sh0
Self-hosted deployment. Single binary. Zero complexity.
A deployment platform in a single Rust binary (~2MB). Git push deployments, automatic SSL, built-in AI chat with 20 MCP tools, database management, browser terminal, and multi-server orchestration.
Building sh0
The Deploy Hub: 183 Options, One Page
How we built a Softaculous-style deploy hub with 183 options across 5 categories, 7 deploy form components, and a split-panel UX.
Web Terminal and File Explorer in a Self-Hosted PaaS
How we built a browser-based terminal (xterm.js + WebSocket + Docker exec) and a Docker Desktop-style file explorer -- features most self-hosted PaaS tools lack.
Real-Time Logs: WebSocket Streaming from Docker Containers
How we built real-time log streaming from Docker containers to the browser using WebSocket, with JWT authentication, auto-reconnect, and a terminal-style viewer.
i18n from Day One: 5 Languages Across 105 Sessions
Why we built sh0 with 5-language support from the very first dashboard session, and how we maintained correct orthography across 105 development sessions.
119 One-Click Templates: From WordPress to Ollama
How we built a YAML-based template system with variable substitution, dependency ordering, and 119 production-ready templates covering databases, CMS, AI/ML, and more.
Docker Compose on a PaaS: Parsing, Validating, Deploying
How we added Docker Compose support to sh0 -- parsing Compose v3 YAML, validating dependencies, detecting circular references, and deploying multi-service stacks.
Autoscaling in Rust: CPU Thresholds, Cooldowns, and Load Balancing
How we built horizontal scaling with Caddy load balancing, replica container management, and an autoscaler that evaluates CPU/memory thresholds with configurable cooldowns.
We Audited Our Own Platform and Found 88 Security Issues
We ran 4 comprehensive security audits on our own PaaS and found 88 issues -- 9 critical, 12 high, 45 medium. Here is every finding, every fix, and what we learned.
Migrating from localStorage Tokens to HTTP-Only Cookies
How we migrated sh0's authentication from localStorage JWT tokens to HTTP-only cookies with CSRF double-submit protection -- and why every self-hosted tool should do the same.
From cargo build to a Live Server: The Release Pipeline
How we built sh0's release pipeline: multi-stage Docker builds, cross-compilation challenges, GitHub Actions CI/CD, binary distribution, and the first production deploy.
Building for Africa: Mobile Money, Local Pricing, and Why It Matters
Why we built sh0 from Abidjan with Mobile Money payments, 5-language support including Swahili, and pricing designed for African developers.
The Bugs That Almost Broke Us
Git pull failures, CSRF blocking uploads, stale Caddy processes, FTP IPv6 incompatibilities, and Docker network aliases -- the bugs that almost derailed sh0.