Governed multi-tenant product infrastructure for AI gateways, billing, auth, compliance, and white-label delivery.
Website · Introduction · Tech Stack · Quick Start · Contributing
Nebutra Sailor is an enterprise-grade, AI-native SaaS monorepo architecture designed for building governed multi-tenant platforms. It provides a practical baseline for AI gateways, agent workflows, billing, auth, compliance, and white-label product delivery.
Built with Next.js 16, React 19, Prisma 7, and the Vercel AI SDK, Sailor treats AI as a governed runtime surface: provider topology, model routing, observability, tenant isolation, and compliance hooks are part of the platform baseline.
Nebula • Nurture • Ultra • Future
- Nebula: Aggregate data, tools, and intelligence into usable products.
- Nurture: Incubate AI-native apps via automated toolchains and “digital employees.”
- Ultra: Ship reliable engineering and value-first outcomes.
- Future: Make AI productivity accessible to everyone.
AI-native infrastructure company building governed product baselines
for multi-tenant SaaS, agent workflows, launch operations, and global delivery
The durable moat is not a starter template. It is the ability to turn changing AI capabilities into governed, shippable systems.
AI can help build the demo. Sailor focuses on the harder production layer: governance, security, architecture, scalability, and revenue operations.
|
Global First Day 1 worldwide markets |
AI-Native LLMs · Multi-Agent · MCP |
Platform Governance Topology · Contracts · CI |
Launch Infrastructure Auth · Billing · AI Gateway |
For governed AI-native products: Sailor bridges the gap between "AI helped me build a demo" and "this is a product platform we can operate, audit, bill, and scale".
|
|
 AI‑native LLMs, vector search, MCP agents, and premium Lobe UI Chat interfaces. |
 Multi‑tenant by default Tenant context, RLS, scoped caching and rate limits baked in. |
 Enterprise‑ready Cloudflare WAF/R2, Inngest workflows, Sentry/Otel, Vercel deployments. |
 Billing & Monetization Database-driven plans, Stripe billing, usage metering, feature gates. |
 Security & Compliance RLS, WAF, Turnstile, GDPR/CCPA, cookie consent. |
 Marketing UI Kit Hero, Features, Pricing, Testimonials — conversion-optimized components. |
|
Automated Governance Strict vitest.arch boundaries and semantic token linting.
|
Zero-Runtime CSS Pure CSS variables as SSOT. No CSS-in-JS runtime overhead. |
Modular Local DX Docker Compose profiles ( ai) to boot only what's needed.
|
|
Monetized MCP Registry Native Model Context Protocol with plan-based rate-limits & billing. |
Distributed Saga Native TypeScript orchestrator with automatic transaction rollback. |
Multi-Tenant Event Bus Tenant-isolated Pub/Sub supporting Fan-out & Request-Reply. |
|
Unified Status Aggregation Concurrent checks across 9 services returning a standardized schema for OpenStatus & Atlassian. |
| Frontend |
|
| UI / Design |
-000?style=flat-square){kind=icon}
|
| Auth |
|
| BFF |
|
| Backend (Python) |
|
| Database |
|
| Cache / Rate-limit |
|
| Real-time |
|
| AI |
|
| Search |
|
| Queue |
|
| Storage / Uploads |
|
| Notifications |
|
| Webhooks |
|
| SMS (CN) |
|
| Payments |
|
|
|
| CMS / Docs |
|
| Design Sync |
|
| CDN / Security |
|
| Workflows |
|
| Analytics |
|
| Observability |
|
| Build / Deploy |
|
Sailor is provider-agnostic: every platform package below auto-detects its backend from environment variables, so customers swap providers without changing application code. Each package ships an in-memory implementation for tests and a strict TypeScript contract enforced by architecture tests under tests/architecture/.
| Capability | Package | Providers (auto-detected) |
|---|---|---|
| Authentication | @nebutra/auth | Clerk · Better Auth · Auth.js |
| Identity Provider | @nebutra/oauth-server | OIDC (oidc-provider) · Redis-backed sessions |
| Permissions | @nebutra/permissions | CASL — RBAC + ABAC, Hono middleware, React <Can /> |
| Multi-tenancy | @nebutra/tenant | AsyncLocalStorage context · Prisma RLS bridge |
| Captcha | @nebutra/captcha | Cloudflare Turnstile |
| Vault (secrets) | @nebutra/vault | AWS KMS envelope · local HKDF (dev) |
| Audit log | @nebutra/audit | Append-only with hash chain |
| Cache | @nebutra/cache | Upstash Redis · in-memory |
| Rate limit | @nebutra/rate-limit | Sliding window · token bucket (Upstash) |
| Queue | @nebutra/queue | QStash · BullMQ · in-memory |
| Search | @nebutra/search | Meilisearch · Typesense · Algolia |
| Storage / Uploads | @nebutra/uploads | Cloudflare R2 · AWS S3 · Vercel Blob · local FS |
| Notifications | @nebutra/notifications | Novu — in-app · email · push · SMS · chat |
| Webhooks | @nebutra/webhooks | Svix · custom HMAC delivery |
| SMS (CN) | @nebutra/sms | Aliyun · Tencent Cloud |
@nebutra/email | Resend + React Email templates | |
| Billing | @nebutra/billing | Stripe — subscriptions, usage, entitlements |
| Metering | @nebutra/metering | ClickHouse real-time aggregation |
| Event bus | @nebutra/event-bus | Multi-tenant Pub/Sub · Fan-out · Request-Reply |
| Saga orchestrator | @nebutra/saga | Native TS workflows with auto-rollback compensations |
| Feature flags | @nebutra/feature-flags | Database-backed with env-driven overrides |
| Design tokens | @nebutra/design-sync | W3C DTCG ↔ Figma · Penpot · git-only |
| Status aggregation | @nebutra/status | OpenStatus · Atlassian StatusPage |
| Admin tooling | @nebutra/admin-tooling | Thin admin (dashboard + impersonate only) + integration recipes for Retool, Metabase, Hex — Sailor expects you to use best-of-breed internal tools instead of self-building. See docs/admin/. |
Nebutra-Sailor/
├── apps/ # User-facing apps (Next.js)
│ ├── landing-page/ # Marketing site (nebutra.com)
│ ├── web/ # Main SaaS dashboard (app.nebutra.com)
│ ├── studio/ # Sanity CMS (studio.nebutra.com)
│ ├── design-docs/ # Component documentation (Fumadocs)
│ ├── sailor-docs/ # Public product docs (docs.nebutra.com)
│ ├── idp/ # Identity provider service (OAuth 2.0 / OIDC)
│ ├── storybook/ # Component playground
│ ├── mail-preview/ # Email template preview
│ ├── sleptons/ # Sleptons companion app
│ └── tsekaluk-dev/ # Author dev playground
├── packages/ # Shared TS libraries (categorized in W3b)
│ ├── ai/ # 3 pkgs — agents, ai-providers, mcp
│ ├── commerce/ # 7 pkgs — billing, contracts, marketing, metering, license, legal, waitlist
│ ├── design/ # 7 pkgs — ui, tokens, brand, theme, icons, design-tokens, design-sync
│ ├── iam/ # 8 pkgs — auth, audit, vault, oauth-server, permissions, tenant, identity, captcha
│ ├── integrations/ # 11 pkgs — queue, search, email, notifications, storage, webhooks, cache, sms, uploads, event-bus, saga
│ ├── ops/ # 6 pkgs — cli, create-sailor, preset, sanity, supabase, china-compliance
│ └── platform/ # 13 pkgs — db, logger, rate-limit, feature-flags, gateway-core, errors, config, health, status, alerting, analytics, repositories, i18n
├── backends/ # No-UI backends (split by language à la vercel/vercel)
│ ├── gateway/ # TypeScript / Hono — BFF, auth, tenancy, routing
│ └── python/ # FastAPI — only when ML/batch/specialized libs justify
│ ├── _shared/ # Cross-service primitives (auth, db, queue client)
│ └── ai/ # LLM, embeddings, agent orchestration
├── infra/ # Infrastructure (split by concern in W2.2)
│ ├── iac/ # terraform + k8s + ecs + cloudflare + railway
│ ├── runtime/ # nginx + docker + analytics + compose files
│ ├── data/ # database (RLS) + clickhouse (init + dbt)
│ └── ops/ # observability + deployment scripts
├── workflows/ # Event-driven business workflows (extracted in W2.3)
│ ├── inngest/ # Serverless background jobs + cron
│ ├── n8n/ # Visual workflow automation
│ └── pusher/ # Real-time messaging glue
├── e2e/ # Playwright E2E tests (smoke / golden / sleptons)
├── tests/ # Architecture invariants + load tests + UI governance
└── docs/ # Architecture documentation
Each component has its own README with setup instructions and API documentation:
| Services | AI |
| Packages | Billing · Legal · UI · Tokens · Marketing UI · Brand · DB · Cache · Rate Limit · MCP · AI Providers · Analytics |
| Design Docs | Design System Docs (Fumadocs) |
| Infrastructure | Docker · Kubernetes · Terraform · Inngest · n8n · Pusher · Observability |
For new projects, start from npm instead of cloning and pruning the full monorepo:
# Scaffold a new Sailor project
npx create-sailor@latest
npm create sailor@latest
pnpm create sailor@latest
bunx create-sailor@latest
# Operate an existing Sailor project
npx nebutra --help
npm install -g nebutra| Package | Use it for |
|---|---|
create-sailor |
Bootstrap a new Nebutra Sailor project with region-aware defaults and topology-first AI gateway setup. |
nebutra |
Operate an existing project: feature registry installs, AI provider governance, gateway routing, schemas, and diagnostics. |
nebutra.com is the public product surface for Nebutra Sailor and the place where we dogfood the platform ourselves. We will use it to publish product updates, commercial licensing, hosted capabilities, launch workflows, and real examples built on this monorepo.
| Node.js | v22+ |
| pnpm | v10.32+ |
| Python | 3.11+ (for microservices) |
# Clone the repository
git clone https://github.com/Nebutra/Nebutra-Sailor.git
cd Nebutra-Sailor
# Install dependencies
pnpm install
# Set up environment variables
cp .env.example .env
# Generate Prisma client & run dev servers
pnpm db:generate && pnpm dev| Command | Description |
|---|---|
pnpm dev |
Start all apps in dev mode |
pnpm build |
Build all packages (auto-syncs brand assets) |
pnpm lint |
Lint all packages |
pnpm typecheck |
Type check all packages |
pnpm db:studio |
Open Prisma Studio |
pnpm brand:sync |
Sync brand assets to apps |
pnpm brand:init |
Initialize white-label branding |
pnpm brand:apply |
Apply custom branding |
Fork this repo and customize it for your own brand:
# Interactive setup wizard
pnpm brand:init
# Add your logos to brand.config/assets/
# Apply your branding
pnpm brand:applySee WHITELABEL.md for full documentation.
We love our contributors! Here's how you can help:
| Report Bugs | Open an issue |
| Feature Requests | Suggest new features via issues |
| Pull Requests | Submit PRs for features or fixes |
1. Fork the repository
2. Create a feature branch (git checkout -b feat/amazing-feature)
3. Commit your changes (git commit -m 'feat: add amazing feature')
4. Push to the branch (git push origin feat/amazing-feature)
5. Open a Pull Request
This project is licensed under the AGPLv3.
| Free to use | Personal projects, learning, internal tools |
| Free to modify | Create derivative works |
| Free to distribute | With attribution |
| Commercial use | Requires open source |
| Exemption | Wuxi Nebutra Intelligence Technology Co., Ltd. and affiliates |
For commercial licensing inquiries, please contact us.
While the source code is open-source, the brand assets (the "Nebutra" name, "Nebutra Sailor", logos, icons, and illustrations) are protected trademarks of Wuxi Nebutra Intelligence Technology Co., Ltd.
You may not use our brand assets to endorse your own products or services. If you clone or fork this repository to build your own product, you must replace all Nebutra logos and branding with your own.
Please see our Trademark Policy and Brand Guidelines for more information.
Every release, growth goes live.
Made by Nebutra Intelligence · © 2024-present Wuxi Nebutra Intelligence Technology Co., Ltd.