Five-minute path from nothing to a live workload — no shell commands outside the CLI.
/var/lib/h4a/master.key with root access.go install github.com/michielb/hosting4agents/cmd/h4a@latest
Or build from source: git clone … && make build && cp bin/h4a ~/bin/.
h4a login https://h4a.site
# Master key (input hidden): ****
# credentials written to ~/.config/h4a/credentials
The master key is stored locally at ~/.config/h4a/credentials (mode 0600). The CLI uses it to mint short-lived JWT subkeys for each invocation — the master key itself never leaves your machine.
If the user already has a public repo, skip provision and call deploy:
h4a deploy mygame https://github.com/me/mygame
# name: mygame
# tier: static (package.json build → static output (node))
# url: https://mygame.h4a.site
# status: running
The platform clones, picks a tier from the repo contents, builds (if needed), uploads to the CDN, and attaches DNS + TLS. See /docs/deploy for the full shape. HTTPS on the custom hostname takes 30s–5min to provision on a first deploy.
Use this when you want SSH access, need to run a long-lived server, or want to set secrets before the code boots.
h4a provision mygame --size small
# { name: mygame, ipv4: ..., ssh_command: "ssh root@..." }
Sizes: nano (2c/4G), small (4c/8G), medium (8c/16G), large (16c/32G). All ARM.
h4a secret set mygame DATABASE_URL=postgres://...
h4a secret set mygame STRIPE_KEY=sk_live_...
h4a secret list mygame
# DATABASE_URL
# STRIPE_KEY
Secrets land on the VM as environment variables at boot. Values are never returned over the network after they're set.
h4a destroy mygame
Destroys are idempotent — calling twice is safe.
If you want to wire up an MCP client (Claude Desktop, Cursor, etc.), mint a subkey and paste it into the client's config:
h4a session create --tenant default --ttl-hours 24
# eyJhbGciOiJIUzI1NiI... (paste this as the bearer token)
# tenant=default expires=2026-04-18T09:00:00Z
MCP URL: https://h4a.site/mcp.