Naasson Apps — a home for your apps

You register, specify a domain, and click "Install". Within an hour, a virtual machine with ready infrastructure is running in your Yandex Cloud: GitOps, routing, certificates, monitoring, app catalog. To ship your own service — just drop it into the repository.

Project preview
The infrastructure assembles itself — you just publish your services.

«Stop doing setup work. Build your product, the infrastructure is already in place.»

Who this is for

For a startup that wants to launch over a weekend instead of a quarter. For a product team tired of paying two DevOps engineers just to make things "simply work". For a researcher who needs a place to spin up Supabase, Ollama, n8n, and Grafana side by side and forget about them. If you can write code and prefer to avoid becoming an infrastructure engineer — this is for you. If you already know how but consider rolling out GitOps from scratch on every project expensive in time — this is also for you.

One click — ready infrastructure
GitOps under the hood

What's inside

A virtual machine in Yandex Cloud, with Docker, local Kubernetes (kind), Traefik as the entry point, Caddy for Let's Encrypt certificates. On top — ArgoCD for GitOps, Keycloak for single SSO, Prometheus and Grafana for observability, PostgreSQL and MinIO for data, GitLab CI/CD for pipelines. The catalog includes more than 270 ready apps: Supabase, Gitea, Nextcloud, n8n, Ollama, Immich, Plausible, Matomo, Vaultwarden, Paperless-ngx, Grafana, Mattermost, Penpot, PhotoPrism, and dozens of others. Everything installs via a single checkbox in the interface — with compatibility, ports, resources, and security policy taken into account.

How it looks in practice

You come in, pick the apps you need, specify a domain. Before launch the system checks limits and permissions in Yandex Cloud, calculates quotas, verifies DNS delegation. If something is missing — it gives clear instructions on exactly what to fix. You never get stuck halfway through installation with a half-assembled machine. Then — installation. The engine moves through steps: network → VM → readiness wait → app deployment → health checks. Logs stream into the interface in real time: what's being installed now, what's already running, where to go. On completion — a list of URLs with your services, master passwords, and a link to the GitOps repository.

Preflight checklist

Until all checks pass, the installation never starts. This costs more time at the start and saves much more nerves later.

Ship your own service

You create a folder services/my-app in your GitOps repository, drop a values.yaml with container description, domain, environment variables. ArgoCD notices the change and deploys the service. Traefik automatically issues a certificate, Caddy updates the DNS record, Keycloak plugs in SSO. No separate deploy pipelines, no manual SSH commands, no certificates "with a private key sitting in my email". Everything described as code, everything in Git, everything reproducible. Something broke — you roll back with a commit.

Security by default

Every app installed from the catalog follows strict requirements: no anonymous admin panels on public UI, no default passwords, secrets generated cryptographically and stored in .env with 0600 permissions, visible only in masked form. Images are pinned to versions — no latest. Docker log rotation is configured. Public traffic goes through HTTPS only. This is baseline hygiene that ships with the starter.

Observability

Grafana and Prometheus run from day one, so you don't search for "why did the service crash on Friday night" — you just see it on a dashboard.

Modification and control

The entire infrastructure is described as code. You get a repository with Helm charts, Terraform manifests, and app templates. It is your property: want to add a service missing from the catalog — add it. Want to move everything to another region or provider — the base is portable. Want to disable what you don't use — disable it. We don't keep your cabinet on a leash. The installer is a starting point; from there you move on your own or together with us.

Current version and roadmap

Right now this is a kind cluster on a single virtual machine. This is enough for dozens of apps, pet projects, internal team tools, MVP-stage startups, ML experiments. This is an honest "junior version": a local kind on one powerful machine, materially cheaper than managed Kubernetes. A separate product with full managed Kubernetes on Yandex MKS is in the plans. It will cost noticeably more and serve different tasks: production with SLA, horizontal scaling, multi-AZ. For most startups, Naasson Apps covers what's needed for the first 12–24 months.

Start
Discipline
Control

Support

The infrastructure is designed for minimal maintenance. If something breaks or needs extending — it's a paid DevOps service according to the price list. Separately you can take a one-hour consultation: we review your case, assess whether this setup fits you, what to add, how to deploy. If after the consultation you buy the installation — part of the consultation cost is credited. An "Auto-DevOps" product is coming in the future: automatic updates and self-healing of common errors without human involvement. For now — there is us.

Price

One installation — a fixed price. This covers the build, verification, launch, and handover of the infrastructure repository to you. After that the infrastructure is yours — you pay only for Yandex Cloud resources. If you registered Yandex Cloud via our referral link — a discount applies. If you'd like to discuss before buying — book a consultation.

I want an installation

Write to us — we'll review your case and offer the nearest slot

Перейти

Next
Tripin

Tripin

Hotel search navigator and vacation ideas based on TripAdvisor reviews. Smart review analysis system for choosing the perfect accommodation.