Architecture Vision¶

Document Type: Architecture Vision
TOGAF Phase: Preliminary & Phase A
Version: 1.0
Date: 2024-12-30
Status: Active

Executive Summary¶

Dokploy represents a paradigm shift in application deployment, bringing enterprise-grade Platform-as-a-Service (PaaS) capabilities to the open-source community. This architecture vision establishes the foundation for a self-hosted, cost-effective, and developer-friendly deployment platform that rivals commercial offerings like Heroku, Vercel, and Netlify while maintaining complete user control and transparency.

Vision Statement¶

To democratize cloud deployment by providing an enterprise-grade, self-hosted PaaS that is accessible, flexible, and powerful for developers and organizations of all sizes.

Mission Statement¶

Enable developers to deploy and manage applications with the same ease as commercial PaaS solutions while maintaining full control, transparency, and cost-efficiency through open-source self-hosting.

Business Context¶

Market Opportunity¶

The Platform-as-a-Service market is dominated by commercial providers that charge premium prices for deployment services. Organizations face:

• High operational costs: $50-500+ per application per month
• Vendor lock-in: Proprietary APIs and workflows
• Limited control: Black-box infrastructure
• Data sovereignty concerns: Cloud-only solutions
• Unpredictable pricing: Usage-based billing complexity

Dokploy addresses these challenges by providing:

• Zero recurring costs: Self-hosted with no per-app fees
• Open-source transparency: Full codebase visibility
• Complete control: Own your infrastructure
• Data sovereignty: Deploy anywhere
• Predictable costs: Fixed infrastructure costs only

Strategic Goals¶

1. Market Leadership: Become the #1 open-source PaaS alternative (current: 26k+ GitHub stars)
2. Cost Savings: Enable 70-90% cost reduction vs commercial PaaS
3. Enterprise Adoption: Achieve 20+ enterprise customers by 2025
4. Community Growth: Reach 50k+ monthly active users
5. Sustainable Business: Generate revenue through Dokploy Cloud managed service

Stakeholder Analysis¶

Primary Stakeholders¶

1. Independent Developers¶

Power: Medium | Interest: High

• Concerns:
• Easy setup and deployment
• Cost-effectiveness
• Learning curve
• Community support
• Requirements:
• Quick onboarding (<10 minutes)
• Clear documentation
• Active community
• Free forever option

2. Small-Medium Development Teams¶

Power: High | Interest: High

• Concerns:
• Team collaboration
• Deployment reliability
• Scaling capabilities
• Time to market
• Requirements:
• Role-based access control
• Multi-environment support
• CI/CD integration
• 99.9% uptime

3. DevOps Engineers¶

Power: High | Interest: High

• Concerns:
• Infrastructure control
• Security and compliance
• Monitoring and observability
• Multi-server management
• Requirements:
• Advanced configuration options
• Security hardening capabilities
• Comprehensive monitoring
• API/CLI automation

4. Enterprise Organizations¶

Power: High | Interest: Medium

• Concerns:
• Compliance (GDPR, SOC 2)
• Enterprise support
• High availability
• On-premise deployment
• Requirements:
• Audit logging
• SSO integration
• SLA guarantees
• Professional support

Secondary Stakeholders¶

5. Open-Source Community¶

Power: Medium | Interest: High

• Concerns:
• Code quality
• Contribution process
• Project sustainability
• Licensing
• Requirements:
• Clear contribution guidelines
• Active maintainer engagement
• Transparent roadmap
• Permissive license

6. Dokploy Project Maintainers¶

Power: Very High | Interest: Very High

• Concerns:
• Code maintainability
• Technical debt
• Security vulnerabilities
• Project funding
• Requirements:
• Architectural clarity
• Automated testing
• Security scanning
• Sustainable funding model

Business Drivers¶

Cost Optimization¶

• Reduce deployment costs by 70-90% compared to commercial PaaS
• Eliminate per-application pricing models
• Optimize resource utilization through containerization

Developer Productivity¶

• Reduce deployment time from hours to minutes
• Eliminate DevOps complexity for small teams
• Provide intuitive UI and powerful CLI/API

Compliance and Security¶

• Enable on-premise deployment for regulated industries
• Provide full audit trail
• Support data sovereignty requirements
• Implement security best practices by default

Flexibility and Control¶

• Support multiple deployment methods (Git, Docker, Docker Compose)
• Enable custom build processes
• Allow fine-grained resource control
• Support multi-server deployments

Architecture Principles¶

1. Open-Source First¶

Statement: All core functionality must be available in the open-source version.

Rationale: Ensures community trust, enables contributions, and prevents vendor lock-in.

Implications: - No feature paywalls for core deployment functionality - Open development process - Community-driven roadmap

2. Self-Hosting Capable¶

Statement: The platform must be fully functional when self-hosted.

Rationale: Enables cost savings, data sovereignty, and user control.

Implications: - No cloud-only dependencies - Manageable resource requirements - Single-server deployability

3. Security by Design¶

Statement: Security must be integrated at every architectural layer.

Rationale: Protects user applications and data, enables compliance.

Implications: - Encryption at rest and in transit - Principle of least privilege - Regular security audits - Fast vulnerability patching

4. Developer Experience Focus¶

Statement: Optimize for developer productivity and ease of use.

Rationale: Reduces adoption barriers, increases user satisfaction.

Implications: - Intuitive UI design - Comprehensive documentation - Minimal configuration required - Fast feedback loops

5. Cloud-Native Architecture¶

Statement: Leverage containerization and orchestration best practices.

Rationale: Enables scalability, portability, and modern deployment patterns.

Implications: - Docker-first approach - Microservices-friendly - Infrastructure as code - Declarative configuration

6. API-First Design¶

Statement: All functionality must be accessible via API.

Rationale: Enables automation, integration, and programmatic control.

Implications: - Complete REST API - CLI tool based on API - Webhook support - OpenAPI documentation

7. Cost-Effectiveness¶

Statement: Minimize infrastructure resource requirements.

Rationale: Reduces operational costs for users.

Implications: - Efficient resource utilization - Optional external dependencies - Minimal overhead - Smart caching strategies

8. Observability¶

Statement: Provide comprehensive visibility into system and application behavior.

Rationale: Enables troubleshooting, performance optimization, and proactive monitoring.

Implications: - Real-time metrics - Centralized logging - Performance monitoring - Audit trails

Scope and Boundaries¶

In Scope¶

Core Platform Services¶

• Application deployment and lifecycle management
• Database creation and management
• Domain and SSL certificate management
• Multi-server orchestration
• User authentication and authorization
• Monitoring and logging
• Backup and restore capabilities

Supported Technologies¶

• Git providers: GitHub, GitLab, Bitbucket, Gitea
• Build systems: Nixpacks, Heroku Buildpacks, Dockerfile
• Databases: PostgreSQL, MySQL, MariaDB, MongoDB, Redis
• Container orchestration: Docker Swarm
• Reverse proxy: Traefik v3

Deployment Targets¶

• Linux servers (Ubuntu, Debian, CentOS, RHEL, Amazon Linux)
• Virtual Private Servers (VPS)
• Cloud instances (AWS EC2, DigitalOcean, etc.)
• On-premise servers
• Edge locations

Out of Scope¶

Not Included in Core Platform¶

• Kubernetes orchestration (roadmap: Q1 2025)
• Windows/macOS native support
• Managed database hosting
• CDN services
• Email services
• Object storage (users provide S3-compatible)
• DNS hosting (users manage DNS)

External Dependencies¶

• Git repository hosting (GitHub, GitLab, etc.)
• Domain registrars
• SSL certificate authorities (Let's Encrypt)
• Docker registry (Docker Hub, GHCR)
• S3-compatible storage for backups (optional)

Architecture Constraints¶

Technical Constraints¶

1. Docker Dependency: Requires Docker 28.5.0+ on Linux
2. Linux Only: No native Windows or macOS support for hosting
3. Port Requirements: Ports 80, 443, 3000 must be available
4. Resource Minimum: 2GB RAM, 2 CPU cores, 20GB disk
5. Network Access: Requires outbound internet for Git, registries, packages

Business Constraints¶

1. Open-Source License: Must remain open-source (permissive license)
2. No Vendor Lock-in: Users must be able to export and migrate freely
3. Community-Driven: Major decisions require community input
4. Free Self-Hosting: Core features free forever for self-hosters

Regulatory Constraints¶

1. GDPR Compliance: For EU users
2. CCPA Compliance: For California users
3. Data Residency: Support data sovereignty requirements
4. Security Standards: OWASP Top 10, CIS Docker Benchmark

Success Metrics¶

Adoption Metrics¶

• GitHub Stars: 30k+ (current: 26k)
• Docker Hub Pulls: 5M+ (current: 4M)
• Active Installations: 10k+
• Monthly Active Users: 50k+
• Community Contributors: 300+ (current: 200+)

Performance Metrics¶

• Average Deployment Time: <5 minutes
• Deployment Success Rate: >95%
• API Response Time (P95): <200ms
• UI Load Time (P95): <2 seconds
• Platform Uptime: >99.9%

User Satisfaction¶

• Net Promoter Score (NPS): >50
• Customer Satisfaction (CSAT): >4.5/5
• Time to First Deployment: <10 minutes
• Documentation Completeness: >90%

Business Metrics¶

• Cloud Revenue Growth: 20% MoM
• Sponsor Count: 100+ (current: 50+)
• Enterprise Customers: 20+
• Cost Savings vs Heroku: 70-90%

Key Architecture Decisions¶

Foundational Choices¶

1. Docker Swarm for orchestration (vs Kubernetes)
2. Rationale: Simpler, lighter weight, easier for self-hosting

3. Trade-off: Less ecosystem, but sufficient for target use cases

4. Next.js for unified frontend/backend

5. Rationale: Reduces complexity, enables SSR, single codebase

6. Trade-off: Coupling, but better DX and faster development

7. PostgreSQL as primary database

8. Rationale: Mature, reliable, feature-rich, widely known

9. Trade-off: Single database type, but well-suited for use case

10. Traefik as reverse proxy

11. Rationale: Dynamic configuration, Docker integration, modern features

12. Trade-off: Learning curve, but excellent for container environments

13. Redis for queue management

14. Rationale: Fast, reliable, prevents concurrent deployment conflicts
15. Trade-off: Additional dependency, but minimal overhead

Architecture Roadmap¶

Phase 1: Foundation (Current)¶

• Core deployment functionality
• Basic monitoring and logging
• Single-server deployments
• Essential security features

Phase 2: Scale (Q1-Q2 2025)¶

• Multi-server orchestration
• Advanced monitoring
• Organizations and RBAC
• Build server separation

Phase 3: Enterprise (Q2-Q3 2025)¶

• Kubernetes support
• SSO integration
• Advanced compliance features
• Audit logging

Phase 4: Innovation (Q3-Q4 2025)¶

• AI-powered optimizations
• Edge deployments
• Serverless functions
• GraphQL API

Risks and Mitigations¶

High-Priority Risks¶

Risk 1: Docker Swarm Deprecation¶

• Probability: Low
• Impact: High
• Mitigation: Monitor Docker roadmap, plan Kubernetes migration, ensure abstraction layer

Risk 2: Security Vulnerabilities¶

• Probability: Medium
• Impact: High
• Mitigation: Regular audits, automated scanning, fast patch cycle, bug bounty

Risk 3: Community Sustainability¶

• Probability: Medium
• Impact: High
• Mitigation: Diversify funding, active maintainer recruitment, clear governance

Medium-Priority Risks¶

Risk 4: Database Scalability¶

• Probability: Medium
• Impact: Medium
• Mitigation: Connection pooling, read replicas, sharding strategy

Risk 5: Competition¶

• Probability: High
• Impact: Medium
• Mitigation: Focus on unique value (self-hosting, cost, control), rapid innovation

Next Steps¶

1. Validate Vision: Review with key stakeholders and community
2. Develop Business Architecture: Detail capabilities and value streams
3. Create C4 Diagrams: Document system context and containers
4. Document ADRs: Capture key architectural decisions
5. Establish Governance: Set up architecture review process

References¶

• Product Requirements Document (PRD): docs/product-requirements-document.md
• TOGAF 9.2 Architecture Development Method
• C4 Model for Software Architecture
• The Twelve-Factor App methodology

Document Owner: Architecture Team
Reviewers: Engineering, Product, Community
Next Review: Q1 2025
Related Documents: PRD, Stakeholder Analysis, Architecture Principles