Skip to content

Your infrastructure,
orchestrated.

Deploy databases, caches, apps, and load balancers across your own cloud servers — with the simplicity of a platform and the freedom of self-hosting. No Kubernetes. No vendor lock-in.

Everything you need to run production.

One place to manage your entire infrastructure. The developer experience of a PaaS with the economics and control of your own servers. No per-seat pricing. No per-database surcharges.

  • MySQL, PostgreSQL with replication and automated failover
  • Redis and Typesense clusters, provisioned and monitored
  • Deploy any container with zero-downtime rolling updates
  • Built-in container registry with vulnerability scanning
  • HAProxy load balancing with floating IP support
  • Real-time metrics, alerting, and self-healing
  • Automatic TLS via LetsEncrypt
  • Hetzner Cloud, Robot, DigitalOcean, AWS, OVH — or bring your own
Built on the same open source packages I maintain and run in production.
Everything you need to
Projects

Everything starts with a project

Projects group your applications, services, and infrastructure into logical units. An e-commerce platform, a SaaS backend, a data pipeline — each one a project. Deploy apps, bind them to databases and caches, manage environment-specific configs. One view of everything that belongs together.

  • Deploy multiple applications within a project
  • Bind apps to databases, caches, and search clusters
  • Environment-specific configurations (staging, production)
  • Single view from containers to databases
dashboard.png
Hosts

Servers, provisioned in seconds

Connect your cloud provider and Cortex provisions bare servers into production-ready infrastructure. Server creation, agent installation, networking, firewall rules — fully automated. Organize hosts by function: databases, app workloads, edge traffic. Placement rules ensure services land on the right hardware.

  • Fully automated provisioning — select region and size, done
  • Host Groups for organizing by purpose
  • Failed provisioning auto-recovers, stuck hosts are retried
  • Hetzner Cloud and Robot today, DigitalOcean, AWS, and OVH ready
  • Bring your own servers via agent-only installation
cortex-hosts-system-storage.jpeg
Databases

Databases that just work

Deploy MySQL and PostgreSQL clusters with a click. Cortex handles replication, automated backups, point-in-time recovery, and failover promotion. When a primary goes down, a replica takes over automatically.

  • Standalone or replicated clusters
  • Automated daily backups with retention policies
  • Monitor query performance, slow queries, and connections
  • Create databases and users with scoped permissions
cortex-mysql-overview.jpeg
Caching & Search

Redis and Typesense, ready to go

Spin up Redis clusters with sentinel-based failover or Typesense search clusters with automatic API key provisioning. Full metrics for memory usage, command rates, search latency, and indexing performance.

  • Redis replication with automatic failover
  • Typesense clusters with metrics integration
  • ACL-based user management
cortex-create-redis.jpeg
Observability

See everything, from host to query

Real-time metrics for every layer of your stack. Host CPU and memory. Container resources. Database query throughput and slow queries. Redis command rates. HAProxy session load. All flowing through OpenTelemetry to ClickHouse at 30-second resolution.

  • Centralized logs from all containers and services
  • Alert rules on any metric with Slack, email, and webhook routing
  • Automatic incident creation with full context
  • Maintenance windows to suppress noise during planned work
cortex-observability-metrics.jpeg
Security

Vulnerability intelligence, not just scanning

Container images, host operating systems, and installed binaries — all scanned with Trivy and enriched with three data sources: CVSS severity scoring, EPSS exploit prediction probability, and CISA KEV for actively exploited vulnerabilities. Focus on what matters, not noise.

  • Filter by fixable vs. unfixable vulnerabilities
  • Compliance reporting for SOC 2 audits
  • Full API request and audit logging
  • SSH key management with rotation
cortex-security-dashboard.jpeg
Networking

Private by default, connected when you need it

All services communicate over private networks. Only edge hosts expose public ports. Overlay your infrastructure with Tailscale VPN for encrypted mesh networking across regions and providers. Three-layer traffic routing from DNS to container with Cloudflare integration.

  • Automatic TLS via LetsEncrypt for every domain
  • Direct, HAProxy edge, or Cloudflare proxy routing modes
  • Tailscale VPN with ACL policies from the dashboard
  • Floating IP failover for high availability
cortex-tailscale-mesh.jpeg

Get early access

We are onboarding teams who want great infrastructure without the cloud markup. If you are overpaying for RDS, tired of debugging Helm charts, or just want your databases to work.

No spam. Just a heads-up when it is ready for you.