will it remain a dashboard wrapper?
  • Does the typical mechanics user actually care about multi-cloud portability today, or is that a future-proofing argument that doesn't close near-term deals?
  • At what VPS size does Kubernetes overhead become irrelevant compared to the value of operators and ecosystem tooling?
  • Will Docker Swarm's 2030 support commitment be enough to keep Dokploy competitive, or will K8s ecosystem gravity pull users away?
  • Can mechanics make its SSH onboarding feel as low-friction as curl | bash install scripts without sacrificing its agent-native design?

Practical takeaways

  • don't compete with Coolify on feature checkboxes or dashboard polish. Compete on the foundation: "We run on Kubernetes, so when you outgrow one server you don't rebuild; you just add nodes or move to EKS."
  • Reframe the risk as control failure, not technical failure. The danger with Coolify/Dokploy isn't that the server will crash. It's that the vendor's business model may decide your use case is no longer worth supporting, paywalls the feature you need, or rejects the contribution that would fix your problem.
  • Use MCP skepticism to your advantage. The agent community is recognizing that CLI/SSH is more efficient for real automation than MCP. Coolify is bolting on MCP; mechanics was built around the interface agents already understand.
  • Emphasize replaceable glue. mechanics itself is a thin SSH layer over standard tools. If it were abandoned, the GitOps repos and K8s manifests live on. The user's stack doesn't die with the project.
  • Target users who value decision ownership over day-1 convenience. A user who wants to push a button and be live in ten minutes should use Coolify. A user who wants to own every decision about their stack - and replace any piece without permission - is the mechanics buyer.

Sources used