Self-hosted continuous deployment for Docker Compose stacks, honestly reviewed. What you actually get when you skip ArgoCD and want git push → deploy.

TL;DR

What it is: A lightweight Apache-2.0 GitOps daemon that watches a Git repo and automatically deploys Docker Compose stacks and Swarm stacks via webhooks or polling [1].
Who it’s for: Solo developers, small teams, and self-hosters running Docker Compose who want automated GitOps deploys without adopting Kubernetes or paying for a PaaS [1].
Cost: $0 in licensing (Apache-2.0). Runs as a container on the same VPS as your stacks — minimal additional infrastructure [1].
Key strength: Genuinely minimal footprint. Built in Go with a distroless image, low RAM and CPU overhead, and a narrow scope that means it gets out of your way [1].
Key weakness: 1,192 GitHub stars, 36 forks [2]. This is a small project with one primary maintainer and essentially no third-party review coverage. Production bets require realistic eyes open.

What is Doco-CD

Doco-CD is a GitOps daemon for Docker Compose. You point it at a Git repository containing a docker-compose.yml, configure a webhook from your Git provider or set a polling interval, and it pulls changes and re-deploys automatically whenever the repo updates [1].

The project describes itself as “a simple Portainer or ArgoCD alternative for Docker” [1]. That framing is accurate and honest. Portainer is a full-blown Docker management GUI with user accounts, RBAC, and a web dashboard. ArgoCD is a Kubernetes-native GitOps platform. Doco-CD is neither — it’s a focused daemon that does one job: watch a repo, detect changes, run docker compose up [1].

Beyond bare deploys, it handles encrypted secrets via SOPS (Mozilla’s encrypted secrets format) so you’re not storing credentials in plaintext Git YAML. It also exposes Prometheus metrics, sends notifications, and supports Docker Swarm mode in addition to plain Compose projects [1]. For observability it plugs into whatever monitoring stack you already have [3].

The project is written in Go (99.1% of the codebase), uses a distroless base image, and runs CodeQL static analysis and image vulnerability scanning as part of its CI pipeline [2]. As of the v0.76.0 release in March 2026, it has shipped 175 releases [2] — that’s an active development cadence for a project of this size.

Why people choose it

Independent third-party reviews of Doco-CD don’t exist in any meaningful volume. With 1,192 GitHub stars and 36 forks [2], the project sits in the “known in specific circles” tier rather than the “covered by every DevOps blog” tier. The honest statement is: you’re making a tooling bet with less community validation than you’d get for Portainer or Watchtower. That’s worth acknowledging upfront.

What the GitHub discussions and issue tracker reflect is a consistent user profile. Docker Compose operators who’ve looked at the alternatives and found them wrong-sized.

The most common alternative comparison is Portainer. Portainer Community Edition is free, but its GitOps feature — deploying a stack automatically from a Git source — is gated behind Portainer Business Edition, which charges per-node. For someone running three compose stacks on a Hetzner VPS who just wants git push to trigger a redeploy, Portainer Business is overhead they’re not looking for. Portainer CE handles manual deploys, not automated ones.

ArgoCD and Flux are the “correct” answers in Kubernetes-land — mature, well-reviewed, heavily adopted. But non-technical founders and indie developers running Docker Compose aren’t in Kubernetes-land, and the entire Kubernetes GitOps toolchain is irrelevant and intimidating at that scale. Doco-CD fills the gap that ArgoCD doesn’t cover and that Portainer CE left open [1].

The SOPS integration is what separates it from simpler webhook-trigger scripts. Encrypted secrets in Git is the right production pattern for GitOps — your repo becomes the single source of truth including credentials, encrypted at rest — and most minimal tooling at this level skips it entirely [1][3].

Features

Based on the README, repository, and wiki [1][2][3]:

Deployment triggers:

Webhook-based: your Git provider posts a push event to Doco-CD, which triggers a pull and redeploy [1]
Polling: Doco-CD checks the repo on a configurable interval; useful when inbound webhooks aren’t available [1]
Both modes can run simultaneously on different projects

Git and compose support:

Multiple Git providers supported — GitHub, GitLab, Gitea, and others documented in the wiki [3]
Standard Docker Compose projects (docker-compose.yml / compose.yaml) [1]
Docker Swarm stacks in Swarm mode [1]

Secrets management:

External secret management provider integrations — documented in the wiki [3]
SOPS encryption: encrypt secrets in your Git repo; Doco-CD decrypts on deploy [1][3]
Private repo support via deploy keys or credentials

Observability:

Prometheus metrics endpoint [1][3]
Notifications support with configurable channels [3]
REST API [4]

Infrastructure characteristics:

Single Go binary in a distroless container image — no shell, no package manager in the container [1]
Minimal RAM and CPU requirements; negligible overhead on a shared VPS [1]
CodeQL analysis + image vulnerability scanning in CI [2]

What isn’t there:

No web dashboard — this is a daemon configured via YAML and operated via API
No user management, RBAC, or multi-tenant access control
No built-in rollback logic — Git history is your rollback mechanism; automated rollback on failure isn’t documented [1]
No integrated CI pipeline steps; it deploys, doesn’t build or test

Pricing: self-hosted math

There is no SaaS version of Doco-CD. Apache-2.0 [1] means you self-host it, there’s nothing to subscribe to, and no commercial license tier exists.

Total cost to run Doco-CD: whatever fraction of your VPS bill covers a low-memory Go container — in practice, negligible.

What alternatives cost, for context:

Tool	Licensing	Git-triggered deploy
Doco-CD	$0 (Apache-2.0)	Yes — core feature [1]
Portainer CE	$0	No — manual only
Portainer Business	Per-node paid (see their site)	Yes
Coolify	$0 self-hosted / ~$5/mo cloud	Yes
Kamal	$0 (MIT)	Via CI integration

The direct financial case for Doco-CD over Portainer Business: if your requirement is Git-triggered compose deploys on one or two hosts, Portainer Business includes a full management UI, user accounts, edge agents, and enterprise features you’re not using. Doco-CD delivers the single feature you need for free, with no additional complexity [1].

Deployment reality check

The setup is documented in the wiki [3]. Short version: run Doco-CD as a Docker container (there’s a reference docker-compose.yml in the repo [2]), point it at your Git repo, configure a .doco-cd.yaml in each project repo, wire up webhooks or polling. The project has its own .doco-cd.yaml checked in as an example of real configuration [2].

What you actually need:

A Linux server already running Docker (assumed if you’re running compose stacks)
Git credentials or a deploy key for private repos
Inbound webhook endpoint reachable from your Git provider, OR outbound internet for polling
SOPS setup if using encrypted secrets (adds meaningful learning curve for first-timers)

What can go sideways:

The most significant risk is maintenance concentration. The repository shows 19 contributors total, but commit history reflects one primary maintainer [2]. If that maintainer goes quiet, the project maintenance stops. With 36 forks [2], the community backup surface is thin — if you hit an edge case, you’re opening a GitHub issue, not finding a Stack Overflow thread with 12 answers.

There’s no documented automated rollback. The GitOps mental model says the Git history is your rollback — revert the commit, Doco-CD re-deploys. But there’s no observable rollback-on-failure behavior in the feature list [1]. A bad compose config that deploys and kills your service means manual intervention.

SOPS is powerful but not trivial. Encrypted secrets in Git is a real production pattern, and the wiki covers it [3], but it requires understanding key management (age, GPG, cloud KMS). For teams new to it, budget extra setup time.

Swarm mode support is real, but Docker Swarm is itself a niche relative to Kubernetes and even plain Compose at this point — you’re stacking two niche choices.

Realistic setup time: 30–60 minutes for a developer comfortable with Docker who has a working compose stack and a Git repo. That covers reading the wiki, running the daemon container, adding .doco-cd.yaml to a project repo, and wiring one webhook. Budget extra for SOPS setup if you need it.

Pros and cons

Pros

Apache-2.0 license — fully permissive. Self-host, fork, embed, use commercially. No CLAs, no “fair-code” restrictions [1].
Genuinely minimal — Go binary, distroless image, low resource overhead. Runs alongside your stacks without noticeably affecting them [1].
SOPS-native — encrypted secrets in Git is the right GitOps pattern; most tools at this weight class skip it entirely [1][3].
Prometheus metrics built in — integrates with an existing Grafana/alerting stack without additional work [1][3].
Polling + webhooks — handles both, which matters on networks where inbound webhooks are blocked [1].
175 releases as of March 2026 [2] — the maintainer is actively shipping.
Security-conscious build pipeline — distroless image, CodeQL, image vulnerability scanning, SOPS — signals this isn’t a weekend throwaway [2].
Docker Swarm support — rare in GitOps tooling; one of the few options for Swarm operators who don’t want to migrate to Kubernetes [1].

Cons

Single-maintainer risk. Primary development concentrated on one person, 36 forks [2]. Bus factor matters if you’re relying on this tool in production.
No web UI. Configuration is files, management is API. Teams that need a dashboard should look at Coolify or Portainer.
No automated rollback. Deploy failures require manual git-revert + push intervention; no built-in failure recovery [1].
Minimal community surface. No third-party tutorials, no Reddit threads, no Stack Overflow coverage to speak of. You debug with the wiki and GitHub issues.
1,192 stars and 36 forks [2] — small validation footprint relative to comparable tools (Watchtower: 22k+ stars; Coolify: 40k+). Not disqualifying, but signals production risk for mission-critical deployments.
No integrated CI steps. Doco-CD deploys; it doesn’t build images, run tests, or gate on approvals. Wiring in pre-deploy quality checks is entirely up to your external CI.

Who should use this / who shouldn’t

Use Doco-CD if:

You’re currently deploying compose stacks by SSH’ing in and running git pull && docker compose up -d, and you want to automate that without adopting Kubernetes.
You want Git push to trigger automatic redeploys, at zero licensing cost, with minimal overhead.
You’re comfortable with SOPS or willing to learn it for secrets management.
You already run a Prometheus stack and want deployment metrics without extra instrumentation.
You’re on Docker Swarm and need GitOps tooling that works with Swarm mode [1].

Skip it, use Coolify instead, if:

You want a full self-hosted PaaS — web UI, one-click app deploys, built-in databases, SSL certificates, backups, team access control. Coolify covers all of this with Git-triggered deploys included.
You or your team needs a graphical interface to manage deployments.

Skip it, use Portainer Business, if:

You want unified Docker management — container logs, resource graphs, user accounts, RBAC — and Git-triggered GitOps in one product, and the per-node cost fits your budget.

Skip it, use Watchtower, if:

Your specific need is auto-updating running containers when new image versions are published to a registry. That’s Watchtower’s exact job. Doco-CD handles compose config changes, not image version tracking.

Skip it entirely if:

You’re running Kubernetes. Doco-CD doesn’t apply; use ArgoCD or Flux.
You need deployment approval gates, audit trails, or multi-user access control. None of those exist here.

Alternatives worth considering

Coolify — the broadest self-hosted alternative. Open-source PaaS with a web dashboard, app marketplace, databases, SSL, and Git-triggered deploys built in. Much larger scope than Doco-CD; more to configure and maintain, but appropriate for teams who want one tool that does everything.
Portainer Business — full Docker management UI with GitOps stack deploys gated behind the paid tier. Right if you want unified management and can justify per-node pricing.
Watchtower — auto-updates containers when new images are pushed to a registry. Different problem than GitOps; often confused with Doco-CD but complementary rather than competing.
Kamal — Docker deployment tool from 37signals, CLI-driven and CI-integrated. Not a daemon; fits a different workflow where deployments are triggered by CI runs rather than Git webhooks.
ArgoCD — Kubernetes-native GitOps, mature, heavily reviewed. Irrelevant for Docker Compose, correct for Kubernetes.
Flux CD — same story as ArgoCD: Kubernetes-only.
Dokku — self-hosted Heroku-style PaaS. App-centric (git push, buildpacks) rather than compose-centric; different mental model.

For the specific problem Doco-CD solves — automated Git-triggered redeploy of Docker Compose stacks on a VPS — the realistic shortlist is Doco-CD vs Coolify. Coolify if you want a full PaaS UI and broader feature set. Doco-CD if you want something lightweight you configure once and forget.

Bottom line

Doco-CD solves a real problem that larger tools either ignore or put behind a paywall: GitOps for Docker Compose operators who have no interest in Kubernetes. The implementation is technically sound — Go binary, distroless image, SOPS integration, Prometheus metrics, webhook and polling support, 175 releases and counting [1][2]. The Apache-2.0 license means you own the deployment entirely [1]. The honest caveats are the small community footprint, single-maintainer concentration, and absence of third-party production stories to validate against. If you’re SSHing into a VPS to run git pull && docker compose up -d today, Doco-CD is a direct, free upgrade path. If you need a dashboard, approval workflows, or a project with thousands of production deployments backing it, Coolify or Portainer Business will serve you better.

Sources

Doco-CD GitHub README — “doco-cd - Docker Compose Continuous Deployment”. https://github.com/kimdre/doco-cd
Doco-CD GitHub repository — stars (1,192), forks (36), contributors (19+5), releases (175, v0.76.0 latest), language breakdown, CI pipeline badges. https://github.com/kimdre/doco-cd
Doco-CD GitHub Wiki — external secrets, SOPS encryption documentation, Git providers, Swarm mode, notifications, Prometheus endpoints. https://github.com/kimdre/doco-cd/wiki
Doco-CD merged profile — canonical feature tags including rest_api, webhooks, metrics, encryption. Structured repository metadata.

Features

Integrations & APIs

REST API
Webhooks

Analytics & Reporting

Metrics & KPIs

Security & Privacy

Encryption

Replaces

Related DevOps & Infrastructure Tools

View all 196 →

Coolify

52K

Self-hosting platform that deploys apps, databases, and services to your own server with a single click. Open-source alternative to Heroku, Netlify, and Vercel.

devops Apache-2.0