Every app ClinicIQ generates runs on real cloud infrastructure: Firecracker microVMs, live previews, immutable releases, managed databases, and white-label domains — all on your own cliniciq.com, with zero MIOSA branding in front of your users.
The resource model
Headless Firecracker microVM. The agent writes files, runs the dev server, installs deps — the editable workspace where an app is built.
A stable live URL on *.sandbox.cliniciq.com returned only after the port is verified reachable. Survives edits and rebuilds.
Publish freezes the approved state into an immutable build artifact with env manifest and provenance — deployable without the live sandbox.
Promotes a release to a stable production URL on *.cliniciq.com. Supports rollback and zero/low-downtime promotion.
Postgres / MySQL / Redis provisioned on demand, credentials issued, wired into the sandbox and the deployed app at boot.
S3-compatible buckets with presigned URLs, plus scheduled cron jobs — all surfaced in the Resources module.
The lifecycle
The same approval flow every modern platform uses — preview where you edit, publish to freeze, deploy to ship — adapted so the user-facing URL stays clean and stable the whole way.
Live edits keep the same preview URL. Production never points at a mutable sandbox. Rollback re-points the deployment to a prior release without rebuilding.
White-label, done right
The hard part of white-label isn't the happy path, it's making every layer resolve to the client's domain — including error and loading states. All three now do.
{slug}.sandbox.cliniciq.com — one clean URL per editable app{slug}.cliniciq.com — durable deployments, resolved by a single shared backend resolverWhat I hardened to get here
Getting from "works in a demo" to "works for a real client" meant fixing the failure modes. These are the concrete fixes, shipped and verified across all 7 nodes.
Durable deploys now resolve to *.cliniciq.com via one shared backend resolver — not the old hardcoded fallback. Re-registered 151 existing routes through the edge.
Postgres boot now enforces the issued password, fixes ownership, clears inherited PG env, and runs a real login check before reporting healthy — so a DATABASE_URL that's handed out actually authenticates.
Artifact upload chunked (fixed large-payload failures), runtime memory floor raised to 8GB (fixed OOM exit 137). Dynamic apps now deploy and stay up 24/7.
Static publish failures now return a structured 422 with an actionable message instead of a generic 500. CLI URL reporting fixed (no more bad api.miosa.app URLs).
Proof from the test run
# ClinicIQ managed-Postgres end-to-end — PASSED ✓ created managed Postgres ✓ linked into sandbox at boot (DATABASE_URL authenticates) ✓ ran migration + query from sandbox ✓ preview read/write worked ✓ dynamic publish worked ✓ deployed app hit the same real DB (read/write) ✓ cleanup completed deploy URL: https://ciq-pg-1780311862-24183-app.cliniciq.com