wip

sitole · sitole · commit b8e4da69674e · 2025-08-14T16:28:44.000+02:00
diff --git a/deployment/self-hosting.mdx b/deployment/self-hosting.mdx
@@ -1,5 +1,154 @@
 ---
 title: "Self-Hosting"
-description: "Configure Cursor for your documentation workflow"
+description: "Deploy E2B to your own cloud infrastructure"
 icon: "server"
 ---
+
+Self-hosting E2B allows you to deploy and manage whole E2B open-source stack on your own Google Cloud Platform (GCP) infrastructure.
+This gives you full control over your sandboxes, data, and security policies.
+
+We are currently officially supporting self-hosting on Google Cloud Platform with Amazon Web Services (AWS) support coming soon.
+
+<Note>
+    If you are looking for managed solution, consider our [Bring Your Own Cloud](/deployment/byoc) offering that will
+    bring you same security and control over your data without need to of managing own infrastructure.
+</Note>
+
+## Prerequisites
+
+
+### Required Accounts
+- **Cloudflare account** - DNS management
+- **Domain on Cloudflare** - Your custom domain used for DNS
+- **Google Cloud Platform project** - Google Cloud infrastructure
+- **PostgreSQL database** - Supabase is supported
+
+### Required Tools
+- **Packer** - For building disk images
+- **Terraform** (v1.5.x) - Infrastructure as Code
+- **Google Cloud CLI** - GCP authentication and management
+- **Golang** - Required for building components
+- **Docker** - Container management
+
+### Optional Accounts
+- **Grafana Account** - For advanced monitoring dashboards
+
+## Architecture Overview
+
+Similar to our BYOC offering, self-hosting allows you to maintain complete control over your infrastructure:
+
+- **Sandbox templates, snapshots, and runtime logs** are stored within your GCP project
+- **System metrics** (anonymized cluster memory/CPU) can optionally be sent to E2B Cloud for observability
+- **All sensitive traffic** (build files, sandbox traffic, logs) stays within your infrastructure
+
+### Core Components
+- **Orchestrator**: Manages sandbox lifecycle and template building
+- **Edge Controller**: Routes traffic and provides cluster management API
+- **Monitoring**: Collects logs and metrics from orchestrators
+- **Storage**: Persistent storage for templates, snapshots, and logs
+
+## Deployment Steps
+
+### 1. Setup GCP Project
+Create a new GCP project dedicated to your E2B deployment.
+
+### 2. Configure Environment
+Create your environment configuration file (`.env.prod`, `.env.staging`, or `.env.dev`) from the provided template:
+
+```bash
+# Configure your PostgreSQL connection string
+DATABASE_URL=postgresql://username:password@host:port/database
+
+# Set your domain
+DOMAIN=your-domain.com
+
+# Configure Cloudflare credentials
+CLOUDFLARE_API_TOKEN=your-cloudflare-token
+```
+
+### 3. Initialize Deployment
+```bash
+# Switch to your target environment
+make switch-env ENV=prod  # or staging/dev
+
+# Login to Google Cloud
+make login-gcloud
+
+# Initialize Terraform
+make init
+```
+
+### 4. Build and Deploy
+```bash
+# Build images and upload to GCP
+make build-and-upload
+
+# Copy public builds
+make copy-public-builds
+
+# Run database migrations
+make migrate
+```
+
+### 5. Configure Secrets
+Create necessary secrets in GCP Secrets Manager for your deployment.
+
+### 6. Apply Infrastructure
+Use Terraform to apply your infrastructure configurations.
+
+## Usage
+
+Once deployed, you can interact with your self-hosted E2B instance:
+
+### SDK Usage
+```python
+from e2b import Sandbox
+
+# Pass your domain when creating sandboxes
+sandbox = Sandbox("Python3", domain="your-domain.com")
+```
+
+### CLI Usage
+```bash
+E2B_DOMAIN=your-domain.com e2b sandbox create Python3
+```
+
+### Monitoring
+Access the Nomad web UI at `https://nomad.your-domain.com` for cluster monitoring.
+
+## Security Considerations
+
+- **Data Isolation**: All sandbox data remains within your GCP project
+- **TLS Encryption**: All communications are encrypted in transit
+- **Private Networks**: Configure internal load balancers and VPC peering for additional security
+- **Access Control**: Leverage GCP IAM for fine-grained access control
+
+## Scaling
+
+- **Horizontal Scaling**: Add more orchestrator and edge controller nodes
+- **Vertical Scaling**: Increase resources for existing nodes
+- **Auto-scaling**: Currently in development for future releases
+
+## Troubleshooting
+
+### Common Issues
+
+**GCP Quotas**: If quotas aren't visible in your project, create and delete a dummy VM to trigger GCP policy generation.
+
+**Firecracker Components**: If needed, you can build Firecracker components from source.
+
+**Support**: For deployment issues, open a GitHub issue or contact our enterprise support team.
+
+## FAQ
+
+### How is the cluster monitored?
+The cluster forwards anonymized metrics (CPU/memory usage) to the E2B control plane for observability and alerting. No sensitive information is transmitted.
+
+### Can the cluster automatically scale?
+Horizontal scaling is supported by adding orchestrator and edge controller nodes. Automatic scaling of orchestrator nodes is planned for future releases.
+
+### Are sandboxes accessible only from my private network?
+Yes. You can configure the load balancer as internal-only and set up VPC peering to keep all traffic within your private network.
+
+### How is secure communication ensured?
+All data between components is encrypted using TLS. VPC peering can be established for additional security with private load balancers.
