Skip to content
  • important notes

Important Notes

You must follow these rules. Official code will continue to be maintained and updated by us.

Do not modify

Section titled “Do not modify”

Frontend apps

Section titled “Frontend apps”
  • apps/admin
  • apps/web

These are official templates. If you modify them directly, it becomes difficult to merge future upstream updates cleanly.

Recommended: Copy apps/web to your own project, for example apps/ai-saas, and customize the copy.

If you copy apps/web, also do these 4 things

Section titled “If you copy apps/web, also do these 4 things”

This is the current correct workflow for a new brand site:

  1. Create the tenant in Admin first

    • Admin Projects is the tenant registry
    • Editing frontend files alone does not register a tenant

  2. Add or update zship.app.json in the copied app

    • Set appKey to the Admin tenant app_key
    • Set domain, siteUrl, and brand metadata there

  3. Change wrangler.toml

    • Update the name field for the copied frontend
    • Otherwise you may overwrite the original web deployment target

  4. Redeploy the copied app as a separate site

    • Bind its own domain
    • Push its own env and secrets

Short version:

  • Admin owns tenant creation
  • zship.app.json owns frontend-to-tenant mapping
  • wrangler.toml owns the Worker deploy target

Backend services

Section titled “Backend services”

Do not modify any of these official services:

  • backend/node1-auth-service
  • backend/node2-support-service
  • backend/node3-pay-service
  • backend/node4-notify-service
  • backend/node5-blog-service
  • backend/node6-cdn-service
  • backend/node7-site-service
  • backend/node8-prompt-service
  • backend/node9-checkin-service
  • backend/node10-ai-service
  • backend/zship-provider1-service

These are official services. We will update them with new features and fixes. Do not change them directly.

Security and secrets

Section titled “Security and secrets”
  • Never commit .env files, signing keys, or cookie secrets to a public repo. Use Cloudflare Secrets, wrangler secret put, or Dev Console push for production.
  • Rotate ADMIN_SECRET, JWT secrets, and payment/provider keys on a sensible schedule, then redeploy the Workers that read those values.
  • Prefer operator accounts and RBAC in admin (docs) instead of sharing the root secret across many people.
  • Layer Cloudflare protections such as WAF and IP rules on top of least-privilege access for admin and sensitive APIs.