Vision: A lightweight, self-hostable Platform-as-a-Service for developers and small teams, competing with Coolify, Dokploy, CapRover, and Dokku.
- β Implemented
- π§ In Progress
- π Planned
- π‘ Future Consideration
- β Docker-based deployments
- β Git integration (GitHub)
- β Custom Dockerfile support
- π Auto-generated Dockerfile
- β Build and start commands
- β Port configuration
- β Real-time deployment monitoring
- β Deployment queue system
- β Build logs streaming
- β Webhook-based auto-deployment
- π Rollback to previous deployments
- π Blue-green deployments
- π Canary releases
- π Multi-stage builds optimization
- π Build cache management
- π Deployment preview environments (PR previews)
- π Deployment scheduling
- π Health check integration
- π Deployment hooks (pre/post deploy scripts)
- π Manual approval gates
- β GitHub App integration
- β OAuth installation flow
- β Repository browser
- β Branch selection
- β Commit tracking
- β Push event webhooks
- π GitLab integration
- π Bitbucket integration
- π Gitea/Forgejo support
- π Self-hosted Git support
- π Pull request deployments
- π Commit status updates
- π Multi-repo apps (monorepo support)
- β JWT authentication
- β Role-based access (admin/user)
- β First-time setup flow
- β User creation by admin
- β HTTP-only cookies
- π User deletion by admin
- π Password reset flow
- π Email verification
- π Two-factor authentication (2FA/TOTP)
- π SSO integration (OAuth2, SAML)
- π API tokens for CLI/API access
- π Session management UI
- π Invite system with email
- π Team roles (owner, admin, developer, viewer)
- π Fine-grained permissions
- β Project creation and management
- β Project ownership
- β Multi-member projects
- β Project tags
- π Project templates
- π Project quotas (resource limits)
- π Project billing/usage tracking
- π Project transfer ownership
- π Archived projects
- π Project-level environment variables
- π Project settings inheritance
- β Custom domain configuration
- β Multiple domains per app
- β Traefik reverse proxy integration
- β SSL status tracking
- π Let's Encrypt automatic SSL (ACME)
- π Certificate renewal automation
- π Custom SSL certificate upload
- π Wildcard domain support
- π Domain verification (DNS/HTTP)
- π WWW redirect options
- π Force HTTPS
- π HSTS headers
- π Custom headers configuration
- π CDN integration (Cloudflare, etc.)
- β Environment variable CRUD
- β Build-time variables
- β Runtime variables
- π Environment variable encryption
- π Secrets management
- π Environment templates
- π .env file import/export
- π Environment variable history
- π Bulk edit/copy between apps
- π Integration with Vault/Secrets Manager
- π Variable validation rules
- β Real-time system metrics (CPU, RAM, disk)
- β Container logs streaming
- β Deployment logs
- β WebSocket-based monitoring
- π Application performance monitoring (APM)
- π Custom metrics collection (StatsD, Prometheus)
- π Error tracking (Sentry-like)
- π Uptime monitoring
- π HTTP response time tracking
- π Log aggregation and search
- π Log retention policies
- π Log export (S3, Elasticsearch)
- π Alerting system (email, Slack, Discord, webhook)
- π Status page generation
- π Incident management
- π Resource usage analytics
- π Cost estimation
- π PostgreSQL provisioning
- π MySQL/MariaDB provisioning
- π Redis provisioning
- π MongoDB provisioning
- π Database backups (automated)
- π Point-in-time recovery
- π Database connection pooling
- π Database migration tools
- π phpMyAdmin/pgAdmin integration
- π Redis Commander integration
- π Database replication
- π Database metrics monitoring
- π Persistent volume management
- π Volume backups
- π Volume snapshots
- π S3-compatible storage integration
- π NFS/CIFS mount support
- π Volume encryption
- π Volume size limits
- π Shared volumes between apps
- π Volume migration tools
- π Cron job scheduling
- π One-off task execution
- π Worker processes
- π Message queue integration (RabbitMQ, Kafka)
- π Background job management
- π Service discovery
- π Internal DNS
Goal: Make Mist production-ready for small teams
-
[β ] SSL/TLS Automation
- [β ] Integrate Let's Encrypt ACME client
- [β ] Automatic certificate issuance
- [β ] Auto-renewal 30 days before expiry
- Certificate storage in database
- [β ] Force HTTPS option per app
- [] Custom certificate upload
-
Deployment Rollback
- Store deployment history
- One-click rollback to previous version
- Rollback UI in dashboard
- Keep last N deployment images
- Image cleanup policy
-
Resource Management
- [β
] CPU limits per container (Docker
--cpus) - [β
] Memory limits per container (
-mflag) - [β ] Restart policies (always, on-failure, unless-stopped)
- Health checks (Docker HEALTHCHECK)
- [β ] Container auto-restart on failure
- Resource usage alerts
- [β
] CPU limits per container (Docker
-
User Management Completion
- User deletion by admin (fix existing implementation)
- Password reset via email
- Email verification
- User profile editing
- API token generation for CLI access
- Session management (view/revoke sessions)
-
Security Enhancements
- Rate limiting on API endpoints
- CORS configuration
- [β ] Webhook signature verification (GitHub)
- Secrets encryption at rest
- [β ] Audit log population (user actions)
- Security headers (CSP, X-Frame-Options)
- IP whitelist for admin actions
-
Advanced Logging
- Centralized log storage (database or file rotation)
- Log search and filtering UI
- Log retention policies (delete after N days)
- Log download/export
- Structured logging for apps (JSON parsing)
- Log levels (info, warn, error)
-
Notification System
- Email notifications (SMTP config)
- Slack integration
- Discord webhooks
- Custom webhook notifications
- Notification preferences per user
- Event types: deployment success/fail, SSL expiry, resource alerts
-
Backup & Recovery
- Database backup automation
- One-click restore
- Backup to S3/local storage
- Scheduled backups (daily, weekly)
- Volume snapshots
- Export/import projects
Goal: Add managed database provisioning
-
PostgreSQL Management
- One-click Postgres container deployment
- Version selection (12, 13, 14, 15, 16)
- Automatic backups (pg_dump)
- Connection string generation
- Auto-inject DB env vars into apps
- pgAdmin integration
- Database user management
- Database replication (primary/replica)
-
Redis Management
- One-click Redis deployment
- Version selection
- Password protection
- Persistence options (RDB, AOF)
- Redis Commander UI
- Pub/sub support
- Redis Sentinel for HA
-
MySQL/MariaDB Management
- One-click deployment
- Version selection
- Backups (mysqldump)
- phpMyAdmin integration
- User and privilege management
-
MongoDB Management
- One-click deployment
- Mongo Express UI
- Backup and restore
- Replica set support
-
Database Migration Tools
- Built-in migration runner
- Schema diff viewer
- Seed data management
-
S3-Compatible Storage
- MinIO integration
- Upload/download files via UI
- Bucket management
- Access key generation
Goal: Support complex deployment strategies
-
Preview Environments
- Auto-deploy on pull request
- Unique subdomain per PR (pr-123.app.domain.com)
- Auto-destroy on PR close/merge
- Comment on PR with preview URL
- Ephemeral databases for previews
-
Deployment Strategies
- Blue-green deployments
- Canary releases (gradual traffic shift)
- A/B testing support
- Zero-downtime deployments guarantee
- Health check before traffic switch
-
Build Optimization
- Docker layer caching
- Shared build cache across deploys
- Multi-stage build support
- Parallel builds (if multiple apps)
- Build queue prioritization
-
Deployment Workflows
- Manual approval gates
- Deployment scheduling (deploy at specific time)
- Pre-deploy hooks (run tests)
- Post-deploy hooks (warm cache, send notification)
- Deploy from specific commit/tag
- Deploy to specific environment (staging, prod)
-
GitLab/Bitbucket Support
- GitLab OAuth integration
- GitLab webhooks
- Bitbucket integration
- Self-hosted Git support (Gitea, Gogs)
Goal: Scale to larger teams and production workloads
-
Multi-Node Support
- Docker Swarm orchestration
- Kubernetes support (alternative)
- Multi-server deployment
- Load balancing across nodes
- Node health monitoring
- Node auto-scaling
-
Auto-Scaling
- Horizontal scaling (multiple containers)
- Vertical scaling (adjust resources)
- Auto-scale based on CPU/memory
- Auto-scale based on request rate
- Scheduled scaling (e.g., scale up during business hours)
-
High Availability
- Database replication
- Redis Sentinel/Cluster
- Failover automation
- Health checks and auto-recovery
- Zero-downtime maintenance mode
-
Advanced RBAC
- Custom roles creation
- Fine-grained permissions (deploy, view, admin)
- Team-level access control
- Resource-level permissions
- SSO integration (Okta, Auth0, Google Workspace)
- SAML support
-
Compliance & Governance
- Audit log viewer UI
- Compliance reports (SOC 2, GDPR)
- Data retention policies
- Encryption at rest for all data
- Secrets rotation automation
- Vulnerability scanning (Trivy, Clair)
-
Cost Management
- Resource usage tracking per project
- Cost estimation
- Budget alerts
- Idle resource detection
- Resource recommendations
Goal: Make Mist the easiest PaaS to use
-
CLI Tool
-
mist login- Authenticate -
mist deploy- Deploy from local repo -
mist logs- Stream logs -
mist ps- List containers -
mist restart- Restart app -
mist env- Manage env vars -
mist db- Manage databases -
mist run- Execute one-off commands
-
-
API Improvements
- OpenAPI/Swagger documentation
- Webhooks for all events
- API versioning
- API rate limiting
-
Dashboard UX
- Onboarding wizard for new users
- Quick start templates (Next.js, Django, Rails, etc.)
- Drag-and-drop .env file upload
- App cloning (duplicate with settings)
- Bulk operations (restart all, update all)
- Dark mode toggle
- Keyboard shortcuts
- Real-time collaboration (see who's online)
-
Marketplace/Templates
- Pre-configured app templates
- One-click WordPress, Ghost, n8n, etc.
- Docker Compose import
- Dockerfile templates library
- Community templates sharing
-
Integrations
- Sentry error tracking
- Datadog APM
- New Relic integration
- LogDNA/Papertrail
- PagerDuty alerts
- StatusPage.io integration
- Stripe for billing (if going SaaS)
-
Documentation
- Interactive tutorials
- Video guides
- API reference
- Best practices guide
- Migration guides (from Heroku, Vercel, etc.)
- Troubleshooting playbook
- Unit tests for Go backend (target 80%+ coverage)
- Integration tests for API endpoints
- E2E tests for dashboard (Playwright/Cypress)
- Load testing (k6, Locust)
- Security scanning (gosec, npm audit)
- Dependency updates automation (Dependabot)
- CI/CD pipeline (GitHub Actions)
- Pre-commit hooks (gofmt, golint, prettier)
- Database query optimization (indexes)
- Connection pooling for SQLite
- WebSocket connection pooling
- Gzip compression for API responses
- Image optimization (compress Docker layers)
- Lazy loading in dashboard
- Pagination for large lists
- Replace in-memory queue with persistent queue (BoltDB, BadgerDB)
- Multi-worker support (configurable worker count)
- Queue priority levels (urgent, normal, low)
- Queue metrics (wait time, processing time)
- Failed job retry mechanism (exponential backoff)
- Queue dashboard (see pending/running jobs)
- Concurrent deployments per project
- Deployment queue limits (prevent queue flooding)
- Database connection pooling
- Database migrations rollback support
- Database seeding for development
- Database backup to S3 automatically
- Read replicas support
- Support for Docker Compose files
- Multi-container apps (web + worker + cron)
- Private Docker registry support
- Image vulnerability scanning (Trivy)
- Image signing (Docker Content Trust)
- Resource quotas (prevent noisy neighbor)
- Container network policies
- Support for Podman (alternative to Docker)
-
Application Management
- App settings page (split into tabs)
- Visual deployment pipeline (stages shown as steps)
- Deployment comparison (diff between versions)
- Quick actions menu (restart, rebuild, scale)
- App metrics charts (CPU, RAM, requests)
- App activity timeline
-
Project Management
- Project dashboard (overview of all apps)
- Project resource usage visualization
- Project member management UI
- Project settings page
- Project templates
-
User Management
- User list with search and filters
- User detail page (activity, permissions)
- User invitation flow
- User role assignment UI
- Bulk user operations
-
Logs & Monitoring
- Advanced log viewer (search, filter, highlight)
- Log export button (download as .txt/.json)
- Real-time log tailing with pause/resume
- Log levels toggle (show only errors)
- Multi-container log aggregation
- System metrics dashboard (detailed charts)
- Alert rules configuration UI
-
Databases Page
- List all databases
- Create new database (type selection)
- Database connection info (copy button)
- Database backups list
- Database metrics (connections, queries)
- Quick access to admin UIs (pgAdmin, phpMyAdmin)
-
Settings Page
- System-wide settings
- SMTP configuration
- Notification settings
- SSL/TLS settings
- Backup settings
- Security settings (2FA enforcement)
- Integration settings (Slack, Sentry, etc.)
-
Status Page
- System status (all services)
- Incident history
- Scheduled maintenance
- Public status page option
- Keyboard navigation support
- Screen reader compatibility (ARIA labels)
- High contrast mode
- Focus indicators
- Reduced motion option
- Mobile-optimized layouts
- Touch-friendly buttons
- Mobile navigation menu
- PWA support (installable app)
- Enforce strong password policies
- Prevent password reuse
- Account lockout after failed attempts
- Session timeout configuration
- Multi-factor authentication (TOTP)
- WebAuthn/Passkey support
- OAuth2 for user login (Google, GitHub)
- JWT token rotation
- Refresh token implementation
- Secrets encryption with AES-256
- TLS 1.3 for all connections
- Certificate pinning
- Security headers (HSTS, CSP, X-Frame-Options)
- Input validation and sanitization
- SQL injection prevention (parameterized queries)
- XSS prevention
- CSRF protection
- Rate limiting (DDoS protection)
- IP whitelisting for admin panel
- Firewall rules (UFW/iptables)
- Regular security audits
- Dependency vulnerability scanning
- Container security scanning (Trivy)
- Penetration testing
- GDPR compliance (data export, deletion)
- SOC 2 Type II readiness
- HIPAA compliance (if needed)
- Data residency options
- Privacy policy and terms of service
- Cookie consent (if applicable)
- Anonymous usage statistics
- Feature usage tracking
- Error reporting (crash dumps)
- Performance metrics (page load, API latency)
- User feedback collection
- NPS surveys
- Request count per endpoint
- Response time percentiles (p50, p95, p99)
- Error rate tracking
- Bandwidth usage
- Geographic request distribution
- User agent analysis
- Referrer tracking
- β Bash install script (current)
- π Docker Compose installation
- π Helm chart for Kubernetes
- π Ansible playbook
- π Terraform modules
- π One-click installers (DigitalOcean, Hetzner, etc.)
- π AWS CloudFormation template
- π Snap package
- π DEB/RPM packages
- π DigitalOcean Marketplace
- π AWS Marketplace
- π Google Cloud Marketplace
- π Azure Marketplace
- π Hetzner Cloud
- π Linode Marketplace
- π Vultr Marketplace
- π In-app update checker
- π One-click update button
- π Automatic updates (opt-in)
- π Rollback to previous version
- π Update notifications
- π Changelog viewer
- Contribution guidelines (CONTRIBUTING.md)
- Code of conduct
- Issue templates (bug, feature request)
- Pull request template
- Developer documentation
- Architectural decision records (ADRs)
- Plugin/extension system
- Discord/Slack community
- GitHub Discussions
- Blog/Changelog
- Twitter/X account
- YouTube tutorials
- Community showcase (who's using Mist)
- Contributor recognition
- Getting started guide
- Architecture overview
- API documentation (OpenAPI)
- Deployment guides (various platforms)
- Troubleshooting guide
- Best practices
- Comparison with other PaaS (Coolify, Dokploy)
- FAQ
| Feature | Mist | Coolify | Dokploy | CapRover | Dokku |
|---|---|---|---|---|---|
| Self-hosted | β | β | β | β | β |
| Docker-based | β | β | β | β | β |
| Git integration | β | β | β | β | β |
| Real-time monitoring | β | β | β | β | β |
| Managed databases | π | β | β | β | β |
| SSL automation | π | β | β | β | β |
| Rollback deploys | π | β | β | β | β |
| Preview environments | π | β | β | β | β |
| Multi-node support | π | β | β | β | β |
| Web UI | β | β | β | β | β |
| CLI tool | π | β | β | β | β |
| Lightweight | β | β | β | β | β |
| Go backend | β | β (Node) | β (Node) | β (Node) | β |
| SQLite DB | β | β (Postgres) | β (Postgres) | β (Mongo) | N/A |
Mist's Unique Selling Points:
- Ultra-lightweight: Single binary + SQLite (no external DB needed)
- Real-time everything: WebSocket-first architecture for instant feedback
- Go performance: Fast, memory-efficient backend
- Smart monitoring: Hybrid REST/WebSocket approach saves resources
- Simple setup: One-script installation, no complex dependencies
- Performance: API latency < 100ms (p95)
- Reliability: Uptime > 99.9%
- Scalability: Support 1000+ apps per instance
- Security: Zero critical vulnerabilities
- Code Quality: Test coverage > 80%
- Adoption: 1000+ GitHub stars in year 1
- Contributors: 50+ community contributors
- Deployments: 10,000+ active Mist instances
- Documentation: 100% of features documented
- Users: 10,000+ registered users
- Paid Plans: 1000+ paying customers
- MRR: $50k+ monthly recurring revenue
- Churn: < 5% monthly churn rate
These are high-impact, low-effort features to prioritize:
-
SSL/TLS with Let's Encrypt (1-2 weeks)
- Huge value, moderate effort
- Makes Mist production-ready immediately
-
Deployment Rollback (1 week)
- Critical for production use
- Simple implementation (keep old images)
-
Resource Limits (3-4 days)
- Prevents one app from crashing server
- Just Docker flags
-
Email Notifications (1 week)
- Immediate user value
- Simple SMTP integration
-
Log Search/Filter (3-4 days)
- Huge UX improvement
- Frontend-only work
-
PostgreSQL Provisioning (1-2 weeks)
- Most requested feature
- Enables serious apps
-
Deployment History UI (2-3 days)
- Easy win, looks professional
- Data already exists
-
App Templates (1 week)
- Great onboarding experience
- Simple JSON configs
-
Webhook Notifications (3 days)
- Enables integrations
- Simple HTTP POST
-
Dark Mode (2 days)
- Low effort, high appreciation
- CSS variables only
- This roadmap is a living document and will evolve based on community feedback
- Features marked with π are prioritized based on user demand and competitive analysis
- Security and performance improvements are ongoing parallel to feature development
- We follow semantic versioning (MAJOR.MINOR.PATCH)
- Breaking changes are avoided when possible; when necessary, they're clearly documented
Want to help build Mist? Check out:
- CONTRIBUTING.md - Contribution guidelines
- Issues - Pick a task
- Discussions - Share ideas
Last Updated: December 13, 2025