Bring your own server

Forge-grade control,
without the fragility.

Sproobo provisions and runs your sites, apps and databases on Linux servers you own — everything in Docker, your data on your box. The whole class of “an OS update broke my server at 2am” failures is deleted by design.

Read live from your server. Sproobo stores none of it.
sproobo · enroll + first deploylive
curl -fsSL https://get.sproobo.com/agent | sh -s -- \ --token spb_1x8f••one-time•• --region fra
00:00agent connected · outbound WSS/443 · no inbound ports opened
00:03host facts observed · Ubuntu 24.04 · Docker 27.1
00:07building sproobo-api off-box · Dockerfile detected
00:41blue-green swap → health gate → atomic proxy switch
00:48deploy #214 live · https via Caddy (ACME) · rollback armed
00:48read live · not stored by Sproobo

Runs on any Debian- or RHEL-family server

UbuntuDebianAmazon LinuxHetznerDigitalOceanBare metal
The fragile-host tax

You’ve paid it before. Probably at 2am.

Forge, Ploi and hand-rolled VPS setups install PHP, Node and your database natively, coupled to the host OS. One unattended upgrade, one PPA drift, one library bump — and production is down while you SSH in and pray.

Native coupling

An apt upgrade nudges your system PHP or OpenSSL and takes three unrelated apps with it. Versions you never chose, changing on a schedule you don’t control.

Data held hostage

Metrics and logs get shipped to someone else’s cloud. Your database lives in a volume you can’t inspect. Leaving the platform means leaving your data behind.

Inbound attack surface

Control planes that need an open SSH port or a poked firewall hole. One more thing to lock down, one more way to get locked out when an automation misfires.

The mechanism

Everything runs in Docker. On your box.

Apps and backing services run as pinned, choosable containers. App data lives on owner-inspectable bind-mounted host paths — it survives docker volume prune. Nothing native to break; nothing you can’t see.

how a deploy actually happens
01 · build
Off-box build
Dockerfile-first, else auto-detect. Your server never thrashes compiling.
02 · swap
Blue-green
New container starts alongside the old. Zero-downtime by construction.
03 · gate
Health gate
Fails the gate? Nothing ships. You’re auto-rolled back, untouched.
04 · serve
Atomic switch
Proxy flips in one move. HTTPS via Caddy, certs on ACME autopilot.
What you get

Control without the caretaking.

Pinned versions

Choose exact versions for apps and services — Postgres, MySQL, MariaDB, Redis, MongoDB. They change when you change them, never on an OS timer.

postgres:16.3 · pinned

Data on your box

Bind-mounted host paths you can open, back up and reason about. Survives volume prune. No hidden volumes, no lock-in.

Outbound-only agent

A single static Go binary dials home over WSS/443. No inbound firewall holes, nothing to expose to the internet.

no open ports

Reliable deploys

Off-box build, blue-green swap, health gate, atomic proxy switch, auto-rollback. Reliability you can name, not just adjectives.

AI-native, safely

Connect claude.ai or ChatGPT, teach your coding agent the CLI, and drive infra through the same audited API a human uses — plan-first, approval-gated.

connectors · skill · CLI

No lock-out, ever

Break-glass SSH is never severed. Lock-out is impossible by design — the platform can’t wall you off from a server you own.

Sovereign telemetry

Your logs and metrics never leave home.

Sproobo reads logs and metrics live from your server, on demand — and stores none of it. When data is stale, we say so, plainly. We never fake “live.”

  • liveStreamed straight from the box when you open the panel.
  • stale“Last seen 14m ago — showing the last known snapshot, not live.”
  • storedNothing. Sproobo keeps only what it needs to reach your agent.
Read the security model
live · srv_fra_1read live · not stored
10:22GET /health 200 · 6ms
10:22worker: processed 128 jobs · queue empty
10:23postgres:16.3 · 41 conns · cache hit 99.2%
10:23redis mem 71% · eviction policy allkeys-lru
10:24GET /health 200 · 5ms
agent · plan-first, approval-gated
~service: sproobo-api
-replicas: 2
+replicas: 4
-postgres: 16.3
+postgres: 16.4
AI-native, not AI-reckless

Let an agent run your infra — on the same rails you do.

Connect claude.ai or ChatGPT as a connector, install the Sproobo skill in Claude Code, Codex or Cursor, or script it with the CLI — they all call the exact same audited API a human uses. Destructive changes come as a plan you review and approve — diff first, apply second.

claude.ai · ChatGPT connectorscoding-agent skillsproobo CLIplan-first
Explore AI & CLI
Switching from Forge, Ploi or Coolify?

Same control surface. Different foundation.

Migrate one server at a time — no big-bang cutover. Here’s the short version; the full matrix is fair and factual.

Sproobo compared with Forge, Ploi and Coolify
 SprooboForgePloiCoolify
Apps & services in DockerEverythingNativeNativeYes
Pinned service versionsApps + DBsHost-tiedHost-tiedPartial
Data on inspectable host pathsYesVolumes
Outbound-only agent (no open ports)YesSSH inSSH inSSH in
AI connectors (claude.ai / ChatGPT)Built-inNoNoNo
See the full comparison
0
Inbound ports opened on your server
~2 min
From enroll one-liner to first deploy
100%
Of app data on disks you own
every
Deploy blue-green with auto-rollback

Architecture facts, not vanity metrics — these are true by construction.

Straight answers

Questions engineers actually ask.

A single static Go agent, plus Docker containers for your apps and backing services. The agent dials home outbound-only over WSS/443 — it opens no inbound ports. Your app data sits on bind-mounted host paths you can inspect and back up directly.
No. It’s your server. Break-glass SSH is never severed and your containers and data keep running independently of the control plane. Lock-out is impossible by design.
On your server. Sproobo reads them live, on demand, and stores none of it. When a server hasn’t reported recently, we show the last known snapshot and label it stale — we never present old data as live.
Any Debian- or RHEL-family Linux box — Ubuntu, Debian, Amazon Linux and friends — on any host or bare metal. Migrate one server at a time; there’s no big-bang cutover.
AI tools use the same audited API a human does — no elevated backdoor. Destructive operations are plan-first and approval-gated: you see a diff and approve before anything is applied.
Get started

Keep the control. Drop the fragility.

Enroll a server with one command and watch it bootstrap live. Your box, your data, your call.

No inbound ports. No data hoarding. No lock-in.