Terrarium

Appearance

TerrariumComplex infrastructure made incredibly simple. Turn any VPS into a secure, forgiving home for your apps and AI agents.

Give each workload its own isolated container, keep everything private by default, and publish only what you need. With built-in web dashboards, automated SSL, single sign-on, and a time machine to undo mistakes, managing your server has never been simpler.

Get Started
See Guides
Security Model
Terrarium

πŸ” Security Made Simple

Terrarium hardens your VPS automatically. Your apps sit in a private network, safe from internet noise and random scans. You only expose what you explicitly choose to publish.

βͺ The Built-In Time Machine

Never fear a broken update again. ZFS snapshots let you roll your environments backward in small steps. Made a mistake? Just rewind. Off-site S3 backups offer total peace of mind.

🌐 Effortless Publishing

Route your apps to the web through Traefik with automatic SSL certificates. Lock down private dashboards and tools with built-in Single Sign-On (OIDC).

πŸ–₯️ Visual Dashboards

You don't have to live in the terminal. Manage your server, containers, and network traffic through beautiful, built-in web interfaces like Cockpit and the LXD UI.

πŸ€– Perfect for AI Agents

Give autonomous agents like OpenClaw or Hermes a real environment to work in. If they make a mess, your host stays safe, and you can instantly reset their sandbox.

🐳 Beyond Basic Docker

Run multi-service Compose stacks, databases, and background workers in isolated LXC containers instead of tangling everything together on your host OS.

Why you'll love it

One server. Total isolation. Zero stress.

Managing a server shouldn't require a PhD in systems engineering. Terrarium is built for tech enthusiasts who want the power of a dedicated VPS without the anxiety of breaking it. Every app, AI agent, or development environment gets its own isolated container. The host stays pristine, and recovery is as easy as clicking "undo".

The Terrarium Difference

  • Mistake-proof: If an agent breaks an environment, step back through automated snapshots instead of starting over.
  • Clean organization: Keep complex databases, Redis caches, and web workers neatly bundled inside a single private container.
  • Secure access: Host a browser-based IDE or internal dashboard and protect it with enterprise-grade Single Sign-On with just a label.

Safety by Default ​

The best part of Terrarium isn't just what it can doβ€”it's how safe it feels to use.

By default, your containers are not exposed to the internet. They live on a private network managed by Terrarium. This means:

  • Random internet bots can't scan or poke at your internal services.
  • A database listening on 0.0.0.0 inside a container is still entirely private.
  • You can run complex, multi-tier applications and only expose the specific web frontend you want people to see.

It's advanced security without the complex configuration. You get to move fast and experiment, knowing your infrastructure is guarding your back.

What Can You Run? ​

VSCodium Web IDESpin up browser-based coding environments with their own filesystems, completely isolated and protected by SSO.AI Agents (OpenClaw)Give agents a real, capable sandbox to explore and execute tasks, while keeping your host OS totally off-limits.Docker Compose StacksDeploy complex apps with databases and workers inside a single time-machine-enabled container.HermesRun background agent services privately and expose only the user interface to the web.

Visual Management

See everything at a glance.

While Terrarium is incredibly friendly to the command line, it's also built for people who prefer a visual approach to server management.

  • Cockpit: Your mission control for host administration, system logs, and storage health.
  • LXD UI: A sleek interface to create containers, manage networks, and instantly restore snapshots.
  • Traefik Dashboard: Watch your live network routing and ensure your traffic is flowing exactly where it should.

Take the visual tour in our Management GUIs guide.

What's Under the Hood?

Powerful open-source tools, orchestrated beautifully.

  • LXD for lightweight, lightning-fast containers
  • OpenZFS for instant snapshots and data integrity
  • Traefik for dynamic routing and automated SSL
  • Cockpit for host-level visual administration
  • OAuth2-Proxy & ZITADEL for seamless Single Sign-On
  • Sanoid for automated backup retention

Ready to Start? ​

Getting StartedStep-by-step installation, storage setup, and domain configuration.Storage StrategyHow to size your VPS and use block storage for the best experience.Provider GuidesLaunch the perfect VPS on DigitalOcean, Vultr, Hetzner, or Hostinger.Security ModelUnderstand how Terrarium's private-by-default architecture protects you.Command ReferenceExplore the CLI tool for backups, restores, and system reconfiguration.

Built with VitePress

Terrarium