The open-source CLI built exclusively for Laravel. One command installs a complete production stack. One command creates an isolated app with its own database, workers, SSL, and zero-downtime deploys.
$ wget -O - https://raw.githubusercontent.com/andreapollastri/cipi/refs/heads/latest/install.sh | bash
What you get
Every app runs under its own Linux user. Isolated filesystem, PHP-FPM pool, and database. One compromised app cannot touch the others.
Per-app virtual hosts with optimized configuration for Laravel applications.
Selectable per app. Hot swap PHP versions from 7.4 to 8.5 and Composer 2.
Auto-tuned to your server's RAM. Dedicated database per app with isolated users.
Per-app queue workers with CLI management. Add, scale, and monitor queues.
Zero-downtime deployments with instant rollback. Keeps last 5 releases.
Automatic certificates via Certbot with SAN support for domain aliases.
Brute-force protection and firewall out of the box. SSH, HTTP, HTTPS only.
Automated database and storage backups to Amazon S3 or compatible providers.
Quick Start
Run the installer on a fresh Ubuntu 24.04+ VPS. Takes about 10 minutes. At the end, save the MariaDB root password — it's shown only once.
Run cipi app create and answer a few questions: username, domain, Git repo, branch,
PHP version. Cipi sets up everything — user, database, Nginx, workers, cron.
Run cipi deploy myapp for zero-downtime deployment, then
cipi ssl install myapp for HTTPS. Your Laravel app is live.
Built for
From solo developers to hosting providers — anyone who ships Laravel on a VPS.
You write Laravel. Cipi handles the server. One command gives you a production-grade stack with isolation, SSL, queue workers, and zero-downtime deploys — no Nginx configs, no FPM tuning, no sleepless nights.
Run dozens of client projects on a single server. Each app has its own user, database, PHP version, and deploy key. A problem in one project never affects the others. Onboard a new client in minutes, not hours.
Atomic deploys, instant rollbacks, webhook auto-deploy on every push. S3 backups so you can recover from anything. Grow from a single cheap VPS to a multi-server setup without changing your workflow.
Every Cipi command is a plain shell call. Wire it into Ansible playbooks, provisioning scripts, or internal tooling to spin up isolated Laravel environments programmatically. Manage hundreds of apps without manual intervention — your datacenter, fully automated.
Features
Built for Laravel developers who value security, simplicity, and control. No web
panel, no bloat — just SSH and the cipi
command.
Because Cipi is CLI-first, any AI agent with SSH access can deploy, roll back, back up, and manage your server with natural language. Works with Claude, OpenAI, OpenClaw, and any framework that supports tool use.
Each app has its own Linux user, PHP-FPM pool, database, SSH key, and home directory. open_basedir restricts PHP to the app's home. No app can touch another.
Deployer clones your repo, runs composer install, links storage, runs migrations, and swaps the symlink atomically. Instant rollback to any of the last 5 releases.
Install the Cipi Agent Laravel package for automatic deploys on git push. Supports GitHub and GitLab with HMAC signature verification.
Run Artisan and Tinker as the app user with the correct PHP version. Tail logs in real-time — Nginx, PHP-FPM, workers, deploys. Auto-rotated daily, kept 14 days.
Back up databases and storage to Amazon S3 or any S3-compatible provider — Hetzner, DigitalOcean
Spaces, Backblaze B2, MinIO. Each backup includes a compressed database dump and the full shared/
directory. Schedule daily runs via cron.
Add multiple domains or subdomains to any app. Certbot provisions a single SAN certificate covering all domains. Auto-renew via weekly cron.
From 7.4 to 8.5 — all installed, selectable per app. Switch any app to a different PHP version with one command: Cipi hot-swaps the FPM pool, Nginx socket, Supervisor workers, crontab, and Deployer config with zero downtime.
Cipi is CLI-first by design. That means any AI agent with SSH access can operate your entire Laravel infrastructure — deploy, rollback, backup, manage databases and queues — without any GUI, API key, or custom integration.
myapp.example.com. Snapshot is available for instant restore if needed.
CLI Reference
No GUI, no overhead. Manage your entire Laravel infrastructure from the terminal.
cipi app createCreate app (interactive)cipi app create --user=U --domain=D --repository=R --php=VCreate app (flags,
non-interactive)
cipi app listList all appscipi app show <app>App details, deploy key,
workerscipi app edit <app> --php=8.5Change PHP version
cipi app edit <app> --branch=developChange deploy
branchcipi app env <app>Edit .env in nanocipi app logs <app>Tail all logscipi app logs <app> --type=deployTail specific log
type (nginx, php, worker, deploy)cipi app artisan <app> migrateRun Artisan
commandcipi app tinker <app>Open Tinkercipi app delete <app>Delete appcipi deploy <app>Deploy via Deployercipi deploy <app> --rollbackRollback to previous
releasecipi deploy <app> --releasesList releasescipi deploy <app> --keyShow SSH deploy key
cipi deploy <app> --webhookShow webhook URL &
tokencipi deploy <app> --unlockRemove a stuck deploy
lockcipi worker add <app> --queue=Q --processes=NAdd
workercipi worker list <app>List workerscipi worker edit <app> --queue=Q --processes=NEdit
workercipi worker remove <app> <queue>Remove
workercipi worker restart <app>Restart all workers
cipi db createCreate databasecipi db listList databases with sizescipi db backup <n>Backup to local filecipi db restore <n> <file>Restore from
filecipi db password <n>Regenerate passwordcipi db delete <n>Delete databasecipi backup configureConfigure S3 credentialscipi backup run [app]Backup all or single appcipi backup list [app]List backupscipi ssl install <app>Install Let's Encrypt SSL
cipi ssl renewRenew all certificatescipi ssl statusShow certificates & expirycipi php install <ver>Install PHP versioncipi php remove <ver>Remove PHP versioncipi php listList installed PHP versionscipi alias add <app> <domain>Add domain
aliascipi alias remove <app> <domain>Remove
aliascipi alias list <app>List aliasescipi service listStatus of all services with uptime
infocipi service list <service>Status of a specific
servicecipi service restartRestart all servicescipi service restart <service>Restart one service
(nginx uses graceful reload)cipi service restart phpRestart all installed PHP-FPM
versionscipi service start <service>Start a stopped
servicecipi service stop <service>Stop a running service
(with confirmation)cipi firewall allow <port>Allow portcipi firewall allow <port> --from=IPAllow port from
IPcipi firewall deny <port>Deny portcipi firewall listShow firewall rulescipi statusServer status (CPU, RAM, disk, services, PHP,
apps)cipi versionShow Cipi versioncipi self-updateUpdate Cipicipi self-update --checkCheck for updates without
installingCompatibility
Ubuntu 24.04 LTS or higher, root access, ports 22/80/443 open. That's all you need.
Evolution
A complete rewrite focused on Laravel, security, and the command line.
| Feature | v3 | v4 |
|---|---|---|
| Interface | Web UI (Laravel app) | CLI only (SSH) |
| Target | Generic PHP + WordPress | Laravel exclusively |
| Database | MySQL | MariaDB 11.4 |
| Deploy | git pull | Deployer (zero-downtime) |
| Workers | Basic Supervisor | CLI-managed add/edit/remove |
| Cache / Queue | Redis optional | Database (Laravel native) |
| Deploy Keys | Shared | Per-app (ed25519) |
| Webhooks | Not available | GitHub / GitLab |
| Updates | Reinstall | cipi self-update with migrations |
| Backup | Not available | S3 automated |
Get Started
Open source, MIT licensed, free forever. Install on your VPS and start deploying in minutes.