Notes from the box.
How we think about ownership, reliability and running production on servers you actually control — plus what's shipping in Sproobo.
Why we run everything in Docker — including your database
Native packages couple your apps to the host OS. We walk through the failure class that design creates, and how pinned containers on inspectable host paths delete it entirely.
Read the postThe agent only ever dials out — here's exactly what that means
A walkthrough of the trust boundary: outbound WSS/443, zero inbound ports, and why break-glass SSH is never severed.
Sovereign telemetry: reading live, storing nothing
How Sproobo shows real-time logs and metrics without warehousing your data — and why we label stale data honestly instead of faking “live.”
Blue-green, health gate, atomic switch: anatomy of a deploy
The four moves between a push and live traffic, and how each one can safely abort without touching your running app.
Letting an agent run your infra — on the same rails you do
Plan-first, approval-gated, and no privileged backdoor. Our approach to AI-driven operations that doesn't widen your attack surface.
Moving off Forge one server at a time
A practical, incremental migration path — run side by side, compare, and expand only when the difference is obvious.
These are the posts we're writing for launch — full articles land here as they publish.