docker exec to run the dump command directly inside the container — no exposed port required.
How it works
When you add a connection and specify a container name, Capsule:- Runs
docker exec <container> <dump-command>inside the container - Streams the dump output to the host
- Encrypts and uploads the result — same as any other backup
pg_dump, mysqldump, mongodump) must be present inside the container. Most official database images include them by default.
Adding a Docker connection
In the Capsule TUI:- Choose your database type (Postgres, MySQL, MongoDB)
- Fill in the connection details (host, port, credentials) as normal
- In the Docker container field, enter the container name or ID
Find your container name
No exposed port needed
Because Capsule execs inside the container, the database port does not need to be published to the host (-p 5432:5432 is not required). This is safer — your database stays off the network.
Docker Compose
If you use Docker Compose, the container name is typically<project>_<service>_1 or <project>-<service>-1 depending on your Compose version.
Requirements
dockermust be available in the PATH of the user running Capsule- The Capsule user must have permission to run
docker exec(typically by being in thedockergroup)
capsule doctor to verify Docker access.
Troubleshooting
docker: permission denied
Add the Capsule user to the docker group and log out/back in:
exec: pg_dump: executable file not found in container
The dump tool is missing from the container image. Use a full database image (e.g., postgres:16) rather than a slim variant, or install the tools in the container.
Container not found
Double-check the container name with docker ps. The name is case-sensitive.