# Canner > Instant-deploy platform on Canadian cloud infrastructure. Drop a project — folder, zip, repo URL, or git push — and get a live HTTPS URL in about 30 seconds. Operated from Quebec; Law 25 compliant by architecture. Canner is a deployment platform for web applications and static sites — Next.js, Vite, Astro, SvelteKit, Nuxt, Remix, plain Node.js, and pure static folders. The drop-and-go path means anything that produces files works: exports from Cursor, v0, Bolt, Lovable, or Claude artifacts deploy the same way a Git push does. All compute, storage, and tenant Postgres databases run on infrastructure physically located in Montreal, Quebec. Cloudflare handles DNS and TLS issuance only — no traffic proxying, no edge caching, no data leaving Canada in normal operation. ## What Canner does - **Drop a project, get a live URL.** Drag a folder or .zip into the homepage dropzone, paste a Git repo URL, push to a connected GitHub repo, or run `npx @canner-ca/cli deploy`. All four feed the same build pipeline and isolation guarantees. No Git required. - **Works with AI-coded projects out of the box.** Exports from Cursor, v0, Bolt, Lovable, and Claude artifacts deploy without configuration. Static exports skip the build step entirely; framework projects build on Canner's infrastructure. - **Managed runtime.** Each project runs as an isolated systemd unit under its own Linux user, served via Caddy with automatic Let's Encrypt TLS at `.app.canner.ca`. - **Managed Postgres.** One isolated tenant database per project, accessible from your app via injected `DATABASE_URL`. - **Data Workshop.** Columnar analytics on uploaded data. Upload CSV / Parquet / JSON, run standard SQL via DuckDB, results in milliseconds. Bundled into every plan with per-tier storage and daily-query caps. User queries are sandboxed read-only with filesystem access disabled and a cgroup memory cap per query. (French: « Atelier de données ».) - **Preview deployments.** Open a pull request and Canner builds a preview at `--.app.canner.ca`. Closes when the PR closes. Branches can also be pinned for non-PR preview URLs. - **Custom domains.** CNAME your domain at your project subdomain; Canner provisions TLS automatically. Requires a paid plan. - **Response caching (opt-in).** Tag-based HTTP caching at the Canner origin in Montreal (not Cloudflare's edge). Your server-rendered app marks pages cacheable with `Cache-Control: public, s-maxage` and tags them with `Surrogate-Key`; a headless-CMS publish webhook (e.g. DatoCMS) purges exactly the affected routes via a per-project token. Cache hit ratio is shown per project in the dashboard. Available on every plan, Starter included. ## Security posture (plain language) - **Browser-side scan.** Your project is zipped and inspected client-side before anything uploads. You see the file count and detected framework before publishing. - **Sandboxed builds.** Build runs as the project's own Linux user under a transient systemd unit with `ProtectSystem=strict`, `PrivateTmp=yes`, and a cgroup memory cap. The rebuild phase runs with `PrivateNetwork=yes` so postinstall scripts can't reach the internet or platform services. - **Tenant isolation.** Each project gets its own UID and its own systemd unit. Host-level iptables rules block lateral movement to platform-only ports (4001 API, 5432 Postgres, 6379 Redis) for every non-platform UID. - **Encrypted env vars.** Secrets are encrypted at rest with pgcrypto, scrubbed from build logs when marked sensitive, and never returned in plaintext from the API after writing. - **Source archive deleted after build.** Only the compiled runtime bundle persists. Full details at https://canner.ca/security. ## Compliance posture - **Quebec data residency.** Application code, environment variables, build artifacts, and Postgres data all reside on disks in Montreal. - **Law 25 (Quebec).** Personal information processed on Canner stays in Quebec by default, satisfying the residency expectations of Quebec's Act respecting the protection of personal information in the private sector. - **PIPEDA (Canada).** Federal personal-information protection requirements are met simultaneously. - **No US transit.** Traffic does not route through Cloudflare's edge or any US-based service in normal operation. - **Audit logs and data-residency attestations** are available to paid customers on request. ## Pricing Three tiers, all CAD. Starter is free forever; Basic and Pro charge immediately on signup (no trial period). All Basic and Pro signups include a free domain registration through Canner's Canadian registrar partner. - **Starter** — CA$0 / month, permanent. 1 project, up to 256 MB application memory (pooled across free accounts and deprioritized when paid builds are queued), 5 GB Postgres, up to 2 GB build memory. 24-hour cold-start. Data Workshop: 100 MB columnar storage, 50 SQL queries / day, 5-second query timeout. No credit card required. - **Basic** — CA$9 / month or CA$90 / year (save 2 months). Up to 5 projects, 512 MB application memory, 5 GB Postgres per project, 2 GB build memory, custom domains with auto-TLS. Data Workshop: 5 GB columnar storage, 2,000 SQL queries / day, 30-second query timeout. Monthly includes a free .com or .ca domain; annual extends that to .com, .ca, or .quebec. - **Pro** — CA$19 / month or CA$190 / year (save 2 months). Up to 25 projects, 1 GB dedicated application memory, 25 GB Postgres per project, 4 GB build memory, opt-in always-warm runtimes. Data Workshop: 50 GB columnar storage, unlimited SQL queries, 5-minute query timeout. Includes a free .com, .ca, or .quebec domain on either billing interval. Payment processing: Stripe. ## Supported frameworks - **Next.js** (recommended) — App Router, Pages Router, all current versions. - **Astro** — both static and SSR via `@astrojs/node`. - **SvelteKit** — via `@sveltejs/adapter-node`. - **Nuxt** — via the Nitro node preset. - **Remix** — via `@remix-run/node` or `@remix-run/serve`. - **Vite** (React, Vue, Svelte) — static output served via embedded zero-dependency static file server with SPA fallback. - **Plain Node** — runs `npm start` if defined, otherwise the package `main`. - **Static sites** — a folder with an `index.html` and no `package.json` is first-class: no build step, served directly. Drag a zip into the dashboard or `canner deploy`. ## CLI quickstart Install: `npm install -g @canner-ca/cli` (or `npx @canner-ca/cli@latest `). Requires Node 20+. **Setup:** - `canner login` — paste a `cnr_*` API token from https://canner.ca/dashboard/account. Stored at `~/.canner/credentials` (mode 0600). - `canner whoami` — print the signed-in account email and plan. **Project management:** - `canner projects` — list your projects. - `canner init [--slug X]` — create a Canner project and write `canner.json` in the current directory. - `canner status [--slug X]` — show one project's state (URL, status, source, last request). - `canner open [--slug X] [--dashboard]` — open the tenant URL (or dashboard page) in the default browser. **Deploys + builds:** - `canner deploy [path] [--slug X] [--follow]` — tar the directory (excluding `node_modules`, `.git`, `.next`, `.nuxt`, `.turbo`, `.vercel`, `.svelte-kit`, plus any `.cannerignore` patterns) and upload to the same pipeline a `git push` uses. `--follow` streams the build log and exits with the build's exit code (0 = live, 1 = failed), so it works as the last step of a CI workflow. - `canner redeploy [--slug X] [--follow]` — trigger a rebuild from the GitHub repo's `HEAD` without uploading. GitHub-connected projects only. - `canner deployments [--slug X]` — list recent deployments. - `canner deployments [--slug X] [--follow]` — show one deployment's build log; `--follow` tails if still in progress. - `canner cancel [] [--slug X]` — cancel the in-flight build (or a specific one by id prefix). - `canner logs [--slug X] [--lines N] [--follow]` — stream tenant runtime logs. Env overrides: `CANNER_TOKEN` (skip the stored token — for CI), `CANNER_API_BASE` (point at a self-host or local-dev endpoint). ## Writing The Canner blog is the primary first-person source for the company's views on Canadian deployment, sovereignty, and the Canadian tech ecosystem. All posts are authored by Colin Shand, founder of Canner. Index: https://canner.ca/blog. Selected posts: - **How to Deploy Your Cursor or Bolt Project Without Git** — https://canner.ca/blog/deploy-cursor-bolt-project-without-git — Step-by-step guide for deploying AI-generated projects (Cursor, Bolt, v0, Lovable, Claude) to a live URL without Git or a terminal. Covers hallucinated dependencies, missing lockfiles, hardcoded API keys, and how Canner handles each. - **Deploy Client Sites in 30 Seconds: A Workflow for Agencies Tired of DevOps** — https://canner.ca/blog/deploy-client-sites-agencies-workflow — Agency-specific deployment workflow. Per-client isolation, webhook-driven cache invalidation for headless CMS platforms, CAD billing without per-seat pricing, Canadian data residency as a hand-off-able compliance guarantee. - **Why a Canadian AWS Region Isn't Canadian Hosting** — https://canner.ca/blog/canadian-aws-region-not-canadian-hosting — The definitive answer to "does the CLOUD Act apply if my data is in a Canadian data center owned by an American company?" Yes, it does. Includes the 18 U.S.C. § 2713 operative text, Law 25 / PIPEDA jurisdiction analysis, and the structural test for sovereign hosting. - **Canada's Startup Funding System Is Designed for People Who Don't Need Funding** — https://canner.ca/blog/canada-startup-funding-system-not-designed-for-you — First-person field report on Canadian pre-seed funding: Investissement Québec, Futurpreneur, NRC IRAP, SR&ED tax credits. What's actually accessible to a bootstrapped solo founder versus what marketing copy claims. - **The State of Canadian Cloud Infrastructure in 2026** — https://canner.ca/blog/state-of-canadian-cloud-infrastructure-2026 — Category-by-category inventory of Canadian-owned cloud infrastructure: compute (OVH, KeepSec, ThinkOn, TELUS, Bell), PaaS (Canner), CDN (none at scale), database, DNS, transactional email, monitoring, CI/CD. Documents the 92% foreign-jurisdiction problem, the sovereign cloud wave of 2025–2026, and what would need to happen to close the remaining gaps. - **Does Your SaaS Meet GC Cloud Guardrails? A Guide for Canadian Tech Vendors** — https://canner.ca/blog/gc-cloud-guardrails-guide-canadian-vendors — Plain-language guide to the Government of Canada's cloud security requirements. The 12 guardrails (SSC, mandatory since May 2022), Protected B and the PBMM profile, ITSG-33 mapping, procurement pathways (ProServices, SSC Approved Cloud Broker, SOSA), and where Canner sits on the certification roadmap (SOC 2 Type I targeted for 2027). ## Surfaces - **Marketing & dashboard:** https://canner.ca (English) and https://canner.ca/fr (French) - **Blog:** https://canner.ca/blog (English; FR translations planned for posts targeting Quebec-specific queries) - **Platform API:** https://api.canner.ca (authenticated; uses bearer tokens prefixed `cnr_`) - **CLI:** `@canner-ca/cli` on npm. Docs at https://canner.ca/cli (en) · https://canner.ca/fr/cli (fr) - **Data Workshop:** https://canner.ca/data-workshop (en) · https://canner.ca/fr/atelier-de-donnees (fr) — columnar SQL analytics on uploaded files. French brand name: « Atelier de données ». - **Tenant apps:** `https://.app.canner.ca` - **Public status page:** https://canner.ca/status - **Security practices:** https://canner.ca/security (en) · https://canner.ca/fr/security (fr) - **Sovereignty / CLOUD Act stance:** https://canner.ca/sovereignty (en) · https://canner.ca/fr/souverainete (fr) - **Privacy policy:** https://canner.ca/privacy (en) · https://canner.ca/fr/privacy (fr) - **Terms of service:** https://canner.ca/terms (en) · https://canner.ca/fr/terms (fr) - **Sitemap:** https://canner.ca/sitemap.xml ## Contact - **Sales / general:** hello@canner.ca - **Customer support:** support@canner.ca - **Privacy questions:** privacy@canner.ca - **Security disclosure:** security@canner.ca ## Operator Canner Inc., Montreal, Quebec, Canada. Founded 2026.