Secure a server,
deploy in two commands
A self-hosted, multi-tenant PaaS in a single Go binary — and the control plane for Grit Cloud. Go from a bare, unsecured VPS to a hardened box running a live, migrated, HTTPS app.
$ grit cloud initTwo commands, zero config
grit cloud init secures the box and installs Orbita. grit deploy ships your app — built, migrated, live over HTTPS.
True multi-tenancy
Per-org Docker networks, AES-256 keys, cgroup v2 CPU/RAM quotas, and 4-role RBAC. Run every client on one cheap box — they never see each other.
Secure by the first command
grit cloud init hardens the server — deploy user, SSH keys, locked-down root, UFW, Fail2ban — then installs Orbita on your HTTPS subdomain.
Grit-aware, zero-config
A Grit app has a known shape. Orbita builds each service from the Dockerfiles Grit ships, provisions Postgres/Redis/MinIO, and wires domains.
Migrations under a lock
Deploys build, then run migrations under a Postgres advisory lock before cutover. A failed migration aborts — never a schema-mismatched cutover.
$ grit cloud init
✔ Server hardened (score 94/100)
✔ Orbita live at https://orbita.example.com$ grit deploy --host prod
✔ Migrations applied (advisory lock)
✔ Live
App: https://rental.example.com
API: https://api.rental.example.com
git push → auto-deploys via webhookHow it fits together
Your CLI and browser talk to one Go binary. It drives Traefik, Postgres, Redis, and Docker Swarm on the host — every org fully isolated.
Entry points
The grit CLI (over an orb_ token) and the embedded dashboard both hit the same REST API — nothing else is exposed.
One control plane
A single ~30 MB Go binary: Gin router → services → GORM, plus the orchestrator that speaks the Docker SDK and writes Traefik config.
Backing services
Postgres holds metadata + encrypted secrets, Redis handles cache and rate limits, and Swarm runs every workload with rolling updates.
Built for one box, many clients
True isolation, automatic HTTPS, and observability — without a heavy control plane.
One ~30 MB binary
The Go control plane embeds the React dashboard and idles under 50 MB of RAM — leaving nearly all of your server for the apps you run.
HTTPS by default
Traefik v3 with automatic Let’s Encrypt, HTTP→HTTPS redirect, and per-app routing generated from grit.yaml. Only the proxy binds the public host.
Observable from day one
Pulse (latency/SQL/errors) and Sentinel (WAF/rate-limit/anomaly) mount on every Grit app by default. Live logs, metrics, in-browser terminal.
Push to deploy
After the first deploy, every git push to your branch redeploys via webhook. The CLI becomes optional — the platform keeps shipping.
Isolated secrets
Each org’s secrets are encrypted with an AES-256 key HKDF-derived from a master key + org ID — never the master key directly.
Beginner-first CLI
Interactive by default: the wizard asks what it needs and does the rest. Flags stay available for CI and scripting when you want them.
Secure a VPS and ship a full-stack app in two commands.
Self-hosted on a cheap box, with true isolation, migrations, and observability. That’s Grit Cloud.