(Click the diagram to open it in full screen for zooming and panning)
Orbit is an open-source, self-hosted Platform-as-a-Service (PaaS) designed to emulate the developer experience of Vercel. It is built to run efficiently on resource-constrained hardware (like an older laptop) while providing magical, zero-downtime deployments.
- CLI & Daemon: Built with Node.js and TypeScript.
- Containerization:
dockerodeprogrammatically builds and manages Docker containers. - Reverse Proxy: Caddy runs inside a Docker container, providing automatic, zero-downtime routing via a dynamically generated
Caddyfile. - Database: SQLite3 (
data.sqlite) is used to locally store project metadata, environments, and deployment history.
With optimized port-binding and caching strategies, Orbit is extremely fast. Once dependencies and base Docker images are cached locally, deployment overhead is minimal. Benchmark: A production Vite React application completes a full zero-downtime deployment in just ~25 seconds!
Before using the CLI, ensure you have the following installed and running on your host machine:
- Node.js (v18+)
- Docker Desktop (or Docker Engine). The daemon must be running for deployments to succeed.
- Clone the repository (or navigate to the project folder).
- Install dependencies:
npm install
- Build the TypeScript files:
npm run build
- Link the CLI globally:
You can now run
npm link
orbitfrom anywhere in your terminal.
Follow these exact steps in order to deploy your first project from a GitHub repository:
- Start the background daemon:
orbit start-daemon
- Create an account:
(Or
orbit signup
orbit loginif you already have an account) - Connect your GitHub account:
orbit github connect
- Import a GitHub repo and link it as a project:
orbit import
- Deploy the project:
orbit deploy
- Check the status and get your URL:
(Your app will be available at
orbit list
https://your-project-name.localhost)
Spawns the background Express server (the Control Plane) and ensures the Caddy reverse proxy Docker container is running. This must be run once before you start deploying apps.
Creates a persistent local account secured with bcrypt-hashed password. Saves a session token to ~/.orbit-auth.json.
Authenticates with your local account and updates the saved session.
Destroys the current session.
Shows the currently logged-in account email and user ID.
Links your GitHub account via Personal Access Token (AES-256 encrypted). Requires scopes: repo, admin:repo_hook.
Shows whether a GitHub account is currently linked.
Removes the stored GitHub credentials.
Alternative OAuth flow (requires GITHUB_CLIENT_ID and GITHUB_CLIENT_SECRET in .env).
Interactively lists your GitHub repositories and links a selected repo as a project. Auto-registers the GitHub webhook.
Registers the current working directory as a project in the database.
-n, --name <name>: Override the default project name (which defaults to the folder name).-r, --repo <repo>: Provide a GitHub repository URL for future webhook integration.
Manually triggers a build and deployment for the current directory.
- Zero-Config Framework Auto-Detection: Inspects
package.jsonand optionallyminivercel.jsonto detect Next.js, Vite, Create React App, or generic Node.js apps. If aDockerfileor.dockerignoreis missing, optimized standalone or multi-stage assets are automatically written to the root directory. - Packages the directory and builds the Docker image.
- Finds a random available host port and starts the new container.
- Dynamically updates the
Caddyfileand executescaddy reloadfor a seamless blue-green deployment. - Graceful Cleanup: Gracefully shuts down and removes previous running containers for the project.
- Proxies the app to
http://<project-name>.localhost:8080.
You can place a minivercel.json file in your project root to override auto-detection defaults:
{
"buildCommand": "npm run build",
"installCommand": "npm install",
"outputDirectory": "dist"
}Securely store an environment variable for the linked project in the SQLite database.
Remove a stored environment variable.
Query the database and write all stored environment variables to a .env file in the current project directory.
View the recent stdout/stderr logs from the running project container.
-f, --follow: Stream live log output continuously to your terminal.
Queries the database and prints a formatted table of all active projects, their statuses, and their local URLs.
Set a custom domain for the current project.
Remove the custom domain from the current project.
Roll back to the previous deployment.
Install Caddy local CA into the system trust store (run once, local mode only).
Show current Caddy TLS mode and port configuration.
This project is being built in stages. Stages 1–6 are complete and shipped on main. V2 phases are the next evolution of the platform.
- Stage 1: Foundation & Core CLI — SQLite, base CLI commands
- Stage 2: Basic Deployment Engine — Dockerode integration, Caddy proxy container
- Stage 3: Zero-Config Framework Detection — Auto-generating Dockerfiles for Next.js, Vite, Node
- Stage 4: Continuous Delivery — GitHub Webhooks & FIFO Build Queue
- Stage 5: Environment Variables & Logs — Managing secrets
- Stage 6: Advanced PaaS Features — Rollbacks, PR Previews, Custom Domains
The V2 roadmap shifts from a folder-centric model to an identity-centric platform. See pipeline-v2.md for full technical specs.
| Priority | Phase | Description | Status |
|---|---|---|---|
| Phase 1 — Real Local Identity | Replace random-UUID login with persistent signup/login/logout backed by bcrypt + sessions |
✅ Done | |
| Phase 2 — Project Ownership | Projects belong to users; all mutations require ownership validation | ✅ Done | |
| Phase 3 — Session Auth Middleware | Daemon-side verifySessionToken middleware protects all destructive routes |
✅ Done | |
| Phase 4 — GitHub Account Linking | orbit github connect — PAT-based linking (AES-256 encrypted), repo list, webhook auto-registration, import command |
✅ Done | |
| Phase 5 — Real HTTPS | Caddy local CA (tls internal) for localhost + automatic Let's Encrypt for public domains; caddy trust & caddy mode commands |
✅ Done | |
| Phase 6 — Local Project Dashboard | Web UI at http://localhost:4000/dashboard with live SSE log streaming, rollback controls, build queue state |
🔲 Planned | |
| Phase 7 — Deployment Management Commands | status, stop, restart, rollback, ps — full lifecycle control from the CLI |
🔲 Planned | |
| Phase 8 — Container Resource Safety | Hard memory/CPU limits on every container; per-project overrides via minivercel.json; health-check-gated blue-green |
🔲 Planned | |
| Phase 9 — Smarter Build System | Docker layer caching, BuildKit, auto .dockerignore, incremental deploys via commit SHA |
🔲 Planned | |
| Phase 10 — Dev Mode (File Watch) | orbit dev — chokidar-powered file watcher with debounced auto-redeploy |
🔲 Planned | |
| Phase 11 — Better Domain System | Relational domains table, multi-domain per project, domain add/rm/list/verify suite, DNS propagation check |
🔲 Planned | |
| Phase 12 — Plugin / Framework Adapter System | Extensible adapter pattern replacing hardcoded framework detection; community adapter support via orbit.adapters.json |
🔲 Planned |