How to Set Up Coolify on AWS EC2: Complete Self-Hosting Guide
By Braincuber Team
Published on March 6, 2026
We spent $4,700 last year on Heroku, Netlify, and Vercel combined for a client running 11 microservices. Switched the entire stack to a self-hosted Coolify instance on a single AWS EC2 box. Monthly cost dropped to $47. Coolify is an open-source, self-hostable platform that replaces paid PaaS providers entirely — you get containers, databases, automatic SSL, GitHub deployments, and a full management dashboard running on your own infrastructure. This complete tutorial walks you through spinning up an EC2 instance from scratch, locking down the security group, installing Coolify via a single bash command, and deploying your first website from a GitHub repo. No prior DevOps experience required.
What You'll Learn:
- Launching an AWS EC2 instance with Ubuntu 24.04 LTS and the correct instance type for Coolify's minimum requirements.
- Configuring EC2 security group inbound rules to allow SSH, HTTP, HTTPS, and Coolify's port 8000 traffic.
- Installing Coolify on the EC2 instance using the official one-line install script via SSH.
- Accessing the Coolify admin dashboard remotely using the EC2 public IP address on port 8000.
- Deploying a static website from a public GitHub repository directly through the Coolify interface.
Coolify vs Paid PaaS Providers — The Real Numbers
Everyone defaults to Heroku or Vercel because signup takes 30 seconds. But that convenience costs you $7–$25/month per app, and those fees compound fast when you are running multiple services. Here is what the actual cost comparison looks like when you self-host.
| Platform | Monthly Cost (5 Apps) | Control Level |
|---|---|---|
| Heroku | $125–$250/month (Eco + Basic dynos) | Limited — vendor-locked runtime |
| Vercel Pro | $20/seat + usage overages | Limited — Next.js optimized only |
| Netlify Pro | $19/member + bandwidth caps | Limited — static/JAMstack focus |
| Coolify on EC2 (t2.medium) | ~$33.41/month (EC2 only) | Full — root access, any stack |
| Coolify on EC2 (t3.medium Reserved) | ~$24.82/month (1yr commitment) | Full — root access, any stack |
Minimum Server Requirements for Coolify
Do not try to run Coolify on a t2.micro or t3.micro Free Tier instance. It will choke. Coolify containers, the management dashboard, and Docker itself require more than the 1 GB RAM those instances provide. Here are the hard minimums.
| Resource | Minimum Requirement | Recommended for Production |
|---|---|---|
| CPU | 2 cores | 4+ cores |
| RAM | 2 GB | 4+ GB |
| Storage | 30 GB | 50+ GB SSD |
| OS | Ubuntu 22.04/24.04 LTS (64-bit) | Ubuntu 24.04 LTS |
| Architecture | AMD64 or ARM64 | AMD64 (x86_64) |
Do NOT Use Free Tier Instances
The t2.micro and t3.micro instances (AWS Free Tier eligible) only provide 1 vCPU and 1 GB RAM. Coolify's Docker containers, PostgreSQL database, and management UI will consume more than 1.5 GB at idle. Use t2.medium (2 vCPU, 4 GB RAM) as the absolute minimum or your installation will hang during the setup script.
Step by Step Guide to Setting Up Coolify on AWS EC2
Launch an EC2 Instance with Ubuntu 24.04 LTS
Sign in to the AWS Management Console and navigate to EC2 → Launch Instance. Give the instance a descriptive name (for example, coolify-production). Under Amazon Machine Image (AMI), select Ubuntu Server 24.04 LTS with 64-bit (x86) architecture. For Instance type, select t2.medium (2 vCPU, 4 GB RAM) — this meets Coolify's minimum hardware requirements. Create a new RSA key pair and download the .pem file immediately. Store this file securely — you cannot download it again. Set the root volume storage to at least 50 GB of gp3 SSD. Under Network settings, check all three boxes: Allow SSH traffic, Allow HTTPS traffic from the internet, and Allow HTTP traffic from the internet. Click Launch instance and wait 30–60 seconds for the instance to reach the running state.
Configure the Security Group for Coolify Port 8000
Go to the Instances tab, click on your newly created EC2 instance, and find the associated Security Group name (it usually looks like launch-wizard-X). Navigate to Security Groups in the left sidebar, click on that security group ID, and select Edit inbound rules. Add a new rule with Type set to Custom TCP, Port range set to 8000, and Source set to Anywhere-IPv4 (0.0.0.0/0). Click Save rules. This opens port 8000 so you can access the Coolify dashboard from any browser. Without this rule, the dashboard will be completely inaccessible even after successful installation.
Connect to the EC2 Instance via SSH
There are two ways to connect. Option A (Browser): Select the instance in the EC2 dashboard, click Connect, keep the default EC2 Instance Connect tab selected, and click Connect again to open a terminal in your browser. Option B (Local Terminal): Open your terminal, navigate to where you saved the .pem key file, run chmod 400 your-key.pem to set permissions, then run ssh -i "your-key.pem" ubuntu@YOUR_PUBLIC_IP. Note the Public IPv4 address from the instance details — you will need it for both SSH and Coolify access later.
# Set .pem key permissions (required on Linux/Mac)
chmod 400 your-key-name.pem
# Connect to EC2 via SSH
ssh -i "your-key-name.pem" ubuntu@YOUR_EC2_PUBLIC_IP
# Example with actual IP
ssh -i "coolify-key.pem" ubuntu@54.123.45.67
Install Coolify Using the Official Install Script
Once connected to the EC2 terminal, run the official Coolify installation command: curl -fsSL https://cdn.coollabs.io/coolify/install.sh | sudo bash. If you are using ZSH instead of Bash, replace sudo bash with sudo zsh. The script automatically installs Docker, Docker Compose, PostgreSQL, and all Coolify dependencies. Follow the prompts in the terminal. Depending on your instance type, installation takes 3–7 minutes on a t2.medium. Wait until you see the "Congratulations!" message confirming successful installation. Do not interrupt the process or close the terminal window.
# Official Coolify one-line install (Bash)
curl -fsSL https://cdn.coollabs.io/coolify/install.sh | sudo bash
# Alternative for ZSH terminals
curl -fsSL https://cdn.coollabs.io/coolify/install.sh | sudo zsh
Access the Coolify Dashboard via Public IP
Open a browser and navigate to http://YOUR_EC2_PUBLIC_IP:8000. The first time you access this URL, Coolify presents a registration page. Create your admin account — the first user registered automatically becomes the administrator. You can change roles and add team members later through the Coolify settings panel. Complete the onboarding wizard or skip it to go directly to the dashboard. Your Coolify instance is now fully operational and accessible from any device with internet access.
Deploy a Website from a GitHub Repository
In the Coolify dashboard, click Projects → +Add to create a new project. Give it a name and description, then click Production. For a public repo, select Public Repository as the source. Paste the GitHub repository URL and click Check repository. Coolify auto-detects the project configuration. For static sites, change the build pack to Static. For Node.js apps, it detects the package.json automatically. Click Continue, then hit Deploy. Monitor the build logs in real time. After successful deployment, find the auto-generated URL under the Links tab. You can add custom domains or subdomains through the project settings at any time.
Why Self-Hosting Coolify Beats Managed PaaS
Coolify is not just a cheaper alternative. It fundamentally changes your infrastructure control surface. You own the server, the data, and the deployment pipeline. No vendor lock-in. No surprise bandwidth charges. No "fair use" throttling.
Predictable Fixed Costs
A t2.medium EC2 instance costs ~$33.41/month on-demand. Deploy 5 apps or 50 apps on it — the monthly bill stays the same. No per-app fees, no bandwidth surcharges, no surprise invoices at the end of the month.
Full Data Ownership
Your application data, databases, environment variables, and deployment logs live on infrastructure you control. No third-party platform has access unless you explicitly grant it. Compliant with GDPR, HIPAA, and SOC2 data residency requirements by default.
Any Stack, Any Language
Coolify supports Docker-based deployments for Node.js, Python, Go, Rust, PHP, Ruby, Java, and static sites. It also runs PostgreSQL, MySQL, MongoDB, Redis, and other databases as managed services inside the same EC2 instance.
Auto SSL and Custom Domains
Coolify automatically provisions Let's Encrypt SSL certificates for every deployed application. Point your DNS to the EC2 public IP, add the domain in Coolify project settings, and HTTPS is live within 60 seconds. No Cloudflare configuration needed.
Security Group Rules Reference
Getting the security group wrong is the most common reason Coolify "installs fine but the dashboard won't load." Here is the exact inbound rule configuration your EC2 security group needs.
Rule 1 → Type: SSH | Port: 22 | Source: Your IP (or Anywhere)
Rule 2 → Type: HTTP | Port: 80 | Source: Anywhere-IPv4 (0.0.0.0/0)
Rule 3 → Type: HTTPS | Port: 443 | Source: Anywhere-IPv4 (0.0.0.0/0)
Rule 4 → Type: Custom TCP | Port: 8000 | Source: Anywhere-IPv4 (0.0.0.0/0)
Restrict SSH Access in Production
For production deployments, never leave SSH (port 22) open to Anywhere (0.0.0.0/0). Restrict it to your specific IP address or a VPN CIDR block. Open SSH ports are actively scanned by bots within minutes of instance launch. Combine with key-pair-only authentication and disable password login in /etc/ssh/sshd_config.
Frequently Asked Questions
Can I run Coolify on an AWS Free Tier t2.micro instance?
No. The t2.micro provides only 1 vCPU and 1 GB RAM. Coolify's Docker containers, internal PostgreSQL database, and web UI require at least 2 GB RAM at idle. Use a t2.medium (4 GB RAM) as the minimum or the install script will hang or fail mid-process.
How much does running Coolify on EC2 cost per month?
A t2.medium on-demand instance in us-east-1 costs approximately $33.41/month. With a 1-year Reserved Instance commitment, that drops to ~$24.82/month. Add $4–$5/month for 50 GB gp3 EBS storage. Total: roughly $29–$38/month for unlimited app deployments.
Can I deploy private GitHub repositories through Coolify?
Yes. When adding a resource in Coolify, select "Private repository with GitHub App" or "With deploy key" instead of "Public Repository." Coolify supports GitHub App integrations and SSH deploy keys for secure access to private repos without exposing credentials.
What happens if I lose the EC2 .pem key file?
AWS does not let you re-download key pairs. If you lose the .pem file, you must stop the instance, detach the root volume, attach it to a temporary instance, add a new public key to the authorized_keys file, then reattach and restart. Always store the .pem file in a secure password manager immediately after creation.
Does Coolify handle SSL certificates automatically?
Yes. Coolify integrates with Let's Encrypt and automatically provisions free SSL certificates for every application you deploy with a custom domain. Point your domain's DNS A record to the EC2 public IP, add the domain in Coolify's project settings, and HTTPS activates within seconds.
Need Production-Grade Cloud Infrastructure?
Self-hosting Coolify on a single EC2 instance works for dev environments and small-scale production. But scaling to multi-region deployments with proper VPC isolation, automated backups, load balancing, and CI/CD pipelines requires architecture decisions that cost $17,500+ to fix if you get them wrong the first time. Braincuber designs AWS environments that run Coolify, Kubernetes, or custom Docker stacks at enterprise scale — without the enterprise price tag.