Product / Deployments
Git Deployment Platform for VPS
Push to main and ship in one click. Connect a repo, pick a stack, and we run your build, swap the release symlink, and reload your service with zero dropped requests. Rollback is one click away on every deploy.
Push to deploy
Git push, shipping in seconds
Connect a repo over OAuth or a personal token, pick a branch, and we register the webhook for you. Every push fires a deploy in under two seconds. Signed secret verification runs on every incoming hook, so a leaked URL cannot trigger a build.
Webhooks on all three hosts
GitHub, GitLab, and Bitbucket get the same treatment. HMAC verification, branch filtering, and a two-second queue time. No CI minutes, no runner pool to pay for.
Preview envs per pull request
Open a PR and we spin up pr-42.yoursite.com with its own database, its own env vars, and its own subdomain. Reviewers click a link instead of running your branch locally.
Streaming build logs
Build output streams to your browser with ANSI colors intact. Every line is timestamped. Share a link to the log and a teammate can replay the deploy step by step.
One-click stacks
One-click VPS deployment for common stacks
Skip the shell scripts. Pick a stack, point at a repo, and we install, configure, and wire it up behind Nginx. The heavy setup runs once, deploys run every time you push.
WordPress installer
One-click install with MariaDB, PHP-FPM 8.3, wp-config, auto-SSL, and object cache wired up. Pair with the WordPress on Molixa guide for a full walkthrough.
Laravel deploy
Composer install, artisan migrate, config cache, and Horizon through Supervisor. PHP 7.4 through 8.3 per site, so legacy apps keep running while new ones go modern.
Node.js with PM2
Cluster mode reload, zero-downtime restarts, and Nginx upstreams wired up. Node 18, 20, and 22 all supported. TypeScript build steps and monorepos work out of the box.
Rollbacks and zero downtime
Ship with confidence, undo in one click
A deploy is four things. Pull, build, activate, verify. Every step is reversible. Nginx upstreams rotate, PHP-FPM takes SIGUSR2, PM2 drains in-flight requests, and static sites flip a symlink. No 502 window, no reload flash.
One-click rollback on every release
Every deploy keeps the prior release directory on disk. Click Rollback and we walk the symlink back, restart the service, and ping your channels. Rollback a rollback too, as many times as you need.
Graceful reloads across the stack
Node apps reload through PM2 cluster mode, PHP-FPM takes a SIGUSR2, systemd services use reload instead of restart, and static sites swap a release symlink atomically. No dropped connections.
Supported stacks
Every stack, one deploy pipeline
Mix and match on the same server. Laravel next to WordPress next to a Next.js app. Per-site PHP and Node versions keep legacy and new side by side without clashes.
WordPress
One-click install with MariaDB, Redis object cache, WP-CLI, and auto-SSL. Git deploys for themes and custom plugins.
Laravel
Composer, artisan, queues through Supervisor, Horizon dashboard wired up. Octane and FrankenPHP supported as custom build steps.
Node.js
Next.js, NestJS, Express, Fastify, SvelteKit. PM2 with cluster mode, zero-downtime reloads, and Nginx upstream swaps.
Rails
Ruby through rbenv, bundle install, db migrate, Puma through systemd. Sidekiq for background jobs, Action Cable behind Nginx.
Static sites
Next.js export, Astro, Hugo, 11ty, or a plain HTML folder. Symlink swap, long cache headers, and a first paint under 100 ms.
Docker
Dockerfile or docker-compose.yml. We build the image, swap the container, and health check the new one before tearing the old one down.
Comparing the pipeline to other panels? Read the Laravel Forge alternative breakdown for a side-by-side view.
Environment management
Env vars that never sit in plaintext
Edit env vars in the dashboard. We encrypt them with AES-256-GCM and only decrypt when a deploy worker needs to write them to your server. Every deploy shows a clean diff of which keys moved.
What you get
Encrypted and scoped
Env vars are scoped per site and per environment, so production and preview never share credentials by accident. Rotate a key and the next deploy picks it up.
- AES-256-GCM encryption at rest
- Diff view of which keys changed between deploys
- Per-environment scopes (production, staging, preview)
- Import from a .env file or bulk paste
- Audit log of who changed which key when
No more
Bad habits the dashboard kills
Secrets in git history. Shared .env files pasted into Slack. CI pipelines that log credentials on error. All gone once you move env vars into the dashboard.
- No .env files in git
- No secrets in CI build logs
- No "ask a teammate" for the database password
- No plaintext keys on shared machines
- No guesswork about which key is live
Deploy hooks
Hooks for the work before and after the symlink swap
Run a task on pull, before build, after build, after the symlink flips, or only on failure. Hooks are plain shell with your env vars injected, so you ship the script you already have.
Pre and post hooks
Warm a cache, ping a health endpoint, purge a CDN, post to Slack. Hooks run in the order you set and stream to the same deploy log so you can see what passed and what did not.
First-class integrations
Cloudflare purge, Sentry release marker, Linear status update, and generic curl land as dropdowns. Pick one, paste a token, save. No shell wrangling.
Failure-only alerts
On-call pager, Slack channel, or Discord webhook only fires when a deploy fails or a health check misses. Green deploys keep the channel quiet.
Anatomy of a deploy
From push to live in about 90 seconds
01
Webhook queues
HMAC verified. Deploy enters a per-server queue with a visible countdown. Concurrent pushes merge.
02
Build runs
Release lands in /releases/{timestamp}. Env vars injected. Build command runs. Logs stream to the browser.
03
Symlink flips
Graceful reload fires. Health check pings until a 200 comes back. Success fires your hooks, failure pings the on-call alert.
FAQ
Deployment questions
Can I migrate an existing site to this git deployment platform?
Yes. Add your existing VPS to Molixa Forge, point a site at a subdirectory, and paste a repo URL. We detect your Nginx vhost, PHP version, and existing release layout. Your current site keeps serving traffic until you cut over with one click, so the move is reversible.
How does rollback work on a failed deploy?
Every release lands in its own timestamped directory. The current release is a symlink. Rollback walks the symlink back to the prior release, restarts your service, and pings your channels. If a rollback itself goes wrong, you can rollback the rollback, so bisecting a bad day is one click at a time.
Can I deploy different branches to different environments?
Yes. Point your production site at main, staging at develop, and open preview sites per pull request. Each branch gets its own env var set, its own database URL, and its own subdomain. Merge or close the PR and the preview tears down on its own.
What if my stack is not on the one-click list?
Set a custom build command per site. We run it in a fresh release directory with your env vars injected. Rust, Go, Python with uv, pnpm monorepos, and Docker Compose all ship through the same pipeline. The one-click installers save time on common stacks, not a hard ceiling.
Where do my environment variables live?
In the dashboard, encrypted at rest with AES-256-GCM. They get decrypted only when the deploy worker writes them to the server. Every deploy shows a diff of which keys changed. No .env files in git, no secrets pasted into CI logs, no plaintext in shared folders.
Can I trigger a deploy from a webhook outside of git?
Yes. Every site has a signed webhook URL. Hit it from n8n, Zapier, a cron job, or your CI pipeline and a deploy runs with the settings you saved. You can also require manual approval for production, so merges to main deploy staging and a human clicks to promote.