Self-hosted CI/CD over SSH for Node.js, Next.js, and React apps.
Built for developers by developer who want production control without sharing server access.
I was doing deployments like this:
ssh -> git pull -> npm install -> build -> migrate -> pm2 restart -> repeat
Across multiple servers. Every day.
So I built SSHipIt:
- No GitHub Actions dependency
- No sharing production server with third-party CI
- No one-env-key-at-a-time UI pain
- Just clean, local-first, SSH-native deployments
If this saves your time, star it and share it.
- π¦ Project management for Node.js, Next.js, React
- π₯οΈ Reusable SSH servers across projects
- π Encrypted server credentials (AES-256-GCM at rest)
- βοΈ Smart stack defaults (install/build/start/restart)
- π± Bulk
.envediting for production - π Manual deploy + one-click redeploy
- π Live log streaming over WebSocket
- π§ Deployment history with filtering + cancel/delete
- π§± Release folders +
currentsymlink strategy - π§ͺ Migration support (Prisma / Sequelize / Knex / TypeORM)
flowchart LR
UI["SSHipIt UI (Browser)"] --> API["Node.js API + WebSocket"]
API --> DB["SQLite (projects, env, servers, deployments)"]
API --> RUNNER["Deploy Runner"]
RUNNER --> LOCAL["Local workspace deploy"]
RUNNER --> SSH["Remote deploy over SSH"]
SSH --> TARGET["Server (repo, releases, current, pm2)"]
git clone https://github.com/radhakishan404/sshipit.git
cd sshipit
npm install
cp .env.example .env
npm startOpen: http://localhost:3000
Required .env keys:
PORTDATABASE_PATHWORKSPACE_ROOTKEEP_RELEASESENCRYPTION_KEY(set a long random value in production)
- Create a project
- Select framework and click smart defaults
- Paste production env in bulk
- Add or attach an SSH server
- Test connection
- Select target server
- Click
Deploy Now - Follow live logs
| Stack | Install | Build | Restart |
|---|---|---|---|
| Node.js | npm ci || npm install |
optional | PM2 restart/start fallback |
| Next.js | npm ci || npm install |
npm run build |
PM2 restart/start fallback |
| React | npm ci || npm install |
npm run build |
usually nginx reload |
You can override all commands per project.
Core APIs:
GET /api/projectsPOST /api/projectsPUT /api/projects/:idDELETE /api/projects/:idGET /api/projects/:id/envPOST /api/projects/:id/env/bulkGET /api/projects/:id/serversPOST /api/projects/:id/deployGET /api/projects/:id/deploymentsPOST /api/deployments/:id/redeployPOST /api/deployments/:id/cancelDELETE /api/deployments/:id
WebSocket:
ws://localhost:3000/ws
| Dependency | Use |
|---|---|
express |
HTTP API |
ws |
Live logs/events over WebSocket |
better-sqlite3 |
Local metadata DB |
ssh2 |
SSH execution and remote deploy |
dotenv |
Runtime env loading |
zod |
Request validation |
uuid |
IDs |
cors, morgan |
API support + logs |
- Git webhook auto-deploy (GitHub/GitLab/Bitbucket)
- Build/test quality gates
- Health-check gate before success
- One-click rollback
- Blue/green and canary rollout options
- Secret backends (Vault, SSM)
- Slack/Discord/email notifications
- Multi-user auth + RBAC
- Docker/Compose mode
- Kubernetes target adapter
- Deployment analytics dashboard
If you want to build one, open a PR.
A practical growth plan is here:
It includes:
- launch-week checklist
- where to post
- post templates (X/LinkedIn/Reddit/dev.to)
- repeatable content strategy for stars + users
- Read
CONTRIBUTING.md - Use issue templates in
.github/ISSUE_TEMPLATE - Keep PRs focused and include logs/screenshots for deploy/UI changes
Please read SECURITY.md for responsible disclosure.
MIT - see LICENSE.
To complete project hygiene, set these in the repo settings:
- Description:
Self-hosted CI/CD over SSH for Node.js, Next.js, and React apps
- Website:
https://github.com/radhakishan404/sshipit#readme
- Topics:
cicd,self-hosted,ssh,deployment,nodejs,nextjs,react,devops
- Enable:
- Discussions
- Issues
- Wikis (optional)
- Security advisories