Provisioning

Provisioning is fully automated. This page documents the pipeline so you know what runs on your behalf, and where to look if it stalls.

Pipeline

creating_server: We call the Hetzner Cloud API to create a VPS in your chosen region. Image: Ubuntu 24.04. SSH keys for the ɳSelf control plane are injected so we can issue updates later.
waiting_for_server: We poll the Hetzner API until the server reports running. Typically 30–60 seconds.
bootstrapping: A cloud-init script installs Docker, installs the ɳSelf CLI, runs nself init, and installs your licensed plugins.
creating_dns: We create an A record for your subdomain plus a wildcard A record so sub-apps (api, auth, storage) resolve automatically. Records propagate in seconds via Cloudflare.
configuring_ssl — nself build runs certbot against Let's Encrypt. Wildcard certificates are issued via DNS-01.
installing_plugins: Pro plugins are pulled from the plugin registry, signed, and baked into the compose file. Free plugins are also installed if you selected any.
health_check: We poll /health on the public domain until it returns 200. This confirms Nginx, Hasura, Auth, and Postgres are all up.
sending_welcome: You get an email with your admin credentials and a link to your dashboard.

Typical timing

Hetzner server creation: 30–60 s
Cloud-init bootstrap: 3–5 min
DNS + SSL: 30–60 s
Plugin install: depends on count, about 10 s per plugin
Health check: 15–45 s

End-to-end: 5 to 8 minutes for a default stack, up to 12 minutes if you selected every plugin bundle.

What if it fails?

The dashboard shows the exact step that failed plus the error message. Common causes:

Hetzner capacity in region: Very rare. Pick a different region or retry in 5 minutes.
Domain conflict: The subdomain you picked is already taken. Pick a different name.
Plugin install error: Almost always a transient registry hiccup. Click Retry.

If retry does not work, open a support ticket from the dashboard. We will investigate within the SLA of your plan.

Backups enabled by default

Hetzner snapshot backups are enabled when your server is created. They run nightly and are retained for seven days. In addition, we perform application-level backups of Postgres and MinIO nightly to off-site storage in a separate region.

Restores are triggered from the dashboard. Point-in-time restore is available for the last 72 hours at 1-hour granularity, older than that daily.

Where to look

Dashboard → Server detail page: live provisioning steps and logs
/api/provision/{job_id}: JSON status endpoint you can poll

Pipeline

creating_server: We call the Hetzner Cloud API to create a VPS in your chosen region. Image: Ubuntu 24.04. SSH keys for the ɳSelf control plane are injected so we can issue updates later.

waiting_for_server: We poll the Hetzner API until the server reports running. Typically 30–60 seconds.

bootstrapping: A cloud-init script installs Docker, installs the ɳSelf CLI, runs nself init, and installs your licensed plugins.

creating_dns: We create an A record for your subdomain plus a wildcard A record so sub-apps (api, auth, storage) resolve automatically. Records propagate in seconds via Cloudflare.

configuring_ssl — nself build runs certbot against Let's Encrypt. Wildcard certificates are issued via DNS-01.

installing_plugins: Pro plugins are pulled from the plugin registry, signed, and baked into the compose file. Free plugins are also installed if you selected any.

health_check: We poll /health on the public domain until it returns 200. This confirms Nginx, Hasura, Auth, and Postgres are all up.

sending_welcome: You get an email with your admin credentials and a link to your dashboard.

What if it fails?

The dashboard shows the exact step that failed plus the error message. Common causes:

Hetzner capacity in region: Very rare. Pick a different region or retry in 5 minutes.

Domain conflict: The subdomain you picked is already taken. Pick a different name.

Plugin install error: Almost always a transient registry hiccup. Click Retry.

If retry does not work, open a support ticket from the dashboard. We will investigate within the SLA of your plan.

Backups enabled by default

Restores are triggered from the dashboard. Point-in-time restore is available for the last 72 hours at 1-hour granularity, older than that daily.