Give your AI agent a complete infrastructure control plane. Repos, Postgres, previews, custom domains, secrets vault — all behind one typed MCP tool surface. Enterprise reliability, developer speed.
Deploy Mill exposes a complete deployment control plane as MCP tools. Discriminated-union responses, machine-readable error codes, partial-failure recovery — agents can branch on every outcome.
start_project creates the GitHub repo, scaffolds a template, wires CI, deploys to compute, and attaches a domain — one atomic call with structured partial-failure recovery.
create_preview spins up a full HTTPS environment per branch — forked Postgres, fresh volumes, non-guessable hostname. Set a TTL and they self-destruct. Production data stays untouched.
Declare database: { provider: "neon" } in .deploymill/project.json. Each app gets a pooled DATABASE_URL wired automatically. Dropped cleanly on delete_app.
Encrypted org-level vault. Values enter via single-use human browser link — bind_secret injects into app env. The tool surface never reads a secret value back. Zero agent exposure.
attach_domain checks DNS, provisions a Let's Encrypt cert, and returns the exact DNS record to set if it isn't pointed yet. No dashboard clicks required.
get_logs surfaces build and deploy output on failed deploys — the agent gets structured failure context and can diagnose + fix without human intervention.
Opt-in via reconcile_project — every deploy is tagged. rollback swaps the running image in seconds. No rebuild, no downtime, no data risk.
Declare volumes in .deploymill/project.json for caches, indexes, and working files. Survive every redeploy; tracked by the reconcile loop.
Node, Python, and static templates out of the box. Or deploy a no-port worker — queue consumers, schedulers, data pipelines — using the same tool surface.
Start fresh with start_project, adopt existing repos with import_repo, or push files via API. Short-lived scoped git credentials available via get_clone_credentials.
stop_app / start_app pause the container without deleting anything — repo, env vars, domains, and database persist. Stop paying for idle compute in seconds.
Each workspace is an isolated tenant gated by Better Auth. Dynamic Client Registration + PKCE for any MCP client. No shared API keys. Google or email sign-in.
Traditional deploy setups work fine for humans. For agents that need to branch on every outcome, they fall short.
| Capability | Deploy Mill MCP | Raw APIs / shell scripts | PaaS dashboards |
|---|---|---|---|
| Typed structured tool outputs | ✓ Discriminated unions | — Raw JSON / exit codes | — Human UI only |
| Partial-failure recovery | ✓ failedAt + resume |
— Manual retry logic | — Start over |
| Isolated preview envs | ✓ Forked DB + volumes | ~ DIY infra | ~ Some PaaS |
| Secrets never visible to agent | ✓ Human-entry vault | — Env vars in prompts | ~ Varies |
| Agent-driven DNS + TLS | ✓ Fully automated | — Human clicks required | — Dashboard only |
| Image-swap rollback in seconds | ✓ Single tool call | ~ Requires setup | ~ Varies |
| Provider-neutral config schema | ✓ Swap backends later | — Tied to provider | — Tied to provider |
Deploy Mill routes through battle-tested providers. Swap any of them later — tool signatures stay the same.
Deploy Mill was designed from the ground up so AI agents can never escalate beyond their workspace, and secrets never flow through the tool surface.
Sensitive values enter via a single-use human browser link and are stored encrypted. bind_secret injects by reference — the API surface never returns a secret value. Human-only entry, always.
Every workspace is a separate tenant. Apps, secrets, databases, and domains are scoped to the org. OAuth tokens can never cross workspace boundaries. No shared infrastructure between tenants.
Authentication uses Better Auth with Dynamic Client Registration and PKCE. Each MCP client gets a short-lived token. The Dokploy API key is internal — MCP clients never see it.
get_clone_credentials mints short-lived, repo-scoped tokens for direct git access. Credentials expire automatically. Your GitHub App token never leaves the server.
No CLI to install, no YAML to write. Connect once, then describe what you want.
Sign up with email or Google and pick a workspace slug. deploymill provisions your org context and mints OAuth credentials for your MCP clients. No shared API keys — tokens are per-client, per-session.
Point Claude, Codex, or any MCP-compatible client at https://deploymill.com/mcp. Dynamic Client Registration handles the OAuth flow automatically — your agent authenticates once and is ready to deploy.
Your agent calls start_project, create_preview, attach_domain, rollback — or any other tool. deploymill returns structured typed outputs the agent can branch on. Partial failures include a failedAt pointer so the agent can resume exactly where it stopped.
Spin up isolated preview environments per branch — forked database, fresh volumes, unique hostname. Test changes against real data without touching production. When you're ready, delete_preview cleans everything up.
Free to start. No credit card required. Bring any MCP-compatible AI client.
Create your account