Everything you need to ship a unicorn.
Nebutra is a full-stack SaaS platform—AI, billing, multi-tenancy, observability, and security baked in from day one. Stop rebuilding the wheel.
AI & Intelligence
Multi-model chat completions
Route requests to GPT-5.4, Claude Opus 4, Gemini 3.1, or your own fine-tuned models. Streaming, vision, and function calling supported out of the box.
Semantic embeddings
Generate and store vector embeddings with pgvector. Power semantic search, RAG pipelines, and recommendation engines.
AI usage metering
Track token consumption per tenant per billing period. Set per-plan quotas and auto-notify on 80% / 100% burn.
Multi-tenant Platform
Organisation-level isolation
Row-level security in Postgres ensures tenants can never access each other's data — enforced at the database layer, not just the application.
Role-based access control
OWNER, ADMIN, MEMBER, and VIEWER roles with 17 typed permission scopes. Fine-grained enough for enterprise, simple enough for indie teams.
Automatic tenant provisioning
When a new organisation signs up via Clerk, we auto-generate their first API key and send a branded welcome email — zero manual steps.
Developer Experience
Hashed API keys
SHA-256 hashed keys with prefix display (nbtr_live_…). Shown in plaintext exactly once on creation — security without friction.
Idempotency middleware
Pass an Idempotency-Key header and any POST request becomes safe to retry. Redis-backed, 24-hour cache, IETF draft compliant.
OpenAPI + Swagger UI
Every route defined with @hono/zod-openapi generates a live OpenAPI 3.1 spec. Browse and test directly from /docs.
Billing & Monetisation
Stripe Checkout + Portal
One-click checkout sessions and self-serve billing portal. Trial periods, annual billing, and proration handled natively.
Usage-based quota enforcement
Real-time Redis counters track API calls and token usage per tenant. Requests are gated at the gateway when limits are hit.
Webhook lifecycle sync
Stripe subscription events automatically update org plans in your database via Inngest — no cron jobs, no polling.
Reliability
Circuit breaker + retry
Every Python microservice uses a CLOSED/OPEN/HALF_OPEN circuit breaker with exponential backoff and jitter — no cascading failures.
Dead letter queue
Event handlers that exhaust 3 retry attempts land in the DLQ. Replay them individually from the admin API without redeploying.
SLO burn-rate alerts
Multi-window Google SRE-style alerts fire at 14.4×, 6×, and 3× burn rates before your error budget is exhausted.
Security
CSP nonce-based headers
Strict-dynamic Content Security Policy with per-request nonces generated in Clerk middleware — no unsafe-inline anywhere.
ModSecurity WAF
OWASP Core Rule Set in DetectionOnly mode on every ingress. Rate limiting at 30 RPS with burst tolerance via nginx annotations.
SBOM + SLSA provenance
Every release generates a CycloneDX software bill of materials and SLSA provenance attestation, uploaded to the GitHub Release.
Observability
OpenTelemetry tracing
Distributed traces flow from Next.js → Hono → Python microservices via OTLP. Exported to Jaeger (dev) and Grafana Tempo (prod).
Grafana dashboards
32-panel platform overview: SLO availability, error budget remaining, HPA saturation, pod restarts, and CPU throttling.
Sentry error tracking
Server-side and client-side errors captured with tenant context, request ID, and trace ID for cross-system correlation.
Data & Analytics
ClickHouse OLAP warehouse
Events land in ClickHouse for fast analytical queries. dbt transforms raw events into gold-layer growth metrics visible in the dashboard.
Funnel analytics
Track signups → activations → conversions with cohort-level attribution. Revenue per active user calculated from the gold layer.
Kafka / event ingestion
High-throughput event ingestion service decouples your application from your data warehouse. Schema validation at the edge.
Infrastructure
GitOps with ArgoCD
Main branch changes are automatically reconciled to the cluster. Self-heal reverts manual kubectl edits. Sync windows enforce safe deploy hours.
PgBouncer connection pooling
Transaction-mode PgBouncer in front of Supabase handles 1,000 app connections on 20 Postgres connections. HA with 2 replicas.
Horizontal + vertical autoscaling
HPA scales on CPU/memory. VPA runs in Off mode providing right-sizing recommendations. KEDA custom metrics planned for v2.