Open SourceMIT

Secure a server,
deploy in two commands

A self-hosted, multi-tenant PaaS in a single Go binary — and the control plane for Grit Cloud. Go from a bare, unsecured VPS to a hardened box running a live, migrated, HTTPS app.

Terminal
$ grit cloud init

Two commands, zero config

grit cloud init secures the box and installs Orbita. grit deploy ships your app — built, migrated, live over HTTPS.

  • True multi-tenancy

    Per-org Docker networks, AES-256 keys, cgroup v2 CPU/RAM quotas, and 4-role RBAC. Run every client on one cheap box — they never see each other.

  • Secure by the first command

    grit cloud init hardens the server — deploy user, SSH keys, locked-down root, UFW, Fail2ban — then installs Orbita on your HTTPS subdomain.

  • Grit-aware, zero-config

    A Grit app has a known shape. Orbita builds each service from the Dockerfiles Grit ships, provisions Postgres/Redis/MinIO, and wires domains.

  • Migrations under a lock

    Deploys build, then run migrations under a Postgres advisory lock before cutover. A failed migration aborts — never a schema-mismatched cutover.

Provisionon your laptop
$ grit cloud init
  ✔ Server hardened (score 94/100)
  ✔ Orbita live at https://orbita.example.com
Deployin your Grit app
$ grit deploy --host prod
  ✔ Migrations applied (advisory lock)
  ✔ Live
    App:  https://rental.example.com
    API:  https://api.rental.example.com
  git push → auto-deploys via webhook

How it fits together

Your CLI and browser talk to one Go binary. It drives Traefik, Postgres, Redis, and Docker Swarm on the host — every org fully isolated.

grit CLI
Browser
Traefik
Orbita
Postgres
Redis
Swarm

Entry points

The grit CLI (over an orb_ token) and the embedded dashboard both hit the same REST API — nothing else is exposed.

One control plane

A single ~30 MB Go binary: Gin router → services → GORM, plus the orchestrator that speaks the Docker SDK and writes Traefik config.

Backing services

Postgres holds metadata + encrypted secrets, Redis handles cache and rate limits, and Swarm runs every workload with rolling updates.

Built for one box, many clients

True isolation, automatic HTTPS, and observability — without a heavy control plane.

One ~30 MB binary

The Go control plane embeds the React dashboard and idles under 50 MB of RAM — leaving nearly all of your server for the apps you run.

HTTPS by default

Traefik v3 with automatic Let’s Encrypt, HTTP→HTTPS redirect, and per-app routing generated from grit.yaml. Only the proxy binds the public host.

Observable from day one

Pulse (latency/SQL/errors) and Sentinel (WAF/rate-limit/anomaly) mount on every Grit app by default. Live logs, metrics, in-browser terminal.

Push to deploy

After the first deploy, every git push to your branch redeploys via webhook. The CLI becomes optional — the platform keeps shipping.

Isolated secrets

Each org’s secrets are encrypted with an AES-256 key HKDF-derived from a master key + org ID — never the master key directly.

Beginner-first CLI

Interactive by default: the wizard asks what it needs and does the rest. Flags stay available for CI and scripting when you want them.

Secure a VPS and ship a full-stack app in two commands.

Self-hosted on a cheap box, with true isolation, migrations, and observability. That’s Grit Cloud.