OAuth integration (GitHub, no rolling your own crypto) Automatic SSL (Let's Encrypt + Traefik) JWT-based SSO with proper security headers Centralized secret management Container hardening (distroless images, read-only filesystems)
The AI coding workflow now:
Generate your app with LLM (focus on the actual logic) Push to git App is live with proper authentication and SSL
Tech stack:
Go/Fiber backend with security middleware PostgreSQL + Redis for sessions Preact frontend (3kb) Traefik for reverse proxy + SSL
We can now deploy dozens of AI-generated tools without thinking about the infrastructure layer. LLM mini apps go from generation to secure deployment in minutes instead of days. What's next:
LDAP/SAML integration (enterprise teams are asking for this) LLM-powered deployment agent (auto-generate Dockerfile/config from codebase) Enterprise SSO and compliance features Better monitoring and CI/CD integration
The codebase is early but functional. We've been using it to deploy ~15 AI-generated internal apps without security headaches. Perfect for teams that want to rapidly deploy AI-generated mini apps without compromising on security. Enterprise-ready architecture with startup simplicity. Would love feedback on the approach - is this solving a real problem in the AI coding workflow?
https://github.com/citizenteam/citizen