Getting Started Guide
Deploy your first application on your own VPS. TITAN is a deploy control plane — not a hosted platform like Railway or Render.
What TITAN is (and is not)
- ✓ Orchestration: Git → build → deploy on your server via SSH
- ✓ Dashboard, secrets encryption, webhooks, plan limits
- ✗ We do not host your app without a VPS — no "deploy with zero setup" on our servers
Before you start (5 min read)
TITAN is easiest if you already have a Linux VPS and basic SSH access. You will need:
- A VPS (Contabo, Hetzner, DigitalOcean, etc.) with root or sudo SSH
- Docker installed on that server
- A public Git repository (or credentials for private repos)
- Port 22 open from the internet (for TITAN to connect)
First time? Budget 20–30 minutes for server setup. After that, each deploy is much faster.
TL;DR — 3 Steps
- 1. Create account → Add Server
- 2. New Project → paste your Git repo URL
- 3. Click Deploy → watch live logs
Step 1: Create Your Account
- Go to /register and enter your name, email, and a strong password (minimum 8 characters)
- You are logged in automatically and land on Overview — open Servers in the left sidebar first
- You start on the Free plan: 2 projects, 1 server, 10 deploys per day
- Need more? See pricing or upgrade in Settings after login
Step 2: Link a Server
TITAN deploys to your own servers (VPS). You keep full control — Contabo, Hetzner, DigitalOcean, AWS, or any Linux host with SSH.
- Open Servers in the dashboard sidebar
- Click Add Server (same as "Link Server" in older docs)
- Enter your server IP and a label (e.g. "Production VPS")
- Copy the Ed25519 public key shown by TITAN
- On your server, authorize the key:
mkdir -p ~/.ssh && chmod 700 ~/.ssh echo "PASTE_TITAN_PUBLIC_KEY" >> ~/.ssh/authorized_keys chmod 600 ~/.ssh/authorized_keys
- Ensure port 22 is reachable from the TITAN platform (firewall + UFW)
- Install Docker on the server if not already present
Step 3: Add a Project
- Open Projects in the sidebar
- Create a new project with:
- Name: A friendly label
- Repository URL: e.g.
https://github.com/you/app.git - Branch: Usually
main - Server: The server you linked
Step 4: Deploy
- Click Deploy on your project
- Watch deployment logs stream in real time via WebSocket
- TITAN clones your repo, builds, and runs on your server with encrypted secrets support
Step 5: GitHub Auto-Deploy (Optional)
Trigger deploys on every push:
- Copy the project webhook URL from TITAN (shown when you create the project)
- In GitHub: Repository → Settings → Webhooks → Add webhook
- Paste the URL, content type
application/json, event:push - TITAN verifies the webhook signature before deploying
Upgrading Your Plan
Paid plans use hosted checkout by Dodo Payments — you are redirected to a secure payment page; we never see your card number. After payment, your plan updates automatically.
- Go to Settings → Available Plans
- Click Upgrade on Pro ($29/mo) or Enterprise ($99/mo)
- Complete checkout; return to Settings to confirm your new plan
- Use Manage Billing to update payment method or cancel
API Access
All dashboard actions are available via the REST API:
# Health check curl https://titancloud-enterprise.com/api/v1/health # Deploy (requires JWT from login) curl -X POST https://titancloud-enterprise.com/api/v1/projects/PROJECT_ID/deploy \ -H "Authorization: Bearer YOUR_JWT" \ -H "Content-Type: application/json"
API keys for automation are coming in Settings. OpenAPI spec: see repository docs/openapi.yaml.
Plans & Limits
Enforced limits match our public pricing:
| Feature | Free | Pro | Enterprise |
|---|---|---|---|
| Projects | 2 | 10 | Unlimited |
| Servers | 1 | 5 | Unlimited |
| Deploys per day | 10 | 100 | Unlimited |
| Custom domains | — | Yes | Yes |
| Price | $0 | $29/mo | $99/mo |
BYOS worker: Caddy, Redis, and custom domains
For custom domains (Pro/Enterprise), the TITAN worker on your VPS runs Caddy as a reverse proxy. The Core API publishes route updates over Redis; your worker applies them to Caddy's admin API.
- Install the worker binary on the same VPS where apps run (see
worker_agent/in the repo) - Create
/etc/titan/worker.envwith at least:TITAN_API_URL=https://titancloud-enterprise.com WORKER_API_KEY=<from dashboard when linking server> REDIS_URL=redis://:PASSWORD@YOUR_CORE_HOST:6379/0 CADDY_ADMIN_URL=http://127.0.0.1:2019 SERVER_ID=<uuid from dashboard>
- Open ports 80 and 443 on the worker VPS for Let's Encrypt and HTTPS traffic
- Bootstrap Caddy with
deploy/worker/Caddyfile(admin on:2019, automatic HTTPS for verified domains) - Point your domain's DNS (A/AAAA) to the worker IP, then use Projects → Domains → Verify in the dashboard
Note: REDIS_URL must reach the TITAN Core Redis instance (deploy events and domain routes). Use a VPN or firewall rule — do not expose Redis to the public internet without TLS and ACLs.
Install the Worker Agent
On each VPS where apps run, install the worker (listens for deploy events from TITAN Core):
# Download (amd64) curl -fsSL https://titancloud-enterprise.com/releases/titan-worker-linux-amd64 \ -o /usr/local/bin/titan-worker chmod +x /usr/local/bin/titan-worker # Configure /etc/titan/worker.env (see BYOS section above) # Then: systemctl enable --now titan-worker
Or use deploy/install-worker.sh from the repository on the server.
Security
- Passwords hashed with Argon2id
- Secrets encrypted with AES-256-GCM at rest
- All traffic over TLS 1.3 (HTTPS)
- Rate limiting on auth and API endpoints
- Runtime protection (RASP): SQL injection, path traversal, automatic IP blocking
- Immutable audit log for logins, deploys, billing, and domains
- Webhook signature verification for GitHub and billing events
- Platform admins: set
SECURITY_ADMIN_EMAILSon Core API and open Dashboard → Security for attack attempt statistics