A research platform exploring how modern mass hosting should work. Multi-tenant isolation, automated provisioning, and a complete API — with a Terraform provider on top.
$ terraform init
Initializing provider plugins...
- Installing massive-hosting/hosting v0.2.0...
- Installed massive-hosting/hosting v0.2.0
Terraform has been successfully initialized!
$ terraform apply
hosting_webapp.myapp: Creating...
hosting_database.mydb: Creating...
hosting_fqdn.main: Creating...
Apply complete! Resources: 3 added, 0 changed, 0 destroyed.
A complete hosting platform with every infrastructure primitive, all accessible via a unified API.
PHP, Node.js, Python, Ruby, and static sites. Each app gets its own folder, runtime, and auto-injected environment variables with database credentials and service URLs.
Managed MySQL databases with per-user privileges and GTID replication. Valkey (Redis-compatible) instances with ACL-based access control, configurable memory and eviction policies.
S3-compatible object storage with public/private buckets, access keys, and configurable quotas.
DNS records provisioned automatically when you add domains, enable email, or configure SSL. Bring your own zones or use our nameservers.
Full email hosting with JMAP and IMAP support. Aliases, forwarding rules, vacation auto-replies, and per-domain accounts with auto-provisioned MX, SPF, DKIM, and DMARC records.
Run any OCI container image with configurable memory, CPU, restart policies, environment variables, and private registry support via image pull secrets.
WireGuard peers with auto-generated keys and configs. The hosting-cli tool uses userspace WireGuard to proxy databases and caches to your local machine — no root required.
Long-running background processes with HTTP and WebSocket proxy support. Scheduled tasks with cron expressions, distributed locking, and auto-disable on repeated failures.
Automatic Let's Encrypt provisioning via HTTP-01 ACME with renewal. Upload custom certificates for domains that need them. Expiry monitoring with auto-created incidents.
On-demand web (tar.gz) and database (sql.gz) backups with one-click restore. Automated cleanup of old backups.
Browser-based file manager with SFTP backend: browse, upload, download, edit, rename, and delete files. Integrated web terminal with arbitrary working directory.
HAProxy with runtime map updates — no reload needed for domain changes. Consistent hashing on Host header within shards for predictable routing.
Full-featured web UI with built-in SSH terminal, real-time log streaming, push-to-deploy, and inline resource management.
Chroot jails, per-tenant Linux users, ULA IPv6 addressing per tenant, default-deny egress firewall, automatic SSL via Let's Encrypt, encrypted secrets at rest, and TOTP two-factor authentication.
Brands scope all resources with their own NS hostnames, base domain, and hostmaster. API keys are brand-scoped. Run multiple isolated hosting brands from a single platform.
Every API mutation logged with full request/response bodies, API key attribution, and credential sanitization. Queryable by brand, user, and time range.
100% API coverage with Personal Access Tokens. Full MCP server for AI-assisted management. Terraform provider, CLI tool, and control panel all built on the same API.
One-click export of your entire infrastructure as a .tf file. Import existing resources into Terraform state with generated import commands.
Ready-made GitHub Action and GitLab CI templates for SSH+rsync deployment. Pick a template from the control panel, add your SSH key, and push to deploy.
Centralized logging with Loki and dashboards via Grafana. Separate observability stacks for the control plane and tenant hosting — full visibility without cross-contamination.
AI agents continuously monitor and automatically resolve infrastructure issues. Gap analysis identifies patterns agents can't fix yet, feeding into built-in reporting and improvement loops.
Define your entire hosting stack in HCL. The Terraform provider covers 21 resource types with full CRUD support, async provisioning, and import capabilities. Published on the Terraform Registry.
21 resource types
Webapps, databases, DNS, S3, email, containers, VPN, SSH keys, egress rules
Import existing resources
Export your current setup as a .tf file from the control panel
Personal Access Tokens
Long-lived tokens for CI/CD, scripts, and Terraform
resource "hosting_webapp" "myapp" {
tenant_id = var.tenant_id
runtime = "php"
runtime_version = "8.4"
public_folder = "public"
}
resource "hosting_database" "mydb" {
tenant_id = var.tenant_id
}
resource "hosting_database_user" "app" {
database_id = hosting_database.mydb.id
privileges = ["ALL"]
}
resource "hosting_webapp_env_vars" "myapp" {
webapp_id = hosting_webapp.myapp.id
vars = {
APP_ENV = "production"
}
secret_vars = {
DB_PASSWORD = hosting_database_user.app.password
}
}
resource "hosting_fqdn" "main" {
fqdn = "myapp.example.com"
webapp_id = hosting_webapp.myapp.id
ssl_enabled = true
}21 resource types covering the full hosting stack.
All resources with an ID support terraform import.
Full documentation →