Docker lets you run applications in isolated containers without worrying about conflicting dependencies. On a VPS, it also makes deployment and cleanup much easier โ you spin up a container, use it, and remove it without touching the host system. Here's how to get it running.
Installing Docker the right way
Don't use apt install docker.io โ that installs an outdated version from Debian's repos. Use Docker's official install script instead:
curl -fsSL https://get.docker.com | sh
This installs the latest stable Docker Engine. Verify it worked:
docker --version
docker run hello-world
Install Docker Compose
apt install -y docker-compose-plugin
docker compose version
Does Docker work on a NAT VPS / LXC container?
This is the important question. Docker inside LXC requires the host to have enabled nesting and specific kernel features for your container. On NATBox, if you need Docker, use the Micro or Small plan and request Docker support when ordering โ mention it in the notes. Basic Docker works; some advanced networking features may be limited by the LXC layer.
For most self-hosted apps, you don't need Docker at all โ native installs on Debian are simpler, lighter, and just as manageable with systemd.
What to run first โ lightweight Docker apps
1. Portainer (Docker management UI)
docker volume create portainer_data
docker run -d -p 8000:8000 -p 9443:9443 --name portainer --restart=always -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer-ce:latest
2. Nginx Proxy Manager
version: '3'
services:
app:
image: jc21/nginx-proxy-manager:latest
ports:
- "80:80"
- "81:81"
- "443:443"
volumes:
- ./data:/data
- ./letsencrypt:/etc/letsencrypt
3. Vaultwarden (self-hosted Bitwarden)
docker run -d --name vaultwarden -v /opt/vaultwarden/:/data/ -p 8080:80 --restart unless-stopped vaultwarden/server:latest
Managing containers with systemd
Add --restart unless-stopped to any docker run command. Docker will automatically restart containers after a reboot without needing a separate systemd service file.
How much RAM does Docker itself use?
The Docker daemon uses around 30โ50MB of RAM at idle. Each container adds its own footprint on top. On a 512MB Micro VPS, you can comfortably run two or three lightweight containers. For Docker-heavy workloads, the Small plan (1GB) gives you much more breathing room.